From d89dddbbe823794dfd6fbb7b0f6d6dcdfc543360 Mon Sep 17 00:00:00 2001
From: Patrick Geltinger <patlkli@patlkli.org>
Date: Fri, 28 Jun 2024 19:09:53 +0200
Subject: [PATCH] Preemptively send authentication credentials

Before moving from commons-httpclient to httpcomponents in 8beede1,
WMSHttpHelper was sending authentication credentials preemptively.

httpcomponents doesn't seem to have any mechanism to force preemptive
authentication except for explicitly setting the Authorization header,
which is what this commit does.
---
 .../org/geowebcache/layer/wms/WMSHttpHelper.java    | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/geowebcache/core/src/main/java/org/geowebcache/layer/wms/WMSHttpHelper.java b/geowebcache/core/src/main/java/org/geowebcache/layer/wms/WMSHttpHelper.java
index 782c9bad2..3c92a6681 100644
--- a/geowebcache/core/src/main/java/org/geowebcache/layer/wms/WMSHttpHelper.java
+++ b/geowebcache/core/src/main/java/org/geowebcache/layer/wms/WMSHttpHelper.java
@@ -30,11 +30,14 @@
 import org.apache.http.HttpEntity;
 import org.apache.http.HttpResponse;
 import org.apache.http.NameValuePair;
+import org.apache.http.auth.AuthenticationException;
+import org.apache.http.auth.UsernamePasswordCredentials;
 import org.apache.http.client.HttpClient;
 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.client.methods.HttpPost;
 import org.apache.http.client.methods.HttpRequestBase;
 import org.apache.http.entity.StringEntity;
+import org.apache.http.impl.auth.BasicScheme;
 import org.apache.http.message.BasicNameValuePair;
 import org.geotools.util.logging.Logging;
 import org.geowebcache.GeoWebCacheException;
@@ -339,6 +342,16 @@ public HttpResponse executeRequest(
             method = new HttpGet(urlString);
         }
 
+        if (httpUsername != null) {
+            try {
+                UsernamePasswordCredentials creds =
+                        new UsernamePasswordCredentials(httpUsername, httpPassword);
+                method.addHeader(new BasicScheme().authenticate(creds, method, null));
+            } catch (AuthenticationException e) {
+                throw new AssertionError("BasicScheme threw: " + e.getMessage());
+            }
+        }
+
         // fire!
         if (log.isLoggable(Level.FINER)) {
             log.finer(method.toString());