Home Explore Help
Register Sign In
github
/
spring-security
mirror of https://github.com/spring-projects/spring-security
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Initial commit.

Ben Alex 21 years ago
parent
4ca1e2fd99
commit
a159d89ffd
2 changed files with 124 additions and 0 deletions
Split View Show Diff Stats
  1. 103 0
      core/src/main/java/org/acegisecurity/ui/httpinvoker/AuthenticationSimpleHttpInvokerRequestExecutor.java
  2. 21 0
      core/src/main/java/org/acegisecurity/ui/httpinvoker/package.html

+ 103 - 0
core/src/main/java/org/acegisecurity/ui/httpinvoker/AuthenticationSimpleHttpInvokerRequestExecutor.java
View File 

@@ -0,0 +1,103 @@
 
+/* Copyright 2004 Acegi Technology Pty Limited
 
+ *
 
+ * Licensed under the Apache License, Version 2.0 (the "License");
 
+ * you may not use this file except in compliance with the License.
 
+ * You may obtain a copy of the License at
 
+ *
 
+ *     http://www.apache.org/licenses/LICENSE-2.0
 
+ *
 
+ * Unless required by applicable law or agreed to in writing, software
 
+ * distributed under the License is distributed on an "AS IS" BASIS,
 
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 
+ * See the License for the specific language governing permissions and
 
+ * limitations under the License.
 
+ */
 
+
 
+package net.sf.acegisecurity.ui.httpinvoker;
 
+
 
+import net.sf.acegisecurity.Authentication;
 
+import net.sf.acegisecurity.AuthenticationCredentialsNotFoundException;
 
+import net.sf.acegisecurity.context.ContextHolder;
 
+import net.sf.acegisecurity.context.SecureContext;
 
+
 
+import org.apache.commons.codec.binary.Base64;
 
+import org.apache.commons.logging.Log;
 
+import org.apache.commons.logging.LogFactory;
 
+
 
+import org.springframework.remoting.httpinvoker.SimpleHttpInvokerRequestExecutor;
 
+
 
+import java.io.IOException;
 
+
 
+import java.net.HttpURLConnection;
 
+
 
+
 
+/**
 
+ * Adds BASIC authentication support to
 
+ * <code>SimpleHttpInvokerRequestExecutor</code>.
 
+ *
 
+ * @author Ben Alex
 
+ * @version $Id$
 
+ */
 
+public class AuthenticationSimpleHttpInvokerRequestExecutor
 
+    extends SimpleHttpInvokerRequestExecutor {
 
+    //~ Static fields/initializers =============================================
 
+
 
+    private static final Log logger = LogFactory.getLog(AuthenticationSimpleHttpInvokerRequestExecutor.class);
 
+
 
+    //~ Methods ================================================================
 
+
 
+    /**
 
+     * Called every time a HTTP invocation is made.
 
+     * 
+     * <P>
 
+     * Simply allows the parent to setup the connection, and then adds an
 
+     * <code>Authorization</code> HTTP header property that will be used for
 
+     * BASIC authentication.
 
+     * </p>
 
+     * 
+     * <P>
 
+     * The <code>ContextHolder</code> is used to obtain the relevant principal
 
+     * and credentials.
 
+     * </p>
 
+     *
 
+     * @param con the HTTP connection to prepare
 
+     * @param contentLength the length of the content to send
 
+     *
 
+     * @throws IOException if thrown by HttpURLConnection methods
 
+     * @throws AuthenticationCredentialsNotFoundException if the
 
+     *         <code>ContextHolder</code> does not contain a valid
 
+     *         <code>Authentication</code> with both its
 
+     *         <code>principal</code> and <code>credentials</code> not
 
+     *         <code>null</code>
 
+     */
 
+    protected void prepareConnection(HttpURLConnection con, int contentLength)
 
+        throws IOException, AuthenticationCredentialsNotFoundException {
 
+        super.prepareConnection(con, contentLength);
 
+
 
+        if ((ContextHolder.getContext() == null)
 
+            || !(ContextHolder.getContext() instanceof SecureContext)) {
 
+            throw new AuthenticationCredentialsNotFoundException(
 
+                "ContextHolder is null or does not contain a SecureContext");
 
+        }
 
+
 
+        Authentication auth = ((SecureContext) ContextHolder.getContext())
 
+            .getAuthentication();
 
+
 
+        if ((auth == null) || (auth.getPrincipal() == null)
 
+            || (auth.getCredentials() == null)) {
 
+            throw new AuthenticationCredentialsNotFoundException(
 
+                "The Authentication contained in the ContextHolder is null or the principal and/or credentials properties are null");
 
+        }
 
+
 
+        String base64 = auth.getPrincipal().toString() + ":"
 
+            + auth.getCredentials().toString();
 
+        con.setRequestProperty("Authorization",
 
+            "Basic " + new String(Base64.encodeBase64(base64.getBytes())));
 
+
 
+        if (logger.isDebugEnabled()) {
 
+            logger.debug(
 
+                "HttpInvocation now presenting via BASIC authentication ContextHolder-derived: "
 
+                + auth.toString());
 
+        }
 
+    }
 
+}

+ 21 - 0
core/src/main/java/org/acegisecurity/ui/httpinvoker/package.html
View File 

@@ -0,0 +1,21 @@
 
+<html>
 
+<body>
 
+Enables use of Spring's <code>HttpInvoker</code> extension points to 
+present the <code>principal</code> and <code>credentials</code> located
 
+in the <code>ContextHolder</code> via BASIC authentication.
 
+
 
+<P>The beans are wired as follows:
 
+
 
+<P>
 
+<code>
 
+&lt;bean id="test" class="org.springframework.remoting.httpinvoker.HttpInvokerProxyFactoryBean"&gt;<BR>
 
+   &lt;property name="serviceUrl"&gt;&lt;value&gt;http://localhost/Test&lt;/value&gt;&lt;/property&gt;<BR>
 
+   &lt;property name="serviceInterface"&gt;&lt;value&gt;test.TargetInterface&lt;/value&gt;&lt;/property&gt;<BR>
 
+   &lt;property name="httpInvokerRequestExecutor"&gt;&lt;ref bean="httpInvokerRequestExecutor"/&gt;&lt;/property&gt;<BR>
 
+&lt;/bean&gt;<BR>
 
+<BR>
 
+&lt;bean id="httpInvokerRequestExecutor" class="net.sf.acegisecurity.ui.httpinvoker.AuthenticationSimpleHttpInvokerRequestExecutor"/&gt;<BR>
 
+</code>
 
+
 
+</body>
 
+</html>