1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30 package org.apache.commons.httpclient.server;
31
32 import java.io.IOException;
33
34 import org.apache.commons.httpclient.Credentials;
35 import org.apache.commons.httpclient.Header;
36 import org.apache.commons.httpclient.HttpStatus;
37 import org.apache.commons.httpclient.UsernamePasswordCredentials;
38 import org.apache.commons.httpclient.auth.BasicScheme;
39
40 /***
41 * This request handler guards access to a proxy when used in a request handler
42 * chain. It checks the headers for valid credentials and performs the
43 * authentication handshake if necessary.
44 *
45 * @author Ortwin Glueck
46 * @author Oleg Kalnichevski
47 */
48 public class ProxyAuthRequestHandler implements HttpRequestHandler {
49 private Credentials credentials;
50
51 /***
52 * The proxy authenticate response header.
53 */
54 public static final String PROXY_AUTH_RESP = "Proxy-Authorization";
55
56 /***
57 * TODO replace creds parameter with a class specific to an auth scheme
58 * encapsulating all required information for a specific scheme
59 *
60 * @param creds
61 */
62 public ProxyAuthRequestHandler(Credentials creds) {
63 if (creds == null)
64 throw new IllegalArgumentException("Credentials can not be null");
65 this.credentials = creds;
66 }
67
68 public boolean processRequest(
69 final SimpleHttpServerConnection conn,
70 final SimpleRequest request) throws IOException
71 {
72 Header clientAuth = request.getFirstHeader(PROXY_AUTH_RESP);
73 if (clientAuth != null) {
74 return !checkAuthorization(clientAuth);
75 } else {
76 SimpleResponse response = performBasicHandshake(request);
77
78 request.getBodyBytes();
79 conn.writeResponse(response);
80 return true;
81 }
82 }
83
84
85 private SimpleResponse performBasicHandshake(final SimpleRequest request) {
86 SimpleResponse response = new SimpleResponse();
87 response.setStatusLine(
88 request.getRequestLine().getHttpVersion(),
89 HttpStatus.SC_PROXY_AUTHENTICATION_REQUIRED);
90 response.addHeader(new Header("Proxy-Authenticate", "basic realm=test"));
91
92 return response;
93 }
94
95 /***
96 * Checks if the credentials provided by the client match the required
97 * credentials
98 *
99 * @return true if the client is authorized, false if not.
100 * @param clientAuth
101 */
102 private boolean checkAuthorization(Header clientAuth) {
103 String expectedAuthString = BasicScheme.authenticate(
104 (UsernamePasswordCredentials)credentials,
105 "ISO-8859-1");
106 return expectedAuthString.equals(clientAuth.getValue());
107 }
108
109 }