diff options
author | Jesse McConnell | 2012-01-17 19:36:44 +0000 |
---|---|---|
committer | Jesse McConnell | 2012-01-17 19:36:44 +0000 |
commit | 90184ab3c3ba2cafae017aeae30e1bb780844aa2 (patch) | |
tree | af60f622a09167c1b82690dea83cdc19262740ac /jetty-security/src/main | |
parent | 9757a940890e69d2e07e733ad80d2a299a5cc524 (diff) | |
parent | 1537433b8199a412149619cdc372c484594ba9c0 (diff) | |
download | org.eclipse.jetty.project-90184ab3c3ba2cafae017aeae30e1bb780844aa2.tar.gz org.eclipse.jetty.project-90184ab3c3ba2cafae017aeae30e1bb780844aa2.tar.xz org.eclipse.jetty.project-90184ab3c3ba2cafae017aeae30e1bb780844aa2.zip |
Latest merge from master
Diffstat (limited to 'jetty-security/src/main')
-rw-r--r-- | jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java | 11 | ||||
-rw-r--r-- | jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java | 37 |
2 files changed, 36 insertions, 12 deletions
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java b/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java index 44280872b4..e6356026ce 100644 --- a/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java +++ b/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java @@ -358,7 +358,7 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr { if (connector.isIntegral(request)) return true; - if (connector.getConfidentialPort() > 0) + if (connector.getIntegralPort() > 0) { String url = connector.getIntegralScheme() + "://" + request.getServerName() + ":" + connector.getIntegralPort() + request.getRequestURI(); if (request.getQueryString() != null) @@ -440,6 +440,13 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr public void dump(Appendable out,String indent) throws IOException { dumpThis(out); - dump(out,indent,TypeUtil.asList(getHandlers()),getBeans(),Collections.singleton(_roles),_constraintMap.entrySet()); + dump(out,indent, + Collections.singleton(getLoginService()), + Collections.singleton(getIdentityService()), + Collections.singleton(getAuthenticator()), + Collections.singleton(_roles), + _constraintMap.entrySet(), + getBeans(), + TypeUtil.asList(getHandlers())); } } diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java b/jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java index 7e4232c579..da34f2d633 100644 --- a/jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java +++ b/jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java @@ -244,16 +244,19 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti return _initParameters.put(key,value); } - /* ------------------------------------------------------------ */ protected LoginService findLoginService() { List<LoginService> list = getServer().getBeans(LoginService.class); - for (LoginService service : list) - if (service.getName()!=null && service.getName().equals(getRealmName())) - return service; - if (list.size()>0) + String realm=getRealmName(); + if (realm!=null) + { + for (LoginService service : list) + if (service.getName()!=null && service.getName().equals(realm)) + return service; + } + else if (list.size()==1) return list.get(0); return null; } @@ -414,7 +417,7 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti final Authenticator authenticator = _authenticator; - if (authenticator!=null && checkSecurity(baseRequest)) + if (checkSecurity(baseRequest)) { Object constraintInfo = prepareConstraintInfo(pathInContext, baseRequest); @@ -433,13 +436,24 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti boolean isAuthMandatory = isAuthMandatory(baseRequest, base_response, constraintInfo); + if (isAuthMandatory && authenticator==null) + { + LOG.warn("No authenticator for: "+constraintInfo); + if (!baseRequest.isHandled()) + { + response.sendError(Response.SC_FORBIDDEN); + baseRequest.setHandled(true); + } + return; + } + // check authentication Object previousIdentity = null; try { Authentication authentication = baseRequest.getAuthentication(); if (authentication==null || authentication==Authentication.NOT_CHECKED) - authentication=authenticator.validateRequest(request, response, isAuthMandatory); + authentication=authenticator==null?Authentication.UNAUTHENTICATED:authenticator.validateRequest(request, response, isAuthMandatory); if (authentication instanceof Authentication.Wrapped) { @@ -500,9 +514,11 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti else { baseRequest.setAuthentication(authentication); - previousIdentity = _identityService.associate(null); + if (_identityService!=null) + previousIdentity = _identityService.associate(null); handler.handle(pathInContext, baseRequest, request, response); - authenticator.secureResponse(request, response, isAuthMandatory, null); + if (authenticator!=null) + authenticator.secureResponse(request, response, isAuthMandatory, null); } } catch (ServerAuthException e) @@ -513,7 +529,8 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti } finally { - _identityService.disassociate(previousIdentity); + if (_identityService!=null) + _identityService.disassociate(previousIdentity); } } else |