public String authenticate(Request request, Response response) {
if (!request.getClientInfo().isAuthenticated()) {
authenticator.challenge(response, false);
return null;
}
return request.getClientInfo().getUser().getIdentifier();
}
@Override
public Restlet createInboundRoot() {
// Create a simple password verifier
MapVerifier verifier = new MapVerifier();
verifier.getLocalSecrets().put("scott", "tiger".toCharArray());
// Create a Guard
ChallengeAuthenticator authenticator =
new ChallengeAuthenticator(getContext(), ChallengeScheme.HTTP_BASIC, "Tutorial");
authenticator.setVerifier(verifier);
// Create a Directory able to return a deep hierarchy of files
Directory directory = new Directory(getContext(), ROOT_URI);
directory.setListingAllowed(true);
authenticator.setNext(directory);
return authenticator;
}
@Override
protected void afterHandle(Request request, Response response) {
super.afterHandle(request, response);
Cookie cookie = request.getCookies().getFirst("Credentials");
if (request.getClientInfo().isAuthenticated() && (cookie == null)) {
String identifier = request.getChallengeResponse().getIdentifier();
String secret = new String(request.getChallengeResponse().getSecret());
CookieSetting cookieSetting = new CookieSetting("Credentials", identifier + "=" + secret);
cookieSetting.setAccessRestricted(true);
cookieSetting.setPath("/");
cookieSetting.setComment("Unsecured cookie based authentication");
cookieSetting.setMaxAge(30);
response.getCookieSettings().add(cookieSetting);
}
}
/** Creates a root Restlet that will receive all incoming calls. */
@Override
public synchronized Restlet createInboundRoot() {
Verifier verifier =
new SecretVerifier() {
@Override
public boolean verify(String username, char[] password) throws IllegalArgumentException {
boolean verified =
ActivitiUtil.getIdentityService().checkPassword(username, new String(password));
return verified;
}
};
authenticator =
new ChallengeAuthenticator(null, true, ChallengeScheme.HTTP_BASIC, "Activiti Realm") {
@Override
protected boolean authenticate(Request request, Response response) {
if (request.getChallengeResponse() == null) {
return false;
} else {
return super.authenticate(request, response);
}
}
};
authenticator.setVerifier(verifier);
Router router = new Router(getContext());
router.attachDefault(DefaultResource.class);
router.attach("/process-engine", ProcessEngineResource.class);
router.attach("/login", LoginResource.class);
router.attach("/user", UserCreateResource.class);
router.attach("/user/{userId}", UserResource.class);
router.attach("/user/{userId}/groups", UserGroupsResource.class);
router.attach("/user/{userId}/groups/{groupId}", UserGroupsDeleteResource.class);
router.attach("/user/{userId}/picture", UserPictureResource.class);
router.attach("/users", UserSearchResource.class);
router.attach("/group", GroupCreateResource.class);
router.attach("/group/{groupId}", GroupResource.class);
router.attach("/group/{groupId}/users/{userId}", UserGroupsDeleteResource.class);
router.attach("/group/{groupId}/users", GroupUsersResource.class);
router.attach("/groups", GroupSearchResource.class);
router.attach("/process-definitions", ProcessDefinitionsResource.class);
router.attach("/process-instances", ProcessInstancesResource.class);
router.attach("/process-instance", StartProcessInstanceResource.class);
router.attach("/process-instance/{processInstanceId}", ProcessInstanceResource.class);
router.attach(
"/process-instance/{processInstanceId}/diagram", ProcessInstanceDiagramResource.class);
router.attach("/process-instance/{processInstanceId}/tasks", ProcessInstanceTaskResource.class);
router.attach(
"/process-instance/{processInstanceId}/signal",
ProcessInstanceSignalExecutionResource.class);
router.attach(
"/process-instance/{processInstanceId}/event/{signalName}",
SignalEventSubscriptionResource.class);
router.attach(
"/process-definition/{processDefinitionId}/form", ProcessDefinitionFormResource.class);
router.attach(
"/process-definition/{processDefinitionId}/diagram",
ProcessDefinitionDiagramResource.class);
router.attach(
"/process-definition/{processDefinitionId}/properties",
ProcessDefinitionPropertiesResource.class);
router.attach("/tasks", TasksResource.class);
router.attach("/tasks-summary", TasksSummaryResource.class);
router.attach("/task", TaskAddResource.class);
router.attach("/task/{taskId}", TaskResource.class);
router.attach("/task/{taskId}/form", TaskFormResource.class);
router.attach("/task/{taskId}/attachment", TaskAttachmentAddResource.class);
router.attach("/task/{taskId}/url", TaskUrlAddResource.class);
router.attach("/task/{taskId}/{operation}", TaskOperationResource.class);
router.attach("/attachment/{attachmentId}", TaskAttachmentResource.class);
router.attach("/form/{taskId}/properties", TaskPropertiesResource.class);
router.attach("/deployments", DeploymentsResource.class);
router.attach("/deployment", DeploymentUploadResource.class);
router.attach("/deployments/delete", DeploymentsDeleteResource.class);
router.attach("/deployment/{deploymentId}", DeploymentDeleteResource.class);
router.attach("/deployment/{deploymentId}/resources", DeploymentArtifactsResource.class);
router.attach(
"/deployment/{deploymentId}/resource/{resourceName}", DeploymentArtifactResource.class);
router.attach("/management/jobs", JobsResource.class);
router.attach("/management/job/{jobId}", JobResource.class);
router.attach("/management/job/{jobId}/execute", JobExecuteResource.class);
router.attach("/management/jobs/execute", JobsExecuteResource.class);
router.attach("/management/tables", TablesResource.class);
router.attach("/management/table/{tableName}", TableResource.class);
router.attach("/management/table/{tableName}/data", TableDataResource.class);
authenticator.setNext(router);
return authenticator;
}
@Override
public void challenge(Response response, boolean stale) {
if (OAuth2Utils.ParameterLocation.HTTP_HEADER.equals(parameterLocation)) {
super.challenge(response, stale);
}
}
/**
* Sets the internal verifier. In general you shouldn't replace it but instead set the {@code
* wrappedVerifier} via the {@link #setWrappedVerifier(LocalVerifier)} method.
*/
@Override
public void setVerifier(Verifier verifier) {
if (!(verifier instanceof AwsVerifier)) throw new IllegalArgumentException();
super.setVerifier(verifier);
}