Revision 9182
Added by ben leinfelder about 9 years ago
| src/edu/ucsb/nceas/metacat/restservice/D1ResourceHandler.java | ||
|---|---|---|
| 27 | 27 |
import java.io.InputStream; |
| 28 | 28 |
import java.io.OutputStream; |
| 29 | 29 |
import java.io.PrintWriter; |
| 30 |
import java.security.PrivateKey; |
|
| 31 |
import java.security.cert.X509Certificate; |
|
| 32 | 30 |
import java.util.Enumeration; |
| 33 | 31 |
import java.util.Hashtable; |
| 34 | 32 |
import java.util.Iterator; |
| ... | ... | |
| 43 | 41 |
import org.apache.commons.fileupload.FileUploadException; |
| 44 | 42 |
import org.apache.commons.io.IOUtils; |
| 45 | 43 |
import org.apache.log4j.Logger; |
| 46 |
import org.dataone.client.auth.CertificateManager; |
|
| 47 | 44 |
import org.dataone.mimemultipart.MultipartRequest; |
| 48 | 45 |
import org.dataone.mimemultipart.MultipartRequestResolver; |
| 49 | 46 |
import org.dataone.portal.PortalCertificateManager; |
| 50 |
import org.dataone.portal.TokenGenerator; |
|
| 51 | 47 |
import org.dataone.service.exceptions.BaseException; |
| 52 | 48 |
import org.dataone.service.exceptions.InvalidRequest; |
| 53 | 49 |
import org.dataone.service.exceptions.ServiceFailure; |
| ... | ... | |
| 145 | 141 |
logMetacat = Logger.getLogger(D1ResourceHandler.class); |
| 146 | 142 |
try {
|
| 147 | 143 |
|
| 148 |
// initialize the session - three options |
|
| 149 |
// #1 |
|
| 150 |
// load session from certificate in request |
|
| 151 |
session = CertificateManager.getInstance().getSession(request); |
|
| 152 |
|
|
| 153 |
// #2 |
|
| 154 |
// check for token |
|
| 155 |
if (session == null) {
|
|
| 156 |
String token = request.getHeader("x-dataone-auth-token");
|
|
| 157 |
if (token != null) {
|
|
| 158 |
session = TokenGenerator.getInstance().getSession(token); |
|
| 159 |
} |
|
| 160 |
} |
|
| 161 |
|
|
| 162 |
// #3 |
|
| 163 |
if (session == null) {
|
|
| 164 |
// check for session-based certificate from the portal |
|
| 165 |
try {
|
|
| 166 |
String configurationFileName = servletContext.getInitParameter("oa4mp:client.config.file");
|
|
| 167 |
String configurationFilePath = servletContext.getRealPath(configurationFileName); |
|
| 168 |
PortalCertificateManager portalManager = new PortalCertificateManager(configurationFilePath); |
|
| 169 |
logMetacat.debug("Initialized the PortalCertificateManager using config file: " + configurationFilePath);
|
|
| 170 |
X509Certificate certificate = portalManager.getCertificate(request); |
|
| 171 |
logMetacat.debug("Retrieved certificate: " + certificate);
|
|
| 172 |
PrivateKey key = portalManager.getPrivateKey(request); |
|
| 173 |
logMetacat.debug("Retrieved key: " + key);
|
|
| 174 |
if (certificate != null && key != null) {
|
|
| 175 |
request.setAttribute("javax.servlet.request.X509Certificate", certificate);
|
|
| 176 |
logMetacat.debug("Added certificate to the request: " + certificate.toString());
|
|
| 177 |
} |
|
| 178 |
|
|
| 179 |
// reload session from certificate that we jsut set in request |
|
| 180 |
session = CertificateManager.getInstance().getSession(request); |
|
| 181 |
} catch (Throwable t) {
|
|
| 182 |
// don't require configured OAuth4MyProxy |
|
| 183 |
//logMetacat.error(t.getMessage(), t); |
|
| 184 |
} |
|
| 185 |
} |
|
| 186 |
|
|
| 187 |
// #4 |
|
| 144 |
// first try the usual methods |
|
| 145 |
session = PortalCertificateManager.getInstance().getSession(request); |
|
| 146 |
|
|
| 188 | 147 |
// last resort, check for Metacat sessionid |
| 189 | 148 |
if (session == null) {
|
| 190 | 149 |
SessionData sessionData = RequestUtil.getSessionData(request); |
Also available in: Unified diff
defer to D1 PortalCertificateManager to pull authentication credentials from the request before defering to old Metacat cookie session