portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tay...@apache.org
Subject svn commit: r391542 - in /portals/jetspeed-2/trunk/components/web-content/src/java/org/apache/jetspeed/portlet: SSOWebContentPortlet.java WebContentPortlet.java
Date Wed, 05 Apr 2006 06:33:00 GMT
Author: taylor
Date: Tue Apr  4 23:32:58 2006
New Revision: 391542

URL: http://svn.apache.org/viewcvs?rev=391542&view=rev
Log:
authentication implemented: Form-based, URL (request params), and Basic
contribution from David Young

Modified:
    portals/jetspeed-2/trunk/components/web-content/src/java/org/apache/jetspeed/portlet/SSOWebContentPortlet.java
    portals/jetspeed-2/trunk/components/web-content/src/java/org/apache/jetspeed/portlet/WebContentPortlet.java

Modified: portals/jetspeed-2/trunk/components/web-content/src/java/org/apache/jetspeed/portlet/SSOWebContentPortlet.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/web-content/src/java/org/apache/jetspeed/portlet/SSOWebContentPortlet.java?rev=391542&r1=391541&r2=391542&view=diff
==============================================================================
--- portals/jetspeed-2/trunk/components/web-content/src/java/org/apache/jetspeed/portlet/SSOWebContentPortlet.java
(original)
+++ portals/jetspeed-2/trunk/components/web-content/src/java/org/apache/jetspeed/portlet/SSOWebContentPortlet.java
Tue Apr  4 23:32:58 2006
@@ -16,6 +16,8 @@
 package org.apache.jetspeed.portlet;
 
 import java.util.Map;
+import java.util.HashMap;
+import java.util.StringTokenizer;
 import java.io.BufferedInputStream;
 import java.io.IOException;
 import java.io.InputStreamReader;
@@ -34,15 +36,25 @@
 import javax.portlet.RenderResponse;
 import javax.security.auth.Subject;
 
-
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.httpclient.Credentials;
 import org.apache.commons.httpclient.HttpClient;
 import org.apache.commons.httpclient.HttpMethod;
 import org.apache.commons.httpclient.HttpState;
+import org.apache.commons.httpclient.NameValuePair;
 import org.apache.commons.httpclient.UsernamePasswordCredentials;
 import org.apache.commons.httpclient.auth.AuthScope;
+import org.apache.commons.httpclient.auth.AuthScheme;
 import org.apache.commons.httpclient.auth.AuthState;
+import org.apache.commons.httpclient.auth.BasicScheme;
+import org.apache.commons.httpclient.methods.GetMethod;
+import org.apache.commons.httpclient.methods.PostMethod;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import org.apache.portals.messaging.PortletMessaging;
+
+import org.apache.jetspeed.rewriter.BasicRewriter;
 import org.apache.jetspeed.rewriter.WebContentRewriter;
 import org.apache.jetspeed.sso.SSOContext;
 import org.apache.jetspeed.sso.SSOException;
@@ -57,27 +69,71 @@
  */
 public class SSOWebContentPortlet extends WebContentPortlet
 {
+    // Constants
+    
+    // sso.type
     public static final String SSO_TYPE = "sso.type";
+    
+    public static final String SSO_TYPE_HTTP = "http";                          // BOZO -
depricate in favor of 'basic'
+    public static final String SSO_TYPE_BASIC = "basic";          
+    public static final String SSO_TYPE_BASIC_PREEMPTIVE = "basic.preemptive";
+    
+    public static final String SSO_TYPE_FORM = "form";
+    public static final String SSO_TYPE_FORM_GET = "form.get";
+    public static final String SSO_TYPE_FORM_POST = "form.post";
+    
     public static final String SSO_TYPE_URL = "url";
     public static final String SSO_TYPE_URL_BASE64 = "url.base64";
-    public static final String SSO_TYPE_HTTP = "http";
+    
     public static final String SSO_TYPE_CERTIFICATE = "certificate";
-    public static final String SSO_TYPE_DEFAULT = SSO_TYPE_HTTP;
     
