KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > alfresco > repo > webdav > auth > AuthenticationFilter


1 /*
2  * Copyright (C) 2005 Alfresco, Inc.
3  *
4  * Licensed under the Mozilla Public License version 1.1
5  * with a permitted attribution clause. You may obtain a
6  * copy of the License at
7  *
8  * http://www.alfresco.org/legal/license.txt
9  *
10  * Unless required by applicable law or agreed to in writing,
11  * software distributed under the License is distributed on an
12  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
13  * either express or implied. See the License for the specific
14  * language governing permissions and limitations under the
15  * License.
16  */

17
18 package org.alfresco.repo.webdav.auth;
19
20 import java.io.IOException JavaDoc;
21
22 import javax.servlet.Filter JavaDoc;
23 import javax.servlet.FilterChain JavaDoc;
24 import javax.servlet.FilterConfig JavaDoc;
25 import javax.servlet.ServletContext JavaDoc;
26 import javax.servlet.ServletException JavaDoc;
27 import javax.servlet.ServletRequest JavaDoc;
28 import javax.servlet.ServletResponse JavaDoc;
29 import javax.servlet.http.HttpServletRequest JavaDoc;
30 import javax.servlet.http.HttpServletResponse JavaDoc;
31
32 import org.alfresco.model.ContentModel;
33 import org.alfresco.repo.security.authentication.AuthenticationException;
34 import org.alfresco.service.ServiceRegistry;
35 import org.alfresco.service.cmr.repository.NodeRef;
36 import org.alfresco.service.cmr.repository.NodeService;
37 import org.alfresco.service.cmr.security.AuthenticationService;
38 import org.alfresco.service.cmr.security.NoSuchPersonException;
39 import org.alfresco.service.cmr.security.PersonService;
40 import org.apache.commons.codec.binary.Base64;
41 import org.springframework.web.context.WebApplicationContext;
42 import org.springframework.web.context.support.WebApplicationContextUtils;
43
44 /**
45  * WebDAV Authentication Filter Class
46  *
47  * @author GKSpencer
48  */

49 public class AuthenticationFilter implements Filter JavaDoc
50 {
51     // Authenticated user session object name
52

53     public final static String JavaDoc AUTHENTICATION_USER = "_alfDAVAuthTicket";
54
55     // Servlet context
56

57     private ServletContext JavaDoc m_context;
58
59     // Various services required by NTLM authenticator
60

61     private AuthenticationService m_authService;
62     private PersonService m_personService;
63     private NodeService m_nodeService;
64     
65     /**
66      * Initialize the filter
67      *
68      * @param config FitlerConfig
69      * @exception ServletException
70      */

71     public void init(FilterConfig JavaDoc config) throws ServletException JavaDoc
72     {
73         // Save the context
74

75         m_context = config.getServletContext();
76
77         // Setup the authentication context
78

79         WebApplicationContext ctx = WebApplicationContextUtils.getRequiredWebApplicationContext(m_context);
80         
81         ServiceRegistry serviceRegistry = (ServiceRegistry) ctx.getBean(ServiceRegistry.SERVICE_REGISTRY);
82         m_nodeService = serviceRegistry.getNodeService();
83         m_authService = serviceRegistry.getAuthenticationService();
84         m_personService = (PersonService) ctx.getBean("PersonService"); // transactional and permission-checked
85
}
86
87     /**
88      * Run the authentication filter
89      *
90      * @param req ServletRequest
91      * @param resp ServletResponse
92      * @param chain FilterChain
93      * @exception ServletException
94      * @exception IOException
95      */

96     public void doFilter(ServletRequest JavaDoc req, ServletResponse JavaDoc resp, FilterChain JavaDoc chain) throws IOException JavaDoc,
97             ServletException JavaDoc
98     {
99         // Assume it's an HTTP request
100

101         HttpServletRequest JavaDoc httpReq = (HttpServletRequest JavaDoc) req;
102         HttpServletResponse JavaDoc httpResp = (HttpServletResponse JavaDoc) resp;
103
104         // Get the user details object from the session
105

106         WebDAVUser user = (WebDAVUser) httpReq.getSession().getAttribute(AUTHENTICATION_USER);
107
108         if (user == null)
109         {
110             // Get the authorization header
111

112             String JavaDoc authHdr = httpReq.getHeader("Authorization");
113             
114             if ( authHdr != null && authHdr.length() > 5 && authHdr.substring(0,5).equalsIgnoreCase("BASIC"))
115             {
116                 // Basic authentication details present
117

118                 String JavaDoc basicAuth = new String JavaDoc(Base64.decodeBase64(authHdr.substring(5).getBytes()));
119                 
120                 // Split the username and password
121

122                 String JavaDoc username = null;
123                 String JavaDoc password = null;
124                 
125                 int pos = basicAuth.indexOf(":");
126                 if ( pos != -1)
127                 {
128                     username = basicAuth.substring(0, pos);
129                     password = basicAuth.substring(pos + 1);
130                 }
131                 else
132                 {
133                     username = basicAuth;
134                     password = "";
135                 }
136                 
137                 try
138                 {
139                     // Authenticate the user
140
m_authService.authenticate(username, password.toCharArray());
141                     
142                     // Get the user node and home folder
143
NodeRef personNodeRef = m_personService.getPerson(username);
144                     NodeRef homeSpaceRef = (NodeRef) m_nodeService.getProperty(personNodeRef, ContentModel.PROP_HOMEFOLDER);
145                     // Setup User object and Home space ID etc.
146
user = new WebDAVUser(username, m_authService.getCurrentTicket(), homeSpaceRef);
147                     
148                     httpReq.getSession().setAttribute(AUTHENTICATION_USER, user);
149                 }
150                 catch ( AuthenticationException ex)
151                 {
152                     // Do nothing, user object will be null
153
}
154                 catch (NoSuchPersonException e)
155                 {
156                     // Do nothing, user object will be null
157
}
158             }
159             
160             // Check if the user is authenticated, if not then prompt again
161

162             if ( user == null)
163             {
164                 // No user/ticket, force the client to prompt for logon details
165

166                 httpResp.setHeader("WWW-Authenticate", "BASIC realm=\"Alfresco DAV Server\"");
167                 httpResp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
168     
169                 httpResp.flushBuffer();
170                 return;
171             }
172         }
173         else
174         {
175             // Setup the authentication context
176

177             m_authService.validate(user.getTicket());
178
179             // Set the current locale
180

181             // I18NUtil.setLocale(Application.getLanguage(httpRequest.getSession()));
182
}
183
184         // Chain other filters
185

186         chain.doFilter(req, resp);
187     }
188
189     /**
190      * Cleanup filter resources
191      */

192     public void destroy()
193     {
194         // Nothing to do
195
}
196 }
197
Popular Tags