Make the Context available to the auth modules.

Patch by fjodorver

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@1689058 13f79535-47bb-0310-9956-ffa450edef68

java/org/apache/catalina/authenticator/jaspic/provider/TomcatAuthConfig.java

@@ -26,6 +26,7 @@
 import javax.security.auth.message.config.ServerAuthConfig;
 import javax.security.auth.message.config.ServerAuthContext;
 
+import org.apache.catalina.Context;
 import org.apache.catalina.Realm;
 import org.apache.catalina.authenticator.jaspic.provider.modules.BasicAuthModule;
 import org.apache.catalina.authenticator.jaspic.provider.modules.DigestAuthModule;
@@ -41,17 +42,20 @@ public class TomcatAuthConfig implements ServerAuthConfig {
     private String appContext;
     private CallbackHandler handler;
     private TomcatServerAuthContext tomcatServerAuthContext;
-    private Realm realm;
+
+    private Context context;
     private LoginConfig loginConfig;
+    private Realm realm;
 
 
     public TomcatAuthConfig(String layer, String appContext, CallbackHandler callbackHandler,
-            Realm realm, LoginConfig loginConfig) {
+            Context context) {
         this.messageLayer = layer;
         this.appContext = appContext;
         this.handler = callbackHandler;
-        this.realm = realm;
-        this.loginConfig = loginConfig;
+        this.context = context;
+        this.realm = context.getRealm();
+        this.loginConfig = context.getLoginConfig();
     }
 
 
@@ -108,13 +112,13 @@ private TomcatAuthModule getModule() throws AuthException {
         String authMethod = getAuthMethod();
         switch (authMethod) {
         case "BASIC": {
-            return new BasicAuthModule();
+            return new BasicAuthModule(context);
         }
         case "DIGEST": {
-            return new DigestAuthModule(realm);
+            return new DigestAuthModule(context);
         }
         case "FORM": {
-            return new FormAuthModule();
+            return new FormAuthModule(context);
         }
         default: {
             throw new AuthException(

java/org/apache/catalina/authenticator/jaspic/provider/TomcatAuthConfigProvider.java

@@ -26,24 +26,20 @@
 import javax.security.auth.message.config.ServerAuthConfig;
 
 import org.apache.catalina.Context;
-import org.apache.catalina.Realm;
-import org.apache.tomcat.util.descriptor.web.LoginConfig;
 
 /**
- * Tomcat's context based JASPIC authentication provider. It returns authentication
- * modules depending on context login-config setup.
+ * Tomcat's context based JASPIC authentication provider. It returns
+ * authentication modules depending on context login-config setup.
  */
 public class TomcatAuthConfigProvider implements AuthConfigProvider {
 
     private Map<String, String> providerProperties;
     private ServerAuthConfig serverAuthConfig;
-    private Realm realm;
-    private LoginConfig loginConfig;
+    private Context context;
 
 
     public TomcatAuthConfigProvider(Context context) {
-        this.realm = context.getRealm();
-        this.loginConfig = context.getLoginConfig();
+        this.context = context;
     }
 
 
@@ -66,7 +62,7 @@ public ClientAuthConfig getClientAuthConfig(String layer, String appContext,
     public synchronized ServerAuthConfig getServerAuthConfig(String layer, String appContext,
             CallbackHandler handler) throws AuthException {
         if (this.serverAuthConfig == null) {
-            this.serverAuthConfig = new TomcatAuthConfig(layer, appContext, handler, realm, loginConfig);
+            this.serverAuthConfig = new TomcatAuthConfig(layer, appContext, handler, context);
         }
         return this.serverAuthConfig;
     }

java/org/apache/catalina/authenticator/jaspic/provider/modules/BasicAuthModule.java

@@ -35,6 +35,7 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.apache.catalina.Context;
 import org.apache.catalina.realm.GenericPrincipal;
 import org.apache.tomcat.util.buf.ByteChunk;
 import org.apache.tomcat.util.buf.MessageBytes;
@@ -48,6 +49,12 @@ public class BasicAuthModule extends TomcatAuthModule {
     private Class<?>[] supportedMessageTypes = new Class[] { HttpServletRequest.class,
             HttpServletResponse.class };
 
+
+    public BasicAuthModule(Context context) {
+        super(context);
+    }
+
+
     @SuppressWarnings("rawtypes")
     @Override
     public void initializeModule(MessagePolicy requestPolicy, MessagePolicy responsePolicy,
@@ -114,8 +121,8 @@ private AuthStatus sendUnauthorizedError(HttpServletResponse response, String re
 
 
     private GenericPrincipal getPrincipal(PasswordValidationCallback passwordCallback) {
-        Iterator<Object> credentials =
-                passwordCallback.getSubject().getPrivateCredentials().iterator();
+        Iterator<Object> credentials = passwordCallback.getSubject().getPrivateCredentials()
+                .iterator();
         return (GenericPrincipal) credentials.next();
     }
 
