|
Lines 22-27
Link Here
|
| 22 |
import java.io.IOException; |
22 |
import java.io.IOException; |
| 23 |
import java.security.Principal; |
23 |
import java.security.Principal; |
| 24 |
|
24 |
|
|
|
25 |
import javax.security.auth.callback.CallbackHandler; |
| 26 |
import javax.security.auth.login.LoginContext; |
| 27 |
import javax.security.auth.login.LoginException; |
| 28 |
import javax.servlet.http.HttpServletRequest; |
| 25 |
import javax.servlet.http.HttpServletResponse; |
29 |
import javax.servlet.http.HttpServletResponse; |
| 26 |
|
30 |
|
| 27 |
import org.apache.catalina.connector.Request; |
31 |
import org.apache.catalina.connector.Request; |
|
Lines 33-38
Link Here
|
| 33 |
import org.apache.tomcat.util.buf.ByteChunk; |
37 |
import org.apache.tomcat.util.buf.ByteChunk; |
| 34 |
import org.apache.tomcat.util.buf.CharChunk; |
38 |
import org.apache.tomcat.util.buf.CharChunk; |
| 35 |
import org.apache.tomcat.util.buf.MessageBytes; |
39 |
import org.apache.tomcat.util.buf.MessageBytes; |
|
|
40 |
import org.ietf.jgss.GSSContext; |
| 41 |
import org.ietf.jgss.GSSCredential; |
| 42 |
import org.ietf.jgss.GSSException; |
| 43 |
import org.ietf.jgss.GSSManager; |
| 44 |
import org.ietf.jgss.GSSName; |
| 45 |
import org.ietf.jgss.Oid; |
| 36 |
|
46 |
|
| 37 |
|
47 |
|
| 38 |
|
48 |
|
|
Lines 82-87
Link Here
|
| 82 |
*/ |
92 |
*/ |
| 83 |
protected static final String info = |
93 |
protected static final String info = |
| 84 |
"org.apache.catalina.authenticator.BasicAuthenticator/1.0"; |
94 |
"org.apache.catalina.authenticator.BasicAuthenticator/1.0"; |
|
|
95 |
|
| 96 |
protected static final String negotiate="org.apache.tomcat.config.NEGOTIATE" ; |
| 85 |
|
97 |
|
| 86 |
|
98 |
|
| 87 |
// ------------------------------------------------------------- Properties |
99 |
// ------------------------------------------------------------- Properties |
|
Lines 113-125
Link Here
|
| 113 |
* |
125 |
* |
| 114 |
* @exception IOException if an input/output error occurs |
126 |
* @exception IOException if an input/output error occurs |
| 115 |
*/ |
127 |
*/ |
|
|
128 |
|
| 116 |
public boolean authenticate(Request request, |
129 |
public boolean authenticate(Request request, |
| 117 |
Response response, |
130 |
Response response, |
| 118 |
LoginConfig config) |
131 |
LoginConfig config) |
| 119 |
throws IOException { |
132 |
throws IOException { |
| 120 |
|
133 |
|
| 121 |
// Have we already authenticated someone? |
134 |
HttpServletResponse httpResponse=response.getResponse(); |
| 122 |
Principal principal = request.getUserPrincipal(); |
135 |
HttpServletRequest httpRequest=request.getRequest(); |
|
|
136 |
String header=httpRequest.getHeader("Authorization"); |
| 137 |
if(System.getProperty(negotiate, "false").equalsIgnoreCase("true")) |
| 138 |
{ |
| 139 |
if(header == null) |
| 140 |
{ |
| 141 |
httpResponse.setHeader("WWW-Authenticate", "Negotiate"); |
| 142 |
httpResponse.setStatus(401); |
| 143 |
return(false); |
| 144 |
} |
| 145 |
else |
| 146 |
if(header!=null&&header.startsWith("Negotiate")) |
| 147 |
{ |
| 148 |
Principal principal = request.getUserPrincipal(); |
| 149 |
String username=header.substring(10); |
| 150 |
String password=null; |
| 151 |
principal = context.getRealm().authenticate(username, password); |
| 152 |
if (principal != null) { |
| 153 |
register(request, response, principal, Constants.BASIC_METHOD, |
| 154 |
username, password); |
| 155 |
return (true); |
| 156 |
|
| 157 |
} |
| 158 |
else |
| 159 |
request.getCoyoteRequest().getMimeHeaders().removeHeader("authorization"); |
| 160 |
} |
| 161 |
} |
| 162 |
|
| 163 |
// Have we already authenticated someone? |
| 164 |
Principal principal = request.getUserPrincipal(); |
| 123 |
String ssoId = (String) request.getNote(Constants.REQ_SSOID_NOTE); |
165 |
String ssoId = (String) request.getNote(Constants.REQ_SSOID_NOTE); |
| 124 |
if (principal != null) { |
166 |
if (principal != null) { |
| 125 |
if (log.isDebugEnabled()) |
167 |
if (log.isDebugEnabled()) |
|
Lines 154-159
Link Here
|
| 154 |
.getValue("authorization"); |
196 |
.getValue("authorization"); |
| 155 |
|
197 |
|
| 156 |
if (authorization != null) { |
198 |
if (authorization != null) { |
|
|
199 |
System.out.println("In Authorization"); |
| 157 |
authorization.toBytes(); |
200 |
authorization.toBytes(); |
| 158 |
ByteChunk authorizationBC = authorization.getByteChunk(); |
201 |
ByteChunk authorizationBC = authorization.getByteChunk(); |
| 159 |
if (authorizationBC.startsWithIgnoreCase("basic ", 0)) { |
202 |
if (authorizationBC.startsWithIgnoreCase("basic ", 0)) { |
|
Lines 173-183
Link Here
|
| 173 |
username = new String(buf, 0, colon); |
216 |
username = new String(buf, 0, colon); |
| 174 |
password = new String(buf, colon + 1, |
217 |
password = new String(buf, colon + 1, |
| 175 |
authorizationCC.getEnd() - colon - 1); |
218 |
authorizationCC.getEnd() - colon - 1); |
|
|
219 |
|
| 220 |
|
| 176 |
} |
221 |
} |
| 177 |
|
222 |
|
| 178 |
authorizationBC.setOffset(authorizationBC.getOffset() - 6); |
223 |
authorizationBC.setOffset(authorizationBC.getOffset() - 6); |
| 179 |
} |
224 |
} |
| 180 |
|
225 |
System.out.println("Username in basic authenticator is :" + username); |
|
|
226 |
System.out.println("Password in basic authenticator is :" + password); |
| 181 |
principal = context.getRealm().authenticate(username, password); |
227 |
principal = context.getRealm().authenticate(username, password); |
| 182 |
if (principal != null) { |
228 |
if (principal != null) { |
| 183 |
register(request, response, principal, Constants.BASIC_METHOD, |
229 |
register(request, response, principal, Constants.BASIC_METHOD, |