From 583e443c669d66995d40fcca949649ed6b5ccc24 Mon Sep 17 00:00:00 2001 From: Joakim Erdfelt Date: Fri, 23 Aug 2019 15:53:14 -0500 Subject: [PATCH 1/2] Removing @Deprecated methods / classes from jetty-9.4.x merge Signed-off-by: Joakim Erdfelt --- .../org/eclipse/jetty/client/HttpClient.java | 21 ---- .../jaspi/modules/BasicAuthModule.java | 104 ------------------ .../authentication/SessionAuthentication.java | 13 --- 3 files changed, 138 deletions(-) delete mode 100644 jetty-jaspi/src/main/java/org/eclipse/jetty/security/jaspi/modules/BasicAuthModule.java diff --git a/jetty-client/src/main/java/org/eclipse/jetty/client/HttpClient.java b/jetty-client/src/main/java/org/eclipse/jetty/client/HttpClient.java index 3d6035dc92e..cb76dd61cf0 100644 --- a/jetty-client/src/main/java/org/eclipse/jetty/client/HttpClient.java +++ b/jetty-client/src/main/java/org/eclipse/jetty/client/HttpClient.java @@ -497,27 +497,6 @@ public class HttpClient extends ContainerLifeCycle return uri; } - /** - * Returns a {@link Destination} for the given scheme, host and port. - * Applications may use {@link Destination}s to create {@link Connection}s - * that will be outside HttpClient's pooling mechanism, to explicitly - * control the connection lifecycle (in particular their termination with - * {@link Connection#close()}). - * - * @param scheme the destination scheme - * @param host the destination host - * @param port the destination port - * @return the destination - * @see #getDestinations() - * @deprecated use {@link #resolveDestination(Request)} instead - */ - @Deprecated - public Destination getDestination(String scheme, String host, int port) - { - Origin origin = createOrigin(scheme, host, port); - return resolveDestination(new HttpDestination.Key(origin, null)); - } - public Destination resolveDestination(Request request) { Origin origin = createOrigin(request.getScheme(), request.getHost(), request.getPort()); diff --git a/jetty-jaspi/src/main/java/org/eclipse/jetty/security/jaspi/modules/BasicAuthModule.java b/jetty-jaspi/src/main/java/org/eclipse/jetty/security/jaspi/modules/BasicAuthModule.java deleted file mode 100644 index 16ed2106783..00000000000 --- a/jetty-jaspi/src/main/java/org/eclipse/jetty/security/jaspi/modules/BasicAuthModule.java +++ /dev/null @@ -1,104 +0,0 @@ -// -// ======================================================================== -// Copyright (c) 1995-2019 Mort Bay Consulting Pty. Ltd. -// ------------------------------------------------------------------------ -// All rights reserved. This program and the accompanying materials -// are made available under the terms of the Eclipse Public License v1.0 -// and Apache License v2.0 which accompanies this distribution. -// -// The Eclipse Public License is available at -// http://www.eclipse.org/legal/epl-v10.html -// -// The Apache License v2.0 is available at -// http://www.opensource.org/licenses/apache2.0.php -// -// You may elect to redistribute this code under either of these licenses. -// ======================================================================== -// - -package org.eclipse.jetty.security.jaspi.modules; - -import java.io.IOException; -import java.util.Map; -import javax.security.auth.Subject; -import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.callback.UnsupportedCallbackException; -import javax.security.auth.message.AuthException; -import javax.security.auth.message.AuthStatus; -import javax.security.auth.message.MessageInfo; -import javax.security.auth.message.MessagePolicy; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.eclipse.jetty.http.HttpHeader; -import org.eclipse.jetty.util.log.Log; -import org.eclipse.jetty.util.log.Logger; -import org.eclipse.jetty.util.security.Constraint; - -@Deprecated -public class BasicAuthModule extends BaseAuthModule -{ - private static final Logger LOG = Log.getLogger(BasicAuthModule.class); - - private String realmName; - - private static final String REALM_KEY = "org.eclipse.jetty.security.jaspi.modules.RealmName"; - - public BasicAuthModule() - { - } - - public BasicAuthModule(CallbackHandler callbackHandler, String realmName) - { - super(callbackHandler); - this.realmName = realmName; - } - - @Override - public void initialize(MessagePolicy requestPolicy, MessagePolicy responsePolicy, - CallbackHandler handler, Map options) - throws AuthException - { - super.initialize(requestPolicy, responsePolicy, handler, options); - realmName = (String)options.get(REALM_KEY); - } - - @Override - public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, - Subject serviceSubject) - throws AuthException - { - HttpServletRequest request = (HttpServletRequest)messageInfo.getRequestMessage(); - HttpServletResponse response = (HttpServletResponse)messageInfo.getResponseMessage(); - String credentials = request.getHeader(HttpHeader.AUTHORIZATION.asString()); - - try - { - if (credentials != null) - { - if (LOG.isDebugEnabled()) - LOG.debug("Credentials: " + credentials); - if (login(clientSubject, credentials, Constraint.__BASIC_AUTH, messageInfo)) - { - return AuthStatus.SUCCESS; - } - } - - if (!isMandatory(messageInfo)) - { - return AuthStatus.SUCCESS; - } - response.