001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.spring.remoting;
016    
017    import com.liferay.portal.PwdEncryptorException;
018    import com.liferay.portal.kernel.util.GetterUtil;
019    import com.liferay.portal.kernel.util.StringPool;
020    import com.liferay.portal.security.pwd.PasswordEncryptorUtil;
021    
022    import java.io.IOException;
023    
024    import java.net.HttpURLConnection;
025    
026    import org.apache.commons.codec.binary.Base64;
027    
028    import org.springframework.remoting.httpinvoker.SimpleHttpInvokerRequestExecutor;
029    
030    /**
031     * <p>
032     * An HttpInvoker request executor for Spring Remoting that provides HTTP BASIC
033     * authentication information for service invocations.
034     * </p>
035     *
036     * @author Joel Kozikowski
037     */
038    public class AuthenticatingHttpInvokerRequestExecutor
039            extends SimpleHttpInvokerRequestExecutor {
040    
041            public AuthenticatingHttpInvokerRequestExecutor() {
042                    super();
043            }
044    
045            public String getPassword() {
046                    return _password;
047            }
048    
049            public long getUserId() {
050                    return _userId;
051            }
052    
053            public void setPassword(String password) throws PwdEncryptorException {
054                    _password = PasswordEncryptorUtil.encrypt(password);
055            }
056    
057            public void setUserId(long userId) {
058                    _userId = userId;
059            }
060    
061            /**
062             * Called every time a HTTP invocation is made. This implementation allows
063             * the parent to setup the connection, and then adds an
064             * <code>Authorization</code> HTTP header property for BASIC authentication.
065             */
066            @Override
067            protected void prepareConnection(HttpURLConnection con, int contentLength)
068                    throws IOException {
069    
070                    super.prepareConnection(con, contentLength);
071    
072                    if (getUserId() > 0) {
073                            String password = GetterUtil.getString(getPassword());
074    
075                            String base64 = getUserId() + StringPool.COLON + password;
076    
077                            con.setRequestProperty(
078                                    "Authorization",
079                                    "Basic " + new String(Base64.encodeBase64(base64.getBytes())));
080                    }
081            }
082    
083            private String _password;
084            private long _userId;
085    
086    }