Author: fmeschbe
Date: Wed Jan 6 09:49:44 2010
New Revision: 896362
URL: http://svn.apache.org/viewvc?rev=896362&view=rev
Log:
SLING-1264 Use new AuthenticationHandler API from the Commons Auth bundle
Modified:
sling/trunk/bundles/extensions/httpauth/pom.xml
sling/trunk/bundles/extensions/httpauth/src/main/java/org/apache/sling/httpauth/impl/AuthorizationHeaderAuthenticationHandler.java
Modified: sling/trunk/bundles/extensions/httpauth/pom.xml
URL:
http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/httpauth/pom.xml?rev=896362&r1=896361&r2=896362&view=diff
==============================================================================
--- sling/trunk/bundles/extensions/httpauth/pom.xml (original)
+++ sling/trunk/bundles/extensions/httpauth/pom.xml Wed Jan 6 09:49:44 2010
@@ -86,8 +86,8 @@
</dependency>
<dependency>
<groupId>org.apache.sling</groupId>
- <artifactId>org.apache.sling.engine</artifactId>
- <version>2.0.6</version>
+ <artifactId>org.apache.sling.commons.auth</artifactId>
+ <version>0.9.0-SNAPSHOT</version>
</dependency>
<dependency>
Modified:
sling/trunk/bundles/extensions/httpauth/src/main/java/org/apache/sling/httpauth/impl/AuthorizationHeaderAuthenticationHandler.java
URL:
http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/httpauth/src/main/java/org/apache/sling/httpauth/impl/AuthorizationHeaderAuthenticationHandler.java?rev=896362&r1=896361&r2=896362&view=diff
==============================================================================
---
sling/trunk/bundles/extensions/httpauth/src/main/java/org/apache/sling/httpauth/impl/AuthorizationHeaderAuthenticationHandler.java
(original)
+++
sling/trunk/bundles/extensions/httpauth/src/main/java/org/apache/sling/httpauth/impl/AuthorizationHeaderAuthenticationHandler.java
Wed Jan 6 09:49:44 2010
@@ -24,14 +24,13 @@
import java.io.UnsupportedEncodingException;
import java.util.Dictionary;
-import javax.jcr.SimpleCredentials;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
-import org.apache.sling.engine.auth.AuthenticationHandler;
-import org.apache.sling.engine.auth.AuthenticationInfo;
+import org.apache.sling.commons.auth.spi.AuthenticationHandler;
+import org.apache.sling.commons.auth.spi.AuthenticationInfo;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.http.HttpContext;
import org.slf4j.Logger;
@@ -249,6 +248,16 @@
}
/**
+ * Poor man's implementation of dropping the authentication: Simply send
+ * a 401/UNAUTHORIZED response causing the client to immediately drop any
+ * cached credentials.
+ */
+ public void dropAuthentication(HttpServletRequest request,
+ HttpServletResponse response) {
+ sendUnauthorized(response);
+ }
+
+ /**
* Returns true if the {...@link #REQUEST_LOGIN_PARAMETER} parameter is
set in
* the request.
*/
@@ -413,20 +422,22 @@
return null;
}
- SimpleCredentials creds;
- int colIdx = decoded.indexOf(':');
+ final int colIdx = decoded.indexOf(':');
+ final String userId;
+ final char[] password;
if (colIdx < 0) {
- creds = new SimpleCredentials(decoded, new char[0]);
+ userId = decoded;
+ password = new char[0];
} else {
- creds = new SimpleCredentials(decoded.substring(0, colIdx),
- decoded.substring(colIdx + 1).toCharArray());
+ userId = decoded.substring(0, colIdx);
+ password = decoded.substring(colIdx + 1).toCharArray();
}
- if (NOT_LOGGED_IN_USER.equals(creds.getUserID())) {
+ if (NOT_LOGGED_IN_USER.equals(userId)) {
return null;
}
- return new AuthenticationInfo(HttpServletRequest.BASIC_AUTH, creds);
+ return new AuthenticationInfo(HttpServletRequest.BASIC_AUTH, userId,
password);
}
/**
