Left: | ||
Right: |
OLD | NEW |
---|---|
1 // Copyright 2011 Google Inc. All Rights Reserved. | 1 // Copyright 2011 Google Inc. All Rights Reserved. |
2 // | 2 // |
3 // Licensed under the Apache License, Version 2.0 (the "License"); | 3 // Licensed under the Apache License, Version 2.0 (the "License"); |
4 // you may not use this file except in compliance with the License. | 4 // you may not use this file except in compliance with the License. |
5 // You may obtain a copy of the License at | 5 // You may obtain a copy of the License at |
6 // | 6 // |
7 // http://www.apache.org/licenses/LICENSE-2.0 | 7 // http://www.apache.org/licenses/LICENSE-2.0 |
8 // | 8 // |
9 // Unless required by applicable law or agreed to in writing, software | 9 // Unless required by applicable law or agreed to in writing, software |
10 // distributed under the License is distributed on an "AS IS" BASIS, | 10 // distributed under the License is distributed on an "AS IS" BASIS, |
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
12 // See the License for the specific language governing permissions and | 12 // See the License for the specific language governing permissions and |
13 // limitations under the License. | 13 // limitations under the License. |
14 | 14 |
15 package com.google.enterprise.adaptor; | 15 package com.google.enterprise.adaptor; |
16 | 16 |
17 import com.google.enterprise.apis.client.GsaClient; | 17 import com.google.enterprise.apis.client.GsaClient; |
18 import com.google.gdata.util.AuthenticationException; | 18 import com.google.gdata.util.AuthenticationException; |
19 | 19 |
20 import com.sun.net.httpserver.HttpExchange; | 20 import com.sun.net.httpserver.HttpExchange; |
21 import com.sun.net.httpserver.HttpHandler; | 21 import com.sun.net.httpserver.HttpHandler; |
22 | 22 |
23 import java.io.IOException; | 23 import java.io.IOException; |
24 import java.io.InputStream; | 24 import java.io.InputStream; |
25 import java.net.ConnectException; | 25 import java.net.ConnectException; |
26 import java.net.HttpURLConnection; | 26 import java.net.HttpURLConnection; |
27 import java.net.MalformedURLException; | |
28 import java.net.URL; | |
27 import java.net.URLDecoder; | 29 import java.net.URLDecoder; |
28 import java.net.UnknownHostException; | 30 import java.net.UnknownHostException; |
29 import java.nio.charset.Charset; | 31 import java.nio.charset.Charset; |
30 import java.util.logging.Level; | 32 import java.util.logging.Level; |
31 import java.util.logging.Logger; | 33 import java.util.logging.Logger; |
32 | 34 |
33 /** | 35 /** |
34 * Require GSA-Administrator authentication before allowing requests. | 36 * Require GSA-Administrator authentication before allowing requests. |
35 */ | 37 */ |
36 class AdministratorSecurityHandler implements HttpHandler { | 38 class AdministratorSecurityHandler implements HttpHandler { |
(...skipping 103 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
140 } | 142 } |
141 if (username == null || password == null) { | 143 if (username == null || password == null) { |
142 log.fine("Username or password is null. Not authenticated"); | 144 log.fine("Username or password is null. Not authenticated"); |
143 // Must not have been from our login page. | 145 // Must not have been from our login page. |
144 return AuthzStatus.INDETERMINATE; | 146 return AuthzStatus.INDETERMINATE; |
145 } | 147 } |
146 | 148 |
147 // Check to see if provided username and password are valid. | 149 // Check to see if provided username and password are valid. |
148 AuthzStatus result = authnClient.authn(username, password); | 150 AuthzStatus result = authnClient.authn(username, password); |
149 if (result == AuthzStatus.INDETERMINATE) { | 151 if (result == AuthzStatus.INDETERMINATE) { |
150 log.fine("Failed communicating with the GSA"); | 152 log.fine("Failed communicating with the GSA: " + |
153 authnClient.authority()); | |
151 return result; | 154 return result; |
