001/* 002 * The MIT License 003 * Copyright (c) 2012 Microsoft Corporation 004 * 005 * Permission is hereby granted, free of charge, to any person obtaining a copy 006 * of this software and associated documentation files (the "Software"), to deal 007 * in the Software without restriction, including without limitation the rights 008 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 009 * copies of the Software, and to permit persons to whom the Software is 010 * furnished to do so, subject to the following conditions: 011 * 012 * The above copyright notice and this permission notice shall be included in 013 * all copies or substantial portions of the Software. 014 * 015 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 016 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 017 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 018 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 019 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 020 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 021 * THE SOFTWARE. 022 */ 023 024package microsoft.exchange.webservices.data.core; 025 026import org.apache.http.Header; 027import org.apache.http.HttpException; 028import org.apache.http.HttpHost; 029import org.apache.http.HttpRequest; 030import org.apache.http.HttpResponse; 031import org.apache.http.auth.MalformedChallengeException; 032import org.apache.http.client.protocol.HttpClientContext; 033import org.apache.http.client.protocol.RequestAddCookies; 034import org.apache.http.client.protocol.ResponseProcessCookies; 035import org.apache.http.impl.client.TargetAuthenticationStrategy; 036import org.apache.http.protocol.HttpContext; 037 038import java.io.IOException; 039import java.util.Map; 040 041/** 042 * TargetAuthenticationStrategy that also processes the cookies in HTTP 401 response. While not fully 043 * according to the RFC's, this is often necessary to ensure good load balancing behaviour (e.g., TMG server 044 * requires it for authentication, where it sends a HTTP 401 with a new Cookie after 5 minutes of inactivity) 045 */ 046public class CookieProcessingTargetAuthenticationStrategy extends TargetAuthenticationStrategy { 047 ResponseProcessCookies responseProcessCookies = new ResponseProcessCookies(); 048 RequestAddCookies requestAddCookies = new RequestAddCookies(); 049 050 @Override 051 public Map<String, Header> getChallenges(HttpHost authhost, HttpResponse response, HttpContext context) 052 throws MalformedChallengeException { 053 try { 054 // Get the request from the context 055 HttpClientContext clientContext = HttpClientContext.adapt(context); 056 HttpRequest request = clientContext.getRequest(); 057 058 // Save new cookies in the context 059 responseProcessCookies.process(response, context); 060 061 // Remove existing cookies and set the new cookies in the request 062 request.removeHeaders("Cookie"); 063 requestAddCookies.process(request, context); 064 } catch (HttpException e) { 065 throw new RuntimeException(e); // Looking at the source of responseProcessCookies this never happens 066 } catch (IOException e) { 067 throw new RuntimeException(e); // Looking at the source of responseProcessCookies this never happens 068 } 069 070 return super.getChallenges(authhost, response, context); 071 } 072 073}