Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

updated login service for logout. 

git-svn-id: svn+ssh://dev.eclipse.org/svnroot/rt/org.eclipse.jetty/jetty/trunk@141 7e9141cc-0065-0410-87d8-b60c137991c4
This commit is contained in:
Greg Wilkins 2009-04-13 23:55:40 +00:00
parent d4a4e0ea68
commit 74de0dbec6
21 changed files with 176 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
jetty-client/src/main/java/org/eclipse/jetty/client/SelectConnector.java
View File

@ -38,6 +38,7 @@ class SelectConnector extends AbstractLifeCycle implements HttpClient.Connector,
private final HttpClient _httpClient; private final HttpClient _httpClient;
private SSLContext _sslContext; private SSLContext _sslContext;
private Buffers _sslBuffers; private Buffers _sslBuffers;
private boolean _blockingConnect;
SelectorManager _selectorManager=new Manager(); SelectorManager _selectorManager=new Manager();
@ -49,28 +50,50 @@ class SelectConnector extends AbstractLifeCycle implements HttpClient.Connector,
_httpClient = httpClient; _httpClient = httpClient;
} }
/* ------------------------------------------------------------ */
/** Get the blockingConnect.
* @return the blockingConnect
*/
public boolean isBlockingConnect()
{
return _blockingConnect;
}
/* ------------------------------------------------------------ */
/** Set the blockingConnect.
* @param blockingConnect If true, connections are made in blocking mode.
*/
public void setBlockingConnect(boolean blockingConnect)
{
_blockingConnect = blockingConnect;
}
/* ------------------------------------------------------------ */
protected void doStart() throws Exception protected void doStart() throws Exception
{ {
_selectorManager.start(); _selectorManager.start();
_httpClient._threadPool.dispatch(this); _httpClient._threadPool.dispatch(this);
} }
/* ------------------------------------------------------------ */
protected void doStop() throws Exception protected void doStop() throws Exception
{ {
_selectorManager.stop(); _selectorManager.stop();
} }
/* ------------------------------------------------------------ */
public void startConnection( HttpDestination destination ) public void startConnection( HttpDestination destination )
throws IOException throws IOException
{ {
SocketChannel channel = SocketChannel.open(); SocketChannel channel = SocketChannel.open();
Address address = destination.isProxied() ? destination.getProxy() : destination.getAddress(); Address address = destination.isProxied() ? destination.getProxy() : destination.getAddress();
channel.connect(address.toSocketAddress());
channel.configureBlocking( false ); channel.configureBlocking( false );
channel.connect(address.toSocketAddress());
channel.socket().setSoTimeout( _httpClient._soTimeout ); channel.socket().setSoTimeout( _httpClient._soTimeout );
_selectorManager.register( channel, destination ); _selectorManager.register( channel, destination );
} }
/* ------------------------------------------------------------ */
public void run() public void run()
{ {
while (_httpClient.isRunning()) while (_httpClient.isRunning())
@ -86,6 +109,7 @@ class SelectConnector extends AbstractLifeCycle implements HttpClient.Connector,
} }
} }
/* ------------------------------------------------------------ */
class Manager extends SelectorManager class Manager extends SelectorManager
{ {
protected SocketChannel acceptChannel(SelectionKey key) throws IOException protected SocketChannel acceptChannel(SelectionKey key) throws IOException
@ -192,7 +216,5 @@ class SelectConnector extends AbstractLifeCycle implements HttpClient.Connector,
else else
Log.warn(ex); Log.warn(ex);
} }
} }
} }

40
jetty-io/src/main/java/org/eclipse/jetty/io/nio/SelectorManager.java
View File

@ -282,19 +282,13 @@ public abstract class SelectorManager extends AbstractLifeCycle
synchronized (_changes) synchronized (_changes)
{ {
_changes[_change].add(point); _changes[_change].add(point);
if (point instanceof SocketChannel)
_changes[_change].add(null);
} }
} }
/* ------------------------------------------------------------ */ /* ------------------------------------------------------------ */
public void addChange(SocketChannel channel, Object att) public void addChange(SocketChannel channel, Object att)
{ {
synchronized (_changes) addChange(new AttachedSocketChannel(channel,att));
{
_changes[_change].add(channel);
_changes[_change].add(att);
}
} }
/* ------------------------------------------------------------ */ /* ------------------------------------------------------------ */
@ -325,7 +319,8 @@ public abstract class SelectorManager extends AbstractLifeCycle
// Make any key changes required // Make any key changes required
for (int i = 0; i < changes.size(); i++) final int size=changes.size();
for (int i = 0; i < size; i++)
{ {
try try
{ {
@ -340,11 +335,12 @@ public abstract class SelectorManager extends AbstractLifeCycle
{ {
dispatch((Runnable)o); dispatch((Runnable)o);
} }
else if (o instanceof SocketChannel) else if (o instanceof AttachedSocketChannel)
{ {
// finish accepting/connecting this connection // finish accepting/connecting this connection
SocketChannel channel=(SocketChannel)o; final AttachedSocketChannel asc = (AttachedSocketChannel)o;
Object att = changes.get(++i); final SocketChannel channel=asc._channel;
final Object att = asc._attachment;
if (channel.isConnected()) if (channel.isConnected())
{ {
@ -436,8 +432,10 @@ public abstract class SelectorManager extends AbstractLifeCycle
final Object attachment = key.attachment(); final Object attachment = key.attachment();
key.cancel(); key.cancel();
if (attachment==null)
addChange(channel,attachment); addChange(channel);
else
addChange(attachment);
} }
_selector.close(); _selector.close();
_selector=new_selector; _selector=new_selector;
@ -678,4 +676,20 @@ public abstract class SelectorManager extends AbstractLifeCycle
} }
} }
} }
/* ------------------------------------------------------------ */
private static class AttachedSocketChannel
{
final SocketChannel _channel;
final Object _attachment;
public AttachedSocketChannel(SocketChannel channel, Object attachment)
{
super();
_channel = channel;
_attachment = attachment;
}
}
} }

20
jetty-plus/src/main/java/org/eclipse/jetty/plus/jaas/JAASLoginService.java
View File

@ -125,6 +125,7 @@ public class JAASLoginService extends AbstractLifeCycle implements LoginService
} }
/* ------------------------------------------------------------ */
/** /**
* Set the name to use to index into the config * Set the name to use to index into the config
* file of LoginModules. * file of LoginModules.
@ -137,11 +138,13 @@ public class JAASLoginService extends AbstractLifeCycle implements LoginService
} }
/* ------------------------------------------------------------ */
public void setCallbackHandlerClass (String classname) public void setCallbackHandlerClass (String classname)
{ {
_callbackHandlerClass = classname; _callbackHandlerClass = classname;
} }
/* ------------------------------------------------------------ */
public void setRoleClassNames (String[] classnames) public void setRoleClassNames (String[] classnames)
{ {
ArrayList<String> tmp = new ArrayList<String>(); ArrayList<String> tmp = new ArrayList<String>();
@ -154,6 +157,7 @@ public class JAASLoginService extends AbstractLifeCycle implements LoginService
_roleClassNames = tmp.toArray(new String[tmp.size()]); _roleClassNames = tmp.toArray(new String[tmp.size()]);
} }
/* ------------------------------------------------------------ */
public String[] getRoleClassNames() public String[] getRoleClassNames()
{ {
return _roleClassNames; return _roleClassNames;
@ -225,6 +229,7 @@ public class JAASLoginService extends AbstractLifeCycle implements LoginService
return null; return null;
} }
/* ------------------------------------------------------------ */
private String getUserName(CallbackHandler callbackHandler) throws IOException, UnsupportedCallbackException private String getUserName(CallbackHandler callbackHandler) throws IOException, UnsupportedCallbackException
{ {
NameCallback nameCallback = new NameCallback("foo"); NameCallback nameCallback = new NameCallback("foo");
@ -232,14 +237,10 @@ public class JAASLoginService extends AbstractLifeCycle implements LoginService
return nameCallback.getName(); return nameCallback.getName();
} }
public void logout(Subject subject) throws ServerAuthException /* ------------------------------------------------------------ */
public void logout(UserIdentity user)
{ {
// loginCallback.clearPassword(); Set<JAASUserPrincipal> userPrincipals = user.getSubject().getPrincipals(JAASUserPrincipal.class);
Set<JAASUserPrincipal> userPrincipals = subject.getPrincipals(JAASUserPrincipal.class);
if (userPrincipals.size() != 1)
{
throw new ServerAuthException("logout implausible, wrong number of user principals: " + userPrincipals);
}
LoginContext loginContext = userPrincipals.iterator().next().getLoginContext(); LoginContext loginContext = userPrincipals.iterator().next().getLoginContext();
try try
{ {
@ -247,11 +248,12 @@ public class JAASLoginService extends AbstractLifeCycle implements LoginService
} }
catch (LoginException e) catch (LoginException e)
{ {
throw new ServerAuthException("Failed to log out: "+e.getMessage()); Log.warn(e);
} }
} }
/* ------------------------------------------------------------ */
private String[] getGroups (Subject subject) private String[] getGroups (Subject subject)
{ {
//get all the roles of the various types //get all the roles of the various types

4
jetty-security/src/main/java/org/eclipse/jetty/security/Authentication.java
View File

@ -38,6 +38,7 @@ public interface Authentication
boolean isSuccess(); boolean isSuccess();
void logout();
public static final Authentication SUCCESS_UNAUTH_RESULTS = new Authentication() public static final Authentication SUCCESS_UNAUTH_RESULTS = new Authentication()
{ {
@ -45,6 +46,7 @@ public interface Authentication
public Status getAuthStatus() {return Authentication.Status.SUCCESS;} public Status getAuthStatus() {return Authentication.Status.SUCCESS;}
public UserIdentity getUserIdentity() {return UserIdentity.UNAUTHENTICATED_IDENTITY;} public UserIdentity getUserIdentity() {return UserIdentity.UNAUTHENTICATED_IDENTITY;}
public boolean isSuccess() {return true;} public boolean isSuccess() {return true;}
public void logout() {}
}; };
public static final Authentication SEND_CONTINUE_RESULTS = new Authentication() public static final Authentication SEND_CONTINUE_RESULTS = new Authentication()
@ -53,6 +55,7 @@ public interface Authentication
public Status getAuthStatus() {return Authentication.Status.SEND_CONTINUE;} public Status getAuthStatus() {return Authentication.Status.SEND_CONTINUE;}
public UserIdentity getUserIdentity() {return UserIdentity.UNAUTHENTICATED_IDENTITY;} public UserIdentity getUserIdentity() {return UserIdentity.UNAUTHENTICATED_IDENTITY;}
public boolean isSuccess() {return false;} public boolean isSuccess() {return false;}
public void logout() {}
}; };
public static final Authentication SEND_FAILURE_RESULTS = new Authentication() public static final Authentication SEND_FAILURE_RESULTS = new Authentication()
@ -61,6 +64,7 @@ public interface Authentication
public Status getAuthStatus() {return Authentication.Status.SEND_FAILURE;} public Status getAuthStatus() {return Authentication.Status.SEND_FAILURE;}
public UserIdentity getUserIdentity() {return UserIdentity.UNAUTHENTICATED_IDENTITY;} public UserIdentity getUserIdentity() {return UserIdentity.UNAUTHENTICATED_IDENTITY;}
public boolean isSuccess() {return false;} public boolean isSuccess() {return false;}
public void logout() {}
}; };
} }

31
jetty-security/src/main/java/org/eclipse/jetty/security/DefaultAuthentication.java
View File

