You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by fm...@apache.org on 2008/01/18 11:36:52 UTC
svn commit: r613127 - in
/incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core:
CoreConstants.java impl/SlingHttpContext.java impl/SlingMainServlet.java
impl/auth/MissingRepositoryException.java impl/auth/SlingAuthenticator.java
Author: fmeschbe
Date: Fri Jan 18 02:36:51 2008
New Revision: 613127
URL: http://svn.apache.org/viewvc?rev=613127&view=rev
Log:
Some Cleanup:
* Move SESSION constant to CoreConstants
* Remove unused SlingHttpContext class (is now anonymous in SlingMailServlet)
* Make MissingRepositoryException a SlingException and handle it
appropriately
Added:
incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/auth/MissingRepositoryException.java
Removed:
incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/SlingHttpContext.java
Modified:
incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/CoreConstants.java
incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/SlingMainServlet.java
incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/auth/SlingAuthenticator.java
Modified: incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/CoreConstants.java
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/CoreConstants.java?rev=613127&r1=613126&r2=613127&view=diff
==============================================================================
--- incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/CoreConstants.java (original)
+++ incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/CoreConstants.java Fri Jan 18 02:36:51 2008
@@ -83,4 +83,14 @@
* ignored.
*/
public static final String SLING_SERLVET_NAME = "sling.core.servletName";
+
+ /**
+ * The name of the request attribute set by the {@link SlingAuthenticator}
+ * when authenticating the request user (value is "javax.jcr.Session").
+ * Existence of this attribute in the request, provided it is a JCR Session,
+ * signals that authentication has already taken place. This may be used
+ * when including through the servlet container.
+ */
+ public static final String SESSION = "javax.jcr.Session";
+
}
Modified: incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/SlingMainServlet.java
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/SlingMainServlet.java?rev=613127&r1=613126&r2=613127&view=diff
==============================================================================
--- incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/SlingMainServlet.java (original)
+++ incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/SlingMainServlet.java Fri Jan 18 02:36:51 2008
@@ -54,6 +54,8 @@
import org.apache.sling.api.services.ServiceLocator;
import org.apache.sling.api.servlets.ServletResolver;
import org.apache.sling.commons.mime.MimeTypeService;
+import org.apache.sling.core.CoreConstants;
+import org.apache.sling.core.impl.auth.MissingRepositoryException;
import org.apache.sling.core.impl.auth.SlingAuthenticator;
import org.apache.sling.core.impl.filter.RequestSlingFilterChain;
import org.apache.sling.core.impl.filter.SlingComponentFilterChain;
@@ -166,7 +168,7 @@
public void service(HttpServletRequest clientRequest,
HttpServletResponse clientResponse) throws ServletException, IOException {
- Session session = (Session) clientRequest.getAttribute(SlingHttpContext.SESSION);
+ Session session = (Session) clientRequest.getAttribute(CoreConstants.SESSION);
if (session != null) {
RequestData requestData = null;
try {
@@ -475,7 +477,14 @@
public boolean handleSecurity(HttpServletRequest request,
HttpServletResponse response) {
- return slingAuthenticator.authenticate(request, response);
+ try {
+ return slingAuthenticator.authenticate(request,
+ response);
+ } catch (MissingRepositoryException mre) {
+ log.error(
+ "handleSecurity: Cannot authenticate request", mre);
+ return false;
+ }
}
};
Added: incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/auth/MissingRepositoryException.java
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/auth/MissingRepositoryException.java?rev=613127&view=auto
==============================================================================
--- incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/auth/MissingRepositoryException.java (added)
+++ incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/auth/MissingRepositoryException.java Fri Jan 18 02:36:51 2008
@@ -0,0 +1,34 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sling.core.impl.auth;
+
+import org.apache.sling.api.SlingException;
+
+/**
+ * The <code>MissingRepositoryException</code> may be thrown by the
+ * {@link SlingAuthenticator#authenticate(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)}
+ * method if no JCR repository is available to authenticate against.
