@Override public void init(Properties config) throws ServletException { super.init(config); // Figure out the HTTP authentication schemes configured. String schemesProperty = Preconditions.checkNotNull(config .getProperty(MultiSchemeAuthenticationHandler.SCHEMES_PROPERTY)); // Figure out the HTTP authentication schemes configured for delegation // tokens. String delegationAuthSchemesProp = Preconditions.checkNotNull(config .getProperty(DELEGATION_TOKEN_SCHEMES_PROPERTY)); Set<String> authSchemes = new HashSet<>(); for (String scheme : STR_SPLITTER.split(schemesProperty)) { authSchemes.add(AuthenticationHandlerUtil.checkAuthScheme(scheme)); } delegationAuthSchemes = new HashSet<>(); for (String scheme : STR_SPLITTER.split(delegationAuthSchemesProp)) { delegationAuthSchemes.add(AuthenticationHandlerUtil .checkAuthScheme(scheme)); } Preconditions.checkArgument(authSchemes.containsAll(delegationAuthSchemes)); }
for (String scheme : delegationAuthSchemes) { if (AuthenticationHandlerUtil. matchAuthScheme(scheme, authorization)) { schemeConfigured = true; break;
"%s system property is not specified.", SCHEMES_PROPERTY); for (String scheme : STR_SPLITTER.split(schemesProperty)) { scheme = AuthenticationHandlerUtil.checkAuthScheme(scheme); if (schemeToAuthHandlerMapping.containsKey(scheme)) { throw new IllegalArgumentException("Handler is already specified for " .getAuthenticationHandlerClassName(authHandlerName); AuthenticationHandler handler = initializeAuthHandler(authHandlerClassName, config);
.getAuthenticationHandlerClassName(authHandlerName); maxInactiveInterval = Long.parseLong(config.getProperty( AUTH_TOKEN_MAX_INACTIVE_INTERVAL, "-1")); // By default, disable.
"%s system property is not specified.", SCHEMES_PROPERTY); for (String scheme : STR_SPLITTER.split(schemesProperty)) { scheme = AuthenticationHandlerUtil.checkAuthScheme(scheme); if (schemeToAuthHandlerMapping.containsKey(scheme)) { throw new IllegalArgumentException("Handler is already specified for " .getAuthenticationHandlerClassName(authHandlerName); AuthenticationHandler handler = initializeAuthHandler(authHandlerClassName, config);
.getAuthenticationHandlerClassName(authHandlerName); maxInactiveInterval = Long.parseLong(config.getProperty( AUTH_TOKEN_MAX_INACTIVE_INTERVAL, "-1")); // By default, disable.
@Override public AuthenticationToken authenticate(HttpServletRequest request, HttpServletResponse response) throws IOException, AuthenticationException { String authorization = request.getHeader(HttpConstants.AUTHORIZATION_HEADER); if (authorization != null) { for (Map.Entry<String, AuthenticationHandler> entry : schemeToAuthHandlerMapping.entrySet()) { if (AuthenticationHandlerUtil.matchAuthScheme( entry.getKey(), authorization)) { AuthenticationToken token = entry.getValue().authenticate(request, response); logger.trace("Token generated with type {}", token.getType()); return token; } } } // Handle the case when (authorization == null) or an invalid authorization // header (e.g. a header value without the scheme name). response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); for (String scheme : schemeToAuthHandlerMapping.keySet()) { response.addHeader(HttpConstants.WWW_AUTHENTICATE_HEADER, scheme); } return null; } }
"%s system property is not specified.", SCHEMES_PROPERTY); for (String scheme : STR_SPLITTER.split(schemesProperty)) { scheme = AuthenticationHandlerUtil.checkAuthScheme(scheme); if (schemeToAuthHandlerMapping.containsKey(scheme)) { throw new IllegalArgumentException("Handler is already specified for " .getAuthenticationHandlerClassName(authHandlerName); AuthenticationHandler handler = initializeAuthHandler(authHandlerClassName, config);
