Skip to main content
aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGreg Wilkins2012-06-05 08:02:44 -0400
committerGreg Wilkins2012-06-05 08:02:44 -0400
commitc318cb8167583a2a2adeebcd2eb9cca3bfabaaa6 (patch)
tree0006d78642d03e3ac7ed8061b1db3c1354505ff8 /jetty-security/src/main/java
parent96cbd53c472f5f79d5866b004c84b1e2e25d348d (diff)
downloadorg.eclipse.jetty.project-c318cb8167583a2a2adeebcd2eb9cca3bfabaaa6.tar.gz
org.eclipse.jetty.project-c318cb8167583a2a2adeebcd2eb9cca3bfabaaa6.tar.xz
org.eclipse.jetty.project-c318cb8167583a2a2adeebcd2eb9cca3bfabaaa6.zip
jetty-9 jetty-security passing tests
Diffstat (limited to 'jetty-security/src/main/java')
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java25
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/authentication/BasicAuthenticator.java6
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DigestAuthenticator.java6
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java35
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SpnegoAuthenticator.java8
5 files changed, 42 insertions, 38 deletions
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java b/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java
index e6356026ce..af1ec146de 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java
@@ -25,8 +25,8 @@ import java.util.concurrent.CopyOnWriteArrayList;
import java.util.concurrent.CopyOnWriteArraySet;
import org.eclipse.jetty.http.PathMap;
-import org.eclipse.jetty.server.AbstractHttpConnection;
-import org.eclipse.jetty.server.Connector;
+import org.eclipse.jetty.server.HttpChannel;
+import org.eclipse.jetty.server.HttpConnector;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.Response;
import org.eclipse.jetty.server.UserIdentity;
@@ -43,6 +43,7 @@ import org.eclipse.jetty.util.security.Constraint;
*/
public class ConstraintSecurityHandler extends SecurityHandler implements ConstraintAware
{
+ private static final String ALL_METHODS = "*";
private final List<ConstraintMapping> _constraintMappings= new CopyOnWriteArrayList<ConstraintMapping>();
private final Set<String> _roles = new CopyOnWriteArraySet<String>();
private final PathMap _constraintMap = new PathMap();
@@ -145,7 +146,7 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
if (cmr!=null)
{
for (String r : cmr)
- if (!"*".equals(r))
+ if (!ALL_METHODS.equals(r))
roles.add(r);
}
}
@@ -245,11 +246,13 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
mappings = new StringMap();
_constraintMap.put(mapping.getPathSpec(),mappings);
}
- RoleInfo allMethodsRoleInfo = mappings.get(null);
+ RoleInfo allMethodsRoleInfo = mappings.get(ALL_METHODS);
if (allMethodsRoleInfo != null && allMethodsRoleInfo.isForbidden())
return;
String httpMethod = mapping.getMethod();
+ if (httpMethod==null)
+ httpMethod=ALL_METHODS;
RoleInfo roleInfo = mappings.get(httpMethod);
if (roleInfo == null)
{
@@ -268,10 +271,10 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
roleInfo.setForbidden(forbidden);
if (forbidden)
{
- if (httpMethod == null)
+ if (httpMethod.equals(ALL_METHODS))
{
mappings.clear();
- mappings.put(null,roleInfo);
+ mappings.put(ALL_METHODS,roleInfo);
}
}
else
@@ -306,11 +309,11 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
}
}
}
- if (httpMethod == null)
+ if (httpMethod.equals(ALL_METHODS))
{
for (Map.Entry<String, RoleInfo> entry : mappings.entrySet())
{
- if (entry.getKey() != null)
+ if (!entry.getKey().equals(ALL_METHODS))
{
RoleInfo specific = entry.getValue();
specific.combine(roleInfo);
@@ -329,7 +332,7 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
String httpMethod = request.getMethod();
RoleInfo roleInfo = mappings.get(httpMethod);
if (roleInfo == null)
- roleInfo = mappings.get(null);
+ roleInfo = mappings.get(ALL_METHODS);
return roleInfo;
}
@@ -351,8 +354,8 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr
{
return true;
}
- AbstractHttpConnection connection = AbstractHttpConnection.getCurrentConnection();
- Connector connector = connection.getConnector();
+
+ HttpConnector connector = HttpChannel.getCurrentHttpChannel().getHttpConnector();
if (dataConstraint == UserDataConstraint.Integral)
