honeymoose
/
hapi-fhir
mirror of https://github.com/hapifhir/hapi-fhir.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

updated authenticate method in ISecurityManager to be void and throw an AuthenticationException, 

updated RestfulServer to return 401 when SecurityManager is present and authenticate throws the exception
This commit is contained in:
Yogthos 2014-03-10 10:43:33 -04:00
parent 25a1e6925b
commit daa5ed6ea8
3 changed files with 26 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
hapi-fhir-base/src/main/java/ca/uhn/fhir/rest/server/ISecurityManager.java
View File

@ -1,10 +1,12 @@
package ca.uhn.fhir.rest.server; package ca.uhn.fhir.rest.server;
import ca.uhn.fhir.rest.server.exceptions.AuthenticationException;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
/** /**
* Created by dsotnikov on 3/7/2014. * Created by dsotnikov on 3/7/2014.
*/ */
public interface ISecurityManager { public interface ISecurityManager {
public boolean authenticate(HttpServletRequest request); public void authenticate(HttpServletRequest request) throws AuthenticationException;
} }

16
hapi-fhir-base/src/main/java/ca/uhn/fhir/rest/server/RestfulServer.java
View File

@ -16,6 +16,7 @@ import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import ca.uhn.fhir.rest.server.exceptions.*;
import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.StringUtils;
import ca.uhn.fhir.context.FhirContext; import ca.uhn.fhir.context.FhirContext;
@ -26,10 +27,6 @@ import ca.uhn.fhir.model.api.IResource;
import ca.uhn.fhir.model.primitive.IdDt; import ca.uhn.fhir.model.primitive.IdDt;
import ca.uhn.fhir.rest.common.BaseMethodBinding; import ca.uhn.fhir.rest.common.BaseMethodBinding;
import ca.uhn.fhir.rest.common.SearchMethodBinding; import ca.uhn.fhir.rest.common.SearchMethodBinding;
import ca.uhn.fhir.rest.server.exceptions.BaseServerResponseException;
import ca.uhn.fhir.rest.server.exceptions.InternalErrorException;
import ca.uhn.fhir.rest.server.exceptions.MethodNotFoundException;
import ca.uhn.fhir.rest.server.exceptions.ResourceNotFoundException;
public abstract class RestfulServer extends HttpServlet { public abstract class RestfulServer extends HttpServlet {
@ -107,6 +104,11 @@ public abstract class RestfulServer extends HttpServlet {
protected void handleRequest(SearchMethodBinding.RequestType requestType, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { protected void handleRequest(SearchMethodBinding.RequestType requestType, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
try { try {
if (null != securityManager) {
securityManager.authenticate(request);
}
String resourceName = null; String resourceName = null;
Long identity = null; Long identity = null;
@ -178,7 +180,11 @@ public abstract class RestfulServer extends HttpServlet {
} }
// resourceMethod.get // resourceMethod.get
} catch (BaseServerResponseException e) { } catch (AuthenticationException e) {
response.setStatus(401);
response.getWriter().write(e.getMessage());
}
catch (BaseServerResponseException e) {
if (e instanceof InternalErrorException) { if (e instanceof InternalErrorException) {
ourLog.error("Failure during REST processing", e); ourLog.error("Failure during REST processing", e);

12
hapi-fhir-base/src/main/java/ca/uhn/fhir/rest/server/exceptions/AuthenticationException.java Normal file
View File

@ -0,0 +1,12 @@
package ca.uhn.fhir.rest.server.exceptions;
import javax.servlet.ServletException;
/**
* Created by dsotnikov on 3/10/2014.
*/
public class AuthenticationException extends ServletException {
private static final long serialVersionUID = 1L;
}