390161 jetty-9 do not share DeferredAuthentication
This commit is contained in:
Greg Wilkins
parent
494f7e48fc
commit
eacd75bbfd
|
|
@ -525,8 +525,6 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
|
|||
else if (authentication instanceof Authentication.Deferred)
|
||||
{
|
||||
DeferredAuthentication deferred= (DeferredAuthentication)authentication;
|
||||
deferred.setIdentityService(_identityService);
|
||||
deferred.setLoginService(_loginService);
|
||||
baseRequest.setAuthentication(authentication);
|
||||
|
||||
try
|
||||
|
|
@ -536,7 +534,6 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti
|
|||
finally
|
||||
{
|
||||
previousIdentity = deferred.getPreviousAssociation();
|
||||
deferred.setIdentityService(null);
|
||||
}
|
||||
|
||||
if (authenticator!=null)
|
||||
|
|
|
|||
|
|
@ -67,8 +67,8 @@ public class BasicAuthenticator extends LoginAuthenticator
|
|||
try
|
||||
{
|
||||
if (!mandatory)
|
||||
return _deferred;
|
||||
|
||||
return new DeferredAuthentication(this);
|
||||
|
||||
if (credentials != null)
|
||||
{
|
||||
int space=credentials.indexOf(' ');
|
||||
|
|
@ -96,7 +96,7 @@ public class BasicAuthenticator extends LoginAuthenticator
|
|||
}
|
||||
}
|
||||
|
||||
if (_deferred.isDeferred(response))
|
||||
if (DeferredAuthentication.isDeferred(response))
|
||||
return Authentication.UNAUTHENTICATED;
|
||||
|
||||
response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "basic realm=\"" + _loginService.getName() + '"');
|
||||
|
|
|
|||
|
|
@ -88,8 +88,8 @@ public class ClientCertAuthenticator extends LoginAuthenticator
|
|||
public Authentication validateRequest(ServletRequest req, ServletResponse res, boolean mandatory) throws ServerAuthException
|
||||
{
|
||||
if (!mandatory)
|
||||
return _deferred;
|
||||
|
||||
return new DeferredAuthentication(this);
|
||||
|
||||
HttpServletRequest request = (HttpServletRequest)req;
|
||||
HttpServletResponse response = (HttpServletResponse)res;
|
||||
X509Certificate[] certs = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");
|
||||
|
|
@ -129,8 +129,8 @@ public class ClientCertAuthenticator extends LoginAuthenticator
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (!_deferred.isDeferred(response))
|
||||
|
||||
if (!DeferredAuthentication.isDeferred(response))
|
||||
{
|
||||
response.sendError(HttpServletResponse.SC_FORBIDDEN);
|
||||
return Authentication.SEND_FAILURE;
|
||||
|
|
|
|||
|
|
@ -43,22 +43,9 @@ import org.eclipse.jetty.util.log.Logger;
|
|||
public class DeferredAuthentication implements Authentication.Deferred
|
||||
{
|
||||
private static final Logger LOG = Log.getLogger(DeferredAuthentication.class);
|
||||
|
||||
protected final Authenticator _authenticator;
|
||||
|
||||
private LoginService _loginService;
|
||||
private IdentityService _identityService;
|
||||
protected final LoginAuthenticator _authenticator;
|
||||
private Object _previousAssociation;
|
||||
|
||||
|
||||
/* ------------------------------------------------------------ */
|
||||
public DeferredAuthentication(Authenticator authenticator)
|
||||
{
|
||||
if (authenticator == null)
|
||||
throw new NullPointerException("No Authenticator");
|
||||
this._authenticator = authenticator;
|
||||
}
|
||||
|
||||
/* ------------------------------------------------------------ */
|
||||
public DeferredAuthentication(LoginAuthenticator authenticator)
|
||||
{
|
||||
|
|
@ -66,36 +53,6 @@ public class DeferredAuthentication implements Authentication.Deferred
|
|||
throw new NullPointerException("No Authenticator");
|
||||
this._authenticator = authenticator;
|
||||
}
|
||||
|
||||
/* ------------------------------------------------------------ */
|
||||
/** Get the identityService.
|
||||
* @return the identityService
|
||||
*/
|
||||
public IdentityService getIdentityService()
|
||||
{
|
||||
return _identityService;
|
||||
}
|
||||
|
||||
/* ------------------------------------------------------------ */
|
||||
/** Set the identityService.
