hg/stx-libjava: examples/tomcat6/apache-tomcat-6.0.35-src/java/org/apache/catalina/authenticator/DigestAuthenticator.java@df11bb428463 (annotated)

2353 fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	1	/*
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	2	* Licensed to the Apache Software Foundation (ASF) under one or more
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	3	* contributor license agreements. See the NOTICE file distributed with
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	4	* this work for additional information regarding copyright ownership.
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	5	* The ASF licenses this file to You under the Apache License, Version 2.0
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	6	* (the "License"); you may not use this file except in compliance with
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	7	* the License. You may obtain a copy of the License at
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	8	*
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	9	* http://www.apache.org/licenses/LICENSE-2.0
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	10	*
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	11	* Unless required by applicable law or agreed to in writing, software
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	12	* distributed under the License is distributed on an "AS IS" BASIS,
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	13	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	14	* See the License for the specific language governing permissions and
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	15	* limitations under the License.
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	16	*/
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	17
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	18
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	19	package org.apache.catalina.authenticator;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	20
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	21
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	22	import java.io.IOException;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	23	import java.security.MessageDigest;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	24	import java.security.NoSuchAlgorithmException;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	25	import java.security.Principal;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	26	import java.util.LinkedHashMap;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	27	import java.util.Map;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	28	import java.util.StringTokenizer;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	29
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	30	import javax.servlet.http.HttpServletResponse;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	31
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	32
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	33	import org.apache.catalina.LifecycleException;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	34	import org.apache.catalina.Realm;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	35	import org.apache.catalina.connector.Request;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	36	import org.apache.catalina.connector.Response;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	37	import org.apache.catalina.deploy.LoginConfig;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	38	import org.apache.catalina.util.MD5Encoder;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	39	import org.apache.juli.logging.Log;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	40	import org.apache.juli.logging.LogFactory;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	41
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	42
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	43
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	44	/**
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	45	* An <b>Authenticator</b> and <b>Valve</b> implementation of HTTP DIGEST
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	46	* Authentication (see RFC 2069).
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	47	*
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	48	* @author Craig R. McClanahan
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	49	* @author Remy Maucherat
3412 df11bb428463 Merged with mercurial revision 4f3cc813be4 (8 changesets total) Jan Vrany <jan.vrany@fit.cvut.cz> parents: 3360 diff changeset	50	* @version $Id: DigestAuthenticator.java,v 1.5 2015-03-20 12:08:03 vrany Exp $
2353 fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	51	*/
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	52
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	53	public class DigestAuthenticator extends AuthenticatorBase {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	54
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	55	private static Log log = LogFactory.getLog(DigestAuthenticator.class);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	56
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	57
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	58	// -------------------------------------------------------------- Constants
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	59
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	60	/**
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	61	* The MD5 helper object for this class.
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	62	*/
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	63	protected static final MD5Encoder md5Encoder = new MD5Encoder();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	64
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	65
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	66	/**
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	67	* Descriptive information about this implementation.
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	68	*/
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	69	protected static final String info =
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	70	"org.apache.catalina.authenticator.DigestAuthenticator/1.0";
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	71
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	72
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	73	/**
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	74	* Tomcat's DIGEST implementation only supports auth quality of protection.
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	75	*/
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	76	protected static final String QOP = "auth";
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	77
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	78	// ----------------------------------------------------------- Constructors
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	79
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	80
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	81	public DigestAuthenticator() {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	82	super();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	83	try {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	84	if (md5Helper == null)
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	85	md5Helper = MessageDigest.getInstance("MD5");
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	86	} catch (NoSuchAlgorithmException e) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	87	e.printStackTrace();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	88	throw new IllegalStateException();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	89	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	90	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	91
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	92
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	93	// ----------------------------------------------------- Instance Variables
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	94
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	95
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	96	/**
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	97	* MD5 message digest provider.
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	98	*/
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	99	protected static MessageDigest md5Helper;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	100
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	101
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	102	/**
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	103	* List of client nonce values currently being tracked
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	104	*/
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	105	protected Map<String,NonceInfo> cnonces;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	106
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	107
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	108	/**
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	109	* Maximum number of client nonces to keep in the cache. If not specified,
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	110	* the default value of 1000 is used.
