use of org.apache.chemistry.opencmis.commons.exceptions.CmisUnauthorizedException in project copper-cms by PogeyanOSS.
the class AkkaCmisBrowserBindingServlet method service.
@Override
protected void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
try {
final ActorSystem system = (ActorSystem) request.getServletContext().getAttribute("ActorSystem");
// CSRF token check
String method = request.getMethod();
if (!METHOD_GET.equals(method) && !METHOD_HEAD.equals(method)) {
checkCsrfToken(request, response, false, false);
}
// set default headers
response.addHeader("Cache-Control", "private, max-age=0");
response.addHeader("Server", ServerVersion.OPENCMIS_SERVER);
// split path
String[] pathFragments = HttpUtils.splitPath(request);
final AsyncContext ctx = request.startAsync(request, response);
if (Helpers.isPerfMode()) {
MetricsInputs.get().getCounter("counter_requests_total").inc();
}
if (pathFragments != null && pathFragments.length > 0 && StringUtils.isBlank(pathFragments[0])) {
BaseMessage bm = gettingBaseMessage(method, pathFragments, null, request, response);
if (bm != null) {
// create actor on-the-fly
ActorRef servletActor = system.actorOf(Props.create(ServletActor.class, ctx));
servletActor.tell(bm, ActorRef.noSender());
} else {
throw new CmisNotSupportedException("Unsupported method");
}
} else {
this.verifyLogin(request, pathFragments, system, (s) -> {
try {
IUserObject loginSession = (IUserObject) s;
BaseMessage bm = gettingBaseMessage(method, pathFragments, loginSession, request, response);
if (bm != null) {
// create actor on-the-fly
ActorRef servletActor = system.actorOf(Props.create(ServletActor.class, ctx));
servletActor.tell(bm, ActorRef.noSender());
} else {
throw new CmisNotSupportedException("Unsupported method");
}
} catch (Exception e1) {
MetricsInputs.markBindingServletErrorMeter();
LOG.error("Service execution exception: {}, stack: {}", e1.getMessage(), ExceptionUtils.getStackTrace(e1));
ServletHelpers.printError(e1, request, response);
}
}, (err) -> {
HttpServletResponse asyncResponse = (HttpServletResponse) ctx.getResponse();
asyncResponse.setHeader("WWW-Authenticate", "Basic realm=\"CMIS\", charset=\"UTF-8\"");
try {
asyncResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Authorization Required");
} catch (Exception e1) {
MetricsInputs.markBindingServletErrorMeter();
ServletHelpers.printError(e1, (HttpServletRequest) ctx.getRequest(), asyncResponse);
}
ctx.complete();
});
}
} catch (Exception e) {
MetricsInputs.markBindingServletErrorMeter();
if (e instanceof CmisUnauthorizedException) {
response.setHeader("WWW-Authenticate", "Basic realm=\"CMIS\", charset=\"UTF-8\"");
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Authorization Required");
} else if (e instanceof CmisPermissionDeniedException) {
response.setHeader("WWW-Authenticate", "Basic realm=\"CMIS\", charset=\"UTF-8\"");
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Authorization Required");
} else {
ServletHelpers.printError(e, request, response);
}
} finally {
// in any case close the content stream if one has been provided
// if (request instanceof POSTHttpServletRequestWrapper) {
// InputStream stream = ((POSTHttpServletRequestWrapper)
// request).getStream();
// if (stream != null) {
// try {
// stream.close();
// } catch (IOException e) {
// LOG.error("Could not close POST stream: {}", e.toString(), e);
// }
// }
// }
// // we are done.
// try {
// response.flushBuffer();
// } catch (IOException ioe) {
// LOG.error("Could not flush resposne: {}", ioe.toString(), ioe);
// }
}
}
use of org.apache.chemistry.opencmis.commons.exceptions.CmisUnauthorizedException in project structr by structr.
the class StructrCMISServicesFactory method checkAuthentication.
// ----- private methods -----
private SecurityContext checkAuthentication(final CallContext callContext) {
final App app = StructrApp.getInstance();
try (final Tx tx = app.tx()) {
final String username = callContext.getUsername();
final String password = callContext.getPassword();
final Principal principal = AuthHelper.getPrincipalForPassword(Principal.name, username, password);
SecurityContext securityContext = null;
if (principal != null) {
if (principal instanceof SuperUser) {
securityContext = SecurityContext.getSuperUserInstance();
} else {
securityContext = SecurityContext.getInstance(principal, AccessMode.Backend);
}
}
tx.success();
if (securityContext != null) {
return securityContext;
}
} catch (AuthenticationException aex) {
throw new CmisUnauthorizedException(aex.getMessage());
} catch (FrameworkException fex) {
logger.warn("", fex);
}
throw new CmisUnauthorizedException();
}
Aggregations