Search in sources :

Example 1 with IUserObject

use of com.pogeyan.cmis.api.auth.IUserObject in project copper-cms by PogeyanOSS.

the class AkkaCmisBrowserBindingServlet method service.

@Override
protected void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    try {
        final ActorSystem system = (ActorSystem) request.getServletContext().getAttribute("ActorSystem");
        // CSRF token check
        String method = request.getMethod();
        if (!METHOD_GET.equals(method) && !METHOD_HEAD.equals(method)) {
            checkCsrfToken(request, response, false, false);
        }
        // set default headers
        response.addHeader("Cache-Control", "private, max-age=0");
        response.addHeader("Server", ServerVersion.OPENCMIS_SERVER);
        // split path
        String[] pathFragments = HttpUtils.splitPath(request);
        final AsyncContext ctx = request.startAsync(request, response);
        if (Helpers.isPerfMode()) {
            MetricsInputs.get().getCounter("counter_requests_total").inc();
        }
        if (pathFragments != null && pathFragments.length > 0 && StringUtils.isBlank(pathFragments[0])) {
            BaseMessage bm = gettingBaseMessage(method, pathFragments, null, request, response);
            if (bm != null) {
                // create actor on-the-fly
                ActorRef servletActor = system.actorOf(Props.create(ServletActor.class, ctx));
                servletActor.tell(bm, ActorRef.noSender());
            } else {
                throw new CmisNotSupportedException("Unsupported method");
            }
        } else {
            this.verifyLogin(request, pathFragments, system, (s) -> {
                try {
                    IUserObject loginSession = (IUserObject) s;
                    BaseMessage bm = gettingBaseMessage(method, pathFragments, loginSession, request, response);
                    if (bm != null) {
                        // create actor on-the-fly
                        ActorRef servletActor = system.actorOf(Props.create(ServletActor.class, ctx));
                        servletActor.tell(bm, ActorRef.noSender());
                    } else {
                        throw new CmisNotSupportedException("Unsupported method");
                    }
                } catch (Exception e1) {
                    MetricsInputs.markBindingServletErrorMeter();
                    LOG.error("Service execution exception: {}, stack: {}", e1.getMessage(), ExceptionUtils.getStackTrace(e1));
                    ServletHelpers.printError(e1, request, response);
                }
            }, (err) -> {
                HttpServletResponse asyncResponse = (HttpServletResponse) ctx.getResponse();
                asyncResponse.setHeader("WWW-Authenticate", "Basic realm=\"CMIS\", charset=\"UTF-8\"");
                try {
                    asyncResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Authorization Required");
                } catch (Exception e1) {
                    MetricsInputs.markBindingServletErrorMeter();
                    ServletHelpers.printError(e1, (HttpServletRequest) ctx.getRequest(), asyncResponse);
                }
                ctx.complete();
            });
        }
    } catch (Exception e) {
        MetricsInputs.markBindingServletErrorMeter();
        if (e instanceof CmisUnauthorizedException) {
            response.setHeader("WWW-Authenticate", "Basic realm=\"CMIS\", charset=\"UTF-8\"");
            response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Authorization Required");
        } else if (e instanceof CmisPermissionDeniedException) {
            response.setHeader("WWW-Authenticate", "Basic realm=\"CMIS\", charset=\"UTF-8\"");
            response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Authorization Required");
        } else {
            ServletHelpers.printError(e, request, response);
        }
    } finally {
    // in any case close the content stream if one has been provided
    // if (request instanceof POSTHttpServletRequestWrapper) {
    // InputStream stream = ((POSTHttpServletRequestWrapper)
    // request).getStream();
    // if (stream != null) {
    // try {
    // stream.close();
    // } catch (IOException e) {
    // LOG.error("Could not close POST stream: {}", e.toString(), e);
    // }
    // }
    // }
    // // we are done.
    // try {
    // response.flushBuffer();
    // } catch (IOException ioe) {
    // LOG.error("Could not flush resposne: {}", ioe.toString(), ioe);
    // }
    }
}
Also used : ActorSystem(akka.actor.ActorSystem) CmisNotSupportedException(org.apache.chemistry.opencmis.commons.exceptions.CmisNotSupportedException) ActorRef(akka.actor.ActorRef) IUserObject(com.pogeyan.cmis.api.auth.IUserObject) HttpServletResponse(javax.servlet.http.HttpServletResponse) AsyncContext(javax.servlet.AsyncContext) ServletException(javax.servlet.ServletException) CmisPermissionDeniedException(org.apache.chemistry.opencmis.commons.exceptions.CmisPermissionDeniedException) CmisUnauthorizedException(org.apache.chemistry.opencmis.commons.exceptions.CmisUnauthorizedException) CmisNotSupportedException(org.apache.chemistry.opencmis.commons.exceptions.CmisNotSupportedException) IOException(java.io.IOException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) HttpServletRequest(javax.servlet.http.HttpServletRequest) BaseMessage(com.pogeyan.cmis.api.BaseMessage) CmisPermissionDeniedException(org.apache.chemistry.opencmis.commons.exceptions.CmisPermissionDeniedException) CmisUnauthorizedException(org.apache.chemistry.opencmis.commons.exceptions.CmisUnauthorizedException)

