Signed-off-by: Lachlan Roberts <lachlan@webtide.com>
This commit is contained in:
Lachlan
GitHub
parent
b455b8abcc
commit
18e7ee5940
|
|
@ -23,6 +23,24 @@
|
|||
<onlyAnalyze>org.eclipse.jetty.jaspi.*</onlyAnalyze>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.apache.felix</groupId>
|
||||
<artifactId>maven-bundle-plugin</artifactId>
|
||||
<extensions>true</extensions>
|
||||
<executions>
|
||||
<execution>
|
||||
<goals>
|
||||
<goal>manifest</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<instructions>
|
||||
<Require-Capability>osgi.extender; filter:="(osgi.extender=osgi.serviceloader.registrar)"</Require-Capability>
|
||||
<Provide-Capability>osgi.serviceloader;osgi.serviceloader=org.eclipse.jetty.security.Authenticator$Factory</Provide-Capability>
|
||||
</instructions>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1 @@
|
|||
org.eclipse.jetty.security.jaspi.JaspiAuthenticatorFactory
|
||||
|
|
@ -24,6 +24,24 @@
|
|||
<onlyAnalyze>org.eclipse.jetty.security.openid.*</onlyAnalyze>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.apache.felix</groupId>
|
||||
<artifactId>maven-bundle-plugin</artifactId>
|
||||
<extensions>true</extensions>
|
||||
<executions>
|
||||
<execution>
|
||||
<goals>
|
||||
<goal>manifest</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<instructions>
|
||||
<Require-Capability>osgi.extender; filter:="(osgi.extender=osgi.serviceloader.registrar)"</Require-Capability>
|
||||
<Provide-Capability>osgi.serviceloader;osgi.serviceloader=org.eclipse.jetty.security.Authenticator$Factory</Provide-Capability>
|
||||
</instructions>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
|
||||
|
|
|
|||
|
|
@ -21,13 +21,12 @@ package org.eclipse.jetty.security.openid;
|
|||
import javax.servlet.ServletContext;
|
||||
|
||||
import org.eclipse.jetty.security.Authenticator;
|
||||
import org.eclipse.jetty.security.DefaultAuthenticatorFactory;
|
||||
import org.eclipse.jetty.security.IdentityService;
|
||||
import org.eclipse.jetty.security.LoginService;
|
||||
import org.eclipse.jetty.server.Server;
|
||||
import org.eclipse.jetty.util.security.Constraint;
|
||||
|
||||
public class OpenIdAuthenticatorFactory extends DefaultAuthenticatorFactory
|
||||
public class OpenIdAuthenticatorFactory implements Authenticator.Factory
|
||||
{
|
||||
@Override
|
||||
public Authenticator getAuthenticator(Server server, ServletContext context, Authenticator.AuthConfiguration configuration, IdentityService identityService, LoginService loginService)
|
||||
|
|
@ -35,6 +34,6 @@ public class OpenIdAuthenticatorFactory extends DefaultAuthenticatorFactory
|
|||
String auth = configuration.getAuthMethod();
|
||||
if (Constraint.__OPENID_AUTH.equalsIgnoreCase(auth))
|
||||
return new OpenIdAuthenticator();
|
||||
return super.getAuthenticator(server, context, configuration, identityService, loginService);
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1 @@
|
|||
org.eclipse.jetty.security.openid.OpenIdAuthenticatorFactory
|
||||
|
|
@ -21,6 +21,23 @@
|
|||
<onlyAnalyze>org.eclipse.jetty.security.*</onlyAnalyze>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.apache.felix</groupId>
|
||||
<artifactId>maven-bundle-plugin</artifactId>
|
||||
<extensions>true</extensions>
|
||||
<executions>
|
||||
<execution>
|
||||
<goals>
|
||||
<goal>manifest</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<instructions>
|
||||
<Require-Capability>osgi.serviceloader; filter:="(osgi.serviceloader=org.eclipse.jetty.security.Authenticator$Factory)";resolution:=optional;cardinality:=multiple, osgi.extender; filter:="(osgi.extender=osgi.serviceloader.processor)";resolution:=optional</Require-Capability>
|
||||
</instructions>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
<dependencies>
|
||||
|
|
|
|||
|
|
@ -20,10 +20,13 @@ package org.eclipse.jetty.security;
|
|||
|
||||
import java.io.IOException;
|
||||
import java.security.Principal;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.Enumeration;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.ServiceLoader;
|
||||
import java.util.Set;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
|
@ -38,6 +41,7 @@ import org.eclipse.jetty.server.UserIdentity;
|
|||
import org.eclipse.jetty.server.handler.ContextHandler;
|
||||
import org.eclipse.jetty.server.handler.ContextHandler.Context;
|
||||
import org.eclipse.jetty.server.handler.HandlerWrapper;
|
||||
import org.eclipse.jetty.util.component.DumpableCollection;
|
||||