-    public static final String SSO_TYPE_URL_USERNAME = "sso.url.Principal";
-    public static final String SSO_TYPE_URL_PASSWORD = "sso.url.Credential";
+    public static final String SSO_TYPE_DEFAULT = SSO_TYPE_BASIC;  // handled well even if
nothing but credentials are set (see: doRequestedAuthentication)
+    
+    // ...standardized auth types
+    
+    public static final String BASIC_AUTH_SCHEME_NAME = (new BasicScheme()).getSchemeName();
+
+    // supporting parameters - for various sso types
+    
+    // ...names of query args for sso.type=url|url.base64
+    
+    public static final String SSO_TYPE_URL_USERNAME_PARAM = "sso.url.Principal";
+    public static final String SSO_TYPE_URL_PASSWORD_PARAM = "sso.url.Credential";
+    
+    // ...names of fields for sso.type=form|form.get|form.post
+    
+    public static final String SSO_TYPE_FORM_ACTION_URL = "sso.form.Action";
+    public static final String SSO_TYPE_FORM_ACTION_ARGS = "sso.form.Args";
+    public static final String SSO_TYPE_FORM_USERNAME_FIELD = "sso.form.Principal";
+    public static final String SSO_TYPE_FORM_PASSWORD_FIELD = "sso.form.Credential";
+    
+    // ...tags for passing creditials along on the current request object
     
     public static final String SSO_REQUEST_ATTRIBUTE_USERNAME = "sso.ra.username";
     public static final String SSO_REQUEST_ATTRIBUTE_PASSWORD = "sso.ra.password";
+    
+    // ...field names for EDIT mode
+    
+    public static final String SSO_EDIT_FIELD_PRINCIPAL = "ssoPrincipal";
+    public static final String SSO_EDIT_FIELD_CREDENTIAL = "ssoCredential";
+    
+    // SSOWebContent session variables 
 
-    /*
-     * The constants must be used in your HTML form for the SSO principal and credential
-     */
-    public static final String SSO_FORM_PRINCIPAL = "ssoPrincipal";
-    public static final String SSO_FORM_CREDENTIAL = "ssoCredential";
+    public static final String FORM_AUTH_STATE = "ssowebcontent.form.authstate" ;
+    
+    
+    // Class Data
+    
+    protected final static Log log = LogFactory.getLog(SSOWebContentPortlet.class);
+    
+    
+    // Data Members
     
     private PortletContext context;
     private SSOProvider sso;
+    
+    
+    // Methods
 
     public void init(PortletConfig config) throws PortletException
     {
@@ -95,7 +151,7 @@
     {
         // save the prefs
         super.processAction(request, actionResponse);
-
+  
         String webContentParameter = request.getParameter(WebContentRewriter.ACTION_PARAMETER_URL);
         
         if (webContentParameter == null || request.getPortletMode() == PortletMode.EDIT)
           
@@ -103,8 +159,8 @@
             // processPreferencesAction(request, actionResponse);
             // get the POST params -- requires HTML post params named
             // ssoUserName 
-            String ssoPrincipal = request.getParameter(SSO_FORM_PRINCIPAL);
-            String ssoCredential = request.getParameter(SSO_FORM_CREDENTIAL);        
+            String ssoPrincipal = request.getParameter(SSO_EDIT_FIELD_PRINCIPAL);
+            String ssoCredential = request.getParameter(SSO_EDIT_FIELD_CREDENTIAL);     
  
 
             String site = request.getPreferences().getValue("SRC", "");
             try
@@ -123,6 +179,11 @@
             {
                 throw new PortletException(e);
             }
+            finally
+            {
+                // parameters are for the EDIT mode form, and should not be propagated to
the subsequent GET in doView
+                PortletMessaging.publish(request, CURRENT_URL_PARAMS, new HashMap());
+            }
         }
     }
     
@@ -130,16 +191,14 @@
     throws PortletException, IOException
     {
         String site = request.getPreferences().getValue("SRC", null);
+
         if (site == null)
         {
             // no SRC configured in prefs - switch to SSO Configure View
             request.setAttribute(PARAM_VIEW_PAGE, this.getPortletConfig().getInitParameter(PARAM_EDIT_PAGE));
             setupPreferencesEdit(request, response);
-            super.doView(request, response);
-            return;
         }
-        
-        try
+        else try
         {
             Subject subject = getSubject();                 
             SSOContext context = sso.getCredentials(subject, site);
@@ -173,8 +232,8 @@
             Subject subject = getSubject();                 
             String site = request.getPreferences().getValue("SRC", "");
             SSOContext context = sso.getCredentials(subject, site);
-            getContext(request).put(SSO_FORM_PRINCIPAL, context.getRemotePrincipalName());
-            getContext(request).put(SSO_FORM_CREDENTIAL, context.getRemoteCredential());
+            getContext(request).put(SSO_EDIT_FIELD_PRINCIPAL, context.getRemotePrincipalName());
+            getContext(request).put(SSO_EDIT_FIELD_CREDENTIAL, context.getRemoteCredential());
         }
         catch (SSOException e)
         {
@@ -182,8 +241,8 @@
             {
                 // no credentials configured in SSO store
                 // switch to SSO Configure View
-                getContext(request).put(SSO_FORM_PRINCIPAL, "");
-                getContext(request).put(SSO_FORM_CREDENTIAL, "");
+                getContext(request).put(SSO_EDIT_FIELD_PRINCIPAL, "");
+                getContext(request).put(SSO_EDIT_FIELD_CREDENTIAL, "");
             }
             else
             {
@@ -200,52 +259,187 @@
         return Subject.getSubject(context);         
     }
     
