You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2017/01/27 13:25:34 UTC
cxf git commit: [CXF-6962] Optional use of ISO-8859-1 when processing
BasicAuth
Repository: cxf
Updated Branches:
refs/heads/master 99f5296bf -> 7da059f88
[CXF-6962] Optional use of ISO-8859-1 when processing BasicAuth
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/7da059f8
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/7da059f8
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/7da059f8
Branch: refs/heads/master
Commit: 7da059f88edc30c9474763e47640a9a53a3e3743
Parents: 99f5296
Author: Sergey Beryozkin <sb...@gmail.com>
Authored: Fri Jan 27 13:25:18 2017 +0000
Committer: Sergey Beryozkin <sb...@gmail.com>
Committed: Fri Jan 27 13:25:18 2017 +0000
----------------------------------------------------------------------
.../cxf/transport/http/AbstractHTTPDestination.java | 12 +++++++++++-
.../http/auth/DefaultBasicAuthSupplier.java | 15 +++++++++++++--
2 files changed, 24 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/7da059f8/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
----------------------------------------------------------------------
diff --git a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
index d1e956f..e6ab823 100644
--- a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
+++ b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
@@ -25,6 +25,7 @@ import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.ServerSocket;
import java.net.URL;
+import java.nio.charset.StandardCharsets;
import java.security.Principal;
import java.util.Arrays;
import java.util.Collection;
@@ -45,6 +46,7 @@ import org.apache.cxf.attachment.AttachmentDataSource;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.common.util.Base64Exception;
import org.apache.cxf.common.util.Base64Utility;
+import org.apache.cxf.common.util.PropertyUtils;
import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.configuration.Configurable;
import org.apache.cxf.configuration.security.AuthorizationPolicy;
@@ -105,6 +107,8 @@ public abstract class AbstractHTTPDestination
private static final String SSL_CIPHER_SUITE_ATTRIBUTE = "javax.servlet.request.cipher_suite";
private static final String SSL_PEER_CERT_CHAIN_ATTRIBUTE = "javax.servlet.request.X509Certificate";
+ private static final String DECODE_BASIC_AUTH_WITH_ISO8859 = "decode.basicauth.with.iso8859";
+
private static final Logger LOG = LogUtils.getL7dLogger(AbstractHTTPDestination.class);
protected final Bus bus;
@@ -118,6 +122,7 @@ public abstract class AbstractHTTPDestination
protected boolean multiplexWithAddress;
protected CertConstraints certConstraints;
protected boolean isServlet3;
+ protected boolean decodeBasicAuthWithIso8859;
protected ContinuationProviderFactory cproviderFactory;
protected boolean enableWebSocket;
@@ -148,6 +153,7 @@ public abstract class AbstractHTTPDestination
} catch (Throwable t) {
//servlet 2.5 or earlier, no async support
}
+ decodeBasicAuthWithIso8859 = PropertyUtils.isTrue(bus.getProperty(DECODE_BASIC_AUTH_WITH_ISO8859));
initConfig();
}
@@ -165,7 +171,11 @@ public abstract class AbstractHTTPDestination
if ("Basic".equals(authType) && creds.size() == 2) {
String authEncoded = creds.get(1);
try {
- String authDecoded = new String(Base64Utility.decode(authEncoded));
+ byte[] authBytes = Base64Utility.decode(authEncoded);
+
+ String authDecoded = decodeBasicAuthWithIso8859
+ ? new String(authBytes, StandardCharsets.ISO_8859_1) : new String(authBytes);
+
int idx = authDecoded.indexOf(':');
String username = null;
String password = null;
http://git-wip-us.apache.org/repos/asf/cxf/blob/7da059f8/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DefaultBasicAuthSupplier.java
----------------------------------------------------------------------
diff --git a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DefaultBasicAuthSupplier.java b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DefaultBasicAuthSupplier.java
index b6b4f72..8a9856f 100644
--- a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DefaultBasicAuthSupplier.java
+++ b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DefaultBasicAuthSupplier.java
@@ -19,12 +19,15 @@
package org.apache.cxf.transport.http.auth;
import java.net.URI;
+import java.nio.charset.StandardCharsets;
import org.apache.cxf.common.util.Base64Utility;
+import org.apache.cxf.common.util.PropertyUtils;
import org.apache.cxf.configuration.security.AuthorizationPolicy;
import org.apache.cxf.message.Message;
public final class DefaultBasicAuthSupplier implements HttpAuthSupplier {
+ private static final String ENCODE_BASIC_AUTH_WITH_ISO8859 = "encode.basicauth.with.iso8859";
public DefaultBasicAuthSupplier() {
super();
}
@@ -34,8 +37,13 @@ public final class DefaultBasicAuthSupplier implements HttpAuthSupplier {
}
public static String getBasicAuthHeader(String userName, String passwd) {
+ return getBasicAuthHeader(userName, passwd, false);
+ }
+
+ public static String getBasicAuthHeader(String userName, String passwd, boolean useIso8859) {
String userAndPass = userName + ":" + passwd;
- return "Basic " + Base64Utility.encode(userAndPass.getBytes());
+ byte[] authBytes = useIso8859 ? userAndPass.getBytes(StandardCharsets.ISO_8859_1) : userAndPass.getBytes();
+ return "Basic " + Base64Utility.encode(authBytes);
}
public String getAuthorization(AuthorizationPolicy authPolicy,
@@ -43,8 +51,11 @@ public final class DefaultBasicAuthSupplier implements HttpAuthSupplier {
Message message,
String fullHeader) {
if (authPolicy.getUserName() != null && authPolicy.getPassword() != null) {
+ boolean encodeBasicAuthWithIso8859 = PropertyUtils.isTrue(
+ message.getContextualProperty(ENCODE_BASIC_AUTH_WITH_ISO8859));
return getBasicAuthHeader(authPolicy.getUserName(),
- authPolicy.getPassword());
+ authPolicy.getPassword(),
+ encodeBasicAuthWithIso8859);
} else {
return null;
}