X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fkernel%2FDataHttp.java;h=93a37ed98e58b286c8d8ce425442c3a960c0ae6a;hb=fcae8c8dbe979fbfdad103747328cf60de7d3315;hp=67fe44d93416310d1f9cb6ff1f6cfbd708e7745c;hpb=e57324e3c9fb9b9a05e7bea6574b54e789c65c4e;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/DataHttp.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/DataHttp.java
index 67fe44d93..93a37ed98 100644
--- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/DataHttp.java
+++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/DataHttp.java
@@ -78,8 +78,6 @@ class DataHttp implements KernelConstants {
 	void registerRepositoryServlets(String alias, Repository repository) {
 		try {
 			registerWebdavServlet(alias, repository);
-			// registerWebdavServlet(alias, repository, false);
-			// registerRemotingServlet(alias, repository, true);
 			registerRemotingServlet(alias, repository);
 			if (log.isDebugEnabled())
 				log.debug("Registered servlets for repository '" + alias + "'");
@@ -91,8 +89,6 @@ class DataHttp implements KernelConstants {
 	void unregisterRepositoryServlets(String alias) {
 		try {
 			httpService.unregister(webdavPath(alias));
-			// httpService.unregister(webdavPath(alias, false));
-			// httpService.unregister(remotingPath(alias, true));
 			httpService.unregister(remotingPath(alias));
 			if (log.isDebugEnabled())
 				log.debug("Unregistered servlets for repository '" + alias + "'");
@@ -126,14 +122,10 @@ class DataHttp implements KernelConstants {
 
 	private String webdavPath(String alias) {
 		return NodeConstants.PATH_DATA + "/" + alias;
-		// String pathPrefix = anonymous ? WEBDAV_PUBLIC : WEBDAV_PRIVATE;
-		// return pathPrefix + "/" + alias;
 	}
 
 	private String remotingPath(String alias) {
 		return NodeConstants.PATH_JCR + "/" + alias;
-		// String pathPrefix = anonymous ? NodeConstants.PATH_JCR_PUB :
-		// NodeConstants.PATH_JCR;
 	}
 
 	private Subject subjectFromRequest(HttpServletRequest request) {
@@ -150,6 +142,50 @@ class DataHttp implements KernelConstants {
 		}
 	}
 
+	private void requestBasicAuth(HttpServletRequest request, HttpServletResponse response) {
+		response.setStatus(401);
+		response.setHeader(HEADER_WWW_AUTHENTICATE, "basic realm=\"" + httpAuthRealm + "\"");
+	}
+
+	private CallbackHandler basicAuth(final HttpServletRequest httpRequest) {
+		String authHeader = httpRequest.getHeader(HEADER_AUTHORIZATION);
+		if (authHeader != null) {
+			StringTokenizer st = new StringTokenizer(authHeader);
+			if (st.hasMoreTokens()) {
+				String basic = st.nextToken();
+				if (basic.equalsIgnoreCase("Basic")) {
+					try {
+						// TODO manipulate char[]
+						String credentials = new String(Base64.decodeBase64(st.nextToken()), "UTF-8");
+						// log.debug("Credentials: " + credentials);
+						int p = credentials.indexOf(":");
+						if (p != -1) {
+							final String login = credentials.substring(0, p).trim();
+							final char[] password = credentials.substring(p + 1).trim().toCharArray();
+							return new CallbackHandler() {
+								public void handle(Callback[] callbacks) {
+									for (Callback cb : callbacks) {
+										if (cb instanceof NameCallback)
+											((NameCallback) cb).setName(login);
+										else if (cb instanceof PasswordCallback)
+											((PasswordCallback) cb).setPassword(password);
+										else if (cb instanceof HttpRequestCallback)
+											((HttpRequestCallback) cb).setRequest(httpRequest);
+									}
+								}
+							};
+						} else {
+							throw new CmsException("Invalid authentication token");
+						}
+					} catch (Exception e) {
+						throw new CmsException("Couldn't retrieve authentication", e);
+					}
+				}
+			}
+		}
+		return null;
+	}
+
 	private class RepositoriesStc implements ServiceTrackerCustomizer<Repository, Repository> {
 
