netbeans.apache.org/src/content/wiki/Authenticator.asciidoc - netbeans-website - Git at Google

 //
 //     Licensed to the Apache Software Foundation (ASF) under one
 //     or more contributor license agreements.  See the NOTICE file
 //     distributed with this work for additional information
 //     regarding copyright ownership.  The ASF licenses this file
 //     to you under the Apache License, Version 2.0 (the
 //     "License"); you may not use this file except in compliance
 //     with the License.  You may obtain a copy of the License at
 //
 //       http://www.apache.org/licenses/LICENSE-2.0
 //
 //     Unless required by applicable law or agreed to in writing,
 //     software distributed under the License is distributed on an
 //     "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 //     KIND, either express or implied.  See the License for the
 //     specific language governing permissions and limitations
 //     under the License.
 //

 = Authenticator
 :jbake-type: wiki
 :jbake-tags: wiki, devfaq, needsreview
 :markup-in-source: verbatim,quotes,macros
 :jbake-status: published
 :syntax: true
 :description: Problems
 :icons: font
 :source-highlighter: pygments
 :toc: left
 :toc-title:
 :experimental:


 link:https://netbeans.apache.org[NetBeans] provide its own
 `java.net.Authenticator` implementation and `java.net.ProxySelector`
 implementation. The behavior of these subsystem has always been tight closely
 to their usage in the IDE. Time has come to make it a bit more flexible and
 allow reuse in other link:https://netbeans.apache.org[NetBeans] Platform based
 applications.


 == Problems

 Here is list of known problems. With preferrable way of fixing them. In case
 there are some doubts about the choosen solution, alternative approaches are
 discussed in following section.


 == Authenticator ignores username:password@ part of the URL

 The current Authenticator implementation ignores any information about the name and password specified as part of the URL.

 *Resolution:* use it.

 == Git support needs a way to suppress Authenticator

 The link:https://netbeans.apache.org[NetBeans] Git support wants to connect to
 a URL without asking user a question about the credentials. If the connection
 fails, the `git` itself wants to handle a fallback query.

 *Resolution:* Add a pair of methods into *org.openide.util.NetworkSettings*:

 [source,java,subs="{markup-in-source}"]
 ----

 public static <R> R suppressAuthenticationDialog(Callable<R> blockOfCode) throws Exception;
 public static boolean isAuthenticationDialogSuppressed();

 ----

 The `git` module will enter a _suppressed_ mode first, before dealing with the
 URLs. The `Authenticator` implementation will find out it is in this mode
 (while the _blockOfCode_ is running) and will not show any user visible dialogs
 at all.

 NOTE: The cooperation between `NetworkSettings` and
 link:https://netbeans.apache.org[NetBeans] `Authenticator` is proprietary. If a
 system is using other `Authenticator` implementation, it must call
 `_isAuthenticationDialogSuppressed()_`.


 [[Dynamic_credentials]]
 === Dynamic credentials

 Most of the proxy and network credentials are currently read from a default link:https://netbeans.apache.org[NetBeans] storage. This may not be ideal for other Platform aplications storing the settings in a different way or computing them dynamically.

 *Resolution*: Abstract the way following values are obtained:

 [source,java,subs="{markup-in-source}"]
 ----

 protected abstract String getProxyUserName(URI u);
 protected abstract char[] getProxyPassword(URI u);
 protected abstract String getProxyHost(URI u);
 protected abstract String getProxyPort(URI u);
 // possibly:
 protected abstract boolean isProxyAuthentication(URI u);

 ----

 let other application to register other than default implementation which can read the values from whatever source it wants.


 [[Open_Questions]]
 == Open Questions

 Eclipse is solving similar problem. Anyone knows how that is handled? org.eclipse.jgit is not reusing it directly (has no dependency), but somehow the system works together and we should understand how.

 The link:https://bits.netbeans.org/dev/javadoc/org-netbeans-libs-git/index.html?overview-summary.html[git client library] is link:https://netbeans.apache.org[NetBeans] independent and can be shared in other products. Should it use _suppressAuthenticationDialog_ by itself or should each caller wrap their calls into _suppressAuthenticationDialog_ *Callable*?

 NetBeans uses link:http://bits.netbeans.org/dev/javadoc/org-netbeans-modules-keyring/org/netbeans/api/keyring/Keyring.html[Keyring API] for secure storage for user's passwords. _Keyring_ uses native support in given platform. Consider using _Keyring_ in SPI for dynamic network credentials.


 [NOTE]
 ====
 The content in this page was kindly donated by Oracle Corp. to the Apache Software Foundation.

 This page was exported from link:http://wiki.netbeans.org/Authenticator[http://wiki.netbeans.org/Authenticator] , that was last modified by NetBeans user Jglick on 2011-09-20T13:23:07Z.

