Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2026-02-04 05:39:11 +01:00
Code Issues Packages Projects Releases Activity

Reverted mess of eclipse formatting.

Browse Source
This commit is contained in:
Clemens Rabe
2013-10-15 20:57:38 +02:00
parent 13bd150c6f
commit 814b940998
2 changed files with 459 additions and 403 deletions
Download Patch File Download Diff File Expand all files Collapse all files

348
scm-core/src/main/java/sonia/scm/web/filter/BasicAuthenticationFilter.java
View File

@@ -29,6 +29,8 @@
*
*/
package sonia.scm.web.filter;
//~--- non-JDK imports --------------------------------------------------------
@@ -41,6 +43,7 @@ import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -65,195 +68,218 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
*
*
* @author Sebastian Sdorra
*/
@Singleton
public class BasicAuthenticationFilter extends AutoLoginFilter {
public class BasicAuthenticationFilter extends AutoLoginFilter
{
/** Field description */
public static final String AUTHORIZATION_BASIC_PREFIX = "BASIC";
/** Field description */
public static final String AUTHORIZATION_BASIC_PREFIX = "BASIC";
/** Field description */
public static final String CREDENTIAL_SEPARATOR = ":";
/** Field description */
public static final String CREDENTIAL_SEPARATOR = ":";
/** Field description */
public static final String HEADER_AUTHORIZATION = "Authorization";
/** Field description */
public static final String HEADER_AUTHORIZATION = "Authorization";
/** the logger for BasicAuthenticationFilter */
private static final Logger logger = LoggerFactory
.getLogger(BasicAuthenticationFilter.class);
/** the logger for BasicAuthenticationFilter */
private static final Logger logger =
LoggerFactory.getLogger(BasicAuthenticationFilter.class);
// ~--- constructors
// ---------------------------------------------------------
//~--- constructors ---------------------------------------------------------
/**
* Constructs ...
*
*
* @param securityContextProvider
* @deprecated use the constructor with out arguments instead.
*/
@Deprecated
public BasicAuthenticationFilter(
Provider<WebSecurityContext> securityContextProvider) {
}
/**
* Constructs ...
*
*
* @param securityContextProvider
* @deprecated use the constructor with out arguments instead.
*/
@Deprecated
public BasicAuthenticationFilter(
Provider<WebSecurityContext> securityContextProvider) {}
/**
* Constructs a new basic authenticaton filter
*
* @param configuration
* scm-manager global configuration
*
* @since 1.21
*/
@Inject
public BasicAuthenticationFilter(ScmConfiguration configuration,
Set<AutoLoginModule> autoLoginModules) {
super(autoLoginModules);
this.configuration = configuration;
}
/**
* Constructs a new basic authenticaton filter
*
* @param configuration scm-manager global configuration
*
* @since 1.21
*/
@Inject
public BasicAuthenticationFilter(ScmConfiguration configuration,
Set<AutoLoginModule> autoLoginModules)
{
super(autoLoginModules);
this.configuration = configuration;
}
// ~--- methods
// --------------------------------------------------------------
//~--- methods --------------------------------------------------------------
/**
* Method description
*
*
* @param request
* @param response
* @param chain
*
* @throws IOException
* @throws ServletException
*/
@Override
protected void doFilter(HttpServletRequest request,
HttpServletResponse response, FilterChain chain)
throws IOException, ServletException {
Subject subject = SecurityUtils.getSubject();
User user = getAuthenticatedUser(request, response);
/**
* Method description
*
*
* @param request
* @param response
* @param chain
*
* @throws IOException
* @throws ServletException
*/
@Override
protected void doFilter(HttpServletRequest request,
HttpServletResponse response, FilterChain chain)
throws IOException, ServletException
{
Subject subject = SecurityUtils.getSubject();
User user = getAuthenticatedUser(request, response);
// Fallback to basic authentication scheme
if (user == null) {
String authentication = request.getHeader(HEADER_AUTHORIZATION);
// Fallback to basic authentication scheme
if (user == null)
{
String authentication = request.getHeader(HEADER_AUTHORIZATION);
if (Util.startWithIgnoreCase(authentication,
AUTHORIZATION_BASIC_PREFIX)) {
if (logger.isTraceEnabled()) {
logger.trace("found basic authorization header, start authentication");
}
if (Util.startWithIgnoreCase(authentication, AUTHORIZATION_BASIC_PREFIX))
{
if (logger.isTraceEnabled())
{
logger.trace("found basic authorization header, start authentication");
}
user = authenticate(request, response, subject, authentication);
user = authenticate(request, response, subject, authentication);
if (logger.isTraceEnabled()) {
if (user != null) {
logger.trace("user {} successfully authenticated",