-    public String getURLSource(String src, Map params, RenderRequest request, RenderResponse
response)
+    protected boolean doPreemptiveAuthentication(HttpClient client,HttpMethod method, RenderRequest
request, RenderResponse response)
     {
-        String baseSource = super.getURLSource(src, params, request, response);
+        if ( super.doPreemptiveAuthentication(client, method, request, response))
+        {
+            // already handled
+            return true ;
+        }
+        
+        // System.out.println("SSOWebContentPortlet.doPreemptiveAuthentication...");
         
         PortletPreferences prefs = request.getPreferences();
-        String type = prefs.getValue(SSO_TYPE, SSO_TYPE_DEFAULT);
-        if (type.equals(SSO_TYPE_URL) || type.equals(SSO_TYPE_URL_BASE64))
+        String type = getSingleSignOnAuthType(prefs);
+
+        if (type.equalsIgnoreCase(SSO_TYPE_BASIC_PREEMPTIVE))
         {
-            // set user name and password parameters
-            String userNameParam = prefs.getValue(SSO_TYPE_URL_USERNAME, "user");
-            String passwordParam = prefs.getValue(SSO_TYPE_URL_PASSWORD, "password");
+            // Preemptive, basic authentication
             String userName = (String)request.getAttribute(SSO_REQUEST_ATTRIBUTE_USERNAME);
             if (userName == null) userName = "";
             String password = (String)request.getAttribute(SSO_REQUEST_ATTRIBUTE_PASSWORD);
             if (password == null) password = "";
-            if (type.equals(SSO_TYPE_URL_BASE64))
+            
+            // System.out.println("...performing preemptive basic authentication with userName:
"+userName+", and password: "+password);
+            method.setDoAuthentication(true);
+            method.getHostAuthState().setPreemptive();
+            client.getState().setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(userName,
password));
+            
+            // handled!
+            return true ;
+            
+        }
+        else if (type.startsWith(SSO_TYPE_FORM))
+        {
+            try
+            {
+                Boolean formAuth = (Boolean)PortletMessaging.receive(request, FORM_AUTH_STATE);
+                if (formAuth != null)
+                {
+                    // already been here, done that
+                    return formAuth.booleanValue();
+                }
+                else
+                {
+                    // stop recursion, but assume failure, ...for now
+                    PortletMessaging.publish(request, FORM_AUTH_STATE, Boolean.FALSE);
+                }
+
+                String formAction = prefs.getValue(SSO_TYPE_FORM_ACTION_URL, "");
+                if (formAction == null || formAction.length() == 0)
+                {
+                    log.warn("sso.type specified as 'form', but no: "+SSO_TYPE_FORM_ACTION_URL+",
action was specified - unable to preemptively authenticate by form.");
+                    return false ;
+                }
+                String userNameField = prefs.getValue(SSO_TYPE_FORM_USERNAME_FIELD, "");
+                if (userNameField == null || userNameField.length() == 0)
+                {
+                    log.warn("sso.type specified as 'form', but no: "+SSO_TYPE_FORM_USERNAME_FIELD+",
username field was specified - unable to preemptively authenticate by form.");
+                    return false ;
+                }
+                String passwordField = prefs.getValue(SSO_TYPE_FORM_PASSWORD_FIELD, "password");
+                if (passwordField == null || passwordField.length() == 0)
+                {
+                    log.warn("sso.type specified as 'form', but no: "+SSO_TYPE_FORM_PASSWORD_FIELD+",
password field was specified - unable to preemptively authenticate by form.");
+                    return false ;
+                }
+                
+                String userName = (String)request.getAttribute(SSO_REQUEST_ATTRIBUTE_USERNAME);
+                if (userName == null) userName = "";
+                String password = (String)request.getAttribute(SSO_REQUEST_ATTRIBUTE_PASSWORD);
+                if (password == null) password = "";
+
+                // get submit method
+                int i = type.indexOf('.');
+                String submitMethod = i > 0 ? type.substring(i+1) : "post" ;    // default
to post, since it is a form 
+            
+                // get parameter map
+                HashMap formParams = new HashMap();
+                formParams.put(userNameField,new String[]{ userName });
