BasicAuthUtil


1   package com.protomatter.util;
2   
3   /**
4    *  {{{ The Protomatter Software License, Version 1.0
5    *  derived from The Apache Software License, Version 1.1
6    *
7    *  Copyright (c) 1998-2002 Nate Sammons.  All rights reserved.
8    *
9    *  Redistribution and use in source and binary forms, with or without
10   *  modification, are permitted provided that the following conditions
11   *  are met:
12   *
13   *  1. Redistributions of source code must retain the above copyright
14   *     notice, this list of conditions and the following disclaimer.
15   *
16   *  2. Redistributions in binary form must reproduce the above copyright
17   *     notice, this list of conditions and the following disclaimer in
18   *     the documentation and/or other materials provided with the
19   *     distribution.
20   *
21   *  3. The end-user documentation included with the redistribution,
22   *     if any, must include the following acknowledgment:
23   *        "This product includes software developed for the
24   *         Protomatter Software Project
25   *         (http://protomatter.sourceforge.net/)."
26   *     Alternately, this acknowledgment may appear in the software itself,
27   *     if and wherever such third-party acknowledgments normally appear.
28   *
29   *  4. The names "Protomatter" and "Protomatter Software Project" must
30   *     not be used to endorse or promote products derived from this
31   *     software without prior written permission. For written
32   *     permission, please contact support@protomatter.com.
33   *
34   *  5. Products derived from this software may not be called "Protomatter",
35   *     nor may "Protomatter" appear in their name, without prior written
36   *     permission of the Protomatter Software Project
37   *     (support@protomatter.com).
38   *
39   *  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
40   *  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
41   *  OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
42   *  DISCLAIMED.  IN NO EVENT SHALL THE PROTOMATTER SOFTWARE PROJECT OR
43   *  ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44   *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
45   *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
46   *  USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
47   *  ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
48   *  OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
49   *  OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50   *  SUCH DAMAGE.   }}}
51   */
52  
53  import java.io.*;
54  import java.util.*;
55  import javax.servlet.http.*;
56  
57  /**
58   *  A utility class that provides methods for checking and
59   *  requiring basic authentication in servlets.
60   */
61  public class BasicAuthUtil
62  {
63    /**
64     *  Private constructor since this is an all-static class.
65     */
66    private BasicAuthUtil()
67    {
68      super();
69    }
70  
71    /**
72     *  Decodes the "Authorization" header and retrieves the
73     *  user's name from it.  Returns null if the header is not present.
74     */
75    public static String   getAuthUsername(HttpServletRequest request)
76    {
77      String   header = request.getHeader("Authorization");
78      if (header == null)
79        return null;
80      String   encoded = header.substring(header.indexOf(" ") + 1);
81      String   decoded = new String  (Base64.decode(encoded));
82      return decoded.substring(0, decoded.indexOf(":"));
83    }
84  
85    /**
86     *  Decodes the "Authorization" header and retrieves the
87     *  password from it.  Returns null if the header is not present.
88     */
89    public static String   getAuthPassword(HttpServletRequest request)
90    {
91      String   header = request.getHeader("Authorization");
92      if (header == null)
93        return null;
94      String   encoded = header.substring(header.indexOf(" ") + 1);
95      String   decoded = new String  (Base64.decode(encoded));
96      return decoded.substring(decoded.indexOf(":") +1);
97    }
98  
99    /**
100    *  Sends coprrect headers to require basic authentication for the
101    *  given realm.
102    */
103   public static void requireAuthentication(String   realm, HttpServletResponse resp)
104   throws IOException
105   {
106     resp.setHeader("WWW-Authenticate", "Basic realm=\"" + realm + "\"");
107     resp.sendError(HttpServletResponse.SC_UNAUTHORIZED);
108   }
109 }
110
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags