use of nl.uva.cs.lobcder.auth.AuthTicket in project lobcder by skoulouzis.
the class WorkerServlet method authenticate.
private void authenticate(HttpServletRequest request, HttpServletResponse response) throws UnsupportedEncodingException, IOException, NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException {
final HttpServletRequest httpRequest = (HttpServletRequest) request;
final HttpServletResponse httpResponse = (HttpServletResponse) response;
final String autheader = httpRequest.getHeader("Authorization");
if (autheader != null) {
final int index = autheader.indexOf(' ');
if (index > 0) {
final String credentials = new String(Base64.decodeBase64(autheader.substring(index).getBytes()), "UTF8");
// final String credentials = new String(Base64.decodeBase64(autheader.substring(index)), "UTF8");
final String uname = credentials.substring(0, credentials.indexOf(":"));
final String token = credentials.substring(credentials.indexOf(":") + 1);
double start = System.currentTimeMillis();
AuthTicket a = new AuthTicket();
MyPrincipal principal = a.checkToken(uname, token);
String method = ((HttpServletRequest) httpRequest).getMethod();
StringBuffer reqURL = ((HttpServletRequest) httpRequest).getRequestURL();
double elapsed = System.currentTimeMillis() - start;
String userAgent = ((HttpServletRequest) httpRequest).getHeader("User-Agent");
String from = ((HttpServletRequest) httpRequest).getRemoteAddr();
// String user = ((HttpServletRequest) httpRequest).getRemoteUser();
int contentLen = ((HttpServletRequest) httpRequest).getContentLength();
String contentType = ((HttpServletRequest) httpRequest).getContentType();
String authorizationHeader = ((HttpServletRequest) httpRequest).getHeader("authorization");
String userNpasswd = "";
if (authorizationHeader != null) {
userNpasswd = authorizationHeader.split("Basic ")[1];
}
String queryString = ((HttpServletRequest) httpRequest).getQueryString();
if (principal != null) {
httpRequest.setAttribute("myprincipal", principal);
return;
}
}
}
String _realm = "SECRET";
httpResponse.setHeader("WWW-Authenticate", "Basic realm=\"" + _realm + "\"");
httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
}
Aggregations