# httpclientAuthHelper

**Repository Path**: mzeya/httpclientAuthHelper

## Basic Information

- **Project Name**: httpclientAuthHelper
- **Description**: A library that helps authenticate Httpclient with services that use  NTLM, KERBEROS, SSL authentications.
- **Primary Language**: Java
- **License**: Apache-2.0
- **Default Branch**: master
- **Homepage**: None
- **GVP Project**: No

## Statistics

- **Stars**: 0
- **Forks**: 0
- **Created**: 2017-02-12
- **Last Updated**: 2020-12-19

## Categories & Tags

**Categories**: Uncategorized

**Tags**: None

## README

# Httpclient Authentication Helper

## What is it?
A library that helps authenticate Httpclient 3  with services that use  NTLM, KERBEROS and SSL authentication.

The design goal is to be as simple as possible to use.
The library uses default configurations that apply to 99% of the use cases, so that the developer wont
have to concern himself with the details of his chosen authentication mechanism.

The project has 3 parts:

CredentialsUtils
----------------

* support NTLM v1 and NTLMv2  (httpclient3.x does not support NTLMv2 and supports NTLMv1 only with the JCFIS package )
* support KERBEROS without the need for any external configuration files (login.conf , krb.ini )
* support basic  authenticaion
* route request through a proxy

SSLUtils
--------

support SSL in 3 modes-
* trust all certificates (only for testing),
* trust JDK truststore (cacerts),
* trust your own custom truststore

AuthUtils
---------

various tools
* logging for security
* adding cryptography providers
* use browser user agent
* handle gzipped response
and more ...

## How to use?

Example:
```javascript

    /*
        Example A: connect to a service that requires NTLMv2 auth and has an expired self signed certificate
    */
        DefaultHttpClient httpclient = new DefaultHttpClient();
        SSLUtils.trustAllSSLCertificates();
        CredentialsUtils.setNTLMCredentials(client, new UsernamePasswordCredentials("xxx", "xxx"), "mydomain");
        client.executeMethod(httpget);

    /*
        Example B: Connect to a service  that requires KERBEROS auth
        , has a certificate that is trusted by the JDK trust store and accepts only browser user agents.
        Also, log the kerberos handshake
    */
        DefaultHttpClient httpclient = new DefaultHttpClient();
        AuthUtils.securityLogging(SecurityLogType.KERBEROS,true)
        SSLUtils.trustJDKDefaultSSLCertificates();
        AuthUtils.useBrowserUserAgent();
        CredentialsUtils.setKerberosCredentials(client, new UsernamePasswordCredentials("xxx", "xxx"), "domain", "kdc");
        client.executeMethod(httpget);

```

## TODO's
support httpclient 4

open for suggestions

## Developer
Dov Amir

dov.amir@jivesoftware.com

## License

   Apache License
                           Version 2.0, January 2004
                        http://www.apache.org/licenses/