Merge remote-tracking branch 'origin/master' into jetty-8

This commit is contained in:
Jan Bartel 2012-01-10 18:23:55 +11:00
commit 70961bc53b
6 changed files with 5 additions and 40 deletions

View File

@ -81,13 +81,6 @@ public class JaspiAuthenticator implements Authenticator
public Authentication validateRequest(ServletRequest request, ServletResponse response, boolean mandatory) throws ServerAuthException
{
System.err.println("\nJaspiAuthenticator.validateRequest, uri=" + ((javax.servlet.http.HttpServletRequest) request).getRequestURI()
+ " lazy="
+ _allowLazyAuthentication
+ " mandatory="
+ mandatory);
new Throwable().printStackTrace();
JaspiMessageInfo info = new JaspiMessageInfo(request, response, mandatory);
request.setAttribute("org.eclipse.jetty.security.jaspi.info", info);
@ -96,16 +89,12 @@ public class JaspiAuthenticator implements Authenticator
//if its not mandatory to authenticate, and the authenticator returned UNAUTHENTICATED, we treat it as authentication deferred
if (_allowLazyAuthentication && !info.isAuthMandatory() && a == Authentication.UNAUTHENTICATED)
a =_deferred;
System.err.println("JaspiAuthenticator.validateRequest returning "+a);
return a;
}
// most likely validatedUser is not needed here.
public boolean secureResponse(ServletRequest req, ServletResponse res, boolean mandatory, User validatedUser) throws ServerAuthException
{
System.err.println("JaspiAuthenticator.secureResponse uri=" + ((javax.servlet.http.HttpServletRequest) req).getRequestURI());
JaspiMessageInfo info = (JaspiMessageInfo) req.getAttribute("org.eclipse.jetty.security.jaspi.info");
if (info == null) throw new NullPointerException("MessageInfo from request missing: " + req);
return secureResponse(info, validatedUser);
@ -116,14 +105,11 @@ public class JaspiAuthenticator implements Authenticator
{
try
{
System.err.println("jaspAuthenticator.validateRequest(info)");
String authContextId = _authConfig.getAuthContextID(messageInfo);
ServerAuthContext authContext = _authConfig.getAuthContext(authContextId, _serviceSubject, _authProperties);
Subject clientSubject = new Subject();
AuthStatus authStatus = authContext.validateRequest(messageInfo, clientSubject, _serviceSubject);
// String authMethod =
// (String)messageInfo.getMap().get(JaspiMessageInfo.AUTH_METHOD_KEY);
if (authStatus == AuthStatus.SEND_CONTINUE) return Authentication.SEND_CONTINUE;
if (authStatus == AuthStatus.SEND_FAILURE) return Authentication.SEND_FAILURE;
@ -188,8 +174,6 @@ public class JaspiAuthenticator implements Authenticator
}
catch (AuthException e)
{
System.err.println("Error in JaspiAuthenticator.secureResponse");
e.printStackTrace();
throw new ServerAuthException(e);
}
}

View File

@ -97,14 +97,10 @@ public class JaspiAuthenticatorFactory extends DefaultAuthenticatorFactory
Subject serviceSubject=findServiceSubject(server);
String serverName=findServerName(server,serviceSubject);
System.err.println("authconfigfactory="+authConfigFactory+" serviceSubject="+serviceSubject+" serverName="+serverName);
String appContext = serverName + " " + context.getContextPath();
System.err.println("appcontext="+appContext);
AuthConfigProvider authConfigProvider = authConfigFactory.getConfigProvider(MESSAGE_LAYER,appContext,listener);
System.err.println("authconfigProvider="+authConfigProvider);
if (authConfigProvider != null)
{
ServletCallbackHandler servletCallbackHandler = new ServletCallbackHandler(loginService);

View File

@ -131,7 +131,6 @@ public class BaseAuthModule implements ServerAuthModule, ServerAuthContext
if (credValidationCallback.getResult())
{
Set<LoginCallbackImpl> loginCallbacks = clientSubject.getPrivateCredentials(LoginCallbackImpl.class);
System.err.println("LoginCallbackImpls.isEmpty="+loginCallbacks.isEmpty());
if (!loginCallbacks.isEmpty())
{
LoginCallbackImpl loginCallback = loginCallbacks.iterator().next();

