Skip to main content
aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSimone Bordet2012-07-23 09:38:27 -0400
committerSimone Bordet2012-07-23 09:38:27 -0400
commitd2a0cb5c50d3b0ad3d71d4aea00b8229557ba56e (patch)
treefdea13e895b09e36a0faeb578179f53c06d7167a /jetty-security/src
parent6b4583b46122ed5f0fca9ac0af88e4a5cab6de21 (diff)
downloadorg.eclipse.jetty.project-d2a0cb5c50d3b0ad3d71d4aea00b8229557ba56e.tar.gz
org.eclipse.jetty.project-d2a0cb5c50d3b0ad3d71d4aea00b8229557ba56e.tar.xz
org.eclipse.jetty.project-d2a0cb5c50d3b0ad3d71d4aea00b8229557ba56e.zip
Jetty9 - Fixed compilation problems.
Diffstat (limited to 'jetty-security/src')
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/SpnegoLoginService.java70
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/SpnegoUserPrincipal.java15
-rw-r--r--jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java119
3 files changed, 100 insertions, 104 deletions
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/SpnegoLoginService.java b/jetty-security/src/main/java/org/eclipse/jetty/security/SpnegoLoginService.java
index 94321f03ae..913e97d2b2 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/SpnegoLoginService.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/SpnegoLoginService.java
@@ -1,30 +1,30 @@
-package org.eclipse.jetty.security;
-//========================================================================
-//Copyright (c) Webtide LLC
-//------------------------------------------------------------------------
-//All rights reserved. This program and the accompanying materials
-//are made available under the terms of the Eclipse Public License v1.0
-//and Apache License v2.0 which accompanies this distribution.
+// ========================================================================
+// Copyright (c) Webtide LLC
+// ------------------------------------------------------------------------
+// All rights reserved. This program and the accompanying materials
+// are made available under the terms of the Eclipse Public License v1.0
+// and Apache License v2.0 which accompanies this distribution.
//
-//The Eclipse Public License is available at
-//http://www.eclipse.org/legal/epl-v10.html
+// The Eclipse Public License is available at
+// http://www.eclipse.org/legal/epl-v10.html
//
-//The Apache License v2.0 is available at
-//http://www.opensource.org/licenses/apache2.0.php
+// The Apache License v2.0 is available at
+// http://www.opensource.org/licenses/apache2.0.php
//
-//You may elect to redistribute this code under either of these licenses.
-//========================================================================
+// You may elect to redistribute this code under either of these licenses.
+// ========================================================================
-import java.util.Properties;
+package org.eclipse.jetty.security;
+import java.util.Properties;
import javax.security.auth.Subject;
import org.eclipse.jetty.server.UserIdentity;
+import org.eclipse.jetty.util.B64Code;
import org.eclipse.jetty.util.component.AbstractLifeCycle;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;
import org.eclipse.jetty.util.resource.Resource;
-import org.eclipse.jetty.util.security.B64Code;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
@@ -39,25 +39,25 @@ public class SpnegoLoginService extends AbstractLifeCycle implements LoginServic
protected IdentityService _identityService;// = new LdapIdentityService();
protected String _name;
private String _config;
-
+
private String _targetName;
public SpnegoLoginService()
{
-
+
}
-
+
public SpnegoLoginService( String name )
{
setName(name);
}
-
+
public SpnegoLoginService( String name, String config )
{
setName(name);
setConfig(config);
}
-
+
public String getName()
{
return _name;
@@ -69,38 +69,38 @@ public class SpnegoLoginService extends AbstractLifeCycle implements LoginServic
{
throw new IllegalStateException("Running");
}
-
+
_name = name;
}
-
+
public String getConfig()
{
return _config;
}
-
+
public void setConfig( String config )
{
if (isRunning())
{
throw new IllegalStateException("Running");
}
-
+
_config = config;
}
-
-
-
+
+
+
@Override
protected void doStart() throws Exception
{
Properties properties = new Properties();
Resource resource = Resource.newResource(_config);
properties.load(resource.getInputStream());
-
+
_targetName = properties.getProperty("targetName");
-
+
LOG.debug("Target Name {}", _targetName);
-
+
super.doStart();
}
@@ -110,9 +110,9 @@ public class SpnegoLoginService extends AbstractLifeCycle implements LoginServic
public UserIdentity login(String username, Object credentials)
{
String encodedAuthToken = (String)credentials;
-
+
byte[] authToken = B64Code.decode(encodedAuthToken);
-
+
GSSManager manager = GSSManager.getInstance();
try
{
@@ -135,7 +135,7 @@ public class SpnegoLoginService extends AbstractLifeCycle implements LoginServic
{
String clientName = gContext.getSrcName().toString();
String role = clientName.substring(clientName.indexOf('@') + 1);
-
+
LOG.debug("SpnegoUserRealm: established a security context");
LOG.debug("Client Principal is: " + gContext.getSrcName());
LOG.debug("Server Principal is: " + gContext.getTargName());
@@ -145,7 +145,7 @@ public class SpnegoLoginService extends AbstractLifeCycle implements LoginServic
Subject subject = new Subject();
subject.getPrincipals().add(user);
-
+
return _identityService.newUserIdentity(subject,user, new String[]{role});
}
}
@@ -176,7 +176,7 @@ public class SpnegoLoginService extends AbstractLifeCycle implements LoginServic
public void logout(UserIdentity user) {
// TODO Auto-generated method stub
-
+
}
}
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/SpnegoUserPrincipal.java b/jetty-security/src/main/java/org/eclipse/jetty/security/SpnegoUserPrincipal.java
index 26de9c2c20..d3c31e684d 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/SpnegoUserPrincipal.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/SpnegoUserPrincipal.java
@@ -1,4 +1,3 @@
-package org.eclipse.jetty.security;
//========================================================================
//Copyright 2011-2012 Mort Bay Consulting Pty. Ltd.
//------------------------------------------------------------------------
@@ -12,28 +11,30 @@ package org.eclipse.jetty.security;
//You may elect to redistribute this code under either of these licenses.
//========================================================================
+package org.eclipse.jetty.security;
+
import java.security.Principal;
-import org.eclipse.jetty.util.security.B64Code;
+import org.eclipse.jetty.util.B64Code;
public class SpnegoUserPrincipal implements Principal
{
private final String _name;
private byte[] _token;
private String _encodedToken;
-
+
public SpnegoUserPrincipal( String name, String encodedToken )
{
_name = name;
_encodedToken = encodedToken;
}
-
+
public SpnegoUserPrincipal( String name, byte[] token )
{
_name = name;
_token = token;
}
-
+
public String getName()
{
return _name;
@@ -47,7 +48,7 @@ public class SpnegoUserPrincipal implements Principal
}
return _token;
}
-
+
public String getEncodedToken()
{
if ( _encodedToken == null )
@@ -55,5 +56,5 @@ public class SpnegoUserPrincipal implements Principal
_encodedToken = new String(B64Code.encode(_token,true));
}
return _encodedToken;
- }
+ }
}
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java
index 280bfe9f68..faaf7380ef 100644
--- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java
+++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java
@@ -4,11 +4,11 @@
// All rights reserved. This program and the accompanying materials
// are made available under the terms of the Eclipse Public License v1.0
// and Apache License v2.0 which accompanies this distribution.
-// The Eclipse Public License is available at
+// The Eclipse Public License is available at
// http://www.eclipse.org/legal/epl-v10.html
// The Apache License v2.0 is available at
// http://www.opensource.org/licenses/apache2.0.php
-// You may elect to redistribute this code under either of these licenses.
+// You may elect to redistribute this code under either of these licenses.
// ========================================================================
package org.eclipse.jetty.security.authentication;
@@ -16,7 +16,6 @@ package org.eclipse.jetty.security.authentication;
import java.io.IOException;
import java.util.Collections;
import java.util.Enumeration;
-
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
@@ -47,18 +46,18 @@ import org.eclipse.jetty.util.security.Constraint;
/**
* FORM Authenticator.
- *
+ *
* <p>This authenticator implements form authentication will use dispatchers to
* the login page if the {@link #__FORM_DISPATCH} init parameter is set to true.
