TUSCANY-3735: Don't use HTTP authorization or authentication by default (merged 1.x commit r1027705)

git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1027710 13f79535-47bb-0310-9956-ffa450edef68
2010-10-26 19:48:08 +00:00 · 2010-10-26 19:48:08 +00:00 · 6fa928b1a4
commit 6fa928b1a4
parent 6b7c51e77e
2 changed files with 29 additions and 13 deletions
--- a/sca-java-2.x/trunk/modules/binding-atom-runtime/src/main/java/org/apache/tuscany/sca/binding/atom/provider/AtomBindingInvoker.java
+++ b/sca-java-2.x/trunk/modules/binding-atom-runtime/src/main/java/org/apache/tuscany/sca/binding/atom/provider/AtomBindingInvoker.java
@ -90,7 +90,9 @@ class AtomBindingInvoker implements Invoker {

            // Send an HTTP GET
            GetMethod getMethod = new GetMethod(uri + "/" + id);
-            getMethod.setRequestHeader("Authorization", authorizationHeader);
+            if (authorizationHeader != null) {
+                getMethod.setRequestHeader("Authorization", authorizationHeader);
+            }
            boolean parsing = false;
            try {
                httpClient.executeMethod(getMethod);
@ -167,7 +169,9 @@ class AtomBindingInvoker implements Invoker {

            // Send an HTTP POST
            PostMethod postMethod = new PostMethod(uri);
-            postMethod.setRequestHeader("Authorization", authorizationHeader);
+            if (authorizationHeader != null) {
+                postMethod.setRequestHeader("Authorization", authorizationHeader);
+            }
            boolean parsing = false;
            try {

@ -253,7 +257,9 @@ class AtomBindingInvoker implements Invoker {

            // Send an HTTP PUT
            PutMethod putMethod = new PutMethod(uri + "/" + id);
-            putMethod.setRequestHeader("Authorization", authorizationHeader);
+            if (authorizationHeader != null) {
+                putMethod.setRequestHeader("Authorization", authorizationHeader);
+            }

            try {

@ -304,7 +310,9 @@ class AtomBindingInvoker implements Invoker {

            // Send an HTTP DELETE
            DeleteMethod deleteMethod = new DeleteMethod(uri + "/" + id);
-            deleteMethod.setRequestHeader("Authorization", authorizationHeader);
+            if (authorizationHeader != null) {
+                deleteMethod.setRequestHeader("Authorization", authorizationHeader);
+            }
            try {
                httpClient.executeMethod(deleteMethod);
                int status = deleteMethod.getStatusCode();
@ -345,7 +353,9 @@ class AtomBindingInvoker implements Invoker {

            // Send an HTTP GET
            GetMethod getMethod = new GetMethod(uri);
-            getMethod.setRequestHeader("Authorization", authorizationHeader);
+            if (authorizationHeader != null) {
+                getMethod.setRequestHeader("Authorization", authorizationHeader);
+            }
            boolean parsing = false;
            try {
                httpClient.executeMethod(getMethod);
@ -421,7 +431,9 @@ class AtomBindingInvoker implements Invoker {

            // Send an HTTP GET
            GetMethod getMethod = new GetMethod(uri);
-            getMethod.setRequestHeader("Authorization", authorizationHeader);
+            if (authorizationHeader != null) {
+                getMethod.setRequestHeader("Authorization", authorizationHeader);
+            }
            getMethod.setQueryString(queryString);
            boolean parsing = false;
            try {
--- a/sca-java-2.x/trunk/modules/binding-atom-runtime/src/main/java/org/apache/tuscany/sca/binding/atom/provider/AtomReferenceBindingProvider.java
+++ b/sca-java-2.x/trunk/modules/binding-atom-runtime/src/main/java/org/apache/tuscany/sca/binding/atom/provider/AtomReferenceBindingProvider.java
@ -49,7 +49,7 @@ class AtomReferenceBindingProvider implements ReferenceBindingProvider {
    private EndpointReference endpointReference;
    private RuntimeComponentReference reference;
    private AtomBinding binding;
-    private String authorizationHeader;
+    private String authorizationHeader = null;
    private HttpClient httpClient;
    private Mediator mediator;
    private DataType<?> itemClassType;
@ -71,8 +71,10 @@ class AtomReferenceBindingProvider implements ReferenceBindingProvider {
        this.mediator = mediator;

        // Prepare authorization header
-        String authorization = "admin" + ":" + "admin";
-        authorizationHeader = "Basic " + new String(Base64.encodeBase64(authorization.getBytes()));
+        // TUSCANY-3735: Don't send authorization header by default as this can cause problems.
+        // Commented out the following two lines until we have a better way to control this.
+        //String authorization = "admin" + ":" + "admin";
+        //authorizationHeader = "Basic " + new String(Base64.encodeBase64(authorization.getBytes()));

        // Create an HTTP client
        HttpConnectionManager connectionManager = new MultiThreadedHttpConnectionManager();
@ -123,10 +125,12 @@ class AtomReferenceBindingProvider implements ReferenceBindingProvider {
    public void start() {

        // Configure the HTTP client credentials
-        Credentials credentials = new UsernamePasswordCredentials("admin", "admin");
-        httpClient.getParams().setAuthenticationPreemptive(true);
-        URI uri = URI.create(binding.getURI());
-        httpClient.getState().setCredentials(new AuthScope(uri.getHost(), uri.getPort()), credentials);
+        // TUSCANY-3735: Don't use authentication by default as this can cause problems.
+        // Commented out the following four lines until we have a better way to control this.
+        //Credentials credentials = new UsernamePasswordCredentials("admin", "admin");
+        //httpClient.getParams().setAuthenticationPreemptive(true);
+        //URI uri = URI.create(binding.getURI());
+        //httpClient.getState().setCredentials(new AuthScope(uri.getHost(), uri.getPort()), credentials);

        // Find the get operation on the reference interface
        if (true) {