Skip to content

Commit

Permalink
Issue #4762 Request.authenticate must return true if already authenti…
Browse files Browse the repository at this point in the history
…cated

Signed-off-by: Jan Bartel <janb@webtide.com>
  • Loading branch information
janbartel committed Apr 8, 2020
1 parent a640701 commit 8582273
Show file tree
Hide file tree
Showing 2 changed files with 35 additions and 3 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -1155,6 +1155,16 @@ public void testFormProgrammaticLoginLogout() throws Exception
assertThat(response, startsWith("HTTP/1.1 200 OK"));
assertThat(response, containsString("user=user0"));
_server.stop();

//loginauth
_server.start();
response = _connector.getResponse("GET /ctx/prog?action=loginauth HTTP/1.0\r\n\r\n");
assertThat(response, startsWith("HTTP/1.1 200 OK"));
assertThat(response, containsString("userPrincipal=admin"));
assertThat(response, containsString("remoteUser=admin"));
assertThat(response, containsString("authType=API"));
assertThat(response, containsString("auth=true"));
_server.stop();

//Test constraint-based login with programmatic login/logout:
// constraintlogin - perform constraint login, followed by programmatic login which should fail (already logged in)
Expand Down Expand Up @@ -1692,6 +1702,15 @@ public void handle(String target, Request baseRequest, HttpServletRequest reques
response.getWriter().println("user=" + request.getRemoteUser());
return;
}
else if ("loginauth".equals(action))
{
request.login("admin", "password");
response.getWriter().println("userPrincipal=" + request.getUserPrincipal());
response.getWriter().println("remoteUser=" + request.getRemoteUser());
response.getWriter().println("authType=" + request.getAuthType());
response.getWriter().println("auth=" + request.authenticate(response));
return;
}
else if ("login".equals(action))
{
request.login("admin", "password");
Expand Down
19 changes: 16 additions & 3 deletions jetty-server/src/main/java/org/eclipse/jetty/server/Request.java
Original file line number Diff line number Diff line change
Expand Up @@ -2215,13 +2215,26 @@ public String toString()
@Override
public boolean authenticate(HttpServletResponse response) throws IOException, ServletException
{
//if already authenticated, return true
if (getUserPrincipal() != null && getRemoteUser() != null && getAuthType() != null)
return true;

//do the authentication
if (_authentication instanceof Authentication.Deferred)
{
setAuthentication(((Authentication.Deferred)_authentication).authenticate(this, response));
return !(_authentication instanceof Authentication.ResponseSent);
}
response.sendError(HttpStatus.UNAUTHORIZED_401);
return false;

//if the authentication did not succeed
if (_authentication instanceof Authentication.Deferred)
response.sendError(HttpStatus.UNAUTHORIZED_401);

//if the authentication is incomplete, return false
if (!(_authentication instanceof Authentication.ResponseSent))
return false;

//something has gone wrong
throw new ServletException("Authentication failed");
}

@Override
Expand Down

0 comments on commit 8582273

Please sign in to comment.