@@ -147,7 +154,6 @@ public Class<?>[] getSupportedMessageTypes() {
         return supportedMessageTypes;
     }
 
-
     /**
      * Parser for an HTTP Authorization header for BASIC authentication as per
      * RFC 2617 section 2, and the Base64 encoded credentials as per RFC 2045
@@ -167,14 +173,15 @@ protected static class BasicCredentials {
         private String username = null;
         private String password = null;
 
+
         /**
          * Parse the HTTP Authorization header for BASIC authentication as per
          * RFC 2617 section 2, and the Base64 encoded credentials as per RFC
          * 2045 section 6.8.
          *
          * @param input The header value to parse in-place
-         * @throws IllegalArgumentException If the header does not conform to RFC
-         *             2617
+         * @throws IllegalArgumentException If the header does not conform to
+         *             RFC 2617
          */
         public BasicCredentials(ByteChunk input) throws IllegalArgumentException {
             authorization = input;
@@ -184,6 +191,7 @@ public BasicCredentials(ByteChunk input) throws IllegalArgumentException {
             parseCredentials(decoded);
         }
 
+
         /**
          * Trivial accessor.
          *
@@ -194,6 +202,7 @@ public String getUsername() {
             return username;
         }
 
+
         /**
          * Trivial accessor.
          *
@@ -204,6 +213,7 @@ public String getPassword() {
             return password;
         }
 
+
         /*
          * The authorization method string is case-insensitive and must have at
          * least one space character as a delimiter.
@@ -219,6 +229,7 @@ private void parseMethod() throws IllegalArgumentException {
             }
         }
 
+
         /*
          * Decode the base64-user-pass token, which RFC 2617 states can be
          * longer than the 76 characters per line limit defined in RFC 2045. The
@@ -236,6 +247,7 @@ private byte[] parseBase64() throws IllegalArgumentException {
             return decoded;
         }
 
+
         /*
          * Extract the mandatory username token and separate it from the
          * optional password token. Tolerate surplus surrounding white space.

java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java

@@ -37,6 +37,7 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.apache.catalina.Context;
 import org.apache.catalina.Realm;
 import org.apache.catalina.util.StandardSessionIdGenerator;
 import org.apache.juli.logging.Log;
@@ -109,8 +110,9 @@ public class DigestAuthModule extends TomcatAuthModule {
 
     // ------------------------------------------------------------- Properties
 
-    public DigestAuthModule(Realm realm) {
-        this.realm = realm;
+    public DigestAuthModule(Context context) {
+        super(context);
+        this.realm = context.getRealm();
     }
 
 

java/org/apache/catalina/authenticator/jaspic/provider/modules/FormAuthModule.java

@@ -27,6 +27,7 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.apache.catalina.Context;
 import org.apache.juli.logging.Log;
 import org.apache.juli.logging.LogFactory;
 
@@ -42,12 +43,8 @@ public class FormAuthModule extends TomcatAuthModule {
     private String landingPage;
 
 
-    public FormAuthModule() {
-    }
-
-
-    public FormAuthModule(String landingPage) {
-        this.landingPage = landingPage;
+    public FormAuthModule(Context context) {
+        super(context);
     }
 
 

java/org/apache/catalina/authenticator/jaspic/provider/modules/TomcatAuthModule.java

@@ -25,6 +25,7 @@
 import javax.security.auth.message.MessagePolicy;
 import javax.security.auth.message.module.ServerAuthModule;
 
+import org.apache.catalina.Context;
 import org.apache.catalina.authenticator.jaspic.MessageInfoImpl;
 import org.apache.tomcat.util.res.StringManager;
 
@@ -48,20 +49,27 @@ public abstract class TomcatAuthModule implements ServerAuthModule {
 
     protected CallbackHandler handler;
 
+    protected Context context;
+
+
+    public TomcatAuthModule(Context context) {
+        this.context = context;
+    }
+
 
     protected boolean isMandatory(MessageInfo messageInfo) {
         String mandatory = (String) messageInfo.getMap().get(MessageInfoImpl.IS_MANDATORY);
         return Boolean.parseBoolean(mandatory);
     }
 
 
-     @SuppressWarnings("rawtypes")
-     @Override
-     public final void initialize(MessagePolicy requestPolicy, MessagePolicy responsePolicy,
-             CallbackHandler handler, Map options) throws AuthException {
-         this.handler = handler;
-         this.realmName = (String) options.get(REALM_NAME);
-         initializeModule(requestPolicy, responsePolicy, handler, options);
+    @SuppressWarnings("rawtypes")
+    @Override
+    public final void initialize(MessagePolicy requestPolicy, MessagePolicy responsePolicy,
+            CallbackHandler handler, Map options) throws AuthException {
+        this.handler = handler;
+        this.realmName = (String) options.get(REALM_NAME);
+        initializeModule(requestPolicy, responsePolicy, handler, options);
     }