cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject [1/2] cxf git commit: [CXF-6962] Optional use of ISO-8859-1 when processing BasicAuth
Date Fri, 27 Jan 2017 14:08:18 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 322a0b36c -> cb6447bff


[CXF-6962] Optional use of ISO-8859-1 when processing BasicAuth


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/206a1ed3
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/206a1ed3
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/206a1ed3

Branch: refs/heads/3.0.x-fixes
Commit: 206a1ed36b8d3d1b0b03d93643db4962318ffd5a
Parents: 322a0b3
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Fri Jan 27 13:25:18 2017 +0000
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Fri Jan 27 13:34:57 2017 +0000

----------------------------------------------------------------------
 .../cxf/transport/http/AbstractHTTPDestination.java  | 12 +++++++++++-
 .../http/auth/DefaultBasicAuthSupplier.java          | 15 +++++++++++++--
 2 files changed, 24 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/206a1ed3/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
----------------------------------------------------------------------
diff --git a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
index 4f8f6bb..bb63bd5 100644
--- a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
+++ b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/AbstractHTTPDestination.java
@@ -25,6 +25,7 @@ import java.io.OutputStream;
 import java.net.HttpURLConnection;
 import java.net.ServerSocket;
 import java.net.URL;
+import java.nio.charset.StandardCharsets;
 import java.security.Principal;
 import java.util.Arrays;
 import java.util.Collection;
@@ -45,6 +46,7 @@ import org.apache.cxf.attachment.AttachmentDataSource;
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.common.util.Base64Exception;
 import org.apache.cxf.common.util.Base64Utility;
+import org.apache.cxf.common.util.PropertyUtils;
 import org.apache.cxf.common.util.StringUtils;
 import org.apache.cxf.configuration.Configurable;
 import org.apache.cxf.configuration.security.AuthorizationPolicy;
@@ -105,6 +107,8 @@ public abstract class AbstractHTTPDestination
     private static final String SSL_CIPHER_SUITE_ATTRIBUTE = "javax.servlet.request.cipher_suite";
     private static final String SSL_PEER_CERT_CHAIN_ATTRIBUTE = "javax.servlet.request.X509Certificate";
 
+    private static final String DECODE_BASIC_AUTH_WITH_ISO8859 = "decode.basicauth.with.iso8859";
+    
     private static final Logger LOG = LogUtils.getL7dLogger(AbstractHTTPDestination.class);
     
     protected final Bus bus;
@@ -118,6 +122,7 @@ public abstract class AbstractHTTPDestination
     protected boolean multiplexWithAddress;
     protected CertConstraints certConstraints;
     protected boolean isServlet3;
+    protected boolean decodeBasicAuthWithIso8859;
     protected ContinuationProviderFactory cproviderFactory;
     protected boolean enableWebSocket;
 
@@ -148,6 +153,7 @@ public abstract class AbstractHTTPDestination
         } catch (Throwable t) {
             //servlet 2.5 or earlier, no async support
         }
+        decodeBasicAuthWithIso8859 = PropertyUtils.isTrue(bus.getProperty(DECODE_BASIC_AUTH_WITH_ISO8859));
         
         initConfig();
     }
@@ -165,7 +171,11 @@ public abstract class AbstractHTTPDestination
         if ("Basic".equals(authType) && creds.size() == 2) {
             String authEncoded = creds.get(1);
             try {
-                String authDecoded = new String(Base64Utility.decode(authEncoded));
+                byte[] authBytes = Base64Utility.decode(authEncoded);
+                
+                String authDecoded = decodeBasicAuthWithIso8859 
+                    ? new String(authBytes, StandardCharsets.ISO_8859_1) : new String(authBytes);
+                
                 int idx = authDecoded.indexOf(':');
                 String username = null;
                 String password = null;

http://git-wip-us.apache.org/repos/asf/cxf/blob/206a1ed3/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DefaultBasicAuthSupplier.java
----------------------------------------------------------------------
diff --git a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DefaultBasicAuthSupplier.java
b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DefaultBasicAuthSupplier.java
index b6b4f72..8a9856f 100644
--- a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DefaultBasicAuthSupplier.java
+++ b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/DefaultBasicAuthSupplier.java
@@ -19,12 +19,15 @@
 package org.apache.cxf.transport.http.auth;
 
 import java.net.URI;
+import java.nio.charset.StandardCharsets;
 
 import org.apache.cxf.common.util.Base64Utility;
+import org.apache.cxf.common.util.PropertyUtils;
 import org.apache.cxf.configuration.security.AuthorizationPolicy;
 import org.apache.cxf.message.Message;
 
 public final class DefaultBasicAuthSupplier implements HttpAuthSupplier {
+    private static final String ENCODE_BASIC_AUTH_WITH_ISO8859 = "encode.basicauth.with.iso8859";
     public DefaultBasicAuthSupplier() {
         super();
     }
@@ -34,8 +37,13 @@ public final class DefaultBasicAuthSupplier implements HttpAuthSupplier
{
     }
     
     public static String getBasicAuthHeader(String userName, String passwd) {
+        return getBasicAuthHeader(userName, passwd, false);
+    }
+    
+    public static String getBasicAuthHeader(String userName, String passwd, boolean useIso8859)
{
         String userAndPass = userName + ":" + passwd;
-        return "Basic " + Base64Utility.encode(userAndPass.getBytes());
+        byte[] authBytes = useIso8859 ? userAndPass.getBytes(StandardCharsets.ISO_8859_1)
: userAndPass.getBytes();
+        return "Basic " + Base64Utility.encode(authBytes);
     }
 
     public String getAuthorization(AuthorizationPolicy  authPolicy,
@@ -43,8 +51,11 @@ public final class DefaultBasicAuthSupplier implements HttpAuthSupplier
{
                                    Message message,
                                    String fullHeader) {
         if (authPolicy.getUserName() != null && authPolicy.getPassword() != null)
{
+            boolean encodeBasicAuthWithIso8859 = PropertyUtils.isTrue(
+                message.getContextualProperty(ENCODE_BASIC_AUTH_WITH_ISO8859));
             return getBasicAuthHeader(authPolicy.getUserName(), 
-                                      authPolicy.getPassword());
+                                      authPolicy.getPassword(),
+                                      encodeBasicAuthWithIso8859);
         } else {
             return null;
         }


Mime
View raw message