Search in sources :

Example 1 with Credential

use of lucee.runtime.security.Credential in project Lucee by lucee.

the class Login method doStartTag.

@Override
public int doStartTag() throws PageException {
    ApplicationContext ac = pageContext.getApplicationContext();
    ac.setSecuritySettings(applicationtoken, cookiedomain, idletimeout);
    Credential remoteUser = pageContext.getRemoteUser();
    if (remoteUser == null) {
        // Form
        Object name = pageContext.formScope().get("j_username", null);
        Object password = pageContext.formScope().get("j_password", null);
        if (name != null) {
            setCFLogin(name, password);
            return EVAL_BODY_INCLUDE;
        }
        // Header
        String strAuth = pageContext.getHttpServletRequest().getHeader("authorization");
        if (strAuth != null) {
            int pos = strAuth.indexOf(' ');
            if (pos != -1) {
                String format = strAuth.substring(0, pos).toLowerCase();
                if (format.equals("basic")) {
                    String encoded = strAuth.substring(pos + 1);
                    String dec;
                    try {
                        dec = Base64Coder.decodeToString(encoded, "UTF-8");
                    } catch (IOException e) {
                        throw Caster.toPageException(e);
                    }
                    // print.ln("encoded:"+encoded);
                    // print.ln("decoded:"+Base64Util.decodeBase64(encoded));
                    Array arr = ListUtil.listToArray(dec, ":");
                    if (arr.size() < 3) {
                        if (arr.size() == 1)
                            setCFLogin(arr.get(1, null), "");
                        else
                            setCFLogin(arr.get(1, null), arr.get(2, null));
                    }
                }
            }
        }
        return EVAL_BODY_INCLUDE;
    }
    return SKIP_BODY;
}
Also used : Array(lucee.runtime.type.Array) ApplicationContext(lucee.runtime.listener.ApplicationContext) Credential(lucee.runtime.security.Credential) IOException(java.io.IOException)

Example 2 with Credential

use of lucee.runtime.security.Credential in project Lucee by lucee.

the class IsUserInRole method call.

public static boolean call(PageContext pc, Object object) throws PageException {
    String[] givenRoles = CredentialImpl.toRole(object);
    Credential ru = pc.getRemoteUser();
    if (ru == null)
        return false;
    String[] roles = ru.getRoles();
    for (int i = 0; i < roles.length; i++) {
        for (int y = 0; y < givenRoles.length; y++) {
            if (roles[i].equalsIgnoreCase(givenRoles[y]))
                return true;
        }
    }
    return false;
}
Also used : Credential(lucee.runtime.security.Credential)

Aggregations

Credential (lucee.runtime.security.Credential)2 IOException (java.io.IOException)1 ApplicationContext (lucee.runtime.listener.ApplicationContext)1 Array (lucee.runtime.type.Array)1