1 28 29 package net.sf.jguard.jee.authentication.http; 30 31 import java.util.ArrayList ; 32 import java.util.Arrays ; 33 import java.util.Collection ; 34 import java.util.Iterator ; 35 import java.util.List ; 36 37 import javax.servlet.ServletException ; 38 import javax.servlet.http.HttpServletRequest ; 39 import javax.servlet.http.HttpSession ; 40 41 45 public class AuthSchemesHelper { 46 52 public static String getCurrentAuthScheme(HttpServletRequest request) { 53 HttpSession session = request.getSession(true); 54 String currentAuthScheme = (String )session.getAttribute(HttpConstants.CURRENT_AUTH_SCHEME); 55 if(currentAuthScheme==null){ 56 List authSchemes = (List )session.getAttribute(HttpConstants.AUTH_SCHEMES); 57 currentAuthScheme = (String )authSchemes.get(0); 58 session.setAttribute(HttpConstants.CURRENT_AUTH_SCHEME,currentAuthScheme); 59 } 60 return currentAuthScheme; 61 } 62 63 68 public static boolean advanceToNextScheme(HttpServletRequest request){ 69 HttpSession session = request.getSession(true); 70 List authSchemes = (List )session.getAttribute(HttpConstants.AUTH_SCHEMES); 71 String oldCurrentScheme = getCurrentAuthScheme(request); 72 int oldCurrentSchemeIndex = authSchemes.indexOf(oldCurrentScheme); 73 if(authSchemes.size()<=oldCurrentSchemeIndex+1){ 76 return false; 77 } 78 String currentAuthScheme = (String )authSchemes.get(oldCurrentSchemeIndex+1); 79 session.setAttribute(HttpConstants.CURRENT_AUTH_SCHEME,currentAuthScheme); 80 return true; 81 } 82 83 84 89 public static Collection validateAuthScheme(String authSchemes) throws ServletException { 90 Collection authSchemesList = null; 91 if(authSchemes==null){ 93 authSchemes = HttpConstants.FORM_AUTH; 94 authSchemesList = new ArrayList (); 95 authSchemesList.add(authSchemes); 96 return authSchemesList; 97 } 98 99 String [] schemes = authSchemes.split(","); 100 authSchemesList = Arrays.asList(schemes); 101 Iterator itAutSchemes = authSchemesList.iterator(); 102 while(itAutSchemes.hasNext()){ 103 String autScheme = (String )itAutSchemes.next(); 104 if(!HttpConstants.FORM_AUTH.equalsIgnoreCase(autScheme) 105 &&!HttpConstants.BASIC_AUTH.equalsIgnoreCase(autScheme) 106 &&!HttpConstants.DIGEST_AUTH.equalsIgnoreCase(autScheme) 107 &&!HttpConstants.CLIENT_CERT_AUTH.equalsIgnoreCase(autScheme)){ 108 throw new ServletException ( 109 " each authentication scheme should be 'BASIC','FORM','DIGEST',or 'CLIENT-CERT' and not '" 110 +authSchemes+"' "); 111 } 112 autScheme = autScheme.toUpperCase(); 113 } 114 115 return authSchemesList; 116 117 } 118 119 120 121 } 122 | Popular Tags |