Merge remote-tracking branch 'origin/master' into jetty-8
This commit is contained in:
commit
70961bc53b
|
@ -81,13 +81,6 @@ public class JaspiAuthenticator implements Authenticator
|
|||
|
||||
public Authentication validateRequest(ServletRequest request, ServletResponse response, boolean mandatory) throws ServerAuthException
|
||||
{
|
||||
System.err.println("\nJaspiAuthenticator.validateRequest, uri=" + ((javax.servlet.http.HttpServletRequest) request).getRequestURI()
|
||||
+ " lazy="
|
||||
+ _allowLazyAuthentication
|
||||
+ " mandatory="
|
||||
+ mandatory);
|
||||
new Throwable().printStackTrace();
|
||||
|
||||
JaspiMessageInfo info = new JaspiMessageInfo(request, response, mandatory);
|
||||
request.setAttribute("org.eclipse.jetty.security.jaspi.info", info);
|
||||
|
||||
|
@ -96,16 +89,12 @@ public class JaspiAuthenticator implements Authenticator
|
|||
//if its not mandatory to authenticate, and the authenticator returned UNAUTHENTICATED, we treat it as authentication deferred
|
||||
if (_allowLazyAuthentication && !info.isAuthMandatory() && a == Authentication.UNAUTHENTICATED)
|
||||
a =_deferred;
|
||||
|
||||
System.err.println("JaspiAuthenticator.validateRequest returning "+a);
|
||||
return a;
|
||||
}
|
||||
|
||||
// most likely validatedUser is not needed here.
|
||||
public boolean secureResponse(ServletRequest req, ServletResponse res, boolean mandatory, User validatedUser) throws ServerAuthException
|
||||
{
|
||||
System.err.println("JaspiAuthenticator.secureResponse uri=" + ((javax.servlet.http.HttpServletRequest) req).getRequestURI());
|
||||
|
||||
JaspiMessageInfo info = (JaspiMessageInfo) req.getAttribute("org.eclipse.jetty.security.jaspi.info");
|
||||
if (info == null) throw new NullPointerException("MessageInfo from request missing: " + req);
|
||||
return secureResponse(info, validatedUser);
|
||||
|
@ -116,14 +105,11 @@ public class JaspiAuthenticator implements Authenticator
|
|||
{
|
||||
try
|
||||
{
|
||||
System.err.println("jaspAuthenticator.validateRequest(info)");
|
||||
String authContextId = _authConfig.getAuthContextID(messageInfo);
|
||||
ServerAuthContext authContext = _authConfig.getAuthContext(authContextId, _serviceSubject, _authProperties);
|
||||
Subject clientSubject = new Subject();
|
||||
|
||||
AuthStatus authStatus = authContext.validateRequest(messageInfo, clientSubject, _serviceSubject);
|
||||
// String authMethod =
|
||||
// (String)messageInfo.getMap().get(JaspiMessageInfo.AUTH_METHOD_KEY);
|
||||
|
||||
if (authStatus == AuthStatus.SEND_CONTINUE) return Authentication.SEND_CONTINUE;
|
||||
if (authStatus == AuthStatus.SEND_FAILURE) return Authentication.SEND_FAILURE;
|
||||
|
@ -188,8 +174,6 @@ public class JaspiAuthenticator implements Authenticator
|
|||
}
|
||||
catch (AuthException e)
|
||||
{
|
||||
System.err.println("Error in JaspiAuthenticator.secureResponse");
|
||||
e.printStackTrace();
|
||||
throw new ServerAuthException(e);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -97,14 +97,10 @@ public class JaspiAuthenticatorFactory extends DefaultAuthenticatorFactory
|
|||
|
||||
Subject serviceSubject=findServiceSubject(server);
|
||||
String serverName=findServerName(server,serviceSubject);
|
||||
|
||||
System.err.println("authconfigfactory="+authConfigFactory+" serviceSubject="+serviceSubject+" serverName="+serverName);
|
||||
|
||||
String appContext = serverName + " " + context.getContextPath();
|
||||
|
||||
System.err.println("appcontext="+appContext);
|
||||
AuthConfigProvider authConfigProvider = authConfigFactory.getConfigProvider(MESSAGE_LAYER,appContext,listener);
|
||||
System.err.println("authconfigProvider="+authConfigProvider);
|
||||
|
||||
if (authConfigProvider != null)
|
||||
{
|
||||
ServletCallbackHandler servletCallbackHandler = new ServletCallbackHandler(loginService);
|
||||
|
|
|
@ -131,7 +131,6 @@ public class BaseAuthModule implements ServerAuthModule, ServerAuthContext
|
|||
if (credValidationCallback.getResult())
|
||||
{
|
||||
Set<LoginCallbackImpl> loginCallbacks = clientSubject.getPrivateCredentials(LoginCallbackImpl.class);
|
||||
System.err.println("LoginCallbackImpls.isEmpty="+loginCallbacks.isEmpty());
|
||||
if (!loginCallbacks.isEmpty())
|
||||
{
|
||||
LoginCallbackImpl loginCallback = loginCallbacks.iterator().next();
|
||||
|
|
|
@ -158,8 +158,6 @@ public class FormAuthModule extends BaseAuthModule
|
|||
boolean mandatory = isMandatory(messageInfo);
|
||||
mandatory |= isJSecurityCheck(uri);
|
||||
HttpSession session = request.getSession(mandatory);
|
||||
|
||||
System.err.println("FormAuthModule.validateRequest(info,subject,serviceSubject) for uri="+uri+" mandatory="+mandatory+" isLoginOrError="+isLoginOrErrorPage(URIUtil.addPaths(request.getServletPath(),request.getPathInfo())));
|
||||
|
||||
// not mandatory or its the login or login error page don't authenticate
|
||||
if (!mandatory || isLoginOrErrorPage(URIUtil.addPaths(request.getServletPath(),request.getPathInfo()))) return AuthStatus.SUCCESS;
|
||||
|
@ -171,7 +169,7 @@ public class FormAuthModule extends BaseAuthModule
|
|||
{
|
||||
final String username = request.getParameter(__J_USERNAME);
|
||||
final String password = request.getParameter(__J_PASSWORD);
|
||||
System.err.println("Try login username="+username+" password="+password);
|
||||
|
||||
boolean success = tryLogin(messageInfo, clientSubject, response, session, username, new Password(password));
|
||||
if (success)
|
||||
{
|
||||
|
@ -189,7 +187,6 @@ public class FormAuthModule extends BaseAuthModule
|
|||
nuri = URIUtil.SLASH;
|
||||
}
|
||||
|
||||
System.err.println("FormAuthModule succesful login, sending redirect to "+nuri);
|
||||
response.setContentLength(0);
|
||||
response.sendRedirect(response.encodeRedirectURL(nuri));
|
||||
return AuthStatus.SEND_CONTINUE;
|
||||
|
@ -215,8 +212,6 @@ public class FormAuthModule extends BaseAuthModule
|
|||
FormCredential form_cred = (FormCredential) session.getAttribute(__J_AUTHENTICATED);
|
||||
if (form_cred != null)
|
||||
{
|
||||
System.err.println("Form cred: form.username="+form_cred._jUserName+" form.pwd="+new String(form_cred._jPassword));
|
||||
|
||||
//TODO: we would like the form auth module to be able to invoke the loginservice.validate() method to check the previously authed user
|
||||
|
||||
boolean success = tryLogin(messageInfo, clientSubject, response, session, form_cred._jUserName, new Password(new String(form_cred._jPassword)));
|
||||
|
@ -249,7 +244,6 @@ public class FormAuthModule extends BaseAuthModule
|
|||
session.setAttribute(__J_URI, buf.toString());
|
||||
}
|
||||
|
||||
System.err.println("Redirecting to login page "+_formLoginPage+" and remembering juri="+buf.toString());
|
||||
response.setContentLength(0);
|
||||
