From: Mathieu Baudier Date: Fri, 16 Oct 2020 08:52:07 +0000 (+0200) Subject: Expose servlet context helpers. X-Git-Tag: argeo-commons-2.1.89~64 X-Git-Url: https://git.argeo.org/?p=lgpl%2Fargeo-commons.git;a=commitdiff_plain;h=c7e195eb2bad923662e6aa116359ca473dee337f Expose servlet context helpers. --- diff --git a/org.argeo.cms/OSGI-INF/dataServletContext.xml b/org.argeo.cms/OSGI-INF/dataServletContext.xml index 1c31adbbd..ffd8804b5 100644 --- a/org.argeo.cms/OSGI-INF/dataServletContext.xml +++ b/org.argeo.cms/OSGI-INF/dataServletContext.xml @@ -1,6 +1,6 @@ - + diff --git a/org.argeo.cms/OSGI-INF/filesServletContext.xml b/org.argeo.cms/OSGI-INF/filesServletContext.xml index a9993a355..049270c6a 100644 --- a/org.argeo.cms/OSGI-INF/filesServletContext.xml +++ b/org.argeo.cms/OSGI-INF/filesServletContext.xml @@ -1,6 +1,6 @@ - + diff --git a/org.argeo.cms/OSGI-INF/jcrServletContext.xml b/org.argeo.cms/OSGI-INF/jcrServletContext.xml index fb6f79e30..dd83c1d1c 100644 --- a/org.argeo.cms/OSGI-INF/jcrServletContext.xml +++ b/org.argeo.cms/OSGI-INF/jcrServletContext.xml @@ -1,6 +1,6 @@ - + diff --git a/org.argeo.cms/src/org/argeo/cms/internal/http/CmsServletContextHelper.java b/org.argeo.cms/src/org/argeo/cms/internal/http/CmsServletContextHelper.java deleted file mode 100644 index e2fd3d98f..000000000 --- a/org.argeo.cms/src/org/argeo/cms/internal/http/CmsServletContextHelper.java +++ /dev/null @@ -1,72 +0,0 @@ -package org.argeo.cms.internal.http; - -import java.io.IOException; -import java.net.URL; -import java.util.Map; - -import javax.security.auth.login.LoginContext; -import javax.security.auth.login.LoginException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.argeo.api.NodeConstants; -import org.argeo.cms.auth.HttpRequestCallbackHandler; -import org.osgi.framework.Bundle; -import org.osgi.framework.FrameworkUtil; -import org.osgi.service.http.context.ServletContextHelper; - -/** - * Default servlet context degrading to anonymous if the the sesison is not - * pre-authenticated. - */ -public class CmsServletContextHelper extends ServletContextHelper { - private final static Log log = LogFactory.getLog(CmsServletContextHelper.class); - // use CMS bundle for resources - private Bundle bundle = FrameworkUtil.getBundle(getClass()); - - public void init(Map properties) { - - } - - public void destroy() { - - } - - @Override - public boolean handleSecurity(HttpServletRequest request, HttpServletResponse response) throws IOException { - if (log.isTraceEnabled()) - HttpUtils.logRequestHeaders(log, request); - LoginContext lc; - try { - lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_USER, new HttpRequestCallbackHandler(request, response)); - lc.login(); - } catch (LoginException e) { - lc = processUnauthorized(request, response); - if (lc == null) - return false; - } - return true; - } - - protected LoginContext processUnauthorized(HttpServletRequest request, HttpServletResponse response) { - // anonymous - try { - LoginContext lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_ANONYMOUS, - new HttpRequestCallbackHandler(request, response)); - lc.login(); - return lc; - } catch (LoginException e1) { - if (log.isDebugEnabled()) - log.error("Cannot log in as anonymous", e1); - return null; - } - } - - @Override - public URL getResource(String name) { - return bundle.getResource(name); - } - -} diff --git a/org.argeo.cms/src/org/argeo/cms/internal/http/HttpUtils.java b/org.argeo.cms/src/org/argeo/cms/internal/http/HttpUtils.java index 58d9324ec..70998ea1a 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/http/HttpUtils.