|
|||||||||||||||||||
Source file | Conditionals | Statements | Methods | TOTAL | |||||||||||||||
BasicAuthentication.java | 0% | 0% | 0% | 0% |
|
1 |
/*
|
|
2 |
* ====================================================================
|
|
3 |
*
|
|
4 |
* The Apache Software License, Version 1.1
|
|
5 |
*
|
|
6 |
* Copyright (c) 2001-2003 The Apache Software Foundation. All rights
|
|
7 |
* reserved.
|
|
8 |
*
|
|
9 |
* Redistribution and use in source and binary forms, with or without
|
|
10 |
* modification, are permitted provided that the following conditions
|
|
11 |
* are met:
|
|
12 |
*
|
|
13 |
* 1. Redistributions of source code must retain the above copyright
|
|
14 |
* notice, this list of conditions and the following disclaimer.
|
|
15 |
*
|
|
16 |
* 2. Redistributions in binary form must reproduce the above copyright
|
|
17 |
* notice, this list of conditions and the following disclaimer in
|
|
18 |
* the documentation and/or other materials provided with the
|
|
19 |
* distribution.
|
|
20 |
*
|
|
21 |
* 3. The end-user documentation included with the redistribution, if
|
|
22 |
* any, must include the following acknowlegement:
|
|
23 |
* "This product includes software developed by the
|
|
24 |
* Apache Software Foundation (http://www.apache.org/)."
|
|
25 |
* Alternately, this acknowlegement may appear in the software itself,
|
|
26 |
* if and wherever such third-party acknowlegements normally appear.
|
|
27 |
*
|
|
28 |
* 4. The names "The Jakarta Project", "Cactus" and "Apache Software
|
|
29 |
* Foundation" must not be used to endorse or promote products
|
|
30 |
* derived from this software without prior written permission. For
|
|
31 |
* written permission, please contact apache@apache.org.
|
|
32 |
*
|
|
33 |
* 5. Products derived from this software may not be called "Apache"
|
|
34 |
* nor may "Apache" appear in their names without prior written
|
|
35 |
* permission of the Apache Group.
|
|
36 |
*
|
|
37 |
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
|
|
38 |
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
|
|
39 |
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
40 |
* DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
|
|
41 |
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
42 |
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
43 |
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
|
|
44 |
* USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
|
|
45 |
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
|
|
46 |
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
|
|
47 |
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
48 |
* SUCH DAMAGE.
|
|
49 |
* ====================================================================
|
|
50 |
*
|
|
51 |
* This software consists of voluntary contributions made by many
|
|
52 |
* individuals on behalf of the Apache Software Foundation. For more
|
|
53 |
* information on the Apache Software Foundation, please see
|
|
54 |
* <http://www.apache.org/>.
|
|
55 |
*
|
|
56 |
*/
|
|
57 |
package org.apache.cactus.client.authentication;
|
|
58 |
|
|
59 |
import java.text.CharacterIterator;
|
|
60 |
import java.text.StringCharacterIterator;
|
|
61 |
|
|
62 |
import org.apache.cactus.WebRequest;
|
|
63 |
import org.apache.cactus.configuration.Configuration;
|
|
64 |
|
|
65 |
/**
|
|
66 |
* Basic Authentication support.
|
|
67 |
*
|
|
68 |
* @author <a href="mailto:vmassol@apache.org">Vincent Massol</a>
|
|
69 |
* @author <a href="mailto:Jason.Robertson@acs-inc.com">Jason Robertson</a>
|
|
70 |
*
|
|
71 |
* @since 1.3
|
|
72 |
* @see AbstractAuthentication
|
|
73 |
*
|
|
74 |
* @version $Id: BasicAuthentication.java,v 1.9 2003/05/26 11:45:26 cmlenz Exp $
|
|
75 |
*/
|
|
76 |
public class BasicAuthentication extends AbstractAuthentication |
|
77 |
{ |
|
78 |
/**
|
|
79 |
* Provides encoding of raw bytes to base64-encoded characters, and
|
|
80 |
* decoding of base64 characters to raw bytes.
