Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master' into jetty-8 

Conflicts:
	jetty-annotations/src/main/java/org/eclipse/jetty/annotations/AnnotationParser.java
This commit is contained in:
Jan Bartel 2012-09-28 19:27:07 +10:00
parent 156e33bd23 f3e151467d
commit 286df12f03
9 changed files with 45 additions and 79 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
jetty-jaspi/src/main/java/org/eclipse/jetty/security/jaspi/JaspiAuthenticator.java
View File

@ -37,6 +37,7 @@ import org.eclipse.jetty.security.IdentityService;
import org.eclipse.jetty.security.ServerAuthException; import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.security.UserAuthentication; import org.eclipse.jetty.security.UserAuthentication;
import org.eclipse.jetty.security.authentication.DeferredAuthentication; import org.eclipse.jetty.security.authentication.DeferredAuthentication;
import org.eclipse.jetty.security.authentication.LoginAuthenticator;
import org.eclipse.jetty.server.Authentication; import org.eclipse.jetty.server.Authentication;
import org.eclipse.jetty.server.UserIdentity; import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.server.Authentication.User; import org.eclipse.jetty.server.Authentication.User;
@ -44,7 +45,7 @@ import org.eclipse.jetty.server.Authentication.User;
/** /**
* @version $Rev: 4793 $ $Date: 2009-03-19 00:00:01 +0100 (Thu, 19 Mar 2009) $ * @version $Rev: 4793 $ $Date: 2009-03-19 00:00:01 +0100 (Thu, 19 Mar 2009) $
*/ */
public class JaspiAuthenticator implements Authenticator public class JaspiAuthenticator extends LoginAuthenticator
{ {
private final ServerAuthConfig _authConfig; private final ServerAuthConfig _authConfig;
@ -58,7 +59,7 @@ public class JaspiAuthenticator implements Authenticator
private final IdentityService _identityService; private final IdentityService _identityService;
private final DeferredAuthentication _deferred;
public JaspiAuthenticator(ServerAuthConfig authConfig, Map authProperties, ServletCallbackHandler callbackHandler, Subject serviceSubject, public JaspiAuthenticator(ServerAuthConfig authConfig, Map authProperties, ServletCallbackHandler callbackHandler, Subject serviceSubject,
boolean allowLazyAuthentication, IdentityService identityService) boolean allowLazyAuthentication, IdentityService identityService)
@ -72,11 +73,11 @@ public class JaspiAuthenticator implements Authenticator
this._serviceSubject = serviceSubject; this._serviceSubject = serviceSubject;
this._allowLazyAuthentication = allowLazyAuthentication; this._allowLazyAuthentication = allowLazyAuthentication;
this._identityService = identityService; this._identityService = identityService;
this._deferred = new DeferredAuthentication(this);
} }
public void setConfiguration(AuthConfiguration configuration) public void setConfiguration(AuthConfiguration configuration)
{ {
super.setConfiguration(configuration);
} }
public String getAuthMethod() public String getAuthMethod()
@ -93,7 +94,7 @@ public class JaspiAuthenticator implements Authenticator
//if its not mandatory to authenticate, and the authenticator returned UNAUTHENTICATED, we treat it as authentication deferred //if its not mandatory to authenticate, and the authenticator returned UNAUTHENTICATED, we treat it as authentication deferred
if (_allowLazyAuthentication && !info.isAuthMandatory() && a == Authentication.UNAUTHENTICATED) if (_allowLazyAuthentication && !info.isAuthMandatory() && a == Authentication.UNAUTHENTICATED)
a =_deferred; a = new DeferredAuthentication(this);
return a; return a;
} }

3
jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java
View File

@ -525,8 +525,6 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
else if (authentication instanceof Authentication.Deferred) else if (authentication instanceof Authentication.Deferred)
{ {
DeferredAuthentication deferred= (DeferredAuthentication)authentication; DeferredAuthentication deferred= (DeferredAuthentication)authentication;
deferred.setIdentityService(_identityService);
deferred.setLoginService(_loginService);
baseRequest.setAuthentication(authentication); baseRequest.setAuthentication(authentication);
try try
@ -536,7 +534,6 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
finally finally
{ {
previousIdentity = deferred.getPreviousAssociation(); previousIdentity = deferred.getPreviousAssociation();
deferred.setIdentityService(null);
} }
if (authenticator!=null) if (authenticator!=null)

6
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/BasicAuthenticator.java
View File

