X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fhttp%2FCmsAuthenticator.java;h=e15d074fe4a9435e626cf9f367dd3df2eed7ac0e;hb=bfb5eb067a6796c0ee2a575b1e2431220352513a;hp=54849fc03912a127a9506bd745979115bcbf708d;hpb=81d9084e2c9fd9d33ca1d864171d28f9564647d8;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/internal/http/CmsAuthenticator.java b/org.argeo.cms/src/org/argeo/cms/internal/http/CmsAuthenticator.java
index 54849fc03..e15d074fe 100644
--- a/org.argeo.cms/src/org/argeo/cms/internal/http/CmsAuthenticator.java
+++ b/org.argeo.cms/src/org/argeo/cms/internal/http/CmsAuthenticator.java
@@ -9,14 +9,15 @@ import org.argeo.api.cms.CmsLog;
 import org.argeo.cms.auth.CurrentUser;
 import org.argeo.cms.auth.RemoteAuthCallbackHandler;
 import org.argeo.cms.auth.SpnegoLoginModule;
+import org.argeo.util.http.HttpHeader;
 
 import com.sun.net.httpserver.Authenticator;
 import com.sun.net.httpserver.HttpExchange;
 import com.sun.net.httpserver.HttpPrincipal;
 
 public class CmsAuthenticator extends Authenticator {
-	final static String HEADER_AUTHORIZATION = "Authorization";
-	final static String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate";
+//	final static String HEADER_AUTHORIZATION = "Authorization";
+//	final static String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate";
 
 	private final static CmsLog log = CmsLog.getLog(CmsAuthenticator.class);
 
@@ -69,7 +70,7 @@ public class CmsAuthenticator extends Authenticator {
 	}
 
 	protected boolean authIsRequired(HttpExchange httpExchange) {
-		return false;
+		return true;
 	}
 
 	protected LoginContext processUnauthorized(HttpExchange httpExchange) {
@@ -96,9 +97,10 @@ public class CmsAuthenticator extends Authenticator {
 		// response.setHeader(HttpUtils.HEADER_WWW_AUTHENTICATE, "basic
 		// realm=\"" + httpAuthRealm + "\"");
 		if (SpnegoLoginModule.hasAcceptorCredentials() && !forceBasic)// SPNEGO
-			httpExchange.getResponseHeaders().set(HEADER_WWW_AUTHENTICATE, "Negotiate");
+			httpExchange.getResponseHeaders().set(HttpHeader.WWW_AUTHENTICATE.getName(), HttpHeader.NEGOTIATE);
 		else
-			httpExchange.getResponseHeaders().set(HEADER_WWW_AUTHENTICATE, "Basic realm=\"" + httpAuthRealm + "\"");
+			httpExchange.getResponseHeaders().set(HttpHeader.WWW_AUTHENTICATE.getName(),
+					HttpHeader.BASIC + " " + HttpHeader.REALM + "=\"" + httpAuthRealm + "\"");
 
 		// response.setDateHeader("Date", System.currentTimeMillis());
 		// response.setDateHeader("Expires", System.currentTimeMillis() + (24 *