@ -13,6 +13,8 @@
package org.eclipse.jetty.security; package org.eclipse.jetty.security;
import org.eclipse.jetty.security.authentication.DelegateAuthenticator;
import org.eclipse.jetty.security.authentication.LoginAuthenticator;
import org.eclipse.jetty.server.UserIdentity; import org.eclipse.jetty.server.UserIdentity;
@ -22,19 +24,19 @@ import org.eclipse.jetty.server.UserIdentity;
public class DefaultAuthentication implements Authentication public class DefaultAuthentication implements Authentication
{ {
private final Authentication.Status _authStatus; private final Authentication.Status _authStatus;
private final String _authMethod; private final Authenticator _authenticator;
private final UserIdentity _userIdentity; private final UserIdentity _userIdentity;
public DefaultAuthentication(Authentication.Status authStatus, String authMethod, UserIdentity userIdentity) public DefaultAuthentication(Authentication.Status authStatus, Authenticator authenticator, UserIdentity userIdentity)
{ {
_authStatus = authStatus; _authStatus = authStatus;
_authMethod = authMethod; _authenticator = authenticator;
_userIdentity=userIdentity; _userIdentity=userIdentity;
} }
public String getAuthMethod() public String getAuthMethod()
{ {
return _authMethod; return _authenticator.getAuthMethod();
} }
public Authentication.Status getAuthStatus() public Authentication.Status getAuthStatus()
@ -52,8 +54,27 @@ public class DefaultAuthentication implements Authentication
return _authStatus.isSuccess(); return _authStatus.isSuccess();
} }
public void logout()
{
Authenticator authenticator = _authenticator;
while (true)
{
if (authenticator instanceof LoginAuthenticator)
{
((LoginAuthenticator)authenticator).getLoginService().logout(this.getUserIdentity());
break;
}
else if (authenticator instanceof DelegateAuthenticator)
{
authenticator=((DelegateAuthenticator)authenticator).getDelegate();
}
else
break;
}
}
public String toString() public String toString()
{ {
return "{Auth,"+_authMethod+","+_authStatus+","+","+_userIdentity+"}"; return "{Auth,"+getAuthMethod()+","+_authStatus+","+","+_userIdentity+"}";
} }
} }

10
jetty-security/src/main/java/org/eclipse/jetty/security/DefaultIdentityService.java
View File

@ -32,7 +32,7 @@ import org.eclipse.jetty.server.UserIdentity.Scope;
* implementation. All other operations are effectively noops. * implementation. All other operations are effectively noops.
* *
*/ */
public class DefaultIdentityService implements IdentityService<UserIdentity, RoleRunAsToken> public class DefaultIdentityService implements IdentityService
{ {
public DefaultIdentityService() public DefaultIdentityService()
{ {
@ -55,12 +55,12 @@ public class DefaultIdentityService implements IdentityService<UserIdentity, Rol
{ {
} }
public RoleRunAsToken associateRunAs(RunAsToken token) public Object associateRunAs(UserIdentity user, RunAsToken token)
{ {
return null; return token;
} }
public void disassociateRunAs(RoleRunAsToken lastToken) public void disassociateRunAs(Object lastToken)
{ {
} }
@ -69,7 +69,7 @@ public class DefaultIdentityService implements IdentityService<UserIdentity, Rol
return new RoleRunAsToken(runAsName); return new RoleRunAsToken(runAsName);
} }
public UserIdentity newSystemUserIdentity() public UserIdentity getSystemUserIdentity()
{ {
return null; return null;
} }

7
jetty-security/src/main/java/org/eclipse/jetty/security/DefaultUserIdentity.java
View File

@ -16,9 +16,6 @@ package org.eclipse.jetty.security;
import java.security.Principal; import java.security.Principal;
import javax.security.auth.Subject; import javax.security.auth.Subject;
import org.eclipse.jetty.http.security.Constraint;
import org.eclipse.jetty.security.Authentication.Status;
import org.eclipse.jetty.server.UserIdentity; import org.eclipse.jetty.server.UserIdentity;
@ -29,10 +26,6 @@ import org.eclipse.jetty.server.UserIdentity;
*/ */
public class DefaultUserIdentity implements UserIdentity public class DefaultUserIdentity implements UserIdentity
{ {
/* Cache successful authentications for BASIC and DIGEST to avoid creation on every request */
public final Authentication SUCCESSFUL_BASIC = new DefaultAuthentication(Status.SUCCESS,Constraint.__BASIC_AUTH,this);
public final Authentication SUCCESSFUL_DIGEST = new DefaultAuthentication(Status.SUCCESS,Constraint.__BASIC_AUTH,this);
private final Subject _subject; private final Subject _subject;
private final Principal _userPrincipal; private final Principal _userPrincipal;
private final String[] _roles; private final String[] _roles;

18
jetty-security/src/main/java/org/eclipse/jetty/security/IdentityService.java
View File

@ -24,7 +24,7 @@ import org.eclipse.jetty.server.UserIdentity;
* Associates UserIdentities from with threads and UserIdentity.Contexts. * Associates UserIdentities from with threads and UserIdentity.Contexts.
* *
*/ */
public interface IdentityService <SCOPED extends UserIdentity, RUNAS> public interface IdentityService
{ {
/* ------------------------------------------------------------ */ /* ------------------------------------------------------------ */
@ -48,24 +48,23 @@ public interface IdentityService <SCOPED extends UserIdentity, RUNAS>
* @param context The new scope. * @param context The new scope.
* @return A scoped {@link UserIdentity}. * @return A scoped {@link UserIdentity}.
*/ */
SCOPED associate(UserIdentity user, UserIdentity.Scope context); UserIdentity associate(UserIdentity user, UserIdentity.Scope context);
/* ------------------------------------------------------------ */ /* ------------------------------------------------------------ */
/** /**
* Disassociate the current UserIdentity and reinstate the * Disassociate the current UserIdentity and reinstate the
* previousUser identity. * previousUser identity.
* TODO this might not be necessary. Both existing implementations are no-ops * @param scoped UserIdentity returned from previous associate call
* @param scoped SCOPED returned from previous associate call
*/ */
void disassociate(SCOPED scoped); void disassociate(UserIdentity scoped);
/* ------------------------------------------------------------ */ /* ------------------------------------------------------------ */
/** /**
* Associate a runas Token with the current thread. * Associate a runas Token with the current user and thread.
* @param token The runAsToken to associate. * @param token The runAsToken to associate.
* @return The previous runAsToken or null. * @return The previous runAsToken or null.
*/ */
RUNAS associateRunAs(RunAsToken token); Object associateRunAs(UserIdentity user, RunAsToken token);
/* ------------------------------------------------------------ */ /* ------------------------------------------------------------ */
/** /**
@ -73,7 +72,7 @@ public interface IdentityService <SCOPED extends UserIdentity, RUNAS>
* and reassociate the previous token. * and reassociate the previous token.
* @param token RUNAS returned from previous associateRunAs call * @param token RUNAS returned from previous associateRunAs call
*/ */
void disassociateRunAs(RUNAS token); void disassociateRunAs(Object token);
/* ------------------------------------------------------------ */ /* ------------------------------------------------------------ */
/** /**
@ -95,5 +94,6 @@ public interface IdentityService <SCOPED extends UserIdentity, RUNAS>
*/ */
RunAsToken newRunAsToken(String runAsName); RunAsToken newRunAsToken(String runAsName);
UserIdentity newSystemUserIdentity(); /* ------------------------------------------------------------ */
UserIdentity getSystemUserIdentity();
} }

6
jetty-security/src/main/java/org/eclipse/jetty/security/LazyAuthentication.java
View File

@ -66,6 +66,12 @@ public class LazyAuthentication implements Authentication
{ {
return getDelegate().isSuccess(); return getDelegate().isSuccess();
} }
public void logout()
{
if (_delegate!=null)
_delegate.logout();
}
// for cleaning in secureResponse // for cleaning in secureResponse
public UserIdentity getUserIdentity() public UserIdentity getUserIdentity()

5
jetty-security/src/main/java/org/eclipse/jetty/security/LoginService.java
View File

@ -28,7 +28,8 @@ public interface LoginService
{ {
String getName(); String getName();
UserIdentity login(String username,Object credentials); UserIdentity login(String username,Object credentials);
void logout(UserIdentity user);
IdentityService<UserIdentity,?> getIdentityService(); IdentityService getIdentityService();
void setIdentityService(IdentityService<UserIdentity,?> service); void setIdentityService(IdentityService service);
} }

6
jetty-security/src/main/java/org/eclipse/jetty/security/MappedLoginService.java
View File

@ -201,6 +201,12 @@ public abstract class MappedLoginService extends AbstractLifeCycle implements Lo
return null; return null;
} }
/* ------------------------------------------------------------ */
public void logout(UserIdentity user)
{
// TODO maybe clear cache?
}
/* ------------------------------------------------------------ */ /* ------------------------------------------------------------ */
protected abstract UserIdentity loadUser(String username); protected abstract UserIdentity loadUser(String username);

