Menu
▾
▴
[Neuclear-develop] neuclear-id/src/java/org/neuclear/auth AuthenticationFilter.java,1.1,1.2 AuthenticationServlet.java,1.5,1.6 AuthenticationTicket.java,1.4,1.5
|
From: <pe...@us...> - 2003-11-21 04:45:45
|
Update of /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/auth
In directory sc8-pr-cvs1:/tmp/cvs-serv10855/src/java/org/neuclear/auth
Modified Files:
AuthenticationFilter.java AuthenticationServlet.java
AuthenticationTicket.java
Log Message:
EncryptedFileStore now works. It uses the PBECipher with DES3 afair.
Otherwise You will Finaliate.
Anything that can be final has been made final throughout everyting. We've used IDEA's Inspector tool to find all instance of variables that could be final.
This should hopefully make everything more stable (and secure).
Index: AuthenticationFilter.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/auth/AuthenticationFilter.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** AuthenticationFilter.java 15 Nov 2003 01:58:16 -0000 1.1
--- AuthenticationFilter.java 21 Nov 2003 04:45:10 -0000 1.2
***************
*** 35,38 ****
--- 35,44 ----
$Id$
$Log$
+ Revision 1.2 2003/11/21 04:45:10 pelle
+ EncryptedFileStore now works. It uses the PBECipher with DES3 afair.
+ Otherwise You will Finaliate.
+ Anything that can be final has been made final throughout everyting. We've used IDEA's Inspector tool to find all instance of variables that could be final.
+ This should hopefully make everything more stable (and secure).
+
Revision 1.1 2003/11/15 01:58:16 pelle
More work all around on web applications.
***************
*** 45,50 ****
* Time: 3:56:48 PM
*/
! public class AuthenticationFilter implements Filter {
! public void init(FilterConfig filterConfig) throws ServletException {
serviceid = filterConfig.getInitParameter("serviceid");
ctx = filterConfig.getServletContext();
--- 51,56 ----
* Time: 3:56:48 PM
*/
! public final class AuthenticationFilter implements Filter {
! public final void init(final FilterConfig filterConfig) throws ServletException {
serviceid = filterConfig.getInitParameter("serviceid");
ctx = filterConfig.getServletContext();
***************
*** 53,58 ****
}
! public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
! HttpSession sess = ((HttpServletRequest) request).getSession(true);
ctx.log("AUTH: Filtering request: " + ((HttpServletRequest) request).getServletPath());
--- 59,64 ----
}
! public final void doFilter(ServletRequest request, final ServletResponse response, final FilterChain chain) throws IOException, ServletException {
! final HttpSession sess = ((HttpServletRequest) request).getSession(true);
ctx.log("AUTH: Filtering request: " + ((HttpServletRequest) request).getServletPath());
***************
*** 95,99 ****
}
! public void destroy() {
}
--- 101,105 ----
}
! public final void destroy() {
}
Index: AuthenticationServlet.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/auth/AuthenticationServlet.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -d -r1.5 -r1.6
*** AuthenticationServlet.java 18 Nov 2003 23:35:45 -0000 1.5
--- AuthenticationServlet.java 21 Nov 2003 04:45:10 -0000 1.6
***************
*** 43,46 ****
--- 43,52 ----
$Id$
$Log$
+ Revision 1.6 2003/11/21 04:45:10 pelle
+ EncryptedFileStore now works. It uses the PBECipher with DES3 afair.
+ Otherwise You will Finaliate.
+ Anything that can be final has been made final throughout everyting. We've used IDEA's Inspector tool to find all instance of variables that could be final.
+ This should hopefully make everything more stable (and secure).
+
Revision 1.5 2003/11/18 23:35:45 pelle
Payment Web Application is getting there.
