perfsonar-dev - [GEANT/SA2/ps-java-services] r5637 - trunk/perfsonar-java-base2/src/main/java/org/perfsonar/base2/servlets
Subject: perfsonar development work
List archive
[GEANT/SA2/ps-java-services] r5637 - trunk/perfsonar-java-base2/src/main/java/org/perfsonar/base2/servlets
Chronological Thread
- From:
- To:
- Subject: [GEANT/SA2/ps-java-services] r5637 - trunk/perfsonar-java-base2/src/main/java/org/perfsonar/base2/servlets
- Date: Fri, 14 May 2010 09:25:24 +0100
Author: psnc.trzaszczka
Date: 2010-05-14 09:25:23 +0100 (Fri, 14 May 2010)
New Revision: 5637
Modified:
trunk/perfsonar-java-base2/src/main/java/org/perfsonar/base2/servlets/AuthServlet.java
trunk/perfsonar-java-base2/src/main/java/org/perfsonar/base2/servlets/ExistDBInitServlet.java
Log:
Modified:
trunk/perfsonar-java-base2/src/main/java/org/perfsonar/base2/servlets/AuthServlet.java
===================================================================
---
trunk/perfsonar-java-base2/src/main/java/org/perfsonar/base2/servlets/AuthServlet.java
2010-05-13 14:41:27 UTC (rev 5636)
+++
trunk/perfsonar-java-base2/src/main/java/org/perfsonar/base2/servlets/AuthServlet.java
2010-05-14 08:25:23 UTC (rev 5637)
@@ -1,14 +1,12 @@
package org.perfsonar.base2.servlets;
import java.io.IOException;
-import java.util.Locale;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.apache.commons.codec.binary.Base64;
import org.perfsonar.base2.service.configuration.ConfigurationManager;
import org.perfsonar.base2.service.exceptions.PerfSONARException;
@@ -21,16 +19,29 @@
@SuppressWarnings("serial")
public abstract class AuthServlet extends HttpServlet {
+ private String username;
+ private String password;
+
+ public String getUsername() {
+ return username;
+ }
+
+ public String getPassword() {
+ return password;
+ }
+
/*
* returns username for allowed user
*/
- protected abstract String getUsername(ConfigurationManager
configManager) throws PerfSONARException ;
-
+ protected abstract String getUsername(ConfigurationManager
configManager)
+ throws PerfSONARException;
+
/*
* returns password for allowed user;
*/
- protected abstract String getPassword(ConfigurationManager
configManager) throws PerfSONARException ;
-
+ protected abstract String getPassword(ConfigurationManager
configManager)
+ throws PerfSONARException;
+
/**
*
* this method is executed whether user privileges are correct
@@ -38,54 +49,55 @@
* @param req
* @param resp
*/
- protected abstract void processRequest(HttpServletRequest req,
HttpServletResponse resp);
-
-
+ protected abstract void processRequest(HttpServletRequest req,
+ HttpServletResponse resp);
+
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
-
- String auth = req.getHeader("Authorization");
- try {
- ConfigurationManager configManager =
ConfigurationManager.getInstance();
- if
(!allowUser(auth,getUsername(configManager), getPassword(configManager))) {
- resp.setHeader("WWW-Authenticate",
"BASIC realm=\"users\"");
-
resp.sendError(HttpServletResponse.SC_UNAUTHORIZED);
- } else {
- processRequest(req, resp);
- }
- } catch (PerfSONARException e) {
- e.printStackTrace();
- }
-
- }
-
- /**
- * checks if the user is allowed to invoke this servlet
- *
- * @param auth
- * @param username
- * @param password
- * @return
- * @throws IOException
- */
- private boolean allowUser(String auth, String username, String
password)
- throws IOException {
- if (auth == null) {
- return false;
- }
- if (!auth.toUpperCase(Locale.getDefault()).startsWith("BASIC
")) {
- return false;
+ String auth = req.getHeader("Authorization");
+ String[] credentials = receiveCredentials(auth);
+ if (credentials == null) {
+ resp.setHeader("WWW-Authenticate", "BASIC
realm=\"users\"");
+ resp.sendError(HttpServletResponse.SC_UNAUTHORIZED);
+ } else {
+ username = credentials[0];
+ password = credentials[1];
+ processRequest(req, resp);
}
+ }
- String userpassEncoded = auth.substring(6);
+ private String[] receiveCredentials(String authHeader) {
+ String[] loginAndPassword = null;
- String userpassDecoded = new
String(Base64.decodeBase64(userpassEncoded.getBytes()));
+ if (authHeader != null) {
+ java.util.StringTokenizer st = new
java.util.StringTokenizer(
+ authHeader);
+ if (st.hasMoreTokens()) {
+ String basic = st.nextToken();
- if (userpassDecoded.equals(username + ":" + password))
- return true;
- else
- return false;
+ if (basic.equalsIgnoreCase("Basic")) {
+ String credentials = st.nextToken();
+
+ sun.misc.BASE64Decoder decoder = new
sun.misc.BASE64Decoder();
+ String userPass;
+ try {
+ userPass = new
String(decoder.decodeBuffer(credentials));
+ int p = userPass.indexOf(":");
+ if (p != -1) {
+ loginAndPassword =
new String[2];
+ loginAndPassword[0] =
userPass.substring(0, p);
+ loginAndPassword[1] =
userPass.substring(p + 1);
+ }
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+
+ }
+ }
+ }
+ return loginAndPassword;
}
+
}
Modified:
trunk/perfsonar-java-base2/src/main/java/org/perfsonar/base2/servlets/ExistDBInitServlet.java
===================================================================
---
trunk/perfsonar-java-base2/src/main/java/org/perfsonar/base2/servlets/ExistDBInitServlet.java
2010-05-13 14:41:27 UTC (rev 5636)
+++
trunk/perfsonar-java-base2/src/main/java/org/perfsonar/base2/servlets/ExistDBInitServlet.java
2010-05-14 08:25:23 UTC (rev 5637)
@@ -50,8 +50,7 @@
Class cl =
Class.forName("org.exist.xmldb.DatabaseImpl");
Database database = (Database) cl.newInstance();
DatabaseManager.registerDatabase(database);
- Collection collection =
DatabaseManager.getCollection(dbUrl,
- "admin", "");
+ Collection collection =
DatabaseManager.getCollection(dbUrl,getUsername(), getPassword());
return collection;
} catch (ClassNotFoundException e) {
e.printStackTrace();
- [GEANT/SA2/ps-java-services] r5637 - trunk/perfsonar-java-base2/src/main/java/org/perfsonar/base2/servlets, svn-noreply, 05/14/2010
Archive powered by MHonArc 2.6.16.