Adding more improvements into web-app authenticator framework

2025-10-06 02:01:45 +00:00 · 2015-09-02 18:59:36 +05:30 · 2015-09-02 18:59:36 +05:30 · f2635e9e98
commit f2635e9e98
parent aa6f311d26
3 changed files with 11 additions and 7 deletions
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationHandler.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticationHandler.java
@ -27,6 +27,7 @@ import org.wso2.carbon.tomcat.ext.valves.CompositeValve;
 import org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthenticator;

 import javax.servlet.http.HttpServletResponse;
+import java.util.StringTokenizer;

 public class WebappAuthenticationHandler extends CarbonTomcatValve {

@ -34,7 +35,7 @@ public class WebappAuthenticationHandler extends CarbonTomcatValve {

    @Override
    public void invoke(Request request, Response response, CompositeValve compositeValve) {
-        if (this.isNonAdminService(request) || this.skipAuthentication(request) || this.isContextSkipped(request)) {
+        if (this.isContextSkipped(request) || (this.isNonAdminService(request) && this.skipAuthentication(request))) {
            this.getNext().invoke(request, response, compositeValve);
            return;
        }
@ -60,13 +61,17 @@ public class WebappAuthenticationHandler extends CarbonTomcatValve {

    private boolean isContextSkipped(Request request) {
        String ctx = request.getContext().getPath();
-        if (ctx == null) {
+        if (ctx == null || "".equals(ctx)) {
            ctx = request.getContextPath();
-            if (ctx == null) {
-                return false;
+            if (ctx == null || "".equals(ctx)) {
+                StringTokenizer tokenizer = new StringTokenizer(request.getRequestURI(), "/");
+                ctx = tokenizer.nextToken();
+                if (ctx == null || "".equals(ctx)) {
+                    return false;
+                }
            }
        }
-        return ctx.equals("/Carbon") || ctx.equals("/Services");
+        return ctx.equalsIgnoreCase("carbon") || ctx.equalsIgnoreCase("services");
    }

    private void processResponse(Request request, Response response, CompositeValve compositeValve,
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/BasicAuthAuthenticator.java
@ -29,7 +29,6 @@ import org.wso2.carbon.webapp.authenticator.framework.Constants;
 public class BasicAuthAuthenticator implements WebappAuthenticator {

    private static final String BASIC_AUTH_AUTHENTICATOR = "BasicAuth";
-    private static final String HEADER_BASIC_AUTH = "authorization";

    @Override
    public boolean canHandle(Request request) {
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java
@ -50,7 +50,7 @@ public class OAuthAuthenticator implements WebappAuthenticator {
        MessageBytes authorization =
                request.getCoyoteRequest().getMimeHeaders().
                        getValue(Constants.HTTPHeaders.HEADER_HTTP_AUTHORIZATION);
-        String tokenValue = null;
+        String tokenValue;
        if (authorization != null) {
            authorization.toBytes();
            ByteChunk authBC = authorization.getByteChunk();