|
|
81 |
*/
|
|
82 |
private static char[] alphabet = |
|
83 |
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="
|
|
84 |
.toCharArray(); |
|
85 |
|
|
86 |
/**
|
|
87 |
* Lookup table for converting base64 characters to value in range 0..63
|
|
88 |
*/
|
|
89 |
private static byte[] codes = new byte[256]; |
|
90 |
|
|
91 |
static
|
|
92 |
{ |
|
93 | 0 |
for (int i = 0; i < 256; i++) |
94 |
{ |
|
95 | 0 |
codes[i] = -1; |
96 |
} |
|
97 |
|
|
98 | 0 |
for (int i = 'A'; i <= 'Z'; i++) |
99 |
{ |
|
100 | 0 |
codes[i] = (byte) (i - 'A');
|
101 |
} |
|
102 |
|
|
103 | 0 |
for (int i = 'a'; i <= 'z'; i++) |
104 |
{ |
|
105 | 0 |
codes[i] = (byte) (26 + i - 'a');
|
106 |
} |
|
107 |
|
|
108 | 0 |
for (int i = '0'; i <= '9'; i++) |
109 |
{ |
|
110 | 0 |
codes[i] = (byte) (52 + i - '0');
|
111 |
} |
|
112 |
|
|
113 | 0 |
codes['+'] = 62; |
114 | 0 |
codes['/'] = 63; |
115 |
} |
|
116 |
|
|
117 |
/**
|
|
118 |
* @param theName user name of the Credential
|
|
119 |
* @param thePassword user password of the Credential
|
|
120 |
*/
|
|
121 | 0 |
public BasicAuthentication(String theName, String thePassword)
|
122 |
{ |
|
123 | 0 |
super(theName, thePassword);
|
124 |
} |
|
125 |
|
|
126 |
/**
|
|
127 |
* @see AbstractAuthentication#validateName(String)
|
|
128 |
*/
|
|
129 | 0 |
protected void validateName(String theName) |
130 |
{ |
|
131 |
// According to HTTP 1.0 Spec:
|
|
132 |
// userid = [ token ]
|
|
133 |
// token = 1*<any CHAR except CTLs or tspecials>
|
|
134 |
// CTL = <any US-ASCII control character (octets 0-31) and
|
|
135 |
// DEL (127)
|
|
136 |
// tspecial = "(" | ")" | "<" | ">" | "@"
|
|
137 |
// "," | ";" | ":" | "\" | <">
|
|
138 |
// "/" | "[" | "]" | "?" | "="
|
|
139 |
// "{" | "}" | SP | HT
|
|
140 |
// SP = <US-ASCII SP, space (32)>
|
|
141 |
// HT = <US-ASCII HT, horizontal-tab (9)>
|
|
142 |
// Validate the given theName
|
|
143 |
// The theName is optional, it can be blank.
|
|
144 | 0 |
if (theName == null) |
145 |
{ |
|
146 | 0 |
return;
|
147 |
} |
|
148 |
|
|
149 |
// If it's non-blank, there is no maximum length
|
|
150 |
// and it can't contain any illegal characters
|
|
151 | 0 |
String illegalChars = "()<>@,;:\\\"/[]?={} \t";
|
152 | 0 |
StringCharacterIterator iter = new StringCharacterIterator(theName);
|
153 |
|
|
154 | 0 |
for (char c = iter.first(); c != CharacterIterator.DONE; |
155 |
c = iter.next()) |
|
156 |
{ |
|
157 | 0 |
if ((illegalChars.indexOf(c) != -1) || ((c >= 0) && (c <= 31))
|
158 |
|| (c == 127)) |
|
159 |
{ |
|
160 |
// Bad theName! Go to your room!
|
|
161 | 0 |
throw new IllegalArgumentException( |
162 |
"[" + theName + "] contains illegal characters."); |
|
163 |
} |
|
164 |
} |
|
165 |
} |
|
166 |
|
|
167 |
/**
|
|
168 |
* @see AbstractAuthentication#validatePassword(String)
|
|
169 |
*/
|
|
170 | 0 |
protected void validatePassword(String thePassword) |
171 |
{ |
|
172 |
// According to HTTP 1.0 Spec:
|
|
173 |
// password = *TEXT
|
|
174 |
// TEXT = <any OCTET except CTLs, but including LWS>
|
|
175 |
// OCTET = <any 8-bit sequence of data>
|
|
176 |
// CTL = <any US-ASCII control character (octets 0-31) and DEL (127)
|
|
177 |
// LWS = [CRLF] 1*( SP | HT )
|
|
178 |
// CRLF = CR LF
|
|
179 |
// CR = <US-ASCII CR, carriage return (13)>
|
|
180 |
// LF = <US-ASCII LF, linefeed (10)>
|
|
181 |
// SP = <US-ASCII SP, space (32)>
|
|
182 |
// HT = <US-ASCII HT, horizontal-tab (9)>
|
|
183 |
// Validate the given thePassword
|
|
184 |
// The thePassword can have zero characters, i.e. be blank.
