Examples with MyPrincipal - nl.uva.cs.lobcder.auth.MyPrincipal

Example 36 with MyPrincipal

use of nl.uva.cs.lobcder.auth.MyPrincipal in project lobcder by skoulouzis.

the class DRIDataResource method setChecksum.

/**
 * Sets checksum property for an item
 *
 * @param uid the resource's id
 * @param checksum the checksum. This value is not check if it's correct by
 * lobcder
 */
@Path("{uid}/checksum/{checksum}/")
@PUT
public void setChecksum(@PathParam("uid") Long uid, @PathParam("checksum") String checksum) {
    try (Connection cn = catalogue.getConnection()) {
        try {
            LogicalData res = catalogue.getLogicalDataByUid(uid, cn);
            if (res == null) {
                throw new WebApplicationException(Response.Status.NOT_FOUND);
            }
            MyPrincipal mp = (MyPrincipal) request.getAttribute("myprincipal");
            Permissions p = catalogue.getPermissions(uid, res.getOwner(), cn);
            if (!mp.canWrite(p)) {
                throw new WebApplicationException(Response.Status.UNAUTHORIZED);
            }
            catalogue.setFileChecksum(uid, checksum, cn);
            cn.commit();
        } catch (SQLException ex) {
            Logger.getLogger(DRIDataResource.class.getName()).log(Level.SEVERE, null, ex);
            cn.rollback();
            throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
        }
    } catch (SQLException ex) {
        Logger.getLogger(DRIDataResource.class.getName()).log(Level.SEVERE, null, ex);
        throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
    }
}

Also used : LogicalData(nl.uva.cs.lobcder.resources.LogicalData) MyPrincipal(nl.uva.cs.lobcder.auth.MyPrincipal) SQLException(java.sql.SQLException) Connection(java.sql.Connection) Permissions(nl.uva.cs.lobcder.auth.Permissions)

Example 37 with MyPrincipal

use of nl.uva.cs.lobcder.auth.MyPrincipal in project lobcder by skoulouzis.

the class WorkerServlet method authenticate.

private void authenticate(HttpServletRequest request, HttpServletResponse response) throws UnsupportedEncodingException, IOException, NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException {
    final HttpServletRequest httpRequest = (HttpServletRequest) request;
    final HttpServletResponse httpResponse = (HttpServletResponse) response;
    final String autheader = httpRequest.getHeader("Authorization");
    if (autheader != null) {
        final int index = autheader.indexOf(' ');
        if (index > 0) {
            final String credentials = new String(Base64.decodeBase64(autheader.substring(index).getBytes()), "UTF8");
            // final String credentials = new String(Base64.decodeBase64(autheader.substring(index)), "UTF8");
            final String uname = credentials.substring(0, credentials.indexOf(":"));
            final String token = credentials.substring(credentials.indexOf(":") + 1);
            double start = System.currentTimeMillis();
            AuthTicket a = new AuthTicket();
            MyPrincipal principal = a.checkToken(uname, token);
            String method = ((HttpServletRequest) httpRequest).getMethod();
            StringBuffer reqURL = ((HttpServletRequest) httpRequest).getRequestURL();
            double elapsed = System.currentTimeMillis() - start;
            String userAgent = ((HttpServletRequest) httpRequest).getHeader("User-Agent");
            String from = ((HttpServletRequest) httpRequest).getRemoteAddr();
            // String user = ((HttpServletRequest) httpRequest).getRemoteUser();
            int contentLen = ((HttpServletRequest) httpRequest).getContentLength();
            String contentType = ((HttpServletRequest) httpRequest).getContentType();
            String authorizationHeader = ((HttpServletRequest) httpRequest).getHeader("authorization");
            String userNpasswd = "";
            if (authorizationHeader != null) {
                userNpasswd = authorizationHeader.split("Basic ")[1];
            }
            String queryString = ((HttpServletRequest) httpRequest).getQueryString();
            if (principal != null) {
                httpRequest.setAttribute("myprincipal", principal);
                return;
            }
        }
    }
    String _realm = "SECRET";
    httpResponse.setHeader("WWW-Authenticate", "Basic realm=\"" + _realm + "\"");
    httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
}

Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) MyPrincipal(nl.uva.cs.lobcder.auth.MyPrincipal) HttpServletResponse(javax.servlet.http.HttpServletResponse) AuthTicket(nl.uva.cs.lobcder.auth.AuthTicket)

Aggregations

MyPrincipal (nl.uva.cs.lobcder.auth.MyPrincipal)37 Connection (java.sql.Connection)23 SQLException (java.sql.SQLException)22 Permissions (nl.uva.cs.lobcder.auth.Permissions)20 LogicalData (nl.uva.cs.lobcder.resources.LogicalData)20 Path (javax.ws.rs.Path)11 ArrayList (java.util.ArrayList)8 GET (javax.ws.rs.GET)8 Produces (javax.ws.rs.Produces)7 WebApplicationException (javax.ws.rs.WebApplicationException)5 PreparedStatement (java.sql.PreparedStatement)4 Stack (java.util.Stack)4 ResultSet (java.sql.ResultSet)3 Date (java.util.Date)3 HashSet (java.util.HashSet)3 Consumes (javax.ws.rs.Consumes)3 PUT (javax.ws.rs.PUT)3 JAXBElement (javax.xml.bind.JAXBElement)3 QName (javax.xml.namespace.QName)3 PDRIDescr (nl.uva.cs.lobcder.resources.PDRIDescr)3