1
2
3
4
5
6
7
8
9
10
11
12
13
14 package waffle.apache;
15
16 import java.io.IOException;
17 import java.util.Arrays;
18 import java.util.LinkedHashSet;
19 import java.util.Locale;
20 import java.util.Set;
21
22 import javax.servlet.http.HttpServletResponse;
23
24 import org.apache.catalina.authenticator.AuthenticatorBase;
25 import org.apache.catalina.connector.Response;
26 import org.slf4j.Logger;
27
28 import waffle.windows.auth.IWindowsAuthProvider;
29 import waffle.windows.auth.PrincipalFormat;
30 import waffle.windows.auth.impl.WindowsAuthProviderImpl;
31
32
33
34
35
36
37 abstract class WaffleAuthenticatorBase extends AuthenticatorBase {
38
39
40 private static final Set<String> SUPPORTED_PROTOCOLS = new LinkedHashSet<String>(Arrays.asList("Negotiate", "NTLM"));
41
42
43 protected String info;
44
45
46 protected Logger log;
47
48
49 protected PrincipalFormat principalFormat = PrincipalFormat.FQN;
50
51
52 protected PrincipalFormat roleFormat = PrincipalFormat.FQN;
53
54
55 protected boolean allowGuestLogin = true;
56
57
58 protected Set<String> protocols = WaffleAuthenticatorBase.SUPPORTED_PROTOCOLS;
59
60
61 protected IWindowsAuthProvider auth = new WindowsAuthProviderImpl();
62
63
64
65
66
67
68 public IWindowsAuthProvider getAuth() {
69 return this.auth;
70 }
71
72
73
74
75
76
77
78 public void setAuth(final IWindowsAuthProvider provider) {
79 this.auth = provider;
80 }
81
82
83
84
85 @Override
86 public String getInfo() {
87 return this.info;
88 }
89
90
91
92
93
94
95
96 public void setPrincipalFormat(final String format) {
97 this.principalFormat = PrincipalFormat.valueOf(format.toUpperCase(Locale.ENGLISH));
98 this.log.debug("principal format: {}", this.principalFormat);
99 }
100
101
102
103
104
105
106 public PrincipalFormat getPrincipalFormat() {
107 return this.principalFormat;
108 }
109
110
111
112
113
114
115
116 public void setRoleFormat(final String format) {
117 this.roleFormat = PrincipalFormat.valueOf(format.toUpperCase(Locale.ENGLISH));
118 this.log.debug("role format: {}", this.roleFormat);
119 }
120
121
122
123
124
125
126 public PrincipalFormat getRoleFormat() {
127 return this.roleFormat;
128 }
129
130
131
132
133
134
135 public boolean isAllowGuestLogin() {
136 return this.allowGuestLogin;
137 }
138
139
140
141
142
143
144
145
146 public void setAllowGuestLogin(final boolean value) {
147 this.allowGuestLogin = value;
148 }
149
150
151
152
153
154
155
156 public void setProtocols(final String value) {
157 this.protocols = new LinkedHashSet<String>();
158 final String[] protocolNames = value.split(",");
159 for (String protocolName : protocolNames) {
160 protocolName = protocolName.trim();
161 if (!protocolName.isEmpty()) {
162 this.log.debug("init protocol: {}", protocolName);
163 if (WaffleAuthenticatorBase.SUPPORTED_PROTOCOLS.contains(protocolName)) {
164 this.protocols.add(protocolName);
165 } else {
166 this.log.error("unsupported protocol: {}", protocolName);
167 throw new RuntimeException("Unsupported protocol: " + protocolName);
168 }
169 }
170 }
171 }
172
173
174
175
176
177
178
179 protected void sendUnauthorized(final Response response) {
180 try {
181 for (final String protocol : this.protocols) {
182 response.addHeader("WWW-Authenticate", protocol);
183 }
184 response.setHeader("Connection", "close");
185 response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
186 response.flushBuffer();
187 } catch (final IOException e) {
188 throw new RuntimeException(e);
189 }
190 }
191
192
193
194
195
196
197
198
199
200 protected void sendError(final Response response, final int code) {
201 try {
202 response.sendError(code);
203 } catch (final IOException e) {
204 this.log.error(e.getMessage());
205 this.log.trace("{}", e);
206 throw new RuntimeException(e);
207 }
208 }
209 }