{
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/BasicAuthenticator.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/BasicAuthenticator.java
index 7857b4d46a..dec0ee78d1 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/BasicAuthenticator.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/BasicAuthenticator.java
@@ -20,7 +20,7 @@ import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.eclipse.jetty.http.HttpHeaders;
+import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.security.UserAuthentication;
import org.eclipse.jetty.server.Authentication;
@@ -57,7 +57,7 @@ public class BasicAuthenticator extends LoginAuthenticator
{
HttpServletRequest request = (HttpServletRequest)req;
HttpServletResponse response = (HttpServletResponse)res;
- String credentials = request.getHeader(HttpHeaders.AUTHORIZATION);
+ String credentials = request.getHeader(HttpHeader.AUTHORIZATION.asString());
try
{
@@ -94,7 +94,7 @@ public class BasicAuthenticator extends LoginAuthenticator
if (_deferred.isDeferred(response))
return Authentication.UNAUTHENTICATED;
- response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "basic realm=\"" + _loginService.getName() + '"');
+ response.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), "basic realm=\"" + _loginService.getName() + '"');
response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
return Authentication.SEND_CONTINUE;
}
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DigestAuthenticator.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DigestAuthenticator.java
index 51833fad78..4e16dbe4bc 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DigestAuthenticator.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DigestAuthenticator.java
@@ -27,7 +27,7 @@ import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.eclipse.jetty.http.HttpHeaders;
+import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.security.SecurityHandler;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.security.UserAuthentication;
@@ -120,7 +120,7 @@ public class DigestAuthenticator extends LoginAuthenticator
HttpServletRequest request = (HttpServletRequest)req;
HttpServletResponse response = (HttpServletResponse)res;
- String credentials = request.getHeader(HttpHeaders.AUTHORIZATION);
+ String credentials = request.getHeader(HttpHeader.AUTHORIZATION.asString());
try
{
@@ -197,7 +197,7 @@ public class DigestAuthenticator extends LoginAuthenticator
String domain = request.getContextPath();
if (domain == null)
domain = "/";
- response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "Digest realm=\"" + _loginService.getName()
+ response.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), "Digest realm=\"" + _loginService.getName()
+ "\", domain=\""
+ domain
+ "\", nonce=\""
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java
index c21768fde1..304606d7d0 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java
@@ -27,14 +27,15 @@ import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
import javax.servlet.http.HttpSession;
-import org.eclipse.jetty.http.HttpHeaders;
-import org.eclipse.jetty.http.HttpMethods;
+import org.eclipse.jetty.http.HttpHeader;
+import org.eclipse.jetty.http.HttpHeaderValue;
+import org.eclipse.jetty.http.HttpMethod;
import org.eclipse.jetty.http.MimeTypes;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.security.UserAuthentication;
-import org.eclipse.jetty.server.AbstractHttpConnection;
import org.eclipse.jetty.server.Authentication;
import org.eclipse.jetty.server.Authentication.User;
+import org.eclipse.jetty.server.HttpChannel;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.util.MultiMap;
@@ -217,8 +218,8 @@ public class FormAuthenticator extends LoginAuthenticator
else if (_dispatch)
{
RequestDispatcher dispatcher = request.getRequestDispatcher(_formErrorPage);
- response.setHeader(HttpHeaders.CACHE_CONTROL,"No-cache");
- response.setDateHeader(HttpHeaders.EXPIRES,1);
+ response.setHeader(HttpHeader.CACHE_CONTROL.asString(),HttpHeaderValue.NO_CACHE.asString());
+ response.setDateHeader(HttpHeader.EXPIRES.asString(),1);
