@Override protected boolean onAccessDenied( ServletRequest request, ServletResponse response ) throws Exception { return executeLogin( request, response ); }
private static boolean isEmpty( String str ) { return !notEmpty( str ); }
if ( notEmpty( certHeader ) ) { certificateChain = readX509CertificateChainFromPEM( rebuildPEMBundleFromHttpHeader( certHeader ) ); return new X509AuthenticationToken( certificateChain, getHost( request ) ); if ( notEmpty( subjectDNHeader ) ) { subjectDN = readX500PrincipalFromString( subjectDNHeader ); if ( notEmpty( issuerDNHeader ) ) { issuerDN = readX500PrincipalFromString( issuerDNHeader ); if ( notEmpty( serialHeader ) ) { hexSerialNumber = readHexSerialNumberFromString( serialHeader ); if ( subjectDN == null && issuerDN == null && isEmpty( hexSerialNumber ) ) { throw new AuthenticationException( "All set up forwarded headers were empty" ); return new X509AuthenticationToken( subjectDN, issuerDN, hexSerialNumber, getHost( request ) );
private X509Certificate[] readX509CertificateChainFromPEM( String pem ) { try { List<X509Certificate> pemBundle = loadPEMBundle( new StringReader( pem ) ); if ( pemBundle.isEmpty() ) { return null; } return pemBundle.toArray( new X509Certificate[ pemBundle.size() ] ); } catch ( CertificateException ex ) { LOGGER.warn( "Unparseable PEM X509Certificate, will use null and continue. Here is the PEM:\n{}", pem, ex ); return null; } catch ( IOException ex ) { LOGGER.warn( "Unparseable PEM X509Certificate, will use null and continue. Here is the PEM:\n{}", pem, ex ); return null; } }