From e913773134f617eb7afbe00362e5b580776b8ad8 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Fri, 18 Sep 2020 08:57:35 +0200 Subject: add HTTP-Proxy support for SAML2 Metadata provider --- .../modules/eidproxyauth/utils/EIDAuthMetadataProvider.java | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'id/server/modules/moa-id-module-E-ID_connector') diff --git a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/utils/EIDAuthMetadataProvider.java b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/utils/EIDAuthMetadataProvider.java index 649cfa691..e9ea40e0b 100644 --- a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/utils/EIDAuthMetadataProvider.java +++ b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/utils/EIDAuthMetadataProvider.java @@ -28,8 +28,12 @@ import java.util.Timer; import javax.xml.namespace.QName; +import org.apache.commons.httpclient.Credentials; import org.apache.commons.httpclient.HttpClient; import org.apache.commons.httpclient.MOAHttpClient; +import org.apache.commons.httpclient.ProxyHost; +import org.apache.commons.httpclient.UsernamePasswordCredentials; +import org.apache.commons.httpclient.auth.AuthScope; import org.apache.commons.httpclient.params.HttpClientParams; import org.opensaml.saml2.metadata.EntitiesDescriptor; import org.opensaml.saml2.metadata.EntityDescriptor; @@ -317,7 +321,14 @@ public class EIDAuthMetadataProvider extends SimpleMetadataProvider HttpClientParams httpClientParams = new HttpClientParams(); httpClientParams.setSoTimeout(AuthConfiguration.CONFIG_PROPS_METADATA_SOCKED_TIMEOUT); httpClient.setParams(httpClientParams); - + + Credentials defaultcreds = new UsernamePasswordCredentials("username", "password"); + httpClient.getState().setProxyCredentials( + new AuthScope("myhost", 8080, AuthScope.ANY_REALM), defaultcreds); + ProxyHost proxyHost = new ProxyHost("myhost", 8080); + httpClient.getHostConfiguration().setProxyHost(proxyHost); + + if (metadataURL.startsWith("https:")) { try { //FIX: change hostname validation default flag to true when httpClient is updated to > 4.4 -- cgit v1.2.3