use of com.sun.enterprise.security.auth.digest.impl.HttpAlgorithmParameterImpl in project Payara by payara.
the class RealmAdapter method authenticate.
/**
* This HttpServletRequest authenticate variant is primarily used by the DigestAuthenticator
*/
@Override
public Principal authenticate(HttpServletRequest httpServletRequest) {
try {
DigestAlgorithmParameter[] params = DigestParameterGenerator.getInstance(HTTP_DIGEST).generateParameters(new HttpAlgorithmParameterImpl(httpServletRequest));
Key key = null;
if (cnonces == null) {
String appName = webDescriptor.getApplication().getAppName();
synchronized (this) {
if (haCNonceCacheMap == null) {
haCNonceCacheMap = appCNonceCacheMapProvider.get();
}
if (haCNonceCacheMap != null) {
// get the initialized HA CNonceCache
cnonces = haCNonceCacheMap.get(appName);
}
if (cnonces == null) {
if (cNonceCacheFactory == null) {
cNonceCacheFactory = cNonceCacheFactoryProvider.get();
}
// create a Non-HA CNonce Cache
cnonces = cNonceCacheFactory.createCNonceCache(webDescriptor.getApplication().getAppName(), null, null, null);
}
}
}
String nc = null;
String cnonce = null;
for (DigestAlgorithmParameter p : params) {
if (p instanceof NestedDigestAlgoParamImpl) {
NestedDigestAlgoParamImpl np = (NestedDigestAlgoParamImpl) p;
DigestAlgorithmParameter[] nps = (DigestAlgorithmParameter[]) np.getNestedParams();
for (DigestAlgorithmParameter p1 : nps) {
if ("cnonce".equals(p1.getName())) {
cnonce = new String(p1.getValue());
} else if ("nc".equals(p1.getName())) {
nc = new String(p1.getValue());
}
if (cnonce != null && nc != null) {
break;
}
}
if (cnonce != null && nc != null) {
break;
}
}
if ("cnonce".equals(p.getName())) {
cnonce = new String(p.getValue());
} else if ("nc".equals(p.getName())) {
nc = new String(p.getValue());
}
}
long count;
long currentTime = System.currentTimeMillis();
try {
count = Long.parseLong(nc, 16);
} catch (NumberFormatException nfe) {
throw new RuntimeException(nfe);
}
NonceInfo info;
synchronized (cnonces) {
info = cnonces.get(cnonce);
}
if (info == null) {
info = new NonceInfo();
} else {
if (count <= info.getCount()) {
throw new RuntimeException("Invalid Request : Possible Replay Attack detected ?");
}
}
info.setCount(count);
info.setTimestamp(currentTime);
synchronized (cnonces) {
cnonces.put(cnonce, info);
}
for (int i = 0; i < params.length; i++) {
DigestAlgorithmParameter dap = params[i];
if (A1.equals(dap.getName()) && (dap instanceof Key)) {
key = (Key) dap;
break;
}
}
if (key != null) {
DigestCredentials creds = new DigestCredentials(realmName, key.getUsername(), params);
LoginContextDriver.login(creds);
return new WebPrincipal(creds.getUserName(), (char[]) null, SecurityContext.getCurrent());
}
throw new RuntimeException("No key found in parameters");
} catch (Exception le) {
if (logger.isLoggable(WARNING)) {
logger.log(WARNING, "web.login.failed", le.toString());
}
}
return null;
}
Aggregations