cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r1390598 - /cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
Date Wed, 26 Sep 2012 16:54:21 GMT
Author: dkulp
Date: Wed Sep 26 16:54:20 2012
New Revision: 1390598

URL: http://svn.apache.org/viewvc?rev=1390598&view=rev
Log:
If using something other than Basic auth, create a AuthorizationPolicy object based on what
we CAN retrieve from the HTTP Request

Modified:
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java

Modified: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java?rev=1390598&r1=1390597&r2=1390598&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
(original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
Wed Sep 26 16:54:20 2012
@@ -151,7 +151,7 @@ public abstract class AbstractHTTPDestin
         return bus;
     }
 
-    private AuthorizationPolicy getAuthorizationPolicyFromMessage(String credentials) {
+    private AuthorizationPolicy getAuthorizationPolicyFromMessage(String credentials, Principal
pp) {
         if (credentials == null || StringUtils.isEmpty(credentials.trim())) {
             return null;
         }
@@ -168,13 +168,29 @@ public abstract class AbstractHTTPDestin
                 AuthorizationPolicy policy = new AuthorizationPolicy();
                 policy.setUserName(username);
                 policy.setPassword(password);
+                policy.setAuthorizationType(authType);
                 return policy;
             } catch (Base64Exception ex) {
                 // Invalid authentication => treat as not authenticated
             }
+        } else if (pp != null) {
+            AuthorizationPolicy policy = new PrincipalAuthorizationPolicy(pp);
+            policy.setUserName(pp.getName());
+            policy.setAuthorization(credentials);
+            policy.setAuthorizationType(authType);
+            return policy;
         }
         return null;
     }
+    public static final class PrincipalAuthorizationPolicy extends AuthorizationPolicy {
+        final Principal principal;
+        public PrincipalAuthorizationPolicy(Principal p) {
+            principal = p;
+        }
+        public Principal getPrincipal() {
+            return principal;
+        }
+    }
     
     /** 
      * @param message the message under consideration
@@ -252,6 +268,7 @@ public abstract class AbstractHTTPDestin
                 super.cacheInput();
             }
         };
+        
         inMessage.setContent(DelegatingInputStream.class, in);
         inMessage.setContent(InputStream.class, in);
         inMessage.put(HTTP_REQUEST, req);
@@ -305,8 +322,8 @@ public abstract class AbstractHTTPDestin
         }
         inMessage.put(Message.FIXED_PARAMETER_ORDER, isFixedParameterOrder());
         inMessage.put(Message.ASYNC_POST_RESPONSE_DISPATCH, Boolean.TRUE);
+        final Principal pp = req.getUserPrincipal(); 
         inMessage.put(SecurityContext.class, new SecurityContext() {
-            private Principal pp = req.getUserPrincipal(); 
             public Principal getUserPrincipal() {
                 return pp;
             }
@@ -315,10 +332,11 @@ public abstract class AbstractHTTPDestin
             }
         });
         
+        
         Headers headers = new Headers(inMessage);
         headers.copyFromRequest(req);
         String credentials = headers.getAuthorization();
-        AuthorizationPolicy authPolicy = getAuthorizationPolicyFromMessage(credentials);
+        AuthorizationPolicy authPolicy = getAuthorizationPolicyFromMessage(credentials, pp);
         inMessage.put(AuthorizationPolicy.class, authPolicy);
         
         propogateSecureSession(req, inMessage);



Mime
View raw message