@Override public synchronized int authenticate(Request request) { int retVal = super.authenticate(request); if(retVal == AUTHENTICATION_INVALID) { logger.warning("authentication failure "+request); // wait until at least LAG has passed from last failure // holding object lock the whole time, so no other checks // can happen in parallel long now = System.currentTimeMillis(); long sleepMs = (lastFailureTime+MIN_MS_BETWEEN_ATTEMPTS)-now; if(sleepMs>0) { try { Thread.sleep(sleepMs); } catch (InterruptedException e) { // ignore } } lastFailureTime = now + sleepMs; } return retVal; } }
Guard guard = new RateLimitGuard(null, ChallengeScheme.HTTP_DIGEST, "Authentication Required"); guard.getSecrets().put(authLogin, authPassword.toCharArray()); component.getDefaultHost().attach(guard); guard.setNext(new EngineApplication(engine)); component.start(); startupOut.println("engine listening at port "+port);
final boolean loggable = getLogger().isLoggable(Level.FINE); switch (authenticate(request)) { case AUTHENTICATION_VALID: if (loggable) { if (challengeResponse != null) { getLogger().fine( "Authentication succeeded. Valid credentials provided for identifier: " + request.getChallengeResponse() .getIdentifier() + "."); } else { getLogger() .fine( "Authentication succeeded. Valid credentials provided."); if (authorize(request)) { if (loggable) { if (challengeResponse != null) { getLogger().fine( "Request authorized for identifier: " + request.getChallengeResponse() .getIdentifier() + "."); } else { getLogger().fine("Request authorized."); accept(request, response); } else { if (loggable) {
@Override public char[] resolve(String identifier) { return getSecrets().get(identifier); } };
/** * Indicates if the secret is valid for the given identifier. By default, * this returns true given the correct login/password couple as verified via * the findSecret() method. * * @param request * The Request * @param identifier * the identifier * @param secret * the identifier's secret * @return true if the secret is valid for the given identifier */ public boolean checkSecret(Request request, String identifier, char[] secret) { return checkSecret(identifier, secret); }
/** * Challenges the client by adding a challenge request to the response and * by setting the status to CLIENT_ERROR_UNAUTHORIZED. * * @param response * The response to update. * @deprecated Use the {@link #challenge(Response, boolean)} method instead. */ @Deprecated public void challenge(Response response) { challenge(response, false); }
protected boolean checkSecret(String identifier, char[] secret) { boolean result = false; final char[] secret2 = findSecret(identifier);
@Override public synchronized int authenticate(Request request) { int retVal = super.authenticate(request); if(retVal == AUTHENTICATION_INVALID) { logger.warning("authentication failure "+request); // wait until at least LAG has passed from last failure // holding object lock the whole time, so no other checks // can happen in parallel long now = System.currentTimeMillis(); long sleepMs = (lastFailureTime+MIN_MS_BETWEEN_ATTEMPTS)-now; if(sleepMs>0) { try { Thread.sleep(sleepMs); } catch (InterruptedException e) { // ignore } } lastFailureTime = now + sleepMs; } return retVal; } }
Guard guard = new RateLimitGuard(null, ChallengeScheme.HTTP_DIGEST, "Authentication Required"); guard.getSecrets().put(authLogin, authPassword.toCharArray()); component.getDefaultHost().attach(guard); guard.setNext(new EngineApplication(engine)); component.start(); startupOut.println("engine listening at port "+port);
return super.authenticate(request); return super.authenticate(request);