1 7 package winstone.auth; 8 9 import java.io.IOException ; 10 import java.util.List ; 11 import java.util.Set ; 12 13 import javax.servlet.ServletException ; 14 import javax.servlet.ServletRequest ; 15 import javax.servlet.ServletResponse ; 16 import javax.servlet.http.HttpServletRequest ; 17 import javax.servlet.http.HttpServletResponse ; 18 19 import org.w3c.dom.Node ; 20 21 import winstone.AuthenticationHandler; 22 import winstone.AuthenticationRealm; 23 import winstone.Logger; 24 import winstone.WebAppConfiguration; 25 import winstone.WinstoneResourceBundle; 26 27 35 public abstract class BaseAuthenticationHandler implements 36 AuthenticationHandler { 37 static final String ELEM_REALM_NAME = "realm-name"; 38 39 protected SecurityConstraint constraints[]; 40 protected AuthenticationRealm realm; 41 protected String realmName; 42 public final static WinstoneResourceBundle AUTH_RESOURCES = new WinstoneResourceBundle("winstone.auth.LocalStrings"); 43 44 48 protected BaseAuthenticationHandler(Node loginConfigNode, 49 List constraintNodes, Set rolesAllowed, 50 AuthenticationRealm realm) { 51 this.realm = realm; 52 53 for (int m = 0; m < loginConfigNode.getChildNodes().getLength(); m++) { 54 Node loginElm = loginConfigNode.getChildNodes().item(m); 55 if (loginElm.getNodeType() != Node.ELEMENT_NODE) 56 continue; 57 else if (loginElm.getNodeName().equals(ELEM_REALM_NAME)) 58 realmName = WebAppConfiguration.getTextFromNode(loginElm); 59 } 60 61 this.constraints = new SecurityConstraint[constraintNodes.size()]; 63 for (int n = 0; n < constraints.length; n++) 64 this.constraints[n] = new SecurityConstraint((Node ) constraintNodes 65 .get(n), rolesAllowed, n); 66 } 67 68 75 public boolean processAuthentication(ServletRequest inRequest, 76 ServletResponse inResponse, String pathRequested) 77 throws IOException , ServletException { 78 Logger.log(Logger.FULL_DEBUG, AUTH_RESOURCES, 79 "BaseAuthenticationHandler.StartAuthCheck"); 80 81 HttpServletRequest request = (HttpServletRequest ) inRequest; 82 HttpServletResponse response = (HttpServletResponse ) inResponse; 83 84 if (!validatePossibleAuthenticationResponse(request, response, pathRequested)) { 86 return false; 87 } else { 88 return doRoleCheck(request, response, pathRequested); 89 } 90 } 91 92 protected boolean doRoleCheck(HttpServletRequest request, 93 HttpServletResponse response, String pathRequested) 94 throws IOException , ServletException { 95 boolean foundApplicable = false; 97 for (int n = 0; (n < this.constraints.length) && !foundApplicable; n++) { 98 Logger.log(Logger.FULL_DEBUG, AUTH_RESOURCES, 99 "BaseAuthenticationHandler.EvalConstraint", 100 this.constraints[n].getName()); 101 102 if (this.constraints[n].isApplicable(pathRequested, request.getMethod())) { 104 Logger.log(Logger.FULL_DEBUG, AUTH_RESOURCES, 105 "BaseAuthenticationHandler.ApplicableConstraint", 106 this.constraints[n].getName()); 107 foundApplicable = true; 108 109 if (this.constraints[n].needsSSL() && !request.isSecure()) { 110 Logger.log(Logger.DEBUG, AUTH_RESOURCES, 111 "BaseAuthenticationHandler.ConstraintNeedsSSL", 112 this.constraints[n].getName()); 113 response.sendError(HttpServletResponse.SC_FORBIDDEN, 114 AUTH_RESOURCES.getString("BaseAuthenticationHandler.ConstraintNeedsSSL", 115 this.constraints[n].getName())); 116 return false; 117 } 118 119 else if (!this.constraints[n].isAllowed(request)) { 120 requestAuthentication(request, response, pathRequested); 122 return false; 123 } else { 124 setNoCache(response); 127 } 128 } 129 } 130 131 Logger.log(Logger.FULL_DEBUG, AUTH_RESOURCES, "BaseAuthenticationHandler.PassedAuthCheck"); 133 return true; 134 } 135 136 protected void setNoCache(HttpServletResponse response) { 137 response.setHeader("Pragma", "No-cache"); 138 response.setHeader("Cache-Control", "No-cache"); 139 response.setDateHeader("Expires", 1); 140 } 141 142 145 protected abstract void requestAuthentication(HttpServletRequest request, 146 HttpServletResponse response, String pathRequested) 147 throws IOException , ServletException ; 148 149 152 protected abstract boolean validatePossibleAuthenticationResponse( 153 HttpServletRequest request, HttpServletResponse response, 154 String pathRequested) throws ServletException , IOException ; 155 } 156 | Popular Tags |