response.sendRedirect(response.encodeRedirectURL(URIUtil.addPaths(request.getContextPath(), _formLoginPage)));
|
||||
return AuthStatus.SEND_CONTINUE;
|
||||
|
@ -288,12 +282,11 @@ public class FormAuthModule extends BaseAuthModule
|
|||
{
|
||||
char[] pwdChars = password.toString().toCharArray();
|
||||
Set<LoginCallbackImpl> loginCallbacks = clientSubject.getPrivateCredentials(LoginCallbackImpl.class);
|
||||
System.err.println("FormAuthModule, LoginCallbackImpl.isEmpty="+loginCallbacks.isEmpty());
|
||||
|
||||
if (!loginCallbacks.isEmpty())
|
||||
{
|
||||
LoginCallbackImpl loginCallback = loginCallbacks.iterator().next();
|
||||
FormCredential form_cred = new FormCredential(username, pwdChars, loginCallback.getUserPrincipal(), loginCallback.getSubject());
|
||||
|
||||
session.setAttribute(__J_AUTHENTICATED, form_cred);
|
||||
}
|
||||
|
||||
|
@ -310,7 +303,6 @@ public class FormAuthModule extends BaseAuthModule
|
|||
|
||||
public boolean isLoginOrErrorPage(String pathInContext)
|
||||
{
|
||||
System.err.println("ISLOGINORERRORPAGE? "+pathInContext+" error: "+_formErrorPath+" login:"+_formLoginPath);
|
||||
return pathInContext != null && (pathInContext.equals(_formErrorPath) || pathInContext.equals(_formLoginPath));
|
||||
}
|
||||
|
||||
|
|
|
@ -318,13 +318,11 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
|
|||
if (!_loginServiceShared && _loginService instanceof LifeCycle)
|
||||
((LifeCycle)_loginService).start();
|
||||
|
||||
System.err.println("authenticator="+_authenticator+" authenticatorFactory="+_authenticatorFactory+" identityService="+_identityService);
|
||||
if (_authenticator==null && _authenticatorFactory!=null && _identityService!=null)
|
||||
{
|
||||
_authenticator=_authenticatorFactory.getAuthenticator(getServer(),ContextHandler.getCurrentContext(),this, _identityService, _loginService);
|
||||
if (_authenticator!=null)
|
||||
_authMethod=_authenticator.getAuthMethod();
|
||||
System.err.println("Called auth factory, authenticator="+_authenticator);
|
||||
}
|
||||
|
||||
if (_authenticator==null)
|
||||
|
@ -479,7 +477,7 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
|
|||
deferred.setIdentityService(_identityService);
|
||||
deferred.setLoginService(_loginService);
|
||||
baseRequest.setAuthentication(authentication);
|
||||
System.err.println("uri="+baseRequest.getUri()+" Auth is deferred");
|
||||
|
||||
try
|
||||
{
|
||||
handler.handle(pathInContext, baseRequest, request, response);
|
||||
|
@ -489,7 +487,7 @@ System.err.println("uri="+baseRequest.getUri()+" Auth is deferred");
|
|||
previousIdentity = deferred.getPreviousAssociation();
|
||||
deferred.setIdentityService(null);
|
||||
}
|
||||
System.err.println("Securityhandler calling secureResponse, for Authentication.User");
|
||||
|
||||
Authentication auth=baseRequest.getAuthentication();
|
||||
if (auth instanceof Authentication.User)
|
||||
{
|
||||
|
|
|
@ -835,11 +835,7 @@ public class ConstraintTest
|
|||
assertTrue(response.startsWith("HTTP/1.1 200 "));
|
||||
|
||||
response = _connector.getResponses("GET /ctx/forbid/post HTTP/1.0\r\n\r\n");
|
||||
System.err.println(response);
|
||||
assertTrue(response.startsWith("HTTP/1.1 200 ")); // This is so stupid, but it is the S P E C
|
||||
|
||||
|
||||
|
||||
}
|
||||
private class RequestHandler extends AbstractHandler
|
||||
{
|
||||
|
|
Loading…
Reference in New Issue