cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r1443200 - in /cxf/branches/2.7.x-fixes: rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSJaasSecurityTest.java
Date Wed, 06 Feb 2013 20:42:53 GMT
Author: dkulp
Date: Wed Feb  6 20:42:53 2013
New Revision: 1443200

URL: http://svn.apache.org/viewvc?rev=1443200&view=rev
Log:
Merged revisions 1443132 via  git cherry-pick from
https://svn.apache.org/repos/asf/cxf/trunk

........
  r1443132 | dkulp | 2013-02-06 14:04:24 -0500 (Wed, 06 Feb 2013) | 2 lines

  [CXF-4815] Only return the auth creds once

........

Modified:
    cxf/branches/2.7.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java
    cxf/branches/2.7.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSJaasSecurityTest.java

Modified: cxf/branches/2.7.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java?rev=1443200&r1=1443199&r2=1443200&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java
(original)
+++ cxf/branches/2.7.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/http/CXFAuthenticator.java
Wed Feb  6 20:42:53 2013
@@ -97,10 +97,18 @@ public class CXFAuthenticator extends Au
                     }
                 } else if (getRequestorType() == RequestorType.SERVER
                     && httpConduit.getAuthorization() != null) {
+                    
+                    if (m.containsKey(PasswordAuthentication.class.getName())
+                        && ("basic".equals(getRequestingScheme())
+                            || "digest".equals(getRequestingScheme()))) {
+                        return null;
+                    }
+                    
                     String un = httpConduit.getAuthorization().getUserName();
                     String pwd =  httpConduit.getAuthorization().getPassword();
                     if (un != null && pwd != null) {
                         auth = new PasswordAuthentication(un, pwd.toCharArray());
+                        m.put(PasswordAuthentication.class.getName(), Boolean.TRUE);
                     }
                 }
             }

Modified: cxf/branches/2.7.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSJaasSecurityTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSJaasSecurityTest.java?rev=1443200&r1=1443199&r2=1443200&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSJaasSecurityTest.java
(original)
+++ cxf/branches/2.7.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSJaasSecurityTest.java
Wed Feb  6 20:42:53 2013
@@ -24,6 +24,7 @@ import java.util.Collections;
 import javax.ws.rs.core.HttpHeaders;
 import javax.ws.rs.core.Response;
 
+import org.apache.cxf.configuration.security.AuthorizationPolicy;
 import org.apache.cxf.jaxrs.client.WebClient;
 
 import org.junit.BeforeClass;
@@ -64,9 +65,15 @@ public class JAXRSJaasSecurityTest exten
         String endpointAddress =
             "http://localhost:" + PORT + "/service/jaas2/bookstorestorage/thosebooks/123";

         WebClient wc = WebClient.create(endpointAddress);
+        AuthorizationPolicy pol = new AuthorizationPolicy();
+        pol.setUserName("foo");
+        pol.setPassword("bar1");
+        WebClient.getConfig(wc).getHttpConduit().setAuthorization(pol);
+        
         wc.accept("text/xml");
-        wc.header(HttpHeaders.AUTHORIZATION, 
-                  "Basic " + base64Encode("foo" + ":" + "bar1"));
+        
+        //wc.header(HttpHeaders.AUTHORIZATION, 
+        //          "Basic " + base64Encode("foo" + ":" + "bar1"));
         Response r = wc.get();
         assertEquals(401, r.getStatus());
         Object wwwAuthHeader = r.getMetadata().getFirst(HttpHeaders.WWW_AUTHENTICATE);



Mime
View raw message