FELIX-1764: remove the use of the GeneralSecurityException
git-svn-id: https://svn.apache.org/repos/asf/felix/trunk@953121 13f79535-47bb-0310-9956-ffa450edef68
diff --git a/webconsole/src/main/java/org/apache/felix/webconsole/WebConsoleSecurityProvider.java b/webconsole/src/main/java/org/apache/felix/webconsole/WebConsoleSecurityProvider.java
index 90f97c2..9d4ebd5 100644
--- a/webconsole/src/main/java/org/apache/felix/webconsole/WebConsoleSecurityProvider.java
+++ b/webconsole/src/main/java/org/apache/felix/webconsole/WebConsoleSecurityProvider.java
@@ -23,13 +23,13 @@
public interface WebConsoleSecurityProvider {
/**
- * Check if the user with the specified password exists and return an object identifying the user, else throw an exception
+ * Check if the user with the specified password exists and return an object identifying the user, else null
*/
- public Object authenticate(String username, String password) throws GeneralSecurityException;
+ public Object authenticate(String username, String password);
/**
- * Check that the authenticated user has the given role permission or throw an exception
+ * Check that the authenticated user has the given role permission
*/
- public void authorize(Object user, String role) throws GeneralSecurityException;
+ public boolean authorize(Object user, String role);
}
diff --git a/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManager.java b/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManager.java
index 21d6171..6f52a54 100644
--- a/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManager.java
+++ b/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManager.java
@@ -883,19 +883,20 @@
this.password = password;
}
- public Object authenticate(String username, String password) throws GeneralSecurityException {
+ public Object authenticate(String username, String password) {
WebConsoleSecurityProvider provider = (WebConsoleSecurityProvider) tracker.getService();
if (provider != null) {
return provider.authenticate(username, password);
}
if (this.username.equals(username) && this.password.equals(password)) {
- return null;
+ return username;
}
- throw new SecurityException("Bad user/password");
+ return null;
}
- public void authorize(Object user, String role) throws GeneralSecurityException {
- throw new UnsupportedOperationException();
+ public boolean authorize(Object user, String role) {
+ // no op: authorize everything
+ return true;
}
}
diff --git a/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContext.java b/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContext.java
index 3e955fc..d930810 100644
--- a/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContext.java
+++ b/webconsole/src/main/java/org/apache/felix/webconsole/internal/servlet/OsgiManagerHttpContext.java
@@ -120,14 +120,15 @@
String password = srcString.substring(i + 1);
// authenticate
- securityProvider.authenticate( username, password );
+ Object id = securityProvider.authenticate( username, password );
+ if (id != null) {
+ // as per the spec, set attributes
+ request.setAttribute( HttpContext.AUTHENTICATION_TYPE, "" );
+ request.setAttribute( HttpContext.REMOTE_USER, username );
- // as per the spec, set attributes
- request.setAttribute( HttpContext.AUTHENTICATION_TYPE, "" );
- request.setAttribute( HttpContext.REMOTE_USER, username );
-
- // succeed
- return true;
+ // succeed
+ return true;
+ }
}
catch (Exception e)
{