Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master' into jetty-8 

Conflicts:
	jetty-annotations/src/main/java/org/eclipse/jetty/annotations/AnnotationParser.java
This commit is contained in:
Jan Bartel 2012-09-28 19:27:07 +10:00
parent 156e33bd23 f3e151467d
commit 286df12f03
9 changed files with 45 additions and 79 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
jetty-jaspi/src/main/java/org/eclipse/jetty/security/jaspi/JaspiAuthenticator.java
View File

@ -37,6 +37,7 @@ import org.eclipse.jetty.security.IdentityService;
import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.security.UserAuthentication;
import org.eclipse.jetty.security.authentication.DeferredAuthentication;
import org.eclipse.jetty.security.authentication.LoginAuthenticator;
import org.eclipse.jetty.server.Authentication;
import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.server.Authentication.User;
@ -44,7 +45,7 @@ import org.eclipse.jetty.server.Authentication.User;
/**
* @version $Rev: 4793 $ $Date: 2009-03-19 00:00:01 +0100 (Thu, 19 Mar 2009) $
*/
public class JaspiAuthenticator implements Authenticator
public class JaspiAuthenticator extends LoginAuthenticator
{
private final ServerAuthConfig _authConfig;
@ -58,7 +59,7 @@ public class JaspiAuthenticator implements Authenticator
private final IdentityService _identityService;
private final DeferredAuthentication _deferred;
public JaspiAuthenticator(ServerAuthConfig authConfig, Map authProperties, ServletCallbackHandler callbackHandler, Subject serviceSubject,
boolean allowLazyAuthentication, IdentityService identityService)
@ -72,11 +73,11 @@ public class JaspiAuthenticator implements Authenticator
this._serviceSubject = serviceSubject;
this._allowLazyAuthentication = allowLazyAuthentication;
this._identityService = identityService;
this._deferred = new DeferredAuthentication(this);
}
public void setConfiguration(AuthConfiguration configuration)
{
super.setConfiguration(configuration);
}
public String getAuthMethod()
@ -93,7 +94,7 @@ public class JaspiAuthenticator implements Authenticator
//if its not mandatory to authenticate, and the authenticator returned UNAUTHENTICATED, we treat it as authentication deferred
if (_allowLazyAuthentication && !info.isAuthMandatory() && a == Authentication.UNAUTHENTICATED)
a =_deferred;
a = new DeferredAuthentication(this);
return a;
}

3
jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java
View File

@ -525,8 +525,6 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
else if (authentication instanceof Authentication.Deferred)
{
DeferredAuthentication deferred= (DeferredAuthentication)authentication;
deferred.setIdentityService(_identityService);
deferred.setLoginService(_loginService);
baseRequest.setAuthentication(authentication);
try
@ -536,7 +534,6 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
finally
{
previousIdentity = deferred.getPreviousAssociation();
deferred.setIdentityService(null);
}
if (authenticator!=null)

6
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/BasicAuthenticator.java
View File

@ -67,8 +67,8 @@ public class BasicAuthenticator extends LoginAuthenticator
try
{
if (!mandatory)
return _deferred;
return new DeferredAuthentication(this);
if (credentials != null)
{
int space=credentials.indexOf(' ');
@ -96,7 +96,7 @@ public class BasicAuthenticator extends LoginAuthenticator
}
}
if (_deferred.isDeferred(response))
if (DeferredAuthentication.isDeferred(response))
return Authentication.UNAUTHENTICATED;
response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "basic realm=\"" + _loginService.getName() + '"');

8
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/ClientCertAuthenticator.java
View File

@ -88,8 +88,8 @@ public class ClientCertAuthenticator extends LoginAuthenticator
public Authentication validateRequest(ServletRequest req, ServletResponse res, boolean mandatory) throws ServerAuthException
{
if (!mandatory)
return _deferred;
return new DeferredAuthentication(this);
HttpServletRequest request = (HttpServletRequest)req;
HttpServletResponse response = (HttpServletResponse)res;
X509Certificate[] certs = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");
@ -129,8 +129,8 @@ public class ClientCertAuthenticator extends LoginAuthenticator
}
}
}
if (!_deferred.isDeferred(response))
if (!DeferredAuthentication.isDeferred(response))
{
response.sendError(HttpServletResponse.SC_FORBIDDEN);
return Authentication.SEND_FAILURE;

70
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DeferredAuthentication.java
View File