+                formParams.put(passwordField,new String[]{ password });
+                String formArgs = prefs.getValue(SSO_TYPE_FORM_ACTION_ARGS, "");
+                if (formArgs != null && formArgs.length() > 0)
+                {
+                    StringTokenizer iter = new StringTokenizer(formArgs, ";");
+                    while (iter.hasMoreTokens())
+                    {
+                        String pair = iter.nextToken();
+                        i = pair.indexOf('=') ;
+                        if (i > 0)
+                            formParams.put(pair.substring(0,i), new String[]{pair.substring(i+1)});
+                    }
+                }
+
+                // resuse client - in case new cookies get set - but create a new method
(for the formAction)
+                method = getHttpMethod(client, getURLSource(formAction, formParams, request,
response), formParams, submitMethod, request);
+                // System.out.println("...posting credentials");
+                byte[] result = doHttpWebContent(client, method, 0, request, response) ;
+                boolean success = result != null; 
+                // System.out.println("Result of attempted authorization: "+success);
+                PortletMessaging.publish(request, FORM_AUTH_STATE, Boolean.valueOf(success));
+                return success ;
+            }
+            catch (Exception ex)
+            {
+                // bad
+                log.error("Form-based authentication failed", ex);
+            }
+        }
+        else if (type.equalsIgnoreCase(SSO_TYPE_URL) || type.equalsIgnoreCase(SSO_TYPE_URL_BASE64))
+        {
+            // set user name and password parameters in the HttpMethod
+            String userNameParam = prefs.getValue(SSO_TYPE_URL_USERNAME_PARAM, "");
+            if (userNameParam == null || userNameParam.length() == 0)
+            {
+                log.warn("sso.type specified as 'url', but no: "+SSO_TYPE_URL_USERNAME_PARAM+",
username parameter was specified - unable to preemptively authenticate by URL.");
+                return false ;
+            }
+            String passwordParam = prefs.getValue(SSO_TYPE_URL_PASSWORD_PARAM, "");
+            if (passwordParam == null || passwordParam.length() == 0)
+            {
+                log.warn("sso.type specified as 'url', but no: "+SSO_TYPE_URL_PASSWORD_PARAM+",
password parameter was specified - unable to preemptively authenticate by URL.");
+                return false ;
+            }
+            String userName = (String)request.getAttribute(SSO_REQUEST_ATTRIBUTE_USERNAME);
+            if (userName == null) userName = "";
+            String password = (String)request.getAttribute(SSO_REQUEST_ATTRIBUTE_PASSWORD);
+            if (password == null) password = "";
+            if (type.equalsIgnoreCase(SSO_TYPE_URL_BASE64))
             {
                 Base64 encoder = new Base64() ;
-                userName = new String( encoder.encode( userName.getBytes() ));
-                password = new String( encoder.encode( password.getBytes() ));
+                userName = new String(encoder.encode(userName.getBytes()));
+                password = new String(encoder.encode(password.getBytes()));
+            }
+            
+            // GET and POST accept args differently
+            if ( method instanceof PostMethod )
+            {
+                // add POST data
+                PostMethod postMethod = (PostMethod)method ;
+                postMethod.addParameter(userNameParam, userName);
+                postMethod.addParameter(passwordParam, password);
+            }
+            else
+            {
+                // augment GET query string
+                NameValuePair[] authPairs = new NameValuePair[]{ new NameValuePair(userNameParam,
userName), new NameValuePair(passwordParam, password) } ; 
+                String existingQuery = method.getQueryString() ;
+                method.setQueryString(authPairs);
+                if (existingQuery != null && existingQuery.length() > 0)
+                {
+                    // augment existing query with new auth query
+                    existingQuery = existingQuery + '&' + method.getQueryString();
+                    method.setQueryString(existingQuery);
+                }
             }
             
-            params.put(userNameParam,new String[]{ userName }) ;
-            params.put(passwordParam,new String[]{ password }) ;
+            return true ;
         }
+        // else System.out.println("...sso.type: "+type+", no pre-emptive authentication");
         
