diff --git a/CHANGELOG.md b/CHANGELOG.md index e58b4d6581..212bd5599c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,9 +1,10 @@ -1.9.0 (in-progress -================== +1.9.0 (in-progress) +=================== * Java 8 only * Dropped Tomcat 6 and Spring 3 modules * [#479](https://github.com/Waffle/waffle/pull/479): Upgrade to Java 8 - using caffeine #304[@ben-manes](https://github.com/ben-manes). * [#482](https://github.com/Waffle/waffle/pull/482): Remove Spring Security 3 #478[@hazendaz](https://github.com/hazendaz). +* [#483](https://github.com/Waffle/waffle/pull/483): Remove Tomcat 6 #323[@hazendaz](https://github.com/hazendaz). 1.8.2 (12/31/2016) ================ diff --git a/README.md b/README.md index 1f32df25b0..37e3e03922 100644 --- a/README.md +++ b/README.md @@ -86,7 +86,7 @@ Contributing License and Copyright --------------------- -Copyright (c) [Application Security Inc.](https://www.trustwave.com/Company/AppSecInc-is-now-Trustwave/), 2010-2016 and Contributors. +Copyright (c) [Application Security Inc.](https://www.trustwave.com/Company/AppSecInc-is-now-Trustwave/), 2010-2017 and Contributors. This project is licensed under the [Eclipse Public License](https://github.com/Waffle/waffle/blob/master/LICENSE). diff --git a/Source/JNA/pom.xml b/Source/JNA/pom.xml index 696265d299..b40455a5dd 100644 --- a/Source/JNA/pom.xml +++ b/Source/JNA/pom.xml @@ -83,7 +83,6 @@ waffle-shiro waffle-spring-security4 waffle-tests - waffle-tomcat6 waffle-tomcat7 waffle-tomcat8 waffle-tomcat85 diff --git a/Source/JNA/waffle-demo/pom.xml b/Source/JNA/waffle-demo/pom.xml index 8b145fee11..86e87cef3a 100644 --- a/Source/JNA/waffle-demo/pom.xml +++ b/Source/JNA/waffle-demo/pom.xml @@ -50,21 +50,11 @@ - - com.github.waffle - waffle-tomcat6 - ${project.version} - com.github.waffle waffle-tomcat7 ${project.version} - - com.github.waffle - waffle-tomcat8 - ${project.version} - @@ -78,21 +68,11 @@ - - org.apache.tomcat.maven - tomcat6-maven-plugin - 2.2 - org.apache.tomcat.maven tomcat7-maven-plugin 2.2 - - org.apache.tomcat.maven - tomcat8-maven-plugin - 2.2 - diff --git a/Source/JNA/waffle-demo/waffle-filter/README.md b/Source/JNA/waffle-demo/waffle-filter/README.md index f82349abb4..40b8c148b0 100644 --- a/Source/JNA/waffle-demo/waffle-filter/README.md +++ b/Source/JNA/waffle-demo/waffle-filter/README.md @@ -1,9 +1,9 @@ Waffle Filter Setup Instructions Using Tomcat Plugins ===================================================== -Plugins currently only available for tomcat 6 and 7. +Plugins currently only available for tomcat 7. -To deploy to a local running tomcat 6 or 7 instance, make the following changes +To deploy to a local running tomcat 7 instance, make the following changes - Add a server block to .m2/settings.xml @@ -24,14 +24,12 @@ To deploy to a local running tomcat 6 or 7 instance, make the following changes ``` -- Start your tomcat server. You can launch a locally installed tomcat with remote debugging enabled on port 8000 using one of these +- Start your tomcat server. You can launch a locally installed tomcat with remote debugging enabled on port 8000 using this - apache-tomcat-6.0.45$ bin/catalina.sh jpda start - apache-tomcat-7.0.70$ bin/catalina.sh jpda start + apache-tomcat-7.0.75$ bin/catalina.sh jpda start -- Build and Deploy the demo application to the local tomcat 6 instance using one of these +- Build and Deploy the demo application to the local tomcat instance using this - mvn clean package tomcat6:redeploy mvn clean package tomcat7:redeploy - The app will be available at: diff --git a/Source/JNA/waffle-demo/waffle-filter/pom.xml b/Source/JNA/waffle-demo/waffle-filter/pom.xml index 4a467c955f..59b595edae 100644 --- a/Source/JNA/waffle-demo/waffle-filter/pom.xml +++ b/Source/JNA/waffle-demo/waffle-filter/pom.xml @@ -43,7 +43,7 @@ com.github.waffle - waffle-tomcat6 + waffle-tomcat7 compile @@ -57,14 +57,6 @@ ${project.name} - - org.apache.tomcat.maven - tomcat6-maven-plugin - - mylocalserver - - - org.apache.tomcat.maven tomcat7-maven-plugin diff --git a/Source/JNA/waffle-distro/pom.xml b/Source/JNA/waffle-distro/pom.xml index 2c80d6c7f4..d5c9447f10 100644 --- a/Source/JNA/waffle-distro/pom.xml +++ b/Source/JNA/waffle-distro/pom.xml @@ -75,12 +75,6 @@ ${project.version} runtime - - com.github.waffle - waffle-tomcat6 - ${project.version} - runtime - com.github.waffle waffle-tomcat7 diff --git a/Source/JNA/waffle-tomcat6/format.xml b/Source/JNA/waffle-tomcat6/format.xml deleted file mode 100644 index 483e8854a6..0000000000 --- a/Source/JNA/waffle-tomcat6/format.xml +++ /dev/null @@ -1,18 +0,0 @@ - - - - - - diff --git a/Source/JNA/waffle-tomcat6/pom.xml b/Source/JNA/waffle-tomcat6/pom.xml deleted file mode 100644 index adbaed2d41..0000000000 --- a/Source/JNA/waffle-tomcat6/pom.xml +++ /dev/null @@ -1,81 +0,0 @@ - - - - 4.0.0 - - - com.github.waffle - waffle-parent - 1.9.0-SNAPSHOT - - - waffle-tomcat6 - 1.9.0-SNAPSHOT - jar - - waffle-tomcat6 - Tomcat 6 integration for WAFFLE - https://waffle.github.com/waffle/ - - - scm:git:ssh://git@github.com/waffle/waffle.git - scm:git:ssh://git@github.com/waffle/waffle.git - https://github.com/Waffle/waffle - HEAD - - - - 6.0.48 - - - - - ${project.groupId} - waffle-jna - ${project.version} - compile - - - ${project.groupId} - waffle-tests - ${project.version} - test - - - org.apache.tomcat - catalina - ${tomcat.version} - provided - - - org.apache.tomcat - coyote - ${tomcat.version} - provided - - - org.apache.tomcat - juli - ${tomcat.version} - provided - - - org.apache.tomcat - servlet-api - ${tomcat.version} - provided - - - diff --git a/Source/JNA/waffle-tomcat6/src/main/java/waffle/apache/GenericWindowsPrincipal.java b/Source/JNA/waffle-tomcat6/src/main/java/waffle/apache/GenericWindowsPrincipal.java deleted file mode 100644 index 1eb006456b..0000000000 --- a/Source/JNA/waffle-tomcat6/src/main/java/waffle/apache/GenericWindowsPrincipal.java +++ /dev/null @@ -1,196 +0,0 @@ -/** - * Waffle (https://github.com/Waffle/waffle) - * - * Copyright (c) 2010-2016 Application Security, Inc. - * - * All rights reserved. This program and the accompanying materials are made available under the terms of the Eclipse - * Public License v1.0 which accompanies this distribution, and is available at - * https://www.eclipse.org/legal/epl-v10.html. - * - * Contributors: Application Security, Inc. - */ -package waffle.apache; - -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import org.apache.catalina.Realm; -import org.apache.catalina.realm.GenericPrincipal; - -import com.google.common.base.Joiner; - -import waffle.windows.auth.IWindowsAccount; -import waffle.windows.auth.IWindowsIdentity; -import waffle.windows.auth.PrincipalFormat; -import waffle.windows.auth.WindowsAccount; - -/** - * A Windows Principal. - * - * @author dblock[at]dblock[dot]org - */ -public class GenericWindowsPrincipal extends GenericPrincipal { - - /** The sid. */ - private final byte[] sid; - - /** The sid string. */ - private final String sidString; - - /** The groups. */ - private final Map groups; - - /** - * A windows principal. - * - * @param newWindowsIdentity - * Windows identity. - * @param newRealm - * Authentication realm. - * @param newPrincipalFormat - * Principal format. - * @param newRoleFormat - * Role format. - */ - public GenericWindowsPrincipal(final IWindowsIdentity newWindowsIdentity, final Realm newRealm, - final PrincipalFormat newPrincipalFormat, final PrincipalFormat newRoleFormat) { - super(newRealm, newWindowsIdentity.getFqn(), "", - GenericWindowsPrincipal.getRoles(newWindowsIdentity, newPrincipalFormat, newRoleFormat)); - this.sid = newWindowsIdentity.getSid(); - this.sidString = newWindowsIdentity.getSidString(); - this.groups = GenericWindowsPrincipal.getGroups(newWindowsIdentity.getGroups()); - } - - /** - * Gets the roles. - * - * @param windowsIdentity - * the windows identity - * @param principalFormat - * the principal format - * @param roleFormat - * the role format - * @return the roles - */ - private static List getRoles(final IWindowsIdentity windowsIdentity, final PrincipalFormat principalFormat, - final PrincipalFormat roleFormat) { - final List roles = new ArrayList<>(); - roles.addAll(GenericWindowsPrincipal.getPrincipalNames(windowsIdentity, principalFormat)); - for (final IWindowsAccount group : windowsIdentity.getGroups()) { - roles.addAll(GenericWindowsPrincipal.getRoleNames(group, roleFormat)); - } - return roles; - } - - /** - * Gets the groups. - * - * @param groups - * the groups - * @return the groups - */ - private static Map getGroups(final IWindowsAccount[] groups) { - final Map groupMap = new HashMap<>(); - for (final IWindowsAccount group : groups) { - groupMap.put(group.getFqn(), new WindowsAccount(group)); - } - return groupMap; - } - - /** - * Byte representation of the SID. - * - * @return Array of bytes. - */ - public byte[] getSid() { - return this.sid.clone(); - } - - /** - * String representation of the SID. - * - * @return String. - */ - public String getSidString() { - return this.sidString; - } - - /** - * Windows groups that the user is a member of. - * - * @return A map of group names to groups. - */ - public Map getGroups() { - return this.groups; - } - - /** - * Returns a list of role principal objects. - * - * @param group - * Windows group. - * @param principalFormat - * Principal format. - * @return List of role principal objects. - */ - private static