Skip to main content
aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJan Bartel2012-09-28 05:27:07 -0400
committerJan Bartel2012-09-28 05:27:07 -0400
commit286df12f03cc353933f58a38b58953c3e243584b (patch)
tree8f46574fd9bc4814d584ea2e66d749fa7d9bf292 /jetty-security/src/main/java/org/eclipse/jetty/security
parent156e33bd23b85aebb0de5fd2e9709b0d0ed412d3 (diff)
parentf3e151467d5d93d86619cebfb60bbf73f4f933e9 (diff)
downloadorg.eclipse.jetty.project-286df12f03cc353933f58a38b58953c3e243584b.tar.gz
org.eclipse.jetty.project-286df12f03cc353933f58a38b58953c3e243584b.tar.xz
org.eclipse.jetty.project-286df12f03cc353933f58a38b58953c3e243584b.zip
Merge remote-tracking branch 'origin/master' into jetty-8
Conflicts: jetty-annotations/src/main/java/org/eclipse/jetty/annotations/AnnotationParser.java
Diffstat (limited to 'jetty-security/src/main/java/org/eclipse/jetty/security')
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java3
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/authentication/BasicAuthenticator.java6
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/authentication/ClientCertAuthenticator.java8
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DeferredAuthentication.java70
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DigestAuthenticator.java6
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java17
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/authentication/LoginAuthenticator.java1
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SpnegoAuthenticator.java4
8 files changed, 40 insertions, 75 deletions
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java b/jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java
index d2009310d5..95bcbde894 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java
@@ -525,8 +525,6 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
else if (authentication instanceof Authentication.Deferred)
{
DeferredAuthentication deferred= (DeferredAuthentication)authentication;
- deferred.setIdentityService(_identityService);
- deferred.setLoginService(_loginService);
baseRequest.setAuthentication(authentication);
try
@@ -536,7 +534,6 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
finally
{
previousIdentity = deferred.getPreviousAssociation();
- deferred.setIdentityService(null);
}
if (authenticator!=null)
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/BasicAuthenticator.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/BasicAuthenticator.java
index ec0bda78da..ec2fb04b0d 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/BasicAuthenticator.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/BasicAuthenticator.java
@@ -67,8 +67,8 @@ public class BasicAuthenticator extends LoginAuthenticator
try
{
if (!mandatory)
- return _deferred;
-
+ return new DeferredAuthentication(this);
+
if (credentials != null)
{
int space=credentials.indexOf(' ');
@@ -96,7 +96,7 @@ public class BasicAuthenticator extends LoginAuthenticator
}
}
- if (_deferred.isDeferred(response))
+ if (DeferredAuthentication.isDeferred(response))
return Authentication.UNAUTHENTICATED;
response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "basic realm=\"" + _loginService.getName() + '"');
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/ClientCertAuthenticator.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/ClientCertAuthenticator.java
index 5a50944892..a4bef236a3 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/ClientCertAuthenticator.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/ClientCertAuthenticator.java
@@ -88,8 +88,8 @@ public class ClientCertAuthenticator extends LoginAuthenticator
public Authentication validateRequest(ServletRequest req, ServletResponse res, boolean mandatory) throws ServerAuthException
{
if (!mandatory)
- return _deferred;
-
+ return new DeferredAuthentication(this);
+
HttpServletRequest request = (HttpServletRequest)req;
HttpServletResponse response = (HttpServletResponse)res;
X509Certificate[] certs = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");
@@ -129,8 +129,8 @@ public class ClientCertAuthenticator extends LoginAuthenticator
}
}
}
-
- if (!_deferred.isDeferred(response))
+
+ if (!DeferredAuthentication.isDeferred(response))
{
response.sendError(HttpServletResponse.SC_FORBIDDEN);
return Authentication.SEND_FAILURE;
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DeferredAuthentication.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DeferredAuthentication.java
index 615b1c26ac..26640168df 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DeferredAuthentication.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DeferredAuthentication.java
@@ -45,22 +45,9 @@ import org.eclipse.jetty.util.log.Logger;
public class DeferredAuthentication implements Authentication.Deferred
{
private static final Logger LOG = Log.getLogger(DeferredAuthentication.class);
-
- protected final Authenticator _authenticator;
-
- private LoginService _loginService;
- private IdentityService _identityService;
+ protected final LoginAuthenticator _authenticator;
private Object _previousAssociation;
-
- /* ------------------------------------------------------------ */
- public DeferredAuthentication(Authenticator authenticator)
- {
- if (authenticator == null)
- throw new NullPointerException("No Authenticator");
- this._authenticator = authenticator;
- }
-
/* ------------------------------------------------------------ */
public DeferredAuthentication(LoginAuthenticator authenticator)
{
@@ -68,36 +55,6 @@ public class DeferredAuthentication implements Authentication.Deferred
throw new NullPointerException("No Authenticator");
this._authenticator = authenticator;
}
-
- /* ------------------------------------------------------------ */
- /** Get the identityService.
- * @return the identityService
- */
- public IdentityService getIdentityService()
- {
- return _identityService;
- }
-
- /* ------------------------------------------------------------ */
- /** Set the identityService.