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	111	*/
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	112	protected int cnonceCacheSize = 1000;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	113
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	114
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	115	/**
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	116	* Private key.
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	117	*/
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	118	protected String key = null;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	119
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	120
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	121	/**
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	122	* How long server nonces are valid for in milliseconds. Defaults to 5
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	123	* minutes.
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	124	*/
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	125	protected long nonceValidity = 5 * 60 * 1000;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	126
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	127
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	128	/**
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	129	* Opaque string.
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	130	*/
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	131	protected String opaque;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	132
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	133
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	134	/**
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	135	* Should the URI be validated as required by RFC2617? Can be disabled in
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	136	* reverse proxies where the proxy has modified the URI.
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	137	*/
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	138	protected boolean validateUri = true;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	139
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	140	// ------------------------------------------------------------- Properties
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	141
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	142	/**
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	143	* Return descriptive information about this Valve implementation.
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	144	*/
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	145	@Override
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	146	public String getInfo() {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	147
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	148	return (info);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	149
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	150	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	151
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	152
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	153	public int getCnonceCacheSize() {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	154	return cnonceCacheSize;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	155	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	156
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	157
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	158	public void setCnonceCacheSize(int cnonceCacheSize) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	159	this.cnonceCacheSize = cnonceCacheSize;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	160	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	161
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	162
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	163	public String getKey() {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	164	return key;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	165	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	166
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	167
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	168	public void setKey(String key) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	169	this.key = key;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	170	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	171
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	172
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	173	public long getNonceValidity() {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	174	return nonceValidity;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	175	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	176
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	177
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	178	public void setNonceValidity(long nonceValidity) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	179	this.nonceValidity = nonceValidity;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	180	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	181
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	182
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	183	public String getOpaque() {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	184	return opaque;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	185	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	186
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	187
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	188	public void setOpaque(String opaque) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	189	this.opaque = opaque;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	190	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	191
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	192
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	193	public boolean isValidateUri() {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	194	return validateUri;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	195	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	196
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	197
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	198	public void setValidateUri(boolean validateUri) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	199	this.validateUri = validateUri;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	200	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	201
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	202
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	203	// --------------------------------------------------------- Public Methods
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	204
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	205	/**
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	206	* Authenticate the user making this request, based on the specified
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	207	* login configuration. Return <code>true</code> if any specified
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	208	* constraint has been satisfied, or <code>false</code> if we have
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	209	* created a response challenge already.
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	210	*
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	211	* @param request Request we are processing
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	212	* @param response Response we are creating
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	213	* @param config Login configuration describing how authentication
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	214	* should be performed
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	215	*
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	216	* @exception IOException if an input/output error occurs
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	217	*/
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	218	@Override
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	219	public boolean authenticate(Request request,
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	220	Response response,
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	221	LoginConfig config)
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	222	throws IOException {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	223
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	224	// Have we already authenticated someone?
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	225	Principal principal = request.getUserPrincipal();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	226	//String ssoId = (String) request.getNote(Constants.REQ_SSOID_NOTE);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	227	if (principal != null) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	228	if (log.isDebugEnabled())
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	229	log.debug("Already authenticated '" + principal.getName() + "'");
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	230	// Associate the session with any existing SSO session in order
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	231	// to get coordinated session invalidation at logout
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	232	String ssoId = (String) request.getNote(Constants.REQ_SSOID_NOTE);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	233	if (ssoId != null)
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	234	associate(ssoId, request.getSessionInternal(true));
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	235	return (true);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	236	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	237
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	238	// NOTE: We don't try to reauthenticate using any existing SSO session,
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	239	// because that will only work if the original authentication was
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	240	// BASIC or FORM, which are less secure than the DIGEST auth-type
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	241	// specified for this webapp
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	242	//
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	243	// Uncomment below to allow previous FORM or BASIC authentications
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	244	// to authenticate users for this webapp
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	245	// TODO make this a configurable attribute (in SingleSignOn??)