@Override public void init(Properties config) throws ServletException { super.init(config); // Figure out the HTTP authentication schemes configured. String schemesProperty = Preconditions.checkNotNull(config .getProperty(MultiSchemeAuthenticationHandler.SCHEMES_PROPERTY)); // Figure out the HTTP authentication schemes configured for delegation // tokens. String delegationAuthSchemesProp = Preconditions.checkNotNull(config .getProperty(DELEGATION_TOKEN_SCHEMES_PROPERTY)); Set<String> authSchemes = new HashSet<>(); for (String scheme : STR_SPLITTER.split(schemesProperty)) { authSchemes.add(AuthenticationHandlerUtil.checkAuthScheme(scheme)); } delegationAuthSchemes = new HashSet<>(); for (String scheme : STR_SPLITTER.split(delegationAuthSchemesProp)) { delegationAuthSchemes.add(AuthenticationHandlerUtil .checkAuthScheme(scheme)); } Preconditions.checkArgument(authSchemes.containsAll(delegationAuthSchemes)); }
.getAuthenticationHandlerClassName(authHandlerName); maxInactiveInterval = Long.parseLong(config.getProperty( AUTH_TOKEN_MAX_INACTIVE_INTERVAL, "-1")); // By default, disable.
@Override public AuthenticationToken authenticate(HttpServletRequest request, HttpServletResponse response) throws IOException, AuthenticationException { String authorization = request.getHeader(HttpConstants.AUTHORIZATION_HEADER); if (authorization != null) { for (String scheme : schemeToAuthHandlerMapping.keySet()) { if (AuthenticationHandlerUtil.matchAuthScheme(scheme, authorization)) { AuthenticationHandler handler = schemeToAuthHandlerMapping.get(scheme); AuthenticationToken token = handler.authenticate(request, response); logger.trace("Token generated with type {}", token.getType()); return token; } } } // Handle the case when (authorization == null) or an invalid authorization // header (e.g. a header value without the scheme name). response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); for (String scheme : schemeToAuthHandlerMapping.keySet()) { response.addHeader(HttpConstants.WWW_AUTHENTICATE_HEADER, scheme); } return null; } }
@Override public AuthenticationToken authenticate(HttpServletRequest request, HttpServletResponse response) throws IOException, AuthenticationException { String authorization = request.getHeader(HttpConstants.AUTHORIZATION_HEADER); if (authorization != null) { for (String scheme : schemeToAuthHandlerMapping.keySet()) { if (AuthenticationHandlerUtil.matchAuthScheme(scheme, authorization)) { AuthenticationHandler handler = schemeToAuthHandlerMapping.get(scheme); AuthenticationToken token = handler.authenticate(request, response); logger.trace("Token generated with type {}", token.getType()); return token; } } } // Handle the case when (authorization == null) or an invalid authorization // header (e.g. a header value without the scheme name). response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); for (String scheme : schemeToAuthHandlerMapping.keySet()) { response.addHeader(HttpConstants.WWW_AUTHENTICATE_HEADER, scheme); } return null; } }
|| !AuthenticationHandlerUtil.matchAuthScheme(HttpConstants.BASIC, authorization)) { response.setHeader(WWW_AUTHENTICATE, HttpConstants.BASIC);
|| !AuthenticationHandlerUtil.matchAuthScheme(HttpConstants.BASIC, authorization)) { response.setHeader(WWW_AUTHENTICATE, HttpConstants.BASIC);
|| !AuthenticationHandlerUtil.matchAuthScheme(HttpConstants.BASIC, authorization)) { response.setHeader(WWW_AUTHENTICATE, HttpConstants.BASIC);
for (String scheme : delegationAuthSchemes) { if (AuthenticationHandlerUtil. matchAuthScheme(scheme, authorization)) { schemeConfigured = true; break;