|
|
@ -110,7 +110,7 @@ public class WebappAuthenticationValve extends CarbonTomcatValve {
|
|
|
|
if (uri == null) {
|
|
|
|
if (uri == null) {
|
|
|
|
uri = "";
|
|
|
|
uri = "";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if(!uri.endsWith("/")) {
|
|
|
|
if (!uri.endsWith("/")) {
|
|
|
|
uri = uri + "/";
|
|
|
|
uri = uri + "/";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
String contextPath = request.getContextPath();
|
|
|
|
String contextPath = request.getContextPath();
|
|
|
@ -125,7 +125,7 @@ public class WebappAuthenticationValve extends CarbonTomcatValve {
|
|
|
|
while (tokenizer.hasMoreTokens()) {
|
|
|
|
while (tokenizer.hasMoreTokens()) {
|
|
|
|
skippedEndPoint = tokenizer.nextToken();
|
|
|
|
skippedEndPoint = tokenizer.nextToken();
|
|
|
|
skippedEndPoint = skippedEndPoint.replace("\n", "").replace("\r", "").trim();
|
|
|
|
skippedEndPoint = skippedEndPoint.replace("\n", "").replace("\r", "").trim();
|
|
|
|
if(!skippedEndPoint.endsWith("/")) {
|
|
|
|
if (!skippedEndPoint.endsWith("/")) {
|
|
|
|
skippedEndPoint = skippedEndPoint + "/";
|
|
|
|
skippedEndPoint = skippedEndPoint + "/";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
nonSecuredEndpoints.put(skippedEndPoint, "true");
|
|
|
|
nonSecuredEndpoints.put(skippedEndPoint, "true");
|
|
|
@ -138,23 +138,21 @@ public class WebappAuthenticationValve extends CarbonTomcatValve {
|
|
|
|
private void processRequest(Request request, Response response, CompositeValve compositeValve,
|
|
|
|
private void processRequest(Request request, Response response, CompositeValve compositeValve,
|
|
|
|
AuthenticationInfo authenticationInfo) {
|
|
|
|
AuthenticationInfo authenticationInfo) {
|
|
|
|
switch (authenticationInfo.getStatus()) {
|
|
|
|
switch (authenticationInfo.getStatus()) {
|
|
|
|
case SUCCESS:
|
|
|
|
case SUCCESS:
|
|
|
|
case CONTINUE:
|
|
|
|
case CONTINUE:
|
|
|
|
this.getNext().invoke(request, response, compositeValve);
|
|
|
|
this.getNext().invoke(request, response, compositeValve);
|
|
|
|
break;
|
|
|
|
break;
|
|
|
|
case FAILURE:
|
|
|
|
case FAILURE:
|
|
|
|
String msg = "Failed to authorize incoming request";
|
|
|
|
String msg = "Failed to authorize incoming request";
|
|
|
|
if (authenticationInfo.getMessage() != null && !authenticationInfo.getMessage().isEmpty()) {
|
|
|
|
if (authenticationInfo.getMessage() != null && !authenticationInfo.getMessage().isEmpty()) {
|
|
|
|
msg = authenticationInfo.getMessage();
|
|
|
|
msg = authenticationInfo.getMessage();
|
|
|
|
response.setHeader("WWW-Authenticate", msg);
|
|
|
|
response.setHeader("WWW-Authenticate", msg);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (log.isDebugEnabled()) {
|
|
|
|
if (log.isDebugEnabled()) {
|
|
|
|
log.debug(msg + " , API : " + Encode.forUriComponent(request.getRequestURI()));
|
|
|
|
log.debug(msg + " , API : " + Encode.forUriComponent(request.getRequestURI()));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
AuthenticationFrameworkUtil.
|
|
|
|
AuthenticationFrameworkUtil.handleResponse(request, response, HttpServletResponse.SC_UNAUTHORIZED, msg);
|
|
|
|
|
|
|
|
break;
|
|
|
|
handleResponse(request, response, HttpServletResponse.SC_UNAUTHORIZED, msg);
|
|
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|