|
|
185 | 0 |
if (thePassword == null) |
186 |
{ |
|
187 | 0 |
return;
|
188 |
} |
|
189 |
|
|
190 |
// If it's non-blank, there is no maximum length
|
|
191 |
// and it can't contain any illegal characters
|
|
192 | 0 |
String exceptionChars = "\r\n \t"; // CR LF SP HT |
193 | 0 |
StringCharacterIterator iter = new StringCharacterIterator(thePassword);
|
194 |
|
|
195 | 0 |
for (char c = iter.first(); c != CharacterIterator.DONE; |
196 |
c = iter.next()) |
|
197 |
{ |
|
198 | 0 |
if (((c >= 0) && (c <= 31)) || (c == 127))
|
199 |
{ |
|
200 | 0 |
if (exceptionChars.indexOf(c) != -1)
|
201 |
{ |
|
202 | 0 |
continue;
|
203 |
} |
|
204 |
|
|
205 |
// Bad thePassword! Go to your room!
|
|
206 | 0 |
throw new IllegalArgumentException( |
207 |
"Given thePassword contains illegal characters.");
|
|
208 |
} |
|
209 |
} |
|
210 |
} |
|
211 |
|
|
212 |
/**
|
|
213 |
* @see AbstractAuthentication#configure(WebRequest, Configuration)
|
|
214 |
*/
|
|
215 | 0 |
public void configure(WebRequest theRequest, |
216 |
Configuration theConfiguration) |
|
217 |
{ |
|
218 |
// According to HTTP 1.0 Spec:
|
|
219 |
// basic-credentials = "Basic" SP basic-cookie
|
|
220 |
// basic-cookie = <base64 encoding of userid-password,
|
|
221 |
// except not limited to 76 char/line>
|
|
222 |
// userid-password = [ token ] ":" *TEXT
|
|
223 |
//
|
|
224 |
// see setName and setPassword for details of token and TEXT
|
|
225 | 0 |
String basicCookie = getName() + ":" + getPassword();
|
226 | 0 |
String basicCredentials = "Basic "
|
227 |
+ new String(base64Encode(basicCookie.getBytes()));
|
|
228 |
|
|
229 | 0 |
theRequest.addHeader("Authorization", basicCredentials);
|
230 |
} |
|
231 |
|
|
232 |
/**
|
|
233 |
* returns an array of base64-encoded characters to represent the
|
|
234 |
* passed theData array.
|
|
235 |
*
|
|
236 |
* @param theData the array of bytes to encode
|
|
237 |
* @return base64-coded character array.
|
|
238 |
*/
|
|
239 | 0 |
private static char[] base64Encode(byte[] theData) |
240 |
{ |
|
241 | 0 |
char[] out = new char[((theData.length + 2) / 3) * 4]; |
242 |
|
|
243 |
//
|
|
244 |
// 3 bytes encode to 4 chars. Output is always an even
|
|
245 |
// multiple of 4 characters.
|
|
246 |
//
|
|
247 | 0 |
for (int i = 0, index = 0; i < theData.length; i += 3, index += 4) |
248 |
{ |
|
249 | 0 |
boolean quad = false; |
250 | 0 |
boolean trip = false; |
251 |
|
|
252 | 0 |
int val = (0xFF & (int) theData[i]); |
253 |
|
|
254 | 0 |
val <<= 8; |
255 |
|
|
256 | 0 |
if ((i + 1) < theData.length)
|
257 |
{ |
|
258 | 0 |
val |= (0xFF & (int) theData[i + 1]);
|
259 | 0 |
trip = true;
|
260 |
} |
|
261 |
|
|
262 | 0 |
val <<= 8; |
263 |
|
|
264 | 0 |
if ((i + 2) < theData.length)
|
265 |
{ |
|
266 | 0 |
val |= (0xFF & (int) theData[i + 2]);
|
267 | 0 |
quad = true;
|
268 |
} |
|
269 |
|
|
270 | 0 |
out[index + 3] = alphabet[(quad ? (val & 0x3F) : 64)]; |
271 | 0 |
val >>= 6; |
272 |
|
|
273 | 0 |
out[index + 2] = alphabet[(trip ? (val & 0x3F) : 64)]; |
274 | 0 |
val >>= 6; |
275 |
|
|
276 | 0 |
out[index + 1] = alphabet[val & 0x3F]; |
277 | 0 |
val >>= 6; |
278 |
|
|
279 | 0 |
out[index + 0] = alphabet[val & 0x3F]; |
280 |
} |
|
281 |
|
|
282 | 0 |
return out;
|
283 |
} |
|
284 |
} |
|
285 |
|
|