Package winstone

Examples of winstone.AuthenticationPrincipal

147
148
149
150
151
152
153
154
        if (realPassword == null)
            return null;
        else if (!realPassword.equals(password))
            return null;
        else
            return new AuthenticationPrincipal(userName, password,
                    (List) this.roles.get(userName));
    }
View Full Code Here
155
156
157
158
159
160
161
162
    /**
     * Retrieve an authenticated user
     */
    public AuthenticationPrincipal retrieveUser(String userName) {
        return new AuthenticationPrincipal(userName, (String) this.passwords
                .get(userName), (List) this.roles.get(userName));
    }
View Full Code Here
87
88
89
90
91
92
93
94
        if (realPassword == null)
            return null;
        else if (!realPassword.equals(password))
            return null;
        else
            return new AuthenticationPrincipal(userName, password,
                    (List) this.roles.get(userName));
    }
View Full Code Here
98
99
100
101
102
103
104
105
106
     */
    public AuthenticationPrincipal retrieveUser(String userName) {
        if (userName == null)
            return null;
        else
            return new AuthenticationPrincipal(userName,
                    (String) this.passwords.get(userName), (List) this.roles
                            .get(userName));
    }
View Full Code Here
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
            int length = decodeBase64(inBytes, outBytes, 0, inBytes.length, 0);

            String decoded = new String(outBytes, 0, length);
            int delimPos = decoded.indexOf(':');
            if (delimPos != -1) {
                AuthenticationPrincipal principal = this.realm
                        .authenticateByUsernamePassword(decoded.substring(0,
                                delimPos).trim(), decoded.substring(
                                delimPos + 1).trim());
                if (principal != null) {
                    principal.setAuthType(HttpServletRequest.BASIC_AUTH);
                    if (request instanceof WinstoneRequest)
                        ((WinstoneRequest) request).setRemoteUser(principal);
                    else if (request instanceof HttpServletRequestWrapper) {
                        HttpServletRequestWrapper wrapper = (HttpServletRequestWrapper) request;
                        if (wrapper.getRequest() instanceof WinstoneRequest)
View Full Code Here
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
            return true;
        else if ((algorithm != null) && !algorithm.equals("MD5"))
            return true;

        // Get a user matching the username
        AuthenticationPrincipal principal = this.realm.retrieveUser(userName);
        if (principal == null)
            return true;

        // Compute the 2 digests and compare
        String userRealmPasswordDigest = md5Encode(userName + ":" + realm + ":"
                + principal.getPassword());
        String methodURIDigest = md5Encode(request.getMethod() + ":" + uri);
        String serverResponseDigest = md5Encode(userRealmPasswordDigest + ":"
                + nOnce + ":" + nc + ":" + cnOnce + ":" + qop + ":"
                + methodURIDigest);
        if (serverResponseDigest.equals(clientResponseDigest)) {
            principal.setAuthType(HttpServletRequest.DIGEST_AUTH);
            if (request instanceof WinstoneRequest)
                ((WinstoneRequest) request).setRemoteUser(principal);
            else if (request instanceof HttpServletRequestWrapper) {
                HttpServletRequestWrapper wrapper = (HttpServletRequestWrapper) request;
                if (wrapper.getRequest() instanceof WinstoneRequest)
View Full Code Here
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
        if (pathRequested.endsWith(FORM_ACTION)) {
            String username = request.getParameter(FORM_USER);
            String password = request.getParameter(FORM_PASS);

            // Send to error page if invalid
            AuthenticationPrincipal principal = this.realm
                    .authenticateByUsernamePassword(username, password);
            if (principal == null) {
                javax.servlet.RequestDispatcher rdError = request
                        .getRequestDispatcher(this.errorPage);
                rdError.forward(request, response);
            }

            // Send to stashed request
            else {
                // Iterate back as far as we can
                ServletRequest wrapperCheck = request;
                while (wrapperCheck instanceof HttpServletRequestWrapper) {
                    wrapperCheck = ((HttpServletRequestWrapper) wrapperCheck).getRequest();
                }
               
