diff options
author | Greg Wilkins | 2011-09-20 07:16:58 +0000 |
---|---|---|
committer | Greg Wilkins | 2011-09-20 07:16:58 +0000 |
commit | b7b567d86d0f297b3e38a166ac738f1fd84df474 (patch) | |
tree | 606fc53b1cb2a5112eaa1a42454083d4d68352cc /jetty-security/src/main/java/org | |
parent | 57bd9f3bced17a05b837d1285dcef20eb671ee94 (diff) | |
download | org.eclipse.jetty.project-b7b567d86d0f297b3e38a166ac738f1fd84df474.tar.gz org.eclipse.jetty.project-b7b567d86d0f297b3e38a166ac738f1fd84df474.tar.xz org.eclipse.jetty.project-b7b567d86d0f297b3e38a166ac738f1fd84df474.zip |
353627 Basic Auth checks that Basic method has been send
Diffstat (limited to 'jetty-security/src/main/java/org')
2 files changed, 21 insertions, 13 deletions
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/BasicAuthenticator.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/BasicAuthenticator.java index e680644609..372f9b63ea 100644 --- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/BasicAuthenticator.java +++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/BasicAuthenticator.java @@ -65,20 +65,28 @@ public class BasicAuthenticator extends LoginAuthenticator return _deferred; if (credentials != null) - { - credentials = credentials.substring(credentials.indexOf(' ')+1); - credentials = B64Code.decode(credentials,StringUtil.__ISO_8859_1); - int i = credentials.indexOf(':'); - if (i>0) + { + int space=credentials.indexOf(' '); + if (space>0) { - String username = credentials.substring(0,i); - String password = credentials.substring(i+1); - - UserIdentity user = _loginService.login(username,password); - if (user!=null) + String method=credentials.substring(0,space); + if ("basic".equalsIgnoreCase(method)) { - renewSessionOnAuthentication(request,response); - return new UserAuthentication(getAuthMethod(),user); + credentials = credentials.substring(space+1); + credentials = B64Code.decode(credentials,StringUtil.__ISO_8859_1); + int i = credentials.indexOf(':'); + if (i>0) + { + String username = credentials.substring(0,i); + String password = credentials.substring(i+1); + + UserIdentity user = _loginService.login(username,password); + if (user!=null) + { + renewSessionOnAuthentication(request,response); + return new UserAuthentication(getAuthMethod(),user); + } + } } } } diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DigestAuthenticator.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DigestAuthenticator.java index ee9f5625ae..ac4ebe2ea3 100644 --- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DigestAuthenticator.java +++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DigestAuthenticator.java @@ -275,7 +275,7 @@ public class DigestAuthenticator extends LoginAuthenticator private static class Digest extends Credential { private static final long serialVersionUID = -2484639019549527724L; - String method = ""; + final String method; String username = ""; String realm = ""; String nonce = ""; |