incubator-ooo-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From o..@apache.org
Subject svn commit: r1294557 - /incubator/ooo/trunk/main/ucb/source/ucp/webdav/
Date Tue, 28 Feb 2012 10:34:21 GMT
Author: orw
Date: Tue Feb 28 10:34:20 2012
New Revision: 1294557

URL: http://svn.apache.org/viewvc?rev=1294557&view=rev
Log:
serf integration: improve credential input handling

Modified:
    incubator/ooo/trunk/main/ucb/source/ucp/webdav/DAVAuthListener.hxx
    incubator/ooo/trunk/main/ucb/source/ucp/webdav/DAVAuthListenerImpl.hxx
    incubator/ooo/trunk/main/ucb/source/ucp/webdav/DAVException.hxx
    incubator/ooo/trunk/main/ucb/source/ucp/webdav/DAVResourceAccess.cxx
    incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfPropFindReqProcImpl.cxx
    incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfRequestProcessor.cxx
    incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfRequestProcessor.hxx
    incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfSession.cxx
    incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfSession.hxx
    incubator/ooo/trunk/main/ucb/source/ucp/webdav/webdavcontent.cxx

Modified: incubator/ooo/trunk/main/ucb/source/ucp/webdav/DAVAuthListener.hxx
URL: http://svn.apache.org/viewvc/incubator/ooo/trunk/main/ucb/source/ucp/webdav/DAVAuthListener.hxx?rev=1294557&r1=1294556&r2=1294557&view=diff
==============================================================================
--- incubator/ooo/trunk/main/ucb/source/ucp/webdav/DAVAuthListener.hxx (original)
+++ incubator/ooo/trunk/main/ucb/source/ucp/webdav/DAVAuthListener.hxx Tue Feb 28 10:34:20
2012
@@ -40,7 +40,8 @@ class DAVAuthListener : public salhelper
             const ::rtl::OUString & inHostName,
             ::rtl::OUString & inoutUserName,
             ::rtl::OUString & outPassWord,
-            sal_Bool bCanUseSystemCredentials ) = 0;
+            sal_Bool bCanUseSystemCredentials,
+            sal_Bool bUsePreviousCredentials = sal_True ) = 0;
 };
 
 } // namespace http_dav_ucp

Modified: incubator/ooo/trunk/main/ucb/source/ucp/webdav/DAVAuthListenerImpl.hxx
URL: http://svn.apache.org/viewvc/incubator/ooo/trunk/main/ucb/source/ucp/webdav/DAVAuthListenerImpl.hxx?rev=1294557&r1=1294556&r2=1294557&view=diff
==============================================================================
--- incubator/ooo/trunk/main/ucb/source/ucp/webdav/DAVAuthListenerImpl.hxx (original)
+++ incubator/ooo/trunk/main/ucb/source/ucp/webdav/DAVAuthListenerImpl.hxx Tue Feb 28 10:34:20
2012
@@ -57,7 +57,8 @@ namespace http_dav_ucp
                                   const ::rtl::OUString & inHostName,
                                   ::rtl::OUString & inoutUserName,
                                   ::rtl::OUString & outPassWord,
-                                  sal_Bool bCanUseSystemCredentials );
+                                  sal_Bool bCanUseSystemCredentials,
+                                  sal_Bool bUsePreviousCredentials = sal_True );
     private:
 
         const com::sun::star::uno::Reference<

Modified: incubator/ooo/trunk/main/ucb/source/ucp/webdav/DAVException.hxx
URL: http://svn.apache.org/viewvc/incubator/ooo/trunk/main/ucb/source/ucp/webdav/DAVException.hxx?rev=1294557&r1=1294556&r2=1294557&view=diff
==============================================================================
--- incubator/ooo/trunk/main/ucb/source/ucp/webdav/DAVException.hxx (original)
+++ incubator/ooo/trunk/main/ucb/source/ucp/webdav/DAVException.hxx Tue Feb 28 10:34:20 2012
@@ -106,6 +106,8 @@ class DAVException
                                 // mStatusCode = HTTP status code
             DAV_HTTP_LOOKUP,    // Name lookup failed,
                                 // mData = server[:port]
+            DAV_HTTP_NOAUTH,    // No User authentication data provided - e.g., user aborts
corresponding dialog
+                                // mData = server[:port]
             DAV_HTTP_AUTH,      // User authentication failed on server,
                                 // mData = server[:port]
             DAV_HTTP_AUTHPROXY, // User authentication failed on proxy,

