001
014
015 package com.liferay.portal.security.auth;
016
017 import com.liferay.portal.kernel.exception.PortalException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.kernel.servlet.HttpHeaders;
020 import com.liferay.portal.kernel.util.MapUtil;
021 import com.liferay.portal.kernel.util.StringBundler;
022 import com.liferay.portal.servlet.filters.secure.NonceUtil;
023 import com.liferay.portal.util.Portal;
024 import com.liferay.portal.util.PortalInstances;
025 import com.liferay.portal.util.PortalUtil;
026
027 import java.util.Properties;
028
029 import javax.servlet.http.HttpServletRequest;
030 import javax.servlet.http.HttpServletResponse;
031
032
035 public class DigestAuthenticationAuthVerifier implements AuthVerifier {
036
037 public String getAuthType() {
038 return HttpServletRequest.DIGEST_AUTH;
039 }
040
041 public AuthVerifierResult verify(
042 AccessControlContext accessControlContext, Properties configuration)
043 throws AuthException {
044
045 try {
046 AuthVerifierResult authVerifierResult = new AuthVerifierResult();
047
048 HttpServletRequest request = accessControlContext.getRequest();
049
050 long userId = PortalUtil.getDigestAuthUserId(request);
051
052 if (userId == 0) {
053
054
055
056 boolean forcedDigestAuth = MapUtil.getBoolean(
057 accessControlContext.getSettings(), "digest_auth");
058
059 if (forcedDigestAuth) {
060 HttpServletResponse response =
061 accessControlContext.getResponse();
062
063
064
065 long companyId = PortalInstances.getCompanyId(request);
066
067 String remoteAddress = request.getRemoteAddr();
068
069 String nonce = NonceUtil.generate(companyId, remoteAddress);
070
071 StringBundler sb = new StringBundler(4);
072
073 sb.append(_DIGEST_REALM);
074 sb.append(", nonce=\"");
075 sb.append(nonce);
076 sb.append("\"");
077
078 response.setHeader(
079 HttpHeaders.WWW_AUTHENTICATE, sb.toString());
080
081 response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
082
083 authVerifierResult.setState(
084 AuthVerifierResult.State.INVALID_CREDENTIALS);
085 }
086
087 return authVerifierResult;
088 }
089
090 authVerifierResult.setState(AuthVerifierResult.State.SUCCESS);
091 authVerifierResult.setUserId(userId);
092
093 return authVerifierResult;
094 }
095 catch (PortalException e) {
096 throw new AuthException(e);
097 }
098 catch (SystemException e) {
099 throw new AuthException(e);
100 }
101 }
102
103 private static final String _DIGEST_REALM =
104 "Digest realm=\"" + Portal.PORTAL_REALM + "\"";
105
106 }