List getRoleNames(final IWindowsAccount group, final PrincipalFormat principalFormat) { - final List principals = new ArrayList<>(); - switch (principalFormat) { - case FQN: - principals.add(group.getFqn()); - break; - case SID: - principals.add(group.getSidString()); - break; - case BOTH: - principals.add(group.getFqn()); - principals.add(group.getSidString()); - break; - case NONE: - default: - break; - } - return principals; - } - - /** - * Returns a list of user principal objects. - * - * @param windowsIdentity - * Windows identity. - * @param principalFormat - * Principal format. - * @return A list of user principal objects. - */ - private static List getPrincipalNames(final IWindowsIdentity windowsIdentity, - final PrincipalFormat principalFormat) { - final List principals = new ArrayList<>(); - switch (principalFormat) { - case FQN: - principals.add(windowsIdentity.getFqn()); - break; - case SID: - principals.add(windowsIdentity.getSidString()); - break; - case BOTH: - principals.add(windowsIdentity.getFqn()); - principals.add(windowsIdentity.getSidString()); - break; - case NONE: - default: - break; - } - return principals; - } - - /** - * Get an array of roles as a string. - * - * @return Role1, Role2, ... - */ - public String getRolesString() { - return Joiner.on(", ").join(this.getRoles()); - } -} diff --git a/Source/JNA/waffle-tomcat6/src/main/java/waffle/apache/MixedAuthenticator.java b/Source/JNA/waffle-tomcat6/src/main/java/waffle/apache/MixedAuthenticator.java deleted file mode 100644 index f01820c987..0000000000 --- a/Source/JNA/waffle-tomcat6/src/main/java/waffle/apache/MixedAuthenticator.java +++ /dev/null @@ -1,294 +0,0 @@ -/** - * Waffle (https://github.com/Waffle/waffle) - * - * Copyright (c) 2010-2016 Application Security, Inc. - * - * All rights reserved. This program and the accompanying materials are made available under the terms of the Eclipse - * Public License v1.0 which accompanies this distribution, and is available at - * https://www.eclipse.org/legal/epl-v10.html. - * - * Contributors: Application Security, Inc. - */ -package waffle.apache; - -import java.io.IOException; -import java.security.Principal; - -import javax.servlet.RequestDispatcher; -import javax.servlet.ServletContext; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import org.apache.catalina.connector.Request; -import org.apache.catalina.connector.Response; -import org.apache.catalina.deploy.LoginConfig; -import org.slf4j.LoggerFactory; - -import com.google.common.io.BaseEncoding; -import com.sun.jna.platform.win32.Win32Exception; - -import waffle.util.AuthorizationHeader; -import waffle.util.NtlmServletRequest; -import waffle.windows.auth.IWindowsIdentity; -import waffle.windows.auth.IWindowsSecurityContext; - -/** - * Mixed Negotiate + Form Authenticator. - * - * @author dblock[at]dblock[dot]org - */ -public class MixedAuthenticator extends WaffleAuthenticatorBase { - - /** - * Instantiates a new mixed authenticator. - */ - public MixedAuthenticator() { - super(); - this.log = LoggerFactory.getLogger(MixedAuthenticator.class); - this.info = "waffle.apache.MixedAuthenticator/1.0"; - this.log.debug("[waffle.apache.MixedAuthenticator] loaded"); - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.authenticator.AuthenticatorBase#start() - */ - @Override - public void start() { - this.log.info("[waffle.apache.MixedAuthenticator] started"); - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.authenticator.AuthenticatorBase#stop() - */ - @Override - public void stop() { - this.log.info("[waffle.apache.MixedAuthenticator] stopped"); - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.authenticator.AuthenticatorBase#authenticate(org.apache.catalina.connector.Request, - * org.apache.catalina.connector.Response, org.apache.catalina.deploy.LoginConfig) - */ - @Override - public boolean authenticate(final Request request, final Response response, final LoginConfig loginConfig) { - - // realm: fail if no realm is configured - if (this.context == null || this.context.getRealm() == null) { - this.log.warn("missing context/realm"); - this.sendError(response, HttpServletResponse.SC_SERVICE_UNAVAILABLE); - return false; - } - - this.log.debug("{} {}, contentlength: {}", request.getMethod(), request.getRequestURI(), - Integer.valueOf(request.getContentLength())); - - final boolean negotiateCheck = request.getParameter("j_negotiate_check") != null; - this.log.debug("negotiateCheck: {}", Boolean.valueOf(negotiateCheck)); - final boolean securityCheck = request.getParameter("j_security_check") != null; - this.log.debug("securityCheck: {}", Boolean.valueOf(securityCheck)); - - final Principal principal = request.getUserPrincipal(); - - final AuthorizationHeader authorizationHeader = new AuthorizationHeader(request); - final boolean ntlmPost = authorizationHeader.isNtlmType1PostAuthorizationHeader(); - this.log.debug("authorization: {}, ntlm post: {}", authorizationHeader, Boolean.valueOf(ntlmPost)); - - if (principal != null && !ntlmPost) { - this.log.debug("previously authenticated user: {}", principal.getName()); - return true; - } else if (negotiateCheck) { - if (!authorizationHeader.isNull()) { - return this.negotiate(request, response, authorizationHeader); - } - this.log.debug("authorization required"); - this.sendUnauthorized(response); - return false; - } else if (securityCheck) { - final boolean postResult = this.post(request, response); - if (postResult) { - this.redirectTo(request, response, request.getServletPath()); - } else { - this.redirectTo(request, response, loginConfig.getErrorPage()); - } - return postResult; - } else { - this.redirectTo(request, response, loginConfig.getLoginPage()); - return false; - } - } - - /** - * Negotiate. - * - * @param request - * the request - * @param response - * the response - * @param authorizationHeader - * the authorization header - * @return true, if successful - */ - private boolean negotiate(final Request request, final Response response, - final AuthorizationHeader authorizationHeader) { - - final String securityPackage = authorizationHeader.getSecurityPackage(); - // maintain a connection-based session for NTLM tokens - final String connectionId = NtlmServletRequest.getConnectionId(request); - - this.log.debug("security package: {}, connection id: {}", securityPackage, connectionId); - - final boolean ntlmPost = authorizationHeader.isNtlmType1PostAuthorizationHeader(); - - if (ntlmPost) { - // type 1 NTLM authentication message received - this.auth.resetSecurityToken(connectionId); - } - - final byte[] tokenBuffer = authorizationHeader.getTokenBytes(); - this.log.debug("token buffer: {} byte(s)", Integer.valueOf(tokenBuffer.length)); - - // log the user in using the token - IWindowsSecurityContext securityContext; - try { - securityContext = this.auth.acceptSecurityToken(connectionId, tokenBuffer, securityPackage); - } catch (final Win32Exception e) { - this.log.warn("error logging in user: {}", e.getMessage()); - this.log.trace("", e); - this.sendUnauthorized(response); - return false; - } - this.log.debug("continue required: {}", Boolean.valueOf(securityContext.isContinue())); - - final byte[] continueTokenBytes = securityContext.getToken(); - if (continueTokenBytes != null && continueTokenBytes.length > 0) { - final String continueToken = BaseEncoding.base64().encode(continueTokenBytes); - this.log.debug("continue token: {}", continueToken); - response.addHeader("WWW-Authenticate", securityPackage + " " + continueToken); - } - - try { - if (securityContext.isContinue() || ntlmPost) { - response.setHeader("Connection", "keep-alive"); - response.sendError(HttpServletResponse.SC_UNAUTHORIZED); - response.flushBuffer(); - return false; - } - } catch (final IOException e) { - this.log.warn("error logging in user: {}", e.getMessage()); - this.log.trace("", e); - this.sendUnauthorized(response); - return false; - } - - // create and register the user principal with the session - final IWindowsIdentity windowsIdentity = securityContext.getIdentity(); - - // disable guest login - if (!this.allowGuestLogin && windowsIdentity.isGuest()) { - this.log.warn("guest login disabled: {}", windowsIdentity.getFqn()); - this.sendUnauthorized(response); - return false; - } - - try { - - this.log.debug("logged in user: {} ({})", windowsIdentity.getFqn(), windowsIdentity.getSidString()); - - final GenericWindowsPrincipal windowsPrincipal = new GenericWindowsPrincipal(windowsIdentity, - this.context.getRealm(), this.principalFormat, this.roleFormat); - - this.log.debug("roles: {}", windowsPrincipal.getRolesString()); - - // create a session associated with this request if there's none - final HttpSession session = request.getSession(true); - this.log.debug("session id: {}", session == null ? "null" : session.getId()); - - this.register(request, response, windowsPrincipal, securityPackage, windowsPrincipal.getName(), null); - this.log.info("successfully logged in user: {}", windowsPrincipal.getName()); - - } finally { - windowsIdentity.dispose(); - } - - return true; - } - - /** - * Post. - * - * @param request - * the request - * @param response - * the response - * @return true, if successful - */ - private boolean post(final Request request, final Response response) { - - final String username = request.getParameter("j_username"); - final String password = request.getParameter("j_password"); - - this.log.debug("logging in: {}", username); - - IWindowsIdentity windowsIdentity; - try { - windowsIdentity = this.auth.logonUser(username, password); - } catch (final Exception e) { - this.log.error(e.getMessage()); - this.log.trace("", e); - return false; - } - - // disable guest login - if (!this.allowGuestLogin && windowsIdentity.isGuest()) { - this.log.warn("guest login disabled: {}", windowsIdentity.getFqn()); - return false; - } - - try { - this.log.debug("successfully logged in {} ({})", username, windowsIdentity.getSidString()); - - final GenericWindowsPrincipal windowsPrincipal = new GenericWindowsPrincipal(windowsIdentity, - this.context.getRealm(), this.principalFormat, this.roleFormat); - - this.log.debug("roles: {}", windowsPrincipal.getRolesString()); - - // create a session associated with this request if there's none - final HttpSession session = request.getSession(true); - this.log.debug("session id: {}", session == null ? "null" : session.getId()); - - this.register(request, response, windowsPrincipal, "FORM", windowsPrincipal.getName(), null); - this.log.info("successfully logged in user: {}", windowsPrincipal.getName()); - } finally { - windowsIdentity.dispose(); - } - - return true; - } - - /** - * Redirect to. - * - * @param request - * the request - * @param response - * the response - * @param url - * the url - */ - private void redirectTo(final Request request, final Response response, final String url) { - try { - this.log.debug("redirecting to: {}", url); - final ServletContext servletContext = this.context.getServletContext(); - final RequestDispatcher disp = servletContext.getRequestDispatcher(url); - disp.forward(request.getRequest(), response); - } catch (final IOException | ServletException e) { - this.log.error(e.getMessage()); - this.log.trace("", e); - throw new RuntimeException(e); - } - } -} diff --git a/Source/JNA/waffle-tomcat6/src/main/java/waffle/apache/NegotiateAuthenticator.java b/Source/JNA/waffle-tomcat6/src/main/java/waffle/apache/NegotiateAuthenticator.java deleted file mode 100644 index 1004315637..0000000000 --- a/Source/JNA/waffle-tomcat6/src/main/java/waffle/apache/NegotiateAuthenticator.java +++ /dev/null @@ -1,187 +0,0 @@ -/** - * Waffle (https://github.com/Waffle/waffle) - * - * Copyright (c) 2010-2016 Application Security, Inc. - * - * All rights reserved. This program and the accompanying materials are made available under the terms of the Eclipse - * Public License v1.0 which accompanies this distribution, and is available at - * https://www.eclipse.org/legal/epl-v10.html. - * - * Contributors: Application Security, Inc. - */ -package waffle.apache; - -import java.io.IOException; -import java.security.Principal; - -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import org.apache.catalina.connector.Request; -import org.apache.catalina.connector.Response; -import org.apache.catalina.deploy.LoginConfig; -import org.slf4j.LoggerFactory; - -import com.google.common.io.BaseEncoding; -import com.sun.jna.platform.win32.Win32Exception; - -import waffle.util.AuthorizationHeader; -import waffle.util.NtlmServletRequest; -import waffle.windows.auth.IWindowsIdentity; -import waffle.windows.auth.IWindowsSecurityContext; - -/** - * An Apache Negotiate (NTLM, Kerberos) Authenticator. - * - * @author dblock[at]dblock[dot]org - */ -public class NegotiateAuthenticator extends WaffleAuthenticatorBase { - - /** - * Instantiates a new negotiate authenticator. - */ - public NegotiateAuthenticator() { - super(); - this.log = LoggerFactory.getLogger(NegotiateAuthenticator.class); - this.info = "waffle.apache.NegotiateAuthenticator/1.0"; - this.log.debug("[waffle.apache.NegotiateAuthenticator] loaded"); - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.authenticator.AuthenticatorBase#start() - */ - @Override - public void start() { - this.log.info("[waffle.apache.NegotiateAuthenticator] started"); - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.authenticator.AuthenticatorBase#stop() - */ - @Override - public void stop() { - this.log.info("[waffle.apache.NegotiateAuthenticator] stopped"); - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.authenticator.AuthenticatorBase#authenticate(org.apache.catalina.connector.Request, - * org.apache.catalina.connector.Response, org.apache.catalina.deploy.LoginConfig) - */ - @Override - public boolean authenticate(final Request request, final Response response, final LoginConfig loginConfig) { - - Principal principal = request.getUserPrincipal(); - final AuthorizationHeader authorizationHeader = new AuthorizationHeader(request); - final boolean ntlmPost = authorizationHeader.isNtlmType1PostAuthorizationHeader(); - - this.log.debug("{} {}, contentlength: {}", request.getMethod(), request.getRequestURI(), - Integer.valueOf(request.getContentLength())); - this.log.debug("authorization: {}, ntlm post: {}", authorizationHeader, Boolean.valueOf(ntlmPost)); - - if (principal != null && !ntlmPost) { - // user already authenticated - this.log.debug("previously authenticated user: {}", principal.getName()); - return true; - } - - // authenticate user - if (!authorizationHeader.isNull()) { - - final String securityPackage = authorizationHeader.getSecurityPackage(); - // maintain a connection-based session for NTLM tokens - final String connectionId = NtlmServletRequest.getConnectionId(request); - - this.log.debug("security package: {}, connection id: {}", securityPackage, connectionId); - - if (ntlmPost) { - // type 1 NTLM authentication message received - this.auth.resetSecurityToken(connectionId); - } - - final byte[] tokenBuffer = authorizationHeader.getTokenBytes(); - this.log.debug("token buffer: {} byte(s)", Integer.valueOf(tokenBuffer.length)); - - // log the user in using the token - IWindowsSecurityContext securityContext; - try { - securityContext = this.auth.acceptSecurityToken(connectionId, tokenBuffer, securityPackage); - } catch (final Win32Exception e) { - this.log.warn("error logging in user: {}", e.getMessage()); - this.log.trace("", e); - this.sendUnauthorized(response); - return false; - } - this.log.debug("continue required: {}", Boolean.valueOf(securityContext.isContinue())); - - final byte[] continueTokenBytes = securityContext.getToken(); - if (continueTokenBytes != null && continueTokenBytes.length > 0) { - final String continueToken = BaseEncoding.base64().encode(continueTokenBytes); - this.log.debug("continue token: {}", continueToken); - response.addHeader("WWW-Authenticate", securityPackage + " " + continueToken); - } - - try { - if (securityContext.isContinue() || ntlmPost) { - response.setHeader("Connection", "keep-alive"); - response.sendError(HttpServletResponse.SC_UNAUTHORIZED); - response.flushBuffer(); - return false; - } - } catch (final IOException e) { - this.log.warn("error logging in user: {}", e.getMessage()); - this.log.trace("", e); - this.sendUnauthorized(response); - return false; - } - - // realm: fail if no realm is configured - if (this.context == null || this.context.getRealm() == null) { - this.log.warn("missing context/realm"); - this.sendError(response, HttpServletResponse.SC_SERVICE_UNAVAILABLE); - return false; - } - - // create and register the user principal with the session - final IWindowsIdentity windowsIdentity = securityContext.getIdentity(); - - // disable guest login - if (!this.allowGuestLogin && windowsIdentity.isGuest()) { - this.log.warn("guest login disabled: {}", windowsIdentity.getFqn()); - this.sendUnauthorized(response); - return false; - } - - try { - this.log.debug("logged in user: {} ({})", windowsIdentity.getFqn(), windowsIdentity.getSidString()); - - final GenericWindowsPrincipal windowsPrincipal = new GenericWindowsPrincipal(windowsIdentity, - this.context.getRealm(), this.principalFormat, this.roleFormat); - - this.log.debug("roles: {}", windowsPrincipal.getRolesString()); - - principal = windowsPrincipal; - - // create a session associated with this request if there's none - final HttpSession session = request.getSession(true); - this.log.debug("session id: {}", session == null ? "null" : session.getId()); - - // register the authenticated principal - this.register(request, response, principal, securityPackage, principal.getName(), null); - this.log.info("successfully logged in user: {}", principal.getName()); - - } finally { - windowsIdentity.dispose(); - securityContext.dispose(); - } - - return true; - } - - this.log.debug("authorization required"); - this.sendUnauthorized(response); - return false; - } -} diff --git a/Source/JNA/waffle-tomcat6/src/main/java/waffle/apache/WaffleAuthenticatorBase.java b/Source/JNA/waffle-tomcat6/src/main/java/waffle/apache/WaffleAuthenticatorBase.java deleted file mode 100644 index f5fea5a890..0000000000 --- a/Source/JNA/waffle-tomcat6/src/main/java/waffle/apache/WaffleAuthenticatorBase.java +++ /dev/null @@ -1,209 +0,0 @@ -/** - * Waffle (https://github.com/Waffle/waffle) - * - * Copyright (c) 2010-2016 Application Security, Inc. - * - * All rights reserved. This program and the accompanying materials are made available under the terms of the Eclipse - * Public License v1.0 which accompanies this distribution, and is available at - * https://www.eclipse.org/legal/epl-v10.html. - * - * Contributors: Application Security, Inc. - */ -package waffle.apache; - -import java.io.IOException; -import java.util.Arrays; -import java.util.LinkedHashSet; -import