01: /*
02: * Copyright 2007 The Kuali Foundation
03: *
04: * Licensed under the Educational Community License, Version 1.0 (the "License");
05: * you may not use this file except in compliance with the License.
06: * You may obtain a copy of the License at
07: *
08: * http://www.opensource.org/licenses/ecl1.php
09: *
10: * Unless required by applicable law or agreed to in writing, software
11: * distributed under the License is distributed on an "AS IS" BASIS,
12: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13: * See the License for the specific language governing permissions and
14: * limitations under the License.
15: */
16: package org.kuali.bus.security.httpinvoker;
17:
18: import java.io.ByteArrayOutputStream;
19: import java.io.IOException;
20:
21: import org.apache.commons.codec.binary.Base64;
22: import org.apache.commons.httpclient.HttpClient;
23: import org.apache.commons.httpclient.methods.PostMethod;
24: import org.kuali.bus.security.credentials.UsernamePasswordCredentials;
25: import org.kuali.rice.security.credentials.CredentialsSource;
26: import org.springframework.remoting.httpinvoker.HttpInvokerClientConfiguration;
27: import org.springframework.util.Assert;
28:
29: import edu.iu.uis.eden.messaging.KEWHttpInvokerRequestExecutor;
30: import edu.iu.uis.eden.messaging.ServiceInfo;
31:
32: /**
33: * Extension to {@link KEWHttpInvokerRequestExecutor} that retrieves
34: * credentials from the CredentialsSource and places them in a BASIC HTTP
35: * Authorization header.
36: *
37: * @author Kuali Rice Team (kuali-rice@googlegroups.com)
38: * @version $Revision: 1.2.16.1.6.1 $ $Date: 2007/10/17 20:32:06 $
39: * @since 0.9
40: */
41: public final class AuthenticationCommonsHttpInvokerRequestExecutor
42: extends KEWHttpInvokerRequestExecutor {
43:
44: /**
45: * Source of the credentials to pass via BASIC AUTH.
46: */
47: private final CredentialsSource credentialsSource;
48:
49: /**
50: * Details about the service that the CredentialsSource may need.
51: */
52: private final ServiceInfo serviceInfo;
53:
54: /**
55: * Constructor that accepts the CredentialsSource and Service Info.
56: *
57: * @param credentialsSource the source of credentials.
58: * @param serviceInfo information about the service.
59: */
60: public AuthenticationCommonsHttpInvokerRequestExecutor(
61: final HttpClient httpClient,
62: final CredentialsSource credentialsSource,
63: final ServiceInfo serviceInfo) {
64: super (httpClient);
65: Assert.notNull(credentialsSource,
66: "credentialsSource cannot be null.");
67: Assert.notNull(serviceInfo, "serviceInfo cannot be null.");
68: this .credentialsSource = credentialsSource;
69: this .serviceInfo = serviceInfo;
70: }
71:
72: /**
73: * Overridden to obtain the Credentials from the CredentialsSource and pass
74: * them via HTTP BASIC Authorization.
75: */
76:
77: protected void setRequestBody(
78: final HttpInvokerClientConfiguration config,
79: final PostMethod postMethod,
80: final ByteArrayOutputStream baos) throws IOException {
81: final UsernamePasswordCredentials credentials = (UsernamePasswordCredentials) this .credentialsSource
82: .getCredentials(this .serviceInfo.getEndpointUrl());
83:
84: final String base64 = credentials.getUsername() + ":"
85: + credentials.getPassword();
86: postMethod.addRequestHeader("Authorization", "Basic "
87: + new String(Base64.encodeBase64(base64.getBytes())));
88:
89: if (logger.isDebugEnabled()) {
90: logger
91: .debug("HttpInvocation now presenting via BASIC authentication CredentialsSource-derived: "
92: + credentials.getUsername());
93: }
94:
95: super.setRequestBody(config, postMethod, baos);
96: }
97: }
|