+ */
+public class MissingRepositoryException extends SlingException {
+
+ MissingRepositoryException(String reason) {
+ super(reason);
+ }
+
+}
\ No newline at end of file
Modified: incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/auth/SlingAuthenticator.java
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/auth/SlingAuthenticator.java?rev=613127&r1=613126&r2=613127&view=diff
==============================================================================
--- incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/auth/SlingAuthenticator.java (original)
+++ incubator/sling/trunk/sling/core/src/main/java/org/apache/sling/core/impl/auth/SlingAuthenticator.java Fri Jan 18 02:36:51 2008
@@ -32,9 +32,10 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.sling.api.SlingException;
+import org.apache.sling.core.CoreConstants;
import org.apache.sling.core.auth.AuthenticationHandler;
import org.apache.sling.core.auth.AuthenticationInfo;
-import org.apache.sling.core.impl.SlingHttpContext;
import org.apache.sling.jcr.api.TooManySessionsException;
import org.osgi.framework.BundleContext;
import org.osgi.framework.Constants;
@@ -45,8 +46,6 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import sun.security.krb5.internal.Ticket;
-
/**
* The <code>SlingAuthenticator</code> class is the default implementation of
* the {@link SlingAuthenticator} interface. This class supports :
@@ -138,13 +137,6 @@
/** Whether access without credentials is allowed */
boolean anonymousAllowed;
- /** A Repository is required to authenticate - this signals that it's missing */
- static class MissingRepositoryException extends RuntimeException {
- MissingRepositoryException(String reason) {
- super(reason);
- }
- }
-
/**
* The list of packages from the configuration file. This list is checked
* for each request. The handler of the first package match is used for the
@@ -209,12 +201,13 @@
* be assumed, that during this method enough response information
* has been sent to the client.
*/
- public boolean authenticate(HttpServletRequest req, HttpServletResponse res) {
+ public boolean authenticate(HttpServletRequest req, HttpServletResponse res)
+ throws MissingRepositoryException {
// 0. Nothing to do, if the session is also in the request
// this might be the case if the request is handled as a result
// of a servlet container include inside another Sling request
- Object sessionAttr = req.getAttribute(SlingHttpContext.SESSION);
+ Object sessionAttr = req.getAttribute(CoreConstants.SESSION);
if (sessionAttr instanceof Session) {
log.debug("authenticate: Request already authenticated, nothing to do");
return true;
@@ -223,7 +216,7 @@
log.warn(
"authenticate: Overwriting existing Session attribute ({})",
sessionAttr);
- req.removeAttribute(SlingHttpContext.SESSION);
+ req.removeAttribute(CoreConstants.SESSION);
}
// 1. Ask all authentication handlers to try to extract credentials
@@ -349,11 +342,11 @@
// ---------- internal ----------------------------------------------------
- private Repository getRepository() {
+ private Repository getRepository() throws MissingRepositoryException {
final Repository repo = (Repository) repositoryTracker.getService();
- if(repo == null) {
- throw new MissingRepositoryException(
- "No Repository available to " + getClass().getSimpleName() + ", cannot authenticate");
+ if (repo == null) {
+ throw new MissingRepositoryException("No Repository available to "
+ + getClass().getSimpleName() + ", cannot authenticate");
}
return repo;
}
@@ -390,7 +383,7 @@
// TODO
private boolean getAnonymousSession(HttpServletRequest req,
- HttpServletResponse res) {
+ HttpServletResponse res) throws MissingRepositoryException {
// login anonymously, log the exact cause in case of failure
if (this.anonymousAllowed) {
try {
@@ -439,7 +432,7 @@
HttpServletRequest request) {
request.setAttribute(HttpContext.REMOTE_USER, session.getUserID());
request.setAttribute(HttpContext.AUTHENTICATION_TYPE, authType);
- request.setAttribute(SlingHttpContext.SESSION, session);
+ request.setAttribute(CoreConstants.SESSION, session);
}
/**