safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-10-31 00:53:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

GUAC-832: Pull username/password from Authorization header if HTTP Basic is used.

Browse Source
This commit is contained in:
Michael Jumper
2014-08-22 14:33:59 -07:00
parent 5ae22ce206
commit 045d5375e3
1 changed files with 25 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
guacamole/src/main/java/org/glyptodon/guacamole/net/basic/AuthenticatingHttpServlet.java
View File

@@ -30,6 +30,7 @@ import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.xml.bind.DatatypeConverter;
import org.glyptodon.guacamole.GuacamoleClientException;
import org.glyptodon.guacamole.GuacamoleException;
import org.glyptodon.guacamole.GuacamoleUnauthorizedException;
@@ -281,6 +282,30 @@ public abstract class AuthenticatingHttpServlet extends HttpServlet {
String username = request.getParameter("username");
String password = request.getParameter("password");
// If no username/password given, try Authorization header
if (username == null && password == null) {
String authorization = request.getHeader("Authorization");
if (authorization != null && authorization.startsWith("Basic ")) {
// Decode base64 authorization
String basicBase64 = authorization.substring(6);
String basicCredentials = new String(DatatypeConverter.parseBase64Binary(basicBase64), "UTF-8");
// Pull username/password from auth data
int colon = basicCredentials.indexOf(':');
if (colon != -1) {
username = basicCredentials.substring(0, colon);
password = basicCredentials.substring(colon+1);
}
else
logger.warn("Invalid HTTP Basic \"Authorization\" header received.");
}
} // end Authorization header fallback
// Build credentials object
Credentials credentials = new Credentials();
credentials.setSession(httpSession);