]> git.argeo.org Git - lgpl/argeo-commons.git/blob - org.argeo.cms/src/org/argeo/cms/servlet/PrivateWwwAuthServletContext.java
projects / lgpl / argeo-commons.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Store UI context data in CMS View.
[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / servlet / PrivateWwwAuthServletContext.java
1 package org.argeo.cms.servlet;
2
3 import javax.security.auth.login.LoginContext;
4 import javax.servlet.http.HttpServletRequest;
5 import javax.servlet.http.HttpServletResponse;
6
7 import org.argeo.cms.internal.http.HttpUtils;
8
9 /** Servlet context forcing authentication. */
10 public class PrivateWwwAuthServletContext extends CmsServletContext {
11 // TODO make it configurable
12 private final String httpAuthRealm = "Argeo";
13 private final boolean forceBasic = false;
14
15 @Override
16 protected LoginContext processUnauthorized(HttpServletRequest request, HttpServletResponse response) {
17 askForWwwAuth(request, response);
18 return null;
19 }
20
21 protected void askForWwwAuth(HttpServletRequest request, HttpServletResponse response) {
22 // response.setHeader(HttpUtils.HEADER_WWW_AUTHENTICATE, "basic
23 // realm=\"" + httpAuthRealm + "\"");
24 if (org.argeo.cms.internal.kernel.Activator.getAcceptorCredentials() != null && !forceBasic)// SPNEGO
25 response.setHeader(HttpUtils.HEADER_WWW_AUTHENTICATE, "Negotiate");
26 else
27 response.setHeader(HttpUtils.HEADER_WWW_AUTHENTICATE, "Basic realm=\"" + httpAuthRealm + "\"");
28
29 // response.setDateHeader("Date", System.currentTimeMillis());
30 // response.setDateHeader("Expires", System.currentTimeMillis() + (24 *
31 // 60 * 60 * 1000));
32 // response.setHeader("Accept-Ranges", "bytes");
33 // response.setHeader("Connection", "Keep-Alive");
34 // response.setHeader("Keep-Alive", "timeout=5, max=97");
35 // response.setContentType("text/html; charset=UTF-8");
36 response.setStatus(401);
37 }
38 }
Argeo Commons - Lightweight integration framework in pure Java/OSGi