mirror of
https://github.com/yacy/yacy_search_server.git
synced 2024-09-19 00:01:41 +02:00
* authentication implemented with own securityhandler
This commit is contained in:
parent
68ca0fbb2e
commit
7cfd3762d9
|
@ -59,6 +59,9 @@ public class HttpServer {
|
|||
|
||||
resource_handler.setResourceBase("htroot/");
|
||||
|
||||
HandlerList handlers = new HandlerList();
|
||||
handlers.setHandlers(new Handler[] {new SSIHandler(new TemplateHandler()), resource_handler, new DefaultHandler() });
|
||||
|
||||
Constraint constraint = new Constraint();
|
||||
constraint.setName(Constraint.__BASIC_AUTH);;
|
||||
constraint.setRoles(new String[]{"admin"});
|
||||
|
@ -66,22 +69,19 @@ public class HttpServer {
|
|||
|
||||
ConstraintMapping cm = new ConstraintMapping();
|
||||
cm.setConstraint(constraint);
|
||||
cm.setPathSpec("/*");
|
||||
cm.setPathSpec("/authenticate_me");
|
||||
|
||||
ConstraintSecurityHandler securityHandler = new ConstraintSecurityHandler();
|
||||
YaCySecurityHandler securityHandler = new YaCySecurityHandler();
|
||||
securityHandler.setLoginService(new YaCyLoginService());
|
||||
securityHandler.setRealmName("YaCy Admin Interface");
|
||||
securityHandler.setConstraintMappings(new ConstraintMapping[]{cm});
|
||||
securityHandler.setHandler(new SSIHandler(new TemplateHandler()));
|
||||
securityHandler.setHandler(handlers);
|
||||
|
||||
// context handler for dispatcher and security
|
||||
ContextHandler context = new ContextHandler();
|
||||
context.setContextPath("/");
|
||||
context.setHandler(securityHandler);
|
||||
|
||||
HandlerList handlers = new HandlerList();
|
||||
handlers.setHandlers(new Handler[] {context, resource_handler, new DefaultHandler() });
|
||||
server.setHandler(handlers);
|
||||
server.setHandler(context);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -40,6 +40,7 @@ import java.util.Date;
|
|||
import java.util.Enumeration;
|
||||
import java.util.concurrent.ConcurrentHashMap;
|
||||
|
||||
import javax.servlet.RequestDispatcher;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
@ -192,13 +193,14 @@ public class TemplateHandler extends AbstractHandler implements Handler {
|
|||
|
||||
return legacyRequestHeader;
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public void handle(String target, Request baseRequest, HttpServletRequest request,
|
||||
HttpServletResponse response) throws IOException, ServletException {
|
||||
Switchboard sb = Switchboard.getSwitchboard();
|
||||
|
||||
|
||||
System.err.println("Page: " + target);
|
||||
|
||||
String localeSelection = "default";
|
||||
File targetFile = getLocalizedFile(target, localeSelection);
|
||||
File targetClass = rewriteClassFile(new File(htDefaultPath, target));
|
||||
|
|
|
@ -1,3 +1,27 @@
|
|||
//
|
||||
// YaCyLoginService
|
||||
// Copyright 2011 by Florian Richter
|
||||
// First released 16.04.2011 at http://yacy.net
|
||||
//
|
||||
// $LastChangedDate$
|
||||
// $LastChangedRevision$
|
||||
// $LastChangedBy$
|
||||
//
|
||||
// This library is free software; you can redistribute it and/or
|
||||
// modify it under the terms of the GNU Lesser General Public
|
||||
// License as published by the Free Software Foundation; either
|
||||
// version 2.1 of the License, or (at your option) any later version.
|
||||
//
|
||||
// This library is distributed in the hope that it will be useful,
|
||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
// Lesser General Public License for more details.
|
||||
//
|
||||
// You should have received a copy of the GNU Lesser General Public License
|
||||
// along with this program in the file lgpl21.txt
|
||||
// If not, see <http://www.gnu.org/licenses/>.
