org.apache.solr.client.solrj.impl.HttpClientUtil Java Examples

@SuppressWarnings("unchecked")
private List<LukeResponse> getLukeResponsesForCores(CloudSolrClient solrClient) {
  ZkStateReader zkStateReader = solrClient.getZkStateReader();
  Collection<Slice> activeSlices = zkStateReader.getClusterState().getCollection(solrClient.getDefaultCollection()).getActiveSlices();
  
  List<LukeResponse> lukeResponses = new ArrayList<>();
  for (Slice slice : activeSlices) {
    for (Replica replica : slice.getReplicas()) {
      try (CloseableHttpClient httpClient = HttpClientUtil.createClient(null)) {
        HttpGet request = new HttpGet(replica.getCoreUrl() + LUKE_REQUEST_URL_SUFFIX);
        HttpResponse response = httpClient.execute(request);
        @SuppressWarnings("resource") // JavaBinCodec implements Closeable, yet it can't be closed if it is used for unmarshalling only
        NamedList<Object> lukeData = (NamedList<Object>) new JavaBinCodec().unmarshal(response.getEntity().getContent());
        LukeResponse lukeResponse = new LukeResponse();
        lukeResponse.setResponse(lukeData);
        lukeResponses.add(lukeResponse);
      } catch (IOException e) {
        logger.error("Exception during getting luke responses", e);
      }
    }
  }
  return lukeResponses;
}
 

@Override
public void init(Map stormConf, WriterConfiguration configurations) throws IOException, SolrServerException {
  Map<String, Object> globalConfiguration = configurations.getGlobalConfig();
  initializeFromGlobalConfig(globalConfiguration);
  LOG.info("Initializing SOLR writer: {}", zookeeperUrl);
  LOG.info("Forcing commit per batch: {}", shouldCommit);
  LOG.info("Soft commit: {}", softCommit);
  LOG.info("Commit Wait Searcher: {}", waitSearcher);
  LOG.info("Commit Wait Flush: {}", waitFlush);
  LOG.info("Default Collection: {}", "" + defaultCollection );
  if(solr == null) {
    if (isKerberosEnabled(stormConf)) {
      HttpClientUtil.addConfigurer(new Krb5HttpClientConfigurer());
    }
    solr = new MetronSolrClient(zookeeperUrl, solrHttpConfig);
  }
  solr.setDefaultCollection(defaultCollection);

}
 

/**
 * {@inheritDoc}
 */
@Override
public void init(Map<String, Object> conf) throws ConfigException {
    String solrApiUrl = null;
    String collectionName = null;
    if (conf != null) {
        solrApiUrl = (String) conf.get(SOLR_API_URL_KEY);
        collectionName = (String) conf.get(COLLECTION_NAME);
        if (collectionName == null) {
            collectionName = DEFAULT_COLLECTION_NAME;
        }
    }

    if (solrApiUrl == null || collectionName == null) {
        throw new ConfigException("'solrApiUrl' must be presented in configuration.");
    }

    if ((boolean) conf.getOrDefault(SECURED_CLUSTER, false)) {
        HttpClientUtil.addConfigurer(new Krb5HttpClientConfigurer());
    }
    solr = new HttpSolrClient.Builder(solrApiUrl + "/" + collectionName).build();
}
 

private void configureSolrClientsForKerberos() throws PermanentBackendException {
    String kerberosConfig = System.getProperty("java.security.auth.login.config");
    if(kerberosConfig == null) {
        throw new PermanentBackendException("Unable to configure kerberos for solr client. System property 'java.security.auth.login.config' is not set.");
    }
    logger.debug("Using kerberos configuration file located at '{}'.", kerberosConfig);
    try(Krb5HttpClientBuilder krbBuild = new Krb5HttpClientBuilder()) {

        SolrHttpClientBuilder kb = krbBuild.getBuilder();
        HttpClientUtil.setHttpClientBuilder(kb);
        HttpRequestInterceptor bufferedEntityInterceptor = new HttpRequestInterceptor() {
            @Override
            public void process(HttpRequest request, HttpContext context) throws HttpException, IOException {
                if(request instanceof HttpEntityEnclosingRequest) {
                    HttpEntityEnclosingRequest enclosingRequest = ((HttpEntityEnclosingRequest) request);
                    HttpEntity requestEntity = enclosingRequest.getEntity();
                    enclosingRequest.setEntity(new BufferedHttpEntity(requestEntity));
                }
            }
        };
        HttpClientUtil.addRequestInterceptor(bufferedEntityInterceptor);