                // Get the stashed request
                WinstoneRequest actualRequest = null;
                if (wrapperCheck instanceof WinstoneRequest) {
                    actualRequest = (WinstoneRequest) wrapperCheck;
                    actualRequest.setRemoteUser(principal);
                } else {
                    Logger.log(Logger.WARNING, AUTH_RESOURCES,
                            "FormAuthenticationHandler.CantSetUser",
                            wrapperCheck.getClass().getName());
                }
                HttpSession session = request.getSession(true);
                String previousLocation = this.loginPage;
                RetryRequestParams cachedRequest = (RetryRequestParams)
                        session.getAttribute(CACHED_REQUEST);
                if ((cachedRequest != null) && (actualRequest != null)) {
                    // Repopulate this request from the params we saved
                    request = new RetryRequestWrapper(request, cachedRequest);
                    previousLocation =
                        (request.getServletPath() == null ? "" : request.getServletPath()) +
                        (request.getPathInfo() == null ? "" : request.getPathInfo());
                } else {
                    Logger.log(Logger.DEBUG, AUTH_RESOURCES,
                            "FormAuthenticationHandler.NoCachedRequest");
                }
               
                // do role check, since we don't know that this user has permission
                if (doRoleCheck(request, response, previousLocation)) {
                    principal.setAuthType(HttpServletRequest.FORM_AUTH);
                    session.setAttribute(AUTHENTICATED_USER, principal);
                    javax.servlet.RequestDispatcher rdPrevious = request
                            .getRequestDispatcher(previousLocation);
                    rdPrevious.forward(request, response);
                } else {
                    javax.servlet.RequestDispatcher rdError = request
                            .getRequestDispatcher(this.errorPage);
                    rdError.forward(request, response);
                }
            }
            return false;
        }
        // If it's not a login, get the session, and look up the auth user variable
        else {
            WinstoneRequest actualRequest = null;
            if (request instanceof WinstoneRequest) {
                actualRequest = (WinstoneRequest) request;
            } else if (request instanceof HttpServletRequestWrapper) {
                HttpServletRequestWrapper wrapper = (HttpServletRequestWrapper) request;
                if (wrapper.getRequest() instanceof WinstoneRequest) {
                    actualRequest = (WinstoneRequest) wrapper.getRequest();
                } else {
                    Logger.log(Logger.WARNING, AUTH_RESOURCES,
                            "FormAuthenticationHandler.CantSetUser", wrapper
                                    .getRequest().getClass().getName());
                }
            } else {
                Logger.log(Logger.WARNING, AUTH_RESOURCES,
                        "FormAuthenticationHandler.CantSetUser", request
                                .getClass().getName());
            }

            HttpSession session = actualRequest.getSession(false);
            if (session != null) {
                AuthenticationPrincipal authenticatedUser = (AuthenticationPrincipal)
                        session.getAttribute(AUTHENTICATED_USER);
                if (authenticatedUser != null) {
                    actualRequest.setRemoteUser(authenticatedUser);
                    Logger.log(Logger.FULL_DEBUG, AUTH_RESOURCES,
                            "FormAuthenticationHandler.GotUserFromSession");
View Full Code Here
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
                    certificateArray[n].checkValidity();
                } catch (Throwable err) {
                    failed = true;
                }
            if (!failed) {
                AuthenticationPrincipal principal = this.realm
                        .retrieveUser(certificateArray[0].getSubjectDN()
                                .getName());
                if (principal != null) {
                    principal.setAuthType(HttpServletRequest.CLIENT_CERT_AUTH);
                    if (request instanceof WinstoneRequest)
                        ((WinstoneRequest) request).setRemoteUser(principal);
                    else if (request instanceof HttpServletRequestWrapper) {
                        HttpServletRequestWrapper wrapper = (HttpServletRequestWrapper) request;
                        if (wrapper.getRequest() instanceof WinstoneRequest)
View Full Code Here
TOP

Related Classes of winstone.AuthenticationPrincipal

  • winstone.auth.BasicAuthenticationHandler
  • winstone.auth.ClientcertAuthenticationHandler
  • winstone.auth.DigestAuthenticationHandler
  • winstone.auth.FormAuthenticationHandler
  • winstone.realm.ArgumentsRealm
  • winstone.realm.FileRealm
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.