You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lenya.apache.org by gr...@apache.org on 2005/05/27 04:14:34 UTC
svn commit: r178731 - in /lenya/trunk: lib/commons-codec-1.3.jar
src/java/org/apache/lenya/ac/impl/UserAuthenticator.java
Author: gregor
Date: Thu May 26 19:14:28 2005
New Revision: 178731
URL: http://svn.apache.org/viewcvs?rev=178731&view=rev
Log:
Applied patch by Doug Chestnut to support basic authentication. This resolves http://issues.apache.org/bugzilla/show_bug.cgi?id=34964 and paves the way for WebDAV support.
Added:
lenya/trunk/lib/commons-codec-1.3.jar (with props)
Modified:
lenya/trunk/src/java/org/apache/lenya/ac/impl/UserAuthenticator.java
Added: lenya/trunk/lib/commons-codec-1.3.jar
URL: http://svn.apache.org/viewcvs/lenya/trunk/lib/commons-codec-1.3.jar?rev=178731&view=auto
==============================================================================
Binary file - no diff available.
Propchange: lenya/trunk/lib/commons-codec-1.3.jar
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Modified: lenya/trunk/src/java/org/apache/lenya/ac/impl/UserAuthenticator.java
URL: http://svn.apache.org/viewcvs/lenya/trunk/src/java/org/apache/lenya/ac/impl/UserAuthenticator.java?rev=178731&r1=178730&r2=178731&view=diff
==============================================================================
--- lenya/trunk/src/java/org/apache/lenya/ac/impl/UserAuthenticator.java (original)
+++ lenya/trunk/src/java/org/apache/lenya/ac/impl/UserAuthenticator.java Thu May 26 19:14:28 2005
@@ -15,6 +15,7 @@
package org.apache.lenya.ac.impl;
+import org.apache.commons.codec.binary.Base64;
import org.apache.avalon.framework.logger.AbstractLogEnabled;
import org.apache.cocoon.environment.Request;
import org.apache.lenya.ac.AccessControlException;
@@ -32,11 +33,33 @@
/**
* @see org.apache.lenya.ac.Authenticator#authenticate(org.apache.lenya.ac.AccreditableManager,
* org.apache.cocoon.environment.Request)
+ * Note that this implementation first checks if the user has authenticated over basic
+ * HTTP authentication. If yes, it uses these credentials.
*/
public boolean authenticate(AccreditableManager accreditableManager, Request request)
throws AccessControlException {
- String username = request.getParameter("username");
- String password = request.getParameter("password");
+
+ String encoded = "";
+ String unencoded = "";
+ String username = "";
+ String password = "";
+ if (request.getHeader("Authorization") != null) {
+ encoded = request.getHeader("Authorization");
+ }
+ if(encoded.indexOf("Basic") > -1) {
+ encoded = encoded.trim();
+ encoded = encoded.substring(encoded.indexOf(' ')+1);
+ unencoded = new String(Base64.decodeBase64(encoded.getBytes()));
+ }
+ if (unencoded.indexOf(":")-1 > -1 ) {
+ username = unencoded.substring(0,unencoded.indexOf(":"));
+ password = unencoded.substring(unencoded.indexOf(":")+1);
+ }
+
+ if (encoded.length() == 0 && request.getParameter("username") != null) {
+ username = request.getParameter("username");
+ password = request.getParameter("password");
+ }
if (getLogger().isDebugEnabled()) {
getLogger().debug(
@@ -49,11 +72,11 @@
Identity identity = (Identity) request.getSession(false).getAttribute(
Identity.class.getName());
-
+
if (identity == null) {
throw new AccessControlException("The session does not contain the identity!");
}
-
+
boolean authenticated = authenticate(accreditableManager, username, password, identity);
return authenticated;
}
@@ -105,4 +128,4 @@
return authenticated;
}
-}
\ No newline at end of file
+}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@lenya.apache.org
For additional commands, e-mail: commits-help@lenya.apache.org