        HttpRequestInterceptor preemptiveAuth = new PreemptiveAuth(new KerberosScheme());
        HttpClientUtil.addRequestInterceptor(preemptiveAuth);
    }
}
 

/**
 * Constructs a cluster with the specified sslConfigs, runs {@link #checkClusterWithCollectionCreations}, 
 * then verifies that if we modify the default SSLContext (mimicing <code>javax.net.ssl.*</code> 
 * sysprops set on JVM startup) and reset to the default HttpClientBuilder, new HttpSolrClient instances 
 * will still be able to talk to our servers.
 *
 * @see SSLContext#setDefault
 * @see HttpClientUtil#resetHttpClientBuilder
 * @see #checkClusterWithCollectionCreations
 */
private void checkClusterWithNodeReplacement(SSLTestConfig sslConfig) throws Exception {
  
  final JettyConfig config = JettyConfig.builder().withSSLConfig(sslConfig.buildServerSSLConfig()).build();
  final MiniSolrCloudCluster cluster = new MiniSolrCloudCluster(NUM_SERVERS, createTempDir(), config);
  try {
    checkClusterWithCollectionCreations(cluster, sslConfig);

    
    // Change the defaul SSLContext to match our test config, or to match our original system default if
    // our test config doesn't use SSL, and reset HttpClientUtil to it's defaults so it picks up our
    // SSLContext that way.
    SSLContext.setDefault( sslConfig.isSSLMode() ? sslConfig.buildClientSSLContext() : DEFAULT_SSL_CONTEXT);
    System.setProperty(HttpClientUtil.SYS_PROP_CHECK_PEER_NAME,
                       Boolean.toString(sslConfig.getCheckPeerName()));
    HttpClientUtil.resetHttpClientBuilder();
    Http2SolrClient.resetSslContextFactory();
    
    // recheck that we can communicate with all the jetty instances in our cluster
    checkClusterJettys(cluster, sslConfig);
  } finally {
    cluster.shutdown();
  }
}
 

public void testAdminUI() throws Exception
{
  // Currently not an extensive test, but it does fire up the JSP pages and make
  // sure they compile ok

  String adminPath = "http://127.0.0.1:"+port+context+"/";
  byte[] bytes = IOUtils.toByteArray( new URL(adminPath).openStream() );
  assertNotNull( bytes ); // real error will be an exception

  HttpClient client = HttpClients.createDefault();
  HttpRequestBase m = new HttpGet(adminPath);
  HttpResponse response = client.execute(m, HttpClientUtil.createNewHttpClientRequestContext());
  assertEquals(200, response.getStatusLine().getStatusCode());
  Header header = response.getFirstHeader("X-Frame-Options");
  assertEquals("DENY", header.getValue().toUpperCase(Locale.ROOT));
  m.releaseConnection();
}
 

@Test
public void testArbitraryJsonIndexing() throws Exception  {
  HttpSolrClient client = (HttpSolrClient) getSolrClient();
  client.deleteByQuery("*:*");
  client.commit();
  assertNumFound("*:*", 0); // make sure it got in

  // two docs, one with uniqueKey, another without it
  String json = "{\"id\":\"abc1\", \"name\": \"name1\"} {\"name\" : \"name2\"}";
  HttpClient httpClient = client.getHttpClient();
  HttpPost post = new HttpPost(client.getBaseURL() + "/update/json/docs");
  post.setHeader("Content-Type", "application/json");
  post.setEntity(new InputStreamEntity(
      new ByteArrayInputStream(json.getBytes(StandardCharsets.UTF_8)), -1));
  HttpResponse response = httpClient.execute(post, HttpClientUtil.createNewHttpClientRequestContext());
  Utils.consumeFully(response.getEntity());
  assertEquals(200, response.getStatusLine().getStatusCode());
  client.commit();
  assertNumFound("*:*", 2);
}
 

private void unprotectConfigsHandler() throws Exception {
  HttpClient cl = null;
  try {
    cl = HttpClientUtil.createClient(null);
    zkClient().setData("/security.json", "{}".getBytes(UTF_8), true);
  } finally {
    if (cl != null) {
      HttpClientUtil.close(cl);
    }
  }
  Thread.sleep(1000); // TODO: Without a delay, the test fails. Some problem with Authc/Authz framework?
}
 

