From e0b64f228f16cca9aa66bf072767d62df4e7ffb1 Mon Sep 17 00:00:00 2001 From: spingel Date: Mon, 22 Jun 2009 02:00:53 +0000 Subject: NEW - bug 279746: authentification fails with mod_auth_sspi https://bugs.eclipse.org/bugs/show_bug.cgi?id=279746 --- org.eclipse.mylyn.trac.core/.options | 3 ++ .../trac/core/client/AbstractTracClient.java | 9 +++++ .../trac/core/client/TracXmlRpcClient.java | 46 ++++++++++++++++++++-- 3 files changed, 55 insertions(+), 3 deletions(-) (limited to 'org.eclipse.mylyn.trac.core') diff --git a/org.eclipse.mylyn.trac.core/.options b/org.eclipse.mylyn.trac.core/.options index aed10398c..62ffe2ee7 100644 --- a/org.eclipse.mylyn.trac.core/.options +++ b/org.eclipse.mylyn.trac.core/.options @@ -1,3 +1,6 @@ # TracXmlRpcClient org.eclipse.mylyn.trac.core/debug/xmlrpc=false + +# AbstractTracClient +org.eclipse.mylyn.trac.core/debug/authentication=false diff --git a/org.eclipse.mylyn.trac.core/src/org/eclipse/mylyn/internal/trac/core/client/AbstractTracClient.java b/org.eclipse.mylyn.trac.core/src/org/eclipse/mylyn/internal/trac/core/client/AbstractTracClient.java index 75fdbc966..cb113e0f1 100644 --- a/org.eclipse.mylyn.trac.core/src/org/eclipse/mylyn/internal/trac/core/client/AbstractTracClient.java +++ b/org.eclipse.mylyn.trac.core/src/org/eclipse/mylyn/internal/trac/core/client/AbstractTracClient.java @@ -24,6 +24,7 @@ import org.apache.commons.httpclient.NameValuePair; import org.apache.commons.httpclient.cookie.CookiePolicy; import org.apache.commons.httpclient.methods.PostMethod; import org.eclipse.core.runtime.IProgressMonitor; +import org.eclipse.core.runtime.Platform; import org.eclipse.mylyn.commons.net.AbstractWebLocation; import org.eclipse.mylyn.commons.net.AuthenticationCredentials; import org.eclipse.mylyn.commons.net.WebUtil; @@ -42,6 +43,8 @@ import org.eclipse.mylyn.internal.trac.core.model.TracVersion; */ public abstract class AbstractTracClient implements ITracClient { + protected static final boolean DEBUG_AUTH = Boolean.valueOf(Platform.getDebugOption("org.eclipse.mylyn.trac.core/debug/authentication")); //$NON-NLS-1$ + protected static final String USER_AGENT = "TracConnector"; //$NON-NLS-1$ private static final String LOGIN_COOKIE_NAME = "trac_auth"; //$NON-NLS-1$ @@ -98,7 +101,13 @@ public abstract class AbstractTracClient implements ITracClient { post.setRequestBody(data); try { + if (DEBUG_AUTH) { + System.err.println(location.getUrl() + ": Attempting form-based account manager authentication"); //$NON-NLS-1$ + } int code = WebUtil.execute(httpClient, hostConfiguration, post, monitor); + if (DEBUG_AUTH) { + System.err.println(location.getUrl() + ": Received account manager response (" + code + ")"); //$NON-NLS-1$ //$NON-NLS-2$ + } // code should be a redirect in case of success if (code == HttpURLConnection.HTTP_OK) { throw new TracLoginException(); diff --git a/org.eclipse.mylyn.trac.core/src/org/eclipse/mylyn/internal/trac/core/client/TracXmlRpcClient.java b/org.eclipse.mylyn.trac.core/src/org/eclipse/mylyn/internal/trac/core/client/TracXmlRpcClient.java index c41aed3b9..4df9a3b33 100644 --- a/org.eclipse.mylyn.trac.core/src/org/eclipse/mylyn/internal/trac/core/client/TracXmlRpcClient.java +++ b/org.eclipse.mylyn.trac.core/src/org/eclipse/mylyn/internal/trac/core/client/TracXmlRpcClient.java @@ -151,7 +151,7 @@ public class TracXmlRpcClient extends AbstractTracClient implements ITracWikiCli if (isTracd && digestScheme != null) { probeAuthenticationScheme(monitor); } - if (DEBUG) { + if (DEBUG_XMLRPC) { System.err.println("Calling " + location.getUrl() + ": " + method + " " + TracUtil.toString(parameters)); //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$ } TracXmlRpcClientRequest request = new TracXmlRpcClientRequest(xmlrpc.getClientConfig(), method, @@ -159,12 +159,21 @@ public class TracXmlRpcClient extends AbstractTracClient implements ITracWikiCli return xmlrpc.execute(request); } catch (TracHttpException e) { if (e.code == HttpStatus.SC_UNAUTHORIZED) { + if (DEBUG_AUTH) { + System.err.println(location.getUrl() + ": Unauthorized (" + e.code + ")"); //$NON-NLS-1$ //$NON-NLS-2$ + } digestScheme = null; throw new TracLoginException(); } else if (e.code == HttpStatus.SC_FORBIDDEN) { + if (DEBUG_AUTH) { + System.err.println(location.getUrl() + ": Forbidden (" + e.code + ")"); //$NON-NLS-1$ //$NON-NLS-2$ + } digestScheme = null; throw new TracPermissionDeniedException(); } else if (e.code == HttpStatus.SC_PROXY_AUTHENTICATION_REQUIRED) { + if (DEBUG_AUTH) { + System.err.println(location.getUrl() + ": Proxy authentication required (" + e.code + ")"); //$NON-NLS-1$ //$NON-NLS-2$ + } throw new TracProxyAuthenticationException(); } else { throw new TracException(e); @@ -181,10 +190,9 @@ public class TracXmlRpcClient extends AbstractTracClient implements ITracWikiCli throw new TracException(e); } } - } - private static final boolean DEBUG = Boolean.valueOf(Platform.getDebugOption("org.eclipse.mylyn.trac.core/debug/xmlrpc")); //$NON-NLS-1$ + private static final boolean DEBUG_XMLRPC = Boolean.valueOf(Platform.getDebugOption("org.eclipse.mylyn.trac.core/debug/xmlrpc")); //$NON-NLS-1$ public static final String XMLRPC_URL = "/xmlrpc"; //$NON-NLS-1$ @@ -247,8 +255,14 @@ public class TracXmlRpcClient extends AbstractTracClient implements ITracWikiCli public void processRequest(HttpMethod method) { DigestScheme scheme = digestScheme; if (scheme != null) { + if (DEBUG_AUTH) { + System.err.println(location.getUrl() + ": Digest scheme is present"); //$NON-NLS-1$ + } Credentials creds = httpClient.getState().getCredentials(authScope); if (creds != null) { + if (DEBUG_AUTH) { + System.err.println(location.getUrl() + ": Setting digest scheme for request"); //$NON-NLS-1$ + } method.getHostAuthState().setAuthScheme(digestScheme); method.getHostAuthState().setAuthRequested(true); } @@ -259,6 +273,9 @@ public class TracXmlRpcClient extends AbstractTracClient implements ITracWikiCli AuthScheme authScheme = method.getHostAuthState().getAuthScheme(); if (authScheme instanceof DigestScheme) { digestScheme = (DigestScheme) authScheme; + if (DEBUG_AUTH) { + System.err.println(location.getUrl() + ": Received digest scheme"); //$NON-NLS-1$ + } } } }); @@ -298,21 +315,44 @@ public class TracXmlRpcClient extends AbstractTracClient implements ITracWikiCli return; } + if (DEBUG_AUTH) { + System.err.println(location.getUrl() + ": Probing authentication"); //$NON-NLS-1$ + } HostConfiguration hostConfiguration = WebUtil.createHostConfiguration(httpClient, location, monitor); HeadMethod method = new HeadMethod(getXmlRpcUrl(credentials).toString()); try { // execute without any credentials set int result = WebUtil.execute(httpClient, hostConfiguration, method, new HttpState(), monitor); + if (DEBUG_AUTH) { + System.err.println(location.getUrl() + ": Received authentication response (" + result + ")"); //$NON-NLS-1$ //$NON-NLS-2$ + } if (result == HttpStatus.SC_UNAUTHORIZED || result == HttpStatus.SC_FORBIDDEN) { AuthScheme authScheme = method.getHostAuthState().getAuthScheme(); if (authScheme instanceof DigestScheme) { this.digestScheme = (DigestScheme) authScheme; + if (DEBUG_AUTH) { + System.err.println(location.getUrl() + ": Received digest scheme"); //$NON-NLS-1$ + } } else if (authScheme instanceof BasicScheme) { httpClient.getParams().setAuthenticationPreemptive(true); + if (DEBUG_AUTH) { + System.err.println(location.getUrl() + ": Received basic scheme"); //$NON-NLS-1$ + } + } else if (authScheme != null) { + if (DEBUG_AUTH) { + System.err.println(location.getUrl() + ": Received scheme (" + authScheme.getClass() + ")"); //$NON-NLS-1$ //$NON-NLS-2$ + } + } else { + if (DEBUG_AUTH) { + System.err.println(location.getUrl() + ": No authentication scheme received"); //$NON-NLS-1$ + } } Header header = method.getResponseHeader("Server"); //$NON-NLS-1$ isTracd = (header != null && header.getValue().startsWith("tracd")); //$NON-NLS-1$ + if (DEBUG_AUTH && isTracd) { + System.err.println(location.getUrl() + ": Tracd detected"); //$NON-NLS-1$ + } // Header header = method.getResponseHeader("WWW-Authenticate"); // if (header != null) { -- cgit v1.2.3