001    /** 
002     * Copyright (C) 2009 "Darwin V. Felix" <darwinfelix@users.sourceforge.net>
003     * 
004     * This library is free software; you can redistribute it and/or
005     * modify it under the terms of the GNU Lesser General Public
006     * License as published by the Free Software Foundation; either
007     * version 2.1 of the License, or (at your option) any later version.
008     * 
009     * This library is distributed in the hope that it will be useful,
010     * but WITHOUT ANY WARRANTY; without even the implied warranty of
011     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
012     * Lesser General Public License for more details.
013     * 
014     * You should have received a copy of the GNU Lesser General Public
015     * License along with this library; if not, write to the Free Software
016     * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
017     */
018    
019    package net.sourceforge.spnego;
020    
021    import java.security.Principal;
022    
023    import javax.servlet.http.HttpServletRequest;
024    import javax.servlet.http.HttpServletRequestWrapper;
025    
026    import net.sourceforge.spnego.SpnegoHttpFilter.Constants;
027    
028    import org.ietf.jgss.GSSCredential;
029    
030    /**
031     * Wrap ServletRequest so we can do our own handling of the 
032     * principal and auth types.
033     * 
034     * <p>Also, see the documentation on the {@link DelegateServletRequest} class.</p>
035     * 
036     * <p>Finally, a credential delegation example can be found on 
037     * <a href="http://spnego.sourceforge.net" target="_blank">http://spnego.sourceforge.net</a>
038     * </p>
039     * 
040     * @author Darwin V. Felix
041     *
042     */
043    final class SpnegoHttpServletRequest extends HttpServletRequestWrapper 
044        implements DelegateServletRequest {
045        
046        /** Client Principal. */
047        private final transient SpnegoPrincipal principal;
048        
049        /**
050         * Creates Servlet Request specifying KerberosPrincipal of user.
051         * 
052         * @param request
053         * @param spnegoPrincipal 
054         */
055        SpnegoHttpServletRequest(final HttpServletRequest request
056            , final SpnegoPrincipal spnegoPrincipal) {
057            
058            super(request);
059            
060            this.principal = spnegoPrincipal;
061        }
062        
063        /**
064         * Returns "Negotiate" or "Basic" else default auth type.
065         * 
066         * @see javax.servlet.http.HttpServletRequest#getAuthType()
067         */
068        @Override
069        public String getAuthType() {
070            
071            final String authType;
072            final String header = this.getHeader(Constants.AUTHZ_HEADER);
073            
074            if (header.startsWith(Constants.NEGOTIATE_HEADER)) {
075                authType = Constants.NEGOTIATE_HEADER;
076                
077            } else if (header.startsWith(Constants.BASIC_HEADER)) {
078                authType = Constants.BASIC_HEADER;
079                
080            } else {
081                authType = super.getAuthType();
082            }
083            
084            return authType;
085        }
086        
087        /**
088         * Return the client's/requester's delegated credential or null.
089         * 
090         * @return client's delegated credential or null.
091         */
092        public GSSCredential getDelegatedCredential() {
093            return this.principal.getDelegatedCredential();
094        }
095        
096        /**
097         * Returns authenticated username (sans domain/realm) else default username.
098         * 
099         * @see javax.servlet.http.HttpServletRequest#getRemoteUser()
100         */
101        @Override
102        public String getRemoteUser() {
103            
104            if (null == this.principal) {
105                return super.getRemoteUser();
106                
107            } else {
108                final String[] username = this.principal.getName().split("@", 2);
109                return username[0];
110            }
111        }
112        
113        /**
114         * Returns KerberosPrincipal of user.
115         * 
116         * @see javax.servlet.http.HttpServletRequest#getUserPrincipal()
117         */
118        @Override
119        public Principal getUserPrincipal() {
120            return this.principal;
121        }
122    }