import org.eclipse.jetty.util.log.Log;
|
||||
import org.eclipse.jetty.util.log.Logger;
|
||||
|
||||
|
|
@ -58,20 +62,31 @@ import org.eclipse.jetty.util.log.Logger;
|
|||
public abstract class SecurityHandler extends HandlerWrapper implements Authenticator.AuthConfiguration
|
||||
{
|
||||
private static final Logger LOG = Log.getLogger(SecurityHandler.class);
|
||||
private static final List<Authenticator.Factory> __knownAuthenticatorFactories = new ArrayList<>();
|
||||
|
||||
private boolean _checkWelcomeFiles = false;
|
||||
private Authenticator _authenticator;
|
||||
private Authenticator.Factory _authenticatorFactory = new DefaultAuthenticatorFactory();
|
||||
private Authenticator.Factory _authenticatorFactory;
|
||||
private String _realmName;
|
||||
private String _authMethod;
|
||||
private final Map<String, String> _initParameters = new HashMap<String, String>();
|
||||
private final Map<String, String> _initParameters = new HashMap<>();
|
||||
private LoginService _loginService;
|
||||
private IdentityService _identityService;
|
||||
private boolean _renewSession = true;
|
||||
|
||||
static
|
||||
{
|
||||
for (Authenticator.Factory factory : ServiceLoader.load(Authenticator.Factory.class))
|
||||
{
|
||||
__knownAuthenticatorFactories.add(factory);
|
||||
}
|
||||
|
||||
__knownAuthenticatorFactories.add(new DefaultAuthenticatorFactory());
|
||||
}
|
||||
|
||||
protected SecurityHandler()
|
||||
{
|
||||
addBean(_authenticatorFactory);
|
||||
addBean(new DumpableCollection("knownAuthenticatorFactories", __knownAuthenticatorFactories));
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -163,6 +178,14 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
|
|||
_authenticatorFactory = authenticatorFactory;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the list of discovered authenticatorFactories
|
||||
*/
|
||||
public List<Authenticator.Factory> getKnownAuthenticatorFactories()
|
||||
{
|
||||
return __knownAuthenticatorFactories;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the realmName
|
||||
*/
|
||||
|
|
@ -241,12 +264,12 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
|
|||
* @param key the init key
|
||||
* @param value the init value
|
||||
* @return previous value
|
||||
* @throws IllegalStateException if the SecurityHandler is running
|
||||
* @throws IllegalStateException if the SecurityHandler is started
|
||||
*/
|
||||
public String setInitParameter(String key, String value)
|
||||
{
|
||||
if (isRunning())
|
||||
throw new IllegalStateException("running");
|
||||
if (isStarted())
|
||||
throw new IllegalStateException("started");
|
||||
return _initParameters.put(key, value);
|
||||
}
|
||||
|
||||
|
|
@ -336,9 +359,40 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
|
|||
throw new IllegalStateException("LoginService has different IdentityService to " + this);
|
||||
}
|
||||
|
||||
Authenticator.Factory authenticatorFactory = getAuthenticatorFactory();
|
||||
if (_authenticator == null && authenticatorFactory != null && _identityService != null)
|
||||
setAuthenticator(authenticatorFactory.getAuthenticator(getServer(), ContextHandler.getCurrentContext(), this, _identityService, _loginService));
|
||||
if (_authenticator == null && _identityService != null)
|
||||
{
|
||||
// If someone has set an authenticator factory only use that, otherwise try the list of discovered factories.
|
||||
if (_authenticatorFactory != null)
|
||||
{
|
||||
Authenticator authenticator = _authenticatorFactory.getAuthenticator(getServer(), ContextHandler.getCurrentContext(),
|
||||
this, _identityService, _loginService);
|
||||
|
||||
if (authenticator != null)
|
||||
{
|
||||
if (LOG.isDebugEnabled())
|
||||
LOG.debug("Created authenticator {} with {}", authenticator, _authenticatorFactory);
|
||||
|
||||
setAuthenticator(authenticator);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
for (Authenticator.Factory factory : getKnownAuthenticatorFactories())
|
||||
{
|
||||
Authenticator authenticator = factory.getAuthenticator(getServer(), ContextHandler.getCurrentContext(),
|
||||
this, _identityService, _loginService);
|
||||
|
||||
if (authenticator != null)
|
||||
{
|
||||
if (LOG.isDebugEnabled())
|
||||
LOG.debug("Created authenticator {} with {}", authenticator, factory);
|
||||
|
||||
setAuthenticator(authenticator);
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (_authenticator != null)
|
||||
_authenticator.setConfiguration(this);
|
||||
|
|
|
|||
Loading…
Reference in New Issue