dispatcher.forward(new FormRequest(request), new FormResponse(response));
}
else
@@ -259,8 +260,8 @@ public class FormAuthenticator extends LoginAuthenticator
// so restore method and parameters
session.removeAttribute(__J_POST);
- Request base_request = (req instanceof Request)?(Request)req:AbstractHttpConnection.getCurrentConnection().getRequest();
- base_request.setMethod(HttpMethods.POST);
+ Request base_request = HttpChannel.getCurrentHttpChannel().getRequest();
+ base_request.setMethod(HttpMethod.POST,HttpMethod.POST.asString());
base_request.setParameters(j_post);
}
}
@@ -287,9 +288,9 @@ public class FormAuthenticator extends LoginAuthenticator
buf.append("?").append(request.getQueryString());
session.setAttribute(__J_URI, buf.toString());
- if (MimeTypes.FORM_ENCODED.equalsIgnoreCase(req.getContentType()) && HttpMethods.POST.equals(request.getMethod()))
+ if (MimeTypes.Type.FORM_ENCODED.is(req.getContentType()) && HttpMethod.POST.is(request.getMethod()))
{
- Request base_request = (req instanceof Request)?(Request)req:AbstractHttpConnection.getCurrentConnection().getRequest();
+ Request base_request = (req instanceof Request)?(Request)req:HttpChannel.getCurrentHttpChannel().getRequest();
base_request.extractParameters();
session.setAttribute(__J_POST, new MultiMap<String>(base_request.getParameters()));
}
@@ -300,8 +301,8 @@ public class FormAuthenticator extends LoginAuthenticator
if (_dispatch)
{
RequestDispatcher dispatcher = request.getRequestDispatcher(_formLoginPage);
- response.setHeader(HttpHeaders.CACHE_CONTROL,"No-cache");
- response.setDateHeader(HttpHeaders.EXPIRES,1);
+ response.setHeader(HttpHeader.CACHE_CONTROL.asString(),HttpHeaderValue.NO_CACHE.asString());
+ response.setDateHeader(HttpHeader.EXPIRES.asString(),1);
dispatcher.forward(new FormRequest(request), new FormResponse(response));
}
else
@@ -427,12 +428,12 @@ public class FormAuthenticator extends LoginAuthenticator
private boolean notIgnored(String name)
{
- if (HttpHeaders.CACHE_CONTROL.equalsIgnoreCase(name) ||
- HttpHeaders.PRAGMA.equalsIgnoreCase(name) ||
- HttpHeaders.ETAG.equalsIgnoreCase(name) ||
- HttpHeaders.EXPIRES.equalsIgnoreCase(name) ||
- HttpHeaders.LAST_MODIFIED.equalsIgnoreCase(name) ||
- HttpHeaders.AGE.equalsIgnoreCase(name))
+ if (HttpHeader.CACHE_CONTROL.is(name) ||
+ HttpHeader.PRAGMA.is(name) ||
+ HttpHeader.ETAG.is(name) ||
+ HttpHeader.EXPIRES.is(name) ||
+ HttpHeader.LAST_MODIFIED.is(name) ||
+ HttpHeader.AGE.is(name))
return false;
return true;
}
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SpnegoAuthenticator.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SpnegoAuthenticator.java
index 9df7448468..0994e33e7d 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SpnegoAuthenticator.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SpnegoAuthenticator.java
@@ -22,7 +22,7 @@ import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.eclipse.jetty.http.HttpHeaders;
+import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.security.UserAuthentication;
import org.eclipse.jetty.server.Authentication;
@@ -46,7 +46,7 @@ public class SpnegoAuthenticator extends LoginAuthenticator
HttpServletRequest req = (HttpServletRequest)request;
HttpServletResponse res = (HttpServletResponse)response;
- String header = req.getHeader(HttpHeaders.AUTHORIZATION);
+ String header = req.getHeader(HttpHeader.AUTHORIZATION.asString());
if (!mandatory)
{
@@ -64,7 +64,7 @@ public class SpnegoAuthenticator extends LoginAuthenticator
}
LOG.debug("SpengoAuthenticator: sending challenge");
- res.setHeader(HttpHeaders.WWW_AUTHENTICATE, HttpHeaders.NEGOTIATE);
+ res.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), HttpHeader.NEGOTIATE.asString());
res.sendError(HttpServletResponse.SC_UNAUTHORIZED);
return Authentication.SEND_CONTINUE;
}
@@ -73,7 +73,7 @@ public class SpnegoAuthenticator extends LoginAuthenticator
throw new ServerAuthException(ioe);
}
}
- else if (header != null && header.startsWith(HttpHeaders.NEGOTIATE))
+ else if (header != null && header.startsWith(HttpHeader.NEGOTIATE.asString()))
{
String spnegoToken = header.substring(10);

Back to the top