Merge pull request #690 from wso2/devicetype-3.1.0

Restricted basic auth in valve
merge-requests/7/head
Ruwan 8 years ago committed by GitHub
commit 8535242df1

@ -39,6 +39,11 @@
<param-name>doAuthentication</param-name>
<param-value>true</param-value>
</context-param>
<!--This is to support basic auth.-->
<context-param>
<param-name>basicAuth</param-name>
<param-value>true</param-value>
</context-param>
<!--publish to apim-->
<context-param>

@ -49,6 +49,9 @@ public class BasicAuthAuthenticator implements WebappAuthenticator {
@Override
public boolean canHandle(Request request) {
if (!isAuthenticationSupported(request)) {
return false;
}
MessageBytes authorization =
request.getCoyoteRequest().getMimeHeaders().getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION);
if (authorization != null) {
@ -156,4 +159,9 @@ public class BasicAuthAuthenticator implements WebappAuthenticator {
}
}
private boolean isAuthenticationSupported(Request request) {
String param = request.getContext().findParameter("basicAuth");
return (param == null || !Boolean.parseBoolean(param));
}
}

Loading…
Cancel
Save