--- /dev/null
+// BasicAuthprincipal.java\r
+// $Id: BasicAuthPrincipal.java,v 1.1 2010/06/15 12:22:07 smhuang Exp $\r
+// (c) COPYRIGHT MIT, INRIA and Keio, 1999.\r
+// Please first read the full copyright statement in file COPYRIGHT.html\r
+\r
+package org.w3c.jigsaw.acl;\r
+\r
+import org.w3c.jigsaw.http.Request;\r
+import org.w3c.tools.codec.Base64Decoder;\r
+import org.w3c.tools.codec.Base64FormatException;\r
+import org.w3c.www.http.HttpCredential;\r
+\r
+/**\r
+ * @version $Revision: 1.1 $\r
+ * @author Benoît Mahé (bmahe@w3.org)\r
+ */\r
+public class BasicAuthPrincipal extends HTTPPrincipal {\r
+\r
+ // original name is there to cope with a MS weirdness on MiniRedir\r
+ protected String origname = null;\r
+ protected String name = null;\r
+ protected String password = null;\r
+ protected String cookie = null;\r
+\r
+ protected String getCookie() {\r
+ return cookie;\r
+ }\r
+\r
+ public boolean equals(Object another) {\r
+ if (another instanceof AclPrincipal) {\r
+ AclPrincipal aclp = (AclPrincipal) another;\r
+ if (aclp.matchIP(getInetAddress())) {\r
+ if (aclp.getPassword() != null) {\r
+ return ((name != null) &&\r
+ (password != null) &&\r
+ name.equals(aclp.getName()) &&\r
+ password.equals(aclp.getPassword()));\r
+ } else {\r
+ return true;\r
+ }\r
+ } else {\r
+ return ((name != null) &&\r
+ (password != null) &&\r
+ name.equals(aclp.getName()) &&\r
+ password.equals(aclp.getPassword()));\r
+ }\r
+ } else {\r
+ return toString().equals(another.toString());\r
+ }\r
+ }\r
+\r
+ public String toString() {\r
+ if (name == null)\r
+ return super.toString();\r
+ return name+":"+password;\r
+ }\r
+\r
+ public int hashCode() {\r
+ return toString().hashCode();\r
+ }\r
+\r
+ public String getName() {\r
+ return name;\r
+ }\r
+\r
+ public String getOriginalName() {\r
+ return (origname == null) ? name : origname;\r
+ }\r
+\r
+ public BasicAuthPrincipal(Request request) \r
+ throws InvalidAuthException\r
+ {\r
+ this(request, false);\r
+ }\r
+\r
+ public BasicAuthPrincipal(Request request, boolean lenient) \r
+ throws InvalidAuthException\r
+ {\r
+ super(request, lenient);\r
+ HttpCredential credential = null;\r
+ credential = (request.isProxy()\r
+ ? request.getProxyAuthorization()\r
+ : request.getAuthorization());\r
+ if (credential == null) {\r
+ this.name = null;\r
+ this.password = null;\r
+ } else if ( ! credential.getScheme().equalsIgnoreCase("Basic") ) {\r
+ String msg = ("Invalid authentication scheme \""\r
+ + credential.getScheme()\r
+ + " expecting \"Basic\"");\r
+ throw new InvalidAuthException (msg) ;\r
+ } else {\r
+ // Decode the credentials:\r
+ String decoded = null ;\r
+ this.cookie = credential.getAuthParameter("cookie");\r
+ try {\r
+ Base64Decoder b = new Base64Decoder (cookie) ;\r
+ decoded = b.processString() ;\r
+ } catch (Base64FormatException e) {\r
+ String msg = "Invalid BASE64 encoding of credentials." ;\r
+ throw new InvalidAuthException (msg) ;\r
+ }\r
+ // Get user and password:\r
+ origname = null;\r
+ int icolon = decoded.indexOf (':') ;\r
+ if ( (icolon > 0) && (icolon+1 < decoded.length()) ) {\r
+ // ok, parse was find, check user:\r
+ if (lenient) {\r
+ String _name = decoded.substring (0, icolon) ;\r
+ int _slashIdx = _name.lastIndexOf('\\');\r
+ if ( _slashIdx != -1) {\r
+ this.origname = _name;\r
+ this.name = _name.substring(_slashIdx+1);\r
+ } else {\r
+ this.name = _name;\r
+ }\r
+ } else {\r
+ this.name = decoded.substring (0, icolon) ;\r
+ }\r
+ this.password = decoded.substring (icolon+1) ;\r
+ } else {\r
+ String msg = "Invalid credentials syntax in " + decoded ;\r
+ throw new InvalidAuthException (msg) ;\r
+ }\r
+ }\r
+ }\r
+}\r