Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 4A4C1DCE1 for ; Wed, 26 Sep 2012 17:11:18 +0000 (UTC) Received: (qmail 85738 invoked by uid 500); 26 Sep 2012 17:11:18 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 85694 invoked by uid 500); 26 Sep 2012 17:11:18 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 85685 invoked by uid 99); 26 Sep 2012 17:11:18 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 26 Sep 2012 17:11:18 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 26 Sep 2012 17:11:17 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id 2958D2388A5E; Wed, 26 Sep 2012 17:10:34 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1390612 - /cxf/branches/2.4.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java Date: Wed, 26 Sep 2012 17:10:34 -0000 To: commits@cxf.apache.org From: dkulp@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20120926171034.2958D2388A5E@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: dkulp Date: Wed Sep 26 17:10:33 2012 New Revision: 1390612 URL: http://svn.apache.org/viewvc?rev=1390612&view=rev Log: Merged revisions 1390607 via git cherry-pick from https://svn.apache.org/repos/asf/cxf/branches/2.5.x-fixes ........ r1390607 | dkulp | 2012-09-26 13:06:59 -0400 (Wed, 26 Sep 2012) | 18 lines Merged revisions 1390603 via git cherry-pick from https://svn.apache.org/repos/asf/cxf/branches/2.6.x-fixes ........ r1390603 | dkulp | 2012-09-26 13:05:24 -0400 (Wed, 26 Sep 2012) | 10 lines Merged revisions 1390598 via git cherry-pick from https://svn.apache.org/repos/asf/cxf/trunk ........ r1390598 | dkulp | 2012-09-26 12:54:20 -0400 (Wed, 26 Sep 2012) | 2 lines If using something other than Basic auth, create a AuthorizationPolicy object based on what we CAN retrieve from the HTTP Request ........ ........ ........ Modified: cxf/branches/2.4.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java Modified: cxf/branches/2.4.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java URL: http://svn.apache.org/viewvc/cxf/branches/2.4.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java?rev=1390612&r1=1390611&r2=1390612&view=diff ============================================================================== --- cxf/branches/2.4.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java (original) +++ cxf/branches/2.4.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java Wed Sep 26 17:10:33 2012 @@ -145,7 +145,7 @@ public abstract class AbstractHTTPDestin return bus; } - private AuthorizationPolicy getAuthorizationPolicyFromMessage(String credentials) { + private AuthorizationPolicy getAuthorizationPolicyFromMessage(String credentials, Principal pp) { if (credentials == null || StringUtils.isEmpty(credentials.trim())) { return null; } @@ -162,13 +162,29 @@ public abstract class AbstractHTTPDestin AuthorizationPolicy policy = new AuthorizationPolicy(); policy.setUserName(username); policy.setPassword(password); + policy.setAuthorizationType(authType); return policy; } catch (Base64Exception ex) { // Invalid authentication => treat as not authenticated } + } else if (pp != null) { + AuthorizationPolicy policy = new PrincipalAuthorizationPolicy(pp); + policy.setUserName(pp.getName()); + policy.setAuthorization(credentials); + policy.setAuthorizationType(authType); + return policy; } return null; } + public static final class PrincipalAuthorizationPolicy extends AuthorizationPolicy { + final Principal principal; + public PrincipalAuthorizationPolicy(Principal p) { + principal = p; + } + public Principal getPrincipal() { + return principal; + } + } /** * @param message the message under consideration @@ -246,6 +262,7 @@ public abstract class AbstractHTTPDestin super.cacheInput(); } }; + inMessage.setContent(DelegatingInputStream.class, in); inMessage.setContent(InputStream.class, in); inMessage.put(HTTP_REQUEST, req); @@ -299,8 +316,8 @@ public abstract class AbstractHTTPDestin } inMessage.put(Message.FIXED_PARAMETER_ORDER, isFixedParameterOrder()); inMessage.put(Message.ASYNC_POST_RESPONSE_DISPATCH, Boolean.TRUE); + final Principal pp = req.getUserPrincipal(); inMessage.put(SecurityContext.class, new SecurityContext() { - private Principal pp = req.getUserPrincipal(); public Principal getUserPrincipal() { return pp; } @@ -309,10 +326,11 @@ public abstract class AbstractHTTPDestin } }); + Headers headers = new Headers(inMessage); headers.copyFromRequest(req); String credentials = headers.getAuthorization(); - AuthorizationPolicy authPolicy = getAuthorizationPolicyFromMessage(credentials); + AuthorizationPolicy authPolicy = getAuthorizationPolicyFromMessage(credentials, pp); inMessage.put(AuthorizationPolicy.class, authPolicy); SSLUtils.propogateSecureSession(req, inMessage);