|
||||
* @param identityService the identityService to set
|
||||
*/
|
||||
public void setIdentityService(IdentityService identityService)
|
||||
{
|
||||
_identityService = identityService;
|
||||
}
|
||||
|
||||
/* ------------------------------------------------------------ */
|
||||
public LoginService getLoginService()
|
||||
{
|
||||
return _loginService;
|
||||
}
|
||||
|
||||
/* ------------------------------------------------------------ */
|
||||
public void setLoginService(LoginService loginService)
|
||||
{
|
||||
_loginService = loginService;
|
||||
}
|
||||
|
||||
/* ------------------------------------------------------------ */
|
||||
/**
|
||||
|
|
@ -109,8 +66,11 @@ public class DeferredAuthentication implements Authentication.Deferred
|
|||
|
||||
if (authentication!=null && (authentication instanceof Authentication.User) && !(authentication instanceof Authentication.ResponseSent))
|
||||
{
|
||||
if (_identityService!=null)
|
||||
_previousAssociation=_identityService.associate(((Authentication.User)authentication).getUserIdentity());
|
||||
LoginService login_service= _authenticator.getLoginService();
|
||||
IdentityService identity_service=login_service.getIdentityService();
|
||||
|
||||
if (identity_service!=null)
|
||||
_previousAssociation=identity_service.associate(((Authentication.User)authentication).getUserIdentity());
|
||||
return authentication;
|
||||
}
|
||||
}
|
||||
|
|
@ -129,9 +89,12 @@ public class DeferredAuthentication implements Authentication.Deferred
|
|||
{
|
||||
try
|
||||
{
|
||||
LoginService login_service= _authenticator.getLoginService();
|
||||
IdentityService identity_service=login_service.getIdentityService();
|
||||
|
||||
Authentication authentication = _authenticator.validateRequest(request,response,true);
|
||||
if (authentication instanceof Authentication.User && _identityService!=null)
|
||||
_previousAssociation=_identityService.associate(((Authentication.User)authentication).getUserIdentity());
|
||||
if (authentication instanceof Authentication.User && identity_service!=null)
|
||||
_previousAssociation=identity_service.associate(((Authentication.User)authentication).getUserIdentity());
|
||||
return authentication;
|
||||
}
|
||||
catch (ServerAuthException e)
|
||||
|
|
@ -147,14 +110,17 @@ public class DeferredAuthentication implements Authentication.Deferred
|
|||
*/
|
||||
public Authentication login(String username, String password)
|
||||
{
|
||||
if (_loginService!=null)
|
||||
LoginService login_service= _authenticator.getLoginService();
|
||||
IdentityService identity_service=login_service.getIdentityService();
|
||||
|
||||
if (login_service!=null)
|
||||
{
|
||||
UserIdentity user = _loginService.login(username,password);
|
||||
UserIdentity user = login_service.login(username,password);
|
||||
if (user!=null)
|
||||
{
|
||||
UserAuthentication authentication = new UserAuthentication("API",user);
|
||||
if (_identityService!=null)
|
||||
_previousAssociation=_identityService.associate(user);
|
||||
if (identity_service!=null)
|
||||
_previousAssociation=identity_service.associate(user);
|
||||
return authentication;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -121,8 +121,8 @@ public class DigestAuthenticator extends LoginAuthenticator
|
|||
public Authentication validateRequest(ServletRequest req, ServletResponse res, boolean mandatory) throws ServerAuthException
|
||||
{
|
||||
if (!mandatory)
|
||||
return _deferred;
|
||||
|
||||
return new DeferredAuthentication(this);
|
||||
|
||||
HttpServletRequest request = (HttpServletRequest)req;
|
||||
HttpServletResponse response = (HttpServletResponse)res;
|
||||
String credentials = request.getHeader(HttpHeaders.AUTHORIZATION);
|
||||
|
|
@ -197,7 +197,7 @@ public class DigestAuthenticator extends LoginAuthenticator
|
|||
|
||||
}
|
||||
|
||||
if (!_deferred.isDeferred(response))
|
||||
if (!DeferredAuthentication.isDeferred(response))
|
||||
{
|
||||
String domain = request.getContextPath();
|
||||
if (domain == null)
|
||||
|
|
|
|||
|
|
@ -191,11 +191,11 @@ public class FormAuthenticator extends LoginAuthenticator
|
|||
|
||||
mandatory|=isJSecurityCheck(uri);
|
||||
if (!mandatory)
|
||||
return _deferred;
|
||||
|
||||
return new DeferredAuthentication(this);
|
||||
|
||||
if (isLoginOrErrorPage(URIUtil.addPaths(request.getServletPath(),request.getPathInfo())) &&!DeferredAuthentication.isDeferred(response))
|
||||
return _deferred;
|
||||
|
||||
return new DeferredAuthentication(this);
|
||||
|
||||
HttpSession session = request.getSession(true);
|
||||
|
||||
try
|
||||
|
|
@ -300,9 +300,12 @@ public class FormAuthenticator extends LoginAuthenticator
|
|||
}
|
||||
|
||||
// if we can't send challenge
|
||||
if (_deferred.isDeferred(response))
|
||||
return Authentication.UNAUTHENTICATED;
|
||||
|
||||
if (DeferredAuthentication.isDeferred(response))
|
||||
{
|
||||
LOG.debug("auth deferred {}",session.getId());
|
||||
return Authentication.UNAUTHENTICATED;
|
||||
}
|
||||
|
||||
// remember the current URI
|
||||
synchronized (session)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -29,7 +29,6 @@ import org.eclipse.jetty.server.session.AbstractSessionManager;
|
|||
|
||||
public abstract class LoginAuthenticator implements Authenticator
|
||||
{
|
||||
protected final DeferredAuthentication _deferred=new DeferredAuthentication(this);
|
||||
protected LoginService _loginService;
|
||||
protected IdentityService _identityService;
|
||||
private boolean _renewSession;
|
||||
|
|
|
|||
|
|
@ -69,7 +69,7 @@ public class SpnegoAuthenticator extends LoginAuthenticator
|
|||
|
||||
if (!mandatory)
|
||||
{
|
||||
return _deferred;
|
||||
return new DeferredAuthentication(this);
|
||||
}
|
||||
|
||||
// check to see if we have authorization headers required to continue
|
||||
|
|
@ -77,7 +77,7 @@ public class SpnegoAuthenticator extends LoginAuthenticator
|
|||
{
|
||||
try
|
||||
{
|
||||
if (_deferred.isDeferred(res))
|
||||
if (DeferredAuthentication.isDeferred(res))
|
||||
{
|
||||
return Authentication.UNAUTHENTICATED;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue