import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
private CallbackHandler callbackHandler = null;
private Map<String, Object> sharedState = null;
private CallbackHandler callbackHandler = null;
private Map<String, Object> sharedState = null;
- if (log.isTraceEnabled())
- log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
+// if (log.isTraceEnabled())
+// log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
CmsSessionImpl cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
if (cmsSession != null) {
authorization = cmsSession.getAuthorization();
CmsSessionImpl cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
if (cmsSession != null) {
authorization = cmsSession.getAuthorization();
} else {
authorization = (Authorization) request.getAttribute(HttpContext.AUTHORIZATION);
if (authorization == null) {// search by session ID
} else {
authorization = (Authorization) request.getAttribute(HttpContext.AUTHORIZATION);
if (authorization == null) {// search by session ID
if (httpSession == null) {
// TODO make sure this is always safe
if (log.isTraceEnabled())
log.trace("Create http session");
if (httpSession == null) {
// TODO make sure this is always safe
if (log.isTraceEnabled())
log.trace("Create http session");
- if (log.isTraceEnabled())
- log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
+// if (log.isTraceEnabled())
+// log.trace("HTTP login: " + request.getPathInfo() + " #" + httpSessionId);
CmsSessionImpl cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
if (cmsSession != null) {
authorization = cmsSession.getAuthorization();
CmsSessionImpl cmsSession = CmsAuthUtils.cmsSessionFromHttpSession(bc, httpSessionId);
if (cmsSession != null) {
authorization = cmsSession.getAuthorization();
String authHeader = httpRequest.getHeader(CmsAuthUtils.HEADER_AUTHORIZATION);
extractHttpAuth(authHeader);
}
String authHeader = httpRequest.getHeader(CmsAuthUtils.HEADER_AUTHORIZATION);
extractHttpAuth(authHeader);
}
X509Certificate[] certs = (X509Certificate[]) req.getAttribute("javax.servlet.request.X509Certificate");
if (null != certs && certs.length > 0) {// Servlet container verified the client certificate
String certDn = certs[0].getSubjectX500Principal().getName();
X509Certificate[] certs = (X509Certificate[]) req.getAttribute("javax.servlet.request.X509Certificate");
if (null != certs && certs.length > 0) {// Servlet container verified the client certificate
String certDn = certs[0].getSubjectX500Principal().getName();