001 package com.khubla.pragmatach.framework.filter;
002
003 import java.io.IOException;
004
005 import javax.servlet.Filter;
006 import javax.servlet.FilterChain;
007 import javax.servlet.FilterConfig;
008 import javax.servlet.ServletException;
009 import javax.servlet.ServletRequest;
010 import javax.servlet.ServletResponse;
011 import javax.servlet.http.HttpServletRequest;
012 import javax.servlet.http.HttpServletResponse;
013
014 import org.apache.commons.codec.Charsets;
015 import org.apache.commons.codec.binary.Base64;
016 import org.apache.commons.lang.StringUtils;
017
018 import com.khubla.pragmatach.framework.api.PragmatachException;
019 import com.khubla.pragmatach.framework.application.Application;
020
021 /**
022 * @author tome
023 */
024 public class BasicAuthenticationFilter implements Filter {
025 /**
026 * realm
027 */
028 private String realm = null;
029 /**
030 * config values
031 */
032 private final static String APPLICATIONUSER = "pragmatach.applicationuser";
033 private final static String APPLICATIONPASSWORD = "pragmatach.applicationpassword";
034 private final static String APPLICATIONREALM = "pragmatach.applicationrealm";
035
036 /**
037 * authenticate
038 */
039 private boolean authenticate(String username, String password) throws PragmatachException {
040 try {
041 final String applicationUserId = Application.getConfiguration().getParameter(APPLICATIONUSER);
042 final String applicationPassword = Application.getConfiguration().getParameter(APPLICATIONPASSWORD);
043 if (null != applicationUserId) {
044 if ((null != username) && (null != password) && (null != applicationPassword)) {
045 if ((username.compareTo(applicationUserId) == 0) && (password.compareTo(applicationPassword) == 0)) {
046 return true;
047 } else {
048 /*
049 * mismatch
050 */
051 return false;
052 }
053 } else {
054 /*
055 * nulls, no good
056 */
057 return false;
058 }
059 } else {
060 /*
061 * no userid; auth always works
062 */
063 return true;
064 }
065 } catch (final Exception e) {
066 throw new PragmatachException("Exception in authenticate", e);
067 }
068 }
069
070 @Override
071 public void destroy() {
072 }
073
074 @Override
075 public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
076 try {
077 /*
078 * upcast
079 */
080 final HttpServletRequest httpRequest = (HttpServletRequest) servletRequest;
081 final HttpServletResponse httpResponse = (HttpServletResponse) servletResponse;
082 /*
083 * there is an application userid?
084 */
085 if (null != Application.getConfiguration().getParameter(APPLICATIONUSER)) {
086 /*
087 * get the header
088 */
089 final String auth = httpRequest.getHeader("Authorization");
090 if (auth != null) {
091 final int index = auth.indexOf(' ');
092 if (index > 0) {
093 final String[] credentials = StringUtils.split(new String(Base64.decodeBase64(auth.substring(index)), Charsets.UTF_8), ':');
094 if (true == authenticate(credentials[0], credentials[1])) {
095 /*
096 * keep going
097 */
098 filterChain.doFilter(httpRequest, httpResponse);
099 return;
100 }
101 }
102 }
103 httpResponse.setHeader("WWW-Authenticate", "Basic realm=\"" + realm + "\"");
104 httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
105 } else {
106 filterChain.doFilter(httpRequest, httpResponse);
107 return;
108 }
109 } catch (final Exception e) {
110 throw new ServletException("Exception in doFilter", e);
111 }
112 }
113
114 @Override
115 public void init(FilterConfig filterConfig) throws ServletException {
116 try {
117 realm = Application.getConfiguration().getParameter(APPLICATIONREALM);
118 if (realm == null) {
119 realm = "pragmatach";
120 }
121 } catch (final Exception e) {
122 throw new ServletException("Exception in init", e);
123 }
124 }
125 }