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/http/HttpUtils.java @@ -3,6 +3,7 @@ package org.argeo.cms.internal.http; import java.util.Enumeration; import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; import org.apache.commons.logging.Log; @@ -19,6 +20,15 @@ public class HttpUtils { || userAgent.contains("opera") || userAgent.contains("browser"); } + public static void logResponseHeaders(Log log, HttpServletResponse response) { + if (!log.isDebugEnabled()) + return; + for (String headerName : response.getHeaderNames()) { + Object headerValue = response.getHeader(headerName); + log.debug(headerName + ": " + headerValue); + } + } + public static void logRequestHeaders(Log log, HttpServletRequest request) { if (!log.isDebugEnabled()) return; @@ -30,7 +40,7 @@ public class HttpUtils { log.debug(request.getRequestURI() + "\n"); } - public static void logRequest(Log log,HttpServletRequest request) { + public static void logRequest(Log log, HttpServletRequest request) { log.debug("contextPath=" + request.getContextPath()); log.debug("servletPath=" + request.getServletPath()); log.debug("requestURI=" + request.getRequestURI()); @@ -57,7 +67,6 @@ public class HttpUtils { log.debug("\n" + buf); } - private HttpUtils() { } diff --git a/org.argeo.cms/src/org/argeo/cms/internal/http/PrivateServletContextHelper.java b/org.argeo.cms/src/org/argeo/cms/internal/http/PrivateServletContextHelper.java deleted file mode 100644 index b5dc7ba6f..000000000 --- a/org.argeo.cms/src/org/argeo/cms/internal/http/PrivateServletContextHelper.java +++ /dev/null @@ -1,37 +0,0 @@ -package org.argeo.cms.internal.http; - -import javax.security.auth.login.LoginContext; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -/** Servlet context forcing authentication. */ -public class PrivateServletContextHelper extends CmsServletContextHelper { - // TODO make it configurable - private final String httpAuthRealm = "Argeo"; - private final boolean forceBasic = false; - - @Override - protected LoginContext processUnauthorized(HttpServletRequest request, HttpServletResponse response) { - askForWwwAuth(request, response); - return null; - } - - protected void askForWwwAuth(HttpServletRequest request, HttpServletResponse response) { - response.setStatus(401); - // response.setHeader(HttpUtils.HEADER_WWW_AUTHENTICATE, "basic - // realm=\"" + httpAuthRealm + "\""); - if (org.argeo.cms.internal.kernel.Activator.getAcceptorCredentials() != null && !forceBasic)// SPNEGO - response.setHeader(HttpUtils.HEADER_WWW_AUTHENTICATE, "Negotiate"); - else - response.setHeader(HttpUtils.HEADER_WWW_AUTHENTICATE, "Basic realm=\"" + httpAuthRealm + "\""); - - // response.setDateHeader("Date", System.currentTimeMillis()); - // response.setDateHeader("Expires", System.currentTimeMillis() + (24 * - // 60 * 60 * 1000)); - // response.setHeader("Accept-Ranges", "bytes"); - // response.setHeader("Connection", "Keep-Alive"); - // response.setHeader("Keep-Alive", "timeout=5, max=97"); - // response.setContentType("text/html; charset=UTF-8"); - - } -} diff --git a/org.argeo.cms/src/org/argeo/cms/servlet/CmsServletContext.java b/org.argeo.cms/src/org/argeo/cms/servlet/CmsServletContext.java new file mode 100644 index 000000000..03a7551f0 --- /dev/null +++ b/org.argeo.cms/src/org/argeo/cms/servlet/CmsServletContext.java @@ -0,0 +1,75 @@ +package org.argeo.cms.servlet; + +import java.io.IOException; +import java.net.URL; +import java.util.Map; + +import javax.security.auth.login.LoginContext; +import javax.security.auth.login.LoginException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.argeo.api.NodeConstants; +import