use of com.pogeyan.cmis.api.auth.IUserObject in project copper-cms by PogeyanOSS.
the class AkkaCmisBrowserBindingServlet method service.
@Override
protected void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
try {
final ActorSystem system = (ActorSystem) request.getServletContext().getAttribute("ActorSystem");
// CSRF token check
String method = request.getMethod();
if (!METHOD_GET.equals(method) && !METHOD_HEAD.equals(method)) {
checkCsrfToken(request, response, false, false);
}
// set default headers
response.addHeader("Cache-Control", "private, max-age=0");
response.addHeader("Server", ServerVersion.OPENCMIS_SERVER);
// split path
String[] pathFragments = HttpUtils.splitPath(request);
final AsyncContext ctx = request.startAsync(request, response);
if (Helpers.isPerfMode()) {
MetricsInputs.get().getCounter("counter_requests_total").inc();
}
if (pathFragments != null && pathFragments.length > 0 && StringUtils.isBlank(pathFragments[0])) {
BaseMessage bm = gettingBaseMessage(method, pathFragments, null, request, response);
if (bm != null) {
// create actor on-the-fly
ActorRef servletActor = system.actorOf(Props.create(ServletActor.class, ctx));
servletActor.tell(bm, ActorRef.noSender());
} else {
throw new CmisNotSupportedException("Unsupported method");
}
} else {
this.verifyLogin(request, pathFragments, system, (s) -> {
try {
IUserObject loginSession = (IUserObject) s;
BaseMessage bm = gettingBaseMessage(method, pathFragments, loginSession, request, response);
if (bm != null) {
// create actor on-the-fly
ActorRef servletActor = system.actorOf(Props.create(ServletActor.class, ctx));
servletActor.tell(bm, ActorRef.noSender());
} else {
throw new CmisNotSupportedException("Unsupported method");
}
} catch (Exception e1) {
MetricsInputs.markBindingServletErrorMeter();
LOG.error("Service execution exception: {}, stack: {}", e1.getMessage(), ExceptionUtils.getStackTrace(e1));
ServletHelpers.printError(e1, request, response);
}
}, (err) -> {
HttpServletResponse asyncResponse = (HttpServletResponse) ctx.getResponse();
asyncResponse.setHeader("WWW-Authenticate", "Basic realm=\"CMIS\", charset=\"UTF-8\"");
try {
asyncResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Authorization Required");
} catch (Exception e1) {
MetricsInputs.markBindingServletErrorMeter();
ServletHelpers.printError(e1, (HttpServletRequest) ctx.getRequest(), asyncResponse);
}
ctx.complete();
});
}
} catch (Exception e) {
MetricsInputs.markBindingServletErrorMeter();
if (e instanceof CmisUnauthorizedException) {
response.setHeader("WWW-Authenticate", "Basic realm=\"CMIS\", charset=\"UTF-8\"");
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Authorization Required");
} else if (e instanceof CmisPermissionDeniedException) {
response.setHeader("WWW-Authenticate", "Basic realm=\"CMIS\", charset=\"UTF-8\"");
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Authorization Required");
} else {
ServletHelpers.printError(e, request, response);
}
} finally {
// in any case close the content stream if one has been provided
// if (request instanceof POSTHttpServletRequestWrapper) {
// InputStream stream = ((POSTHttpServletRequestWrapper)
// request).getStream();
// if (stream != null) {
// try {
// stream.close();
// } catch (IOException e) {
// LOG.error("Could not close POST stream: {}", e.toString(), e);
// }
// }
// }
// // we are done.
// try {
// response.flushBuffer();
// } catch (IOException ioe) {
// LOG.error("Could not flush resposne: {}", ioe.toString(), ioe);
// }
}
}
use of com.pogeyan.cmis.api.auth.IUserObject in project copper-cms by PogeyanOSS.
the class LoginActor method authenticate.
private LoginResponse authenticate(LoginRequest t, HashMap<String, Object> baggage) {
LoginResponse response = new LoginResponse();
try {
Map<String, String> loginSettings = RepositoryManagerFactory.getLoginDetails(t.getRepositoryId());
if (LOG.isDebugEnabled()) {
LOG.debug("Login settings for repositoryId: {}", loginSettings.toString());
}
IAuthService authService = LoginAuthServiceFactory.createAuthService(loginSettings);
if (authService != null) {
LoginRequestObject loginObject = new LoginRequestObject(t.getHeaders().get("authorization"), t.getRepositoryId());
IUserObject result = authService.authenticate(loginObject);
response.setSuccessfulLogin(result != null);
response.setLoginDetails(result);
} else {
LOG.error("Login authenticate service not found for: {}", loginSettings.toString());
response.setSuccessfulLogin(false);
}
} catch (Exception e) {
LOG.error("Login authenticate error: {}", ExceptionUtils.getStackTrace(e));
response.setSuccessfulLogin(false);
}
return response;
}
Aggregations