コード例 #1
0
ファイル: Hybi07Handshake.java プロジェクト: jsight/undertow
  @Override
  public IoFuture<WebSocketChannel> handshake(final HttpServerExchange exchange) {
    String origin = exchange.getRequestHeaders().getFirst(Headers.SEC_WEB_SOCKET_ORIGIN);
    if (origin != null) {
      exchange.getResponseHeaders().put(Headers.SEC_WEB_SOCKET_ORIGIN, origin);
    }
    String protocol = exchange.getRequestHeaders().getFirst(Headers.SEC_WEB_SOCKET_PROTOCOL);
    if (protocol != null) {
      exchange.getResponseHeaders().put(Headers.SEC_WEB_SOCKET_PROTOCOL, protocol);
    }
    exchange
        .getResponseHeaders()
        .put(Headers.SEC_WEB_SOCKET_LOCATION, getWebSocketLocation(exchange));

    final String key = exchange.getRequestHeaders().getFirst(Headers.SEC_WEB_SOCKET_KEY);
    try {
      final String solution = solve(key);
      exchange.getResponseHeaders().put(Headers.SEC_WEB_SOCKET_ACCEPT, solution);
      return performUpgrade(exchange);
    } catch (NoSuchAlgorithmException e) {
      final ConcreteIoFuture<WebSocketChannel> ioFuture = new ConcreteIoFuture<WebSocketChannel>();
      ioFuture.setException(new IOException(new WebSocketHandshakeException(e)));
      return ioFuture;
    }
  }
コード例 #2
0
 public void run() {
   try {
     Subject server = subjectFactory.getSubjectForHost(getHostName(exchange));
     // The AcceptSecurityContext takes over responsibility for setting the result.
     Subject.doAs(server, new AcceptSecurityContext(result, exchange, challenge));
   } catch (GeneralSecurityException e) {
     e.printStackTrace();
     result.setResult(new AuthenticationResult(null, AuthenticationOutcome.NOT_AUTHENTICATED));
   } catch (PrivilegedActionException e) {
     e.printStackTrace();
     result.setResult(new AuthenticationResult(null, AuthenticationOutcome.NOT_AUTHENTICATED));
   }
 }
コード例 #3
0
  @Override
  public IoFuture<AuthenticationResult> authenticate(HttpServerExchange exchange) {
    ConcreteIoFuture<AuthenticationResult> result = new ConcreteIoFuture<AuthenticationResult>();
    HttpServerConnection connection = exchange.getConnection();
    NegotiationContext negContext = connection.getAttachment(NegotiationContext.ATTACHMENT_KEY);
    if (negContext != null) {
      exchange.putAttachment(NegotiationContext.ATTACHMENT_KEY, negContext);
      if (negContext.isEstablished()) {
        result.setResult(
            new AuthenticationResult(
                negContext.getPrincipal(), AuthenticationOutcome.AUTHENTICATED));
      }
    }

    Deque<String> authHeaders = exchange.getRequestHeaders().get(AUTHORIZATION);
    if (authHeaders != null) {
      for (String current : authHeaders) {
        if (current.startsWith(NEGOTIATE_PREFIX)) {
          String base64Challenge = current.substring(NEGOTIATE_PREFIX.length());
          try {
            ByteBuffer challenge = FlexBase64.decode(base64Challenge);
            dispatch(exchange, new GSSAPIRunnable(result, exchange, challenge));
            // The request has now potentially been dispatched to a different worker thread, the run
            // method
            // within GSSAPIRunnable is now responsible for ensuring the request continues.
            return result;
          } catch (IOException e) {
          }

          // By this point we had a header we should have been able to verify but for some reason
          // it was not correctly structured.
          result.setResult(new AuthenticationResult(null, AuthenticationOutcome.NOT_AUTHENTICATED));
          return result;
        }
      }
    }

    // No suitable header was found so authentication was not even attempted.
    result.setResult(new AuthenticationResult(null, AuthenticationOutcome.NOT_ATTEMPTED));
    return result;
  }
コード例 #4
0
    public Void run() throws GSSException {
      NegotiationContext negContext = exchange.getAttachment(NegotiationContext.ATTACHMENT_KEY);
      if (negContext == null) {
        negContext = new NegotiationContext();
        exchange.putAttachment(NegotiationContext.ATTACHMENT_KEY, negContext);
        // Also cache it on the connection for future calls.
        exchange.getConnection().putAttachment(NegotiationContext.ATTACHMENT_KEY, negContext);
      }

      GSSContext gssContext = negContext.getGssContext();
      if (gssContext == null) {
        GSSManager manager = GSSManager.getInstance();
        gssContext = manager.createContext((GSSCredential) null);

        negContext.setGssContext(gssContext);
      }

      byte[] respToken =
          gssContext.acceptSecContext(
              challenge.array(), challenge.arrayOffset(), challenge.limit());
      negContext.setResponseToken(respToken);

      if (negContext.isEstablished()) {
        result.setResult(
            new AuthenticationResult(
                negContext.getPrincipal(), AuthenticationOutcome.AUTHENTICATED));
      } else {
        // This isn't a failure but as the context is not established another round trip with the
        // client is needed.
        result.setResult(
            new AuthenticationResult(
                negContext.getPrincipal(), AuthenticationOutcome.NOT_AUTHENTICATED));
      }

      return null;
    }