8
jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java
View File

@ -54,7 +54,7 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
private final Map<String,String> _initParameters=new HashMap<String,String>(); private final Map<String,String> _initParameters=new HashMap<String,String>();
private LoginService _loginService; private LoginService _loginService;
private boolean _loginServiceShared; private boolean _loginServiceShared;
private IdentityService<UserIdentity,?> _identityService; private IdentityService _identityService;
/* ------------------------------------------------------------ */ /* ------------------------------------------------------------ */
protected SecurityHandler() protected SecurityHandler()
@ -65,7 +65,7 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
/** Get the identityService. /** Get the identityService.
* @return the identityService * @return the identityService
*/ */
public IdentityService<UserIdentity,?> getIdentityService() public IdentityService getIdentityService()
{ {
return _identityService; return _identityService;
} }
@ -74,7 +74,7 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
/** Set the identityService. /** Set the identityService.
* @param identityService the identityService to set * @param identityService the identityService to set
*/ */
public void setIdentityService(IdentityService<UserIdentity,?> identityService) public void setIdentityService(IdentityService identityService)
{ {
if (isStarted()) if (isStarted())
throw new IllegalStateException("Started"); throw new IllegalStateException("Started");
@ -268,7 +268,7 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
} }
/* ------------------------------------------------------------ */ /* ------------------------------------------------------------ */
protected IdentityService<UserIdentity,?> findIdentityService() protected IdentityService findIdentityService()
{ {
List<IdentityService> services = getServer().getBeans(IdentityService.class); List<IdentityService> services = getServer().getBeans(IdentityService.class);
if (services!=null && services.size()>0) if (services!=null && services.size()>0)

7
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/BasicAuthenticator.java
View File

@ -27,6 +27,7 @@ import org.eclipse.jetty.security.Authentication;
import org.eclipse.jetty.security.DefaultAuthentication; import org.eclipse.jetty.security.DefaultAuthentication;
import org.eclipse.jetty.security.DefaultUserIdentity; import org.eclipse.jetty.security.DefaultUserIdentity;
import org.eclipse.jetty.security.ServerAuthException; import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.security.Authentication.Status;
import org.eclipse.jetty.server.UserIdentity; import org.eclipse.jetty.server.UserIdentity;
import org.eclipse.jetty.util.StringUtil; import org.eclipse.jetty.util.StringUtil;
@ -34,7 +35,7 @@ import org.eclipse.jetty.util.StringUtil;
* @version $Rev: 4793 $ $Date: 2009-03-19 00:00:01 +0100 (Thu, 19 Mar 2009) $ * @version $Rev: 4793 $ $Date: 2009-03-19 00:00:01 +0100 (Thu, 19 Mar 2009) $
*/ */
public class BasicAuthenticator extends LoginAuthenticator public class BasicAuthenticator extends LoginAuthenticator
{ {
/* ------------------------------------------------------------ */ /* ------------------------------------------------------------ */
/** /**
* @param loginService * @param loginService
@ -75,9 +76,7 @@ public class BasicAuthenticator extends LoginAuthenticator
UserIdentity user = _loginService.login(username,password); UserIdentity user = _loginService.login(username,password);
if (user!=null) if (user!=null)
{ {
if (user instanceof DefaultUserIdentity) return new DefaultAuthentication(Authentication.Status.SUCCESS,this,user);
return ((DefaultUserIdentity)user).SUCCESSFUL_BASIC;
return new DefaultAuthentication(Authentication.Status.SUCCESS,Constraint.__BASIC_AUTH,user);
} }
} }

2
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/ClientCertAuthenticator.java
View File

@ -76,7 +76,7 @@ public class ClientCertAuthenticator extends LoginAuthenticator
UserIdentity user = _loginService.login(username,credential); UserIdentity user = _loginService.login(username,credential);
if (user!=null) if (user!=null)
return new DefaultAuthentication(Authentication.Status.SUCCESS,Constraint.__CERT_AUTH2,user); return new DefaultAuthentication(Authentication.Status.SUCCESS,this,user);
if (!mandatory) if (!mandatory)
{ {

4
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/DigestAuthenticator.java
View File

@ -124,9 +124,7 @@ public class DigestAuthenticator extends LoginAuthenticator
UserIdentity user = _loginService.login(digest.username,digest); UserIdentity user = _loginService.login(digest.username,digest);
if (user!=null) if (user!=null)
{ {
if (user instanceof DefaultUserIdentity) return new DefaultAuthentication(Authentication.Status.SUCCESS,this,user);
return ((DefaultUserIdentity)user).SUCCESSFUL_BASIC;
return new DefaultAuthentication(Authentication.Status.SUCCESS,Constraint.__DIGEST_AUTH,user);
} }
} }
else if (n == 0) stale = true; else if (n == 0) stale = true;

