Search in sources :

Example 16 with ServerAuthException

use of org.eclipse.jetty.security.ServerAuthException in project blade by biezhi.

the class DeferredAuthentication method authenticate.

/* ------------------------------------------------------------ */
/**
     * @see Deferred#authenticate(ServletRequest, ServletResponse)
     */
@Override
public Authentication authenticate(ServletRequest request, ServletResponse response) {
    try {
        LoginService login_service = _authenticator.getLoginService();
        IdentityService identity_service = login_service.getIdentityService();
        Authentication authentication = _authenticator.validateRequest(request, response, true);
        if (authentication instanceof User && identity_service != null)
            _previousAssociation = identity_service.associate(((User) authentication).getUserIdentity());
        return authentication;
    } catch (ServerAuthException e) {
        LOG.debug(e);
    }
    return this;
}
Also used : IdentityService(org.eclipse.jetty.security.IdentityService) UserAuthentication(org.eclipse.jetty.security.UserAuthentication) Authentication(org.eclipse.jetty.server.Authentication) ServerAuthException(org.eclipse.jetty.security.ServerAuthException) LoginService(org.eclipse.jetty.security.LoginService)

Example 17 with ServerAuthException

use of org.eclipse.jetty.security.ServerAuthException in project blade by biezhi.

the class DigestAuthenticator method validateRequest.

@Override
public Authentication validateRequest(ServletRequest req, ServletResponse res, boolean mandatory) throws ServerAuthException {
    if (!mandatory)
        return new DeferredAuthentication(this);
    HttpServletRequest request = (HttpServletRequest) req;
    HttpServletResponse response = (HttpServletResponse) res;
    String credentials = request.getHeader(HttpHeader.AUTHORIZATION.asString());
    try {
        boolean stale = false;
        if (credentials != null) {
            if (LOG.isDebugEnabled())
                LOG.debug("Credentials: " + credentials);
            QuotedStringTokenizer tokenizer = new QuotedStringTokenizer(credentials, "=, ", true, false);
            final Digest digest = new Digest(request.getMethod());
            String last = null;
            String name = null;
            while (tokenizer.hasMoreTokens()) {
                String tok = tokenizer.nextToken();
                char c = (tok.length() == 1) ? tok.charAt(0) : '\0';
                switch(c) {
                    case '=':
                        name = last;
                        last = tok;
                        break;
                    case ',':
                        name = null;
                        break;
                    case ' ':
                        break;
                    default:
                        last = tok;
                        if (name != null) {
                            if ("username".equalsIgnoreCase(name))
                                digest.username = tok;
                            else if ("realm".equalsIgnoreCase(name))
                                digest.realm = tok;
                            else if ("nonce".equalsIgnoreCase(name))
                                digest.nonce = tok;
                            else if ("nc".equalsIgnoreCase(name))
                                digest.nc = tok;
                            else if ("cnonce".equalsIgnoreCase(name))
                                digest.cnonce = tok;
                            else if ("qop".equalsIgnoreCase(name))
                                digest.qop = tok;
                            else if ("uri".equalsIgnoreCase(name))
                                digest.uri = tok;
                            else if ("response".equalsIgnoreCase(name))
                                digest.response = tok;
                            name = null;
                        }
                }
            }
            int n = checkNonce(digest, (Request) request);
            if (n > 0) {
                //UserIdentity user = _loginService.login(digest.username,digest);
                UserIdentity user = login(digest.username, digest, req);
                if (user != null) {
                    return new UserAuthentication(getAuthMethod(), user);
                }
            } else if (n == 0)
                stale = true;
        }
        if (!DeferredAuthentication.isDeferred(response)) {
            String domain = request.getContextPath();
            if (domain == null)
                domain = "/";
            response.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), "Digest realm=\"" + _loginService.getName() + "\", domain=\"" + domain + "\", nonce=\"" + newNonce((Request) request) + "\", algorithm=MD5, qop=\"auth\"," + " stale=" + stale);
            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
            return Authentication.SEND_CONTINUE;
        }
        return Authentication.UNAUTHENTICATED;
    } catch (IOException e) {
        throw new ServerAuthException(e);
    }
}
Also used : MessageDigest(java.security.MessageDigest) UserIdentity(org.eclipse.jetty.server.UserIdentity) Request(org.eclipse.jetty.server.Request) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletRequest(javax.servlet.ServletRequest) HttpServletResponse(javax.servlet.http.HttpServletResponse) IOException(java.io.IOException) ServerAuthException(org.eclipse.jetty.security.ServerAuthException) UserAuthentication(org.eclipse.jetty.security.UserAuthentication) Constraint(org.eclipse.jetty.util.security.Constraint) HttpServletRequest(javax.servlet.http.HttpServletRequest) QuotedStringTokenizer(org.eclipse.jetty.util.QuotedStringTokenizer)

Aggregations

ServerAuthException (org.eclipse.jetty.security.ServerAuthException)17 UserAuthentication (org.eclipse.jetty.security.UserAuthentication)16 HttpServletRequest (javax.servlet.http.HttpServletRequest)12 HttpServletResponse (javax.servlet.http.HttpServletResponse)12 UserIdentity (org.eclipse.jetty.server.UserIdentity)12 IOException (java.io.IOException)10 Authentication (org.eclipse.jetty.server.Authentication)7 Constraint (org.eclipse.jetty.util.security.Constraint)6 ServletRequest (javax.servlet.ServletRequest)4 IdentityService (org.eclipse.jetty.security.IdentityService)4 LoginService (org.eclipse.jetty.security.LoginService)4 Request (org.eclipse.jetty.server.Request)4 Principal (java.security.Principal)3 HttpSession (javax.servlet.http.HttpSession)3 KeyStore (java.security.KeyStore)2 MessageDigest (java.security.MessageDigest)2 X509Certificate (java.security.cert.X509Certificate)2 AuthException (javax.security.auth.message.AuthException)2 AuthStatus (javax.security.auth.message.AuthStatus)2 ServerAuthContext (javax.security.auth.message.config.ServerAuthContext)2