@Override public Result authenticate(HttpExchange httpExchange) { if( !(httpExchange instanceof HttpsExchange) ) { return new Failure(500); } try { HttpsExchange httpsExchange = (HttpsExchange) httpExchange; X509Certificate certificate = getClientCert(httpsExchange); if (certificate == null) { return new Failure(401); } checkCertForClientUsage(certificate); checkCertForAllowedPrincipals(httpsExchange); String name=""; try { name = httpsExchange.getSSLSession().getPeerPrincipal().getName(); } catch (SSLPeerUnverifiedException ignore) { } return new Success(new HttpPrincipal(name, "ssl")); } catch (SecurityException e) { return new Failure(403); } }
return new Authenticator.Failure (401); return new Authenticator.Failure(401);
/** * The filter's implementation, which is invoked by the server */ public void doFilter (HttpExchange t, Filter.Chain chain) throws IOException { if (authenticator != null) { Authenticator.Result r = authenticator.authenticate (t); if (r instanceof Authenticator.Success) { Authenticator.Success s = (Authenticator.Success)r; ExchangeImpl e = ExchangeImpl.get (t); e.setPrincipal (s.getPrincipal()); chain.doFilter (t); } else if (r instanceof Authenticator.Retry) { Authenticator.Retry ry = (Authenticator.Retry)r; consumeInput (t); t.sendResponseHeaders (ry.getResponseCode(), -1); } else if (r instanceof Authenticator.Failure) { Authenticator.Failure f = (Authenticator.Failure)r; consumeInput (t); t.sendResponseHeaders (f.getResponseCode(), -1); } } else { chain.doFilter (t); } } }
@Override public Result authenticate(HttpExchange pHttpExchange) { try { URLConnection connection = delegateURL.openConnection(); connection.addRequestProperty("Authorization", pHttpExchange.getRequestHeaders().getFirst("Authorization")); connection.setConnectTimeout(2000); connection.connect(); if (connection instanceof HttpURLConnection) { HttpURLConnection httpConnection = (HttpURLConnection) connection; return httpConnection.getResponseCode() == 200 ? new Success(principalExtractor.extract(connection)) : new Failure(401); } else { return new Failure(401); } } catch (final IOException e) { return prepareFailure(pHttpExchange, "Cannot call delegate url " + delegateURL + ": " + e, 503); } catch (final IllegalArgumentException e) { return prepareFailure(pHttpExchange, "Illegal Argument: " + e, 400); } catch (ParseException e) { return prepareFailure(pHttpExchange, "Invalid JSON response: " + e, 422); } }
@Override public Result authenticate(HttpExchange httpExchange) { if( !(httpExchange instanceof HttpsExchange) ) { return new Failure(500); } try { HttpsExchange httpsExchange = (HttpsExchange) httpExchange; X509Certificate certificate = getClientCert(httpsExchange); if (certificate == null) { return new Failure(401); } checkCertForClientUsage(certificate); checkCertForAllowedPrincipals(httpsExchange); String name=""; try { name = httpsExchange.getSSLSession().getPeerPrincipal().getName(); } catch (SSLPeerUnverifiedException ignore) { } return new Success(new HttpPrincipal(name, "ssl")); } catch (SecurityException e) { return new Failure(403); } }
private Result prepareFailure(HttpExchange pHttpExchange, String pErrorDetails, int pCode) { pHttpExchange.getResponseHeaders().add("X-Error-Details", pErrorDetails); return new Failure(pCode); }
/** * Handles the {@link Result} in case of authorization failure. * * @param aHttpExchange The {@link com.sun.net.httpserver.HttpExchange} * which's "WWW-Authenticate" header is to be modified. * * @return the {@link Result} of type {@link Authenticator.Failure}. */ private Authenticator.Result toBasicAuthFailure( HttpExchange aHttpExchange ) { return new Authenticator.Failure( HttpStatusCode.UNAUTHORIZED.getStatusCode() ); }
@Override public Result authenticate(HttpExchange pHttpExchange) { try { URLConnection connection = delegateURL.openConnection(); connection.addRequestProperty("Authorization", pHttpExchange.getRequestHeaders().getFirst("Authorization")); connection.setConnectTimeout(2000); connection.connect(); if (connection instanceof HttpURLConnection) { HttpURLConnection httpConnection = (HttpURLConnection) connection; return httpConnection.getResponseCode() == 200 ? new Success(principalExtractor.extract(connection)) : new Failure(401); } else { return new Failure(401); } } catch (final IOException e) { return prepareFailure(pHttpExchange, "Cannot call delegate url " + delegateURL + ": " + e, 503); } catch (final IllegalArgumentException e) { return prepareFailure(pHttpExchange, "Illegal Argument: " + e, 400); } catch (ParseException e) { return prepareFailure(pHttpExchange, "Invalid JSON response: " + e, 422); } }
private Result prepareFailure(HttpExchange pHttpExchange, String pErrorDetails, int pCode) { pHttpExchange.getResponseHeaders().add("X-Error-Details", pErrorDetails); return new Failure(pCode); }