/** * Reject the request that was denied by this valve. * <p>If <code>invalidAuthenticationWhenDeny</code> is true * and the context has <code>preemptiveAuthentication</code> * set, set an invalid authorization header to trigger basic auth. * * @param request The servlet request to be processed * @param response The servlet response to be processed * @exception IOException if an input/output error occurs * @exception ServletException if a servlet error occurs */ protected void denyRequest(Request request, Response response) throws IOException, ServletException { if (invalidAuthenticationWhenDeny) { Context context = request.getContext(); if (context != null && context.getPreemptiveAuthentication()) { if (request.getCoyoteRequest().getMimeHeaders().getValue("authorization") == null) { request.getCoyoteRequest().getMimeHeaders().addValue("authorization").setString("invalid"); } getNext().invoke(request, response); return; } } response.sendError(denyStatus); }
/** * Reject the request that was denied by this valve. * <p>If <code>invalidAuthenticationWhenDeny</code> is true * and the context has <code>preemptiveAuthentication</code> * set, set an invalid authorization header to trigger basic auth. * * @param request The servlet request to be processed * @param response The servlet response to be processed * @exception IOException if an input/output error occurs * @exception ServletException if a servlet error occurs */ protected void denyRequest(Request request, Response response) throws IOException, ServletException { if (invalidAuthenticationWhenDeny) { Context context = request.getContext(); if (context != null && context.getPreemptiveAuthentication()) { if (request.getCoyoteRequest().getMimeHeaders().getValue("authorization") == null) { request.getCoyoteRequest().getMimeHeaders().addValue("authorization").setString("invalid"); } getNext().invoke(request, response); return; } } response.sendError(denyStatus); }
if (context.getIgnoreAnnotations() && (constraints == null || constraints.length ==0) && !context.getPreemptiveAuthentication()) { return; } else {
if (context.getIgnoreAnnotations() && (constraints == null || constraints.length ==0) && !context.getPreemptiveAuthentication()) { return; } else {
if (context.getIgnoreAnnotations() && (constraints == null || constraints.length ==0) && !context.getPreemptiveAuthentication()) { return; } else {
= realm.findSecurityConstraints(request, this.context); if (constraints == null && !context.getPreemptiveAuthentication()) { if (log.isDebugEnabled()) { log.debug(" Not subject to any constraint"); if (!authRequired && context.getPreemptiveAuthentication()) { authRequired = request.getCoyoteRequest().getMimeHeaders().getValue( if (!authRequired && context.getPreemptiveAuthentication()) { X509Certificate[] certs = (X509Certificate[]) request.getAttribute( Globals.CERTIFICATES_ATTR);
= realm.findSecurityConstraints(request, this.context); if (constraints == null && !context.getPreemptiveAuthentication()) { if (log.isDebugEnabled()) log.debug(" Not subject to any constraint"); if (!authRequired && context.getPreemptiveAuthentication()) { authRequired = request.getCoyoteRequest().getMimeHeaders().getValue( if (!authRequired && context.getPreemptiveAuthentication()) { X509Certificate[] certs = (X509Certificate[]) request.getAttribute( Globals.CERTIFICATES_ATTR);
= realm.findSecurityConstraints(request, this.context); if (constraints == null && !context.getPreemptiveAuthentication()) { if (log.isDebugEnabled()) log.debug(" Not subject to any constraint"); if (!authRequired && context.getPreemptiveAuthentication()) { authRequired = request.getCoyoteRequest().getMimeHeaders().getValue( if (!authRequired && context.getPreemptiveAuthentication()) { X509Certificate[] certs = (X509Certificate[]) request.getAttribute( Globals.CERTIFICATES_ATTR);
if (constraints == null && !context.getPreemptiveAuthentication() && !authRequired) { if (log.isDebugEnabled()) { log.debug(" Not subject to any constraint"); if (!authRequired && context.getPreemptiveAuthentication()) { authRequired = request.getCoyoteRequest().getMimeHeaders().getValue("authorization") != null; if (!authRequired && context.getPreemptiveAuthentication() && HttpServletRequest.CLIENT_CERT_AUTH.equals(getAuthMethod())) { X509Certificate[] certs = getRequestCertificates(request);
if (constraints == null && !context.getPreemptiveAuthentication() && !authRequired) { if (log.isDebugEnabled()) { log.debug(" Not subject to any constraint"); if (!authRequired && context.getPreemptiveAuthentication()) { authRequired = request.getCoyoteRequest().getMimeHeaders().getValue("authorization") != null; if (!authRequired && context.getPreemptiveAuthentication() && HttpServletRequest.CLIENT_CERT_AUTH.equals(getAuthMethod())) { X509Certificate[] certs = getRequestCertificates(request);