cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r1390603 - /cxf/branches/2.6.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
Date Wed, 26 Sep 2012 17:05:25 GMT
Author: dkulp
Date: Wed Sep 26 17:05:24 2012
New Revision: 1390603

URL: http://svn.apache.org/viewvc?rev=1390603&view=rev
Log:
Merged revisions 1390598 via  git cherry-pick from
https://svn.apache.org/repos/asf/cxf/trunk

........
  r1390598 | dkulp | 2012-09-26 12:54:20 -0400 (Wed, 26 Sep 2012) | 2 lines

  If using something other than Basic auth, create a AuthorizationPolicy object based on what
we CAN retrieve from the HTTP Request

........

Modified:
    cxf/branches/2.6.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java

Modified: cxf/branches/2.6.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java?rev=1390603&r1=1390602&r2=1390603&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
Wed Sep 26 17:05:24 2012
@@ -149,7 +149,7 @@ public abstract class AbstractHTTPDestin
         return bus;
     }
 
-    private AuthorizationPolicy getAuthorizationPolicyFromMessage(String credentials) {
+    private AuthorizationPolicy getAuthorizationPolicyFromMessage(String credentials, Principal
pp) {
         if (credentials == null || StringUtils.isEmpty(credentials.trim())) {
             return null;
         }
@@ -166,13 +166,29 @@ public abstract class AbstractHTTPDestin
                 AuthorizationPolicy policy = new AuthorizationPolicy();
                 policy.setUserName(username);
                 policy.setPassword(password);
+                policy.setAuthorizationType(authType);
                 return policy;
             } catch (Base64Exception ex) {
                 // Invalid authentication => treat as not authenticated
             }
+        } else if (pp != null) {
+            AuthorizationPolicy policy = new PrincipalAuthorizationPolicy(pp);
+            policy.setUserName(pp.getName());
+            policy.setAuthorization(credentials);
+            policy.setAuthorizationType(authType);
+            return policy;
         }
         return null;
     }
+    public static final class PrincipalAuthorizationPolicy extends AuthorizationPolicy {
+        final Principal principal;
+        public PrincipalAuthorizationPolicy(Principal p) {
+            principal = p;
+        }
+        public Principal getPrincipal() {
+            return principal;
+        }
+    }
     
     /** 
      * @param message the message under consideration
@@ -250,6 +266,7 @@ public abstract class AbstractHTTPDestin
                 super.cacheInput();
             }
         };
+        
         inMessage.setContent(DelegatingInputStream.class, in);
         inMessage.setContent(InputStream.class, in);
         inMessage.put(HTTP_REQUEST, req);
@@ -303,8 +320,8 @@ public abstract class AbstractHTTPDestin
         }
         inMessage.put(Message.FIXED_PARAMETER_ORDER, isFixedParameterOrder());
         inMessage.put(Message.ASYNC_POST_RESPONSE_DISPATCH, Boolean.TRUE);
+        final Principal pp = req.getUserPrincipal(); 
         inMessage.put(SecurityContext.class, new SecurityContext() {
-            private Principal pp = req.getUserPrincipal(); 
             public Principal getUserPrincipal() {
                 return pp;
             }
@@ -313,10 +330,11 @@ public abstract class AbstractHTTPDestin
             }
         });
         
+        
         Headers headers = new Headers(inMessage);
         headers.copyFromRequest(req);
         String credentials = headers.getAuthorization();
-        AuthorizationPolicy authPolicy = getAuthorizationPolicyFromMessage(credentials);
+        AuthorizationPolicy authPolicy = getAuthorizationPolicyFromMessage(credentials, pp);
         inMessage.put(AuthorizationPolicy.class, authPolicy);
         
         propogateSecureSession(req, inMessage);



Mime
View raw message