Updated Branches: refs/heads/master c537b5a75 -> fb7277261
fixing bug in authentication logic. The backend handler code is cluttered, refactor it.. Project: http://git-wip-us.apache.org/repos/asf/incubator-stratos/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-stratos/commit/70dca51f Tree: http://git-wip-us.apache.org/repos/asf/incubator-stratos/tree/70dca51f Diff: http://git-wip-us.apache.org/repos/asf/incubator-stratos/diff/70dca51f Branch: refs/heads/master Commit: 70dca51f30b0ebfc8e764be3455c79c56677a08b Parents: f195960 Author: Pradeep Fernando <[email protected]> Authored: Wed Feb 5 12:18:59 2014 +0530 Committer: Pradeep Fernando <[email protected]> Committed: Wed Feb 5 12:18:59 2014 +0530 ---------------------------------------------------------------------- .../console/controllers/loginSubmit.jag | 2 ++ .../AbstractAuthenticationAuthorizationHandler.java | 7 ++++++- .../endpoint/handlers/CookieBasedAuthenticationHandler.java | 4 ++++ .../endpoint/handlers/StratosAuthenticationHandler.java | 4 ++++ .../rest/endpoint/handlers/StratosAuthorizingHandler.java | 9 ++++++++- .../src/main/webapp/stratos/WEB-INF/cxf-servlet.xml | 1 - 6 files changed, 24 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/70dca51f/components/org.apache.stratos.manager.console/console/controllers/loginSubmit.jag ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.manager.console/console/controllers/loginSubmit.jag b/components/org.apache.stratos.manager.console/console/controllers/loginSubmit.jag index 4a69121..6fb41f4 100644 --- a/components/org.apache.stratos.manager.console/console/controllers/loginSubmit.jag +++ b/components/org.apache.stratos.manager.console/console/controllers/loginSubmit.jag @@ -8,6 +8,8 @@ var username = request.getParameter("username").trim(); var password = request.getParameter("password"); // not trimming the password //authenticate with carbon usr-store + log.info("Username : " + username); + log.info("Password : "+ password); var auth = server.authenticate(username, password); var userObject = carbon.server.tenantUser(username); var um = new carbon.user.UserManager({}, userObject.tenantId); http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/70dca51f/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/AbstractAuthenticationAuthorizationHandler.java ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/AbstractAuthenticationAuthorizationHandler.java b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/AbstractAuthenticationAuthorizationHandler.java index de6d083..1f57f43 100644 --- a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/AbstractAuthenticationAuthorizationHandler.java +++ b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/AbstractAuthenticationAuthorizationHandler.java @@ -16,6 +16,8 @@ package org.apache.stratos.rest.endpoint.handlers;/* * under the License. */ +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; import org.apache.cxf.jaxrs.ext.RequestHandler; import org.apache.cxf.jaxrs.impl.HttpHeadersImpl; import org.apache.cxf.jaxrs.model.ClassResourceInfo; @@ -27,13 +29,16 @@ import javax.ws.rs.core.Response; import java.util.List; public abstract class AbstractAuthenticationAuthorizationHandler implements RequestHandler { - + private Log log = LogFactory.getLog(AbstractAuthenticationAuthorizationHandler.class); public Response handleRequest(Message message, ClassResourceInfo classResourceInfo) { HttpHeaders headers = new HttpHeadersImpl(message); List<String> authHeader = headers.getRequestHeader(HttpHeaders.AUTHORIZATION); + if(log.isDebugEnabled()){ + log.debug("Executing " + this.getClass()); + } if(!AuthenticationContext.isAthenticated() && authHeader != null && authHeader.size() > 0 && canHandle(authHeader.get(0).trim().split(" ")[0])){ return handle(message,classResourceInfo); http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/70dca51f/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CookieBasedAuthenticationHandler.java ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CookieBasedAuthenticationHandler.java b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CookieBasedAuthenticationHandler.java index 9ddf5fe..109c177 100644 --- a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CookieBasedAuthenticationHandler.java +++ b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/CookieBasedAuthenticationHandler.java @@ -63,6 +63,10 @@ public class CookieBasedAuthenticationHandler implements RequestHandler { carbonContext.setTenantId(tenantId); AuthenticationContext.setAuthenticated(true); + if (log.isDebugEnabled()) { + log.debug("authenticated using the " + CookieBasedAuthenticationHandler.class.getName() + "for username :" + + userName + "tenantDomain : " + tenantDomain + " tenantId : " + tenantId); + } return null; } http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/70dca51f/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthenticationHandler.java ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthenticationHandler.java b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthenticationHandler.java index f8f0bc2..7e66e6e 100644 --- a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthenticationHandler.java +++ b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthenticationHandler.java @@ -101,6 +101,10 @@ public class StratosAuthenticationHandler extends AbstractAuthenticationAuthoriz // set the authenticated flag and let the request to continue AuthenticationContext.setAuthenticated(true); + if (log.isDebugEnabled()) { + log.debug("authenticated using the " + CookieBasedAuthenticationHandler.class.getName() + "for username :" + + username + "tenantDomain : " + tenantDomain + " tenantId : " + tenantId); + } return null; } else { log.warn("unable to authenticate the request"); http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/70dca51f/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthorizingHandler.java ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthorizingHandler.java b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthorizingHandler.java index a7e5f09..1712af3 100644 --- a/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthorizingHandler.java +++ b/components/org.apache.stratos.rest.endpoint/src/main/java/org/apache/stratos/rest/endpoint/handlers/StratosAuthorizingHandler.java @@ -29,6 +29,7 @@ import org.apache.cxf.message.Message; import org.apache.cxf.service.Service; import org.apache.cxf.service.model.BindingOperationInfo; import org.apache.stratos.rest.endpoint.Utils; +import org.apache.stratos.rest.endpoint.context.AuthenticationContext; import org.wso2.carbon.context.CarbonContext; import org.wso2.carbon.context.PrivilegedCarbonContext; import org.wso2.carbon.user.api.AuthorizationManager; @@ -69,10 +70,16 @@ public class StratosAuthorizingHandler implements RequestHandler { public Response handleRequest(Message message, ClassResourceInfo resourceClass) { try { - + AuthenticationContext.setAuthenticated(false); // TODO : fix this properly String userName = CarbonContext.getThreadLocalCarbonContext().getUsername(); String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain(); int tenantId = CarbonContext.getThreadLocalCarbonContext().getTenantId(); + if(log.isDebugEnabled()){ + log.debug("authorizing the action using" + StratosAuthorizingHandler.class.getName()); + log.debug("username :"+ userName); + log.debug("tenantDomain" + tenantDomain); + log.debug("tenantId :"+ tenantId); + } Method targetMethod = getTargetMethod(message); if (!authorize(userName,tenantDomain,tenantId,targetMethod)) { log.warn("User :"+ userName + "trying to perform unauthrorized action" + http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/70dca51f/components/org.apache.stratos.rest.endpoint/src/main/webapp/stratos/WEB-INF/cxf-servlet.xml ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.rest.endpoint/src/main/webapp/stratos/WEB-INF/cxf-servlet.xml b/components/org.apache.stratos.rest.endpoint/src/main/webapp/stratos/WEB-INF/cxf-servlet.xml index 22a9ca3..4bf87f8 100644 --- a/components/org.apache.stratos.rest.endpoint/src/main/webapp/stratos/WEB-INF/cxf-servlet.xml +++ b/components/org.apache.stratos.rest.endpoint/src/main/webapp/stratos/WEB-INF/cxf-servlet.xml @@ -36,7 +36,6 @@ <ref bean="basicAuthenticationFilter"/> <ref bean="sessionAuthenticationFilter"/> <ref bean="authorizationFilter"/> - <ref bean="OAuthFilter"/> </jaxrs:providers> </jaxrs:server>
