net.shibboleth.idp.authn.impl

Class ExtractUsernamePasswordFromBasicAuth

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

org.opensaml.profile.action.AbstractProfileAction<InboundMessageType,OutboundMessageType>

org.opensaml.profile.action.AbstractConditionalProfileAction<InboundMessageType,OutboundMessageType>

net.shibboleth.idp.profile.AbstractProfileAction<InboundMessageType,OutboundMessageType>

net.shibboleth.idp.authn.AbstractAuthenticationAction<InboundMessageType,OutboundMessageType>

net.shibboleth.idp.authn.AbstractExtractionAction

net.shibboleth.idp.authn.impl.ExtractUsernamePasswordFromBasicAuth

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent, ProfileAction, org.springframework.beans.factory.Aware, org.springframework.context.MessageSource, org.springframework.context.MessageSourceAware, org.springframework.webflow.execution.Action

public class ExtractUsernamePasswordFromBasicAuth
extends AbstractExtractionAction

/** An action that extracts a username and password from the HTTP HttpHeaders.AUTHORIZATION header, creates a UsernamePasswordContext, and attaches it to the AuthenticationContext.

Event:

EventIds.PROCEED_EVENT_ID, AuthnEventIds.NO_CREDENTIALS, AuthnEventIds.INVALID_CREDENTIALS

Precondition:

ProfileRequestContext.getSubcontext(AuthenticationContext.class, false) != null

Postcondition:

If getHttpServletRequest() != null, the content of the HttpHeaders.AUTHORIZATION header is parsed and any correctly-encoded information will be attached via a UsernamePasswordContext.

Field Summary

Fields

Modifier and Type	Field and Description
private org.slf4j.Logger	log Class logger.

Constructor Summary

Constructors

Constructor and Description
ExtractUsernamePasswordFromBasicAuth()

Method Summary

Methods

Modifier and Type	Method and Description
protected Pair<String,String>	decodeCredentials(String encodedCredentials) Decodes the credential string provided in the HTTP header, splits it in to a username and password, and returns them.
protected void	doExecute(ProfileRequestContext profileRequestContext, AuthenticationContext authenticationContext)
protected String	extractCredentials(javax.servlet.http.HttpServletRequest httpRequest) Gets the encoded credentials passed in via the HttpHeaders.AUTHORIZATION header.

Methods inherited from class net.shibboleth.idp.authn.AbstractExtractionAction

applyTransforms, setLowercase, setTransforms, setTrim, setUppercase

Methods inherited from class net.shibboleth.idp.authn.AbstractAuthenticationAction

doExecute, doPreExecute, doPreExecute, setLookupStrategy

Methods inherited from class net.shibboleth.idp.profile.AbstractProfileAction

doExecute, execute, getMessage, getMessage, getMessage, getProfileContextLookupStrategy, getRequestContext, getResult, setMessageSource, setProfileContextLookupStrategy

Methods inherited from class org.opensaml.profile.action.AbstractConditionalProfileAction

getActivationCondition, setActivationCondition

Methods inherited from class org.opensaml.profile.action.AbstractProfileAction

doPostExecute, doPostExecute, execute, getHttpServletRequest, getHttpServletResponse, getLogPrefix, setHttpServletRequest, setHttpServletResponse

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, doDestroy, doInitialize, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

initialize, isInitialized

Field Detail

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

Constructor Detail

ExtractUsernamePasswordFromBasicAuth

public ExtractUsernamePasswordFromBasicAuth()

Method Detail

doExecute

protected void doExecute(@Nonnull
             ProfileRequestContext profileRequestContext,
             @Nonnull
             AuthenticationContext authenticationContext)

Overrides:

doExecute in class AbstractAuthenticationAction

extractCredentials

@Nullable
protected String extractCredentials(@Nonnull
                                 javax.servlet.http.HttpServletRequest httpRequest)

Gets the encoded credentials passed in via the HttpHeaders.AUTHORIZATION header. This method checks to ensure that the authentication scheme is HttpServletRequest.BASIC_AUTH and then strips off and returns the follow on Base64-encoded credentials.

Parameters:

httpRequest - current HTTP request

Returns:

the Base64 encoded credentials, or null

decodeCredentials

@Nullable
protected Pair<String,String> decodeCredentials(@Nonnull@NotEmpty
                                             String encodedCredentials)

Decodes the credential string provided in the HTTP header, splits it in to a username and password, and returns them.

Parameters:

encodedCredentials - the Base64 encoded credentials

Returns:

a pair containing the username and password, respectively, or null