Modified: incubator/ooo/trunk/main/ucb/source/ucp/webdav/DAVResourceAccess.cxx
URL: http://svn.apache.org/viewvc/incubator/ooo/trunk/main/ucb/source/ucp/webdav/DAVResourceAccess.cxx?rev=1294557&r1=1294556&r2=1294557&view=diff
==============================================================================
--- incubator/ooo/trunk/main/ucb/source/ucp/webdav/DAVResourceAccess.cxx (original)
+++ incubator/ooo/trunk/main/ucb/source/ucp/webdav/DAVResourceAccess.cxx Tue Feb 28 10:34:20
2012
@@ -53,7 +53,8 @@ int DAVAuthListener_Impl::authenticate(
     const ::rtl::OUString & inHostName,
     ::rtl::OUString & inoutUserName,
     ::rtl::OUString & outPassWord,
-    sal_Bool bCanUseSystemCredentials )
+    sal_Bool bCanUseSystemCredentials,
+    sal_Bool bUsePreviousCredentials )
 {
     if ( m_xEnv.is() )
     {
@@ -62,12 +63,14 @@ int DAVAuthListener_Impl::authenticate(
 
         if ( xIH.is() )
         {
+            // Providing previously retrieved credentials will cause the password
+            // container to reject these. Thus, the credential input dialog will be shown
again.
             // #102871# - Supply username and password from previous try.
             // Password container service depends on this!
-            if ( inoutUserName.getLength() == 0 )
+            if ( inoutUserName.getLength() == 0 && bUsePreviousCredentials )
                 inoutUserName = m_aPrevUsername;
 
-            if ( outPassWord.getLength() == 0 )
+            if ( outPassWord.getLength() == 0 && bUsePreviousCredentials )
                 outPassWord = m_aPrevPassword;
 
             rtl::Reference< ucbhelper::SimpleAuthenticationRequest > xRequest

Modified: incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfPropFindReqProcImpl.cxx
URL: http://svn.apache.org/viewvc/incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfPropFindReqProcImpl.cxx?rev=1294557&r1=1294556&r2=1294557&view=diff
==============================================================================
--- incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfPropFindReqProcImpl.cxx (original)
+++ incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfPropFindReqProcImpl.cxx Tue Feb 28
10:34:20 2012
@@ -135,7 +135,7 @@ serf_bucket_t * SerfPropFindReqProcImpl:
                     aBodyText +
                     rtl::OUString::createFromAscii( PROPFIND_TRAILER );
         body_bkt = SERF_BUCKET_SIMPLE_STRING( rtl::OUStringToOString( aBodyText, RTL_TEXTENCODING_UTF8
), 
-                                                pSerfBucketAlloc );
+                                              pSerfBucketAlloc );
     }
 
     // create serf request

Modified: incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfRequestProcessor.cxx
URL: http://svn.apache.org/viewvc/incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfRequestProcessor.cxx?rev=1294557&r1=1294556&r2=1294557&view=diff
==============================================================================
--- incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfRequestProcessor.cxx (original)
+++ incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfRequestProcessor.cxx Tue Feb 28 10:34:20
2012
@@ -44,6 +44,8 @@ SerfRequestProcessor::SerfRequestProcess
     , mnHTTPStatusCode( SC_NONE )
     , mHTTPStatusCodeText()
     , mRedirectLocation()
+    , mnSuccessfulCredentialAttempts( 0 )
+    , mbInputOfCredentialsAborted( false )
     , mbSetupSerfRequestCalled( false )
     , mbAcceptSerfResponseCalled( false )
     , mbHandleSerfResponseCalled( false )
@@ -66,6 +68,8 @@ void SerfRequestProcessor::prepareProces
     mHTTPStatusCodeText = rtl::OUString();
     mRedirectLocation = rtl::OUString();
 