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	246	/*
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	247	// Is there an SSO session against which we can try to reauthenticate?
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	248	if (ssoId != null) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	249	if (log.isDebugEnabled())
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	250	log.debug("SSO Id " + ssoId + " set; attempting " +
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	251	"reauthentication");
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	252	// Try to reauthenticate using data cached by SSO. If this fails,
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	253	// either the original SSO logon was of DIGEST or SSL (which
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	254	// we can't reauthenticate ourselves because there is no
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	255	// cached username and password), or the realm denied
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	256	// the user's reauthentication for some reason.
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	257	// In either case we have to prompt the user for a logon
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	258	if (reauthenticateFromSSO(ssoId, request))
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	259	return true;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	260	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	261	*/
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	262
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	263	// Validate any credentials already included with this request
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	264	String authorization = request.getHeader("authorization");
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	265	DigestInfo digestInfo = new DigestInfo(getOpaque(), getNonceValidity(),
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	266	getKey(), cnonces, isValidateUri());
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	267	if (authorization != null) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	268	if (digestInfo.validate(request, authorization, config)) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	269	principal = digestInfo.authenticate(context.getRealm());
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	270	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	271
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	272	if (principal != null) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	273	String username = parseUsername(authorization);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	274	register(request, response, principal,
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	275	Constants.DIGEST_METHOD,
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	276	username, null);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	277	return (true);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	278	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	279	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	280
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	281	// Send an "unauthorized" response and an appropriate challenge
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	282
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	283	// Next, generate a nonce token (that is a token which is supposed
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	284	// to be unique).
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	285	String nonce = generateNonce(request);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	286
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	287	setAuthenticateHeader(request, response, config, nonce,
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	288	digestInfo.isNonceStale());
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	289	response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	290	// hres.flushBuffer();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	291	return (false);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	292
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	293	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	294
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	295
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	296	// ------------------------------------------------------ Protected Methods
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	297
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	298
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	299	/**
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	300	* Parse the username from the specified authorization string. If none
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	301	* can be identified, return <code>null</code>
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	302	*
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	303	* @param authorization Authorization string to be parsed
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	304	*/
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	305	protected String parseUsername(String authorization) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	306
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	307	// Validate the authorization credentials format
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	308	if (authorization == null)
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	309	return (null);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	310	if (!authorization.startsWith("Digest "))
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	311	return (null);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	312	authorization = authorization.substring(7).trim();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	313
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	314	StringTokenizer commaTokenizer =
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	315	new StringTokenizer(authorization, ",");
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	316
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	317	while (commaTokenizer.hasMoreTokens()) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	318	String currentToken = commaTokenizer.nextToken();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	319	int equalSign = currentToken.indexOf('=');
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	320	if (equalSign < 0)
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	321	return null;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	322	String currentTokenName =
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	323	currentToken.substring(0, equalSign).trim();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	324	String currentTokenValue =
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	325	currentToken.substring(equalSign + 1).trim();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	326	if ("username".equals(currentTokenName))
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	327	return (removeQuotes(currentTokenValue));
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	328	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	329
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	330	return (null);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	331
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	332	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	333
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	334
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	335	/**
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	336	* Removes the quotes on a string. RFC2617 states quotes are optional for
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	337	* all parameters except realm.
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	338	*/
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	339	protected static String removeQuotes(String quotedString,
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	340	boolean quotesRequired) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	341	//support both quoted and non-quoted
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	342	if (quotedString.length() > 0 && quotedString.charAt(0) != '"' &&
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	343	!quotesRequired) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	344	return quotedString;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	345	} else if (quotedString.length() > 2) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	346	return quotedString.substring(1, quotedString.length() - 1);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	347	} else {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	348	return new String();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	349	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	350	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	351
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	352	/**
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	353	* Removes the quotes on a string.
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	354	*/
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	355	protected static String removeQuotes(String quotedString) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	356	return removeQuotes(quotedString, false);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	357	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	358
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	359	/**
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	360	* Generate a unique token. The token is generated according to the
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	361	* following pattern. NOnceToken = Base64 ( MD5 ( client-IP ":"
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	362	* time-stamp ":" private-key ) ).
