X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms.ee%2Fsrc%2Forg%2Fargeo%2Fcms%2Fservlet%2FPrivateWwwAuthServletContext.java;fp=org.argeo.cms.ee%2Fsrc%2Forg%2Fargeo%2Fcms%2Fservlet%2FPrivateWwwAuthServletContext.java;h=cd28b6e75d2f7d4fb6bb4277cfc2998d3587e5da;hb=c2eb0b8ebd1c9df4923f5fb2298a4ae04237f65d;hp=bf1ddcf88d08e559b61a0cab0dd21292288dec1b;hpb=b1a235695e876269172d9db401eb0a25af938a30;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms.ee/src/org/argeo/cms/servlet/PrivateWwwAuthServletContext.java b/org.argeo.cms.ee/src/org/argeo/cms/servlet/PrivateWwwAuthServletContext.java index bf1ddcf88..cd28b6e75 100644 --- a/org.argeo.cms.ee/src/org/argeo/cms/servlet/PrivateWwwAuthServletContext.java +++ b/org.argeo.cms.ee/src/org/argeo/cms/servlet/PrivateWwwAuthServletContext.java @@ -1,40 +1,42 @@ package org.argeo.cms.servlet; -import javax.security.auth.login.LoginContext; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.argeo.cms.auth.SpnegoLoginModule; -import org.argeo.util.http.HttpHeader; +import org.argeo.cms.auth.RemoteAuthRequest; +import org.argeo.cms.auth.RemoteAuthResponse; /** Servlet context forcing authentication. */ public class PrivateWwwAuthServletContext extends CmsServletContext { // TODO make it configurable - private final String httpAuthRealm = "Argeo"; - private final boolean forceBasic = false; - - @Override - protected LoginContext processUnauthorized(HttpServletRequest request, HttpServletResponse response) { - askForWwwAuth(request, response); - return null; +// private final String httpAuthRealm = "Argeo"; +// private final boolean forceBasic = false; + + protected boolean authIsRequired(RemoteAuthRequest remoteAuthRequest, + RemoteAuthResponse remoteAuthResponse) { + return true; } - protected void askForWwwAuth(HttpServletRequest request, HttpServletResponse response) { - // response.setHeader(HttpUtils.HEADER_WWW_AUTHENTICATE, "basic - // realm=\"" + httpAuthRealm + "\""); - if (SpnegoLoginModule.hasAcceptorCredentials() && !forceBasic)// SPNEGO - response.setHeader(HttpHeader.WWW_AUTHENTICATE.getName(), HttpHeader.NEGOTIATE); - else - response.setHeader(HttpHeader.WWW_AUTHENTICATE.getName(), - HttpHeader.BASIC + " " + HttpHeader.REALM + "=\"" + httpAuthRealm + "\""); - // response.setDateHeader("Date", System.currentTimeMillis()); - // response.setDateHeader("Expires", System.currentTimeMillis() + (24 * - // 60 * 60 * 1000)); - // response.setHeader("Accept-Ranges", "bytes"); - // response.setHeader("Connection", "Keep-Alive"); - // response.setHeader("Keep-Alive", "timeout=5, max=97"); - // response.setContentType("text/html; charset=UTF-8"); - response.setStatus(401); - } +// @Override +// protected LoginContext processUnauthorized(HttpServletRequest request, HttpServletResponse response) { +// askForWwwAuth(request, response); +// return null; +// } +// +// protected void askForWwwAuth(HttpServletRequest request, HttpServletResponse response) { +// // response.setHeader(HttpUtils.HEADER_WWW_AUTHENTICATE, "basic +// // realm=\"" + httpAuthRealm + "\""); +// if (SpnegoLoginModule.hasAcceptorCredentials() && !forceBasic)// SPNEGO +// response.setHeader(HttpHeader.WWW_AUTHENTICATE.getName(), HttpHeader.NEGOTIATE); +// else +// response.setHeader(HttpHeader.WWW_AUTHENTICATE.getName(), +// HttpHeader.BASIC + " " + HttpHeader.REALM + "=\"" + httpAuthRealm + "\""); +// +// // response.setDateHeader("Date", System.currentTimeMillis()); +// // response.setDateHeader("Expires", System.currentTimeMillis() + (24 * +// // 60 * 60 * 1000)); +// // response.setHeader("Accept-Ranges", "bytes"); +// // response.setHeader("Connection", "Keep-Alive"); +// // response.setHeader("Keep-Alive", "timeout=5, max=97"); +// // response.setContentType("text/html; charset=UTF-8"); +// response.setStatus(401); +// } }