java.util.Locale; -import java.util.Set; - -import javax.servlet.http.HttpServletResponse; - -import org.apache.catalina.authenticator.AuthenticatorBase; -import org.apache.catalina.connector.Response; -import org.slf4j.Logger; - -import waffle.windows.auth.IWindowsAuthProvider; -import waffle.windows.auth.PrincipalFormat; -import waffle.windows.auth.impl.WindowsAuthProviderImpl; - -/** - * The Class WaffleAuthenticatorBase. - * - * @author dblock[at]dblock[dot]org - */ -abstract class WaffleAuthenticatorBase extends AuthenticatorBase { - - /** The Constant SUPPORTED_PROTOCOLS. */ - private static final Set SUPPORTED_PROTOCOLS = new LinkedHashSet<>(Arrays.asList("Negotiate", "NTLM")); - - /** The info. */ - @SuppressWarnings("hiding") - protected String info; - - /** The log. */ - protected Logger log; - - /** The principal format. */ - protected PrincipalFormat principalFormat = PrincipalFormat.FQN; - - /** The role format. */ - protected PrincipalFormat roleFormat = PrincipalFormat.FQN; - - /** The allow guest login. */ - protected boolean allowGuestLogin = true; - - /** The protocols. */ - protected Set protocols = WaffleAuthenticatorBase.SUPPORTED_PROTOCOLS; - - /** The auth. */ - protected IWindowsAuthProvider auth = new WindowsAuthProviderImpl(); - - /** - * Windows authentication provider. - * - * @return IWindowsAuthProvider. - */ - public IWindowsAuthProvider getAuth() { - return this.auth; - } - - /** - * Set Windows auth provider. - * - * @param provider - * Class implements IWindowsAuthProvider. - */ - public void setAuth(final IWindowsAuthProvider provider) { - this.auth = provider; - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.authenticator.AuthenticatorBase#getInfo() - */ - @Override - public String getInfo() { - return this.info; - } - - /** - * Set the principal format. - * - * @param format - * Principal format. - */ - public void setPrincipalFormat(final String format) { - this.principalFormat = PrincipalFormat.valueOf(format.toUpperCase(Locale.ENGLISH)); - this.log.debug("principal format: {}", this.principalFormat); - } - - /** - * Principal format. - * - * @return Principal format. - */ - public PrincipalFormat getPrincipalFormat() { - return this.principalFormat; - } - - /** - * Set the principal format. - * - * @param format - * Role format. - */ - public void setRoleFormat(final String format) { - this.roleFormat = PrincipalFormat.valueOf(format.toUpperCase(Locale.ENGLISH)); - this.log.debug("role format: {}", this.roleFormat); - } - - /** - * Principal format. - * - * @return Role format. - */ - public PrincipalFormat getRoleFormat() { - return this.roleFormat; - } - - /** - * True if Guest login permitted. - * - * @return True if Guest login permitted, false otherwise. - */ - public boolean isAllowGuestLogin() { - return this.allowGuestLogin; - } - - /** - * Set whether Guest login is permitted. Default is true, if the Guest account is enabled, an invalid - * username/password results in a Guest login. - * - * @param value - * True or false. - */ - public void setAllowGuestLogin(final boolean value) { - this.allowGuestLogin = value; - } - - /** - * Set the authentication protocols. Default is "Negotiate, NTLM". - * - * @param value - * Authentication protocols - */ - public void setProtocols(final String value) { - this.protocols = new LinkedHashSet<>(); - final String[] protocolNames = value.split(","); - for (String protocolName : protocolNames) { - protocolName = protocolName.trim(); - if (!protocolName.isEmpty()) { - this.log.debug("init protocol: {}", protocolName); - if (WaffleAuthenticatorBase.SUPPORTED_PROTOCOLS.contains(protocolName)) { - this.protocols.add(protocolName); - } else { - this.log.error("unsupported protocol: {}", protocolName); - throw new RuntimeException("Unsupported protocol: " + protocolName); - } - } - } - } - - /** - * Send a 401 Unauthorized along with protocol authentication headers. - * - * @param response - * HTTP Response - */ - protected void sendUnauthorized(final Response response) { - try { - for (final String protocol : this.protocols) { - response.addHeader("WWW-Authenticate", protocol); - } - response.setHeader("Connection", "close"); - response.sendError(HttpServletResponse.SC_UNAUTHORIZED); - response.flushBuffer(); - } catch (final IOException e) { - throw new RuntimeException(e); - } - } - - /** - * Send an error code. - * - * @param response - * HTTP Response - * @param code - * Error Code - */ - protected void sendError(final Response response, final int code) { - try { - response.sendError(code); - } catch (final IOException e) { - this.log.error(e.getMessage()); - this.log.trace("", e); - throw new RuntimeException(e); - } - } -} diff --git a/Source/JNA/waffle-tomcat6/src/main/java/waffle/apache/WindowsRealm.java b/Source/JNA/waffle-tomcat6/src/main/java/waffle/apache/WindowsRealm.java deleted file mode 100644 index e9117ee0d1..0000000000 --- a/Source/JNA/waffle-tomcat6/src/main/java/waffle/apache/WindowsRealm.java +++ /dev/null @@ -1,54 +0,0 @@ -/** - * Waffle (https://github.com/Waffle/waffle) - * - * Copyright (c) 2010-2016 Application Security, Inc. - * - * All rights reserved. This program and the accompanying materials are made available under the terms of the Eclipse - * Public License v1.0 which accompanies this distribution, and is available at - * https://www.eclipse.org/legal/epl-v10.html. - * - * Contributors: Application Security, Inc. - */ -package waffle.apache; - -import java.security.Principal; - -import org.apache.catalina.realm.RealmBase; - -/** - * A rudimentary Windows realm. - * - * @author dblock[at]dblock[dot]org - */ -public class WindowsRealm extends RealmBase { - - /** The Constant NAME. */ - protected static final String NAME = "waffle.apache.WindowsRealm/1.0"; - - /* - * (non-Javadoc) - * @see org.apache.catalina.realm.RealmBase#getName() - */ - @Override - protected String getName() { - return WindowsRealm.NAME; - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.realm.RealmBase#getPassword(java.lang.String) - */ - @Override - protected String getPassword(final String arg0) { - return null; - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.realm.RealmBase#getPrincipal(java.lang.String) - */ - @Override - protected Principal getPrincipal(final String arg0) { - return null; - } -} diff --git a/Source/JNA/waffle-tomcat6/src/main/java/waffle/apache/package-info.java b/Source/JNA/waffle-tomcat6/src/main/java/waffle/apache/package-info.java deleted file mode 100644 index 1f0149245e..0000000000 --- a/Source/JNA/waffle-tomcat6/src/main/java/waffle/apache/package-info.java +++ /dev/null @@ -1,15 +0,0 @@ -/** - * Waffle (https://github.com/Waffle/waffle) - * - * Copyright (c) 2010-2016 Application Security, Inc. - * - * All rights reserved. This program and the accompanying materials are made available under the terms of the Eclipse - * Public License v1.0 which accompanies this distribution, and is available at - * https://www.eclipse.org/legal/epl-v10.html. - * - * Contributors: Application Security, Inc. - */ -/** - * Waffle Tomcat Package. - */ -package waffle.apache; diff --git a/Source/JNA/waffle-tomcat6/src/site/resources/images/waffle.jpg b/Source/JNA/waffle-tomcat6/src/site/resources/images/waffle.jpg deleted file mode 100644 index 00455a8db4..0000000000 Binary files a/Source/JNA/waffle-tomcat6/src/site/resources/images/waffle.jpg and /dev/null differ diff --git a/Source/JNA/waffle-tomcat6/src/site/site.xml b/Source/JNA/waffle-tomcat6/src/site/site.xml deleted file mode 100644 index 480cfb1aaa..0000000000 --- a/Source/JNA/waffle-tomcat6/src/site/site.xml +++ /dev/null @@ -1,42 +0,0 @@ - - - - - /images/waffle.jpg - https://github.com/Waffle/waffle - - - /images/waffle.jpg - https://github.com/Waffle/waffle - - - org.apache.maven.skins - maven-fluido-skin - 1.6 - - - - true - true - - - - - - - - - \ No newline at end of file diff --git a/Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/MixedAuthenticatorTests.java b/Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/MixedAuthenticatorTests.java deleted file mode 100644 index 4864a2f46b..0000000000 --- a/Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/MixedAuthenticatorTests.java +++ /dev/null @@ -1,254 +0,0 @@ -/** - * Waffle (https://github.com/Waffle/waffle) - * - * Copyright (c) 2010-2016 Application Security, Inc. - * - * All rights reserved. This program and the accompanying materials are made available under the terms of the Eclipse - * Public License v1.0 which accompanies this distribution, and is available at - * https://www.eclipse.org/legal/epl-v10.html. - * - * Contributors: Application Security, Inc. - */ -package waffle.apache; - -import org.apache.catalina.Context; -import org.apache.catalina.deploy.LoginConfig; -import org.assertj.core.api.Assertions; -import org.junit.After; -import org.junit.Assert; -import org.junit.Before; -import org.junit.Test; - -import com.google.common.io.BaseEncoding; -import com.sun.jna.platform.win32.Sspi; -import com.sun.jna.platform.win32.Sspi.SecBufferDesc; - -import mockit.Mocked; -import waffle.apache.catalina.SimpleHttpRequest; -import waffle.apache.catalina.SimpleHttpResponse; -import waffle.mock.MockWindowsAuthProvider; -import waffle.windows.auth.IWindowsCredentialsHandle; -import waffle.windows.auth.impl.WindowsAccountImpl; -import waffle.windows.auth.impl.WindowsCredentialsHandleImpl; -import