ml.alternet.security.web.server

Class BasicAuthorizationBuffer

java.lang.Object

ml.alternet.security.web.server.BasicAuthorizationBuffer

public abstract class BasicAuthorizationBuffer
extends Object

Extract a password of an HTTP Basic Authorization header, and replace it with '*'.

When creating, one must specify the boundaries of the portion of the buffer to analyze, and what this portion contains (all the HTTP headers, only the Authorization header, or only its value).

Author:

Philippe Poulard

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	BasicAuthorizationBuffer.Scope The scope of the lookup.

Constructor Summary

Constructors

Constructor and Description
BasicAuthorizationBuffer(BasicAuthorizationBuffer.Scope scope, int position, int limit) Create a buffer.

Method Summary

Modifier and Type	Method and Description
abstract void	debug(String msg) Log informations for debugging.
boolean	findCredentialsBoundaries() Find the boundaries of the base64 credentials in the buffer.
abstract byte	get(int i) Get the byte at the index specified.
Credentials	replace(PasswordManager passwordManager) Replace the raw password in the buffer with '*' and reencode the credentials in Base64.
abstract void	set(int i, byte b) Set a byte at the index specified.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

BasicAuthorizationBuffer

public BasicAuthorizationBuffer(BasicAuthorizationBuffer.Scope scope,
                                int position,
                                int limit)

Create a buffer.

Parameters:

scope - Indicates what is delimited in the buffer : all the headers, just the Authorization header, or simply its value.

position - The start offset of the bytes.

limit - The end offset of the bytes.

Method Detail

get

public abstract byte get(int i)

Get the byte at the index specified.

Parameters:

i - The actual index.

Returns:

The byte.

set

public abstract void set(int i,
                         byte b)

Set a byte at the index specified.

Parameters:

i - The actual index.

b - The byte to set.

debug

public abstract void debug(String msg)

Log informations for debugging.

Parameters:

msg - The debug message.

findCredentialsBoundaries

public boolean findCredentialsBoundaries()

Find the boundaries of the base64 credentials in the buffer.

String to find in the buffer : "Authorization: Basic [base64Credential]" (or just "Basic [base64Credential]" according to the scope)

    header-field = field-name ":" OWS field-value OWS

OWS means "optional whitespace" and header fields are delimited using CRLF.

Returns:

true if the credentials have been found, false otherwise.

replace

public Credentials replace(PasswordManager passwordManager)

Replace the raw password in the buffer with '*' and reencode the credentials in Base64.

This method have to be called if findCredentialsBoundaries() has returned true.

Parameters:

passwordManager - Allow to create a secure password.

Returns:

The credentials with the captured password and the user name.