1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24 package waffle.servlet.spi;
25
26 import jakarta.servlet.http.HttpServletRequest;
27 import jakarta.servlet.http.HttpServletResponse;
28
29 import java.io.IOException;
30 import java.nio.charset.StandardCharsets;
31 import java.security.InvalidParameterException;
32
33 import org.slf4j.Logger;
34 import org.slf4j.LoggerFactory;
35
36 import waffle.util.AuthorizationHeader;
37 import waffle.windows.auth.IWindowsAuthProvider;
38 import waffle.windows.auth.IWindowsIdentity;
39
40
41
42
43 public class BasicSecurityFilterProvider implements SecurityFilterProvider {
44
45
46 private static final Logger LOGGER = LoggerFactory.getLogger(BasicSecurityFilterProvider.class);
47
48
49 private String realm = "BasicSecurityFilterProvider";
50
51
52 private final IWindowsAuthProvider auth;
53
54
55
56
57
58
59
60 public BasicSecurityFilterProvider(final IWindowsAuthProvider newAuthProvider) {
61 this.auth = newAuthProvider;
62 }
63
64 @Override
65 public IWindowsIdentity doFilter(final HttpServletRequest request, final HttpServletResponse response)
66 throws IOException {
67
68 final AuthorizationHeader authorizationHeader = new AuthorizationHeader(request);
69 final String usernamePassword = new String(authorizationHeader.getTokenBytes(), StandardCharsets.UTF_8);
70 final String[] usernamePasswordArray = usernamePassword.split(":", 2);
71 if (usernamePasswordArray.length != 2) {
72 throw new RuntimeException("Invalid username:password in Authorization header.");
73 }
74 BasicSecurityFilterProvider.LOGGER.debug("logging in user: {}", usernamePasswordArray[0]);
75 return this.auth.logonUser(usernamePasswordArray[0], usernamePasswordArray[1]);
76 }
77
78 @Override
79 public boolean isPrincipalException(final HttpServletRequest request) {
80 return false;
81 }
82
83 @Override
84 public boolean isSecurityPackageSupported(final String securityPackage) {
85 return "Basic".equalsIgnoreCase(securityPackage);
86 }
87
88 @Override
89 public void sendUnauthorized(final HttpServletResponse response) {
90 response.addHeader("WWW-Authenticate", "Basic realm=\"" + this.realm + "\"");
91 }
92
93
94
95
96
97
98 public String getRealm() {
99 return this.realm;
100 }
101
102
103
104
105
106
107
108 public void setRealm(final String value) {
109 this.realm = value;
110 }
111
112
113
114
115
116
117
118
119
120 @Override
121 public void initParameter(final String parameterName, final String parameterValue) {
122 if ("realm".equals(parameterName)) {
123 this.setRealm(parameterValue);
124 } else {
125 throw new InvalidParameterException(parameterName);
126 }
127 }
128 }