Fixes https://github.com/wso2/product-iots/issues/1570

7 years ago · 0485e9c2b3
parent 5783a74110
commit 0485e9c2b3
2 changed files with 11 additions and 4 deletions
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationValve.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationValve.java
@ -106,6 +106,14 @@ public class WebappAuthenticationValve extends CarbonTomcatValve {
    }

    private boolean isNonSecuredEndPoint(Request request) {
+        if (request.getCoyoteRequest() != null && request.getCoyoteRequest().getMimeHeaders() !=
+                null && request.getCoyoteRequest().getMimeHeaders().getValue(Constants
+                .HTTPHeaders.HEADER_HTTP_AUTHORIZATION) != null) {
+            //This is to handle the DEP behaviours of the same endpoint being non-secured in the
+            // first call and then being secured in the second call which comes with the basic
+            // auth header.
+            return false;
+        }
        String uri = request.getRequestURI();
        if (uri == null) {
            uri = "";
@ -146,8 +154,9 @@ public class WebappAuthenticationValve extends CarbonTomcatValve {
            String msg = "Failed to authorize incoming request";
            if (authenticationInfo.getMessage() != null && !authenticationInfo.getMessage().isEmpty()) {
                msg = authenticationInfo.getMessage();
-                response.setHeader("WWW-Authenticate", msg);
+                response.setHeader("WWW-Authenticate", "Basic");
            }
+
            if (log.isDebugEnabled()) {
                log.debug(msg + " , API : " + Encode.forUriComponent(request.getRequestURI()));
            }
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java
@ -50,9 +50,6 @@ public class BasicAuthAuthenticator implements WebappAuthenticator {

    @Override
    public boolean canHandle(Request request) {
-        if (!isAuthenticationSupported(request)) {
-            return false;
-        }
        if (request.getCoyoteRequest() == null || request.getCoyoteRequest().getMimeHeaders() == null) {
            return false;
        }
@ -84,6 +81,7 @@ public class BasicAuthAuthenticator implements WebappAuthenticator {
                authenticationInfo.setTenantDomain(Utils.getTenantDomain(tenantId));
                authenticationInfo.setTenantId(tenantId);
            } else {
+                authenticationInfo.setMessage("Failed to authorize incoming request.");
                authenticationInfo.setStatus(Status.FAILURE);
            }
        } catch (UserStoreException e) {