From c873aa270ae11f4c690ecec13fdc597c515c2b15 Mon Sep 17 00:00:00 2001 From: slaws Date: Tue, 29 Sep 2009 10:57:20 +0000 Subject: Extend basic auth support to match the credentials set in the policy. Not a production solution but useful for demonstrating how policy can be used. git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@819883 13f79535-47bb-0310-9956-ffa450edef68 --- ...asicAuthenticationServicePolicyInterceptor.java | 42 ++++++++++++++-------- 1 file changed, 27 insertions(+), 15 deletions(-) (limited to 'branches/sca-java-1.x/modules/policy-security/src/main') diff --git a/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationServicePolicyInterceptor.java b/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationServicePolicyInterceptor.java index e783d77c97..c1fab9efe4 100644 --- a/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationServicePolicyInterceptor.java +++ b/branches/sca-java-1.x/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationServicePolicyInterceptor.java @@ -27,6 +27,7 @@ import org.apache.tuscany.sca.invocation.Invoker; import org.apache.tuscany.sca.invocation.Message; import org.apache.tuscany.sca.policy.PolicySet; import org.apache.tuscany.sca.policy.SecurityUtil; +import org.osoa.sca.ServiceRuntimeException; /** @@ -51,14 +52,7 @@ public class BasicAuthenticationServicePolicyInterceptor implements Interceptor } private void init() { - if (policySet != null) { - for (Object policyObject : policySet.getPolicies()){ - if (policyObject instanceof BasicAuthenticationPolicy){ - policy = (BasicAuthenticationPolicy)policyObject; - break; - } - } - } + } public Message invoke(Message msg) { @@ -66,17 +60,35 @@ public class BasicAuthenticationServicePolicyInterceptor implements Interceptor Subject subject = SecurityUtil.getSubject(msg); BasicAuthenticationPrincipal principal = SecurityUtil.getPrincipal(subject, BasicAuthenticationPrincipal.class); - + boolean authenticated = false; + if (principal != null){ - System.out.println("Username: " + - principal.getName() + - " Password: " + - principal.getPassword()); + System.out.println("Authenticating user: " + + principal.getName()); // could call out here to some 3rd party system to do whatever you - // need to do do with username and password - + // need to do do with username and password. For this very simple + // interceptor just check that the credentials match crendentials in + // the policy + + if (policySet != null) { + for (Object policyObject : policySet.getPolicies()){ + if (policyObject instanceof BasicAuthenticationPolicy){ + BasicAuthenticationPolicy policy = (BasicAuthenticationPolicy)policyObject; + + if (policy.getUserName().equals(principal.getName())){ + if (policy.getPassword().equals(principal.getPassword())){ + authenticated = true; + } + } + } + } + } + } + + if (authenticated == false){ + throw new ServiceRuntimeException("User: " + principal.getName() + " cannot be authenticated"); } return getNext().invoke(msg); -- cgit v1.2.3