+    mnSuccessfulCredentialAttempts = 0;
+    mbInputOfCredentialsAborted = false;
     mbSetupSerfRequestCalled = false;
     mbAcceptSerfResponseCalled = false;
     mbHandleSerfResponseCalled = false;
@@ -330,35 +334,9 @@ void SerfRequestProcessor::postprocessPr
     switch ( inStatus )
     {
     case APR_EGENERAL:
+    case SERF_ERROR_AUTHN_FAILED:
         // general error; <mnHTTPStatusCode> provides more information
         {
-            // TODO: reactivate special handling copied from neon!?
-            /*
-            if ( mnHTTPStatusCode == SC_LOCKED )
-            {
-                if ( m_aSerfLockStore.findByUri(
-                         makeAbsoluteURL( inPath ) ) == 0 )
-                {
-                    // locked by 3rd party
-                    throw DAVException( DAVException::DAV_LOCKED );
-                }
-                else
-                {
-                    // locked by ourself
-                    throw DAVException( DAVException::DAV_LOCKED_SELF );
-                }
-            }
-
-            // Special handling for 400 and 412 status codes, which may indicate
-            // that a lock previously obtained by us has been released meanwhile
-            // by the server. Unfortunately, RFC is not clear at this point,
-            // thus server implementations behave different...
-            else if ( mnHTTPStatusCode == SC_BAD_REQUEST || mnHTTPStatusCode == SC_PRECONDITION_FAILED
)
-            {
-                if ( removeExpiredLocktoken( makeAbsoluteURL( inPath ), rEnv ) )
-                    throw DAVException( DAVException::DAV_LOCK_EXPIRED );
-            }
-            */
             switch ( mnHTTPStatusCode )
             {
             case SC_NONE:
@@ -368,6 +346,12 @@ void SerfRequestProcessor::postprocessPr
                                                        SerfUri::makeConnectionEndPointString(
mrSerfSession.getHostName(),
                                                                                         
     mrSerfSession.getPort() ) );
                 }
+                else if ( mbInputOfCredentialsAborted )
+                {
+                    mpDAVException = new DAVException( DAVException::DAV_HTTP_NOAUTH,
+                                                       SerfUri::makeConnectionEndPointString(
mrSerfSession.getHostName(),
+                                                                                        
     mrSerfSession.getPort() ) );
+                }
                 else
                 {
                     mpDAVException = new DAVException( DAVException::DAV_HTTP_ERROR, 
@@ -399,20 +383,44 @@ void SerfRequestProcessor::postprocessPr
 }
 
 apr_status_t SerfRequestProcessor::provideSerfCredentials( char ** outUsername, 
-                                         char ** outPassword,
-                                         serf_request_t * inRequest, 
-                                         int inCode, 
-                                         const char *inAuthProtocol,
-                                         const char *inRealm,
-                                         apr_pool_t *inAprPool )
-{
-    return mrSerfSession.provideSerfCredentials( outUsername,
-                                                 outPassword,
-                                                 inRequest,
-                                                 inCode,
-                                                 inAuthProtocol,
-                                                 inRealm,
-                                                 inAprPool );
+                                                           char ** outPassword,
+                                                           serf_request_t * inRequest, 
+                                                           int inCode, 
+                                                           const char *inAuthProtocol,
+                                                           const char *inRealm,
+                                                           apr_pool_t *inAprPool )
+{
+    // as each successful provided credentials are tried twice - see below - the
+    // number of real attempts is half of the value of <mnSuccessfulCredentialAttempts>
+    if ( (mnSuccessfulCredentialAttempts / 2) >= 5 ||
+         mbInputOfCredentialsAborted )
+    {
+        mbInputOfCredentialsAborted = true;
+        return SERF_ERROR_AUTHN_FAILED;
+    }
+
+    // because serf keeps credentials only for a connection in case of digest authentication
+    // we give each successful provided credentials a second try in order to workaround the
+    // situation that the connection for which the credentials have been provided has been
closed
+    // before the provided credentials could be applied for the request.
+    apr_status_t status = mrSerfSession.provideSerfCredentials( (mnSuccessfulCredentialAttempts
% 2) == 1,
+                                                                outUsername,
+                                                                outPassword,
+                                                                inRequest,
+                                                                inCode,
+                                                                inAuthProtocol,
+                                                                inRealm,
+                                                                inAprPool );
+    if ( status != APR_SUCCESS )
+    {
+        mbInputOfCredentialsAborted = true;
+    }
+    else
+    {
+        ++mnSuccessfulCredentialAttempts;
+    }
+
+    return status;
 }
 
 apr_status_t SerfRequestProcessor::setupSerfRequest( serf_request_t * inSerfRequest,

Modified: incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfRequestProcessor.hxx
URL: http://svn.apache.org/viewvc/incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfRequestProcessor.hxx?rev=1294557&r1=1294556&r2=1294557&view=diff
==============================================================================
--- incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfRequestProcessor.hxx (original)
+++ incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfRequestProcessor.hxx Tue Feb 28 10:34:20
2012
@@ -168,6 +168,8 @@ public:
     rtl::OUString mHTTPStatusCodeText;
     rtl::OUString mRedirectLocation; 
 
+    sal_uInt8 mnSuccessfulCredentialAttempts;
+    bool mbInputOfCredentialsAborted;
     bool mbSetupSerfRequestCalled;
     bool mbAcceptSerfResponseCalled;
     bool mbHandleSerfResponseCalled;

Modified: incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfSession.cxx
URL: http://svn.apache.org/viewvc/incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfSession.cxx?rev=1294557&r1=1294556&r2=1294557&view=diff
==============================================================================
--- incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfSession.cxx (original)
+++ incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfSession.cxx Tue Feb 28 10:34:20 2012
@@ -285,7 +285,8 @@ apr_status_t SerfSession::setupSerfConne
     return APR_SUCCESS;
 }
 
-apr_status_t SerfSession::provideSerfCredentials( char ** outUsername, 
+apr_status_t SerfSession::provideSerfCredentials( bool bGiveProvidedCredentialsASecondTry,
+                                                  char ** outUsername, 
                                                   char ** outPassword,
                                                   serf_request_t * /*inRequest*/, 
                                                   int /*inCode*/, 
@@ -333,7 +334,8 @@ apr_status_t SerfSession::provideSerfCre
                                              getHostName(),
                                              theUserName,
                                              thePassWord,
-                                             bCanUseSystemCreds );
+                                             bCanUseSystemCreds,
+                                             bGiveProvidedCredentialsASecondTry ? sal_False
: sal_True );
 
     if ( theRetVal == 0 )
     {

Modified: incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfSession.hxx
URL: http://svn.apache.org/viewvc/incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfSession.hxx?rev=1294557&r1=1294556&r2=1294557&view=diff
==============================================================================
--- incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfSession.hxx (original)
+++ incubator/ooo/trunk/main/ucb/source/ucp/webdav/SerfSession.hxx Tue Feb 28 10:34:20 2012
@@ -85,7 +85,8 @@ public:
                                       serf_bucket_t **outSerfOutputBucket,
                                       apr_pool_t* inAprPool );
 
-    apr_status_t provideSerfCredentials( char ** outUsername, 
+    apr_status_t provideSerfCredentials( bool bGiveProvidedCredentialsASecondTry,
+                                         char ** outUsername, 
                                          char ** outPassword,
                                          serf_request_t * inRequest, 
                                          int inCode, 

Modified: incubator/ooo/trunk/main/ucb/source/ucp/webdav/webdavcontent.cxx
URL: http://svn.apache.org/viewvc/incubator/ooo/trunk/main/ucb/source/ucp/webdav/webdavcontent.cxx?rev=1294557&r1=1294556&r2=1294557&view=diff
==============================================================================
--- incubator/ooo/trunk/main/ucb/source/ucp/webdav/webdavcontent.cxx (original)
+++ incubator/ooo/trunk/main/ucb/source/ucp/webdav/webdavcontent.cxx Tue Feb 28 10:34:20 2012
@@ -3225,6 +3225,11 @@ const Content::ResourceType & Content::g
                 // resource is NON_DAV
                 eResourceType = NON_DAV;
             }
+            // cancel command execution is case that no user authentication data has been
provided.
+            if ( e.getError() == DAVException::DAV_HTTP_NOAUTH )
+            {
+                cancelCommandExecution( e, uno::Reference< ucb::XCommandEnvironment >()
);
+            }
         }
         m_eResourceType = eResourceType;
     }



Mime
View raw message