You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lenya.apache.org by an...@apache.org on 2009/02/03 20:40:41 UTC
svn commit: r740393 -
/lenya/branches/BRANCH_2_0_X/src/modules-core/ac/java/src/org/apache/lenya/ac/impl/UserAuthenticator.java
Author: andreas
Date: Tue Feb 3 19:40:41 2009
New Revision: 740393
URL: http://svn.apache.org/viewvc?rev=740393&view=rev
Log:
Consider the Authorization header only if the authorization is basic. Fixes bug 43823.
Modified:
lenya/branches/BRANCH_2_0_X/src/modules-core/ac/java/src/org/apache/lenya/ac/impl/UserAuthenticator.java
Modified: lenya/branches/BRANCH_2_0_X/src/modules-core/ac/java/src/org/apache/lenya/ac/impl/UserAuthenticator.java
URL: http://svn.apache.org/viewvc/lenya/branches/BRANCH_2_0_X/src/modules-core/ac/java/src/org/apache/lenya/ac/impl/UserAuthenticator.java?rev=740393&r1=740392&r2=740393&view=diff
==============================================================================
--- lenya/branches/BRANCH_2_0_X/src/modules-core/ac/java/src/org/apache/lenya/ac/impl/UserAuthenticator.java (original)
+++ lenya/branches/BRANCH_2_0_X/src/modules-core/ac/java/src/org/apache/lenya/ac/impl/UserAuthenticator.java Tue Feb 3 19:40:41 2009
@@ -41,24 +41,28 @@
public boolean authenticate(AccreditableManager accreditableManager, Request request)
throws AccessControlException {
- String encoded = "";
- String unencoded = "";
- String username = "";
- String password = "";
+ String username = null;
+ String password = null;
+
+ boolean useHeader = false;
if (request.getHeader("Authorization") != null) {
- encoded = request.getHeader("Authorization");
- }
- if (encoded.indexOf("Basic") > -1) {
- encoded = encoded.trim();
- encoded = encoded.substring(encoded.indexOf(' ') + 1);
- unencoded = new String(Base64.decodeBase64(encoded.getBytes()));
- }
- if (unencoded.indexOf(":") - 1 > -1) {
- username = unencoded.substring(0, unencoded.indexOf(":"));
- password = unencoded.substring(unencoded.indexOf(":") + 1);
- }
+ String encoded = request.getHeader("Authorization");
- if (encoded.length() == 0 && request.getParameter("username") != null) {
+ if (encoded.indexOf("Basic") > -1) {
+ encoded = encoded.trim();
+ encoded = encoded.substring(encoded.indexOf(' ') + 1);
+ String unencoded = new String(Base64.decodeBase64(encoded.getBytes()));
+
+ if (unencoded.indexOf(":") - 1 > -1) {
+ useHeader = true;
+ username = unencoded.substring(0, unencoded.indexOf(":"));
+ password = unencoded.substring(unencoded.indexOf(":") + 1);
+ }
+
+ }
+ }
+
+ if (!useHeader && request.getParameter("username") != null) {
username = request.getParameter("username").toLowerCase();
password = request.getParameter("password");
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@lenya.apache.org
For additional commands, e-mail: commits-help@lenya.apache.org