The {@link oajrc.RestClient.Builder} class does not itself provide FORM-based
authentication since there is no standard way of providing such support.
Typically, to perform FORM-based or other types of authentication, you'll want to create your own
subclass of {@link oajrc.RestClient.Builder} and override the
{@link oajrc.RestClient.Builder#createHttpClient()} method to provide an
authenticated client.
The following example shows an implementation of a client that performs FORM-based authentication against
the IBM Jazz platform.
| /**
| * Constructor.
| */
| public JazzRestClient.Builder(URI jazzUri, String user, String pw) throws IOException {
| ...
| }
|
| /**
| * Override the createHttpClient() method to return an authenticated client.
| */
| @Override /* RestClient.Builder */
| protected CloseableHttpClient createHttpClient() throws Exception {
| CloseableHttpClient client = super.createHttpClient();
| formBasedAuthenticate(client);
| visitAuthenticatedURL(client);
| return client;
| }
|
| /*
| * Performs form-based authentication against the Jazz server.
| */
| private void formBasedAuthenticate(HttpClient client) throws IOException {
|
| URI uri2 = jazzUri.resolve("j_security_check");
| HttpPost request = new HttpPost(uri2);
| request.setConfig(RequestConfig.custom().setRedirectsEnabled(false).build());
|
| // Charset must explicitly be set to UTF-8 to handle user/pw with non-ascii characters.
| request.addHeader("Content-Type", "application/x-www-form-urlencoded; charset=utf-8");
|
| List<NameValuePair> params = AList.of(
| BasicNameValuePair.of("j_username"", user),
| BasicNameValuePair.of("j_password", pw)
| );
| request.setEntity(new UrlEncodedFormEntity(params));
|
| HttpResponse response = client.execute(request);
| try {
| int rc = response.getStatusLine().getStatusCode();
|
| Header authMsg = response.getFirstHeader("X-com-ibm-team-repository-web-auth-msg");
| if (authMsg != null)
| throw new IOException(authMsg.getValue());
|
| // The form auth request should always respond with a 200 ok or 302 redirect code
| if (rc == SC_MOVED_TEMPORARILY) {
| if (response.getFirstHeader("Location").getValue().isPattern("^.*/auth/authfailed.*$"))
| throw new IOException("Invalid credentials.");
| } else if (rc != SC_OK) {
| throw new IOException("Unexpected HTTP status: " + rc);
| }
| } finally {
| EntityUtils.consume(response.getEntity());
| }
| }
|
| /*
| * This is needed for Tomcat because it responds with SC_BAD_REQUEST when the j_security_check URL is visited before an
| * authenticated URL has been visited. This same URL must also be visited after authenticating with j_security_check
| * otherwise tomcat will not consider the session authenticated
| */
| private int visitAuthenticatedURL(HttpClient httpClient) throws IOException {
| HttpGet authenticatedURL = new HttpGet(jazzUri.resolve("authenticated/identity"));
| HttpResponse response = httpClient.execute(authenticatedURL);
| try {
| return response.getStatusLine().getStatusCode();
| } finally {
| EntityUtils.consume(response.getEntity());
| }
| }