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), "basic realm=\"" + realmName + '"'); - response.sendError(HttpServletResponse.SC_UNAUTHORIZED); - return AuthStatus.SEND_CONTINUE; - } - catch (IOException e) - { - throw new AuthException(e.getMessage()); - } - catch (UnsupportedCallbackException e) - { - throw new AuthException(e.getMessage()); - } - } -} diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SessionAuthentication.java b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SessionAuthentication.java index eaa66a0d81a..d421434582c 100644 --- a/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SessionAuthentication.java +++ b/jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SessionAuthentication.java @@ -23,7 +23,6 @@ import java.io.ObjectInputStream; import java.io.Serializable; import javax.servlet.http.HttpSession; import javax.servlet.http.HttpSessionActivationListener; -import javax.servlet.http.HttpSessionBindingEvent; import javax.servlet.http.HttpSessionBindingListener; import javax.servlet.http.HttpSessionEvent; @@ -113,16 +112,4 @@ public class SessionAuthentication extends AbstractUserAuthentication _session = se.getSession(); } } - - @Override - @Deprecated - public void valueBound(HttpSessionBindingEvent event) - { - } - - @Override - @Deprecated - public void valueUnbound(HttpSessionBindingEvent event) - { - } } From 7904f965fd02e9cc562f2103090eb841f2797c4b Mon Sep 17 00:00:00 2001 From: Joakim Erdfelt Date: Tue, 27 Aug 2019 13:33:24 -0500 Subject: [PATCH 2/2] Restoring BasicAuthModule for src/test/java usage only Signed-off-by: Joakim Erdfelt --- .../jetty/security/jaspi/BasicAuthModule.java | 104 ++++++++++++++++++ jetty-jaspi/src/test/resources/jaspi.xml | 2 +- 2 files changed, 105 insertions(+), 1 deletion(-) create mode 100644 jetty-jaspi/src/test/java/org/eclipse/jetty/security/jaspi/BasicAuthModule.java diff --git a/jetty-jaspi/src/test/java/org/eclipse/jetty/security/jaspi/BasicAuthModule.java b/jetty-jaspi/src/test/java/org/eclipse/jetty/security/jaspi/BasicAuthModule.java new file mode 100644 index 00000000000..d00b0f63d88 --- /dev/null +++ b/jetty-jaspi/src/test/java/org/eclipse/jetty/security/jaspi/BasicAuthModule.java @@ -0,0 +1,104 @@ +// +// ======================================================================== +// Copyright (c) 1995-2019 Mort Bay Consulting Pty. Ltd. +// ------------------------------------------------------------------------ +// All rights reserved. This program and the accompanying materials +// are made available under the terms of the Eclipse Public License v1.0 +// and Apache License v2.0 which accompanies this distribution. +// +// The Eclipse Public License is available at +// http://www.eclipse.org/legal/epl-v10.html +// +// The Apache License v2.0 is available at +// http://www.opensource.org/licenses/apache2.0.php +// +// You may elect to redistribute this code under either of these licenses. +// ======================================================================== +// + +package org.eclipse.jetty.security.jaspi; + +import java.io.IOException; +import java.util.Map; +import javax.security.auth.Subject; +import javax.security.auth.callback.CallbackHandler; +import javax.security.auth.callback.UnsupportedCallbackException; +import javax.security.auth.message.AuthException; +import javax.security.auth.message.AuthStatus; +import javax.security.auth.message.MessageInfo; +import javax.security.auth.message.MessagePolicy; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.eclipse.jetty.http.HttpHeader; +import org.eclipse.jetty.security.jaspi.modules.BaseAuthModule; +import org.eclipse.jetty.util.log.Log; +import org.eclipse.jetty.util.log.Logger; +import org.eclipse.jetty.util.security.Constraint; + +public class BasicAuthModule extends BaseAuthModule +{ + private static final Logger LOG = Log.getLogger(BasicAuthModule.class); + + private String realmName; + + private static final String REALM_KEY = "org.eclipse.jetty.security.jaspi.modules.RealmName"; + + public BasicAuthModule() + { + } + + public BasicAuthModule(CallbackHandler callbackHandler, String realmName) + { + super(callbackHandler); + this.realmName = realmName; + } + + @Override + public void initialize(MessagePolicy requestPolicy, MessagePolicy responsePolicy, + CallbackHandler handler, Map options) + throws AuthException + { + super.initialize(requestPolicy, responsePolicy, handler, options); + realmName = (String)options.get(REALM_KEY); + } + + @Override + public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, + Subject serviceSubject) + throws AuthException + { + HttpServletRequest request = (HttpServletRequest)messageInfo.getRequestMessage(); + HttpServletResponse response = (HttpServletResponse)messageInfo.getResponseMessage(); + String credentials = request.getHeader(HttpHeader.AUTHORIZATION.asString()); + + try + { + if (credentials != null) + { + if (LOG.isDebugEnabled()) + LOG.debug("Credentials: " + credentials); + if (login(clientSubject, credentials, Constraint.__BASIC_AUTH, messageInfo)) + { + return AuthStatus.SUCCESS; + } + } + + if (!isMandatory(messageInfo)) + { + return AuthStatus.SUCCESS; + } + response.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), "basic realm=\"" + realmName + '"'); + response.sendError(HttpServletResponse.SC_UNAUTHORIZED); + return AuthStatus.SEND_CONTINUE; + } + catch (IOException e) + { + throw new AuthException(e.getMessage()); + } + catch (UnsupportedCallbackException e) + { + throw new AuthException(e.getMessage()); + } + } +} diff --git a/jetty-jaspi/src/test/resources/jaspi.xml b/jetty-jaspi/src/test/resources/jaspi.xml index 23a2ba5c7ed..1e31d2c996b 100644 --- a/jetty-jaspi/src/test/resources/jaspi.xml +++ b/jetty-jaspi/src/test/resources/jaspi.xml @@ -10,7 +10,7 @@ true - org.eclipse.jetty.security.jaspi.modules.BasicAuthModule + org.eclipse.jetty.security.jaspi.BasicAuthModule org.eclipse.jetty.security.jaspi.modules.RealmName=TestRealm