@ -67,8 +67,8 @@ public class BasicAuthenticator extends LoginAuthenticator
try try
{ {
if (!mandatory) if (!mandatory)
return _deferred; return new DeferredAuthentication(this);
if (credentials != null) if (credentials != null)
{ {
int space=credentials.indexOf(' '); int space=credentials.indexOf(' ');
@ -96,7 +96,7 @@ public class BasicAuthenticator extends LoginAuthenticator
} }
} }
if (_deferred.isDeferred(response)) if (DeferredAuthentication.isDeferred(response))
return Authentication.UNAUTHENTICATED; return Authentication.UNAUTHENTICATED;
response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "basic realm=\"" + _loginService.getName() + '"'); response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "basic realm=\"" + _loginService.getName() + '"');

8
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/ClientCertAuthenticator.java
View File

@ -88,8 +88,8 @@ public class ClientCertAuthenticator extends LoginAuthenticator
public Authentication validateRequest(ServletRequest req, ServletResponse res, boolean mandatory) throws ServerAuthException public Authentication validateRequest(ServletRequest req, ServletResponse res, boolean mandatory) throws ServerAuthException
{ {
if (!mandatory) if (!mandatory)
return _deferred; return new DeferredAuthentication(this);
HttpServletRequest request = (HttpServletRequest)req; HttpServletRequest request = (HttpServletRequest)req;
HttpServletResponse response = (HttpServletResponse)res; HttpServletResponse response = (HttpServletResponse)res;
X509Certificate[] certs = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate"); X509Certificate[] certs = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");
@ -129,8 +129,8 @@ public class ClientCertAuthenticator extends LoginAuthenticator
} }
} }
} }
if (!_deferred.isDeferred(response)) if (!DeferredAuthentication.isDeferred(response))
{ {
response.sendError(HttpServletResponse.SC_FORBIDDEN); response.sendError(HttpServletResponse.SC_FORBIDDEN);
return Authentication.SEND_FAILURE; return Authentication.SEND_FAILURE;

70
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DeferredAuthentication.java
View File

@ -45,22 +45,9 @@ import org.eclipse.jetty.util.log.Logger;
public class DeferredAuthentication implements Authentication.Deferred public class DeferredAuthentication implements Authentication.Deferred
{ {
private static final Logger LOG = Log.getLogger(DeferredAuthentication.class); private static final Logger LOG = Log.getLogger(DeferredAuthentication.class);
protected final LoginAuthenticator _authenticator;
protected final Authenticator _authenticator;
private LoginService _loginService;
private IdentityService _identityService;
private Object _previousAssociation; private Object _previousAssociation;
/* ------------------------------------------------------------ */
public DeferredAuthentication(Authenticator authenticator)
{
if (authenticator == null)
throw new NullPointerException("No Authenticator");
this._authenticator = authenticator;
}
/* ------------------------------------------------------------ */ /* ------------------------------------------------------------ */
public DeferredAuthentication(LoginAuthenticator authenticator) public DeferredAuthentication(LoginAuthenticator authenticator)
{ {
@ -68,36 +55,6 @@ public class DeferredAuthentication implements Authentication.Deferred
throw new NullPointerException("No Authenticator"); throw new NullPointerException("No Authenticator");
this._authenticator = authenticator; this._authenticator = authenticator;
} }
/* ------------------------------------------------------------ */
/** Get the identityService.
* @return the identityService
*/
public IdentityService getIdentityService()
{
return _identityService;
}
/* ------------------------------------------------------------ */
/** Set the identityService.
* @param identityService the identityService to set
*/
public void setIdentityService(IdentityService identityService)
{
_identityService = identityService;
}
/* ------------------------------------------------------------ */
public LoginService getLoginService()
{
return _loginService;
}
/* ------------------------------------------------------------ */
public void setLoginService(LoginService loginService)
{
_loginService = loginService;
}
/* ------------------------------------------------------------ */ /* ------------------------------------------------------------ */
/** /**
@ -111,8 +68,11 @@ public class DeferredAuthentication implements Authentication.Deferred
if (authentication!=null && (authentication instanceof Authentication.User) && !(authentication instanceof Authentication.ResponseSent)) if (authentication!=null && (authentication instanceof Authentication.User) && !(authentication instanceof Authentication.ResponseSent))
{ {
if (_identityService!=null) LoginService login_service= _authenticator.getLoginService();
_previousAssociation=_identityService.associate(((Authentication.User)authentication).getUserIdentity()); IdentityService identity_service=login_service.getIdentityService();
if (identity_service!=null)
_previousAssociation=identity_service.associate(((Authentication.User)authentication).getUserIdentity());
return authentication; return authentication;
} }
} }
@ -131,9 +91,12 @@ public class DeferredAuthentication implements Authentication.Deferred
{ {
try try
{ {
LoginService login_service= _authenticator.getLoginService();
IdentityService identity_service=login_service.getIdentityService();
Authentication authentication = _authenticator.validateRequest(request,response,true); Authentication authentication = _authenticator.validateRequest(request,response,true);
if (authentication instanceof Authentication.User && _identityService!=null) if (authentication instanceof Authentication.User && identity_service!=null)
_previousAssociation=_identityService.associate(((Authentication.User)authentication).getUserIdentity()); _previousAssociation=identity_service.associate(((Authentication.User)authentication).getUserIdentity());
return authentication; return authentication;
} }
catch (ServerAuthException e) catch (ServerAuthException e)
@ -149,14 +112,17 @@ public class DeferredAuthentication implements Authentication.Deferred
*/ */
public Authentication login(String username, String password) public Authentication login(String username, String password)
{ {
if (_loginService!=null) LoginService login_service= _authenticator.getLoginService();
IdentityService identity_service=login_service.getIdentityService();
if (login_service!=null)
{ {
UserIdentity user = _loginService.login(username,password); UserIdentity user = login_service.login(username,password);
if (user!=null) if (user!=null)
{ {
UserAuthentication authentication = new UserAuthentication("API",user); UserAuthentication authentication = new UserAuthentication("API",user);
if (_identityService!=null) if (identity_service!=null)
_previousAssociation=_identityService.associate(user); _previousAssociation=identity_service.associate(user);
return authentication; return authentication;
} }
} }

