--- java/classes/org/w3c/jigsaw/acl/BasicAuthPrincipal.java 1999/04/23 14:06:46 1.2 +++ java/classes/org/w3c/jigsaw/acl/BasicAuthPrincipal.java 1999/04/27 12:33:26 1.3 @@ -1,5 +1,5 @@ // BasicAuthprincipal.java -// $Id: BasicAuthPrincipal.java,v 1.2 1999/04/23 14:06:46 bmahe Exp $ +// $Id: BasicAuthPrincipal.java,v 1.3 1999/04/27 12:33:26 bmahe Exp $ // (c) COPYRIGHT MIT, INRIA and Keio, 1999. // Please first read the full copyright statement in file COPYRIGHT.html @@ -11,7 +11,7 @@ import org.w3c.tools.codec.Base64FormatE import org.w3c.www.http.HttpCredential; /** - * @version $Revision: 1.2 $ + * @version $Revision: 1.3 $ * @author Benoît Mahé (bmahe@w3.org) */ public class BasicAuthPrincipal extends HTTPPrincipal { @@ -29,23 +29,27 @@ public class BasicAuthPrincipal extends AclPrincipal aclp = (AclPrincipal) another; if (aclp.matchIP(getInetAddress())) { if (aclp.getPassword() != null) { - return (name.equals(aclp.getName()) && + return ((name != null) && + (password != null) && + name.equals(aclp.getName()) && password.equals(aclp.getPassword())); } else { return true; } } else { - return (name.equals(aclp.getName()) && + return ((name != null) && + (password != null) && + name.equals(aclp.getName()) && password.equals(aclp.getPassword())); } - } else if (another instanceof BasicAuthPrincipal) { - return (cookie.equals(((BasicAuthPrincipal)another).getCookie())); } else { return toString().equals(another.toString()); } } public String toString() { + if (name == null) + return super.toString(); return name+":"+password; } @@ -65,31 +69,35 @@ public class BasicAuthPrincipal extends credential = (request.isProxy() ? request.getProxyAuthorization() : request.getAuthorization()); - if ( ! credential.getScheme().equalsIgnoreCase("Basic") ) { + if (credential == null) { + this.name = null; + this.password = null; + } else if ( ! credential.getScheme().equalsIgnoreCase("Basic") ) { String msg = ("Invalid authentication scheme \"" + credential.getScheme() + " expecting \"Basic\""); throw new InvalidAuthException (msg) ; - } - // Decode the credentials: - String decoded = null ; - this.cookie = credential.getAuthParameter("cookie"); - try { - Base64Decoder b = new Base64Decoder (cookie) ; - decoded = b.processString() ; - } catch (Base64FormatException e) { - String msg = "Invalid BASE64 encoding of credentials." ; - throw new InvalidAuthException (msg) ; - } - // Get user and password: - int icolon = decoded.indexOf (':') ; - if ( (icolon > 0) && (icolon+1 < decoded.length()) ) { - // ok, parse was find, check user: - this.name = decoded.substring (0, icolon) ; - this.password = decoded.substring (icolon+1) ; } else { - String msg = "Invalid credentials syntax in " + decoded ; - throw new InvalidAuthException (msg) ; + // Decode the credentials: + String decoded = null ; + this.cookie = credential.getAuthParameter("cookie"); + try { + Base64Decoder b = new Base64Decoder (cookie) ; + decoded = b.processString() ; + } catch (Base64FormatException e) { + String msg = "Invalid BASE64 encoding of credentials." ; + throw new InvalidAuthException (msg) ; + } + // Get user and password: + int icolon = decoded.indexOf (':') ; + if ( (icolon > 0) && (icolon+1 < decoded.length()) ) { + // ok, parse was find, check user: + this.name = decoded.substring (0, icolon) ; + this.password = decoded.substring (icolon+1) ; + } else { + String msg = "Invalid credentials syntax in " + decoded ; + throw new InvalidAuthException (msg) ; + } } }