stratos-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pradee...@apache.org
Subject [1/2] git commit: fixing bug in authentication logic. The backend handler code is cluttered, refactor it..
Date Wed, 05 Feb 2014 06:50:41 GMT
Updated Branches:
  refs/heads/master c537b5a75 -> fb7277261


fixing bug in authentication logic. The backend handler code is cluttered, refactor it..


Project: http://git-wip-us.apache.org/repos/asf/incubator-stratos/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-stratos/commit/70dca51f
Tree: http://git-wip-us.apache.org/repos/asf/incubator-stratos/tree/70dca51f
Diff: http://git-wip-us.apache.org/repos/asf/incubator-stratos/diff/70dca51f

Branch: refs/heads/master
Commit: 70dca51f30b0ebfc8e764be3455c79c56677a08b
Parents: f195960
Author: Pradeep Fernando <pradeepfn@gmail.com>
Authored: Wed Feb 5 12:18:59 2014 +0530
Committer: Pradeep Fernando <pradeepfn@gmail.com>
Committed: Wed Feb 5 12:18:59 2014 +0530

----------------------------------------------------------------------
 .../console/controllers/loginSubmit.jag                     | 2 ++
 .../AbstractAuthenticationAuthorizationHandler.java         | 7 ++++++-
 .../endpoint/handlers/CookieBasedAuthenticationHandler.java | 4 ++++
 .../endpoint/handlers/StratosAuthenticationHandler.java     | 4 ++++
 .../rest/endpoint/handlers/StratosAuthorizingHandler.java   | 9 ++++++++-
 .../src/main/webapp/stratos/WEB-INF/cxf-servlet.xml         | 1 -
 6 files changed, 24 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/70dca51f/components/org.apache.stratos.manager.console/console/controllers/loginSubmit.jag
----------------------------------------------------------------------
diff --git a/components/org.apache.stratos.manager.console/console/controllers/loginSubmit.jag
b/components/org.apache.stratos.manager.console/console/controllers/loginSubmit.jag
index 4a69121..6fb41f4 100644
--- a/components/org.apache.stratos.manager.console/console/controllers/loginSubmit.jag
+++ b/components/org.apache.stratos.manager.console/console/controllers/loginSubmit.jag
@@ -8,6 +8,8 @@
     var username = request.getParameter("username").trim();
     var password = request.getParameter("password"); // not trimming the password
     //authenticate with carbon usr-store
+    log.info("Username : " + username);
+    log.info("Password : "+ password);
     var auth = server.authenticate(username, password);
     var userObject = carbon.server.tenantUser(username);
     var um = new carbon.user.UserManager({}, userObject.tenantId);

http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/70dca51f/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/AbstractAuthenticationAuthorizationHandler.java
----------------------------------------------------------------------
diff --git a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/AbstractAuthenticationAuthorizationHandler.java
b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/AbstractAuthenticationAuthorizationHandler.java
index de6d083..1f57f43 100644
--- a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/AbstractAuthenticationAuthorizationHandler.java
+++ b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/AbstractAuthenticationAuthorizationHandler.java
@@ -16,6 +16,8 @@ package org.apache.stratos.rest.endpoint.handlers;/*
 * under the License.
 */
 
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
 import org.apache.cxf.jaxrs.ext.RequestHandler;
 import org.apache.cxf.jaxrs.impl.HttpHeadersImpl;
 import org.apache.cxf.jaxrs.model.ClassResourceInfo;
@@ -27,13 +29,16 @@ import javax.ws.rs.core.Response;
 import java.util.List;
 
 public abstract class AbstractAuthenticationAuthorizationHandler implements RequestHandler
{
-
+    private Log log = LogFactory.getLog(AbstractAuthenticationAuthorizationHandler.class);
 
 
 
     public Response handleRequest(Message message, ClassResourceInfo classResourceInfo) {
         HttpHeaders headers = new HttpHeadersImpl(message);
         List<String> authHeader = headers.getRequestHeader(HttpHeaders.AUTHORIZATION);
+        if(log.isDebugEnabled()){
+            log.debug("Executing " + this.getClass());
+        }
         if(!AuthenticationContext.isAthenticated() && authHeader != null &&
authHeader.size() > 0 &&
                 canHandle(authHeader.get(0).trim().split(" ")[0])){
              return handle(message,classResourceInfo);

http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/70dca51f/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CookieBasedAuthenticationHandler.java
----------------------------------------------------------------------
diff --git a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CookieBasedAuthenticationHandler.java
b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CookieBasedAuthenticationHandler.java
index 9ddf5fe..109c177 100644
--- a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CookieBasedAuthenticationHandler.java
+++ b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CookieBasedAuthenticationHandler.java
@@ -63,6 +63,10 @@ public class CookieBasedAuthenticationHandler implements RequestHandler
{
            carbonContext.setTenantId(tenantId);
 
