Package com.bradmcevoy.http.http11.auth

Examples of com.bradmcevoy.http.http11.auth.Nonce


    @Inject Objectify ofy;
   
  public Object authenticate(Resource r, Request request) {
        Auth auth = request.getAuthorization();
        DigestResponse resp = digestHelper.calculateResponse(auth, "freewebdav.appspot.com", request.getMethod());
        if( resp == null ) {
            log.finest("requested digest authentication is invalid or incorrectly formatted");
            return null;
        } else {
          //TODO add authentication.
View Full Code Here


    }

    public String createNonce( Resource resource, Request request ) {
        UUID id = UUID.randomUUID();
        Date now = new Date();
        Nonce n = new Nonce( id, now );
        memcache.put( n.getValue(), n, Expiration.byDeltaSeconds(nonceValiditySeconds));
        log.info( "created nonce: " + n.getValue() );
        return n.getValue().toString();
    }
View Full Code Here

            value = UUID.fromString( nonce );
        } catch( Exception e ) {
            log.info( "couldnt parse nonce" );
            return NonceValidity.INVALID;
        }
        Nonce n = (Nonce)memcache.get(value);
        if( n == null ) {
            log.info( "not found in cache" );
            return NonceValidity.INVALID;
        } else {
            if( isExpired( n.getIssued() ) ) {
                log.info( "nonce has expired; that is unusual as it should have been evicted from the cache already." );
                return NonceValidity.EXPIRED;
            } else {
                if( nc == null ) {
                    log.info( "nonce ok" );
                    return NonceValidity.OK;
                } else {
                    if( enableNonceCountChecking && nc <= n.getNonceCount() ) {
                        log.warning( "nonce-count was not greater then previous, possible replay attack. new: " + nc + " old:" + n.getNonceCount() );
                        return NonceValidity.INVALID;
                    } else {
                        log.info( "nonce and nonce-count ok" );
                        Nonce newNonce = n.increaseNonceCount( nc );
                        memcache.put( newNonce.getValue(), newNonce, Expiration.byDeltaSeconds(nonceValiditySeconds));
                        return NonceValidity.OK;
                    }
                }
            }
        }
View Full Code Here

   
    @Inject
    protected WebdavServlet(ResourceFactory fact, Injector injector, Objectify ofy) {
      inj = injector;
      WebdavUserSecurityManager sm = inject(new WebdavUserSecurityManager(ofy));
      NonceProvider np = new AppEngineMemcacheNonceProvider(10*60*60);
      List<AuthenticationHandler> authHandlers = new ArrayList<AuthenticationHandler>();
      authHandlers.add(new SecurityManagerBasicAuthHandler(sm));
      authHandlers.add(new SecurityManagerDigestAuthenticationHandler(np, sm));
      AuthenticationService authSvc = new AuthenticationService(authHandlers);

View Full Code Here

        // Decode nonce from Base64
        // format of nonce is
        //   base64(expirationTime + "" + md5Hex(expirationTime + "" + key))
        String plainTextNonce = new String( Base64.decodeBase64( auth.getNonce().getBytes() ) );
        NonceValidity validity = nonceProvider.getNonceValidity( plainTextNonce, nc );
        if( NonceValidity.INVALID.equals( validity ) ) {
            log.debug( "invalid nonce: " + plainTextNonce );
            return null;
        } else if( NonceValidity.EXPIRED.equals( validity ) ) {
            log.debug( "expired nonce: " + plainTextNonce );
View Full Code Here

      AuthenticationService authSvc = new AuthenticationService(authHandlers);

      DefaultWebDavResponseHandler respHandler = new DefaultWebDavResponseHandler(authSvc);
      respHandler.setBuffering(BUFFERING.always);
      httpManager = new ServletHttpManager(fact, respHandler, authSvc);
      httpManager.addFilter(0, new PreAuthenticationFilter(respHandler, sm, np));
    }
View Full Code Here

    protected WebdavServlet(ResourceFactory fact, Injector injector, Objectify ofy) {
      inj = injector;
      WebdavUserSecurityManager sm = inject(new WebdavUserSecurityManager(ofy));
      NonceProvider np = new AppEngineMemcacheNonceProvider(10*60*60);
      List<AuthenticationHandler> authHandlers = new ArrayList<AuthenticationHandler>();
      authHandlers.add(new SecurityManagerBasicAuthHandler(sm));
      authHandlers.add(new SecurityManagerDigestAuthenticationHandler(np, sm));
      AuthenticationService authSvc = new AuthenticationService(authHandlers);

      DefaultWebDavResponseHandler respHandler = new DefaultWebDavResponseHandler(authSvc);
      respHandler.setBuffering(BUFFERING.always);
View Full Code Here

      inj = injector;
      WebdavUserSecurityManager sm = inject(new WebdavUserSecurityManager(ofy));
      NonceProvider np = new AppEngineMemcacheNonceProvider(10*60*60);
      List<AuthenticationHandler> authHandlers = new ArrayList<AuthenticationHandler>();
      authHandlers.add(new SecurityManagerBasicAuthHandler(sm));
      authHandlers.add(new SecurityManagerDigestAuthenticationHandler(np, sm));
      AuthenticationService authSvc = new AuthenticationService(authHandlers);

      DefaultWebDavResponseHandler respHandler = new DefaultWebDavResponseHandler(authSvc);
      respHandler.setBuffering(BUFFERING.always);
      httpManager = new ServletHttpManager(fact, respHandler, authSvc);
View Full Code Here

TOP

Related Classes of com.bradmcevoy.http.http11.auth.Nonce

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.