2
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/FormAuthenticator.java
View File

@ -180,7 +180,7 @@ public class FormAuthenticator extends LoginAuthenticator
session.removeAttribute(__J_URI); // Remove popped return URI. session.removeAttribute(__J_URI); // Remove popped return URI.
response.setContentLength(0); response.setContentLength(0);
response.sendRedirect(response.encodeRedirectURL(nuri)); response.sendRedirect(response.encodeRedirectURL(nuri));
return new DefaultAuthentication(Authentication.Status.SEND_SUCCESS,Constraint.__FORM_AUTH,user); return new DefaultAuthentication(Authentication.Status.SEND_SUCCESS,this,user);
} }
// not authenticated // not authenticated

31
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/SessionCachingAuthenticator.java
View File

@ -17,11 +17,17 @@ import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse; import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession; import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpSessionAttributeListener;
import javax.servlet.http.HttpSessionBindingEvent;
import javax.servlet.http.HttpSessionEvent;
import javax.servlet.http.HttpSessionListener;
import org.eclipse.jetty.security.Authentication; import org.eclipse.jetty.security.Authentication;
import org.eclipse.jetty.security.Authenticator; import org.eclipse.jetty.security.Authenticator;
import org.eclipse.jetty.security.DefaultAuthentication; import org.eclipse.jetty.security.DefaultAuthentication;
import org.eclipse.jetty.security.ServerAuthException; import org.eclipse.jetty.security.ServerAuthException;
import org.eclipse.jetty.security.Authentication.Status;
import org.eclipse.jetty.server.UserIdentity;
/** /**
* @version $Rev: 4793 $ $Date: 2009-03-19 00:00:01 +0100 (Thu, 19 Mar 2009) $ * @version $Rev: 4793 $ $Date: 2009-03-19 00:00:01 +0100 (Thu, 19 Mar 2009) $
@ -30,7 +36,6 @@ public class SessionCachingAuthenticator extends DelegateAuthenticator
{ {
public final static String __J_AUTHENTICATED = "org.eclipse.jetty.server.Auth"; public final static String __J_AUTHENTICATED = "org.eclipse.jetty.server.Auth";
public SessionCachingAuthenticator(Authenticator delegate) public SessionCachingAuthenticator(Authenticator delegate)
{ {
super(delegate); super(delegate);
@ -50,10 +55,32 @@ public class SessionCachingAuthenticator extends DelegateAuthenticator
authentication = _delegate.validateRequest(request, response, mandatory); authentication = _delegate.validateRequest(request, response, mandatory);
if (authentication != null && authentication.getUserIdentity().getSubject() != null) if (authentication != null && authentication.getUserIdentity().getSubject() != null)
{ {
Authentication next=new DefaultAuthentication(Authentication.Status.SUCCESS,authentication.getAuthMethod(),authentication.getUserIdentity()); Authentication next=new FormAuthentication(Authentication.Status.SUCCESS,_delegate,authentication.getUserIdentity());
session.setAttribute(__J_AUTHENTICATED, next); session.setAttribute(__J_AUTHENTICATED, next);
} }
return authentication; return authentication;
} }
protected class FormAuthentication extends DefaultAuthentication implements HttpSessionAttributeListener
{
public FormAuthentication(Status authStatus, Authenticator authenticator, UserIdentity userIdentity)
{
super(authStatus,authenticator,userIdentity);
}
public void attributeAdded(HttpSessionBindingEvent event)
{
}
public void attributeRemoved(HttpSessionBindingEvent event)
{
logout();
}
public void attributeReplaced(HttpSessionBindingEvent arg0)
{
logout();
}
}
} }

6
jetty-security/src/main/java/org/eclipse/jetty/security/authentication/XCPSCachingAuthenticator.java
View File

@ -44,10 +44,12 @@ public class XCPSCachingAuthenticator extends DelegateAuthenticator
{ {
Authentication serverAuthResult = _xcps.fetch((HttpServletRequest)request); Authentication serverAuthResult = _xcps.fetch((HttpServletRequest)request);
if (serverAuthResult != null) return serverAuthResult; if (serverAuthResult != null)
return serverAuthResult;
serverAuthResult = _delegate.validateRequest(request, response, manditory); serverAuthResult = _delegate.validateRequest(request, response, manditory);
if (serverAuthResult != null) _xcps.store(serverAuthResult, (HttpServletResponse)response); if (serverAuthResult != null)
_xcps.store(serverAuthResult, (HttpServletResponse)response);
return serverAuthResult; return serverAuthResult;
} }