user.getName());
} else {
logger.trace("authentcation failed, user object is null");
}
}
} else if ((configuration != null)
&& configuration.isAnonymousAccessEnabled()) {
if (logger.isTraceEnabled()) {
logger.trace("anonymous access granted");
}
if (logger.isTraceEnabled())
{
if (user != null)
{
logger.trace("user {} successfully authenticated", user.getName());
}
else
{
logger.trace("authentcation failed, user object is null");
}
}
}
else if ((configuration != null)
&& configuration.isAnonymousAccessEnabled())
{
if (logger.isTraceEnabled())
{
logger.trace("anonymous access granted");
}
user = SCMContext.ANONYMOUS;
}
}
user = SCMContext.ANONYMOUS;
}
}
if (user == null) {
if (logger.isTraceEnabled()) {
logger.trace("could not find user send unauthorized");
}
if (user == null)
{
if (logger.isTraceEnabled())
{
logger.trace("could not find user send unauthorized");
}
handleUnauthorized(request, response, chain);
} else {
chain.doFilter(
new SecurityHttpServletRequestWrapper(request, user),
response);
}
}
handleUnauthorized(request, response, chain);
}
else
{
chain.doFilter(new SecurityHttpServletRequestWrapper(request, user),
response);
}
}
/**
* Method description
*
*
* @param request
* @param response
* @param chain
*
* @throws IOException
* @throws ServletException
*
* @since 1.8
*/
protected void handleUnauthorized(HttpServletRequest request,
HttpServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpUtil.sendUnauthorized(request, response);
}
/**
* Method description
*
*
* @param request
* @param response
* @param chain
*
* @throws IOException
* @throws ServletException
*
* @since 1.8
*/
protected void handleUnauthorized(HttpServletRequest request,
HttpServletResponse response, FilterChain chain)
throws IOException, ServletException
{
HttpUtil.sendUnauthorized(request, response);
}
/**
* Method description
*
*
* @param request
* @param response
* @param securityContext
* @param subject
* @param authentication
*
* @return
*/
private User authenticate(HttpServletRequest request,
HttpServletResponse response, Subject subject, String authentication) {
String token = authentication.substring(6);
/**
* Method description
*
*
* @param request
* @param response
* @param securityContext
* @param subject
* @param authentication
*
* @return
*/
private User authenticate(HttpServletRequest request,
HttpServletResponse response, Subject subject, String authentication)
{
String token = authentication.substring(6);
token = new String(Base64.decode(token.getBytes()));
token = new String(Base64.decode(token.getBytes()));
int index = token.indexOf(CREDENTIAL_SEPARATOR);
User user = null;
int index = token.indexOf(CREDENTIAL_SEPARATOR);
User user = null;
if ((index > 0) && (index < token.length())) {
String username = token.substring(0, index);
String password = token.substring(index + 1);
if ((index > 0) && (index < token.length()))
{
String username = token.substring(0, index);
String password = token.substring(index + 1);
if (Util.isNotEmpty(username) && Util.isNotEmpty(password)) {
if (logger.isTraceEnabled()) {
logger.trace("try to authenticate user {}", username);
}
if (Util.isNotEmpty(username) && Util.isNotEmpty(password))
{
if (logger.isTraceEnabled())
{
logger.trace("try to authenticate user {}", username);
}
try {
try
{
subject.login(new UsernamePasswordToken(username, password,
request.getRemoteAddr()));
user = subject.getPrincipals().oneByType(User.class);
} catch (AuthenticationException ex) {
if (logger.isTraceEnabled()) {
logger.trace("authentication failed for user "
.concat(username), ex);
} else if (logger.isWarnEnabled()) {
logger.warn("authentication failed for user {}",
username);
}
}
} else if (logger.isWarnEnabled()) {
logger.warn("username or password is null/empty");
}
} else if (logger.isWarnEnabled()) {
logger.warn("failed to read basic auth credentials");
}
subject.login(new UsernamePasswordToken(username, password,
request.getRemoteAddr()));
user = subject.getPrincipals().oneByType(User.class);
}
catch (AuthenticationException ex)
{
if (logger.isTraceEnabled())
{
logger.trace("authentication failed for user ".concat(username),
ex);
}
else if (logger.isWarnEnabled())
{
logger.warn("authentication failed for user {}", username);
}
}
}
else if (logger.isWarnEnabled())
{
logger.warn("username or password is null/empty");
}
}
else if (logger.isWarnEnabled())
{
logger.warn("failed to read basic auth credentials");
}
return user;
}
return user;
}
// ~--- fields
// ---------------------------------------------------------------
//~--- fields ---------------------------------------------------------------
/** Field description */
private ScmConfiguration configuration;
/** Field description */
private ScmConfiguration configuration;
}