@ -45,22 +45,9 @@ import org.eclipse.jetty.util.log.Logger;
public class DeferredAuthentication implements Authentication.Deferred
{
private static final Logger LOG = Log.getLogger(DeferredAuthentication.class);
protected final Authenticator _authenticator;
private LoginService _loginService;
private IdentityService _identityService;
protected final LoginAuthenticator _authenticator;
private Object _previousAssociation;
/* ------------------------------------------------------------ */
public DeferredAuthentication(Authenticator authenticator)
{
if (authenticator == null)
throw new NullPointerException("No Authenticator");
this._authenticator = authenticator;
}
/* ------------------------------------------------------------ */
public DeferredAuthentication(LoginAuthenticator authenticator)
{
@ -68,36 +55,6 @@ public class DeferredAuthentication implements Authentication.Deferred
throw new NullPointerException("No Authenticator");
this._authenticator = authenticator;
}
/* ------------------------------------------------------------ */
/** Get the identityService.
* @return the identityService
*/
public IdentityService getIdentityService()
{
return _identityService;
}
/* ------------------------------------------------------------ */
/** Set the identityService.
* @param identityService the identityService to set
*/
public void setIdentityService(IdentityService identityService)
{
_identityService = identityService;
}
/* ------------------------------------------------------------ */
public LoginService getLoginService()
{
return _loginService;
}
/* ------------------------------------------------------------ */
public void setLoginService(LoginService loginService)
{
_loginService = loginService;
}
/* ------------------------------------------------------------ */
/**
@ -111,8 +68,11 @@ public class DeferredAuthentication implements Authentication.Deferred
if (authentication!=null && (authentication instanceof Authentication.User) && !(authentication instanceof Authentication.ResponseSent))
{
if (_identityService!=null)
_previousAssociation=_identityService.associate(((Authentication.User)authentication).getUserIdentity());
LoginService login_service= _authenticator.getLoginService();
IdentityService identity_service=login_service.getIdentityService();
if (identity_service!=null)
_previousAssociation=identity_service.associate(((Authentication.User)authentication).getUserIdentity());
return authentication;
}
}
@ -131,9 +91,12 @@ public class DeferredAuthentication implements Authentication.Deferred
{
try
{
LoginService login_service= _authenticator.getLoginService();
IdentityService identity_service=login_service.getIdentityService();
Authentication authentication = _authenticator.validateRequest(request,response,true);
if (authentication instanceof Authentication.User && _identityService!=null)
_previousAssociation=_identityService.associate(((Authentication.User)authentication).getUserIdentity());
if (authentication instanceof Authentication.User && identity_service!=null)
_previousAssociation=identity_service.associate(((Authentication.User)authentication).getUserIdentity());
return authentication;
}
catch (ServerAuthException e)
@ -149,14 +112,17 @@ public class DeferredAuthentication implements Authentication.Deferred
*/
public Authentication login(String username, String password)
{
if (_loginService!=null)
LoginService login_service= _authenticator.getLoginService();
IdentityService identity_service=login_service.getIdentityService();
if (login_service!=null)
{
UserIdentity user = _loginService.login(username,password);
UserIdentity user = login_service.login(username,password);
if (user!=null)
{
UserAuthentication authentication = new UserAuthentication("API",user);
if (_identityService!=null)
_previousAssociation=_identityService.associate(user);
if (identity_service!=null)
_previousAssociation=identity_service.associate(user);
return authentication;
}
}

6
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DigestAuthenticator.java
View File

@ -121,8 +121,8 @@ public class DigestAuthenticator extends LoginAuthenticator
public Authentication validateRequest(ServletRequest req, ServletResponse res, boolean mandatory) throws ServerAuthException
{
if (!mandatory)
return _deferred;
return new DeferredAuthentication(this);
HttpServletRequest request = (HttpServletRequest)req;
HttpServletResponse response = (HttpServletResponse)res;
String credentials = request.getHeader(HttpHeaders.AUTHORIZATION);
@ -197,7 +197,7 @@ public class DigestAuthenticator extends LoginAuthenticator
}
if (!_deferred.isDeferred(response))
if (!DeferredAuthentication.isDeferred(response))
{
String domain = request.getContextPath();
if (domain == null)

17
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java
View File

@ -191,11 +191,11 @@ public class FormAuthenticator extends LoginAuthenticator
mandatory|=isJSecurityCheck(uri);
if (!mandatory)
return _deferred;
return new DeferredAuthentication(this);
if (isLoginOrErrorPage(URIUtil.addPaths(request.getServletPath(),request.getPathInfo())) &&!DeferredAuthentication.isDeferred(response))
return _deferred;
return new DeferredAuthentication(this);
HttpSession session = request.getSession(true);
try
@ -300,9 +300,12 @@ public class FormAuthenticator extends LoginAuthenticator
}
// if we can't send challenge
if (_deferred.isDeferred(response))
return Authentication.UNAUTHENTICATED;
if (DeferredAuthentication.isDeferred(response))
{
LOG.debug("auth deferred {}",session.getId());
return Authentication.UNAUTHENTICATED;
}
// remember the current URI
synchronized (session)
{

1
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/LoginAuthenticator.java
View File

@ -29,7 +29,6 @@ import org.eclipse.jetty.server.session.AbstractSessionManager;
public abstract class LoginAuthenticator implements Authenticator
{
protected final DeferredAuthentication _deferred=new DeferredAuthentication(this);
protected LoginService _loginService;
protected IdentityService _identityService;
private boolean _renewSession;

4
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SpnegoAuthenticator.java
View File

@ -69,7 +69,7 @@ public class SpnegoAuthenticator extends LoginAuthenticator
if (!mandatory)
{
return _deferred;
return new DeferredAuthentication(this);
}
// check to see if we have authorization headers required to continue
@ -77,7 +77,7 @@ public class SpnegoAuthenticator extends LoginAuthenticator
{
try
{
if (_deferred.isDeferred(res))
if (DeferredAuthentication.isDeferred(res))
{
return Authentication.UNAUTHENTICATED;
}