Lines 51-57
Link Here
|
51 |
import org.apache.catalina.Session; |
51 |
import org.apache.catalina.Session; |
52 |
import org.apache.catalina.TomcatPrincipal; |
52 |
import org.apache.catalina.TomcatPrincipal; |
53 |
import org.apache.catalina.Valve; |
53 |
import org.apache.catalina.Valve; |
54 |
import org.apache.catalina.authenticator.jaspic.CallbackHandlerImpl; |
|
|
55 |
import org.apache.catalina.authenticator.jaspic.MessageInfoImpl; |
54 |
import org.apache.catalina.authenticator.jaspic.MessageInfoImpl; |
56 |
import org.apache.catalina.connector.Request; |
55 |
import org.apache.catalina.connector.Request; |
57 |
import org.apache.catalina.connector.Response; |
56 |
import org.apache.catalina.connector.Response; |
Lines 220-226
Link Here
|
220 |
* default {@link org.apache.catalina.authenticator.jaspic.CallbackHandlerImpl} |
219 |
* default {@link org.apache.catalina.authenticator.jaspic.CallbackHandlerImpl} |
221 |
* will be used. |
220 |
* will be used. |
222 |
*/ |
221 |
*/ |
223 |
protected String jaspicCallbackHandlerClass = null; |
222 |
protected String jaspicCallbackHandlerClass = "org.apache.catalina.authenticator.jaspic.CallbackHandlerImpl"; |
224 |
|
223 |
|
225 |
/** |
224 |
/** |
226 |
* Should the auth information (remote user and auth type) be returned as response |
225 |
* Should the auth information (remote user and auth type) be returned as response |
Lines 247-252
Link Here
|
247 |
|
246 |
|
248 |
private volatile String jaspicAppContextID = null; |
247 |
private volatile String jaspicAppContextID = null; |
249 |
private volatile Optional<AuthConfigProvider> jaspicProvider = null; |
248 |
private volatile Optional<AuthConfigProvider> jaspicProvider = null; |
|
|
249 |
private volatile CallbackHandler jaspicCallbackHandler = null; |
250 |
|
250 |
|
251 |
|
251 |
|
252 |
// ------------------------------------------------------------- Properties |
252 |
// ------------------------------------------------------------- Properties |
Lines 773-779
Link Here
|
773 |
new MessageInfoImpl(request.getRequest(), response.getResponse(), authMandatory); |
773 |
new MessageInfoImpl(request.getRequest(), response.getResponse(), authMandatory); |
774 |
|
774 |
|
775 |
try { |
775 |
try { |
776 |
CallbackHandler callbackHandler = createCallbackHandler(); |
776 |
CallbackHandler callbackHandler = getCallbackHandler(); |
777 |
ServerAuthConfig serverAuthConfig = jaspicProvider.getServerAuthConfig( |
777 |
ServerAuthConfig serverAuthConfig = jaspicProvider.getServerAuthConfig( |
778 |
"HttpServlet", jaspicAppContextID, callbackHandler); |
778 |
"HttpServlet", jaspicAppContextID, callbackHandler); |
779 |
String authContextID = serverAuthConfig.getAuthContextID(jaspicState.messageInfo); |
779 |
String authContextID = serverAuthConfig.getAuthContextID(jaspicState.messageInfo); |
Lines 787-815
Link Here
|
787 |
return jaspicState; |
787 |
return jaspicState; |
788 |
} |
788 |
} |
789 |
|
789 |
|
|
|
790 |
private CallbackHandler getCallbackHandler() { |
791 |
CallbackHandler handler = jaspicCallbackHandler; |
792 |
if (handler == null) { |
793 |
handler = createCallbackHandler(); |
794 |
} |
795 |
return handler; |
796 |
} |
797 |
|
790 |
private CallbackHandler createCallbackHandler() { |
798 |
private CallbackHandler createCallbackHandler() { |
791 |
CallbackHandler callbackHandler = null; |
799 |
CallbackHandler callbackHandler = null; |
792 |
if (jaspicCallbackHandlerClass == null) { |
800 |
Class<?> clazz = null; |
793 |
callbackHandler = CallbackHandlerImpl.getInstance(); |
801 |
try { |
794 |
} else { |
802 |
clazz = Class.forName(jaspicCallbackHandlerClass, true, |
795 |
Class<?> clazz = null; |
803 |
Thread.currentThread().getContextClassLoader()); |
796 |
try { |
804 |
} catch (ClassNotFoundException e) { |
797 |
clazz = Class.forName(jaspicCallbackHandlerClass, true, |
805 |
// Proceed with the retry below |
798 |
Thread.currentThread().getContextClassLoader()); |
|
|
799 |
} catch (ClassNotFoundException e) { |
800 |
// Proceed with the retry below |
801 |
} |
802 |
|
803 |
try { |
804 |
if (clazz == null) { |
805 |
clazz = Class.forName(jaspicCallbackHandlerClass); |
806 |
} |
807 |
callbackHandler = (CallbackHandler)clazz.getConstructor().newInstance(); |
808 |
} catch (ReflectiveOperationException e) { |
809 |
throw new SecurityException(e); |
810 |
} |
811 |
} |
806 |
} |
812 |
|
807 |
|
|
|
808 |
try { |
809 |
if (clazz == null) { |
810 |
clazz = Class.forName(jaspicCallbackHandlerClass); |
811 |
} |
812 |
try { |
813 |
callbackHandler = (CallbackHandler) clazz.getConstructor(Context.class) |
814 |
.newInstance(); |
815 |
} catch (NoSuchMethodException e) { |
816 |
// No constructor with context parameter found - use no argument constructor |
817 |
callbackHandler = (CallbackHandler) clazz.getConstructor().newInstance(); |
818 |
} |
819 |
} catch (ReflectiveOperationException e) { |
820 |
throw new SecurityException(e); |
821 |
} |
822 |
|
823 |
jaspicCallbackHandler = callbackHandler; |
813 |
return callbackHandler; |
824 |
return callbackHandler; |
814 |
} |
825 |
} |
815 |
|
826 |
|
Lines 1284-1290
Link Here
|
1284 |
ServerAuthContext serverAuthContext; |
1295 |
ServerAuthContext serverAuthContext; |
1285 |
try { |
1296 |
try { |
1286 |
ServerAuthConfig serverAuthConfig = provider.getServerAuthConfig("HttpServlet", |
1297 |
ServerAuthConfig serverAuthConfig = provider.getServerAuthConfig("HttpServlet", |
1287 |
jaspicAppContextID, CallbackHandlerImpl.getInstance()); |
1298 |
jaspicAppContextID, getCallbackHandler()); |
1288 |
String authContextID = serverAuthConfig.getAuthContextID(messageInfo); |
1299 |
String authContextID = serverAuthConfig.getAuthContextID(messageInfo); |
1289 |
serverAuthContext = serverAuthConfig.getAuthContext(authContextID, null, null); |
1300 |
serverAuthContext = serverAuthConfig.getAuthContext(authContextID, null, null); |
1290 |
serverAuthContext.cleanSubject(messageInfo, client); |
1301 |
serverAuthContext.cleanSubject(messageInfo, client); |