@Override
public SolrHttpClientBuilder getHttpClientBuilder(SolrHttpClientBuilder httpClientBuilder) {
  interceptor = (req, rsp) -> {
    req.addHeader("username", requestUsername);
    req.addHeader("password", requestPassword);
  };

  HttpClientUtil.addRequestInterceptor(interceptor);
  return httpClientBuilder;
}
 

public static HttpClient getHttpClient() {
  ModifiableSolrParams params = new ModifiableSolrParams();
  params.set(HttpClientUtil.PROP_MAX_CONNECTIONS, 128);
  params.set(HttpClientUtil.PROP_MAX_CONNECTIONS_PER_HOST, 32);
  params.set(HttpClientUtil.PROP_FOLLOW_REDIRECTS, false);
  return HttpClientUtil.createClient(params);
}
 

public static synchronized CloseableHttpClient createClient(String fusionPrincipal) {
  if (logger.isDebugEnabled()) {
    System.setProperty("sun.security.krb5.debug", "true");
  }
  if (fusionPrincipal == null) {
    logger.error("fusion.user (principal) must be set in order to use kerberos!");
  }
  HttpClientUtil.setConfigurer(new FusionKrb5HttpClientConfigurer(fusionPrincipal));
  CloseableHttpClient httpClient = HttpClientUtil.createClient(null);
  HttpClientUtil.setMaxConnections(httpClient, 500);
  HttpClientUtil.setMaxConnectionsPerHost(httpClient, 100);
  return httpClient;
}
 

public void setConfigigurer() {
  if (solrJaasFile != null && !solrJaasFile.isEmpty()) {
    System.setProperty("java.security.auth.login.config", solrJaasFile);
    if (solrJaasAppName != null) {
      System.setProperty("solr.kerberos.jaas.appname", solrJaasAppName);
    }
    HttpClientUtil.setConfigurer(new Krb5HttpClientConfigurer());
  }
}
 

private HttpClient createHttpClient() {
  // This is bug in Solr, if we don't create a customize HttpClient,
  // UpdateRequest with commit flag will throw an authentication error.
  ModifiableSolrParams params = new ModifiableSolrParams();
  params.set(HttpClientUtil.PROP_BASIC_AUTH_USER, getUsername());
  params.set(HttpClientUtil.PROP_BASIC_AUTH_PASS, getPassword());
  return HttpClientUtil.createClient(params);
}
 

private void protectConfigsHandler() throws Exception {
  String authcPrefix = "/admin/authentication";
  String authzPrefix = "/admin/authorization";

  String securityJson = "{\n" +
      "  'authentication':{\n" +
      "    'class':'solr.BasicAuthPlugin',\n" +
      "    'blockUnknown': false,\n" +
      "    'credentials':{'solr':'orwp2Ghgj39lmnrZOTm7Qtre1VqHFDfwAEzr0ApbN3Y= Ju5osoAqOX8iafhWpPP01E5P+sg8tK8tHON7rCYZRRw='}},\n" +
      "  'authorization':{\n" +
      "    'class':'solr.RuleBasedAuthorizationPlugin',\n" +
      "    'user-role':{'solr':'admin'},\n" +
      "    'permissions':[{'name':'security-edit','role':'admin'}, {'name':'config-edit','role':'admin'}]}}";

  HttpClient cl = null;
  try {
    cl = HttpClientUtil.createClient(null);
    JettySolrRunner randomJetty = solrCluster.getRandomJetty(random());
    String baseUrl = randomJetty.getBaseUrl().toString();

    zkClient().setData("/security.json", securityJson.replaceAll("'", "\"").getBytes(UTF_8), true);
    BasicAuthIntegrationTest.verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/class", "solr.BasicAuthPlugin", 50);
    BasicAuthIntegrationTest.verifySecurityStatus(cl, baseUrl + authzPrefix, "authorization/class", "solr.RuleBasedAuthorizationPlugin", 50);
  } finally {
    if (cl != null) {
      HttpClientUtil.close(cl);
    }
  }
  Thread.sleep(1000); // TODO: Without a delay, the test fails. Some problem with Authc/Authz framework?
}
 

