diff options
author | lresende <lresende@13f79535-47bb-0310-9956-ffa450edef68> | 2009-11-13 01:23:07 +0000 |
---|---|---|
committer | lresende <lresende@13f79535-47bb-0310-9956-ffa450edef68> | 2009-11-13 01:23:07 +0000 |
commit | 539451c7e13d98504e6f3368d892406494ca711d (patch) | |
tree | 6fe54167c75379c836d9df585d6267df89f511d4 /sca-java-1.x/tags/1.5.1-RC4/modules/policy-security-http/src/main/java/org/apache/tuscany/sca/policy/security/http/util/HttpSecurityUtil.java | |
parent | b055ebe9fe44990f9dad2ed8c1c789aa43b2538d (diff) |
Removing obsolete release candidate tags
git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@835693 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'sca-java-1.x/tags/1.5.1-RC4/modules/policy-security-http/src/main/java/org/apache/tuscany/sca/policy/security/http/util/HttpSecurityUtil.java')
-rw-r--r-- | sca-java-1.x/tags/1.5.1-RC4/modules/policy-security-http/src/main/java/org/apache/tuscany/sca/policy/security/http/util/HttpSecurityUtil.java | 124 |
1 files changed, 0 insertions, 124 deletions
diff --git a/sca-java-1.x/tags/1.5.1-RC4/modules/policy-security-http/src/main/java/org/apache/tuscany/sca/policy/security/http/util/HttpSecurityUtil.java b/sca-java-1.x/tags/1.5.1-RC4/modules/policy-security-http/src/main/java/org/apache/tuscany/sca/policy/security/http/util/HttpSecurityUtil.java deleted file mode 100644 index 88b2ee9fce..0000000000 --- a/sca-java-1.x/tags/1.5.1-RC4/modules/policy-security-http/src/main/java/org/apache/tuscany/sca/policy/security/http/util/HttpSecurityUtil.java +++ /dev/null @@ -1,124 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.apache.tuscany.sca.policy.security.http.util; - -import java.util.StringTokenizer; - -import javax.security.auth.Subject; -import javax.servlet.http.HttpServletRequest; - -import org.apache.commons.codec.binary.Base64; -import org.apache.tuscany.sca.invocation.Message; -import org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPrincipal; - -/** - * - * @version $Rev$ $Date$ - */ -public class HttpSecurityUtil { - - /** - * Check if Authorization header is available - * @param request - * @param response - * @return - */ - public static boolean hasAuthorizationHeader(HttpServletRequest request) { - boolean result = false; - if(request.getHeader("Authorization") != null) { - result = true; - } - - return result; - } - - /** - * - * @param request - * @param response - * @return - */ - public static String getAuthorizationHeader(HttpServletRequest request) { - return request.getHeader("Authorization"); - } - - public static Subject getSubject(Message msg){ - - Subject subject = null; - HttpServletRequest request = null; - - for (Object header : msg.getHeaders()){ - if (header instanceof Subject){ - subject = (Subject)header; - break; - } else if( header instanceof HttpServletRequest) { - request = (HttpServletRequest) header; - } - } - - //if there is no subject, but request is available - //try to build a subject from authorization header - if (subject == null & request != null) { - if ( hasAuthorizationHeader(request)) { - subject = getSubject(getAuthorizationHeader(request)); - } - - } - if (subject == null){ - subject = new Subject(); - msg.getHeaders().add(subject); - } - - return subject; - - } - - public static Subject getSubject(String httpAuthorizationHeader){ - - - // get the security context - Subject subject = new Subject(); - String user = null; - String password = null; - - if (httpAuthorizationHeader != null) { - StringTokenizer tokens = new StringTokenizer(httpAuthorizationHeader); - if (tokens.hasMoreTokens()) { - String basic = tokens.nextToken(); - if (basic.equalsIgnoreCase("Basic")) { - String credentials = tokens.nextToken(); - String userAndPassword = new String(Base64.decodeBase64(credentials.getBytes())); - int colon = userAndPassword.indexOf(":"); - if (colon != -1) { - user = userAndPassword.substring(0, colon); - password = userAndPassword.substring(colon + 1); - } - } - } - } - - if(user != null && password != null) { - BasicAuthenticationPrincipal principal = new BasicAuthenticationPrincipal(user, password); - subject.getPrincipals().add(principal); - } - - return subject; - } -} |