- * @param identityService the identityService to set
- */
- public void setIdentityService(IdentityService identityService)
- {
- _identityService = identityService;
- }
-
- /* ------------------------------------------------------------ */
- public LoginService getLoginService()
- {
- return _loginService;
- }
-
- /* ------------------------------------------------------------ */
- public void setLoginService(LoginService loginService)
- {
- _loginService = loginService;
- }
/* ------------------------------------------------------------ */
/**
@@ -111,8 +68,11 @@ public class DeferredAuthentication implements Authentication.Deferred
if (authentication!=null && (authentication instanceof Authentication.User) && !(authentication instanceof Authentication.ResponseSent))
{
- if (_identityService!=null)
- _previousAssociation=_identityService.associate(((Authentication.User)authentication).getUserIdentity());
+ LoginService login_service= _authenticator.getLoginService();
+ IdentityService identity_service=login_service.getIdentityService();
+
+ if (identity_service!=null)
+ _previousAssociation=identity_service.associate(((Authentication.User)authentication).getUserIdentity());
return authentication;
}
}
@@ -131,9 +91,12 @@ public class DeferredAuthentication implements Authentication.Deferred
{
try
{
+ LoginService login_service= _authenticator.getLoginService();
+ IdentityService identity_service=login_service.getIdentityService();
+
Authentication authentication = _authenticator.validateRequest(request,response,true);
- if (authentication instanceof Authentication.User && _identityService!=null)
- _previousAssociation=_identityService.associate(((Authentication.User)authentication).getUserIdentity());
+ if (authentication instanceof Authentication.User && identity_service!=null)
+ _previousAssociation=identity_service.associate(((Authentication.User)authentication).getUserIdentity());
return authentication;
}
catch (ServerAuthException e)
@@ -149,14 +112,17 @@ public class DeferredAuthentication implements Authentication.Deferred
*/
public Authentication login(String username, String password)
{
- if (_loginService!=null)
+ LoginService login_service= _authenticator.getLoginService();
+ IdentityService identity_service=login_service.getIdentityService();
+
+ if (login_service!=null)
{
- UserIdentity user = _loginService.login(username,password);
+ UserIdentity user = login_service.login(username,password);
if (user!=null)
{
UserAuthentication authentication = new UserAuthentication("API",user);
- if (_identityService!=null)
- _previousAssociation=_identityService.associate(user);
+ if (identity_service!=null)
+ _previousAssociation=identity_service.associate(user);
return authentication;
}
}
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DigestAuthenticator.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DigestAuthenticator.java
index b95f9253a2..c42c26c871 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DigestAuthenticator.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DigestAuthenticator.java
@@ -121,8 +121,8 @@ public class DigestAuthenticator extends LoginAuthenticator
public Authentication validateRequest(ServletRequest req, ServletResponse res, boolean mandatory) throws ServerAuthException
{
if (!mandatory)
- return _deferred;
-
+ return new DeferredAuthentication(this);
+
HttpServletRequest request = (HttpServletRequest)req;
HttpServletResponse response = (HttpServletResponse)res;
String credentials = request.getHeader(HttpHeaders.AUTHORIZATION);
@@ -197,7 +197,7 @@ public class DigestAuthenticator extends LoginAuthenticator
}
- if (!_deferred.isDeferred(response))
+ if (!DeferredAuthentication.isDeferred(response))
{
String domain = request.getContextPath();
if (domain == null)
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java
index ccb00a200d..829a9d595b 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java
@@ -191,11 +191,11 @@ public class FormAuthenticator extends LoginAuthenticator
mandatory|=isJSecurityCheck(uri);
if (!mandatory)
- return _deferred;
-
+ return new DeferredAuthentication(this);
+
if (isLoginOrErrorPage(URIUtil.addPaths(request.getServletPath(),request.getPathInfo())) &&!DeferredAuthentication.isDeferred(response))
- return _deferred;
-
+ return new DeferredAuthentication(this);
+
HttpSession session = request.getSession(true);
try
@@ -300,9 +300,12 @@ public class FormAuthenticator extends LoginAuthenticator
}
// if we can't send challenge
- if (_deferred.isDeferred(response))
- return Authentication.UNAUTHENTICATED;
-
+ if (DeferredAuthentication.isDeferred(response))
+ {
+ LOG.debug("auth deferred {}",session.getId());
+ return Authentication.UNAUTHENTICATED;
+ }
+
// remember the current URI
synchronized (session)
{
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/LoginAuthenticator.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/LoginAuthenticator.java
index f7e30647a9..17e86574b6 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/LoginAuthenticator.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/LoginAuthenticator.java
@@ -29,7 +29,6 @@ import org.eclipse.jetty.server.session.AbstractSessionManager;
public abstract class LoginAuthenticator implements Authenticator
{
- protected final DeferredAuthentication _deferred=new DeferredAuthentication(this);
protected LoginService _loginService;
protected IdentityService _identityService;
private boolean _renewSession;
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SpnegoAuthenticator.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SpnegoAuthenticator.java
index 4bce3993d6..ca5563f4e5 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SpnegoAuthenticator.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SpnegoAuthenticator.java
@@ -69,7 +69,7 @@ public class SpnegoAuthenticator extends LoginAuthenticator
if (!mandatory)
{
- return _deferred;
+ return new DeferredAuthentication(this);
}
// check to see if we have authorization headers required to continue
@@ -77,7 +77,7 @@ public class SpnegoAuthenticator extends LoginAuthenticator
{
try
{
- if (_deferred.isDeferred(res))
+ if (DeferredAuthentication.isDeferred(res))
{
return Authentication.UNAUTHENTICATED;
}

Back to the top