public void testSslWithCheckPeerName() throws Exception {
  final SSLTestConfig sslConfig = new SSLTestConfig(true, false, true);
  HttpClientUtil.setSocketFactoryRegistryProvider(sslConfig.buildClientSocketFactoryRegistryProvider());
  Http2SolrClient.setDefaultSSLConfig(sslConfig.buildClientSSLConfig());
  System.setProperty(ZkStateReader.URL_SCHEME, "https");
  checkClusterWithNodeReplacement(sslConfig);
}
 

public void testSslAndNoClientAuth() throws Exception {
  final SSLTestConfig sslConfig = new SSLTestConfig(true, false);
  HttpClientUtil.setSocketFactoryRegistryProvider(sslConfig.buildClientSocketFactoryRegistryProvider());
  Http2SolrClient.setDefaultSSLConfig(sslConfig.buildClientSSLConfig());
  System.setProperty(ZkStateReader.URL_SCHEME, "https");
  checkClusterWithNodeReplacement(sslConfig);
}
 

public void testSslAndClientAuth() throws Exception {
  assumeFalse("SOLR-9039: SSL w/clientAuth does not work on MAC_OS_X", Constants.MAC_OS_X);
  
  final SSLTestConfig sslConfig = new SSLTestConfig(true, true);

  HttpClientUtil.setSocketFactoryRegistryProvider(sslConfig.buildClientSocketFactoryRegistryProvider());
  Http2SolrClient.setDefaultSSLConfig(sslConfig.buildClientSSLConfig());
  System.setProperty(ZkStateReader.URL_SCHEME, "https");
  checkClusterWithNodeReplacement(sslConfig);
}
 

public void testNoSslButSillyClientAuth() throws Exception {
  // this combination doesn't really make sense, since ssl==false the clientauth option will be ignored
  // but we test it anyway for completeness of sanity checking the behavior of code that looks at those
  // options.
  final SSLTestConfig sslConfig = new SSLTestConfig(false, true);
  HttpClientUtil.setSocketFactoryRegistryProvider(sslConfig.buildClientSocketFactoryRegistryProvider());
  Http2SolrClient.setDefaultSSLConfig(sslConfig.buildClientSSLConfig());
  System.setProperty(ZkStateReader.URL_SCHEME, "http");
  checkClusterWithNodeReplacement(sslConfig);
}
 

/**
 * Tries a simple HEAD request and throws SolrException in case of Authorization error
 * @param url the url to do a HEAD request to
 * @param httpClient the http client to use (make sure it has authentication optinos set)
 * @return the HTTP response code
 * @throws SolrException if auth/autz problems
 * @throws IOException if connection failure
 */
private static int attemptHttpHead(String url, HttpClient httpClient) throws SolrException, IOException {
  HttpResponse response = httpClient.execute(new HttpHead(url), HttpClientUtil.createNewHttpClientRequestContext());
  int code = response.getStatusLine().getStatusCode();
  if (code == UNAUTHORIZED.code || code == FORBIDDEN.code) {
    throw new SolrException(SolrException.ErrorCode.getErrorCode(code),
        "Solr requires authentication for " + url + ". Please supply valid credentials. HTTP code=" + code);
  }
  return code;
}
 

public void testNoSsl() throws Exception {
  final SSLTestConfig sslConfig = new SSLTestConfig(false, false);
  HttpClientUtil.setSocketFactoryRegistryProvider(sslConfig.buildClientSocketFactoryRegistryProvider());
  Http2SolrClient.setDefaultSSLConfig(sslConfig.buildClientSSLConfig());
  System.setProperty(ZkStateReader.URL_SCHEME, "http");
  checkClusterWithNodeReplacement(sslConfig);
}
 

@After
public void after() {
  HttpClientUtil.resetHttpClientBuilder(); // also resets SocketFactoryRegistryProvider
  Http2SolrClient.resetSslContextFactory();
  System.clearProperty(ZkStateReader.URL_SCHEME);
  SSLContext.setDefault(DEFAULT_SSL_CONTEXT);
}
 

@Before
public void before() {
  // undo the randomization of our super class
  log.info("NOTE: This Test ignores the randomized SSL & clientAuth settings selected by base class");
  HttpClientUtil.resetHttpClientBuilder(); // also resets SocketFactoryRegistryProvider
  Http2SolrClient.resetSslContextFactory();
  System.clearProperty(ZkStateReader.URL_SCHEME);
}
 

