public boolean postAuthentication(HttpServletRequest req, HttpServletResponse resp) {
String authHeader = req.getHeader("Authorization");
if (authHeader == null) {
return false;
}
String headerFields = authHeader.substring("Digest: ".length() - 1);
String nonce = HttpUtil.extractHeaderField(headerFields, "nonce");
String opaque = HttpUtil.extractHeaderField(headerFields, "opaque");
if (nonce == null || opaque == null) {
return false;
}
Principal principal = SecurityContext.getSecurityContext().getPrincipal();
if (principal == null) {
return false;
}
if (this.maintainState) {
StateEntry entry = (StateEntry) this.stateMap.remove(nonce + ":" + opaque);
if (entry == null) {
return false;
}
Date timestamp = new Date();
String nextNonce = this.generateNonce();
entry.setUsername(principal.getQualifiedName());
entry.setNonce(nextNonce);
entry.setTimestamp(timestamp);
entry.setNonceCount(entry.getNonceCount() + 1);
entry.setStale(false);
this.stateMap.put(nextNonce + ":" + opaque, entry);
resp.addHeader("Authentication-Info", "nextnonce=" + nextNonce);
}
return false;
}