waffle.windows.auth.impl.WindowsSecurityContextImpl; - -/** - * Waffle Tomcat Mixed Authenticator Tests. - * - * @author dblock[at]dblock[dot]org - */ -public class MixedAuthenticatorTests { - - /** The authenticator. */ - private MixedAuthenticator authenticator; - - @Mocked - Context context; - - /** - * Sets the up. - */ - @Before - public void setUp() { - this.authenticator = new MixedAuthenticator(); - this.authenticator.setContainer(this.context); - this.authenticator.start(); - } - - /** - * Tear down. - */ - @After - public void tearDown() { - this.authenticator.stop(); - } - - /** - * Test challenge get. - */ - @Test - public void testChallengeGET() { - final SimpleHttpRequest request = new SimpleHttpRequest(); - request.setMethod("GET"); - request.setQueryString("j_negotiate_check"); - final SimpleHttpResponse response = new SimpleHttpResponse(); - this.authenticator.authenticate(request, response, null); - final String[] wwwAuthenticates = response.getHeaderValues("WWW-Authenticate"); - Assert.assertNotNull(wwwAuthenticates); - Assert.assertEquals(2, wwwAuthenticates.length); - Assert.assertEquals("Negotiate", wwwAuthenticates[0]); - Assert.assertEquals("NTLM", wwwAuthenticates[1]); - Assert.assertEquals("close", response.getHeader("Connection")); - Assert.assertEquals(2, response.getHeaderNames().length); - Assert.assertEquals(401, response.getStatus()); - } - - /** - * Test challenge post. - */ - @Test - public void testChallengePOST() { - final String securityPackage = "Negotiate"; - IWindowsCredentialsHandle clientCredentials = null; - WindowsSecurityContextImpl clientContext = null; - try { - // client credentials handle - clientCredentials = WindowsCredentialsHandleImpl.getCurrent(securityPackage); - clientCredentials.initialize(); - // initial client security context - clientContext = new WindowsSecurityContextImpl(); - clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername()); - clientContext.setCredentialsHandle(clientCredentials); - clientContext.setSecurityPackage(securityPackage); - clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername()); - final SimpleHttpRequest request = new SimpleHttpRequest(); - request.setQueryString("j_negotiate_check"); - request.setMethod("POST"); - request.setContentLength(0); - final String clientToken = BaseEncoding.base64().encode(clientContext.getToken()); - request.addHeader("Authorization", securityPackage + " " + clientToken); - final SimpleHttpResponse response = new SimpleHttpResponse(); - this.authenticator.authenticate(request, response, null); - Assert.assertTrue(response.getHeader("WWW-Authenticate").startsWith(securityPackage + " ")); - Assert.assertEquals("keep-alive", response.getHeader("Connection")); - Assert.assertEquals(2, response.getHeaderNames().length); - Assert.assertEquals(401, response.getStatus()); - } finally { - if (clientContext != null) { - clientContext.dispose(); - } - if (clientCredentials != null) { - clientCredentials.dispose(); - } - } - } - - /** - * Test get. - */ - @Test - public void testGet() { - final LoginConfig loginConfig = new LoginConfig(); - loginConfig.setErrorPage("error.html"); - loginConfig.setLoginPage("login.html"); - final SimpleHttpRequest request = new SimpleHttpRequest(); - final SimpleHttpResponse response = new SimpleHttpResponse(); - Assert.assertFalse(this.authenticator.authenticate(request, response, loginConfig)); - } - - /** - * Test get info. - */ - @Test - public void testGetInfo() { - Assertions.assertThat(this.authenticator.getInfo().length()).isGreaterThan(0); - } - - /** - * Test negotiate. - */ - @Test - public void testNegotiate() { - final String securityPackage = "Negotiate"; - IWindowsCredentialsHandle clientCredentials = null; - WindowsSecurityContextImpl clientContext = null; - try { - // client credentials handle - clientCredentials = WindowsCredentialsHandleImpl.getCurrent(securityPackage); - clientCredentials.initialize(); - // initial client security context - clientContext = new WindowsSecurityContextImpl(); - clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername()); - clientContext.setCredentialsHandle(clientCredentials); - clientContext.setSecurityPackage(securityPackage); - clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername()); - // negotiate - boolean authenticated = false; - final SimpleHttpRequest request = new SimpleHttpRequest(); - request.setQueryString("j_negotiate_check"); - String clientToken; - while (true) { - clientToken = BaseEncoding.base64().encode(clientContext.getToken()); - request.addHeader("Authorization", securityPackage + " " + clientToken); - - final SimpleHttpResponse response = new SimpleHttpResponse(); - authenticated = this.authenticator.authenticate(request, response, null); - - if (authenticated) { - Assertions.assertThat(response.getHeaderNames().length).isGreaterThanOrEqualTo(0); - break; - } - - Assert.assertTrue(response.getHeader("WWW-Authenticate").startsWith(securityPackage + " ")); - Assert.assertEquals("keep-alive", response.getHeader("Connection")); - Assert.assertEquals(2, response.getHeaderNames().length); - Assert.assertEquals(401, response.getStatus()); - final String continueToken = response.getHeader("WWW-Authenticate") - .substring(securityPackage.length() + 1); - final byte[] continueTokenBytes = BaseEncoding.base64().decode(continueToken); - Assertions.assertThat(continueTokenBytes.length).isGreaterThan(0); - final SecBufferDesc continueTokenBuffer = new SecBufferDesc(Sspi.SECBUFFER_TOKEN, continueTokenBytes); - clientContext.initialize(clientContext.getHandle(), continueTokenBuffer, - WindowsAccountImpl.getCurrentUsername()); - } - Assert.assertTrue(authenticated); - } finally { - if (clientContext != null) { - clientContext.dispose(); - } - if (clientCredentials != null) { - clientCredentials.dispose(); - } - } - } - - /** - * Test post security check. - */ - @Test - public void testPostSecurityCheck() { - final LoginConfig loginConfig = new LoginConfig(); - loginConfig.setErrorPage("error.html"); - loginConfig.setLoginPage("login.html"); - final SimpleHttpRequest request = new SimpleHttpRequest(); - request.setQueryString("j_security_check"); - request.addParameter("j_username", "username"); - request.addParameter("j_password", "password"); - final SimpleHttpResponse response = new SimpleHttpResponse(); - Assert.assertFalse(this.authenticator.authenticate(request, response, loginConfig)); - } - - /** - * Test security check parameters. - */ - @Test - public void testSecurityCheckParameters() { - this.authenticator.setAuth(new MockWindowsAuthProvider()); - final LoginConfig loginConfig = new LoginConfig(); - loginConfig.setErrorPage("error.html"); - loginConfig.setLoginPage("login.html"); - final SimpleHttpRequest request = new SimpleHttpRequest(); - request.addParameter("j_security_check", ""); - request.addParameter("j_username", WindowsAccountImpl.getCurrentUsername()); - request.addParameter("j_password", ""); - final SimpleHttpResponse response = new SimpleHttpResponse(); - Assert.assertTrue(this.authenticator.authenticate(request, response, loginConfig)); - } - - /** - * Test security check query string. - */ - @Test - public void testSecurityCheckQueryString() { - this.authenticator.setAuth(new MockWindowsAuthProvider()); - final LoginConfig loginConfig = new LoginConfig(); - loginConfig.setErrorPage("error.html"); - loginConfig.setLoginPage("login.html"); - final SimpleHttpRequest request = new SimpleHttpRequest(); - request.setQueryString("j_security_check"); - request.addParameter("j_username", WindowsAccountImpl.getCurrentUsername()); - request.addParameter("j_password", ""); - final SimpleHttpResponse response = new SimpleHttpResponse(); - Assert.assertTrue(this.authenticator.authenticate(request, response, loginConfig)); - } -} diff --git a/Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/NegotiateAuthenticatorTests.java b/Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/NegotiateAuthenticatorTests.java deleted file mode 100644 index ceeeb54c21..0000000000 --- a/Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/NegotiateAuthenticatorTests.java +++ /dev/null @@ -1,294 +0,0 @@ -/** - * Waffle (https://github.com/Waffle/waffle) - * - * Copyright (c) 2010-2016 Application Security, Inc. - * - * All rights reserved. This program and the accompanying materials are made available under the terms of the Eclipse - * Public License v1.0 which accompanies this distribution, and is available at - * https://www.eclipse.org/legal/epl-v10.html. - * - * Contributors: Application Security, Inc. - */ -package waffle.apache; - -import org.apache.catalina.Context; -import org.assertj.core.api.Assertions; -import org.junit.After; -import org.junit.Assert; -import org.junit.Before; -import org.junit.Test; - -import com.google.common.io.BaseEncoding; -import com.sun.jna.platform.win32.Sspi; -import com.sun.jna.platform.win32.Sspi.SecBufferDesc; - -import mockit.Mocked; -import waffle.apache.catalina.SimpleHttpRequest; -import waffle.apache.catalina.SimpleHttpResponse; -import waffle.windows.auth.IWindowsCredentialsHandle; -import waffle.windows.auth.PrincipalFormat; -import waffle.windows.auth.impl.WindowsAccountImpl; -import waffle.windows.auth.impl.WindowsAuthProviderImpl; -import waffle.windows.auth.impl.WindowsCredentialsHandleImpl; -import waffle.windows.auth.impl.WindowsSecurityContextImpl; - -/** - * Waffle Tomcat Authenticator Tests. - * - * @author dblock[at]dblock[dot]org - */ -public class NegotiateAuthenticatorTests { - - /** The authenticator. */ - private NegotiateAuthenticator authenticator; - - @Mocked - Context context; - - /** - * Sets the up. - */ - @Before - public void setUp() { - this.authenticator = new NegotiateAuthenticator(); - this.authenticator.setContainer(this.context); - this.authenticator.start(); - } - - /** - * Tear down. - */ - @After - public void tearDown() { - this.authenticator.stop(); - } - - /** - * Test allow guest login. - */ - @Test - public void testAllowGuestLogin() { - Assert.assertTrue(this.authenticator.isAllowGuestLogin()); - this.authenticator.setAllowGuestLogin(false); - Assert.assertFalse(this.authenticator.isAllowGuestLogin()); - } - - /** - * Test challenge get. - */ - @Test - public void testChallengeGET() { - final SimpleHttpRequest request = new SimpleHttpRequest(); - request.setMethod("GET"); - final SimpleHttpResponse response = new SimpleHttpResponse(); - this.authenticator.authenticate(request, response, null); - final String[] wwwAuthenticates = response.getHeaderValues("WWW-Authenticate"); - Assert.assertNotNull(wwwAuthenticates); - Assert.assertEquals(2, wwwAuthenticates.length); - Assert.assertEquals("Negotiate", wwwAuthenticates[0]); - Assert.assertEquals("NTLM", wwwAuthenticates[1]); - Assert.assertEquals("close", response.getHeader("Connection")); - Assert.assertEquals(2, response.getHeaderNames().length); - Assert.assertEquals(401, response.getStatus()); - } - - /** - * Test challenge post. - */ - @Test - public void testChallengePOST() { - final String securityPackage = "Negotiate"; - IWindowsCredentialsHandle clientCredentials = null; - WindowsSecurityContextImpl clientContext = null; - try { - // client credentials handle - clientCredentials = WindowsCredentialsHandleImpl.getCurrent(securityPackage); - clientCredentials.initialize(); - // initial client security context - clientContext = new WindowsSecurityContextImpl(); - clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername()); - clientContext.setCredentialsHandle(clientCredentials); - clientContext.setSecurityPackage(securityPackage); - clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername()); - final SimpleHttpRequest request = new SimpleHttpRequest(); - request.setMethod("POST"); - request.setContentLength(0); - final String clientToken = BaseEncoding.base64().encode(clientContext.getToken()); - request.addHeader("Authorization", securityPackage + " " + clientToken); - final SimpleHttpResponse response = new SimpleHttpResponse(); - this.authenticator.authenticate(request, response, null); - Assert.assertTrue(response.getHeader("WWW-Authenticate").startsWith(securityPackage + " ")); - Assert.assertEquals("keep-alive", response.getHeader("Connection")); - Assert.assertEquals(2, response.getHeaderNames().length); - Assert.assertEquals(401, response.getStatus()); - } finally { - if (clientContext != null) { - clientContext.dispose(); - } - if (clientCredentials != null) { - clientCredentials.dispose(); - } - } - } - - /** - * Test get info. - */ - @Test - public void testGetInfo() { - Assertions.assertThat(this.authenticator.getInfo().length()).isGreaterThan(0); - Assert.assertTrue(this.authenticator.getAuth() instanceof WindowsAuthProviderImpl); - } - - /** - * Test negotiate. - */ - @Test - public void testNegotiate() { - final String securityPackage = "Negotiate"; - IWindowsCredentialsHandle clientCredentials = null; - WindowsSecurityContextImpl clientContext = null; - try { - // client credentials handle - clientCredentials = WindowsCredentialsHandleImpl.getCurrent(securityPackage); - clientCredentials.initialize(); - // initial client security context - clientContext = new WindowsSecurityContextImpl(); - clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername()); - clientContext.setCredentialsHandle(clientCredentials); - clientContext.setSecurityPackage(securityPackage); - clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername()); - // negotiate - boolean authenticated = false; - final SimpleHttpRequest request = new SimpleHttpRequest(); - while (true) { - final String clientToken = BaseEncoding.base64().encode(clientContext.getToken()); - request.addHeader("Authorization", securityPackage + " " + clientToken); - - final SimpleHttpResponse response = new SimpleHttpResponse(); - authenticated = this.authenticator.authenticate(request, response, null); - - if (authenticated) { - Assert.assertNotNull(request.getUserPrincipal()); - Assert.assertTrue(request.getUserPrincipal() instanceof GenericWindowsPrincipal); - final GenericWindowsPrincipal windowsPrincipal = (GenericWindowsPrincipal) request - .getUserPrincipal(); - Assert.assertTrue(windowsPrincipal.getSidString().startsWith("S-")); - Assertions.assertThat(windowsPrincipal.getSid().length).isGreaterThan(0); - Assert.assertTrue(windowsPrincipal.getGroups().containsKey("Everyone")); - Assertions.assertThat(response.getHeaderNames().length).isLessThanOrEqualTo(1); - break; - } - - Assert.assertTrue(response.getHeader("WWW-Authenticate").startsWith(securityPackage + " ")); - Assert.assertEquals("keep-alive", response.getHeader("Connection")); - Assert.assertEquals(2, response.getHeaderNames().length); - Assert.assertEquals(401, response.getStatus()); - final String continueToken = response.getHeader("WWW-Authenticate") - .substring(securityPackage.length() + 1); - final byte[] continueTokenBytes = BaseEncoding.base64().decode(continueToken); - Assertions.assertThat(continueTokenBytes.length).isGreaterThan(0); - final SecBufferDesc continueTokenBuffer = new SecBufferDesc(Sspi.SECBUFFER_TOKEN, continueTokenBytes); - clientContext.initialize(clientContext.getHandle(), continueTokenBuffer, - WindowsAccountImpl.getCurrentUsername()); - } - Assert.assertTrue(authenticated); - } finally { - if (clientContext != null) { - clientContext.dispose(); - } - if (clientCredentials != null) { - clientCredentials.dispose(); - } - } - } - - /** - * Test post empty. - */ - @Test - public void testPOSTEmpty() { - final String securityPackage = "Negotiate"; - IWindowsCredentialsHandle clientCredentials = null; - WindowsSecurityContextImpl clientContext = null; - try { - // client credentials handle - clientCredentials = WindowsCredentialsHandleImpl.getCurrent(securityPackage); - clientCredentials.initialize(); - // initial client security context - clientContext = new WindowsSecurityContextImpl(); - clientContext.setPrincipalName(WindowsAccountImpl.getCurrentUsername()); - clientContext.setCredentialsHandle(clientCredentials); - clientContext.setSecurityPackage(securityPackage); - clientContext.initialize(null, null, WindowsAccountImpl.getCurrentUsername()); - // negotiate - boolean authenticated = false; - final SimpleHttpRequest request = new SimpleHttpRequest(); - request.setMethod("POST"); - request.setContentLength(0); - String clientToken; - String continueToken; - byte[] continueTokenBytes; - SimpleHttpResponse response; - SecBufferDesc continueTokenBuffer; - while (true) { - clientToken = BaseEncoding.base64().encode(clientContext.getToken()); - request.addHeader("Authorization", securityPackage + " " + clientToken); - - response = new SimpleHttpResponse(); - authenticated = this.authenticator.authenticate(request, response, null); - - if (authenticated) { - Assertions.assertThat(response.getHeaderNames().length).isGreaterThanOrEqualTo(0); - break; - } - - if (response.getHeader("WWW-Authenticate").startsWith(securityPackage + ",")) { - Assert.assertEquals("close", response.getHeader("Connection")); - Assert.assertEquals(2, response.getHeaderNames().length); - Assert.assertEquals(401, response.getStatus()); - return; - } - - Assert.assertTrue(response.getHeader("WWW-Authenticate").startsWith(securityPackage + " ")); - Assert.assertEquals("keep-alive", response.getHeader("Connection")); - Assert.assertEquals(2, response.getHeaderNames().length); - Assert.assertEquals(401, response.getStatus()); - continueToken = response.getHeader("WWW-Authenticate").substring(securityPackage.length() + 1); - continueTokenBytes = BaseEncoding.base64().decode(continueToken); - Assertions.assertThat(continueTokenBytes.length).isGreaterThan(0); - continueTokenBuffer = new SecBufferDesc(Sspi.SECBUFFER_TOKEN, continueTokenBytes); - clientContext.initialize(clientContext.getHandle(), continueTokenBuffer, - WindowsAccountImpl.getCurrentUsername()); - } - Assert.assertTrue(authenticated); - } finally { - if (clientContext != null) { - clientContext.dispose(); - } - if (clientCredentials != null) { - clientCredentials.dispose(); - } - } - } - - /** - * Test principal format. - */ - @Test - public void testPrincipalFormat() { - Assert.assertEquals(PrincipalFormat.FQN, this.authenticator.getPrincipalFormat()); - this.authenticator.setPrincipalFormat("both"); - Assert.assertEquals(PrincipalFormat.BOTH, this.authenticator.getPrincipalFormat()); - } - - /** - * Test role format. - */ - @Test - public void testRoleFormat() { - Assert.assertEquals(PrincipalFormat.FQN, this.authenticator.getRoleFormat()); - this.authenticator.setRoleFormat("both"); - Assert.assertEquals(PrincipalFormat.BOTH, this.authenticator.getRoleFormat()); - } -} diff --git a/Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/WaffleAuthenticatorBaseTest.java b/Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/WaffleAuthenticatorBaseTest.java