@Test
public void testMetrics() throws Exception {
  boolean isUseV2Api = random().nextBoolean();
  String authcPrefix = "/admin/authentication";
  if(isUseV2Api){
    authcPrefix = "/____v2/cluster/security/authentication";
  }
  String baseUrl = cluster.getRandomJetty(random()).getBaseUrl().toString();
  CloseableHttpClient cl = HttpClientUtil.createClient(null);
  
  createCollection(COLLECTION);
  
  // Missing token
  getAndFail(baseUrl + "/" + COLLECTION + "/query?q=*:*", null);
  assertAuthMetricsMinimums(2, 1, 0, 0, 1, 0);
  executeCommand(baseUrl + authcPrefix, cl, "{set-property : { blockUnknown: false}}", jws);
  verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/blockUnknown", "false", 20, jws);
  // Pass through
  verifySecurityStatus(cl, baseUrl + "/admin/info/key", "key", NOT_NULL_PREDICATE, 20);
  // Now succeeds since blockUnknown=false 
  get(baseUrl + "/" + COLLECTION + "/query?q=*:*", null);
  executeCommand(baseUrl + authcPrefix, cl, "{set-property : { blockUnknown: true}}", null);
  verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/blockUnknown", "true", 20, jws);

  assertAuthMetricsMinimums(9, 4, 4, 0, 1, 0);
  
  // Wrong Credentials
  getAndFail(baseUrl + "/" + COLLECTION + "/query?q=*:*", jwtTokenWrongSignature);
  assertAuthMetricsMinimums(10, 4, 4, 1, 1, 0);

  // JWT parse error
  getAndFail(baseUrl + "/" + COLLECTION + "/query?q=*:*", "foozzz");
  assertAuthMetricsMinimums(11, 4, 4, 1, 1, 1);
  
  HttpClientUtil.close(cl);
}
 

@SuppressWarnings({"unchecked"})
public static void verifySecurityStatus(HttpClient cl, String url, String objPath, Object expected, int count) throws Exception {
  boolean success = false;
  String s = null;
  List<String> hierarchy = StrUtils.splitSmart(objPath, '/');
  for (int i = 0; i < count; i++) {
    HttpGet get = new HttpGet(url);
    s = EntityUtils.toString(cl.execute(get, HttpClientUtil.createNewHttpClientRequestContext()).getEntity());
    @SuppressWarnings({"rawtypes"})
    Map m = (Map) Utils.fromJSONString(s);

    Object actual = Utils.getObjectByPath(m, true, hierarchy);
    if (expected instanceof Predicate) {
      @SuppressWarnings({"rawtypes"})
      Predicate predicate = (Predicate) expected;
      if (predicate.test(actual)) {
        success = true;
        break;
      }
    } else if (Objects.equals(String.valueOf(actual), expected)) {
      success = true;
      break;
    }
    Thread.sleep(50);
  }
  assertTrue("No match for " + objPath + " = " + expected + ", full response = " + s, success);

}
 

@Before
@Override
public void setUp() throws Exception
{
  super.setUp();
  instance = new SolrInstance("inst", null);
  instance.setUp();
  jetty = createAndStartJetty(instance);
  securityConfHandler = new SecurityConfHandlerLocalForTesting(jetty.getCoreContainer());
  HttpClientUtil.clearRequestInterceptors(); // Clear out any old Authorization headers
}
 

private String getZkHost(CommandLine cli) throws Exception {
  String zkHost = cli.getOptionValue("zkHost");
  if (zkHost != null)
    return zkHost;

  String systemInfoUrl = solrUrl+"/admin/info/system";
  CloseableHttpClient httpClient = SolrCLI.getHttpClient();
  try {
    // hit Solr to get system info
    Map<String,Object> systemInfo = SolrCLI.getJson(httpClient, systemInfoUrl, 2, true);

