@Override public boolean authorize(Request request, Response response) { return request.getClientInfo().isAuthenticated(); }
dataModel.put("baseUrl", nextRequest.getRootRef().toString()); dataModel.put("clientInfo", nextClientInfo); dataModel.put("isAuthenticated", nextClientInfo.isAuthenticated()); final List<Role> roles = nextClientInfo.getRoles(); final boolean isAdmin = roles.contains(RestletUtilRoles.ADMIN.getRole());
private void checkUpdateUserAuthentication(String usernameString) throws ResourceException { if(this.getRequest().getClientInfo().isAuthenticated()) { if(this.getRequest().getClientInfo().getUser().getIdentifier().equals(usernameString)) { // Always allow users to update their own information return; } } // Check for user create permission if the update would be on another user this.checkAuthentication(BaseOasActions.USER_CREATE); // For system safety, all user updates must be authenticated, even if the // OasAction.USER_CREATE is setup to allow users to register themselves into the system if(!this.getRequest().getClientInfo().isAuthenticated()) { this.log.error("User was not authenticated"); throw new ResourceException(Status.CLIENT_ERROR_UNAUTHORIZED, "Only authenticated users can update user details"); } }
!request.getClientInfo().isAuthenticated())
@Override public boolean authenticate(final OasAction authenticationScope, final Request request, final Response response) if(authenticationScope.isAuthRequired() && !request.getClientInfo().isAuthenticated()) else if(authenticationScope.isAuthRequired() && request.getClientInfo().isAuthenticated() && authenticationScope.isRoleRequired() && !authenticationScope.matchesForRoles(request.getClientInfo().getRoles())) if(request.getClientInfo().isAuthenticated() && request.getClientInfo().getRoles().isEmpty())
if(clientInfo.isAuthenticated() && !clientInfo.getRoles().contains(RestletUtilRoles.AUTHENTICATED.getRole()))
if(clientInfo.isAuthenticated())
@Get public Representation getIndexPageHtml(final Representation entity) throws ResourceException { this.checkAuthentication(BaseOasActions.WHOAMI_CHECK); Representation result = null; if(this.getRequest().getClientInfo().isAuthenticated()) { result = new StringRepresentation(this.getRequest().getClientInfo().getUser().getIdentifier()); } return result; }
/** * Handles the authentication by first invoking the * {@link #authenticate(Request, Response)} method, only if * {@link #isMultiAuthenticating()} returns true and if * {@link ClientInfo#isAuthenticated()} returns false. If the method is * invoked and returns true, the {@link #authenticated(Request, Response)} * is called. Otherwise, if {@link #isOptional()} returns true it continues * to the next Restlet or if it returns false it calls the * {@link #unauthenticated(Request, Response)} method. */ @Override protected int beforeHandle(Request request, Response response) { if (isMultiAuthenticating() || !request.getClientInfo().isAuthenticated()) { if (authenticate(request, response)) { return authenticated(request, response); } else if (isOptional()) { response.setStatus(Status.SUCCESS_OK); return CONTINUE; } else { return unauthenticated(request, response); } } else { return CONTINUE; } }
/** * Authorizes the request only if its method is one of the authorized * methods. * * @param request * The request sent. * @param response * The response to update. * @return True if the authorization succeeded. */ @Override public boolean authorize(Request request, Response response) { boolean authorized = false; if (request.getClientInfo().isAuthenticated()) { // Verify if the request method is one of the forbidden methods for (Method authenticatedMethod : getAuthenticatedMethods()) { authorized = authorized || request.getMethod().equals(authenticatedMethod); } } else { // Verify if the request method is one of the authorized methods for (Method authorizedMethod : getAnonymousMethods()) { authorized = authorized || request.getMethod().equals(authorizedMethod); } } return authorized; }
return null; if (!request.getClientInfo().isAuthenticated()) { return null;
@Override protected void afterHandle(Request request, Response response) { super.afterHandle(request, response); Cookie cookie = request.getCookies().getFirst("Credentials"); if (request.getClientInfo().isAuthenticated() && (cookie == null)) { String identifier = request.getChallengeResponse().getIdentifier(); String secret = new String(request.getChallengeResponse() .getSecret()); CookieSetting cookieSetting = new CookieSetting("Credentials", identifier + "=" + secret); cookieSetting.setAccessRestricted(true); cookieSetting.setPath("/"); cookieSetting.setComment("Unsecured cookie based authentication"); cookieSetting.setMaxAge(30); response.getCookieSettings().add(cookieSetting); } }
if(this.getRequest().getClientInfo().isAuthenticated())
@Override protected void afterHandle(Request request, Response response) { super.afterHandle(request, response); Cookie cookie = request.getCookies().getFirst("Credentials"); if (request.getClientInfo().isAuthenticated() && (cookie == null)) { String identifier = request.getChallengeResponse().getIdentifier(); String secret = new String(request.getChallengeResponse() .getSecret()); CookieSetting cookieSetting = new CookieSetting("Credentials", identifier + "=" + secret); cookieSetting.setAccessRestricted(true); cookieSetting.setPath("/"); cookieSetting.setComment("Unsecured cookie based authentication"); cookieSetting.setMaxAge(30); response.getCookieSettings().add(cookieSetting); } }
if(!this.getRequest().getClientInfo().isAuthenticated())
protected boolean authenticate(Request request, Response response) { ClientInfo info = request.getClientInfo(); if (info.isAuthenticated()) {
if(this.getRequest().getClientInfo().isAuthenticated())
clientInfo.setAuthenticated(rci.isAuthenticated());
if(this.getRequest().getClientInfo().isAuthenticated())
if(this.getRequest().getClientInfo().isAuthenticated())