01: package com.ibm.webdav.protocol.http;
02:
03: /*
04: * (C) Copyright IBM Corp. 2000 All rights reserved.
05: *
06: * The program is provided "AS IS" without any warranty express or
07: * implied, including the warranty of non-infringement and the implied
08: * warranties of merchantibility and fitness for a particular purpose.
09: * IBM will not be liable for any damages suffered by you as a result
10: * of using the Program. In no event will IBM be liable for any
11: * special, indirect or consequential damages or lost profits even if
12: * IBM has been advised of the possibility of their occurrence. IBM
13: * will not be liable for any third party claims against you.
14: */
15: import java.net.*;
16:
17: import sun.misc.*;
18: import sun.net.www.protocol.http.*;
19:
20: /**
21: * An interface for all objects that implement HTTP authentication.
22: * See the HTTP spec for details on how this works in general.
23: * A single class or object can implement an arbitrary number of
24: * authentication schemes.
25: *
26: * @author Jim Amsden
27: */
28: public class WebDAVAuthenticator implements HttpAuthenticator {
29:
30: static BASE64Encoder base64encoder = new BASE64Encoder();
31:
32: /**
33: * Returns the String that should be included in the HTTP
34: * <B>Authorization</B> field. Return null if no info was
35: * supplied or could be found.
36: * <P>
37: * Example:
38: * --> GET http://www.authorization-required.com/ HTTP/1.0
39: * <-- HTTP/1.0 403 Unauthorized
40: * <-- WWW-Authenticate: Basic realm="WallyWorld"
41: * call schemeSupported("Basic"); (return true)
42: * call authString(u, "Basic", "WallyWorld", null);
43: * return "QWadhgWERghghWERfdfQ=="
44: * --> GET http://www.authorization-required.com/ HTTP/1.0
45: * --> Authorization: Basic QWadhgWERghghWERfdfQ==
46: * <-- HTTP/1.0 200 OK
47: * @param u the resource URL
48: * @param scheme the authentication scheme, Basic, or Digest
49: * @param realm the security realm to authenticate in
50: * @return a valid authorization header using the scheme in the realm
51: */
52: public String authString(URL u, String scheme, String realm) {
53: String authString = null;
54:
55: // put up a dialog requesting the userid and password for this scheme
56: // and realm
57: /*
58: JTextField userid = new JTextField();
59: JPasswordField password = new JPasswordField();
60: Object[] fields = {"Enter userid and password", userid, password};
61: JOptionPane uidPane = new JOptionPane(fields, JOptionPane.QUESTION_MESSAGE, JOptionPane.OK_CANCEL_OPTION);
62: JDialog dialog = uidPane.createDialog(null, scheme + " " + realm);
63: dialog.show();
64: Integer result = (Integer) uidPane.getValue();
65: if (result.intValue() == 0) {
66: authString = base64encoder.encode((userid.getText() + ":" + password.getPassword()).getBytes());
67: }
68: */
69: // This was a good idea, but it is probably better for authoring
70: // applications if the application handles authentication itself
71: return authString;
72: }
73:
74: /**
75: * Indicate whether the specified authentication scheme is
76: * supported. In accordance with HTTP specifications, the
77: * scheme name should be checked in a case-insensitive fashion.
78: * @param scheme the authentication scheme to check for
79: * @return true if the scheme is supported, false otherwise
80: */
81: public boolean schemeSupported(String scheme) {
82: return scheme.equalsIgnoreCase("basic");
83: }
84: }
|