use of org.eclipse.jetty.security.ServerAuthException in project blade by biezhi.
the class DeferredAuthentication method authenticate.
/* ------------------------------------------------------------ */
/**
* @see Deferred#authenticate(ServletRequest, ServletResponse)
*/
@Override
public Authentication authenticate(ServletRequest request, ServletResponse response) {
try {
LoginService login_service = _authenticator.getLoginService();
IdentityService identity_service = login_service.getIdentityService();
Authentication authentication = _authenticator.validateRequest(request, response, true);
if (authentication instanceof User && identity_service != null)
_previousAssociation = identity_service.associate(((User) authentication).getUserIdentity());
return authentication;
} catch (ServerAuthException e) {
LOG.debug(e);
}
return this;
}
use of org.eclipse.jetty.security.ServerAuthException in project blade by biezhi.
the class DigestAuthenticator method validateRequest.
@Override
public Authentication validateRequest(ServletRequest req, ServletResponse res, boolean mandatory) throws ServerAuthException {
if (!mandatory)
return new DeferredAuthentication(this);
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
String credentials = request.getHeader(HttpHeader.AUTHORIZATION.asString());
try {
boolean stale = false;
if (credentials != null) {
if (LOG.isDebugEnabled())
LOG.debug("Credentials: " + credentials);
QuotedStringTokenizer tokenizer = new QuotedStringTokenizer(credentials, "=, ", true, false);
final Digest digest = new Digest(request.getMethod());
String last = null;
String name = null;
while (tokenizer.hasMoreTokens()) {
String tok = tokenizer.nextToken();
char c = (tok.length() == 1) ? tok.charAt(0) : '\0';
switch(c) {
case '=':
name = last;
last = tok;
break;
case ',':
name = null;
break;
case ' ':
break;
default:
last = tok;
if (name != null) {
if ("username".equalsIgnoreCase(name))
digest.username = tok;
else if ("realm".equalsIgnoreCase(name))
digest.realm = tok;
else if ("nonce".equalsIgnoreCase(name))
digest.nonce = tok;
else if ("nc".equalsIgnoreCase(name))
digest.nc = tok;
else if ("cnonce".equalsIgnoreCase(name))
digest.cnonce = tok;
else if ("qop".equalsIgnoreCase(name))
digest.qop = tok;
else if ("uri".equalsIgnoreCase(name))
digest.uri = tok;
else if ("response".equalsIgnoreCase(name))
digest.response = tok;
name = null;
}
}
}
int n = checkNonce(digest, (Request) request);
if (n > 0) {
//UserIdentity user = _loginService.login(digest.username,digest);
UserIdentity user = login(digest.username, digest, req);
if (user != null) {
return new UserAuthentication(getAuthMethod(), user);
}
} else if (n == 0)
stale = true;
}
if (!DeferredAuthentication.isDeferred(response)) {
String domain = request.getContextPath();
if (domain == null)
domain = "/";
response.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), "Digest realm=\"" + _loginService.getName() + "\", domain=\"" + domain + "\", nonce=\"" + newNonce((Request) request) + "\", algorithm=MD5, qop=\"auth\"," + " stale=" + stale);
response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
return Authentication.SEND_CONTINUE;
}
return Authentication.UNAUTHENTICATED;
} catch (IOException e) {
throw new ServerAuthException(e);
}
}
Aggregations