001package org.apache.archiva.redback.integration.filter.authentication.basic; 002 003/* 004 * Licensed to the Apache Software Foundation (ASF) under one 005 * or more contributor license agreements. See the NOTICE file 006 * distributed with this work for additional information 007 * regarding copyright ownership. The ASF licenses this file 008 * to you under the Apache License, Version 2.0 (the 009 * "License"); you may not use this file except in compliance 010 * with the License. You may obtain a copy of the License at 011 * 012 * http://www.apache.org/licenses/LICENSE-2.0 013 * 014 * Unless required by applicable law or agreed to in writing, 015 * software distributed under the License is distributed on an 016 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 017 * KIND, either express or implied. See the License for the 018 * specific language governing permissions and limitations 019 * under the License. 020 */ 021 022import org.apache.archiva.redback.authentication.AuthenticationException; 023import org.apache.archiva.redback.integration.filter.authentication.AbstractHttpAuthenticationFilter; 024import org.apache.archiva.redback.integration.filter.authentication.HttpAuthenticator; 025 026import javax.servlet.FilterChain; 027import javax.servlet.FilterConfig; 028import javax.servlet.ServletException; 029import javax.servlet.ServletRequest; 030import javax.servlet.ServletResponse; 031import javax.servlet.http.HttpServletRequest; 032import javax.servlet.http.HttpServletResponse; 033import java.io.IOException; 034 035/** 036 * HttpBasicAuthenticationFilter 037 * 038 * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a> 039 * 040 */ 041public class HttpBasicAuthenticationFilter 042 extends AbstractHttpAuthenticationFilter 043{ 044 private HttpAuthenticator httpAuthentication; 045 046 @Override 047 public void init( FilterConfig filterConfig ) 048 throws ServletException 049 { 050 super.init( filterConfig ); 051 052 httpAuthentication = getApplicationContext().getBean( "httpAuthenticator#basic", HttpAuthenticator.class ); 053 } 054 055 public void doFilter( ServletRequest request, ServletResponse response, FilterChain chain ) 056 throws IOException, ServletException 057 { 058 if ( !( request instanceof HttpServletRequest ) ) 059 { 060 throw new ServletException( "Can only process HttpServletRequest" ); 061 } 062 063 if ( !( response instanceof HttpServletResponse ) ) 064 { 065 throw new ServletException( "Can only process HttpServletResponse" ); 066 } 067 068 HttpServletRequest httpRequest = (HttpServletRequest) request; 069 HttpServletResponse httpResponse = (HttpServletResponse) response; 070 071 try 072 { 073 httpAuthentication.authenticate( httpRequest, httpResponse ); 074 } 075 catch ( AuthenticationException e ) 076 { 077 HttpAuthenticator httpauthn = new HttpBasicAuthentication(); 078 httpauthn.challenge( httpRequest, httpResponse, getRealmName(), e ); 079 return; 080 } 081 082 chain.doFilter( request, response ); 083 } 084}