Source code

001package org.apache.archiva.redback.integration.filter.authentication.basic;
002
003/*
004 * Licensed to the Apache Software Foundation (ASF) under one
005 * or more contributor license agreements.  See the NOTICE file
006 * distributed with this work for additional information
007 * regarding copyright ownership.  The ASF licenses this file
008 * to you under the Apache License, Version 2.0 (the
009 * "License"); you may not use this file except in compliance
010 * with the License.  You may obtain a copy of the License at
011 *
012 * http://www.apache.org/licenses/LICENSE-2.0
013 *
014 * Unless required by applicable law or agreed to in writing,
015 * software distributed under the License is distributed on an
016 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
017 * KIND, either express or implied.  See the License for the
018 * specific language governing permissions and limitations
019 * under the License.
020 */
021
022import org.apache.archiva.redback.authentication.AuthenticationException;
023import org.apache.archiva.redback.integration.filter.authentication.AbstractHttpAuthenticationFilter;
024import org.apache.archiva.redback.integration.filter.authentication.HttpAuthenticator;
025
026import javax.servlet.FilterChain;
027import javax.servlet.FilterConfig;
028import javax.servlet.ServletException;
029import javax.servlet.ServletRequest;
030import javax.servlet.ServletResponse;
031import javax.servlet.http.HttpServletRequest;
032import javax.servlet.http.HttpServletResponse;
033import java.io.IOException;
034
035/**
036 * HttpBasicAuthenticationFilter
037 *
038 * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
039 *
040 */
041public class HttpBasicAuthenticationFilter
042    extends AbstractHttpAuthenticationFilter
043{
044    private HttpAuthenticator httpAuthentication;
045
046    @Override
047    public void init( FilterConfig filterConfig )
048        throws ServletException
049    {
050        super.init( filterConfig );
051
052        httpAuthentication = getApplicationContext().getBean( "httpAuthenticator#basic", HttpAuthenticator.class );
053    }
054
055    public void doFilter( ServletRequest request, ServletResponse response, FilterChain chain )
056        throws IOException, ServletException
057    {
058        if ( !( request instanceof HttpServletRequest ) )
059        {
060            throw new ServletException( "Can only process HttpServletRequest" );
061        }
062
063        if ( !( response instanceof HttpServletResponse ) )
064        {
065            throw new ServletException( "Can only process HttpServletResponse" );
066        }
067
068        HttpServletRequest httpRequest = (HttpServletRequest) request;
069        HttpServletResponse httpResponse = (HttpServletResponse) response;
070
071        try
072        {
073            httpAuthentication.authenticate( httpRequest, httpResponse );
074        }
075        catch ( AuthenticationException e )
076        {
077            HttpAuthenticator httpauthn = new HttpBasicAuthentication();
078            httpauthn.challenge( httpRequest, httpResponse, getRealmName(), e );
079            return;
080        }
081
082        chain.doFilter( request, response );
083    }
084}