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	363	*
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	364	* @param request HTTP Servlet request
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	365	*/
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	366	protected String generateNonce(Request request) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	367
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	368	long currentTime = System.currentTimeMillis();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	369
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	370
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	371	String ipTimeKey =
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	372	request.getRemoteAddr() + ":" + currentTime + ":" + getKey();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	373
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	374	byte[] buffer;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	375	synchronized (md5Helper) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	376	buffer = md5Helper.digest(ipTimeKey.getBytes());
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	377	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	378
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	379	return currentTime + ":" + md5Encoder.encode(buffer);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	380	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	381
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	382
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	383	/**
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	384	* Generates the WWW-Authenticate header.
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	385	* <p>
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	386	* The header MUST follow this template :
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	387	* <pre>
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	388	* WWW-Authenticate = "WWW-Authenticate" ":" "Digest"
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	389	* digest-challenge
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	390	*
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	391	* digest-challenge = 1#( realm \| [ domain ] \| nonce \|
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	392	* [ digest-opaque ] \|[ stale ] \| [ algorithm ] )
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	393	*
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	394	* realm = "realm" "=" realm-value
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	395	* realm-value = quoted-string
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	396	* domain = "domain" "=" <"> 1#URI <">
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	397	* nonce = "nonce" "=" nonce-value
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	398	* nonce-value = quoted-string
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	399	* opaque = "opaque" "=" quoted-string
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	400	* stale = "stale" "=" ( "true" \| "false" )
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	401	* algorithm = "algorithm" "=" ( "MD5" \| token )
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	402	* </pre>
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	403	*
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	404	* @param request HTTP Servlet request
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	405	* @param response HTTP Servlet response
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	406	* @param config Login configuration describing how authentication
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	407	* should be performed
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	408	* @param nonce nonce token
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	409	*/
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	410	protected void setAuthenticateHeader(Request request,
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	411	Response response,
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	412	LoginConfig config,
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	413	String nonce,
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	414	boolean isNonceStale) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	415
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	416	// Get the realm name
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	417	String realmName = config.getRealmName();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	418	if (realmName == null)
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	419	realmName = REALM_NAME;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	420
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	421	String authenticateHeader;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	422	if (isNonceStale) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	423	authenticateHeader = "Digest realm=\"" + realmName + "\", " +
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	424	"qop=\"" + QOP + "\", nonce=\"" + nonce + "\", " + "opaque=\"" +
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	425	getOpaque() + "\", stale=true";
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	426	} else {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	427	authenticateHeader = "Digest realm=\"" + realmName + "\", " +
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	428	"qop=\"" + QOP + "\", nonce=\"" + nonce + "\", " + "opaque=\"" +
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	429	getOpaque() + "\"";
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	430	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	431
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	432	response.setHeader("WWW-Authenticate", authenticateHeader);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	433
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	434	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	435
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	436
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	437	// ------------------------------------------------------- Lifecycle Methods
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	438
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	439	@Override
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	440	public void start() throws LifecycleException {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	441	super.start();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	442
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	443	// Generate a random secret key
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	444	if (getKey() == null) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	445	setKey(generateSessionId());
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	446	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	447
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	448	// Generate the opaque string the same way
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	449	if (getOpaque() == null) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	450	setOpaque(generateSessionId());
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	451	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	452
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	453	cnonces = new LinkedHashMap<String, DigestAuthenticator.NonceInfo>() {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	454
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	455	private static final long serialVersionUID = 1L;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	456	private static final long LOG_SUPPRESS_TIME = 5 * 60 * 1000;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	457
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	458	private long lastLog = 0;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	459
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	460	@Override
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	461	protected boolean removeEldestEntry(
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	462	Map.Entry<String,NonceInfo> eldest) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	463	// This is called from a sync so keep it simple
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	464	long currentTime = System.currentTimeMillis();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	465	if (size() > getCnonceCacheSize()) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	466	if (lastLog < currentTime &&
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	467	currentTime - eldest.getValue().getTimestamp() <
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	468	getNonceValidity()) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	469	// Replay attack is possible
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	470	log.warn(sm.getString(
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	471	"digestAuthenticator.cacheRemove"));
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	472	lastLog = currentTime + LOG_SUPPRESS_TIME;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	473	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	474	return true;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	475	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	476	return false;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	477	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	478	};
