001
014
015 package com.liferay.portal.security.auth;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.kernel.servlet.HttpHeaders;
020 import com.liferay.portal.kernel.util.MapUtil;
021 import com.liferay.portal.kernel.util.StringBundler;
022 import com.liferay.portal.servlet.filters.secure.NonceUtil;
023 import com.liferay.portal.util.Portal;
024 import com.liferay.portal.util.PortalInstances;
025 import com.liferay.portal.util.PortalUtil;
026
027 import java.util.Properties;
028
029 import javax.servlet.http.HttpServletRequest;
030 import javax.servlet.http.HttpServletResponse;
031
032
035 public class DigestAuthenticationAuthVerifier implements AuthVerifier {
036
037 @Override
038 public String getAuthType() {
039 return HttpServletRequest.DIGEST_AUTH;
040 }
041
042 @Override
043 public AuthVerifierResult verify(
044 AccessControlContext accessControlContext, Properties configuration)
045 throws AuthException {
046
047 try {
048 AuthVerifierResult authVerifierResult = new AuthVerifierResult();
049
050 HttpServletRequest request = accessControlContext.getRequest();
051
052 long userId = PortalUtil.getDigestAuthUserId(request);
053
054 if (userId == 0) {
055
056
057
058 boolean forcedDigestAuth = MapUtil.getBoolean(
059 accessControlContext.getSettings(), "digest_auth");
060
061 if (forcedDigestAuth) {
062 HttpServletResponse response =
063 accessControlContext.getResponse();
064
065
066
067 long companyId = PortalInstances.getCompanyId(request);
068
069 String remoteAddress = request.getRemoteAddr();
070
071 String nonce = NonceUtil.generate(companyId, remoteAddress);
072
073 StringBundler sb = new StringBundler(4);
074
075 sb.append(_DIGEST_REALM);
076 sb.append(", nonce=\"");
077 sb.append(nonce);
078 sb.append("\"");
079
080 response.setHeader(
081 HttpHeaders.WWW_AUTHENTICATE, sb.toString());
082
083 response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
084
085 authVerifierResult.setState(
086 AuthVerifierResult.State.INVALID_CREDENTIALS);
087 }
088
089 return authVerifierResult;
090 }
091
092 authVerifierResult.setState(AuthVerifierResult.State.SUCCESS);
093 authVerifierResult.setUserId(userId);
094
095 return authVerifierResult;
096 }
097 catch (PortalException pe) {
098 throw new AuthException(pe);
099 }
100 catch (SystemException se) {
101 throw new AuthException(se);
102 }
103 }
104
105 private static final String _DIGEST_REALM =
106 "Digest realm=\"" + Portal.PORTAL_REALM + "\"";
107
108 }