Mercurial > hg > AnnotationManager

diff src/de/mpiwg/itgroup/annotationManager/restlet/RestServer.java @ 2:6888ae3287b8

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
changed to namespace handling for users
author dwinter
date Thu, 24 Nov 2011 11:39:12 +0100
parents f2f41d0dedf5
children e5f0906c107c
line wrap: on
line diff
--- a/src/de/mpiwg/itgroup/annotationManager/restlet/RestServer.java	Wed Nov 23 15:26:33 2011 +0100
+++ b/src/de/mpiwg/itgroup/annotationManager/restlet/RestServer.java	Thu Nov 24 11:39:12 2011 +0100
@@ -32,6 +32,7 @@
 
 import org.restlet.data.ChallengeScheme;
 import org.restlet.data.ClientInfo;
+import org.restlet.engine.component.ChildContext;
 import org.restlet.ext.jaas.JaasVerifier;
 import org.restlet.routing.Router;
 import org.restlet.routing.Template;
@@ -62,10 +63,6 @@
         ChallengeScheme challengeScheme = ChallengeScheme.HTTP_BASIC;
         String realm = "Annotation Service";
 
-        // MapVerifier isn't very secure; see docs for alternatives
-        //MapVerifier verifier = new MapVerifier();
-        //verifier.getLocalSecrets().put("user", "password".toCharArray());
-
         JaasVerifier verifier = new JaasVerifier("BasicJaasAuthenticationApplication");
         
         
@@ -90,11 +87,21 @@
         return auth;
     }
 
+	/**
+	 * Konfiguration fŸr den Authentificator in Jaas. Pfad zum JAAS-Konfigurationsfile liegt im Context-Parameter 
+	 * "de.mpiwg.itgroup.annotationManager.jaas.configFilePath".
+	 * @return
+	 */
 	protected Configuration createConfiguration() {
 		Configuration jaasConfig;
 		URI confUri;
+	
+		Context context = getContext();
+		String configFilePath = context.getParameters().getFirstValue("de.mpiwg.itgroup.annotationManager.jaas.configFilePath");
+		
+		
 		try {
-			confUri = new URI("file:///etc/jaasAuth.conf"); //TODO shoould be configurable
+			confUri = new URI(configFilePath);
 		} catch (URISyntaxException e) {
 			e.printStackTrace();
 			confUri = null;
@@ -131,7 +138,13 @@
 		
 	}
 	
-	 public boolean authenticate(Request request, Response response) {
+	 /**
+	  * Authentifiziere den Benutzer aus dem Request (BasicAuthenfication)
+	 * @param request
+	 * @param response
+	 * @return
+	 */
+	public boolean authenticate(Request request, Response response) {
 	        if (!request.getClientInfo().isAuthenticated()) {
 	            authenticator.challenge(response, false);
 	            return false;
@@ -142,9 +155,19 @@
 	        	authenticator.challenge(response, false);
 	            return false;
 	        }
+	        
+	        
 	        return true;
 	    }
 
+	/**
+	 * Authentifiziere den Benutzer 
+	 * 
+	 * @param username
+	 * @param password
+	 * @param request
+	 * @return
+	 */
 	public boolean authenticate(String username, String password,Request request) {
 		LoginContext lc;
 		
@@ -169,6 +192,11 @@
 		return true;
 	}
 
+	/**
+	 * Hole den vollen Benutzernamen aus dem LDAP
+	 * @param creator
+	 * @return
+	 */
 	public String getUserNameFromLdap(String creator) {
 		String retString=creator; // falls nichts gefunden wird einfach den creator zurueckgeben
 		Hashtable<String,String> env = new Hashtable<String,String>();