View File

@ -158,8 +158,6 @@ public class FormAuthModule extends BaseAuthModule
boolean mandatory = isMandatory(messageInfo);
mandatory |= isJSecurityCheck(uri);
HttpSession session = request.getSession(mandatory);
System.err.println("FormAuthModule.validateRequest(info,subject,serviceSubject) for uri="+uri+" mandatory="+mandatory+" isLoginOrError="+isLoginOrErrorPage(URIUtil.addPaths(request.getServletPath(),request.getPathInfo())));
// not mandatory or its the login or login error page don't authenticate
if (!mandatory || isLoginOrErrorPage(URIUtil.addPaths(request.getServletPath(),request.getPathInfo()))) return AuthStatus.SUCCESS;
@ -171,7 +169,7 @@ public class FormAuthModule extends BaseAuthModule
{
final String username = request.getParameter(__J_USERNAME);
final String password = request.getParameter(__J_PASSWORD);
System.err.println("Try login username="+username+" password="+password);
boolean success = tryLogin(messageInfo, clientSubject, response, session, username, new Password(password));
if (success)
{
@ -189,7 +187,6 @@ public class FormAuthModule extends BaseAuthModule
nuri = URIUtil.SLASH;
}
System.err.println("FormAuthModule succesful login, sending redirect to "+nuri);
response.setContentLength(0);
response.sendRedirect(response.encodeRedirectURL(nuri));
return AuthStatus.SEND_CONTINUE;
@ -215,8 +212,6 @@ public class FormAuthModule extends BaseAuthModule
FormCredential form_cred = (FormCredential) session.getAttribute(__J_AUTHENTICATED);
if (form_cred != null)
{
System.err.println("Form cred: form.username="+form_cred._jUserName+" form.pwd="+new String(form_cred._jPassword));
//TODO: we would like the form auth module to be able to invoke the loginservice.validate() method to check the previously authed user
boolean success = tryLogin(messageInfo, clientSubject, response, session, form_cred._jUserName, new Password(new String(form_cred._jPassword)));
@ -249,7 +244,6 @@ public class FormAuthModule extends BaseAuthModule
session.setAttribute(__J_URI, buf.toString());
}
System.err.println("Redirecting to login page "+_formLoginPage+" and remembering juri="+buf.toString());
response.setContentLength(0);
response.sendRedirect(response.encodeRedirectURL(URIUtil.addPaths(request.getContextPath(), _formLoginPage)));
return AuthStatus.SEND_CONTINUE;
@ -288,12 +282,11 @@ public class FormAuthModule extends BaseAuthModule
{
char[] pwdChars = password.toString().toCharArray();
Set<LoginCallbackImpl> loginCallbacks = clientSubject.getPrivateCredentials(LoginCallbackImpl.class);
System.err.println("FormAuthModule, LoginCallbackImpl.isEmpty="+loginCallbacks.isEmpty());
if (!loginCallbacks.isEmpty())
{
LoginCallbackImpl loginCallback = loginCallbacks.iterator().next();
FormCredential form_cred = new FormCredential(username, pwdChars, loginCallback.getUserPrincipal(), loginCallback.getSubject());
session.setAttribute(__J_AUTHENTICATED, form_cred);
}
@ -310,7 +303,6 @@ public class FormAuthModule extends BaseAuthModule
public boolean isLoginOrErrorPage(String pathInContext)
{
System.err.println("ISLOGINORERRORPAGE? "+pathInContext+" error: "+_formErrorPath+" login:"+_formLoginPath);
return pathInContext != null && (pathInContext.equals(_formErrorPath) || pathInContext.equals(_formLoginPath));
}

View File

@ -318,13 +318,11 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
if (!_loginServiceShared && _loginService instanceof LifeCycle)
((LifeCycle)_loginService).start();
System.err.println("authenticator="+_authenticator+" authenticatorFactory="+_authenticatorFactory+" identityService="+_identityService);
if (_authenticator==null && _authenticatorFactory!=null && _identityService!=null)
{
_authenticator=_authenticatorFactory.getAuthenticator(getServer(),ContextHandler.getCurrentContext(),this, _identityService, _loginService);
if (_authenticator!=null)
_authMethod=_authenticator.getAuthMethod();
System.err.println("Called auth factory, authenticator="+_authenticator);
}
if (_authenticator==null)
@ -479,7 +477,7 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
deferred.setIdentityService(_identityService);
deferred.setLoginService(_loginService);
baseRequest.setAuthentication(authentication);
System.err.println("uri="+baseRequest.getUri()+" Auth is deferred");
try
{
handler.handle(pathInContext, baseRequest, request, response);
@ -489,7 +487,7 @@ System.err.println("uri="+baseRequest.getUri()+" Auth is deferred");
previousIdentity = deferred.getPreviousAssociation();
deferred.setIdentityService(null);
}
System.err.println("Securityhandler calling secureResponse, for Authentication.User");
Authentication auth=baseRequest.getAuthentication();
if (auth instanceof Authentication.User)
{

View File

@ -835,11 +835,7 @@ public class ConstraintTest
assertTrue(response.startsWith("HTTP/1.1 200 "));
response = _connector.getResponses("GET /ctx/forbid/post HTTP/1.0\r\n\r\n");
System.err.println(response);
assertTrue(response.startsWith("HTTP/1.1 200 ")); // This is so stupid, but it is the S P E C
}
private class RequestHandler extends AbstractHandler
{