1 package org.codehaus.redback.integration.filter.authentication.digest;
4 * Licensed to the Apache Software Foundation (ASF) under one
5 * or more contributor license agreements. See the NOTICE file
6 * distributed with this work for additional information
7 * regarding copyright ownership. The ASF licenses this file
8 * to you under the Apache License, Version 2.0 (the
9 * "License"); you may not use this file except in compliance
10 * with the License. You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17 * KIND, either express or implied. See the License for the
18 * specific language governing permissions and limitations
22 import org.apache.archiva.redback.authentication.AuthenticationException;
23 import org.codehaus.redback.integration.filter.authentication.AbstractHttpAuthenticationFilter;
24 import org.codehaus.redback.integration.filter.authentication.HttpAuthenticator;
25 import org.codehaus.redback.integration.filter.authentication.basic.HttpBasicAuthentication;
27 import javax.servlet.FilterChain;
28 import javax.servlet.FilterConfig;
29 import javax.servlet.ServletException;
30 import javax.servlet.ServletRequest;
31 import javax.servlet.ServletResponse;
32 import javax.servlet.http.HttpServletRequest;
33 import javax.servlet.http.HttpServletResponse;
34 import java.io.IOException;
37 * HttpDigestAuthenticationFilter.
39 * Uses RFC 2617 and RFC 2069 to perform Digest authentication against the incoming client.
42 * <li><a href="http://www.faqs.org/rfcs/rfc2617.html">RFC 2617</a> - HTTP Authentication: Basic and Digest Access Authentication</li>
43 * <li><a href="http://www.faqs.org/rfcs/rfc2069.html">RFC 2069</a> - An Extension to HTTP : Digest Access Authentication</li>
46 * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
49 public class HttpDigestAuthenticationFilter
50 extends AbstractHttpAuthenticationFilter
52 private HttpDigestAuthentication httpAuthentication;
55 public void init( FilterConfig filterConfig )
56 throws ServletException
58 super.init( filterConfig );
61 getApplicationContext().getBean( "httpAuthenticator#digest", HttpDigestAuthentication.class );
65 public void doFilter( ServletRequest request, ServletResponse response, FilterChain chain )
66 throws IOException, ServletException
68 if ( !( request instanceof HttpServletRequest ) )
70 throw new ServletException( "Can only process HttpServletRequest" );
73 if ( !( response instanceof HttpServletResponse ) )
75 throw new ServletException( "Can only process HttpServletResponse" );
78 HttpServletRequest httpRequest = (HttpServletRequest) request;
79 HttpServletResponse httpResponse = (HttpServletResponse) response;
83 httpAuthentication.setRealm( getRealmName() );
84 httpAuthentication.authenticate( httpRequest, httpResponse );
86 catch ( AuthenticationException e )
88 HttpAuthenticator httpauthn = new HttpBasicAuthentication();
89 httpauthn.challenge( httpRequest, httpResponse, getRealmName(), e );
93 chain.doFilter( request, response );