import org.osgi.service.http.HttpContext;
import org.osgi.service.useradmin.Authorization;
+/** Use the HTTP session as the basis for authentication. */
public class HttpSessionLoginModule implements LoginModule {
private final static Log log = LogFactory.getLog(HttpSessionLoginModule.class);
} else {
authorization = (Authorization) request.getAttribute(HttpContext.AUTHORIZATION);
if (authorization == null) {// search by session ID
- // TODO implement ident
-// IdentClient identClient = new IdentClient(request.getRemoteAddr(), "changeit");
-// String identUsername = identClient.getUsername(request.getLocalPort(), request.getRemotePort());
-// log.debug("Ident username: " + identUsername);
-
HttpSession httpSession = request.getSession(false);
if (httpSession == null) {
// TODO make sure this is always safe
} else {
if (log.isTraceEnabled())
log.trace("HTTP login: " + true);
+ request.setAttribute(HttpContext.AUTHORIZATION, authorization);
return true;
}
}