View Javadoc
1   /*
2    * MIT License
3    *
4    * Copyright (c) 2010-2024 The Waffle Project Contributors: https://github.com/Waffle/waffle/graphs/contributors
5    *
6    * Permission is hereby granted, free of charge, to any person obtaining a copy
7    * of this software and associated documentation files (the "Software"), to deal
8    * in the Software without restriction, including without limitation the rights
9    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10   * copies of the Software, and to permit persons to whom the Software is
11   * furnished to do so, subject to the following conditions:
12   *
13   * The above copyright notice and this permission notice shall be included in all
14   * copies or substantial portions of the Software.
15   *
16   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22   * SOFTWARE.
23   */
24  package waffle.spring;
25  
26  import java.io.IOException;
27  
28  import javax.servlet.ServletException;
29  import javax.servlet.http.HttpServletRequest;
30  import javax.servlet.http.HttpServletResponse;
31  
32  import org.slf4j.Logger;
33  import org.slf4j.LoggerFactory;
34  import org.springframework.security.core.AuthenticationException;
35  import org.springframework.security.web.AuthenticationEntryPoint;
36  
37  import waffle.servlet.spi.SecurityFilterProviderCollection;
38  
39  /**
40   * Sends back a request for a Negotiate Authentication to the browser.
41   */
42  public class NegotiateSecurityFilterEntryPoint implements AuthenticationEntryPoint {
43  
44      /** The Constant LOGGER. */
45      private static final Logger LOGGER = LoggerFactory.getLogger(NegotiateSecurityFilterEntryPoint.class);
46  
47      /** The provider. */
48      private SecurityFilterProviderCollection provider;
49  
50      /**
51       * Instantiates a new negotiate security filter entry point.
52       */
53      public NegotiateSecurityFilterEntryPoint() {
54          NegotiateSecurityFilterEntryPoint.LOGGER.debug("[waffle.spring.NegotiateEntryPoint] loaded");
55      }
56  
57      @Override
58      public void commence(final HttpServletRequest request, final HttpServletResponse response,
59              final AuthenticationException ex) throws IOException, ServletException {
60  
61          NegotiateSecurityFilterEntryPoint.LOGGER.debug("[waffle.spring.NegotiateEntryPoint] commence");
62  
63          if (this.provider == null) {
64              throw new ServletException("Missing NegotiateEntryPoint.Provider");
65          }
66  
67          response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
68          response.setHeader("Connection", "keep-alive");
69          this.provider.sendUnauthorized(response);
70          response.flushBuffer();
71      }
72  
73      /**
74       * Gets the provider.
75       *
76       * @return the provider
77       */
78      public SecurityFilterProviderCollection getProvider() {
79          return this.provider;
80      }
81  
82      /**
83       * Sets the provider.
84       *
85       * @param value
86       *            the new provider
87       */
88      public void setProvider(final SecurityFilterProviderCollection value) {
89          this.provider = value;
90      }
91  }