|
||||
//
|
||||
|
||||
package net.yacy.http;
|
||||
|
||||
import java.io.IOException;
|
||||
|
@ -10,11 +34,16 @@ import org.eclipse.jetty.security.IdentityService;
|
|||
import org.eclipse.jetty.security.MappedLoginService;
|
||||
import org.eclipse.jetty.server.UserIdentity;
|
||||
|
||||
|
||||
/**
|
||||
* jetty login service, provides one admin user
|
||||
*/
|
||||
public class YaCyLoginService extends MappedLoginService {
|
||||
|
||||
@Override
|
||||
protected UserIdentity loadUser(String username) {
|
||||
if(username.equals("admin")) {
|
||||
// TODO: implement legacy credentials
|
||||
Credential credential = Credential.getCredential("admin");
|
||||
Principal userPrincipal = new MappedLoginService.KnownUser("admin", credential);
|
||||
Subject subject = new Subject();
|
||||
|
@ -29,7 +58,8 @@ public class YaCyLoginService extends MappedLoginService {
|
|||
|
||||
@Override
|
||||
protected void loadUsers() throws IOException {
|
||||
// don't load any users into MappedLoginService on boot
|
||||
// don't load any users into MappedLoginService on startup
|
||||
// we use loadUser for dynamic checking
|
||||
}
|
||||
|
||||
}
|
||||
|
|
67
source/net/yacy/http/YaCySecurityHandler.java
Normal file
67
source/net/yacy/http/YaCySecurityHandler.java
Normal file
|
@ -0,0 +1,67 @@
|
|||
//
|
||||
// YaCySecurityHandler
|
||||
// Copyright 2011 by Florian Richter
|
||||
// First released 16.04.2011 at http://yacy.net
|
||||
//
|
||||
// $LastChangedDate$
|
||||
// $LastChangedRevision$
|
||||
// $LastChangedBy$
|
||||
//
|
||||
// This library is free software; you can redistribute it and/or
|
||||
// modify it under the terms of the GNU Lesser General Public
|
||||
// License as published by the Free Software Foundation; either
|
||||
// version 2.1 of the License, or (at your option) any later version.
|
||||
//
|
||||
// This library is distributed in the hope that it will be useful,
|
||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
// Lesser General Public License for more details.
|
||||
//
|
||||
// You should have received a copy of the GNU Lesser General Public License
|
||||
// along with this program in the file lgpl21.txt
|
||||
// If not, see <http://www.gnu.org/licenses/>.
|
||||
//
|
||||
|
||||
package net.yacy.http;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
import org.eclipse.jetty.security.SecurityHandler;
|
||||
import org.eclipse.jetty.server.Request;
|
||||
import org.eclipse.jetty.server.Response;
|
||||
import org.eclipse.jetty.server.UserIdentity;
|
||||
|
||||
/**
|
||||
* jetty security handler
|
||||
* demands authentication for pages with _p. inside
|
||||
*/
|
||||
public class YaCySecurityHandler extends SecurityHandler {
|
||||
|
||||
@Override
|
||||
protected boolean checkUserDataPermissions(String pathInContext, Request request,
|
||||
Response response, Object constraintInfo) throws IOException {
|
||||
// check the SecurityHandler code, denying here does not provide authentication
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected boolean checkWebResourcePermissions(String pathInContext, Request request,
|
||||
Response response, Object constraintInfo, UserIdentity userIdentity) throws IOException {
|
||||
// deny and request for authentication, if necessary
|
||||
Boolean authMand = (Boolean)constraintInfo;
|
||||
return !authMand || request.isUserInRole("admin");
|
||||
}
|
||||
|
||||
@Override
|
||||
protected boolean isAuthMandatory(Request base_request, Response base_response, Object constraintInfo) {
|
||||
Boolean authMand = (Boolean)constraintInfo;
|
||||
return authMand;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected Object prepareConstraintInfo(String pathInContext, Request request) {
|
||||
// authentication mandatory as simple constraint info
|
||||
return pathInContext.contains("_p.");
|
||||
}
|
||||
|
||||
}
|
Loading…
Reference in New Issue
Block a user