Example usage for com.google.common.net HttpHeaders WWW_AUTHENTICATE

List of usage examples for com.google.common.net HttpHeaders WWW_AUTHENTICATE

  1. HOME
  2. Java
  3. com.google.common
  4. com.google.common.net.*
  5. HttpHeaders
  6. WWW_AUTHENTICATE

Introduction

In this page you can find the example usage for com.google.common.net HttpHeaders WWW_AUTHENTICATE.

Prototype

String WWW_AUTHENTICATE

To view the source code for com.google.common.net HttpHeaders WWW_AUTHENTICATE.

Click Source Link

Document

The HTTP WWW-Authenticate header field name.

Usage

From source file:org.graylog2.shared.rest.NotAuthorizedResponseFilter.java

@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext)
        throws IOException {
    if (responseContext.getStatusInfo().equals(Response.Status.UNAUTHORIZED)) {
        final String requestedWith = requestContext.getHeaderString(HttpHeaders.X_REQUESTED_WITH);
        if ("XMLHttpRequest".equalsIgnoreCase(requestedWith)) {
            responseContext.getHeaders().remove(HttpHeaders.WWW_AUTHENTICATE);

        }/*from  w w w.ja  va 2  s.  c  o  m*/
    }
}

From source file:org.apache.brooklyn.rest.resources.LogoutResource.java

@Override
public Response logout() {
    WebEntitlementContext ctx = (WebEntitlementContext) Entitlements.getEntitlementContext();

    if (ctx == null) {
        return Response.status(Status.BAD_REQUEST).entity("No user logged in")
                .header(HttpHeaders.WWW_AUTHENTICATE, BASIC_REALM_WEBCONSOLE).build();
    }/*from   w  w w.j av a  2s  .c  om*/

    URI dest = uri.getBaseUriBuilder().path(LogoutApi.class).path(LogoutApi.class, "logoutUser")
            .build(ctx.user());

    // When execution gets here we don't know whether this is the first fetch of logout() or a subsequent one
    // with a re-authenticated user. The only way to tell is compare if user names changed. So redirect to an URL
    // which contains the user name.
    return Response.temporaryRedirect(dest).build();
}

From source file:com.sector91.wit.http.BasicAuthInterceptor.java

@Override
public void intercept(Request request, Response response) throws HttpException {
    final String auth = request.getValue(HttpHeaders.AUTHORIZATION);
    try {//from   w w  w  .  j  ava2s  .c  o  m
        if (auth.startsWith(PREFIX)) {
            final String b64 = auth.split("\\s+")[1];
            final String parsed = new String(BaseEncoding.base64().decode(b64), Charsets.UTF_8);
            final String[] parts = parsed.split("[:]");
            if (!authenticator.auth(parts[0], parts[1]))
                throw new HttpException(Status.UNAUTHORIZED).withHeader(HttpHeaders.WWW_AUTHENTICATE,
                        "Basic realm=\"" + realm + "\"");
        }
    } catch (RuntimeException ex) {
    }
}

From source file:org.apache.brooklyn.rest.resources.LogoutResource.java

@Override
public Response unAuthorize() {
    return Response.status(Status.UNAUTHORIZED).header(HttpHeaders.WWW_AUTHENTICATE, BASIC_REALM_WEBCONSOLE)
            .build();
}

From source file:org.apache.brooklyn.rest.resources.LogoutResource.java

@Override
public Response logoutUser(String user) {
    // Will work when switching users, but will keep re-authenticating if user types in same user name.
    // Could improve by keeping state in cookies to decide whether to request auth or declare successfull re-auth.
    WebEntitlementContext ctx = (WebEntitlementContext) Entitlements.getEntitlementContext();
    if (user.equals(ctx.user())) {
        doLogout();//  w  w w  .j a  v  a 2s . c  o m

        return Response.status(Status.UNAUTHORIZED).header(HttpHeaders.WWW_AUTHENTICATE, BASIC_REALM_WEBCONSOLE)
                .build();
    } else {
        return Response.temporaryRedirect(uri.getAbsolutePathBuilder().replacePath("/").build()).build();
    }
}

From source file:se.curity.examples.oauth.OAuthFilter.java

private void setReAuthenticate401(HttpServletResponse response) throws IOException {
    String msg = String.format("Bearer realm=\"%s\"", getOAuthHost());
    response.setHeader(HttpHeaders.WWW_AUTHENTICATE, msg);
    response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
}

From source file:se.curity.examples.oauth.OAuthFilter.java

private void setForbidden403(HttpServletResponse response) throws IOException {
    String msg = String.format("Bearer realm=\"%s\"", getOAuthHost());
    response.setHeader(HttpHeaders.WWW_AUTHENTICATE, msg);
    response.sendError(HttpServletResponse.SC_FORBIDDEN);
}

From source file:com.facebook.presto.server.security.SpnegoFilter.java

@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain nextFilter)
        throws IOException, ServletException {
    // skip auth for http
    if (!servletRequest.isSecure()) {
        nextFilter.doFilter(servletRequest, servletResponse);
        return;/*from   www  .  j a v  a2  s  .  com*/
    }

    HttpServletRequest request = (HttpServletRequest) servletRequest;
    HttpServletResponse response = (HttpServletResponse) servletResponse;

    String header = request.getHeader(HttpHeaders.AUTHORIZATION);

    boolean includeRealm = "true".equalsIgnoreCase(request.getHeader(INCLUDE_REALM_HEADER));

    if (header != null) {
        String[] parts = header.split("\\s+");
        if (parts.length == 2 && parts[0].equals(NEGOTIATE_SCHEME)) {
            try {
                Optional<Result> authentication = authenticate(parts[1]);
                if (authentication.isPresent()) {
                    authentication.get().getToken()
                            .ifPresent(token -> response.setHeader(HttpHeaders.WWW_AUTHENTICATE,
                                    formatAuthenticationHeader(includeRealm, Optional.ofNullable(token))));

                    nextFilter.doFilter(new HttpServletRequestWrapper(request) {
                        @Override
                        public Principal getUserPrincipal() {
                            return authentication.get().getPrincipal();
                        }
                    }, servletResponse);
                    return;
                }
            } catch (GSSException e) {
                throw Throwables.propagate(e);
            }
        }
    }

    sendChallenge(response, includeRealm);
}

From source file:com.facebook.presto.server.security.SpnegoFilter.java

private static void sendChallenge(HttpServletResponse response, boolean includeRealm) {
    response.setStatus(SC_UNAUTHORIZED);
    response.setHeader(HttpHeaders.WWW_AUTHENTICATE,
            formatAuthenticationHeader(includeRealm, Optional.empty()));
}

From source file:com.facebook.presto.server.security.LdapFilter.java

private static void processAuthenticationException(AuthenticationException e, HttpServletRequest request,
        HttpServletResponse response) throws IOException {
    if (e.getStatus() == UNAUTHORIZED) {
        // If we send the challenge without consuming the body of the request,
        // the Jetty server will close the connection after sending the response.
        // The client interprets this as a failed request and does not resend
        // the request with the authentication header.
        // We can avoid this behavior in the Jetty client by reading and discarding
        // the entire body of the unauthenticated request before sending the response.
        skipRequestBody(request);//from w w w. j  a v a  2 s.  c o m
        response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "Basic realm=\"presto\"");
    }
    response.sendError(e.getStatus().code(), e.getMessage());
}