Examples with GuestCredentials javax.jcr.GuestCredentials used on opensource projects

Example 1 with GuestCredentials

use of javax.jcr.GuestCredentials in project jackrabbit by apache.

the class BasicCredentialsProvider method getCredentials.

/**
     * {@inheritDoc}
     *
     * Build a {@link Credentials} object for the given authorization header.
     * The creds may be used to login to the repository. If the specified header
     * string is <code>null</code> the behaviour depends on the
     * {@link #defaultHeaderValue} field:<br>
     * <ul>
     * <li> if this field is <code>null</code>, a LoginException is thrown.
     *      This is suitable for clients (eg. webdav clients) for with
     *      sending a proper authorization header is not possible, if the
     *      server never send a 401.
     * <li> if this an empty string, null-credentials are returned, thus
     *      forcing an null login on the repository
     * <li> if this field has a 'user:password' value, the respective
     *      simple credentials are generated.
     * </ul>
     * <p>
     * If the request header is present but cannot be parsed a
     * <code>ServletException</code> is thrown.
     *
     * @param request the servlet request
     * @return credentials or <code>null</code>.
     * @throws ServletException If the Authorization header cannot be decoded.
     * @throws LoginException if no suitable auth header and missing-auth-mapping
     *         is not present
     */
public Credentials getCredentials(HttpServletRequest request) throws LoginException, ServletException {
    try {
        String authHeader = request.getHeader(DavConstants.HEADER_AUTHORIZATION);
        if (authHeader != null) {
            String[] authStr = authHeader.split(" ");
            if (authStr.length >= 2 && authStr[0].equalsIgnoreCase(HttpServletRequest.BASIC_AUTH)) {
                ByteArrayOutputStream out = new ByteArrayOutputStream();
                Base64.decode(authStr[1].toCharArray(), out);
                String decAuthStr = out.toString("ISO-8859-1");
                int pos = decAuthStr.indexOf(':');
                String userid = decAuthStr.substring(0, pos);
                String passwd = decAuthStr.substring(pos + 1);
                return new SimpleCredentials(userid, passwd.toCharArray());
            }
            throw new ServletException("Unable to decode authorization.");
        } else {
            // check special handling
            if (defaultHeaderValue == null) {
                throw new LoginException();
            } else if (EMPTY_DEFAULT_HEADER_VALUE.equals(defaultHeaderValue)) {
                return null;
            } else if (GUEST_DEFAULT_HEADER_VALUE.equals(defaultHeaderValue)) {
                return new GuestCredentials();
            } else {
                int pos = defaultHeaderValue.indexOf(':');
                if (pos < 0) {
                    return new SimpleCredentials(defaultHeaderValue, new char[0]);
                } else {
                    return new SimpleCredentials(defaultHeaderValue.substring(0, pos), defaultHeaderValue.substring(pos + 1).toCharArray());
                }
            }
        }
    } catch (IOException e) {
        throw new ServletException("Unable to decode authorization: " + e.toString());
    }
}

Example 2 with GuestCredentials

use of javax.jcr.GuestCredentials in project jackrabbit-oak by apache.

the class CustomCredentialsSupportTest method testLoginWithUnsupportedCredentials.

@Test
public void testLoginWithUnsupportedCredentials() throws Exception {
    List<Credentials> creds = ImmutableList.of(new SimpleCredentials("testUser", new char[0]), new GuestCredentials());
    for (Credentials c : creds) {
        try {
            login(c).close();
            fail("login must fail for credentials " + c);
        } catch (LoginException e) {
        // success
        }
    }
}

Example 3 with GuestCredentials

use of javax.jcr.GuestCredentials in project jackrabbit-oak by apache.

the class DefaultLdapLoginModuleTest method testGuestLogin.

/**
     * Login with {@link javax.jcr.GuestCredentials} must succeed and result in
     * an guest session as the SUFFICIENT
     * {@link org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl}
     * handles the guest login (in contrast to the ExternalLoginModule).
     *
     * @throws Exception
     */
@Test
public void testGuestLogin() throws Exception {
    ContentSession cs = login(new GuestCredentials());
    assertEquals(UserConstants.DEFAULT_ANONYMOUS_ID, cs.getAuthInfo().getUserID());
    cs.close();
}

Example 4 with GuestCredentials

use of javax.jcr.GuestCredentials in project jackrabbit-oak by apache.

the class LdapDefaultLoginModuleTest method testGuestLogin.

/**
     * Login with {@link javax.jcr.GuestCredentials} must succeed and result in
     * an guest session as the SUFFICIENT
     * {@link org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl}
     * handles the guest login (in contrast to the ExternalLoginModule).
     *
     * @throws Exception
     */
@Test
public void testGuestLogin() throws Exception {
    ContentSession cs = login(new GuestCredentials());
    assertEquals(UserConstants.DEFAULT_ANONYMOUS_ID, cs.getAuthInfo().getUserID());
    cs.close();
}

Example 5 with GuestCredentials

use of javax.jcr.GuestCredentials in project jackrabbit-oak by apache.

the class LdapLoginStandaloneTest method testGuestLogin.

@Test
public void testGuestLogin() throws Exception {
    try {
        ContentSession sc = login(new GuestCredentials());
        sc.close();
        fail("Guest login must fail.");
    } catch (LoginException e) {
    // success
    }
}