001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.spring.remoting;
016    
017    import com.liferay.portal.kernel.exception.PwdEncryptorException;
018    import com.liferay.portal.kernel.security.pwd.PasswordEncryptorUtil;
019    import com.liferay.portal.kernel.util.GetterUtil;
020    import com.liferay.portal.kernel.util.StringPool;
021    
022    import java.io.IOException;
023    
024    import java.net.HttpURLConnection;
025    
026    import org.apache.commons.codec.binary.Base64;
027    
028    import org.springframework.remoting.httpinvoker.SimpleHttpInvokerRequestExecutor;
029    
030    /**
031     * <p>
032     * An HttpInvoker request executor for Spring Remoting that provides HTTP BASIC
033     * authentication information for service invocations.
034     * </p>
035     *
036     * @author Joel Kozikowski
037     */
038    public class AuthenticatingHttpInvokerRequestExecutor
039            extends SimpleHttpInvokerRequestExecutor {
040    
041            public String getPassword() {
042                    return _password;
043            }
044    
045            public long getUserId() {
046                    return _userId;
047            }
048    
049            public void setPassword(String password) throws PwdEncryptorException {
050                    _password = PasswordEncryptorUtil.encrypt(password);
051            }
052    
053            public void setUserId(long userId) {
054                    _userId = userId;
055            }
056    
057            /**
058             * Called every time a HTTP invocation is made. This implementation allows
059             * the parent to setup the connection, and then adds an
060             * <code>Authorization</code> HTTP header property for BASIC authentication.
061             */
062            @Override
063            protected void prepareConnection(HttpURLConnection con, int contentLength)
064                    throws IOException {
065    
066                    super.prepareConnection(con, contentLength);
067    
068                    if (getUserId() > 0) {
069                            String password = GetterUtil.getString(getPassword());
070    
071                            String base64 = getUserId() + StringPool.COLON + password;
072    
073                            con.setRequestProperty(
074                                    "Authorization",
075                                    "Basic " + new String(Base64.encodeBase64(base64.getBytes())));
076                    }
077            }
078    
079            private String _password;
080            private long _userId;
081    
082    }