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	479	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	480
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	481	private static class DigestInfo {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	482
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	483	private String opaque;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	484	private long nonceValidity;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	485	private String key;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	486	private Map<String,NonceInfo> cnonces;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	487	private boolean validateUri = true;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	488
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	489	private String userName = null;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	490	private String method = null;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	491	private String uri = null;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	492	private String response = null;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	493	private String nonce = null;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	494	private String nc = null;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	495	private String cnonce = null;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	496	private String realmName = null;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	497	private String qop = null;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	498
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	499	private boolean nonceStale = false;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	500
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	501
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	502	public DigestInfo(String opaque, long nonceValidity, String key,
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	503	Map<String,NonceInfo> cnonces, boolean validateUri) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	504	this.opaque = opaque;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	505	this.nonceValidity = nonceValidity;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	506	this.key = key;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	507	this.cnonces = cnonces;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	508	this.validateUri = validateUri;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	509	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	510
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	511	public boolean validate(Request request, String authorization,
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	512	LoginConfig config) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	513	// Validate the authorization credentials format
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	514	if (authorization == null) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	515	return false;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	516	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	517	if (!authorization.startsWith("Digest ")) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	518	return false;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	519	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	520	authorization = authorization.substring(7).trim();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	521
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	522	// Bugzilla 37132: http://issues.apache.org/bugzilla/show_bug.cgi?id=37132
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	523	String[] tokens = authorization.split(",(?=(?:[^\"]\"[^\"]\")+$)");
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	524
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	525	method = request.getMethod();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	526	String opaque = null;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	527
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	528	for (int i = 0; i < tokens.length; i++) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	529	String currentToken = tokens[i];
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	530	if (currentToken.length() == 0)
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	531	continue;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	532
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	533	int equalSign = currentToken.indexOf('=');
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	534	if (equalSign < 0) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	535	return false;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	536	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	537	String currentTokenName =
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	538	currentToken.substring(0, equalSign).trim();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	539	String currentTokenValue =
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	540	currentToken.substring(equalSign + 1).trim();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	541	if ("username".equals(currentTokenName))
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	542	userName = removeQuotes(currentTokenValue);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	543	if ("realm".equals(currentTokenName))
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	544	realmName = removeQuotes(currentTokenValue, true);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	545	if ("nonce".equals(currentTokenName))
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	546	nonce = removeQuotes(currentTokenValue);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	547	if ("nc".equals(currentTokenName))
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	548	nc = removeQuotes(currentTokenValue);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	549	if ("cnonce".equals(currentTokenName))
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	550	cnonce = removeQuotes(currentTokenValue);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	551	if ("qop".equals(currentTokenName))
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	552	qop = removeQuotes(currentTokenValue);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	553	if ("uri".equals(currentTokenName))
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	554	uri = removeQuotes(currentTokenValue);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	555	if ("response".equals(currentTokenName))
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	556	response = removeQuotes(currentTokenValue);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	557	if ("opaque".equals(currentTokenName))
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	558	opaque = removeQuotes(currentTokenValue);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	559	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	560
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	561	if ( (userName == null) \|\| (realmName == null) \|\| (nonce == null)
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	562	\|\| (uri == null) \|\| (response == null) ) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	563	return false;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	564	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	565
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	566	// Validate the URI - should match the request line sent by client
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	567	if (validateUri) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	568	String uriQuery;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	569	String query = request.getQueryString();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	570	if (query == null) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	571	uriQuery = request.getRequestURI();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	572	} else {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	573	uriQuery = request.getRequestURI() + "?" + query;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	574	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	575	if (!uri.equals(uriQuery)) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	576	return false;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	577	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	578	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	579
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	580	// Validate the Realm name
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	581	String lcRealm = config.getRealmName();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	582	if (lcRealm == null) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	583	lcRealm = REALM_NAME;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	584	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	585	if (!lcRealm.equals(realmName)) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	586	return false;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	587	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	588
