You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by lq...@apache.org on 2016/02/01 16:44:41 UTC
svn commit: r1727960 - in /qpid/java/branches/6.0.x: ./
broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/
broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/
broker-plugins/ma...
Author: lquack
Date: Mon Feb 1 15:44:41 2016
New Revision: 1727960
URL: http://svn.apache.org/viewvc?rev=1727960&view=rev
Log:
QPID-7027: [Java Broker] Make HTTP Management interactive login pluggable
merged from trunk with:
svn merge -c 1727532 https://svn.apache.org/repos/asf/qpid/java/trunk
Added:
qpid/java/branches/6.0.x/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpRequestInteractiveAuthenticator.java
- copied unchanged from r1727532, qpid/java/trunk/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/HttpRequestInteractiveAuthenticator.java
qpid/java/branches/6.0.x/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/UsernamePasswordInteractiveLogin.java
- copied unchanged from r1727532, qpid/java/trunk/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/auth/UsernamePasswordInteractiveLogin.java
Modified:
qpid/java/branches/6.0.x/ (props changed)
qpid/java/branches/6.0.x/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/RedirectingAuthorisationFilter.java
Propchange: qpid/java/branches/6.0.x/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Mon Feb 1 15:44:41 2016
@@ -9,5 +9,5 @@
/qpid/branches/java-broker-vhost-refactor/java:1493674-1494547
/qpid/branches/java-network-refactor/qpid/java:805429-821809
/qpid/branches/qpid-2935/qpid/java:1061302-1072333
-/qpid/java/trunk:1715445-1715447,1715586,1715940,1716086-1716087,1716127-1716128,1716141,1716153,1716155,1716194,1716204,1716209,1716227,1716277,1716357,1716368,1716370,1716374,1716432,1716444-1716445,1716455,1716461,1716474,1716489,1716497,1716515,1716555,1716602,1716606-1716610,1716619,1716636,1717269,1717299,1717401,1717446,1717449,1717626,1717691,1717735,1717780,1718744,1718889,1718893,1718918,1718922,1719026,1719028,1719033,1719037,1719047,1719051,1720340,1720664,1721151,1721198,1722019-1722020,1722246,1722339,1722416,1722674,1722678,1722683,1722711,1723064,1723194,1723563,1724216,1724251,1724257,1724292,1724375,1724397,1724432,1724582,1724603,1724780,1724843-1724844,1725295,1725569,1725760,1726176,1726244-1726246,1726249,1726358,1726436,1726449,1726456,1726646,1726653,1726755,1726778,1727555,1727608,1727951
+/qpid/java/trunk:1715445-1715447,1715586,1715940,1716086-1716087,1716127-1716128,1716141,1716153,1716155,1716194,1716204,1716209,1716227,1716277,1716357,1716368,1716370,1716374,1716432,1716444-1716445,1716455,1716461,1716474,1716489,1716497,1716515,1716555,1716602,1716606-1716610,1716619,1716636,1717269,1717299,1717401,1717446,1717449,1717626,1717691,1717735,1717780,1718744,1718889,1718893,1718918,1718922,1719026,1719028,1719033,1719037,1719047,1719051,1720340,1720664,1721151,1721198,1722019-1722020,1722246,1722339,1722416,1722674,1722678,1722683,1722711,1723064,1723194,1723563,1724216,1724251,1724257,1724292,1724375,1724397,1724432,1724582,1724603,1724780,1724843-1724844,1725295,1725569,1725760,1726176,1726244-1726246,1726249,1726358,1726436,1726449,1726456,1726646,1726653,1726755,1726778,1727532,1727555,1727608,1727951
/qpid/trunk/qpid:796646-796653
Modified: qpid/java/branches/6.0.x/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/RedirectingAuthorisationFilter.java
URL: http://svn.apache.org/viewvc/qpid/java/branches/6.0.x/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/RedirectingAuthorisationFilter.java?rev=1727960&r1=1727959&r2=1727960&view=diff
==============================================================================
--- qpid/java/branches/6.0.x/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/RedirectingAuthorisationFilter.java (original)
+++ qpid/java/branches/6.0.x/broker-plugins/management-http/src/main/java/org/apache/qpid/server/management/plugin/filter/RedirectingAuthorisationFilter.java Mon Feb 1 15:44:41 2016
@@ -21,6 +21,10 @@
package org.apache.qpid.server.management.plugin.filter;
import java.io.IOException;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
@@ -34,14 +38,25 @@ import javax.servlet.http.HttpServletRes
import org.apache.qpid.server.management.plugin.HttpManagementConfiguration;
import org.apache.qpid.server.management.plugin.HttpManagementUtil;
+import org.apache.qpid.server.management.plugin.HttpRequestInteractiveAuthenticator;
import org.apache.qpid.server.model.Broker;
+import org.apache.qpid.server.plugin.QpidServiceLoader;
public class RedirectingAuthorisationFilter implements Filter
{
- public static String DEFAULT_LOGIN_URL = "login.html";
- public static String INIT_PARAM_LOGIN_URL = "login-url";
- private String _loginUrl = DEFAULT_LOGIN_URL;
+ private static final Collection<HttpRequestInteractiveAuthenticator> AUTHENTICATORS;
+ static
+ {
+ List<HttpRequestInteractiveAuthenticator> authenticators = new ArrayList<>();
+ for(HttpRequestInteractiveAuthenticator authenticator : (new QpidServiceLoader()).instancesOf(HttpRequestInteractiveAuthenticator.class))
+ {
+ authenticators.add(authenticator);
+ }
+ AUTHENTICATORS = Collections.unmodifiableList(authenticators);
+ }
+
+
private Broker _broker;
private HttpManagementConfiguration _managementConfiguration;
@@ -53,11 +68,6 @@ public class RedirectingAuthorisationFil
@Override
public void init(FilterConfig config) throws ServletException
{
- String loginUrl = config.getInitParameter(INIT_PARAM_LOGIN_URL);
- if (loginUrl != null)
- {
- _loginUrl = loginUrl;
- }
ServletContext servletContext = config.getServletContext();
_broker = HttpManagementUtil.getBroker(servletContext);
_managementConfiguration = HttpManagementUtil.getManagementConfiguration(servletContext);
@@ -76,7 +86,24 @@ public class RedirectingAuthorisationFil
}
catch(SecurityException e)
{
- httpResponse.sendRedirect(_loginUrl);
+ HttpRequestInteractiveAuthenticator.AuthenticationHandler handler = null;
+ for(HttpRequestInteractiveAuthenticator authenticator : AUTHENTICATORS)
+ {
+ handler = authenticator.getAuthenticationHandler(httpRequest, _managementConfiguration);
+ if(handler != null)
+ {
+ break;
+ };
+ }
+
+ if(handler != null)
+ {
+ handler.handleAuthentication(httpResponse);
+ }
+ else
+ {
+ httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN);
+ }
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org