upgraded httpclient (geosolutions-it#252)

ale-cristofori · Jan 27, 2022 · ab12924 · ab12924
1 parent 1e030f5
commit ab12924
Show file tree

Hide file tree

Showing 4 changed files with 58 additions and 40 deletions.
diff --git a/src/modules/rest/impl/pom.xml b/src/modules/rest/impl/pom.xml
@@ -63,8 +63,8 @@
         </dependency>
 
         <dependency>
-             <groupId>commons-httpclient</groupId>
-             <artifactId>commons-httpclient</artifactId>
+             <groupId>org.apache.httpcomponents</groupId>
+             <artifactId>httpclient</artifactId>
         </dependency>
 
 

diff --git a/.../it/geosolutions/geostore/services/rest/security/WebServiceTokenAuthenticationFilter.java b/.../it/geosolutions/geostore/services/rest/security/WebServiceTokenAuthenticationFilter.java
@@ -31,57 +31,64 @@
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
-import org.apache.commons.httpclient.HttpClient;
-import org.apache.commons.httpclient.HttpException;
-import org.apache.commons.httpclient.HttpMethod;
-import org.apache.commons.httpclient.HttpStatus;
-import org.apache.commons.httpclient.methods.GetMethod;
-import org.apache.commons.httpclient.params.HttpClientParams;
+import org.apache.http.HttpResponse;
+import org.apache.http.HttpStatus;
+import org.apache.http.StatusLine;
+import org.apache.http.client.HttpClient;
+import org.apache.http.client.config.RequestConfig;
+import org.apache.http.client.methods.HttpGet;
+import org.apache.http.client.methods.HttpRequestBase;
+import org.apache.http.impl.client.HttpClientBuilder;
+import org.apache.http.util.EntityUtils;
 import org.apache.log4j.Logger;
 import org.springframework.security.core.Authentication;
 
 /**
  * Token based authentication filter that looks for the token calling an external webservice.
- * 
+ *
  * The url of the service needs to be configured. A placeholder in the url will be replaced by
  * the actual token.
- * 
+ *
  * The result of the web service call will be parsed using given regular expression to:
  *  - check if the token is valid
  *  - extract the user name from the result
- * 
+ *
  * @author Mauro Bartolomeoli
  *
  */
 public class WebServiceTokenAuthenticationFilter extends TokenAuthenticationFilter {
-    
+
     private final static Logger LOGGER = Logger.getLogger(WebServiceTokenAuthenticationFilter.class);
-    
+
     private String url;
-    
+
     // compiled user search regex
     Pattern searchUserRegex = null;
 
     // connection timeout to the mapper web service (in seconds)
-    long connectTimeout = 5;
+    int connectTimeout = 5;
 
     // read timeout to the mapper web service (in seconds)
     int readTimeout = 10;
 
     // optional external httpClient for web service connection (used mainly for tests)
     private HttpClient httpClient = null;
 
+    private RequestConfig connectionConfig;
+
+    HttpClientBuilder clientBuilder = HttpClientBuilder.create();
+
     public WebServiceTokenAuthenticationFilter(String url) {
         super();
         this.url = url;
     }
-    
+
     /**
      * Regular expression to extract the username from the
      * webservice response.
-     * 
+     *
      * The first group in the expression will be used for extraction.
-     * 
+     *
      * @param searchUser
      */
     public void setSearchUser(String searchUser) {
@@ -90,7 +97,7 @@ public void setSearchUser(String searchUser) {
 
 
 
-    public void setConnectTimeout(long connectTimeout) {
+    public void setConnectTimeout(int connectTimeout) {
         this.connectTimeout = connectTimeout;
     }
 
@@ -102,36 +109,40 @@ public void setReadTimeout(int readTimeout) {
 
     /**
      * Configures the HTTPClient implementation to be used to connect to the web service.
-     * 
+     *
      * @param httpClient
      */
     public void setHttpClient(HttpClient httpClient) {
         this.httpClient = httpClient;
     }
-    
+
     private HttpClient getHttpClient() {
         if (httpClient == null) {
-            httpClient = new HttpClient();
+            httpClient = clientBuilder.useSystemProperties().build();
         }
         return httpClient;
     }
-    
+
     @Override
     protected Authentication checkToken(String token) {
         String webServiceUrl = url.replace("{token}", token);
         HttpClient client = getHttpClient();
-        client.getParams().setParameter(HttpClientParams.CONNECTION_MANAGER_TIMEOUT, connectTimeout * 1000l);
-        client.getParams().setParameter(HttpClientParams.SO_TIMEOUT, readTimeout * 1000);
-        HttpMethod method = null;
+        connectionConfig = RequestConfig.custom()
+                .setConnectionRequestTimeout(connectTimeout * 1000)
+                .setSocketTimeout(readTimeout * 1000)
+                .build();
+
+        HttpRequestBase method = null;
         try {
             LOGGER.debug("Issuing request to webservice: " + url);
-            method = new GetMethod(webServiceUrl);
-            int statusCode = client.executeMethod(method);
-
-            if (statusCode == HttpStatus.SC_OK) {
+            method = new HttpGet(webServiceUrl);
+            method.setConfig(connectionConfig);
+            HttpResponse httpResponse = client.execute(method);
+
+            if (getStatusCode(httpResponse) == HttpStatus.SC_OK) {
                 // get response content as a single string, without new lines
                 // so that is simpler to apply an extraction regular expression
-                String response = method.getResponseBodyAsString()
+                String response = EntityUtils.toString(httpResponse.getEntity(), "UTF-8")
                         .replace("\r", "").replace("\n", "");
                 if(response != null) {
                     if (searchUserRegex == null) {
@@ -148,8 +159,6 @@ protected Authentication checkToken(String token) {
                     LOGGER.error("No response received from webservice: " + url);
                 }
             }
-        } catch (HttpException e) {
-            LOGGER.error("Error contacting webservice: " + url, e);
         } catch (IOException e) {
             LOGGER.error("Error reading data from webservice: " + url, e);
         } finally {
@@ -158,6 +167,15 @@ protected Authentication checkToken(String token) {
             }
         }
         return null;
-
-    }    
+
+    }
+
+    public int getStatusCode(HttpResponse response) {
+        if (response != null) {
+            StatusLine statusLine = response.getStatusLine();
+            return statusLine.getStatusCode();
+        } else {
+            return -1;
+        }
+    }
 }
diff --git a/src/pom.xml b/src/pom.xml
@@ -353,9 +353,9 @@
                 <version>2.1</version>
             </dependency>
             <dependency>
-                <groupId>commons-httpclient</groupId>
-                <artifactId>commons-httpclient</artifactId>
-                <version>3.1</version>
+                <groupId>org.apache.httpcomponents</groupId>
+                <artifactId>httpclient</artifactId>
+                <version>4.5.13</version>
             </dependency>
             <dependency>
                 <groupId>commons-dbcp</groupId>

diff --git a/src/web/app/pom.xml b/src/web/app/pom.xml
@@ -55,8 +55,8 @@
         <!-- </dependency> -->
 
         <dependency>
-            <groupId>commons-httpclient</groupId>
-            <artifactId>commons-httpclient</artifactId>
+            <groupId>org.apache.httpcomponents</groupId>
+            <artifactId>httpclient</artifactId>
         </dependency>
 
         <dependency>