-        return baseSource;
+        // not handled
+        return false ;
     }
-    
-    protected boolean doAuthorize(HttpClient client,HttpMethod method, RenderRequest request)
+
+    protected boolean doRequestedAuthentication(HttpClient client,HttpMethod method, RenderRequest
request, RenderResponse response)
     {
-        if ( super.doAuthorize(client, method, request ))
+        if ( super.doRequestedAuthentication(client, method, request, response))
         {
             // already handled
             return true ;
         }
         
-        PortletPreferences prefs = request.getPreferences();
-        String type = prefs.getValue(SSO_TYPE, SSO_TYPE_DEFAULT);
-        if (type.equals(SSO_TYPE_HTTP))
+        // System.out.println("SSOWebContentPortlet.doRequestedAuthentication...");
+        
+        if (method.getHostAuthState().getAuthScheme().getSchemeName().equals(BASIC_AUTH_SCHEME_NAME))
         {
+            // Basic authentication being requested
             String userName = (String)request.getAttribute(SSO_REQUEST_ATTRIBUTE_USERNAME);
             if (userName == null) userName = "";
             String password = (String)request.getAttribute(SSO_REQUEST_ATTRIBUTE_PASSWORD);
             if (password == null) password = "";
             
+            // System.out.println("...providing basic authentication with userName: "+userName+",
and password: "+password);
             method.setDoAuthentication(true);
             AuthState state = method.getHostAuthState();
             AuthScope scope = new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT, state.getRealm(),
state.getAuthScheme().getSchemeName()) ;
@@ -254,8 +448,25 @@
             // handled!
             return true ;
         }
+        else
+        {
+            log.warn("SSOWebContentPortlent.doAuthenticate() - unexpected authentication
scheme: "+method.getHostAuthState().getAuthScheme().getSchemeName());
+        }
 
         // only know how to handle Basic authentication, in this context
         return false;
+    }
+    
+    protected String getSingleSignOnAuthType(PortletPreferences prefs)
+    {
+        String type = prefs.getValue(SSO_TYPE,SSO_TYPE_DEFAULT);
+        
+        if (type != null && type.equalsIgnoreCase(SSO_TYPE_HTTP))
+        {
+            log.warn("sso.type: "+SSO_TYPE_HTTP+", has been deprecated - use: "+SSO_TYPE_BASIC+",
or: "+SSO_TYPE_BASIC_PREEMPTIVE);
+            type = SSO_TYPE_BASIC ;
+        }
+        
+        return type ;
     }
 }

Modified: portals/jetspeed-2/trunk/components/web-content/src/java/org/apache/jetspeed/portlet/WebContentPortlet.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/web-content/src/java/org/apache/jetspeed/portlet/WebContentPortlet.java?rev=391542&r1=391541&r2=391542&view=diff
==============================================================================
--- portals/jetspeed-2/trunk/components/web-content/src/java/org/apache/jetspeed/portlet/WebContentPortlet.java
(original)
+++ portals/jetspeed-2/trunk/components/web-content/src/java/org/apache/jetspeed/portlet/WebContentPortlet.java
Tue Apr  4 23:32:58 2006
@@ -47,6 +47,8 @@
 import org.apache.commons.httpclient.cookie.CookiePolicy;
 import org.apache.commons.httpclient.methods.GetMethod;
 import org.apache.commons.httpclient.methods.PostMethod;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
 import org.apache.jetspeed.rewriter.JetspeedRewriterController;
 import org.apache.jetspeed.rewriter.RewriterController;
 import org.apache.jetspeed.rewriter.RewriterException;
@@ -96,14 +98,12 @@
      * Configuration constants.
      */
     public static final String VIEW_SOURCE_PARAM = "viewSource";
-
     public static final String EDIT_SOURCE_PARAM = "editSource";
 
     /**
      * Default WebContent source attribute members.
      */
     private String defaultViewSource;
-
     private String defaultEditSource;
 
     /**
@@ -123,6 +123,10 @@
     public static final String LAST_WINDOW_STATE = "webcontent.window.last.state";
     public static final String CACHE = "webcontent.cache";
     public static final String HTTP_STATE = "webcontent.http.state";
+    
+    // Class Data
+    
+    protected final static Log log = LogFactory.getLog(WebContentPortlet.class);
 
     /** Default encoding */
     public String defaultEncoding = "UTF-8";
@@ -271,11 +275,18 @@
         String lastWindowState = (String)PortletMessaging.receive(request, LAST_WINDOW_STATE);
 
         // if *everything* is the same, we can use the cache
-        boolean useCache = (lastURL != null && sourceURL.equals(lastURL) &&
lastParams != null && sourceParams != null && sourceParams.equals(lastParams)
&& lastWindowState != null && newWindowState != null && newWindowState.equals(lastWindowState));

