incubator-sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From fmesc...@apache.org
Subject svn commit: r834873 - in /sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine: auth/Authenticator.java impl/auth/LoginServlet.java impl/auth/SlingAuthenticator.java
Date Wed, 11 Nov 2009 13:21:40 GMT
Author: fmeschbe
Date: Wed Nov 11 13:21:40 2009
New Revision: 834873

URL: http://svn.apache.org/viewvc?rev=834873&view=rev
Log:
SLING-1182 Provide the path to be used to select the authentication
handler as a request attribute better supporting login servlets/scripts

Modified:
    sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/auth/Authenticator.java
    sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/auth/LoginServlet.java
    sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/auth/SlingAuthenticator.java

Modified: sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/auth/Authenticator.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/auth/Authenticator.java?rev=834873&r1=834872&r2=834873&view=diff
==============================================================================
--- sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/auth/Authenticator.java
(original)
+++ sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/auth/Authenticator.java
Wed Nov 11 13:21:40 2009
@@ -37,6 +37,22 @@
 public interface Authenticator {
 
     /**
+     * Name of the request attribute used by the
+     * {@link #login(HttpServletRequest, HttpServletResponse)} method to select
+     * an {@link AuthenticationHandler} to call. If this request attribute is
+     * not set or is the empty string, the request path info (
+     * <code>HttpServletRequest.getPathInfo()</code>) method is used to get the
+     * path.
+     * <p>
+     * This request attribute can be used by frontend servlets/scripts which
+     * call into {@link #login(HttpServletRequest, HttpServletResponse)} on
+     * behalf of users.
+     *
+     * @since 2.1
+     */
+    static final String LOGIN_RESOURCE = "resource";
+
+    /**
      * Finds an {@link AuthenticationHandler} for the given request and call its
      * {@link AuthenticationHandler#requestAuthentication(HttpServletRequest, HttpServletResponse)}
      * method to initiate an authentication process with the client to login to

Modified: sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/auth/LoginServlet.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/auth/LoginServlet.java?rev=834873&r1=834872&r2=834873&view=diff
==============================================================================
--- sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/auth/LoginServlet.java
(original)
+++ sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/auth/LoginServlet.java
Wed Nov 11 13:21:40 2009
@@ -62,6 +62,8 @@
     protected void service(SlingHttpServletRequest request,
             SlingHttpServletResponse response) throws IOException {
 
+        final String resourcePath = request.getParameter(Authenticator.LOGIN_RESOURCE);
+
         // if the request is logged in and the resource is not set (such
         // as when requesting /system/sling/login from the browser with the
         // browser sending credentials) or the resource is set to the login
@@ -69,7 +71,6 @@
         // through the login servlet), redirect to root now assuming we are
         // authenticated.
         if (request.getAuthType() != null) {
-            final String resourcePath = request.getParameter("resource");
             if (isSelf(resourcePath)) {
                 String redirectTarget = request.getContextPath() + "/";
                 log.warn(
@@ -83,16 +84,29 @@
         Authenticator authenticator = this.authenticator;
         if (authenticator != null) {
             try {
+
+                // set the login resource to select the authenticator
+                request.setAttribute(Authenticator.LOGIN_RESOURCE,
+                    (resourcePath != null) ? resourcePath : "/");
+
                 authenticator.login(request, response);
                 return;
+
             } catch (IllegalStateException ise) {
+
                 log.error("doGet: Response already committed, cannot login");
                 return;
+
             } catch (NoAuthenticationHandlerException nahe) {
+
                 log.error("doGet: No AuthenticationHandler to login registered");
+
             }
+
         } else {
+
             log.error("doGet: Authenticator service missing, cannot login");
+
         }
 
         // fall back to forbid access

Modified: sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/auth/SlingAuthenticator.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/auth/SlingAuthenticator.java?rev=834873&r1=834872&r2=834873&view=diff
==============================================================================
--- sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/auth/SlingAuthenticator.java
(original)
+++ sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/auth/SlingAuthenticator.java
Wed Nov 11 13:21:40 2009
@@ -253,10 +253,19 @@
             throw new IllegalStateException("Response already committed");
         }
 
+        // select path used for authentication handler selection
+        final Object loginPathO = request.getAttribute(Authenticator.LOGIN_RESOURCE);
+        String path = (loginPathO instanceof String)
+                ? (String) loginPathO
+                : request.getPathInfo();
+        if (path == null || path.length() == 0) {
+            path = "/";
+        }
+
         AuthenticationHandlerHolder[] handlerInfos = findApplicableAuthenticationHandlers(request);
         boolean done = false;
         for (int i = 0; !done && i < handlerInfos.length; i++) {
-            if ( request.getPathInfo().startsWith(handlerInfos[i].path) ) {
+            if ( path.startsWith(handlerInfos[i].path) ) {
                 log.debug(
                     "login: requesting authentication using handler: {}",
                     handlerInfos[i]);



Mime
View raw message