152 } else if (result != AuthzStatus.PERMIT) { | 155 } else if (result != AuthzStatus.PERMIT) { |
153 log.fine("GSA login was not successful"); | 156 log.fine("GSA login was not successful"); |
154 return result; | 157 return result; |
155 } | 158 } |
156 | 159 |
157 // We have a winner. Store in the session that they are a valid user. | 160 // We have a winner. Store in the session that they are a valid user. |
158 log.fine("GSA login successful"); | 161 log.fine("GSA login successful"); |
159 Session session = sessionManager.getSession(ex); | 162 Session session = sessionManager.getSession(ex); |
160 session.setAttribute(SESSION_ATTR_NAME, true); | 163 session.setAttribute(SESSION_ATTR_NAME, true); |
(...skipping 11 matching lines...) Expand all Loading... | |
172 Session session = sessionManager.getSession(ex, false); | 175 Session session = sessionManager.getSession(ex, false); |
173 if (session != null && session.getAttribute(SESSION_ATTR_NAME) != null) { | 176 if (session != null && session.getAttribute(SESSION_ATTR_NAME) != null) { |
174 handler.handle(ex); | 177 handler.handle(ex); |
175 return; | 178 return; |
176 } | 179 } |
177 meteredHandle(ex); | 180 meteredHandle(ex); |
178 } | 181 } |
179 | 182 |
180 interface AuthnClient { | 183 interface AuthnClient { |
181 public AuthzStatus authn(String username, String password); | 184 public AuthzStatus authn(String username, String password); |
185 public String authority(); | |
182 } | 186 } |
183 | 187 |
184 static class GsaAuthnClient implements AuthnClient { | 188 static class GsaAuthnClient implements AuthnClient { |
185 private String gsaHostname; | 189 private String gsaHostname; |
186 private boolean useHttps; | 190 private boolean useHttps; |
187 | 191 |
188 public GsaAuthnClient(String gsaHostname, boolean useHttps) { | 192 public GsaAuthnClient(String gsaHostname, boolean useHttps) { |
189 this.gsaHostname = gsaHostname; | 193 this.gsaHostname = gsaHostname; |
190 this.useHttps = useHttps; | 194 this.useHttps = useHttps; |
191 } | 195 } |
192 | 196 |
193 @Override | 197 @Override |
194 public AuthzStatus authn(String username, String password) { | 198 public AuthzStatus authn(String username, String password) { |
195 String protocol = useHttps ? "https" : "http"; | 199 String protocol = useHttps ? "https" : "http"; |
196 int port = useHttps ? 8443 : 8000; | 200 int port = useHttps ? 8443 : 8000; |
197 try { | 201 try { |
198 new GsaClient(protocol, gsaHostname, port, username, password); | 202 new GsaClient(protocol, gsaHostname, port, username, password); |
199 } catch (AuthenticationException e) { | 203 } catch (AuthenticationException e) { |
200 log.log(Level.FINE, "AuthenticationException", e); | 204 log.log(Level.FINE, "AuthenticationException", e); |
201 if (e.getCause() instanceof ConnectException) { | 205 if (e.getCause() instanceof ConnectException) { |
pjo
2014/06/27 01:28:22
does this execption instance have interesting info
Brett
2014/06/27 22:18:39
The GSA is down or refusing connections. Are you
| |
202 return AuthzStatus.INDETERMINATE; | 206 return AuthzStatus.INDETERMINATE; |
203 } else if (e.getCause() instanceof UnknownHostException) { | 207 } else if (e.getCause() instanceof UnknownHostException) { |
pjo
2014/06/27 01:28:22
does this execption instance have interesting info
Brett
2014/06/27 22:18:39
The adapter cannot resolve the hostname. So the f
| |
204 return AuthzStatus.INDETERMINATE; | 208 return AuthzStatus.INDETERMINATE; |
205 } | 209 } |
206 return AuthzStatus.DENY; | 210 return AuthzStatus.DENY; |
207 } | 211 } |
208 return AuthzStatus.PERMIT; | 212 return AuthzStatus.PERMIT; |
209 } | 213 } |
214 | |
215 public String authority() { | |
216 try { | |
217 String protocol = useHttps ? "https" : "http"; | |
218 int port = useHttps ? 8443 : 8000; | |
219 return new URL(protocol, gsaHostname, port, "").toString(); | |
220 } catch (MalformedURLException e) { | |
221 return e.toString(); | |
222 } | |
223 } | |
210 } | 224 } |
211 } | 225 } |
OLD | NEW |