// check authentication
Object previousIdentity = null;
try
{
Authentication authentication = baseRequest.getAuthentication();
if (authentication==null || authentication==Authentication.NOT_CHECKED)
authentication=authenticator==null?Authentication.UNAUTHENTICATED:authenticator.validateRequest(request, response, isAuthMandatory);
if (authentication instanceof Authentication.Wrapped)
{
request=((Authentication.Wrapped)authentication).getHttpServletRequest();
response=((Authentication.Wrapped)authentication).getHttpServletResponse();
}
if (authentication instanceof Authentication.ResponseSent)
{
baseRequest.setHandled(true);
}
else if (authentication instanceof Authentication.User)
{
Authentication.User userAuth = (Authentication.User)authentication;
baseRequest.setAuthentication(authentication);
if (_identityService!=null)
previousIdentity = _identityService.associate(userAuth.getUserIdentity());
if (isAuthMandatory)
{
boolean authorized=checkWebResourcePermissions(pathInContext, baseRequest, base_response, roleInfo, userAuth.getUserIdentity());
if (!authorized)
{
response.sendError(Response.SC_FORBIDDEN, "!role");
baseRequest.setHandled(true);
return;
}
}
handler.handle(pathInContext, baseRequest, request, response);
if (authenticator!=null)
authenticator.secureResponse(request, response, isAuthMandatory, userAuth);
}
else if (authentication instanceof Authentication.Deferred)
{
DeferredAuthentication deferred= (DeferredAuthentication)authentication;
baseRequest.setAuthentication(authentication);
try
{
handler.handle(pathInContext, baseRequest, request, response);
}
finally
{
previousIdentity = deferred.getPreviousAssociation();
}
if (authenticator!=null)
{
Authentication auth=baseRequest.getAuthentication();
if (auth instanceof Authentication.User)
{
Authentication.User userAuth = (Authentication.User)auth;
authenticator.secureResponse(request, response, isAuthMandatory, userAuth);
}