 This document was automatically converted to the AsciiDoc format on 2020-03-12, and needs to be reviewed.
 ====
	//
	// Licensed to the Apache Software Foundation (ASF) under one
	// or more contributor license agreements. See the NOTICE file
	// distributed with this work for additional information
	// regarding copyright ownership. The ASF licenses this file
	// to you under the Apache License, Version 2.0 (the
	// "License"); you may not use this file except in compliance
	// with the License. You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing,
	// software distributed under the License is distributed on an
	// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	// KIND, either express or implied. See the License for the
	// specific language governing permissions and limitations
	// under the License.
	//

	= Authenticator
	:jbake-type: wiki
	:jbake-tags: wiki, devfaq, needsreview
	:markup-in-source: verbatim,quotes,macros
	:jbake-status: published
	:syntax: true
	:description: Problems
	:icons: font
	:source-highlighter: pygments
	:toc: left
	:toc-title:
	:experimental:


	link:https://netbeans.apache.org[NetBeans] provide its own
	`java.net.Authenticator` implementation and `java.net.ProxySelector`
	implementation. The behavior of these subsystem has always been tight closely
	to their usage in the IDE. Time has come to make it a bit more flexible and
	allow reuse in other link:https://netbeans.apache.org[NetBeans] Platform based
	applications.


	== Problems

	Here is list of known problems. With preferrable way of fixing them. In case
	there are some doubts about the choosen solution, alternative approaches are
	discussed in following section.


	== Authenticator ignores username:password@ part of the URL

	The current Authenticator implementation ignores any information about the name and password specified as part of the URL.

	Resolution: use it.

	== Git support needs a way to suppress Authenticator

	The link:https://netbeans.apache.org[NetBeans] Git support wants to connect to
	a URL without asking user a question about the credentials. If the connection
	fails, the `git` itself wants to handle a fallback query.

	Resolution: Add a pair of methods into org.openide.util.NetworkSettings:

	[source,java,subs="{markup-in-source}"]
	----

	public static <R> R suppressAuthenticationDialog(Callable<R> blockOfCode) throws Exception;
	public static boolean isAuthenticationDialogSuppressed();

	----

	The `git` module will enter a _suppressed_ mode first, before dealing with the
	URLs. The `Authenticator` implementation will find out it is in this mode
	(while the _blockOfCode_ is running) and will not show any user visible dialogs
	at all.

	NOTE: The cooperation between `NetworkSettings` and
	link:https://netbeans.apache.org[NetBeans] `Authenticator` is proprietary. If a
	system is using other `Authenticator` implementation, it must call
	`_isAuthenticationDialogSuppressed()_`.


	[[Dynamic_credentials]]
	=== Dynamic credentials

	Most of the proxy and network credentials are currently read from a default link:https://netbeans.apache.org[NetBeans] storage. This may not be ideal for other Platform aplications storing the settings in a different way or computing them dynamically.

	Resolution: Abstract the way following values are obtained:

	[source,java,subs="{markup-in-source}"]
	----

	protected abstract String getProxyUserName(URI u);
	protected abstract char[] getProxyPassword(URI u);
	protected abstract String getProxyHost(URI u);
	protected abstract String getProxyPort(URI u);
	// possibly:
	protected abstract boolean isProxyAuthentication(URI u);

	----

	let other application to register other than default implementation which can read the values from whatever source it wants.


	[[Open_Questions]]
	== Open Questions

	Eclipse is solving similar problem. Anyone knows how that is handled? org.eclipse.jgit is not reusing it directly (has no dependency), but somehow the system works together and we should understand how.

	The link:https://bits.netbeans.org/dev/javadoc/org-netbeans-libs-git/index.html?overview-summary.html[git client library] is link:https://netbeans.apache.org[NetBeans] independent and can be shared in other products. Should it use _suppressAuthenticationDialog_ by itself or should each caller wrap their calls into _suppressAuthenticationDialog_ Callable?

	NetBeans uses link:http://bits.netbeans.org/dev/javadoc/org-netbeans-modules-keyring/org/netbeans/api/keyring/Keyring.html[Keyring API] for secure storage for user's passwords. _Keyring_ uses native support in given platform. Consider using _Keyring_ in SPI for dynamic network credentials.


	[NOTE]
	====
	The content in this page was kindly donated by Oracle Corp. to the Apache Software Foundation.

	This page was exported from link:http://wiki.netbeans.org/Authenticator[http://wiki.netbeans.org/Authenticator] , that was last modified by NetBeans user Jglick on 2011-09-20T13:23:07Z.

	This document was automatically converted to the AsciiDoc format on 2020-03-12, and needs to be reviewed.
	====