added authentication demo

2025-11-10 07:25:44 +01:00 · 2010-09-05 13:54:49 +02:00
parent d8548089f6
commit 36b7260f6b
6 changed files with 334 additions and 21 deletions
--- a/scm-webapp/src/main/java/sonia/scm/api/rest/SecurityFilter.java
+++ b/scm-webapp/src/main/java/sonia/scm/api/rest/SecurityFilter.java
@@ -0,0 +1,104 @@
+/*
+ * To change this template, choose Tools | Templates
+ * and open the template in the editor.
+ */
+
+
+
+package sonia.scm.api.rest;
+
+//~--- JDK imports ------------------------------------------------------------
+
+import java.io.IOException;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.annotation.WebFilter;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ *
+ * @author Sebastian Sdorra
+ */
+@WebFilter(urlPatterns = "/api/rest/*")
+public class SecurityFilter implements Filter
+{
+
+  /** Field description */
+  public static final String URL_AUTHENTICATION = "/api/rest/authentication";
+
+  //~--- methods --------------------------------------------------------------
+
+  /**
+   * Method description
+   *
+   */
+  @Override
+  public void destroy()
+  {
+
+    // do nothing
+  }
+
+  /**
+   * Method description
+   *
+   *
+   * @param req
+   * @param res
+   * @param chain
+   *
+   * @throws IOException
+   * @throws ServletException
+   */
+  @Override
+  public void doFilter(ServletRequest req, ServletResponse res,
+                       FilterChain chain)
+          throws IOException, ServletException
+  {
+    if ((req instanceof HttpServletRequest)
+        && (res instanceof HttpServletResponse))
+    {
+      HttpServletRequest request = (HttpServletRequest) req;
+      String uri =
+        request.getRequestURI().substring(request.getContextPath().length());
+
+      System.out.println( uri + "" + uri.startsWith( URL_AUTHENTICATION ) );
+
+      if (uri.startsWith(URL_AUTHENTICATION)
+          || (request.getSession(true).getAttribute("auth") != null))
+      {
+        chain.doFilter(req, res);
+      }
+      else
+      {
+        ((HttpServletResponse) res).sendError(
+            HttpServletResponse.SC_UNAUTHORIZED);
+      }
+    }
+    else
+    {
+      throw new ServletException("request is not an HttpServletRequest");
+    }
+  }
+
+  /**
+   * Method description
+   *
+   *
+   * @param filterConfig
+   *
+   * @throws ServletException
+   */
+  @Override
+  public void init(FilterConfig filterConfig) throws ServletException
+  {
+
+    // do nothing
+  }
+}
--- a/scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java
+++ b/scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java
@@ -0,0 +1,93 @@
+/*
+ * To change this template, choose Tools | Templates
+ * and open the template in the editor.
+ */
+
+
+
+package sonia.scm.api.rest.resources;
+
+//~--- JDK imports ------------------------------------------------------------
+
+import javax.inject.Singleton;
+
+import javax.servlet.http.HttpServletRequest;
+
+import javax.ws.rs.FormParam;
+import javax.ws.rs.GET;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+
+/**
+ *
+ * @author Sebastian Sdorra
+ */
+@Singleton
+@Path("authentication")
+@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
+public class AuthenticationResource
+{
+
+  /**
+   * Method description
+   *
+   *
+   * @param request
+   * @param username
+   * @param password
+   *
+   * @return
+   */
+  @POST
+  public Response authenticate(@Context HttpServletRequest request,
+                               @FormParam("username") String username,
+                               @FormParam("password") String password)
+  {
+    Response response = null;
+
+    if ("hans".equals(username) && "hans123".equals(password))
+    {
+      request.getSession(true).setAttribute("auth", Boolean.TRUE);
+      response = Response.ok().build();
+    }
+    else
+    {
+      response = Response.status(Response.Status.UNAUTHORIZED).build();
+    }
+
+    return response;
+  }
+
+  //~--- get methods ----------------------------------------------------------
+
+  /**
+   * Method description
+   *
+   *
+   * @param request
+   *
+   * @return
+   */
+  @GET
+  public Response isAuthenticated(@Context HttpServletRequest request)
+  {
+    Response response = null;
+
+    if (request.getSession(true).getAttribute("auth") != null)
+    {
+      System.out.println( "authenticated" );
+
+      response = Response.ok().build();
+    }
+    else
+    {
+      response = Response.status(Response.Status.UNAUTHORIZED).build();
+    }
+
+    return response;
+  }
+}