changeset 188:e132b7a3d94c

add AuthenticationHandler git-svn-id: https://luan-java.googlecode.com/svn/trunk@189 21e917c8-12df-6dd8-5cb6-c86387c605b9
author fschmidt@gmail.com <fschmidt@gmail.com@21e917c8-12df-6dd8-5cb6-c86387c605b9>
date Thu, 26 Jun 2014 06:49:01 +0000
parents 1cb298d918b2
children fb3993431f76
files web/src/luan/modules/web/AuthenticationHandler.java web/src/luan/modules/web/Web_server.luan
diffstat 2 files changed, 60 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/web/src/luan/modules/web/AuthenticationHandler.java	Thu Jun 26 06:49:01 2014 +0000
@@ -0,0 +1,53 @@
+package luan.modules.web;
+
+import java.io.IOException;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.eclipse.jetty.server.Request;
+import org.eclipse.jetty.server.handler.AbstractHandler;
+import org.eclipse.jetty.util.B64Code;
+
+
+public class AuthenticationHandler extends AbstractHandler {
+	private final String path;
+	private String password = "password";
+
+	public AuthenticationHandler(String path) {
+		this.path = path;
+	}
+
+	public void setPassword(String password) {
+		this.password = password;
+	}
+
+	public void handle(String target,Request baseRequest,HttpServletRequest request,HttpServletResponse response) 
+		throws IOException
+	{
+		if( !target.startsWith(path) )
+			return;
+		String pwd = getPassword(request);
+		if( password.equals(pwd) )
+			return;
+		response.setHeader("WWW-Authenticate","Basic realm=\""+path+"\"");
+		response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
+		baseRequest.setHandled(true);
+	}
+
+	private static String getPassword(HttpServletRequest request) {
+		String auth = request.getHeader("Authorization");
+		if( auth==null )
+			return null;
+		String[] a = auth.split(" +");
+		if( a.length != 2 )
+			throw new RuntimeException("auth = "+auth);
+		if( !a[0].equals("Basic") )
+			throw new RuntimeException("auth = "+auth);
+		auth = new String(B64Code.decode(a[1]));
+		a = auth.split(":");
+		if( a.length != 2 )
+			throw new RuntimeException("auth = "+auth);
+		return a[1];
+	}
+}
--- a/web/src/luan/modules/web/Web_server.luan	Thu Jun 26 03:27:25 2014 +0000
+++ b/web/src/luan/modules/web/Web_server.luan	Thu Jun 26 06:49:01 2014 +0000
@@ -13,21 +13,24 @@
 import "org.eclipse.jetty.server.handler.GzipHandler"
 import "org.eclipse.jetty.server.handler.HandlerWrapper"
 import "org.eclipse.jetty.server.session.SessionHandler"
+import "luan.modules.web.AuthenticationHandler"
 
 
 port = 8080
 
+private_password = "password"
+
 welcome_file = "index.html"
 
 
-session_handler = SessionHandler.new()
+authentication_handler = AuthenticationHandler.new("/private/")
 
 luan_handler = Http.new_luan_handler()
 
 resource_handler = ResourceHandler.new()
 
 handlers = HandlerList.new()
-handlers.setHandlers { session_handler, luan_handler, resource_handler }
+handlers.setHandlers { authentication_handler, luan_handler, resource_handler }
 
 function add_folder(context,dir)
 	local rh = ResourceHandler.new()
@@ -53,12 +56,13 @@
 log_handler.setRequestLog(log)
 
 local hc = HandlerCollection.new()
-hc.setHandlers { handler_wrapper, DefaultHandler.new(), log_handler }
+hc.setHandlers { SessionHandler.new(), handler_wrapper, DefaultHandler.new(), log_handler }
  
 
 function serve(dir)
 	dir = dir.gsub("/$","")  -- remove trailing '/' if any
 	Package.path = dir.."?.luan;java:luan/modules/?.luan"
+	authentication_handler.setPassword(private_password)
 	resource_handler.setResourceBase(dir)
 	resource_handler.setWelcomeFiles {welcome_file}
 	luan_handler.setWelcomeFile(welcome_file)