            AuthenticationContext.setAuthenticated(true);
+           if (log.isDebugEnabled()) {
+               log.debug("authenticated using the " + CookieBasedAuthenticationHandler.class.getName()
+ "for username  :" +
+                       userName + "tenantDomain : " + tenantDomain + " tenantId : " + tenantId);
+           }
            return null;
 
        }

http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/70dca51f/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthenticationHandler.java
----------------------------------------------------------------------
diff --git a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthenticationHandler.java
b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthenticationHandler.java
index f8f0bc2..7e66e6e 100644
--- a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthenticationHandler.java
+++ b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthenticationHandler.java
@@ -101,6 +101,10 @@ public class StratosAuthenticationHandler extends AbstractAuthenticationAuthoriz
 
                 // set the authenticated flag and let the request to continue
                 AuthenticationContext.setAuthenticated(true);
+                if (log.isDebugEnabled()) {
+                    log.debug("authenticated using the " + CookieBasedAuthenticationHandler.class.getName()
+ "for username  :" +
+                            username + "tenantDomain : " + tenantDomain + " tenantId : "
+ tenantId);
+                }
                 return null;
             } else {
                 log.warn("unable to authenticate the request");

http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/70dca51f/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthorizingHandler.java
----------------------------------------------------------------------
diff --git a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthorizingHandler.java
b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthorizingHandler.java
index a7e5f09..1712af3 100644
--- a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthorizingHandler.java
+++ b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthorizingHandler.java
@@ -29,6 +29,7 @@ import org.apache.cxf.message.Message;
 import org.apache.cxf.service.Service;
 import org.apache.cxf.service.model.BindingOperationInfo;
 import org.apache.stratos.rest.endpoint.Utils;
+import org.apache.stratos.rest.endpoint.context.AuthenticationContext;
 import org.wso2.carbon.context.CarbonContext;
 import org.wso2.carbon.context.PrivilegedCarbonContext;
 import org.wso2.carbon.user.api.AuthorizationManager;
@@ -69,10 +70,16 @@ public class StratosAuthorizingHandler implements RequestHandler {
 
     public Response handleRequest(Message message, ClassResourceInfo resourceClass) {
         try {
-
+            AuthenticationContext.setAuthenticated(false); // TODO : fix this properly
             String userName = CarbonContext.getThreadLocalCarbonContext().getUsername();
             String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
             int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId();
+            if(log.isDebugEnabled()){
+                log.debug("authorizing the action using" + StratosAuthorizingHandler.class.getName());
+                log.debug("username :"+ userName);
+                log.debug("tenantDomain" + tenantDomain);
+                log.debug("tenantId :"+ tenantId);
+            }
             Method targetMethod = getTargetMethod(message);
             if (!authorize(userName,tenantDomain,tenantId,targetMethod)) {
                log.warn("User :"+ userName + "trying to perform unauthrorized action" +

http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/70dca51f/components/org.apache.stratos.rest.endpoint/src/main/webapp/stratos/WEB-INF/cxf-servlet.xml
----------------------------------------------------------------------
diff --git a/components/org.apache.stratos.rest.endpoint/src/main/webapp/stratos/WEB-INF/cxf-servlet.xml
b/components/org.apache.stratos.rest.endpoint/src/main/webapp/stratos/WEB-INF/cxf-servlet.xml
index 22a9ca3..4bf87f8 100644
--- a/components/org.apache.stratos.rest.endpoint/src/main/webapp/stratos/WEB-INF/cxf-servlet.xml
+++ b/components/org.apache.stratos.rest.endpoint/src/main/webapp/stratos/WEB-INF/cxf-servlet.xml
@@ -36,7 +36,6 @@
             <ref bean="basicAuthenticationFilter"/>
             <ref bean="sessionAuthenticationFilter"/>
             <ref bean="authorizationFilter"/>
-            <ref bean="OAuthFilter"/>
         </jaxrs:providers>
     </jaxrs:server>
 


Mime
View raw message