1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.eclipse.jetty.security.authentication;
20
21 import java.io.IOException;
22
23 import javax.servlet.ServletRequest;
24 import javax.servlet.ServletResponse;
25 import javax.servlet.http.HttpServletRequest;
26 import javax.servlet.http.HttpServletResponse;
27
28 import org.eclipse.jetty.http.HttpHeader;
29 import org.eclipse.jetty.security.ServerAuthException;
30 import org.eclipse.jetty.security.UserAuthentication;
31 import org.eclipse.jetty.server.Authentication;
32 import org.eclipse.jetty.server.Authentication.User;
33 import org.eclipse.jetty.server.UserIdentity;
34 import org.eclipse.jetty.util.log.Log;
35 import org.eclipse.jetty.util.log.Logger;
36 import org.eclipse.jetty.util.security.Constraint;
37
38 public class SpnegoAuthenticator extends LoginAuthenticator
39 {
40 private static final Logger LOG = Log.getLogger(SpnegoAuthenticator.class);
41 private String _authMethod = Constraint.__SPNEGO_AUTH;
42
43 public SpnegoAuthenticator()
44 {
45 }
46
47
48
49
50
51 public SpnegoAuthenticator( String authMethod )
52 {
53 _authMethod = authMethod;
54 }
55
56 @Override
57 public String getAuthMethod()
58 {
59 return _authMethod;
60 }
61
62 @Override
63 public Authentication validateRequest(ServletRequest request, ServletResponse response, boolean mandatory) throws ServerAuthException
64 {
65 HttpServletRequest req = (HttpServletRequest)request;
66 HttpServletResponse res = (HttpServletResponse)response;
67
68 String header = req.getHeader(HttpHeader.AUTHORIZATION.asString());
69
70 if (!mandatory)
71 {
72 return new DeferredAuthentication(this);
73 }
74
75
76 if ( header == null )
77 {
78 try
79 {
80 if (DeferredAuthentication.isDeferred(res))
81 {
82 return Authentication.UNAUTHENTICATED;
83 }
84
85 LOG.debug("SpengoAuthenticator: sending challenge");
86 res.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), HttpHeader.NEGOTIATE.asString());
87 res.sendError(HttpServletResponse.SC_UNAUTHORIZED);
88 return Authentication.SEND_CONTINUE;
89 }
90 catch (IOException ioe)
91 {
92 throw new ServerAuthException(ioe);
93 }
94 }
95 else if (header != null && header.startsWith(HttpHeader.NEGOTIATE.asString()))
96 {
97 String spnegoToken = header.substring(10);
98
99 UserIdentity user = login(null,spnegoToken, request);
100
101 if ( user != null )
102 {
103 return new UserAuthentication(getAuthMethod(),user);
104 }
105 }
106
107 return Authentication.UNAUTHENTICATED;
108 }
109
110 @Override
111 public boolean secureResponse(ServletRequest request, ServletResponse response, boolean mandatory, User validatedUser) throws ServerAuthException
112 {
113 return true;
114 }
115
116 }