Allow setting user in SpnegoEngine about async-http-client HOT 10 CLOSED

Sure, that's a good idea...I don't have the set up to test that, so I will need your help to confirm it's still work. Just curious, have you try changing code to see if that works? Merci.

from async-http-client.

As I am primary a Gatling user, I had just take a look at async-http-client yesterday. But yes, I should be able to change code and rebuild in few days.
By the way, the code of our working JUnit is inspired by the same source linked in the javadoc, so it should be compatible.
I will keep you informed.
Fabien.

from async-http-client.

Hello,
After few hours fighting with Wireshark, I can tell it wont be just a modification in SpnegoEngine.
In our setup, we have a multi domain controler, and I can see in normal scenario (kerberos using connected user) that Server Name and REALM are different.
But as soon I try to specify user principal in realm, I can see in Wireshark, that Server Name is the same as REALM, so I have a "no tgt found" error.

I try to force SPN (Server / Service Principal Name) in manager.createContext, but it has no effect.

Any idea of where I should look at ?
Thanks,
Fabien.

from async-http-client.

Gatling requests can take a authRealm or ntlmAuth with per user specific data.

from async-http-client.

I have the same challenge as described in initial post by @fabienbancharel. Currently org.asynchttpclient.spnego.SpnegoEngine uses the credentials of the user who is logged into the system (or who has issued kinit -f). Apparently I would like to use another user which is configured via login.config. More over, the granted ticket could get expired e.g. during the Gatling run, however there is no ability to refresh it. Another interesting case is when there are several functional users and SpnegoEngine wants to decide which of them to use for which domain.

This brings me to idea that there should be a away to replace SpnegoEngine implementation with some custom one. For example, SpnegoEngine#instance() method could use java.util.ServiceLoader helper to locate such custom implementation (this approach needs introduction of some interface with only method String generateToken(String server)).

from async-http-client.

The core issue with Spnego and other enterprisey auth schemes is that I have neither knowledge, needs, nor such environment at hand for testing :( So I'm afraid I won't be able to investigate and help on such topics.

from async-http-client.

I don't expect SpnegoEngine to implement all corner cases. I would like somehow to inject my implementation of token provider. That is possible by lookup using java.util.ServiceLoader, or having public setter SpnegoEngine#setInstance(...). This is very small effort: just define interface/API plus add public setter.

from async-http-client.

@dmak Then, if you know what you're doing, please send a PR :)

from async-http-client.

I agree, thanks for your comment. If I get some time to prepare PR, I'll certainly do it.

from async-http-client.

Would be great!

from async-http-client.