use of lucee.runtime.security.Credential in project Lucee by lucee.
the class Login method doStartTag.
@Override
public int doStartTag() throws PageException {
ApplicationContext ac = pageContext.getApplicationContext();
ac.setSecuritySettings(applicationtoken, cookiedomain, idletimeout);
Credential remoteUser = pageContext.getRemoteUser();
if (remoteUser == null) {
// Form
Object name = pageContext.formScope().get("j_username", null);
Object password = pageContext.formScope().get("j_password", null);
if (name != null) {
setCFLogin(name, password);
return EVAL_BODY_INCLUDE;
}
// Header
String strAuth = pageContext.getHttpServletRequest().getHeader("authorization");
if (strAuth != null) {
int pos = strAuth.indexOf(' ');
if (pos != -1) {
String format = strAuth.substring(0, pos).toLowerCase();
if (format.equals("basic")) {
String encoded = strAuth.substring(pos + 1);
String dec;
try {
dec = Base64Coder.decodeToString(encoded, "UTF-8");
} catch (IOException e) {
throw Caster.toPageException(e);
}
// print.ln("encoded:"+encoded);
// print.ln("decoded:"+Base64Util.decodeBase64(encoded));
Array arr = ListUtil.listToArray(dec, ":");
if (arr.size() < 3) {
if (arr.size() == 1)
setCFLogin(arr.get(1, null), "");
else
setCFLogin(arr.get(1, null), arr.get(2, null));
}
}
}
}
return EVAL_BODY_INCLUDE;
}
return SKIP_BODY;
}
use of lucee.runtime.security.Credential in project Lucee by lucee.
the class IsUserInRole method call.
public static boolean call(PageContext pc, Object object) throws PageException {
String[] givenRoles = CredentialImpl.toRole(object);
Credential ru = pc.getRemoteUser();
if (ru == null)
return false;
String[] roles = ru.getRoles();
for (int i = 0; i < roles.length; i++) {
for (int y = 0; y < givenRoles.length; y++) {
if (roles[i].equalsIgnoreCase(givenRoles[y]))
return true;
}
}
return false;
}
Aggregations