Search in sources :

Example 1 with AuthenticationCredentials

use of org.platformlayer.model.AuthenticationCredentials in project platformlayer by platformlayer.

the class AuthenticationFilter method findCredentials.

protected AuthenticationCredentials findCredentials(HttpServletRequest httpRequest) throws Exception {
    final String authToken = httpRequest.getHeader("X-Auth-Token");
    if (authToken != null) {
        AuthenticationCredentials creds = new PlatformLayerAuthenticationCredentials(authToken);
        return creds;
    }
    X509Certificate[] certChain = (X509Certificate[]) httpRequest.getAttribute("javax.servlet.request.X509Certificate");
    if (certChain != null && certChain.length != 0) {
        AuthenticationCredentials creds = new CertificateAuthenticationCredentials(certChain);
        return creds;
    }
    return null;
}
Also used : AuthenticationCredentials(org.platformlayer.model.AuthenticationCredentials) X509Certificate(java.security.cert.X509Certificate)

Example 2 with AuthenticationCredentials

use of org.platformlayer.model.AuthenticationCredentials in project platformlayer by platformlayer.

the class OpsAuthenticationFilter method doFilter.

@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
    Scope authenticatedScope = Scope.inherit();
    // Fail safe
    authenticatedScope.put(AuthenticationCredentials.class, null);
    if (servletRequest instanceof HttpServletRequest) {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        try {
            AuthenticationCredentials credentials = findCredentials(httpServletRequest);
            // if (authenticated == null) {
            // httpServletResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
            // return;
            // } else {
            // populateScope(authenticatedScope, authenticated);
            // }
            authenticatedScope.put(AuthenticationCredentials.class, credentials);
        } catch (SecurityException e) {
            httpServletResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        } catch (Exception e) {
            // If we're down, don't tell the user that their password is wrong
            log.warn("Unexpected error in authentication filter", e);
            httpServletResponse.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
            return;
        }
    }
    authenticatedScope.push();
    try {
        filterChain.doFilter(servletRequest, servletResponse);
    } finally {
        authenticatedScope.pop();
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) AuthenticationCredentials(org.platformlayer.model.AuthenticationCredentials) Scope(org.platformlayer.Scope) HttpServletResponse(javax.servlet.http.HttpServletResponse) ServletException(javax.servlet.ServletException) IOException(java.io.IOException)

Example 3 with AuthenticationCredentials

use of org.platformlayer.model.AuthenticationCredentials in project platformlayer by platformlayer.

the class OpsAuthenticationFilter method findCredentials.

// protected void populateScope(Scope authenticatedScope, Authentication auth) throws Exception {
// authenticatedScope.put(Authentication.class, auth);
//
// OpsProject project;
// OpsUser user = null;
// if (auth instanceof DirectAuthentication) {
// project = ((DirectAuthentication) auth).getOpsProject();
// if (project == null) {
// throw new IllegalStateException();
// }
// } else {
// KeystoneUser keystoneUser = new KeystoneUser((KeystoneUserAuthentication) auth);
// user = keystoneUser;
//
// // String projectKey = auth.getProject().getName();
// // project = authenticationService.findProject(user, projectKey);
// //
// // if (project == null) {
// // log.warn("Project not found: " + projectKey);
// // throw new SecurityException();
// // }
// }
//
// OpsAuthentication opsAuthentication = new OpsAuthentication(auth, user, project);
//
// authenticatedScope.put(OpsAuthentication.class, opsAuthentication);
// }
protected AuthenticationCredentials findCredentials(HttpServletRequest httpRequest) throws Exception {
    AuthenticationCredentials creds = null;
    final String authToken = httpRequest.getHeader("X-Auth-Token");
    if (authToken != null) {
        creds = new AuthenticationCredentials() {

            @Override
            public AuthenticationToken getToken() {
                return new PlatformlayerAuthenticationToken(authToken);
            }
        };
    }
    if (creds == null) {
        // Direct authentication
        // TODO: Enforce SSL?
        String authKey = httpRequest.getHeader("X-Auth-Key");
        String authSecret = httpRequest.getHeader("X-Auth-Secret");
        if (authKey != null && authSecret != null) {
            creds = DirectAuthentication.build(authKey, authSecret);
        }
    }
    return creds;
}
Also used : AuthenticationCredentials(org.platformlayer.model.AuthenticationCredentials) PlatformlayerAuthenticationToken(org.platformlayer.auth.PlatformlayerAuthenticationToken) AuthenticationToken(org.platformlayer.auth.AuthenticationToken) PlatformlayerAuthenticationToken(org.platformlayer.auth.PlatformlayerAuthenticationToken)

Example 4 with AuthenticationCredentials

use of org.platformlayer.model.AuthenticationCredentials in project platformlayer by platformlayer.

the class AuthenticationFilter method doFilter.

@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
    Scope authenticatedScope = Scope.empty();
    // Fail safe
    authenticatedScope.put(AuthenticationCredentials.class, null);
    if (servletRequest instanceof HttpServletRequest) {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        try {
            AuthenticationCredentials credentials = findCredentials(httpServletRequest);
            authenticatedScope.put(AuthenticationCredentials.class, credentials);
        } catch (SecurityException e) {
            httpServletResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
            return;
        } catch (Exception e) {
            // If we're down, don't tell the user that their password is wrong
            log.warn("Unexpected error in authentication filter", e);
            httpServletResponse.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
            return;
        }
    }
    authenticatedScope.push();
    try {
        filterChain.doFilter(servletRequest, servletResponse);
    } finally {
        authenticatedScope.pop();
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) AuthenticationCredentials(org.platformlayer.model.AuthenticationCredentials) Scope(org.platformlayer.Scope) HttpServletResponse(javax.servlet.http.HttpServletResponse) ServletException(javax.servlet.ServletException) IOException(java.io.IOException)

Aggregations

AuthenticationCredentials (org.platformlayer.model.AuthenticationCredentials)4 IOException (java.io.IOException)2 ServletException (javax.servlet.ServletException)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 HttpServletResponse (javax.servlet.http.HttpServletResponse)2 Scope (org.platformlayer.Scope)2 X509Certificate (java.security.cert.X509Certificate)1 AuthenticationToken (org.platformlayer.auth.AuthenticationToken)1 PlatformlayerAuthenticationToken (org.platformlayer.auth.PlatformlayerAuthenticationToken)1