org.argeo.cms.auth.HttpRequestCallbackHandler; +import org.argeo.cms.internal.http.HttpUtils; +import org.osgi.framework.Bundle; +import org.osgi.framework.FrameworkUtil; +import org.osgi.service.http.context.ServletContextHelper; + +/** + * Default servlet context degrading to anonymous if the the sesison is not + * pre-authenticated. + */ +public class CmsServletContext extends ServletContextHelper { + private final static Log log = LogFactory.getLog(CmsServletContext.class); + // use CMS bundle for resources + private Bundle bundle = FrameworkUtil.getBundle(getClass()); + + public void init(Map properties) { + + } + + public void destroy() { + + } + + @Override + public boolean handleSecurity(HttpServletRequest request, HttpServletResponse response) throws IOException { + if (log.isTraceEnabled()) + HttpUtils.logRequestHeaders(log, request); + LoginContext lc; + try { + lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_USER, new HttpRequestCallbackHandler(request, response)); + lc.login(); + } catch (LoginException e) { + lc = processUnauthorized(request, response); + if (log.isTraceEnabled()) + HttpUtils.logResponseHeaders(log, response); + if (lc == null) + return false; + } + return true; + } + + protected LoginContext processUnauthorized(HttpServletRequest request, HttpServletResponse response) { + // anonymous + try { + LoginContext lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_ANONYMOUS, + new HttpRequestCallbackHandler(request, response)); + lc.login(); + return lc; + } catch (LoginException e1) { + if (log.isDebugEnabled()) + log.error("Cannot log in as anonymous", e1); + return null; + } + } + + @Override + public URL getResource(String name) { + return bundle.getResource(name); + } + +} diff --git a/org.argeo.cms/src/org/argeo/cms/servlet/PrivateWwwAuthServletContext.java b/org.argeo.cms/src/org/argeo/cms/servlet/PrivateWwwAuthServletContext.java new file mode 100644 index 000000000..e4547507a --- /dev/null +++ b/org.argeo.cms/src/org/argeo/cms/servlet/PrivateWwwAuthServletContext.java @@ -0,0 +1,38 @@ +package org.argeo.cms.servlet; + +import javax.security.auth.login.LoginContext; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.argeo.cms.internal.http.HttpUtils; + +/** Servlet context forcing authentication. */ +public class PrivateWwwAuthServletContext extends CmsServletContext { + // TODO make it configurable + private final String httpAuthRealm = "Argeo"; + private final boolean forceBasic = false; + + @Override + protected LoginContext processUnauthorized(HttpServletRequest request, HttpServletResponse response) { + askForWwwAuth(request, response); + return null; + } + + protected void askForWwwAuth(HttpServletRequest request, HttpServletResponse response) { + // response.setHeader(HttpUtils.HEADER_WWW_AUTHENTICATE, "basic + // realm=\"" + httpAuthRealm + "\""); + if (org.argeo.cms.internal.kernel.Activator.getAcceptorCredentials() != null && !forceBasic)// SPNEGO + response.setHeader(HttpUtils.HEADER_WWW_AUTHENTICATE, "Negotiate"); + else + response.setHeader(HttpUtils.HEADER_WWW_AUTHENTICATE, "Basic realm=\"" + httpAuthRealm + "\""); + + // response.setDateHeader("Date", System.currentTimeMillis()); + // response.setDateHeader("Expires", System.currentTimeMillis() + (24 * + // 60 * 60 * 1000)); + // response.setHeader("Accept-Ranges", "bytes"); + // response.setHeader("Connection", "Keep-Alive"); + // response.setHeader("Keep-Alive", "timeout=5, max=97"); + // response.setContentType("text/html; charset=UTF-8"); + response.setStatus(401); + } +}