credentialsmanager.java

来自「web版的SVN客户端」· Java 代码 · 共 135 行

JAVA
135
字号 
/*
 * Copyright (c) 2004, 2005 Polarion Software, All rights reserved.
 * Email: community@polarion.org
 *
 * This program and the accompanying materials are made available under the
 * terms of the Apache License, Version 2.0 (the "License"). You may not use
 * this file except in compliance with the License. Copy of the License is
 * located in the file LICENSE.txt in the project distribution. You may also
 * obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
 *
 *
 * POLARION SOFTWARE MAKES NO REPRESENTATIONS OR WARRANTIES
 * ABOUT THE SUITABILITY OF THE SOFTWARE, EITHER EXPRESSED OR IMPLIED,
 * INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. POLARION SOFTWARE
 * SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE AS A RESULT
 * OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS DERIVATIVES.
 */
package org.polarion.svnwebclient.authorization.impl;

import javax.servlet.RequestDispatcher;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;
import org.polarion.svnwebclient.SVNWebClientException;
import org.polarion.svnwebclient.authorization.ICredentialsManager;
import org.polarion.svnwebclient.authorization.UserCredentials;
import org.polarion.svnwebclient.configuration.ConfigurationProvider;
import org.polarion.svnwebclient.data.javasvn.DataProvider;
import org.polarion.svnwebclient.web.SystemInitializing;
import org.polarion.svnwebclient.web.resource.Links;
import org.polarion.svnwebclient.web.support.AbstractRequestHandler;
import org.polarion.svnwebclient.web.support.RequestHandler;
import org.tmatesoft.svn.core.SVNException;


/**
 * 
 * @author <A HREF="mailto:svnbrowser@polarion.org">Polarion Software </A>
 */
public class CredentialsManager implements ICredentialsManager {
    public static final String CREDENTIALS = "credentials";
    public UserCredentials getUserCredentials(HttpServletRequest request, HttpServletResponse response) throws SVNWebClientException {
        UserCredentials credentials = (UserCredentials) request.getSession().getAttribute(CredentialsManager.CREDENTIALS);       
        String username = new String();
        String password = new String();	
        AbstractRequestHandler requestHandler = this.getRequestHandler(request);
	
        if (credentials == null) {
            if (ConfigurationProvider.getInstance().isBasicAuth()) {
		    
		if (request.getHeader("Authorization") != null && request.getHeader("Authorization").length() > 6) {
		    String authHeader = request.getHeader("Authorization");
		    
		    String authInfo = new String(Base64.decodeBase64(authHeader.substring(6).getBytes()));		    		   		    
		    if (authInfo.length() > 1) {
			username = authInfo.substring(0, authInfo.indexOf(':'));
			password = authInfo.substring(authInfo.indexOf(':')+1); 
		    } else {
			username = "";
			password = "";
		    }
		} else {
		    username = "";
		    password = "";
		}

	    } else {
                username = requestHandler.getUsername();
                password = requestHandler.getPassword();
	    }
	    
            credentials = new UserCredentials(username, password);            
            request.getSession().setAttribute(CredentialsManager.CREDENTIALS, credentials);
           
            String url = this.getRepositoryLocation(requestHandler);
            try {  
            	DataProvider.verify(url, credentials.getUsername(), credentials.getPassword());
            	if ("".equals(username) && request.getSession().getAttribute(ICredentialsManager.IS_LOGGED_IN) != null) {
            		this.forceCredentialsRequest(request,response);
            		return null;
            	} else {
            		request.getSession().setAttribute(ICredentialsManager.IS_LOGGED_IN, "exist");
            	}
            	
            } catch (SVNException se) {
            	request.getSession().setAttribute(CredentialsManager.CREDENTIALS, null);
            	request.getSession().setAttribute(SystemInitializing.ID, null);
            	
            	Logger.getLogger(this.getClass()).debug("It's not allowed to enter, your credentials:\t" +
            			"username - " + credentials.getUsername() + " , password - " + credentials.getPassword() + 
            			" url - " + url); 
            	this.forceCredentialsRequest(request, response);
            	return null;
            }	             
        }   
        
        Logger.getLogger(this.getClass()).debug("Credentials: \nUsername: " + 
        		credentials.getUsername() + "   " + credentials.getPassword()); 
        return credentials;
    }
       
    protected AbstractRequestHandler getRequestHandler(HttpServletRequest request) {            	
    	return new RequestHandler(request);
    }  
    
    protected String getRepositoryLocation(AbstractRequestHandler requestHandler){
    	String res = "";
    	if (!ConfigurationProvider.getInstance().isMultiRepositoryMode()) {
    		res = ConfigurationProvider.getInstance().getRepositoryUrl();    		
    	} else {
    		res += ConfigurationProvider.getInstance().getParentRepositoryDirectory() + 
    		requestHandler.getRepositoryName();
    	}
    	return res;
    }
    
    protected void forceCredentialsRequest(HttpServletRequest request, HttpServletResponse response) {
      try {
    	  if (ConfigurationProvider.getInstance().isBasicAuth()) {
    		  response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); 
    		  response.setHeader("WWW-Authenticate", "BASIC realm=\""+ConfigurationProvider.getInstance().getBasicRealm()+"\"");
    		  response.sendError(401);
	  	  } else {
                RequestDispatcher dispatcher = request.getRequestDispatcher(Links.LOGIN);
                dispatcher.forward(request, response);
	  	  }
      } catch (Exception e) {
    	  Logger.getLogger(this.getClass()).error(e,e); 
      }
  }

}

credentialsmanager.java - 源码说明

本页面展示了「web版的SVN客户端」中的 credentialsmanager.java 源码文件,采用 Java 编程语言编写,共 135 行代码。您可以在线阅读完整代码内容,也可以返回资源详情页下载完整源码包进行本地学习和开发。

虫虫下载站收录了大量与web相关的技术资源,包括源代码、技术文档、电路图等,是电子工程师和嵌入式开发者的专业学习平台。

⌨️ 快捷键说明

复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?