From f2635e9e98b4d3132a4bc18c0d92a45a161a77e6 Mon Sep 17 00:00:00 2001 From: prabathabey Date: Wed, 2 Sep 2015 18:59:36 +0530 Subject: [PATCH] Adding more improvements into web-app authenticator framework --- .../framework/WebappAuthenticationHandler.java | 15 ++++++++++----- .../authenticator/BasicAuthAuthenticator.java | 1 - .../authenticator/OAuthAuthenticator.java | 2 +- 3 files changed, 11 insertions(+), 7 deletions(-) diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationHandler.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationHandler.java index 26e0e76d74e..698c1579b05 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationHandler.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationHandler.java @@ -27,6 +27,7 @@ import org.wso2.carbon.tomcat.ext.valves.CompositeValve; import org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator; import javax.servlet.http.HttpServletResponse; +import java.util.StringTokenizer; public class WebappAuthenticationHandler extends CarbonTomcatValve { @@ -34,7 +35,7 @@ public class WebappAuthenticationHandler extends CarbonTomcatValve { @Override public void invoke(Request request, Response response, CompositeValve compositeValve) { - if (this.isNonAdminService(request) || this.skipAuthentication(request) || this.isContextSkipped(request)) { + if (this.isContextSkipped(request) || (this.isNonAdminService(request) && this.skipAuthentication(request))) { this.getNext().invoke(request, response, compositeValve); return; } @@ -60,13 +61,17 @@ public class WebappAuthenticationHandler extends CarbonTomcatValve { private boolean isContextSkipped(Request request) { String ctx = request.getContext().getPath(); - if (ctx == null) { + if (ctx == null || "".equals(ctx)) { ctx = request.getContextPath(); - if (ctx == null) { - return false; + if (ctx == null || "".equals(ctx)) { + StringTokenizer tokenizer = new StringTokenizer(request.getRequestURI(), "/"); + ctx = tokenizer.nextToken(); + if (ctx == null || "".equals(ctx)) { + return false; + } } } - return ctx.equals("/Carbon") || ctx.equals("/Services"); + return ctx.equalsIgnoreCase("carbon") || ctx.equalsIgnoreCase("services"); } private void processResponse(Request request, Response response, CompositeValve compositeValve, diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java index 7227bdf471a..74396ab9c52 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java @@ -29,7 +29,6 @@ import org.wso2.carbon.webapp.authenticator.framework.Constants; public class BasicAuthAuthenticator implements WebappAuthenticator { private static final String BASIC_AUTH_AUTHENTICATOR = "BasicAuth"; - private static final String HEADER_BASIC_AUTH = "authorization"; @Override public boolean canHandle(Request request) { diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java index 3413cf1b0c3..f3159193410 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java @@ -50,7 +50,7 @@ public class OAuthAuthenticator implements WebappAuthenticator { MessageBytes authorization = request.getCoyoteRequest().getMimeHeaders(). getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION); - String tokenValue = null; + String tokenValue; if (authorization != null) { authorization.toBytes(); ByteChunk authBC = authorization.getByteChunk();