[jboss-cvs] JBossAS SVN: r89298 - in projects/security/security-negotiation/branches/SECURITY-141: jboss-negotiation-toolkit/src/main/webapp and 1 other directories.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Fri May 22 13:05:31 EDT 2009 

Author: darran.lofthouse at jboss.com
Date: 2009-05-22 13:05:31 -0400 (Fri, 22 May 2009)
New Revision: 89298

Added:
   projects/security/security-negotiation/branches/SECURITY-141/jboss-negotiation-toolkit/src/main/webapp/error.html
   projects/security/security-negotiation/branches/SECURITY-141/jboss-negotiation-toolkit/src/main/webapp/login.html
Modified:
   projects/security/security-negotiation/branches/SECURITY-141/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/NegotiationAuthenticator.java
   projects/security/security-negotiation/branches/SECURITY-141/jboss-negotiation-toolkit/src/main/webapp/WEB-INF/web.xml
Log:
Initial prototype to test sending a login page.

Modified: projects/security/security-negotiation/branches/SECURITY-141/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/NegotiationAuthenticator.java
===================================================================
--- projects/security/security-negotiation/branches/SECURITY-141/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/NegotiationAuthenticator.java	2009-05-22 17:01:48 UTC (rev 89297)
+++ projects/security/security-negotiation/branches/SECURITY-141/jboss-negotiation-common/src/main/java/org/jboss/security/negotiation/NegotiationAuthenticator.java	2009-05-22 17:05:31 UTC (rev 89298)
@@ -27,6 +27,11 @@
 import java.io.IOException;
 import java.security.Principal;
 
+import javax.servlet.RequestDispatcher;
+import javax.servlet.ServletContext;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletResponse;
+
 import org.apache.catalina.Realm;
 import org.apache.catalina.Session;
 import org.apache.catalina.authenticator.AuthenticatorBase;
@@ -79,9 +84,7 @@
       String authHeader = request.getHeader("Authorization");
       if (authHeader == null)
       {
-         log.debug("No Authorization Header, sending 401");
-         response.setHeader("WWW-Authenticate", negotiateScheme);
-         response.sendError(401);
+         initiateAuthentication(request, response, config);
 
          return false;
       }
@@ -167,4 +170,35 @@
 
       return (principal != null);
    }
+
+   private void initiateAuthentication(final Request request, final Response response, final LoginConfig config)
+         throws IOException
+   {
+      log.debug("No Authorization Header, sending 401");
+      response.setHeader("WWW-Authenticate", getNegotiateScheme());
+
+      String loginPage = config.getLoginPage();
+      if (loginPage != null)
+      {
+         log.info("loginPage=" + loginPage);
+
+         ServletContext servletContext = context.getServletContext();
+         RequestDispatcher disp = servletContext.getRequestDispatcher(loginPage);
+
+         try
+         {
+            disp.include(request, response);
+         }
+         catch (ServletException e)
+         {
+            IOException ex = new IOException("Unable to include loginPage");
+            ex.initCause(e);
+
+            throw ex;
+         }
+      }
+
+      response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+      response.flushBuffer();
+   }
 }

Modified: projects/security/security-negotiation/branches/SECURITY-141/jboss-negotiation-toolkit/src/main/webapp/WEB-INF/web.xml
===================================================================
--- projects/security/security-negotiation/branches/SECURITY-141/jboss-negotiation-toolkit/src/main/webapp/WEB-INF/web.xml	2009-05-22 17:01:48 UTC (rev 89297)
+++ projects/security/security-negotiation/branches/SECURITY-141/jboss-negotiation-toolkit/src/main/webapp/WEB-INF/web.xml	2009-05-22 17:05:31 UTC (rev 89298)
@@ -65,7 +65,11 @@
     
    <login-config>
     <auth-method>SPNEGO</auth-method>
-    <realm-name>SPNEGO</realm-name>    
+    <realm-name>SPNEGO</realm-name>
+    <form-login-config>
+      <form-login-page>/login.html</form-login-page>
+      <form-error-page>/error.html</form-error-page>
+    </form-login-config>    
    </login-config>
           
     <security-role>

Added: projects/security/security-negotiation/branches/SECURITY-141/jboss-negotiation-toolkit/src/main/webapp/error.html
===================================================================
--- projects/security/security-negotiation/branches/SECURITY-141/jboss-negotiation-toolkit/src/main/webapp/error.html	                        (rev 0)
+++ projects/security/security-negotiation/branches/SECURITY-141/jboss-negotiation-toolkit/src/main/webapp/error.html	2009-05-22 17:05:31 UTC (rev 89298)
@@ -0,0 +1,8 @@
+<html>
+  <head>
+    <title>Error</title>
+  </head>
+  <body>
+    <h1>Oops!!</h1>
+  </body>
+</html>
\ No newline at end of file

Added: projects/security/security-negotiation/branches/SECURITY-141/jboss-negotiation-toolkit/src/main/webapp/login.html
===================================================================
--- projects/security/security-negotiation/branches/SECURITY-141/jboss-negotiation-toolkit/src/main/webapp/login.html	                        (rev 0)
+++ projects/security/security-negotiation/branches/SECURITY-141/jboss-negotiation-toolkit/src/main/webapp/login.html	2009-05-22 17:05:31 UTC (rev 89298)
@@ -0,0 +1,8 @@
+<html>
+  <head>
+    <title>Login</title>
+  </head>
+  <body>
+    <h1>Lets log in</h1>
+  </body>
+</html>
\ No newline at end of file

More information about the jboss-cvs-commits mailing list