Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Removed unused logger and imports.

This commit is contained in:
Luke Taylor 2008-12-12 17:45:54 +00:00
parent df771038b4
commit 6c7d15ee44
1 changed files with 64 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

134
ntlm/src/main/java/org/springframework/security/ui/ntlm/NtlmProcessingFilterEntryPoint.java
View File

@ -15,19 +15,16 @@
package org.springframework.security.ui.ntlm; package org.springframework.security.ui.ntlm;
import org.springframework.security.AuthenticationException;
import org.springframework.security.ui.AuthenticationEntryPoint;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert;
import java.io.IOException; import java.io.IOException;
import javax.servlet.ServletException; import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import org.springframework.security.AuthenticationException;
import org.springframework.security.ui.AuthenticationEntryPoint;
import org.springframework.util.Assert;
/** /**
* Used by <code>ExceptionTranslationFilter</code> to assist with the NTLM * Used by <code>ExceptionTranslationFilter</code> to assist with the NTLM
* negotiation. Also handles redirecting the user to the authentication * negotiation. Also handles redirecting the user to the authentication
@ -39,76 +36,73 @@ import javax.servlet.http.HttpServletResponse;
* @version $Id$ * @version $Id$
*/ */
public class NtlmProcessingFilterEntryPoint implements AuthenticationEntryPoint { public class NtlmProcessingFilterEntryPoint implements AuthenticationEntryPoint {
//~ Static fields/initializers =====================================================================================
private static final Log logger = LogFactory.getLog(NtlmProcessingFilterEntryPoint.class); //~ Instance fields ================================================================================================
//~ Instance fields ================================================================================================ /** Where to redirect the browser to if authentication fails */
private String authenticationFailureUrl;
/** Where to redirect the browser to if authentication fails */ //~ Methods ========================================================================================================
private String authenticationFailureUrl;
//~ Methods ======================================================================================================== /**
* Sets the authentication failure URL.
*
* @param authenticationFailureUrl the authentication failure URL.
*/
public void setAuthenticationFailureUrl(String authenticationFailureUrl) {
Assert.hasLength(authenticationFailureUrl, "authenticationFailureUrl must be specified");
this.authenticationFailureUrl = authenticationFailureUrl;
}
/** /**
* Sets the authentication failure URL. * Sends an NTLM challenge to the browser requiring authentication. The
* * WWW-Authenticate header is populated with the appropriate information
* @param authenticationFailureUrl the authentication failure URL. * during the negotiation lifecycle by calling the getMessage() method
*/ * from an NTLM-specific subclass of {@link NtlmBaseException}:
public void setAuthenticationFailureUrl(String authenticationFailureUrl) { * <p>
Assert.hasLength(authenticationFailureUrl, "authenticationFailureUrl must be specified"); * <ul>
this.authenticationFailureUrl = authenticationFailureUrl; * <li>{@link NtlmBeginHandshakeException}: NTLM
} * <li>{@link NtlmType2MessageException}: NTLM &lt;base64-encoded type-2-message&gt;
* </ul>
*
* If the {@link AuthenticationException} is not a subclass of
* {@link NtlmBaseException}, then redirect the user to the authentication
* failure URL.
*
* @param request The {@link HttpServletRequest} object.
* @param response Then {@link HttpServletResponse} object.
* @param authException Either {@link NtlmBeginHandshakeException},
* {@link NtlmType2MessageException}, or
* {@link AuthenticationException}
*/
public void commence(final HttpServletRequest request, final HttpServletResponse response, final AuthenticationException authException) throws IOException, ServletException {
final HttpServletResponse resp = (HttpServletResponse) response;
/** if (authException instanceof NtlmBaseException) {
* Sends an NTLM challenge to the browser requiring authentication. The if (authException instanceof NtlmType2MessageException) {
* WWW-Authenticate header is populated with the appropriate information ((NtlmType2MessageException) authException).preserveAuthentication();
* during the negotiation lifecycle by calling the getMessage() method }
* from an NTLM-specific subclass of {@link NtlmBaseException}: resp.setHeader("WWW-Authenticate", authException.getMessage());
* <p> resp.setHeader("Connection", "Keep-Alive");
* <ul> resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
* <li>{@link NtlmBeginHandshakeException}: NTLM resp.setContentLength(0);
* <li>{@link NtlmType2MessageException}: NTLM &lt;base64-encoded type-2-message&gt; resp.flushBuffer();
* </ul>
*
* If the {@link AuthenticationException} is not a subclass of
* {@link NtlmBaseException}, then redirect the user to the authentication
* failure URL.
*
* @param request The {@link HttpServletRequest} object.
* @param response Then {@link HttpServletResponse} object.
* @param authException Either {@link NtlmBeginHandshakeException},
* {@link NtlmType2MessageException}, or
* {@link AuthenticationException}
*/
public void commence(final HttpServletRequest request, final HttpServletResponse response, final AuthenticationException authException) throws IOException, ServletException {
final HttpServletResponse resp = (HttpServletResponse) response;
if (authException instanceof NtlmBaseException) { return;
if (authException instanceof NtlmType2MessageException) { }
((NtlmType2MessageException) authException).preserveAuthentication();
}
resp.setHeader("WWW-Authenticate", authException.getMessage());
resp.setHeader("Connection", "Keep-Alive");
resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
resp.setContentLength(0);
resp.flushBuffer();
return;
}
if (authenticationFailureUrl == null) {
if (!response.isCommitted()) {
((HttpServletResponse) response).sendError(HttpServletResponse.SC_FORBIDDEN, authException.getMessage());
}
} else {
String url = authenticationFailureUrl;
if (!url.startsWith("http://") && !url.startsWith("https://")) {
url = ((HttpServletRequest) request).getContextPath() + url;
}
resp.sendRedirect(resp.encodeRedirectURL(url)); if (authenticationFailureUrl == null) {
} if (!response.isCommitted()) {
} ((HttpServletResponse) response).sendError(HttpServletResponse.SC_FORBIDDEN, authException.getMessage());
}
} else {
String url = authenticationFailureUrl;
if (!url.startsWith("http://") && !url.startsWith("https://")) {
url = ((HttpServletRequest) request).getContextPath() + url;
}
resp.sendRedirect(resp.encodeRedirectURL(url));
}
}
} }