Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Issue #4762 Request.authenticate must return true if already authenticated (#4763) 

Signed-off-by: Jan Bartel <janb@webtide.com>
This commit is contained in:
Jan Bartel 2020-04-14 12:49:22 +02:00 committed by GitHub
parent b6489ccae0
commit 474fa8b8e9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 35 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
jetty-security/src/test/java/org/eclipse/jetty/security/ConstraintTest.java
View File

@ -1156,6 +1156,16 @@ public class ConstraintTest
assertThat(response, containsString("user=user0")); assertThat(response, containsString("user=user0"));
_server.stop(); _server.stop();
//loginauth
_server.start();
response = _connector.getResponse("GET /ctx/prog?action=loginauth HTTP/1.0\r\n\r\n");
assertThat(response, startsWith("HTTP/1.1 200 OK"));
assertThat(response, containsString("userPrincipal=admin"));
assertThat(response, containsString("remoteUser=admin"));
assertThat(response, containsString("authType=API"));
assertThat(response, containsString("auth=true"));
_server.stop();
//Test constraint-based login with programmatic login/logout: //Test constraint-based login with programmatic login/logout:
// constraintlogin - perform constraint login, followed by programmatic login which should fail (already logged in) // constraintlogin - perform constraint login, followed by programmatic login which should fail (already logged in)
_server.start(); _server.start();
@ -1692,6 +1702,15 @@ public class ConstraintTest
response.getWriter().println("user=" + request.getRemoteUser()); response.getWriter().println("user=" + request.getRemoteUser());
return; return;
} }
else if ("loginauth".equals(action))
{
request.login("admin", "password");
response.getWriter().println("userPrincipal=" + request.getUserPrincipal());
response.getWriter().println("remoteUser=" + request.getRemoteUser());
response.getWriter().println("authType=" + request.getAuthType());
response.getWriter().println("auth=" + request.authenticate(response));
return;
}
else if ("login".equals(action)) else if ("login".equals(action))
{ {
request.login("admin", "password"); request.login("admin", "password");

19
jetty-server/src/main/java/org/eclipse/jetty/server/Request.java
View File

@ -2215,13 +2215,26 @@ public class Request implements HttpServletRequest
@Override @Override
public boolean authenticate(HttpServletResponse response) throws IOException, ServletException public boolean authenticate(HttpServletResponse response) throws IOException, ServletException
{ {
//if already authenticated, return true
if (getUserPrincipal() != null && getRemoteUser() != null && getAuthType() != null)
return true;
//do the authentication
if (_authentication instanceof Authentication.Deferred) if (_authentication instanceof Authentication.Deferred)
{ {
setAuthentication(((Authentication.Deferred)_authentication).authenticate(this, response)); setAuthentication(((Authentication.Deferred)_authentication).authenticate(this, response));
return !(_authentication instanceof Authentication.ResponseSent);
} }
response.sendError(HttpStatus.UNAUTHORIZED_401);
return false; //if the authentication did not succeed
if (_authentication instanceof Authentication.Deferred)
response.sendError(HttpStatus.UNAUTHORIZED_401);
//if the authentication is incomplete, return false
if (!(_authentication instanceof Authentication.ResponseSent))
return false;
//something has gone wrong
throw new ServletException("Authentication failed");
} }
@Override @Override