RequestAuthenticatorpublic class RequestAuthenticator extends Object implements org.apache.lucene.gdata.server.authentication.GDataHttpAuthenticator| The RequestAuthenticator provides access to the registered
{@link org.apache.lucene.gdata.server.authentication.AuthenticationController}
as a super class for all request handler requiereing authentication for
access. This class implements the
{@link org.apache.lucene.gdata.server.authentication.GDataHttpAuthenticator}
to get the auth token from the given request and call the needed Components
to authenticat the client.
For request handler handling common requests like entry insert or update the
authentication will be based on the account name verified as the owner of the
feed to alter. If the accountname in the token does not match the name of the
account which belongs to the feed the given role will be used for
autentication. Authentication using the
{@link RequestAuthenticator#authenticateAccount(HttpServletRequest, AccountRole)}
method, the account name will be ignored, authentication will be based on the
given AccountRole
|
| Fields Summary |
|---|
| private static final Log | LOG |
| Methods Summary |
|---|
| public boolean | authenticateAccount(org.apache.lucene.gdata.server.GDataRequest request, org.apache.lucene.gdata.data.GDataAccount.AccountRole role)
String clientIp = request.getRemoteAddress();
if (LOG.isDebugEnabled())
LOG
.debug("Authenticating Account for GDataRequest -- modifying entries -- Role: "
+ role + "; ClientIp: " + clientIp);
AuthenticationController controller = GDataServerRegistry.getRegistry()
.lookup(AuthenticationController.class,
ComponentType.AUTHENTICATIONCONTROLLER);
ServiceFactory factory = GDataServerRegistry.getRegistry().lookup(
ServiceFactory.class, ComponentType.SERVICEFACTORY);
AdminService adminService = factory.getAdminService();
GDataAccount account;
try {
account = adminService.getFeedOwningAccount(request.getFeedId());
String token = getTokenFromRequest(request.getHttpServletRequest());
if (LOG.isDebugEnabled())
LOG.debug("Got Token: " + token + "; for requesting account: "
+ account);
if (account != null && token != null)
return controller.authenticateToken(token, clientIp,
AccountRole.ENTRYAMINISTRATOR, account.getName());
} catch (ServiceException e) {
LOG.error("can get GDataAccount for feedID -- "
+ request.getFeedId(), e);
throw new AuthenticatorException(" Service exception occured", e);
}finally{
if(adminService!=null)
adminService.close();
}
return false;
| | public boolean | authenticateAccount(javax.servlet.http.HttpServletRequest request, org.apache.lucene.gdata.data.GDataAccount.AccountRole role)
String clientIp = request.getRemoteAddr();
if (LOG.isDebugEnabled())
LOG
.debug("Authenticating Account for GDataRequest -- modifying entries -- Role: "
+ role + "; ClientIp: " + clientIp);
AuthenticationController controller = GDataServerRegistry.getRegistry()
.lookup(AuthenticationController.class,
ComponentType.AUTHENTICATIONCONTROLLER);
String token = getTokenFromRequest(request);
if (LOG.isDebugEnabled())
LOG.debug("Got Token: " + token + ";");
if (token == null)
return false;
return controller.authenticateToken(token, clientIp, role, null);
| | protected java.lang.String | getTokenFromRequest(javax.servlet.http.HttpServletRequest request)
String token = request
.getHeader(AuthenticationController.AUTHORIZATION_HEADER);
if (token == null || !token.startsWith("GoogleLogin")) {
Cookie[] cookies = request.getCookies();
if (cookies == null) {
return null;
}
for (int i = 0; i < cookies.length; i++) {
if (cookies[i].getName().equals(
AuthenticationController.TOKEN_KEY)) {
token = cookies[i].getValue();
break;
}
}
}
if (token != null)
token = token.substring(token.indexOf("=") + 1);
return token;
|
|
