Merge pull request #690 from wso2/devicetype-3.1.0

Restricted basic auth in valve
4.x.x
Ruwan 8 years ago committed by GitHub
commit 8535242df1

@ -39,6 +39,11 @@
<param-name>doAuthentication</param-name> <param-name>doAuthentication</param-name>
<param-value>true</param-value> <param-value>true</param-value>
</context-param> </context-param>
<!--This is to support basic auth.-->
<context-param>
<param-name>basicAuth</param-name>
<param-value>true</param-value>
</context-param>
<!--publish to apim--> <!--publish to apim-->
<context-param> <context-param>

@ -49,6 +49,9 @@ public class BasicAuthAuthenticator implements WebappAuthenticator {
@Override @Override
public boolean canHandle(Request request) { public boolean canHandle(Request request) {
if (!isAuthenticationSupported(request)) {
return false;
}
MessageBytes authorization = MessageBytes authorization =
request.getCoyoteRequest().getMimeHeaders().getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION); request.getCoyoteRequest().getMimeHeaders().getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION);
if (authorization != null) { if (authorization != null) {
@ -156,4 +159,9 @@ public class BasicAuthAuthenticator implements WebappAuthenticator {
} }
} }
private boolean isAuthenticationSupported(Request request) {
String param = request.getContext().findParameter("basicAuth");
return (param == null || !Boolean.parseBoolean(param));
}
} }

Loading…
Cancel
Save