Example 2 with IUserObject

use of com.pogeyan.cmis.api.auth.IUserObject in project copper-cms by PogeyanOSS.

the class LoginActor method authenticate.

private LoginResponse authenticate(LoginRequest t, HashMap<String, Object> baggage) {
    LoginResponse response = new LoginResponse();
    try {
        Map<String, String> loginSettings = RepositoryManagerFactory.getLoginDetails(t.getRepositoryId());
        if (LOG.isDebugEnabled()) {
            LOG.debug("Login settings for repositoryId: {}", loginSettings.toString());
        }
        IAuthService authService = LoginAuthServiceFactory.createAuthService(loginSettings);
        if (authService != null) {
            LoginRequestObject loginObject = new LoginRequestObject(t.getHeaders().get("authorization"), t.getRepositoryId());
            IUserObject result = authService.authenticate(loginObject);
            response.setSuccessfulLogin(result != null);
            response.setLoginDetails(result);
        } else {
            LOG.error("Login authenticate service not found for: {}", loginSettings.toString());
            response.setSuccessfulLogin(false);
        }
    } catch (Exception e) {
        LOG.error("Login authenticate error: {}", ExceptionUtils.getStackTrace(e));
        response.setSuccessfulLogin(false);
    }
    return response;
}
Also used : LoginResponse(com.pogeyan.cmis.api.messages.LoginResponse) LoginRequestObject(com.pogeyan.cmis.api.auth.LoginRequestObject) IAuthService(com.pogeyan.cmis.api.auth.IAuthService) IUserObject(com.pogeyan.cmis.api.auth.IUserObject)

Aggregations

IUserObject (com.pogeyan.cmis.api.auth.IUserObject)2 ActorRef (akka.actor.ActorRef)1 ActorSystem (akka.actor.ActorSystem)1 BaseMessage (com.pogeyan.cmis.api.BaseMessage)1 IAuthService (com.pogeyan.cmis.api.auth.IAuthService)1 LoginRequestObject (com.pogeyan.cmis.api.auth.LoginRequestObject)1 LoginResponse (com.pogeyan.cmis.api.messages.LoginResponse)1 IOException (java.io.IOException)1 UnsupportedEncodingException (java.io.UnsupportedEncodingException)1 AsyncContext (javax.servlet.AsyncContext)1 ServletException (javax.servlet.ServletException)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1 CmisNotSupportedException (org.apache.chemistry.opencmis.commons.exceptions.CmisNotSupportedException)1 CmisPermissionDeniedException (org.apache.chemistry.opencmis.commons.exceptions.CmisPermissionDeniedException)1 CmisUnauthorizedException (org.apache.chemistry.opencmis.commons.exceptions.CmisUnauthorizedException)1