* Otherwise it will redirect.</p>
- *
+ *
* <p>The form authenticator redirects unauthenticated requests to a log page
* which should use a form to gather username/password from the user and send them
- * to the /j_security_check URI within the context. FormAuthentication uses
+ * to the /j_security_check URI within the context. FormAuthentication uses
* {@link SessionAuthentication} to wrap Authentication results so that they
* are associated with the session.</p>
- *
- *
+ *
+ *
*/
public class FormAuthenticator extends LoginAuthenticator
{
@@ -94,7 +93,7 @@ public class FormAuthenticator extends LoginAuthenticator
setErrorPage(error);
_dispatch=dispatch;
}
-
+
/* ------------------------------------------------------------ */
/**
* If true, uris that cause a redirect to a login page will always
@@ -107,14 +106,14 @@ public class FormAuthenticator extends LoginAuthenticator
{
_alwaysSaveUri = alwaysSave;
}
-
-
+
+
/* ------------------------------------------------------------ */
public boolean getAlwaysSaveUri ()
{
return _alwaysSaveUri;
}
-
+
/* ------------------------------------------------------------ */
/**
* @see org.eclipse.jetty.security.authentication.LoginAuthenticator#setConfiguration(org.eclipse.jetty.security.Authenticator.AuthConfiguration)
@@ -149,7 +148,7 @@ public class FormAuthenticator extends LoginAuthenticator
}
_formLoginPage = path;
_formLoginPath = path;
- if (_formLoginPath.indexOf('?') > 0)
+ if (_formLoginPath.indexOf('?') > 0)
_formLoginPath = _formLoginPath.substring(0, _formLoginPath.indexOf('?'));
}
@@ -171,14 +170,14 @@ public class FormAuthenticator extends LoginAuthenticator
_formErrorPage = path;
_formErrorPath = path;
- if (_formErrorPath.indexOf('?') > 0)
+ if (_formErrorPath.indexOf('?') > 0)
_formErrorPath = _formErrorPath.substring(0, _formErrorPath.indexOf('?'));
}
}
/* ------------------------------------------------------------ */
public Authentication validateRequest(ServletRequest req, ServletResponse res, boolean mandatory) throws ServerAuthException
- {
+ {
HttpServletRequest request = (HttpServletRequest)req;
HttpServletResponse response = (HttpServletResponse)res;
String uri = request.getRequestURI();
@@ -188,12 +187,12 @@ public class FormAuthenticator extends LoginAuthenticator
mandatory|=isJSecurityCheck(uri);
if (!mandatory)
return _deferred;
-
+
if (isLoginOrErrorPage(URIUtil.addPaths(request.getServletPath(),request.getPathInfo())))
return Authentication.NOT_CHECKED;
-
+
HttpSession session = request.getSession(true);
-
+
try
{
// Handle a request for authentication.
@@ -201,39 +200,39 @@ public class FormAuthenticator extends LoginAuthenticator
{
final String username = request.getParameter(__J_USERNAME);
final String password = request.getParameter(__J_PASSWORD);
-
+
UserIdentity user = _loginService.login(username,password);
if (user!=null)
{
session=renewSessionOnAuthentication(request,response);
-
+
// Redirect to original request
String nuri;
synchronized(session)
{
nuri = (String) session.getAttribute(__J_URI);
}
-
+
if (nuri == null || nuri.length() == 0)
{
nuri = request.getContextPath();
- if (nuri.length() == 0)
+ if (nuri.length() == 0)
nuri = URIUtil.SLASH;
}
- response.setContentLength(0);
+ response.setContentLength(0);
response.sendRedirect(response.encodeRedirectURL(nuri));
Authentication cached=new SessionAuthentication(getAuthMethod(),user,password);
session.setAttribute(SessionAuthentication.__J_AUTHENTICATED, cached);
return new FormAuthentication(getAuthMethod(),user);
}
-
+
// not authenticated
- if (LOG.isDebugEnabled())
+ if (LOG.isDebugEnabled())
LOG.debug("Form authentication FAILED for " + StringUtil.printable(username));
if (_formErrorPage == null)
{
- if (response != null)
+ if (response != null)
response.sendError(HttpServletResponse.SC_FORBIDDEN);
}
else if (_dispatch)
@@ -247,20 +246,20 @@ public class FormAuthenticator extends LoginAuthenticator
{
response.sendRedirect(response.encodeRedirectURL(URIUtil.addPaths(request.getContextPath(),_formErrorPage)));
}
-
+
return Authentication.SEND_FAILURE;
}
-
+
// Look for cached authentication
Authentication authentication = (Authentication) session.getAttribute(SessionAuthentication.__J_AUTHENTICATED);
- if (authentication != null)
+ if (authentication != null)
{
// Has authentication been revoked?
- if (authentication instanceof Authentication.User &&
+ if (authentication instanceof Authentication.User &&
_loginService!=null &&
!_loginService.validate(((Authentication.User)authentication).getUserIdentity()))
{
-
+
session.removeAttribute(SessionAuthentication.__J_AUTHENTICATED);
}
else
@@ -268,7 +267,7 @@ public class FormAuthenticator extends LoginAuthenticator
String j_uri=(String)session.getAttribute(__J_URI);
if (j_uri!=null)
{
- MultiMap<String> j_post = (MultiMap<String>)session.getAttribute(__J_POST);
+ MultiMap j_post = (MultiMap)session.getAttribute(__J_POST);
if (j_post!=null)
{
StringBuffer buf = request.getRequestURL();
@@ -280,7 +279,7 @@ public class FormAuthenticator extends LoginAuthenticator
// This is a retry of an original POST request
// so restore method and parameters
- session.removeAttribute(__J_POST);
+ session.removeAttribute(__J_POST);
Request base_request = HttpChannel.getCurrentHttpChannel().getRequest();
base_request.setMethod(HttpMethod.POST,HttpMethod.POST.asString());
base_request.setParameters(j_post);
@@ -288,36 +287,36 @@ public class FormAuthenticator extends LoginAuthenticator
}
else
session.removeAttribute(__J_URI);
-
+
}
return authentication;
}
}
// if we can't send challenge
- if (_deferred.isDeferred(response))
- return Authentication.UNAUTHENTICATED;
-
+ if (DeferredAuthentication.isDeferred(response))
+ return Authentication.UNAUTHENTICATED;
+
// remember the current URI
synchronized (session)
{
// But only if it is not set already, or we save every uri that leads to a login form redirect
if (session.getAttribute(__J_URI)==null || _alwaysSaveUri)
- {
+ {
StringBuffer buf = request.getRequestURL();
if (request.getQueryString() != null)
buf.append("?").append(request.getQueryString());
session.setAttribute(__J_URI, buf.toString());
-
+
if (MimeTypes.Type.FORM_ENCODED.is(req.getContentType()) && HttpMethod.POST.is(request.getMethod()))
{
Request base_request = (req instanceof Request)?(Request)req:HttpChannel.getCurrentHttpChannel().getRequest();
- base_request.extractParameters();
- session.setAttribute(__J_POST, new MultiMap<String>(base_request.getParameters()));
+ base_request.extractParameters();
+ session.setAttribute(__J_POST, new MultiMap(base_request.getParameters()));
}
}
}
-
+
// send the the challenge
if (_dispatch)
{
@@ -331,24 +330,20 @@ public class FormAuthenticator extends LoginAuthenticator
response.sendRedirect(response.encodeRedirectURL(URIUtil.addPaths(request.getContextPath(),_formLoginPage)));
}
return Authentication.SEND_CONTINUE;
-
-
- }
- catch (IOException e)
- {
- throw new ServerAuthException(e);
+
+
}
- catch (ServletException e)
+ catch (IOException | ServletException e)
{
throw new ServerAuthException(e);
}
}
-
+
/* ------------------------------------------------------------ */
public boolean isJSecurityCheck(String uri)
{
int jsc = uri.indexOf(__J_SECURITY_CHECK);
-
+
if (jsc<0)
return false;
int e=jsc+__J_SECURITY_CHECK.length();
@@ -357,13 +352,13 @@ public class FormAuthenticator extends LoginAuthenticator
char c = uri.charAt(e);
return c==';'||c=='#'||c=='/'||c=='?';
}
-
+
/* ------------------------------------------------------------ */
public boolean isLoginOrErrorPage(String pathInContext)
{
return pathInContext != null && (pathInContext.equals(_formErrorPath) || pathInContext.equals(_formLoginPath));
}
-
+
/* ------------------------------------------------------------ */
public boolean secureResponse(ServletRequest req, ServletResponse res, boolean mandatory, User validatedUser) throws ServerAuthException
{
@@ -386,7 +381,7 @@ public class FormAuthenticator extends LoginAuthenticator
return -1;
return super.getDateHeader(name);
}
-
+
@Override
public String getHeader(String name)
{
@@ -396,16 +391,16 @@ public class FormAuthenticator extends LoginAuthenticator
}
@Override
- public Enumeration getHeaderNames()
+ public Enumeration<String> getHeaderNames()
{
return Collections.enumeration(Collections.list(super.getHeaderNames()));
}
@Override
- public Enumeration getHeaders(String name)
+ public Enumeration<String> getHeaders(String name)
{
if (name.toLowerCase().startsWith("if-"))
- return Collections.enumeration(Collections.EMPTY_LIST);
+ return Collections.<String>enumeration(Collections.<String>emptyList());
return super.getHeaders(name);
}
}
@@ -439,14 +434,14 @@ public class FormAuthenticator extends LoginAuthenticator
if (notIgnored(name))
super.setDateHeader(name,date);
}
-
+
@Override
public void setHeader(String name, String value)
{
if (notIgnored(name))
super.setHeader(name,value);
}
-
+
private boolean notIgnored(String name)
{
if (HttpHeader.CACHE_CONTROL.is(name) ||
@@ -459,10 +454,10 @@ public class FormAuthenticator extends LoginAuthenticator
return true;
}
}
-
+
/* ------------------------------------------------------------ */
/** This Authentication represents a just completed Form authentication.
- * Subsequent requests from the same user are authenticated by the presents
+ * Subsequent requests from the same user are authenticated by the presents
* of a {@link SessionAuthentication} instance in their session.
*/
public static class FormAuthentication extends UserAuthentication implements Authentication.ResponseSent
@@ -471,7 +466,7 @@ public class FormAuthenticator extends LoginAuthenticator
{
super(method,userIdentity);
}
-
+
@Override
public String toString()
{

Back to the top