-
+        boolean useCache = (lastURL != null && sourceURL.equals(lastURL) &&
lastParams != null && sourceParams != null && sourceParams.equals(lastParams)
&& lastWindowState != null && newWindowState != null && newWindowState.equals(lastWindowState));
+        
         // Set the content type
         response.setContentType("text/html");
         byte[] content = useCache ? (byte[])request.getPortletSession().getAttribute(CACHE,
PortletSession.PORTLET_SCOPE) : null;
+        if (content != null)
+        {
+            // BOZO - no caching until we get everything else worked out (back button, etc)
+            useCache = false;
+            content = null;
+            log.info("WebContentPortlet.doView() - cache available, but is being ignored,
for now.");            
+        }
         if (content == null)
         {
             // System.out.println("WebContentPortlet.doView() >>>fetching content
from: "+sourceURL+", using method: "+sourceMethod+"<<<");
@@ -322,6 +333,7 @@
             // ...set up URL and HttpClient stuff
             HttpClient httpClient = getHttpClient(request) ;
             httpMethod = getHttpMethod(httpClient, getURLSource(sourceAttr, sourceParams,
request, response), sourceParams, sourceMethod, request);
+            doPreemptiveAuthentication(httpClient, httpMethod, request, response);
             return doHttpWebContent(httpClient, httpMethod, 0, request, response);
         }
         catch (PortletException pex)
@@ -347,16 +359,20 @@
         try
         {
             // Get the input stream from the provided httpClient/httpMethod
+            // System.out.println("WebContentPortlet.doHttpWebContent() - from path: "+httpMethod.getPath());
             
             // ...set up URL and HttpClient stuff
             httpClient.executeMethod(httpMethod);
             
             // ...reset base URL with fully resolved path (e.g. if a directory, path will
end with a /, which it may not have in the call to this method)
-            rewriter.setBaseUrl((new URL(new URL(rewriter.getBaseUrl()),httpMethod.getPath())).toString());
+            rewriter.setBaseUrl( rewriter.getBaseRelativeUrl( httpMethod.getPath() )) ;
+            // System.out.println("...reset base URL from final path: "+httpMethod.getPath());
             
             // ...save updated state
             Cookie[] cookies = httpClient.getState().getCookies();
-            PortletMessaging.publish(request, HTTP_STATE, cookies); 
+            PortletMessaging.publish(request, HTTP_STATE, cookies);
+            // System.out.println("...saving: "+(cookies != null ? cookies.length : 0)+",
cookies...");
+            // for(int i=0,limit = cookies != null ? cookies.length : 0; i<limit; i++)
System.out.println("...cookie["+i+"] is: "+cookies[i]);
 
             // ...check for manual redirects
             int responseCode = httpMethod.getStatusCode();
@@ -382,9 +398,7 @@
             {
                 if ( responseCode == 401 )
                 {
-                    // System.out.println("WebContentPortlet.doHttpWebContent() - handling
authorization request");
-                    
-                    if (retryCount++ < 1 && doAuthorize( httpClient, httpMethod,
request))
+                    if (httpMethod.getHostAuthState().isAuthRequested() && retryCount++
< 1 && doRequestedAuthentication( httpClient, httpMethod, request, response))
                     {
                         // try again, now that we are authorizied
                         return doHttpWebContent(httpClient, httpMethod, retryCount, request,
response);
@@ -409,6 +423,8 @@
                 }
             }
             
+            // System.out.println("...response code: "+responseCode+", fetching content as
stream and rewriting.");
+            
             // ...ok - *now* create the input stream and reader
             BufferedInputStream bis = new BufferedInputStream(httpMethod.getResponseBodyAsStream());
             String encoding = ((HttpMethodBase)httpMethod).getResponseCharSet();
@@ -449,7 +465,13 @@
         return source;    
     }
     
-    protected boolean doAuthorize(HttpClient clent,HttpMethod method, RenderRequest request)
+    protected boolean doPreemptiveAuthentication(HttpClient clent,HttpMethod method, RenderRequest
request, RenderResponse response)
+    {
+        // derived class responsibilty - return true, if credentials have been set
+        return false ;
+    }
+    
+    protected boolean doRequestedAuthentication(HttpClient clent,HttpMethod method, RenderRequest
request, RenderResponse response)
     {
         // derived class responsibilty - return true, if credentials have been set
         return false ;



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message