1
2
3
4
5
6
7
8
9
10
11
12
13
14 package waffle.servlet.spi;
15
16 import java.io.IOException;
17 import java.security.InvalidParameterException;
18
19 import javax.servlet.http.HttpServletRequest;
20 import javax.servlet.http.HttpServletResponse;
21
22 import org.slf4j.Logger;
23 import org.slf4j.LoggerFactory;
24
25 import com.google.common.base.Charsets;
26
27 import waffle.util.AuthorizationHeader;
28 import waffle.windows.auth.IWindowsAuthProvider;
29 import waffle.windows.auth.IWindowsIdentity;
30
31
32
33
34
35
36 public class BasicSecurityFilterProvider implements SecurityFilterProvider {
37
38
39 private static final Logger LOGGER = LoggerFactory.getLogger(BasicSecurityFilterProvider.class);
40
41
42 private String realm = "BasicSecurityFilterProvider";
43
44
45 private final IWindowsAuthProvider auth;
46
47
48
49
50
51
52
53 public BasicSecurityFilterProvider(final IWindowsAuthProvider newAuthProvider) {
54 this.auth = newAuthProvider;
55 }
56
57
58
59
60 @Override
61 public IWindowsIdentity doFilter(final HttpServletRequest request, final HttpServletResponse response)
62 throws IOException {
63
64 final AuthorizationHeader authorizationHeader = new AuthorizationHeader(request);
65 final String usernamePassword = new String(authorizationHeader.getTokenBytes(), Charsets.UTF_8);
66 final String[] usernamePasswordArray = usernamePassword.split(":", 2);
67 if (usernamePasswordArray.length != 2) {
68 throw new RuntimeException("Invalid username:password in Authorization header.");
69 }
70 BasicSecurityFilterProvider.LOGGER.debug("logging in user: {}", usernamePasswordArray[0]);
71 return this.auth.logonUser(usernamePasswordArray[0], usernamePasswordArray[1]);
72 }
73
74
75
76
77 @Override
78 public boolean isPrincipalException(final HttpServletRequest request) {
79 return false;
80 }
81
82
83
84
85 @Override
86 public boolean isSecurityPackageSupported(final String securityPackage) {
87 return securityPackage.equalsIgnoreCase("Basic");
88 }
89
90
91
92
93 @Override
94 public void sendUnauthorized(final HttpServletResponse response) {
95 response.addHeader("WWW-Authenticate", "Basic realm=\"" + this.realm + "\"");
96 }
97
98
99
100
101
102
103 public String getRealm() {
104 return this.realm;
105 }
106
107
108
109
110
111
112
113 public void setRealm(final String value) {
114 this.realm = value;
115 }
116
117
118
119
120
121
122
123
124
125 @Override
126 public void initParameter(final String parameterName, final String parameterValue) {
127 if (parameterName.equals("realm")) {
128 this.setRealm(parameterValue);
129 } else {
130 throw new InvalidParameterException(parameterName);
131 }
132 }
133 }