import javax.security.auth.login.CredentialNotFoundException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
-import javax.servlet.Servlet;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.jackrabbit.webdav.simple.SimpleWebdavServlet;
import org.argeo.cms.CmsException;
import org.argeo.cms.auth.AuthConstants;
+import org.argeo.cms.auth.CurrentUser;
import org.argeo.cms.auth.HttpRequestCallback;
import org.argeo.cms.auth.HttpRequestCallbackHandler;
import org.argeo.jcr.ArgeoJcrConstants;
// private final static String ATTR_AUTH = "auth";
private final static String HEADER_AUTHORIZATION = "Authorization";
- private final static String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate";
+ // private final static String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate";
private final HttpService httpService;
// FIXME Make it more unique
- private String httpAuthRealm = "Argeo";
+ // private String httpAuthRealm = "Argeo";
// WebDav / JCR remoting
private OpenInViewSessionProvider sessionProvider;
- DataHttp(HttpService httpService, NodeRepository node) {
+ DataHttp(HttpService httpService) {
this.httpService = httpService;
sessionProvider = new OpenInViewSessionProvider();
- registerRepositoryServlets(ALIAS_NODE, node);
+ // registerRepositoryServlets(ALIAS_NODE, node);
}
public void destroy() {
- unregisterRepositoryServlets(ALIAS_NODE);
+ // unregisterRepositoryServlets(ALIAS_NODE);
}
void registerRepositoryServlets(String alias, Repository repository) {
Properties ip = new Properties();
ip.setProperty(WebdavServlet.INIT_PARAM_RESOURCE_CONFIG, WEBDAV_CONFIG);
ip.setProperty(WebdavServlet.INIT_PARAM_RESOURCE_PATH_PREFIX, path);
- // httpService.registerFilter(path, anonymous ? new AnonymousFilter()
- // : new DavFilter(), null, null);
- // Cast to servlet because of a weird behaviour in Eclipse
- httpService.registerServlet(path, (Servlet) webdavServlet, ip,
+ httpService.registerServlet(path, webdavServlet, ip,
new DataHttpContext(anonymous));
}
ip.setProperty(RemotingServlet.INIT_PARAM_TMP_DIRECTORY, "remoting");
// in order to avoid annoying warning.
ip.setProperty(RemotingServlet.INIT_PARAM_PROTECTED_HANDLERS_CONFIG, "");
- // Cast to servlet because of a weird behaviour in Eclipse
- // httpService.registerFilter(path, anonymous ? new AnonymousFilter()
- // : new DavFilter(), null, null);
- httpService.registerServlet(path, (Servlet) remotingServlet, ip,
+ httpService.registerServlet(path, remotingServlet, ip,
new DataHttpContext(anonymous));
}
-// private X509Certificate extractCertificate(HttpServletRequest req) {
-// X509Certificate[] certs = (X509Certificate[]) req
-// .getAttribute("javax.servlet.request.X509Certificate");
-// if (null != certs && certs.length > 0) {
-// return certs[0];
-// }
-// return null;
-// }
-
private Subject subjectFromRequest(HttpServletRequest request) {
Authorization authorization = (Authorization) request
.getAttribute(HttpContext.AUTHORIZATION);
return true;
}
- KernelUtils.logRequestHeaders(log, request);
+ if (log.isTraceEnabled())
+ KernelUtils.logRequestHeaders(log, request);
try {
new LoginContext(LOGIN_CONTEXT_USER,
new HttpRequestCallbackHandler(request)).login();
throw new CmsException("Could not login", e1);
}
} else {
- requestBasicAuth(request, response);
+ // requestBasicAuth(request, response);
return false;
}
} catch (LoginException e) {
return null;
}
- private void requestBasicAuth(HttpServletRequest request,
- HttpServletResponse response) {
- response.setStatus(401);
- response.setHeader(HEADER_WWW_AUTHENTICATE, "basic realm=\""
- + httpAuthRealm + "\"");
- // request.getSession().setAttribute(ATTR_AUTH, Boolean.TRUE);
- }
+ // private void requestBasicAuth(HttpServletRequest request,
+ // HttpServletResponse response) {
+ // response.setStatus(401);
+ // response.setHeader(HEADER_WWW_AUTHENTICATE, "basic realm=\""
+ // + httpAuthRealm + "\"");
+ // // request.getSession().setAttribute(ATTR_AUTH, Boolean.TRUE);
+ // }
private CallbackHandler basicAuth(final HttpServletRequest httpRequest) {
String authHeader = httpRequest.getHeader(HEADER_AUTHORIZATION);
IOException {
try {
Subject subject = subjectFromRequest(request);
+ if (CurrentUser.isAnonymous(subject)
+ && request.getMethod().equals("GET")) {
+ response.setHeader("Cache-Control",
+ "no-transform, public, max-age=300, s-maxage=900");
+ }
+
Subject.doAs(subject, new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {