/** * Determines whether the incoming request is an attempt to log in. * <p/> * The default implementation obtains the value of the request's * {@link #AUTHORIZATION_HEADER AUTHORIZATION_HEADER}, and if it is not <code>null</code>, delegates * to {@link #isLoginAttempt(String) isLoginAttempt(authzHeaderValue)}. If the header is <code>null</code>, * <code>false</code> is returned. * * @param request incoming ServletRequest * @param response outgoing ServletResponse * @return true if the incoming request is an attempt to log in based, false otherwise */ protected boolean isLoginAttempt(ServletRequest request, ServletResponse response) { String authzHeader = getAuthzHeader(request); return authzHeader != null && isLoginAttempt(authzHeader); }
String authorizationHeader = getAuthzHeader(request); if (authorizationHeader == null || authorizationHeader.length() == 0) {
@Override protected String getAuthzHeader(ServletRequest request) { String result = super.getAuthzHeader(request); if(result == null) { try { // create an new one with anonymous user and password result = "Basic " + Base64.encodeToString((anonymousUser + ":" + anonymousPassword).getBytes("UTF-8")); } catch (UnsupportedEncodingException ex) { log.error(null, ex); } } return result; }
@Override protected String getAuthzHeader(ServletRequest request) { String authzHeader = super.getAuthzHeader(request); // If in header use it if (!StringUtils.isEmpty(authzHeader)) { getLogger().debug("Using authorization header from request"); return authzHeader; } // otherwise check request params for it else { authzHeader = request.getParameter("authorization"); if (!StringUtils.isEmpty(authzHeader)) { getLogger().debug("Using authorization from request parameter"); } else { getLogger().debug("No authorization found (header or request parameter)"); } return authzHeader; } }
@Override protected String getAuthzHeader( ServletRequest request ) { String authzHeader = super.getAuthzHeader( request ); // If in header use it if ( !StringUtils.isEmpty( authzHeader ) ) { getLogger().debug( "Using authorization header from request" ); return authzHeader; } // otherwise check request params for it else { authzHeader = request.getParameter( "authorization" ); if ( !StringUtils.isEmpty( authzHeader ) ) { getLogger().debug( "Using authorization from request parameter" ); } else { getLogger().debug( "No authorization found (header or request parameter)" ); } return authzHeader; } }