List of usage examples for com.google.common.net HttpHeaders WWW_AUTHENTICATE
String WWW_AUTHENTICATE
To view the source code for com.google.common.net HttpHeaders WWW_AUTHENTICATE.
Click Source Link
From source file:org.graylog2.shared.rest.NotAuthorizedResponseFilter.java
@Override public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException { if (responseContext.getStatusInfo().equals(Response.Status.UNAUTHORIZED)) { final String requestedWith = requestContext.getHeaderString(HttpHeaders.X_REQUESTED_WITH); if ("XMLHttpRequest".equalsIgnoreCase(requestedWith)) { responseContext.getHeaders().remove(HttpHeaders.WWW_AUTHENTICATE); }/*from w w w.ja va 2 s. c o m*/ } }
From source file:org.apache.brooklyn.rest.resources.LogoutResource.java
@Override public Response logout() { WebEntitlementContext ctx = (WebEntitlementContext) Entitlements.getEntitlementContext(); if (ctx == null) { return Response.status(Status.BAD_REQUEST).entity("No user logged in") .header(HttpHeaders.WWW_AUTHENTICATE, BASIC_REALM_WEBCONSOLE).build(); }/*from w w w.j av a 2s .c om*/ URI dest = uri.getBaseUriBuilder().path(LogoutApi.class).path(LogoutApi.class, "logoutUser") .build(ctx.user()); // When execution gets here we don't know whether this is the first fetch of logout() or a subsequent one // with a re-authenticated user. The only way to tell is compare if user names changed. So redirect to an URL // which contains the user name. return Response.temporaryRedirect(dest).build(); }
From source file:com.sector91.wit.http.BasicAuthInterceptor.java
@Override public void intercept(Request request, Response response) throws HttpException { final String auth = request.getValue(HttpHeaders.AUTHORIZATION); try {//from w w w . j ava2s .c o m if (auth.startsWith(PREFIX)) { final String b64 = auth.split("\\s+")[1]; final String parsed = new String(BaseEncoding.base64().decode(b64), Charsets.UTF_8); final String[] parts = parsed.split("[:]"); if (!authenticator.auth(parts[0], parts[1])) throw new HttpException(Status.UNAUTHORIZED).withHeader(HttpHeaders.WWW_AUTHENTICATE, "Basic realm=\"" + realm + "\""); } } catch (RuntimeException ex) { } }
From source file:org.apache.brooklyn.rest.resources.LogoutResource.java
@Override public Response unAuthorize() { return Response.status(Status.UNAUTHORIZED).header(HttpHeaders.WWW_AUTHENTICATE, BASIC_REALM_WEBCONSOLE) .build(); }
From source file:org.apache.brooklyn.rest.resources.LogoutResource.java
@Override public Response logoutUser(String user) { // Will work when switching users, but will keep re-authenticating if user types in same user name. // Could improve by keeping state in cookies to decide whether to request auth or declare successfull re-auth. WebEntitlementContext ctx = (WebEntitlementContext) Entitlements.getEntitlementContext(); if (user.equals(ctx.user())) { doLogout();// w w w .j a v a 2s . c o m return Response.status(Status.UNAUTHORIZED).header(HttpHeaders.WWW_AUTHENTICATE, BASIC_REALM_WEBCONSOLE) .build(); } else { return Response.temporaryRedirect(uri.getAbsolutePathBuilder().replacePath("/").build()).build(); } }
From source file:se.curity.examples.oauth.OAuthFilter.java
private void setReAuthenticate401(HttpServletResponse response) throws IOException { String msg = String.format("Bearer realm=\"%s\"", getOAuthHost()); response.setHeader(HttpHeaders.WWW_AUTHENTICATE, msg); response.sendError(HttpServletResponse.SC_UNAUTHORIZED); }
From source file:se.curity.examples.oauth.OAuthFilter.java
private void setForbidden403(HttpServletResponse response) throws IOException { String msg = String.format("Bearer realm=\"%s\"", getOAuthHost()); response.setHeader(HttpHeaders.WWW_AUTHENTICATE, msg); response.sendError(HttpServletResponse.SC_FORBIDDEN); }
From source file:com.facebook.presto.server.security.SpnegoFilter.java
@Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain nextFilter) throws IOException, ServletException { // skip auth for http if (!servletRequest.isSecure()) { nextFilter.doFilter(servletRequest, servletResponse); return;/*from www . j a v a2 s . com*/ } HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; String header = request.getHeader(HttpHeaders.AUTHORIZATION); boolean includeRealm = "true".equalsIgnoreCase(request.getHeader(INCLUDE_REALM_HEADER)); if (header != null) { String[] parts = header.split("\\s+"); if (parts.length == 2 && parts[0].equals(NEGOTIATE_SCHEME)) { try { Optional<Result> authentication = authenticate(parts[1]); if (authentication.isPresent()) { authentication.get().getToken() .ifPresent(token -> response.setHeader(HttpHeaders.WWW_AUTHENTICATE, formatAuthenticationHeader(includeRealm, Optional.ofNullable(token)))); nextFilter.doFilter(new HttpServletRequestWrapper(request) { @Override public Principal getUserPrincipal() { return authentication.get().getPrincipal(); } }, servletResponse); return; } } catch (GSSException e) { throw Throwables.propagate(e); } } } sendChallenge(response, includeRealm); }
From source file:com.facebook.presto.server.security.SpnegoFilter.java
private static void sendChallenge(HttpServletResponse response, boolean includeRealm) { response.setStatus(SC_UNAUTHORIZED); response.setHeader(HttpHeaders.WWW_AUTHENTICATE, formatAuthenticationHeader(includeRealm, Optional.empty())); }
From source file:com.facebook.presto.server.security.LdapFilter.java
private static void processAuthenticationException(AuthenticationException e, HttpServletRequest request, HttpServletResponse response) throws IOException { if (e.getStatus() == UNAUTHORIZED) { // If we send the challenge without consuming the body of the request, // the Jetty server will close the connection after sending the response. // The client interprets this as a failed request and does not resend // the request with the authentication header. // We can avoid this behavior in the Jetty client by reading and discarding // the entire body of the unauthenticated request before sending the response. skipRequestBody(request);//from w w w. j a v a 2 s. c o m response.setHeader(HttpHeaders.WWW_AUTHENTICATE, "Basic realm=\"presto\""); } response.sendError(e.getStatus().code(), e.getMessage()); }