 		@Override
@@ -178,81 +214,39 @@ class DataHttp implements KernelConstants {
 	}
 
 	private class DataHttpContext implements HttpContext {
-		// private final boolean anonymous;
-
-		DataHttpContext() {
-			// this.anonymous = anonymous;
-		}
-
 		@Override
 		public boolean handleSecurity(final HttpServletRequest request, HttpServletResponse response)
 				throws IOException {
-
-			// optimization
-			// HttpSession httpSession = request.getSession();
-			// Object remoteUser = httpSession.getAttribute(REMOTE_USER);
-			// Object authorization = httpSession.getAttribute(AUTHORIZATION);
-			// if (remoteUser != null && authorization != null) {
-			// request.setAttribute(REMOTE_USER, remoteUser);
-			// request.setAttribute(AUTHORIZATION, authorization);
-			// return true;
-			// }
-
-			// if (anonymous) {
-			// Subject subject = KernelUtils.anonymousLogin();
-			// Authorization authorization =
-			// subject.getPrivateCredentials(Authorization.class).iterator().next();
-			// request.setAttribute(REMOTE_USER, NodeConstants.ROLE_ANONYMOUS);
-			// request.setAttribute(AUTHORIZATION, authorization);
-			// return true;
-			// }
-
-			// if (log.isTraceEnabled())
-			// KernelUtils.logRequestHeaders(log, request);
+			if (log.isTraceEnabled())
+				KernelUtils.logRequestHeaders(log, request);
 			LoginContext lc;
 			try {
 				lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_USER, new HttpRequestCallbackHandler(request));
 				lc.login();
 				// return true;
-			} catch (CredentialNotFoundException e) {
-				try {
-					lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_USER);
-					lc.login();
-				} catch (LoginException e1) {
-					if (log.isDebugEnabled())
-						log.error("Cannot log in anonynous", e1);
-					return false;
-				}
-				// Subject subject = KernelUtils.anonymousLogin();
-				// authorization =
-				// subject.getPrivateCredentials(Authorization.class).iterator().next();
-				// request.setAttribute(REMOTE_USER,
-				// NodeConstants.ROLE_ANONYMOUS);
-				// request.setAttribute(AUTHORIZATION, authorization);
-				// httpSession.setAttribute(REMOTE_USER,
-				// NodeConstants.ROLE_ANONYMOUS);
-				// httpSession.setAttribute(AUTHORIZATION, authorization);
-				// return true;
-				// CallbackHandler token = basicAuth(request);
-				// if (token != null) {
-				// try {
-				// LoginContext lc = new
-				// LoginContext(NodeConstants.LOGIN_CONTEXT_USER, token);
-				// lc.login();
-				// // Note: this is impossible to reliably clear the
-				// // authorization header when access from a browser.
-				// return true;
-				// } catch (LoginException e1) {
-				// throw new CmsException("Could not login", e1);
-				// }
-				// } else {
-				// String path = request.getServletPath();
-				// if (path.startsWith(REMOTING_PRIVATE))
-				// requestBasicAuth(request, response);
-				// return false;
-				// }
 			} catch (LoginException e) {
-				throw new CmsException("Could not login", e);
+				CallbackHandler token = basicAuth(request);
+				if (token != null) {
+					try {
+						lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_USER, token);
+						lc.login();
+						// Note: this is impossible to reliably clear the
+						// authorization header when access from a browser.
+						return true;
+					} catch (LoginException e1) {
+						throw new CmsException("Could not login", e1);
+					}
+				} else {
+					// anonymous
+					try {
+						lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_USER);
+						lc.login();
+					} catch (LoginException e1) {
+						if (log.isDebugEnabled())
+							log.error("Cannot log in anonynous", e1);
+						return false;
+					}
+				}
 			}
 			request.setAttribute(NodeConstants.LOGIN_CONTEXT_USER, lc);
 			return true;
@@ -333,51 +327,6 @@ class DataHttp implements KernelConstants {
 			return null;
 		}
 
-		private void requestBasicAuth(HttpServletRequest request, HttpServletResponse response) {
-			response.setStatus(401);
-			response.setHeader(HEADER_WWW_AUTHENTICATE, "basic realm=\"" + httpAuthRealm + "\"");
-			// request.getSession().setAttribute(ATTR_AUTH, Boolean.TRUE);
-		}
-
-		private CallbackHandler basicAuth(final HttpServletRequest httpRequest) {
-			String authHeader = httpRequest.getHeader(HEADER_AUTHORIZATION);
-			if (authHeader != null) {
-				StringTokenizer st = new StringTokenizer(authHeader);
-				if (st.hasMoreTokens()) {
-					String basic = st.nextToken();
-					if (basic.equalsIgnoreCase("Basic")) {
-						try {
-							// TODO manipulate char[]
-							String credentials = new String(Base64.decodeBase64(st.nextToken()), "UTF-8");
-							// log.debug("Credentials: " + credentials);
-							int p = credentials.indexOf(":");
-							if (p != -1) {
-								final String login = credentials.substring(0, p).trim();
-								final char[] password = credentials.substring(p + 1).trim().toCharArray();
-								return new CallbackHandler() {
-									public void handle(Callback[] callbacks) {
-										for (Callback cb : callbacks) {
-											if (cb instanceof NameCallback)
-												((NameCallback) cb).setName(login);
-											else if (cb instanceof PasswordCallback)
-												((PasswordCallback) cb).setPassword(password);
-											else if (cb instanceof HttpRequestCallback)
-												((HttpRequestCallback) cb).setRequest(httpRequest);
-										}
-									}
-								};
-							} else {
-								throw new CmsException("Invalid authentication token");
-							}
-						} catch (Exception e) {
-							throw new CmsException("Couldn't retrieve authentication", e);
-						}
-					}
-				}
-			}
-			return null;
-		}
-
 	}
 
 	/**