alvinalexander.com | career | drupal | java | mac | mysql | perl | scala | uml | unix  
/*
 * $Header: /home/cvs/jakarta-commons/httpclient/src/test-webapp/src/org/apache/commons/httpclient/BasicAuthServlet.java,v 1.4 2003/01/23 22:48:49 jsdever Exp $
 * $Revision: 1.4 $
 * $Date: 2003/01/23 22:48:49 $
 * ====================================================================
 *
 * The Apache Software License, Version 1.1
 *
 * Copyright (c) 1999-2003 The Apache Software Foundation.  All rights
 * reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. The end-user documentation included with the redistribution, if
 *    any, must include the following acknowlegement:
 *       "This product includes software developed by the
 *        Apache Software Foundation (http://www.apache.org/)."
 *    Alternately, this acknowlegement may appear in the software itself,
 *    if and wherever such third-party acknowlegements normally appear.
 *
 * 4. The names "The Jakarta Project", "Tomcat", and "Apache Software
 *    Foundation" must not be used to endorse or promote products derived
 *    from this software without prior written permission. For written
 *    permission, please contact apache@apache.org.
 *
 * 5. Products derived from this software may not be called "Apache"
 *    nor may "Apache" appear in their names without prior written
 *    permission of the Apache Group.
 *
 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 * DISCLAIMED.  IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * ====================================================================
 *
 * This software consists of voluntary contributions made by many
 * individuals on behalf of the Apache Software Foundation.  For more
 * information on the Apache Software Foundation, please see
 * .
 *
 * [Additional notices, if required by prior licensing conditions]
 *
 */

package org.apache.commons.httpclient;

import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import java.util.*;

public class BasicAuthServlet extends MultiMethodServlet {
    // rather then make this servlet depend upon a base64 impl,
    // we'll just hard code some base64 encodings
    private static final HashMap creds = new HashMap();
    static {
        creds.put("dW5hbWU6cGFzc3dk","uname:passwd");
        creds.put("amFrYXJ0YTpjb21tb25z","jakarta:commons");
        creds.put("amFrYXJ0YS5hcGFjaGUub3JnL2NvbW1vbnM6aHR0cGNsaWVudA==","jakarta.apache.org/commons:httpclient");
    }

    protected void genericService(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
        String auth = request.getHeader("authorization");
        if(null == auth) {
            sendUnauthenticated(request, response);
        } else {
            String role = (String)(creds.get(auth.substring("basic ".length(),auth.length())));
            if(null == role) {
                sendUnauthorized(request, response, auth);
            } else {
                sendAuthorized(request, response, role);
            }
        }
    }

    protected void doHead(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        String auth = request.getHeader("authorization");
        if(null == auth) {
            sendUnauthenticated(request, response);
        } else {
            String role = (String)(creds.get(auth.substring("basic ".length(),auth.length())));
            if(null == role) {
                sendUnauthorized(request, response, auth);
            }
        }
    }

    private void sendUnauthenticated(HttpServletRequest request, HttpServletResponse response) throws IOException {
        response.setStatus(response.SC_UNAUTHORIZED);
        response.addHeader("www-authenticate","Basic realm=\"BasicAuthServlet\"");
        PrintWriter out = response.getWriter();
        response.setContentType("text/html");
        out.println("");
        out.println("BasicAuth Servlet: " + request.getMethod() + "");
        out.println("");
        out.println("

This is a response to an HTTP " + request.getMethod() + " request.

"); out.println("

Not authorized.

"); out.println(""); out.println(""); } private void sendUnauthorized(HttpServletRequest request, HttpServletResponse response, String auth) throws IOException { response.setStatus(response.SC_UNAUTHORIZED); response.addHeader("www-authenticate","Basic realm=\"BasicAuthServlet\""); PrintWriter out = response.getWriter(); response.setContentType("text/html"); out.println(""); out.println("BasicAuth Servlet: " + request.getMethod() + ""); out.println(""); out.println("

This is a response to an HTTP " + request.getMethod() + " request.

"); out.println("

Not authorized. \"" + auth + "\" not recognized.

"); out.println(""); out.println(""); } private void sendAuthorized(HttpServletRequest request, HttpServletResponse response, String role) throws IOException { response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println(""); out.println("BasicAuth Servlet: " + request.getMethod() + ""); out.println(""); out.println("

This is a response to an HTTP " + request.getMethod() + " request.

"); out.println("

You have authenticated as \"" + role + "\"

"); out.println(""); out.println(""); } }
... this post is sponsored by my books ...

#1 New Release!

FP Best Seller

 

new blog posts

 

Copyright 1998-2024 Alvin Alexander, alvinalexander.com
All Rights Reserved.

A percentage of advertising revenue from
pages under the /java/jwarehouse URI on this website is
paid back to open source projects.