public Builder setKerberosAuth(GSSCredentialProvider gssCrendentialProvider) {
Credentials creds =
new Credentials() {
@Override
public String getPassword() {
return null;
}
@Override
public Principal getUserPrincipal() {
return null;
}
};
CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(
new AuthScope(_host, _port, AuthScope.ANY_REALM, AuthSchemes.SPNEGO), creds);
_httpClientBuilder.setDefaultCredentialsProvider(credentialsProvider);
AuthSchemeProvider authSchemaProvider =
gssCrendentialProvider == null
? new SPNegoSchemeFactory(true)
: new BasicSPNegoSchemeFactory(true, gssCrendentialProvider);
_httpClientBuilder.setDefaultAuthSchemeRegistry(
RegistryBuilder.<AuthSchemeProvider>create()
.register(AuthSchemes.SPNEGO, authSchemaProvider)
.build());
return this;
}
/**
* Configures a {@link HttpClientBuilder} to call the informed {@link BearerCredentialsSupport}
* object to answer "bearer" challenges, such as <code>401 Unauthorized</code> responses. The
* {@link BearerCredentialsSupport} object can return a token an hide <code>401</code> results
* from users.
*/
public static void configureClientBuilder(
HttpClientBuilder httpBuilder, BearerCredentialsSupport support) {
// Configure to use "bearer" as preferred authentication scheme (without
// this, the client uses basic, diggest, etc).
Builder configBuilder =
RequestConfig.custom()
.setTargetPreferredAuthSchemes(Arrays.asList(new String[] {BearerAuthentication.NAME}));
httpBuilder.setDefaultRequestConfig(configBuilder.build());
// Provide a custom "bearer" authentication provider.
RegistryBuilder<AuthSchemeProvider> schemeProviderBuilder = RegistryBuilder.create();
schemeProviderBuilder.register(
BearerAuthentication.NAME, BearerAuthenticationProvider.INSTANCE);
httpBuilder.setDefaultAuthSchemeRegistry(schemeProviderBuilder.build());
// Configure to use the CloudCredentialsProvider.
httpBuilder.setDefaultCredentialsProvider(new BearerCredentialsProvider(support));
}