    // convert raw JSON into user-friendly output
    StatusTool statusTool = new StatusTool();
    Map<String,Object> status = statusTool.reportStatus(solrUrl+"/", systemInfo, httpClient);
    @SuppressWarnings({"unchecked"})
    Map<String,Object> cloud = (Map<String, Object>)status.get("cloud");
    if (cloud != null) {
      String zookeeper = (String) cloud.get("ZooKeeper");
      if (zookeeper.endsWith("(embedded)")) {
        zookeeper = zookeeper.substring(0, zookeeper.length() - "(embedded)".length());
      }
      zkHost = zookeeper;
    }
  } finally {
    HttpClientUtil.close(httpClient);
  }

  return zkHost;
}
 

/**
 * Get the ZooKeeper connection string from either the zkHost command-line option or by looking it
 * up from a running Solr instance based on the solrUrl option.
 */
public static String getZkHost(CommandLine cli) throws Exception {
  String zkHost = cli.getOptionValue("zkHost");
  if (zkHost != null)
    return zkHost;

  // find it using the localPort
  String solrUrl = cli.getOptionValue("solrUrl");
  if (solrUrl == null)
    throw new IllegalStateException(
        "Must provide either the -zkHost or -solrUrl parameters to use the create_collection command!");

  if (!solrUrl.endsWith("/"))
    solrUrl += "/";

  String systemInfoUrl = solrUrl+"admin/info/system";
  CloseableHttpClient httpClient = getHttpClient();
  try {
    // hit Solr to get system info
    Map<String,Object> systemInfo = getJson(httpClient, systemInfoUrl, 2, true);

    // convert raw JSON into user-friendly output
    StatusTool statusTool = new StatusTool();
    Map<String,Object> status = statusTool.reportStatus(solrUrl, systemInfo, httpClient);
    @SuppressWarnings("unchecked")
    Map<String,Object> cloud = (Map<String, Object>)status.get("cloud");
    if (cloud != null) {
      String zookeeper = (String) cloud.get("ZooKeeper");
      if (zookeeper.endsWith("(embedded)")) {
        zookeeper = zookeeper.substring(0, zookeeper.length() - "(embedded)".length());
      }
      zkHost = zookeeper;
    }
  } finally {
    HttpClientUtil.close(httpClient);
  }

  return zkHost;
}
 

@SuppressWarnings("deprecation")
public static void closeHttpClient(CloseableHttpClient httpClient) {
  if (httpClient != null) {
    try {
      HttpClientUtil.close(httpClient);
    } catch (Exception exc) {
      // safe to ignore, we're just shutting things down
    }
  }
}
 

public static CloseableHttpClient getHttpClient() {
  ModifiableSolrParams params = new ModifiableSolrParams();
  params.set(HttpClientUtil.PROP_MAX_CONNECTIONS, 128);
  params.set(HttpClientUtil.PROP_MAX_CONNECTIONS_PER_HOST, 32);
  params.set(HttpClientUtil.PROP_FOLLOW_REDIRECTS, false);
  return HttpClientUtil.createClient(params);
}
 

public SolrHttpClientBuilder getBuilder(SolrHttpClientBuilder builder) {

        //Enable only SPNEGO authentication scheme.

        builder.setAuthSchemeRegistryProvider(() -> {
            Lookup<AuthSchemeProvider> authProviders = RegistryBuilder.<AuthSchemeProvider>create()
                    .register(AuthSchemes.SPNEGO, new SPNegoSchemeFactory(true, false))
                    .build();
            return authProviders;
        });
        // Get the credentials from the JAAS configuration rather than here
        Credentials useJaasCreds = new Credentials() {
            public String getPassword() {
                return null;
            }
            public Principal getUserPrincipal() {
                return null;
            }
        };

        HttpClientUtil.setCookiePolicy(SolrPortAwareCookieSpecFactory.POLICY_NAME);

        builder.setCookieSpecRegistryProvider(() -> {
            SolrPortAwareCookieSpecFactory cookieFactory = new SolrPortAwareCookieSpecFactory();

            Lookup<CookieSpecProvider> cookieRegistry = RegistryBuilder.<CookieSpecProvider> create()
                    .register(SolrPortAwareCookieSpecFactory.POLICY_NAME, cookieFactory).build();

            return cookieRegistry;
        });

        builder.setDefaultCredentialsProvider(() -> {
            CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
            credentialsProvider.setCredentials(AuthScope.ANY, useJaasCreds);
            return credentialsProvider;
        });
        HttpClientUtil.addRequestInterceptor(bufferedEntityInterceptor);
        return builder;
    }