***************
*** 70,75 ****
* Time: 2:04:31 PM
*/
! public class AuthenticationServlet extends HttpServlet {
! public void init(ServletConfig servletConfig) throws ServletException {
super.init(servletConfig);
serviceid = servletConfig.getInitParameter("serviceid");
--- 76,81 ----
* Time: 2:04:31 PM
*/
! public final class AuthenticationServlet extends HttpServlet {
! public final void init(final ServletConfig servletConfig) throws ServletException {
super.init(servletConfig);
serviceid = servletConfig.getInitParameter("serviceid");
***************
*** 86,100 ****
}
! protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
}
! protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setHeader("Pragma", "no-cache");
response.setDateHeader("Expires", 0);
response.setContentType("text/html");
! String siteurl = ServletTools.getAbsoluteURL(request, "/");
! String userns = request.getParameter("identity");
if (Utility.isEmpty(userns)) {
response.sendError(500, "No Identity");
--- 92,106 ----
}
! protected final void doGet(final HttpServletRequest request, final HttpServletResponse response) throws ServletException, IOException {
}
! protected final void doPost(final HttpServletRequest request, final HttpServletResponse response) throws ServletException, IOException {
response.setHeader("Pragma", "no-cache");
response.setDateHeader("Expires", 0);
response.setContentType("text/html");
! final String siteurl = ServletTools.getAbsoluteURL(request, "/");
! final String userns = request.getParameter("identity");
if (Utility.isEmpty(userns)) {
response.sendError(500, "No Identity");
***************
*** 102,110 ****
return;
}
! Cookie usercookie = new Cookie("identity", userns);
//usercookie.setSecure(true);
usercookie.setMaxAge(2592000);
response.addCookie(usercookie);
! PrintWriter out = response.getWriter();
out.write("\n ");
out.write("<html>\n");
--- 108,116 ----
return;
}
! final Cookie usercookie = new Cookie("identity", userns);
//usercookie.setSecure(true);
usercookie.setMaxAge(2592000);
response.addCookie(usercookie);
! final PrintWriter out = response.getWriter();
out.write("\n ");
out.write("<html>\n");
***************
*** 120,125 ****
try {
! AuthenticationTicketBuilder authreq = new AuthenticationTicketBuilder(userns, serviceid, request.getRequestURI());
! SignatureRequestBuilder sigreq = new SignatureRequestBuilder(serviceid, userns, authreq, "Login to Site");
sigreq.sign(serviceid, signer);
request.getSession(true).setAttribute("auth", userns);
--- 126,131 ----
try {
! final AuthenticationTicketBuilder authreq = new AuthenticationTicketBuilder(userns, serviceid, request.getRequestURI());
! final SignatureRequestBuilder sigreq = new SignatureRequestBuilder(serviceid, userns, authreq, "Login to Site");
sigreq.sign(serviceid, signer);
request.getSession(true).setAttribute("auth", userns);
Index: AuthenticationTicket.java
===================================================================
RCS file: /cvsroot/neuclear/neuclear-id/src/java/org/neuclear/auth/AuthenticationTicket.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -d -r1.4 -r1.5
*** AuthenticationTicket.java 20 Nov 2003 16:01:25 -0000 1.4
--- AuthenticationTicket.java 21 Nov 2003 04:45:10 -0000 1.5
***************
*** 42,46 ****
* @throws NeuClearException
*/
! private AuthenticationTicket(SignedNamedCore core, String requester, Timestamp validto, String siteurl) throws NeuClearException {
super(core);
this.validTo = validto;
--- 42,46 ----
* @throws NeuClearException
*/
! private AuthenticationTicket(final SignedNamedCore core, final String requester, final Timestamp validto, final String siteurl) throws NeuClearException {
super(core);
this.validTo = validto;
***************
*** 77,84 ****
* @return
*/
! public final SignedNamedObject read(SignedNamedCore core, Element elem) throws NeuClearException, XMLSecurityException {
! String requester = elem.attributeValue(DocumentHelper.createQName("requester", NS_NSAUTH));
! String sitehref = elem.attributeValue(DocumentHelper.createQName("sitehref", NS_NSAUTH));
! Timestamp validto = TimeTools.parseTimeStamp(elem.attributeValue(DocumentHelper.createQName("validto", NS_NSAUTH)));
return new AuthenticationTicket(core, requester, validto, sitehref);
--- 77,84 ----
* @return
*/
! public final SignedNamedObject read(final SignedNamedCore core, final Element elem) throws NeuClearException, XMLSecurityException {
! final String requester = elem.attributeValue(DocumentHelper.createQName("requester", NS_NSAUTH));
! final String sitehref = elem.attributeValue(DocumentHelper.createQName("sitehref", NS_NSAUTH));
! final Timestamp validto = TimeTools.parseTimeStamp(elem.attributeValue(DocumentHelper.createQName("validto", NS_NSAUTH)));
return new AuthenticationTicket(core, requester, validto, sitehref);
|