deleted file mode 100644 index aecefe735d..0000000000 --- a/Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/WaffleAuthenticatorBaseTest.java +++ /dev/null @@ -1,105 +0,0 @@ -/** - * Waffle (https://github.com/Waffle/waffle) - * - * Copyright (c) 2010-2016 Application Security, Inc. - * - * All rights reserved. This program and the accompanying materials are made available under the terms of the Eclipse - * Public License v1.0 which accompanies this distribution, and is available at - * https://www.eclipse.org/legal/epl-v10.html. - * - * Contributors: Application Security, Inc. - */ -package waffle.apache; - -import java.io.IOException; - -import org.apache.catalina.connector.Request; -import org.apache.catalina.connector.Response; -import org.apache.catalina.deploy.LoginConfig; -import org.junit.Assert; -import org.junit.Before; -import org.junit.Test; -import org.slf4j.LoggerFactory; - -/** - * Waffle Authenticator Base Tests. - * - * @author dblock[at]dblock[dot]org - */ -public class WaffleAuthenticatorBaseTest { - - /** The waffle authenticator base. */ - private WaffleAuthenticatorBase waffleAuthenticatorBase; - - /** - * Inits the. - */ - @Before - public void init() { - this.waffleAuthenticatorBase = new WaffleAuthenticatorBase() { - { - this.log = LoggerFactory.getLogger(WaffleAuthenticatorBaseTest.class); - } - - @Override - public boolean authenticate(final Request request, final Response response, final LoginConfig loginConfig) - throws IOException { - return false; - } - }; - } - - /** - * Should_accept_both_protocols. - * - * @throws Exception - * the exception - */ - @Test - public void should_accept_both_protocols() throws Exception { - this.waffleAuthenticatorBase.setProtocols(" NTLM , , Negotiate "); - - Assert.assertEquals("Two protocols added", 2, this.waffleAuthenticatorBase.protocols.size()); - Assert.assertTrue("NTLM has been added", this.waffleAuthenticatorBase.protocols.contains("NTLM")); - Assert.assertTrue("Negotiate has been added", this.waffleAuthenticatorBase.protocols.contains("Negotiate")); - } - - /** - * Should_accept_ negotiate_protocol. - * - * @throws Exception - * the exception - */ - @Test - public void should_accept_Negotiate_protocol() throws Exception { - this.waffleAuthenticatorBase.setProtocols(" Negotiate "); - - Assert.assertEquals("One protocol added", 1, this.waffleAuthenticatorBase.protocols.size()); - Assert.assertEquals("Negotiate", this.waffleAuthenticatorBase.protocols.iterator().next()); - } - - /** - * Should_accept_ ntl m_protocol. - * - * @throws Exception - * the exception - */ - @Test - public void should_accept_NTLM_protocol() throws Exception { - this.waffleAuthenticatorBase.setProtocols(" NTLM "); - - Assert.assertEquals("One protocol added", 1, this.waffleAuthenticatorBase.protocols.size()); - Assert.assertEquals("NTLM", this.waffleAuthenticatorBase.protocols.iterator().next()); - } - - /** - * Should_refuse_other_protocol. - * - * @throws Exception - * the exception - */ - @Test(expected = RuntimeException.class) - public void should_refuse_other_protocol() throws Exception { - this.waffleAuthenticatorBase.setProtocols(" NTLM , OTHER, Negotiate "); - } -} \ No newline at end of file diff --git a/Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/WindowsAccountTests.java b/Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/WindowsAccountTests.java deleted file mode 100644 index bf390eaf37..0000000000 --- a/Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/WindowsAccountTests.java +++ /dev/null @@ -1,98 +0,0 @@ -/** - * Waffle (https://github.com/Waffle/waffle) - * - * Copyright (c) 2010-2016 Application Security, Inc. - * - * All rights reserved. This program and the accompanying materials are made available under the terms of the Eclipse - * Public License v1.0 which accompanies this distribution, and is available at - * https://www.eclipse.org/legal/epl-v10.html. - * - * Contributors: Application Security, Inc. - */ -package waffle.apache; - -import java.io.ByteArrayInputStream; -import java.io.ByteArrayOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.ObjectInputStream; -import java.io.ObjectOutputStream; - -import org.assertj.core.api.Assertions; -import org.junit.Assert; -import org.junit.Before; -import org.junit.Test; - -import waffle.mock.MockWindowsAccount; -import waffle.windows.auth.WindowsAccount; - -/** - * Windows Account Tests. - * - * @author dblock[at]dblock[dot]org - */ -public class WindowsAccountTests { - - /** The mock windows account. */ - private final MockWindowsAccount mockWindowsAccount = new MockWindowsAccount("localhost\\Administrator"); - - /** The windows account. */ - private WindowsAccount windowsAccount; - - /** - * Sets the up. - */ - @Before - public void setUp() { - this.windowsAccount = new WindowsAccount(this.mockWindowsAccount); - } - - /** - * Test equals. - */ - @Test - public void testEquals() { - Assert.assertEquals(this.windowsAccount, new WindowsAccount(this.mockWindowsAccount)); - final MockWindowsAccount mockWindowsAccount2 = new MockWindowsAccount("localhost\\Administrator2"); - Assert.assertFalse(this.windowsAccount.equals(new WindowsAccount(mockWindowsAccount2))); - } - - /** - * Test is serializable. - * - * @throws IOException - * Signals that an I/O exception has occurred. - * @throws ClassNotFoundException - * the class not found exception - */ - @Test - public void testIsSerializable() throws IOException, ClassNotFoundException { - // serialize - final ByteArrayOutputStream out = new ByteArrayOutputStream(); - try (final ObjectOutputStream oos = new ObjectOutputStream(out)) { - oos.writeObject(this.windowsAccount); - } - Assertions.assertThat(out.toByteArray().length).isGreaterThan(0); - // deserialize - final InputStream in = new ByteArrayInputStream(out.toByteArray()); - final ObjectInputStream ois = new ObjectInputStream(in); - final WindowsAccount copy = (WindowsAccount) ois.readObject(); - // test - Assert.assertEquals(this.windowsAccount, copy); - Assert.assertEquals(this.windowsAccount.getDomain(), copy.getDomain()); - Assert.assertEquals(this.windowsAccount.getFqn(), copy.getFqn()); - Assert.assertEquals(this.windowsAccount.getName(), copy.getName()); - Assert.assertEquals(this.windowsAccount.getSidString(), copy.getSidString()); - } - - /** - * Test properties. - */ - @Test - public void testProperties() { - Assert.assertEquals("localhost", this.windowsAccount.getDomain()); - Assert.assertEquals("localhost\\Administrator", this.windowsAccount.getFqn()); - Assert.assertEquals("Administrator", this.windowsAccount.getName()); - Assert.assertTrue(this.windowsAccount.getSidString().startsWith("S-")); - } -} diff --git a/Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/WindowsRealmTests.java b/Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/WindowsRealmTests.java deleted file mode 100644 index e39c6f6a8d..0000000000 --- a/Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/WindowsRealmTests.java +++ /dev/null @@ -1,34 +0,0 @@ -/** - * Waffle (https://github.com/Waffle/waffle) - * - * Copyright (c) 2010-2016 Application Security, Inc. - * - * All rights reserved. This program and the accompanying materials are made available under the terms of the Eclipse - * Public License v1.0 which accompanies this distribution, and is available at - * https://www.eclipse.org/legal/epl-v10.html. - * - * Contributors: Application Security, Inc. - */ -package waffle.apache; - -import org.junit.Assert; -import org.junit.Test; - -/** - * Windows Realm Tests. - * - * @author dblock[at]dblock[dot]org - */ -public class WindowsRealmTests { - - /** - * Test properties. - */ - @Test - public void testProperties() { - final WindowsRealm realm = new WindowsRealm(); - Assert.assertNull(realm.getPassword(null)); - Assert.assertNull(realm.getPrincipal(null)); - Assert.assertEquals("waffle.apache.WindowsRealm/1.0", realm.getName()); - } -} diff --git a/Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/catalina/SimpleHttpRequest.java b/Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/catalina/SimpleHttpRequest.java deleted file mode 100644 index 60a677f47d..0000000000 --- a/Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/catalina/SimpleHttpRequest.java +++ /dev/null @@ -1,303 +0,0 @@ -/** - * Waffle (https://github.com/Waffle/waffle) - * - * Copyright (c) 2010-2016 Application Security, Inc. - * - * All rights reserved. This program and the accompanying materials are made available under the terms of the Eclipse - * Public License v1.0 which accompanies this distribution, and is available at - * https://www.eclipse.org/legal/epl-v10.html. - * - * Contributors: Application Security, Inc. - */ -package waffle.apache.catalina; - -import java.security.Principal; -import java.util.HashMap; -import java.util.Map; - -import javax.servlet.http.HttpSession; - -import org.apache.catalina.connector.Request; - -import mockit.Mocked; - -/** - * Simple HTTP Request. - * - * @author dblock[at]dblock[dot]org - */ -public class SimpleHttpRequest extends Request { - - /** The remote port s. */ - private static int remotePortS; - - /** - * Next remote port. - * - * @return the int - */ - public synchronized static int nextRemotePort() { - return ++SimpleHttpRequest.remotePortS; - } - - /** - * Reset remote port. - */ - public synchronized static void resetRemotePort() { - SimpleHttpRequest.remotePortS = 0; - } - - /** The request uri. */ - private String requestURI; - - /** The query string. */ - private String queryString; - - /** The remote user. */ - private String remoteUser; - - /** The method. */ - private String method = "GET"; - - /** The headers. */ - private final Map headers = new HashMap<>(); - - /** The parameters. */ - private final Map parameters = new HashMap<>(); - - /** The content. */ - private byte[] content; - - /** The http session. */ - @Mocked - private HttpSession httpSession; - - /** The principal. */ - private Principal principal; - - /** - * Instantiates a new simple http request. - */ - public SimpleHttpRequest() { - super(); - this.remotePort = SimpleHttpRequest.nextRemotePort(); - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Request#addHeader(java.lang.String, java.lang.String) - */ - @Override - public void addHeader(final String headerName, final String headerValue) { - this.headers.put(headerName, headerValue); - } - - /** - * Adds the parameter. - * - * @param parameterName - * the parameter name - * @param parameterValue - * the parameter value - */ - public void addParameter(final String parameterName, final String parameterValue) { - this.parameters.put(parameterName, parameterValue); - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Request#getContentLength() - */ - @Override - public int getContentLength() { - return this.content == null ? -1 : this.content.length; - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Request#getHeader(java.lang.String) - */ - @Override - public String getHeader(final String headerName) { - return this.headers.get(headerName); - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Request#getMethod() - */ - @Override - public String getMethod() { - return this.method; - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Request#getParameter(java.lang.String) - */ - @Override - public String getParameter(final String parameterName) { - return this.parameters.get(parameterName); - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Request#getQueryString() - */ - @Override - public String getQueryString() { - return this.queryString; - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Request#getRemoteAddr() - */ - @Override - public String getRemoteAddr() { - return this.remoteAddr; - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Request#getRemoteHost() - */ - @Override - public String getRemoteHost() { - return this.remoteHost; - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Request#getRemotePort() - */ - @Override - public int getRemotePort() { - return this.remotePort; - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Request#getRemoteUser() - */ - @Override - public String getRemoteUser() { - return this.remoteUser; - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Request#getRequestURI() - */ - @Override - public String getRequestURI() { - return this.requestURI; - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Request#getSession() - */ - @Override - public HttpSession getSession() { - return this.httpSession; - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Request#getSession(boolean) - */ - @Override - public HttpSession getSession(final boolean create) { - return this.httpSession; - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Request#getUserPrincipal() - */ - @Override - public Principal getUserPrincipal() { - return this.principal; - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Request#setContentLength(int) - */ - @Override - public void setContentLength(final int length) { - this.content = new byte[length]; - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Request#setMethod(java.lang.String) - */ - @Override - public void setMethod(final String value) { - this.method = value; - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Request#setQueryString(java.lang.String) - */ - @Override - public void setQueryString(final String queryValue) { - this.queryString = queryValue; - if (this.queryString != null) { - for (final String eachParameter : this.queryString.split("[&]")) { - final String[] pair = eachParameter.split("="); - final String value = pair.length == 2 ? pair[1] : ""; - this.addParameter(pair[0], value); - } - } - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Request#setRemoteAddr(java.lang.String) - */ - @Override - public void setRemoteAddr(final String value) { - this.remoteAddr = value; - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Request#setRemoteHost(java.lang.String) - */ - @Override - public void setRemoteHost(final String value) { - this.remoteHost = value; - } - - /** - * Sets the remote user. - * - * @param value - * the new remote user - */ - public void setRemoteUser(final String value) { - this.remoteUser = value; - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Request#setRequestURI(java.lang.String) - */ - @Override - public void setRequestURI(final String value) { - this.requestURI = value; - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Request#setUserPrincipal(java.security.Principal) - */ - @Override - public void setUserPrincipal(final Principal value) { - this.principal = value; - } -} diff --git a/Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/catalina/SimpleHttpResponse.java b/Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/catalina/SimpleHttpResponse.java deleted file mode 100644 index 4f96a00705..0000000000 --- a/Source/JNA/waffle-tomcat6/src/test/java/waffle/apache/catalina/SimpleHttpResponse.java +++ /dev/null @@ -1,158 +0,0 @@ -/** - * Waffle (https://github.com/Waffle/waffle) - * - * Copyright (c) 2010-2016 Application Security, Inc. - * - * All rights reserved. This program and the accompanying materials are made available under the terms of the Eclipse - * Public License v1.0 which accompanies this distribution, and is available at - * https://www.eclipse.org/legal/epl-v10.html. - * - * Contributors: Application Security, Inc. - */ -package waffle.apache.catalina; - -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import org.apache.catalina.connector.Response; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import com.google.common.base.Joiner; - -/** - * Simple HTTP Response. - * - * @author dblock[at]dblock[dot]org - */ -public class SimpleHttpResponse extends Response { - - /** The Constant LOGGER. */ - private static final Logger LOGGER = LoggerFactory.getLogger(SimpleHttpResponse.class); - - /** The status. */ - private int status = 500; - - /** The headers. */ - private final Map> headers = new HashMap<>(); - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Response#addHeader(java.lang.String, java.lang.String) - */ - @Override - public void addHeader(final String headerName, final String headerValue) { - List current = this.headers.get(headerName); - if (current == null) { - current = new ArrayList<>(); - } - current.add(headerValue); - this.headers.put(headerName, current); - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Response#flushBuffer() - */ - @Override - public void flushBuffer() { - SimpleHttpResponse.LOGGER.info("{} {}", Integer.valueOf(this.status), this.getStatusString()); - for (final String header : this.headers.keySet()) { - for (final String headerValue : this.headers.get(header)) { - SimpleHttpResponse.LOGGER.info("{}: {}", header, headerValue); - } - } - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Response#getHeader(java.lang.String) - */ - @Override - public String getHeader(final String headerName) { - final List headerValues = this.headers.get(headerName); - return headerValues == null ? null : Joiner.on(", ").join(headerValues); - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Response#getHeaderNames() - */ - @Override - public String[] getHeaderNames() { - return this.headers.keySet().toArray(new String[0]); - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Response#getHeaderValues(java.lang.String) - */ - @Override - public String[] getHeaderValues(final String headerName) { - final List headerValues = this.headers.get(headerName); - return headerValues == null ? null : headerValues.toArray(new String[0]); - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Response#getStatus() - */ - @Override - public int getStatus() { - return this.status; - } - - /** - * Gets the status string. - * - * @return the status string - */ - public String getStatusString() { - return this.status == 401 ? "Unauthorized" : "Unknown"; - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Response#sendError(int) - */ - @Override - public void sendError(final int rc) { - this.status = rc; - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Response#sendError(int, java.lang.String) - */ - @Override - public void sendError(final int rc, final String message) { - this.status = rc; - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Response#setHeader(java.lang.String, java.lang.String) - */ - @Override - public void setHeader(final String headerName, final String headerValue) { - List current = this.headers.get(headerName); - if (current == null) { - current = new ArrayList<>(); - } else { - current.clear(); - } - current.add(headerValue); - this.headers.put(headerName, current); - } - - /* - * (non-Javadoc) - * @see org.apache.catalina.connector.Response#setStatus(int) - */ - @Override - public void setStatus(final int value) { - this.status = value; - } -}