11
jetty-server/src/main/java/org/eclipse/jetty/server/UserIdentity.java
View File

@ -100,13 +100,14 @@ public interface UserIdentity
/* ------------------------------------------------------------ */ /* ------------------------------------------------------------ */
/* ------------------------------------------------------------ */ /* ------------------------------------------------------------ */
/* ------------------------------------------------------------ */ /* ------------------------------------------------------------ */
public interface UnauthticatedUserIdentity extends UserIdentity public interface UnauthenticatedUserIdentity extends UserIdentity
{ {
UserIdentity login(ServletRequest request, ServletResponse response);
UserIdentity login(String username, String password);
}; };
public static final UserIdentity UNAUTHENTICATED_IDENTITY = new UserIdentity() /* ------------------------------------------------------------ */
/* ------------------------------------------------------------ */
/* ------------------------------------------------------------ */
public static final UserIdentity UNAUTHENTICATED_IDENTITY = new UnauthenticatedUserIdentity()
{ {
public Subject getSubject() public Subject getSubject()
{ {

4
jetty-servlet/src/main/java/org/eclipse/jetty/servlet/ServletHandler.java
View File

@ -84,7 +84,7 @@ public class ServletHandler extends AbstractHandler
private boolean _filterChainsCached=true; private boolean _filterChainsCached=true;
private int _maxFilterChainsCacheSize=1000; private int _maxFilterChainsCacheSize=1000;
private boolean _startWithUnavailable=true; private boolean _startWithUnavailable=true;
private IdentityService<UserIdentity,?> _identityService; private IdentityService _identityService;
private ServletHolder[] _servlets; private ServletHolder[] _servlets;
private ServletMapping[] _servletMappings; private ServletMapping[] _servletMappings;
@ -140,7 +140,7 @@ public class ServletHandler extends AbstractHandler
{ {
SecurityHandler security_handler = (SecurityHandler)_contextHandler.getChildHandlerByClass(SecurityHandler.class); SecurityHandler security_handler = (SecurityHandler)_contextHandler.getChildHandlerByClass(SecurityHandler.class);
if (security_handler!=null) if (security_handler!=null)
_identityService=(IdentityService<UserIdentity,?>)security_handler.getIdentityService(); _identityService=security_handler.getIdentityService();
} }
updateNameMappings(); updateNameMappings();

6
jetty-servlet/src/main/java/org/eclipse/jetty/servlet/ServletHolder.java
View File

@ -263,7 +263,7 @@ public class ServletHolder extends Holder implements UserIdentity.Scope, Compara
try try
{ {
if (_identityService!=null && _runAsToken!=null) if (_identityService!=null && _runAsToken!=null)
old_run_as=_identityService.associateRunAs(_runAsToken); old_run_as=_identityService.associateRunAs(_identityService.getSystemUserIdentity(),_runAsToken);
destroyInstance(_servlet); destroyInstance(_servlet);
} }
@ -405,7 +405,7 @@ public class ServletHolder extends Holder implements UserIdentity.Scope, Compara
// Handle run as // Handle run as
if (_identityService!=null && _runAsToken!=null) if (_identityService!=null && _runAsToken!=null)
{ {
old_run_as=_identityService.associateRunAs(_runAsToken); old_run_as=_identityService.associateRunAs(_identityService.getSystemUserIdentity(),_runAsToken);
} }
_servlet.init(_config); _servlet.init(_config);
@ -512,7 +512,7 @@ public class ServletHolder extends Holder implements UserIdentity.Scope, Compara
// Handle run as // Handle run as
if (_identityService!=null && _runAsToken!=null) if (_identityService!=null && _runAsToken!=null)
old_run_as=_identityService.associateRunAs(_runAsToken); old_run_as=_identityService.associateRunAs(baseRequest.getUserIdentity(),_runAsToken);
if (!isAsyncSupported()) if (!isAsyncSupported())
baseRequest.setAsyncSupported(false); baseRequest.setAsyncSupported(false);