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	589	// Validate the opaque string
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	590	if (!this.opaque.equals(opaque)) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	591	return false;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	592	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	593
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	594	// Validate nonce
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	595	int i = nonce.indexOf(":");
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	596	if (i < 0 \|\| (i + 1) == nonce.length()) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	597	return false;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	598	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	599	long nonceTime;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	600	try {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	601	nonceTime = Long.parseLong(nonce.substring(0, i));
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	602	} catch (NumberFormatException nfe) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	603	return false;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	604	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	605	String md5clientIpTimeKey = nonce.substring(i + 1);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	606	long currentTime = System.currentTimeMillis();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	607	if ((currentTime - nonceTime) > nonceValidity) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	608	nonceStale = true;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	609	return false;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	610	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	611	String serverIpTimeKey =
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	612	request.getRemoteAddr() + ":" + nonceTime + ":" + key;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	613	byte[] buffer = null;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	614	synchronized (md5Helper) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	615	buffer = md5Helper.digest(serverIpTimeKey.getBytes());
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	616	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	617	String md5ServerIpTimeKey = md5Encoder.encode(buffer);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	618	if (!md5ServerIpTimeKey.equals(md5clientIpTimeKey)) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	619	return false;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	620	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	621
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	622	// Validate qop
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	623	if (qop != null && !QOP.equals(qop)) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	624	return false;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	625	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	626
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	627	// Validate cnonce and nc
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	628	// Check if presence of nc and nonce is consistent with presence of qop
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	629	if (qop == null) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	630	if (cnonce != null \|\| nc != null) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	631	return false;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	632	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	633	} else {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	634	if (cnonce == null \|\| nc == null) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	635	return false;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	636	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	637	if (nc.length() != 8) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	638	return false;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	639	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	640	long count;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	641	try {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	642	count = Long.parseLong(nc, 16);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	643	} catch (NumberFormatException nfe) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	644	return false;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	645	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	646	NonceInfo info;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	647	synchronized (cnonces) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	648	info = cnonces.get(cnonce);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	649	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	650	if (info == null) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	651	info = new NonceInfo();
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	652	} else {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	653	if (count <= info.getCount()) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	654	return false;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	655	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	656	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	657	info.setCount(count);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	658	info.setTimestamp(currentTime);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	659	synchronized (cnonces) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	660	cnonces.put(cnonce, info);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	661	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	662	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	663	return true;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	664	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	665
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	666	public boolean isNonceStale() {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	667	return nonceStale;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	668	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	669
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	670	public Principal authenticate(Realm realm) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	671	// Second MD5 digest used to calculate the digest :
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	672	// MD5(Method + ":" + uri)
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	673	String a2 = method + ":" + uri;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	674
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	675	byte[] buffer;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	676	synchronized (md5Helper) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	677	buffer = md5Helper.digest(a2.getBytes());
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	678	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	679	String md5a2 = md5Encoder.encode(buffer);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	680
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	681	return realm.authenticate(userName, response, nonce, nc, cnonce,
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	682	qop, realmName, md5a2);
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	683	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	684
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	685	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	686
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	687	private static class NonceInfo {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	688	private volatile long count;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	689	private volatile long timestamp;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	690
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	691	public void setCount(long l) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	692	count = l;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	693	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	694
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	695	public long getCount() {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	696	return count;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	697	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	698
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	699	public void setTimestamp(long l) {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	700	timestamp = l;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	701	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	702
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	703	public long getTimestamp() {
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	704	return timestamp;
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	705	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	706	}
fa7400d022a0 Updated to https://swing.fit.cvut.cz/hg/stx.libjava/rev/31f8b995905e Jan Vrany <jan.vrany@fit.cvut.cz> parents: diff changeset	707	}

author	Jan Vrany <jan.vrany@fit.cvut.cz>
	Fri, 20 Mar 2015 14:29:53 +0100
branch	cvs_MAIN
changeset 3412	df11bb428463
parent 3360	1a8899091305
permissions	-rw-r--r--