diff --git a/src/main/java/org/gcube/data/access/connector/GeoServerConnectorRequestHandler.java b/src/main/java/org/gcube/data/access/connector/GeoServerConnectorRequestHandler.java index 26624d7..3145dc3 100644 --- a/src/main/java/org/gcube/data/access/connector/GeoServerConnectorRequestHandler.java +++ b/src/main/java/org/gcube/data/access/connector/GeoServerConnectorRequestHandler.java @@ -74,7 +74,7 @@ public class GeoServerConnectorRequestHandler extends RequestHandler { //check current token with tokenCache if (token.equals(tokenCache)){ - logger.warn("Set credentials from cache " + usernameCache + " " + passwordCache); + logger.warn("Set credentials attribute retrieved from cache " + usernameCache + " " + passwordCache); httpServletRequest.setAttribute(AuthenticationUtils.USERNAME, usernameCache); httpServletRequest.setAttribute(AuthenticationUtils.PASSWORD, passwordCache); }else{ @@ -111,7 +111,7 @@ public class GeoServerConnectorRequestHandler extends RequestHandler { // retrieve the Token from request private String getToken(HttpServletRequest httpServletRequest) { - + // case 1 - get token from gcube-token query-string String gCubeToken = httpServletRequest.getParameter(AuthenticationUtils.GCUBE_QUERY_STRING); if (StringUtils.hasText(gCubeToken)) { @@ -140,6 +140,13 @@ public class GeoServerConnectorRequestHandler extends RequestHandler { return values[1]; } + // case 4 - get token from HTML form in the password field + gCubeToken = httpServletRequest.getParameter(AuthenticationUtils.PASSWORD); + if (StringUtils.hasText(gCubeToken)) { + logger.warn("Get token from HTML form (in the password field)"); + return gCubeToken; + } + logger.warn("gcube-token not found in query-string, in header and in basic authorization header"); return null; } diff --git a/src/main/java/org/gcube/data/access/connector/GeoServerFilter.java b/src/main/java/org/gcube/data/access/connector/GeoServerFilter.java index cb0498d..84847b9 100644 --- a/src/main/java/org/gcube/data/access/connector/GeoServerFilter.java +++ b/src/main/java/org/gcube/data/access/connector/GeoServerFilter.java @@ -44,8 +44,13 @@ public class GeoServerFilter implements Filter { + Base64.encodeBase64String(token.getBytes()); request.addHeader(AuthenticationUtils.AUTHORIZATION, basic_authentication); - logger.warn("Added Authorization : " + request.getHeader(AuthenticationUtils.AUTHORIZATION)); - } + logger.warn("Added authorization header : " + request.getHeader(AuthenticationUtils.AUTHORIZATION)); + + logger.warn("Added parameters in the request : " + username +"/" + password); + + request.addParameter(AuthenticationUtils.USERNAME, username); + request.addParameter(AuthenticationUtils.PASSWORD, password); + } filterChain.doFilter(request, response); } diff --git a/src/main/java/org/gcube/data/access/connector/ServletRequestWrapper.java b/src/main/java/org/gcube/data/access/connector/ServletRequestWrapper.java index f90771f..4a89df9 100644 --- a/src/main/java/org/gcube/data/access/connector/ServletRequestWrapper.java +++ b/src/main/java/org/gcube/data/access/connector/ServletRequestWrapper.java @@ -14,10 +14,12 @@ import javax.servlet.http.HttpServletRequestWrapper; public class ServletRequestWrapper extends HttpServletRequestWrapper { private Map headerMap; + private Map paramsMap; public ServletRequestWrapper(HttpServletRequest request) { super(request); headerMap = new HashMap(); + paramsMap = new HashMap(); } public void addHeader(String name, String value) { @@ -61,4 +63,18 @@ public class ServletRequestWrapper extends HttpServletRequestWrapper { } } + + public void addParameter(String name, String value) { + paramsMap.put(name, value); + } + + public String getParameter(String name) { + // if we added one, return that one + if (paramsMap.get(name) != null) { + return paramsMap.get(name); + } + // otherwise return what's in the original request + HttpServletRequest req = (HttpServletRequest) super.getRequest(); + return req.getParameter(name); + } } \ No newline at end of file