BasicAuthServlet


1   /*
2    * $Header: /home/cvs/jakarta-commons/httpclient/src/test-webapp/src/org/apache/commons/httpclient/BasicAuthServlet.java,v 1.4.2.1 2004/02/22 18:21:18 olegk Exp $
3    * $Revision: 1.4.2.1 $
4    * $Date: 2004/02/22 18:21:18 $
5    * ====================================================================
6    *
7    *  Copyright 1999-2004 The Apache Software Foundation
8    *
9    *  Licensed under the Apache License, Version 2.0 (the "License");
10   *  you may not use this file except in compliance with the License.
11   *  You may obtain a copy of the License at
12   *
13   *      http://www.apache.org/licenses/LICENSE-2.0
14   *
15   *  Unless required by applicable law or agreed to in writing, software
16   *  distributed under the License is distributed on an "AS IS" BASIS,
17   *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18   *  See the License for the specific language governing permissions and
19   *  limitations under the License.
20   * ====================================================================
21   *
22   * This software consists of voluntary contributions made by many
23   * individuals on behalf of the Apache Software Foundation.  For more
24   * information on the Apache Software Foundation, please see
25   * <http://www.apache.org/>.
26   *
27   * [Additional notices, if required by prior licensing conditions]
28   *
29   */
30  
31  package org.apache.commons.httpclient;
32  
33  import java.io.*;
34  import javax.servlet.*;
35  import javax.servlet.http.*;
36  import java.util.*;
37  
38  public class BasicAuthServlet extends MultiMethodServlet {
39      // rather then make this servlet depend upon a base64 impl,
40      // we'll just hard code some base64 encodings
41      private static final HashMap creds = new HashMap();
42      static {
43          creds.put("dW5hbWU6cGFzc3dk","uname:passwd");
44          creds.put("amFrYXJ0YTpjb21tb25z","jakarta:commons");
45          creds.put("amFrYXJ0YS5hcGFjaGUub3JnL2NvbW1vbnM6aHR0cGNsaWVudA==","jakarta.apache.org/commons:httpclient");
46      }
47  
48      protected void genericService(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
49          String   auth = request.getHeader("authorization");
50          if(null == auth) {
51              sendUnauthenticated(request, response);
52          } else {
53              String   role = (String  )(creds.get(auth.substring("basic ".length(),auth.length())));
54              if(null == role) {
55                  sendUnauthorized(request, response, auth);
56              } else {
57                  sendAuthorized(request, response, role);
58              }
59          }
60      }
61  
62      protected void doHead(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
63          String   auth = request.getHeader("authorization");
64          if(null == auth) {
65              sendUnauthenticated(request, response);
66          } else {
67              String   role = (String  )(creds.get(auth.substring("basic ".length(),auth.length())));
68              if(null == role) {
69                  sendUnauthorized(request, response, auth);
70              }
71          }
72      }
73  
74      private void sendUnauthenticated(HttpServletRequest request, HttpServletResponse response) throws IOException {
75          response.setStatus(response.SC_UNAUTHORIZED);
76          response.addHeader("www-authenticate","Basic realm=\"BasicAuthServlet\"");
77          PrintWriter out = response.getWriter();
78          response.setContentType("text/html");
79          out.println("<html>");
80          out.println("<head><title>BasicAuth Servlet: " + request.getMethod() + "</title></head>");
81          out.println("<body>");
82          out.println("<p>This is a response to an HTTP " + request.getMethod() + " request.</p>");
83          out.println("<p>Not authorized.</p>");
84          out.println("</body>");
85          out.println("</html>");
86      }
87  
88      private void sendUnauthorized(HttpServletRequest request, HttpServletResponse response, String   auth) throws IOException {
89          response.setStatus(response.SC_UNAUTHORIZED);
90          response.addHeader("www-authenticate","Basic realm=\"BasicAuthServlet\"");
91          PrintWriter out = response.getWriter();
92          response.setContentType("text/html");
93          out.println("<html>");
94          out.println("<head><title>BasicAuth Servlet: " + request.getMethod() + "</title></head>");
95          out.println("<body>");
96          out.println("<p>This is a response to an HTTP " + request.getMethod() + " request.</p>");
97          out.println("<p>Not authorized. \"" + auth + "\" not recognized.</p>");
98          out.println("</body>");
99          out.println("</html>");
100     }
101 
102     private void sendAuthorized(HttpServletRequest request, HttpServletResponse response, String   role) throws IOException {
103         response.setContentType("text/html");
104         PrintWriter out = response.getWriter();
105         out.println("<html>");
106         out.println("<head><title>BasicAuth Servlet: " + request.getMethod() + "</title></head>");
107         out.println("<body>");
108         out.println("<p>This is a response to an HTTP " + request.getMethod() + " request.</p>");
109         out.println("<p>You have authenticated as \"" + role + "\"</p>");
110         out.println("</body>");
111         out.println("</html>");
112     }
113 }
114 
115
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags