From e75fc613b1f369e6c312e866f245a5b269285c06 Mon Sep 17 00:00:00 2001 From: Ben Alex Date: Fri, 3 Dec 2004 06:42:26 +0000 Subject: [PATCH] Gracefully handle null ContextHolder / Authentication etc. --- ...ationSimpleHttpInvokerRequestExecutor.java | 53 +++++++++++-------- .../ContextPropagatingRemoteInvocation.java | 5 +- 2 files changed, 33 insertions(+), 25 deletions(-) diff --git a/core/src/main/java/org/acegisecurity/ui/httpinvoker/AuthenticationSimpleHttpInvokerRequestExecutor.java b/core/src/main/java/org/acegisecurity/ui/httpinvoker/AuthenticationSimpleHttpInvokerRequestExecutor.java index 35dd65acd6..9fe1356ae6 100644 --- a/core/src/main/java/org/acegisecurity/ui/httpinvoker/AuthenticationSimpleHttpInvokerRequestExecutor.java +++ b/core/src/main/java/org/acegisecurity/ui/httpinvoker/AuthenticationSimpleHttpInvokerRequestExecutor.java @@ -74,30 +74,39 @@ public class AuthenticationSimpleHttpInvokerRequestExecutor throws IOException, AuthenticationCredentialsNotFoundException { super.prepareConnection(con, contentLength); - if ((ContextHolder.getContext() == null) - || !(ContextHolder.getContext() instanceof SecureContext)) { - throw new AuthenticationCredentialsNotFoundException( - "ContextHolder is null or does not contain a SecureContext"); - } + if ((ContextHolder.getContext() != null) + && (ContextHolder.getContext() instanceof SecureContext)) { + Authentication auth = ((SecureContext) ContextHolder.getContext()) + .getAuthentication(); - Authentication auth = ((SecureContext) ContextHolder.getContext()) - .getAuthentication(); + if ((auth != null) && (auth.getPrincipal() != null) + && (auth.getCredentials() != null)) { + String base64 = auth.getPrincipal().toString() + ":" + + auth.getCredentials().toString(); + con.setRequestProperty("Authorization", + "Basic " + + new String(Base64.encodeBase64(base64.getBytes()))); - if ((auth == null) || (auth.getPrincipal() == null) - || (auth.getCredentials() == null)) { - throw new AuthenticationCredentialsNotFoundException( - "The Authentication contained in the ContextHolder is null or the principal and/or credentials properties are null"); - } - - String base64 = auth.getPrincipal().toString() + ":" - + auth.getCredentials().toString(); - con.setRequestProperty("Authorization", - "Basic " + new String(Base64.encodeBase64(base64.getBytes()))); - - if (logger.isDebugEnabled()) { - logger.debug( - "HttpInvocation now presenting via BASIC authentication ContextHolder-derived: " - + auth.toString()); + if (logger.isDebugEnabled()) { + logger.debug( + "HttpInvocation now presenting via BASIC authentication ContextHolder-derived: " + + auth.toString()); + } + } else { + if (logger.isDebugEnabled()) { + logger.debug( + "Unable to set BASIC authentication header as ContextHolder: " + + ContextHolder.getContext() + + "; did not provide valid Authentication: " + auth); + } + } + } else { + if (logger.isDebugEnabled()) { + logger.debug( + "Unable to set BASIC authentication header as ContextHolder: " + + ContextHolder.getContext() + + "; does not provide a SecureContext"); + } } } } diff --git a/core/src/main/java/org/acegisecurity/ui/rmi/ContextPropagatingRemoteInvocation.java b/core/src/main/java/org/acegisecurity/ui/rmi/ContextPropagatingRemoteInvocation.java index 1f92373060..28408fb385 100644 --- a/core/src/main/java/org/acegisecurity/ui/rmi/ContextPropagatingRemoteInvocation.java +++ b/core/src/main/java/org/acegisecurity/ui/rmi/ContextPropagatingRemoteInvocation.java @@ -70,8 +70,7 @@ public class ContextPropagatingRemoteInvocation extends RemoteInvocation { context = ContextHolder.getContext(); if (logger.isDebugEnabled()) { - logger.debug("RemoteInvocation now has context of: " - + context.toString()); + logger.debug("RemoteInvocation now has context of: " + context); } } @@ -95,7 +94,7 @@ public class ContextPropagatingRemoteInvocation extends RemoteInvocation { ContextHolder.setContext(context); if (logger.isDebugEnabled()) { - logger.debug("Set ContextHolder to contain: " + context.toString()); + logger.debug("Set ContextHolder to contain: " + context); } Object result = super.invoke(targetObject);