6
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DigestAuthenticator.java
View File

@ -121,8 +121,8 @@ public class DigestAuthenticator extends LoginAuthenticator
public Authentication validateRequest(ServletRequest req, ServletResponse res, boolean mandatory) throws ServerAuthException public Authentication validateRequest(ServletRequest req, ServletResponse res, boolean mandatory) throws ServerAuthException
{ {
if (!mandatory) if (!mandatory)
return _deferred; return new DeferredAuthentication(this);
HttpServletRequest request = (HttpServletRequest)req; HttpServletRequest request = (HttpServletRequest)req;
HttpServletResponse response = (HttpServletResponse)res; HttpServletResponse response = (HttpServletResponse)res;
String credentials = request.getHeader(HttpHeaders.AUTHORIZATION); String credentials = request.getHeader(HttpHeaders.AUTHORIZATION);
@ -197,7 +197,7 @@ public class DigestAuthenticator extends LoginAuthenticator
} }
if (!_deferred.isDeferred(response)) if (!DeferredAuthentication.isDeferred(response))
{ {
String domain = request.getContextPath(); String domain = request.getContextPath();
if (domain == null) if (domain == null)

17
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java
View File

@ -191,11 +191,11 @@ public class FormAuthenticator extends LoginAuthenticator
mandatory|=isJSecurityCheck(uri); mandatory|=isJSecurityCheck(uri);
if (!mandatory) if (!mandatory)
return _deferred; return new DeferredAuthentication(this);
if (isLoginOrErrorPage(URIUtil.addPaths(request.getServletPath(),request.getPathInfo())) &&!DeferredAuthentication.isDeferred(response)) if (isLoginOrErrorPage(URIUtil.addPaths(request.getServletPath(),request.getPathInfo())) &&!DeferredAuthentication.isDeferred(response))
return _deferred; return new DeferredAuthentication(this);
HttpSession session = request.getSession(true); HttpSession session = request.getSession(true);
try try
@ -300,9 +300,12 @@ public class FormAuthenticator extends LoginAuthenticator
} }
// if we can't send challenge // if we can't send challenge
if (_deferred.isDeferred(response)) if (DeferredAuthentication.isDeferred(response))
return Authentication.UNAUTHENTICATED; {
LOG.debug("auth deferred {}",session.getId());
return Authentication.UNAUTHENTICATED;
}
// remember the current URI // remember the current URI
synchronized (session) synchronized (session)
{ {

1
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/LoginAuthenticator.java
View File

@ -29,7 +29,6 @@ import org.eclipse.jetty.server.session.AbstractSessionManager;
public abstract class LoginAuthenticator implements Authenticator public abstract class LoginAuthenticator implements Authenticator
{ {
protected final DeferredAuthentication _deferred=new DeferredAuthentication(this);
protected LoginService _loginService; protected LoginService _loginService;
protected IdentityService _identityService; protected IdentityService _identityService;
private boolean _renewSession; private boolean _renewSession;

4
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SpnegoAuthenticator.java
View File

@ -69,7 +69,7 @@ public class SpnegoAuthenticator extends LoginAuthenticator
if (!mandatory) if (!mandatory)
{ {
return _deferred; return new DeferredAuthentication(this);
} }
// check to see if we have authorization headers required to continue // check to see if we have authorization headers required to continue
@ -77,7 +77,7 @@ public class SpnegoAuthenticator extends LoginAuthenticator
{ {
try try
{ {
if (_deferred.isDeferred(res)) if (DeferredAuthentication.isDeferred(res))
{ {
return Authentication.UNAUTHENTICATED; return Authentication.UNAUTHENTICATED;
} }