Revision 9182
Added by ben leinfelder over 9 years ago
src/edu/ucsb/nceas/metacat/restservice/D1ResourceHandler.java | ||
---|---|---|
27 | 27 |
import java.io.InputStream; |
28 | 28 |
import java.io.OutputStream; |
29 | 29 |
import java.io.PrintWriter; |
30 |
import java.security.PrivateKey; |
|
31 |
import java.security.cert.X509Certificate; |
|
32 | 30 |
import java.util.Enumeration; |
33 | 31 |
import java.util.Hashtable; |
34 | 32 |
import java.util.Iterator; |
... | ... | |
43 | 41 |
import org.apache.commons.fileupload.FileUploadException; |
44 | 42 |
import org.apache.commons.io.IOUtils; |
45 | 43 |
import org.apache.log4j.Logger; |
46 |
import org.dataone.client.auth.CertificateManager; |
|
47 | 44 |
import org.dataone.mimemultipart.MultipartRequest; |
48 | 45 |
import org.dataone.mimemultipart.MultipartRequestResolver; |
49 | 46 |
import org.dataone.portal.PortalCertificateManager; |
50 |
import org.dataone.portal.TokenGenerator; |
|
51 | 47 |
import org.dataone.service.exceptions.BaseException; |
52 | 48 |
import org.dataone.service.exceptions.InvalidRequest; |
53 | 49 |
import org.dataone.service.exceptions.ServiceFailure; |
... | ... | |
145 | 141 |
logMetacat = Logger.getLogger(D1ResourceHandler.class); |
146 | 142 |
try { |
147 | 143 |
|
148 |
// initialize the session - three options |
|
149 |
// #1 |
|
150 |
// load session from certificate in request |
|
151 |
session = CertificateManager.getInstance().getSession(request); |
|
152 |
|
|
153 |
// #2 |
|
154 |
// check for token |
|
155 |
if (session == null) { |
|
156 |
String token = request.getHeader("x-dataone-auth-token"); |
|
157 |
if (token != null) { |
|
158 |
session = TokenGenerator.getInstance().getSession(token); |
|
159 |
} |
|
160 |
} |
|
161 |
|
|
162 |
// #3 |
|
163 |
if (session == null) { |
|
164 |
// check for session-based certificate from the portal |
|
165 |
try { |
|
166 |
String configurationFileName = servletContext.getInitParameter("oa4mp:client.config.file"); |
|
167 |
String configurationFilePath = servletContext.getRealPath(configurationFileName); |
|
168 |
PortalCertificateManager portalManager = new PortalCertificateManager(configurationFilePath); |
|
169 |
logMetacat.debug("Initialized the PortalCertificateManager using config file: " + configurationFilePath); |
|
170 |
X509Certificate certificate = portalManager.getCertificate(request); |
|
171 |
logMetacat.debug("Retrieved certificate: " + certificate); |
|
172 |
PrivateKey key = portalManager.getPrivateKey(request); |
|
173 |
logMetacat.debug("Retrieved key: " + key); |
|
174 |
if (certificate != null && key != null) { |
|
175 |
request.setAttribute("javax.servlet.request.X509Certificate", certificate); |
|
176 |
logMetacat.debug("Added certificate to the request: " + certificate.toString()); |
|
177 |
} |
|
178 |
|
|
179 |
// reload session from certificate that we jsut set in request |
|
180 |
session = CertificateManager.getInstance().getSession(request); |
|
181 |
} catch (Throwable t) { |
|
182 |
// don't require configured OAuth4MyProxy |
|
183 |
//logMetacat.error(t.getMessage(), t); |
|
184 |
} |
|
185 |
} |
|
186 |
|
|
187 |
// #4 |
|
144 |
// first try the usual methods |
|
145 |
session = PortalCertificateManager.getInstance().getSession(request); |
|
146 |
|
|
188 | 147 |
// last resort, check for Metacat sessionid |
189 | 148 |
if (session == null) { |
190 | 149 |
SessionData sessionData = RequestUtil.getSessionData(request); |
Also available in: Unified diff
defer to D1 PortalCertificateManager to pull authentication credentials from the request before defering to old Metacat cookie session