「FilterでBasic認証を実装」の版間の差分
ナビゲーションに移動
検索に移動
1行目: | 1行目: | ||
− | ==FilterでBasic認証を実装== | + | ==[[FilterでBasic認証を実装]]== |
− | [[Java]] | | + | [[Java]] | [[Category:コード片]] |
− | import java.io. | + | import java.io.Buffered[[R]]eader; |
import java.io.ByteArrayInputStream; | import java.io.ByteArrayInputStream; | ||
import java.io.IOException; | import java.io.IOException; | ||
− | import java.io. | + | import java.io.InputStream[[R]]eader; |
import java.util.Enumeration; | import java.util.Enumeration; | ||
13行目: | 13行目: | ||
import javax.servlet.FilterConfig; | import javax.servlet.FilterConfig; | ||
import javax.servlet.ServletException; | import javax.servlet.ServletException; | ||
− | import javax.servlet. | + | import javax.servlet.Servlet[[R]]equest; |
− | import javax.servlet. | + | import javax.servlet.Servlet[[R]]esponse; |
− | import javax.servlet.http. | + | import javax.servlet.http.HttpServlet[[R]]equest; |
− | import javax.servlet.http. | + | import javax.servlet.http.HttpServlet[[R]]esponse; |
public class BasicAuthenticationFilter implements Filter { | public class BasicAuthenticationFilter implements Filter { | ||
24行目: | 24行目: | ||
private final String realmName = "hoge"; | private final String realmName = "hoge"; | ||
− | /* @see javax.servlet.Filter#doFilter(javax.servlet. | + | /* @see javax.servlet.Filter#doFilter(javax.servlet.Servlet[[R]]equest, javax.servlet.Servlet[[R]]esponse, javax.servlet.FilterChain) */ |
− | public void doFilter( | + | public void doFilter(Servlet[[R]]equest request, |
− | + | Servlet[[R]]esponse response, | |
FilterChain filterChain) throws IOException, ServletException { | FilterChain filterChain) throws IOException, ServletException { | ||
ByteArrayInputStream bin = null; | ByteArrayInputStream bin = null; | ||
− | + | Buffered[[R]]eader br = null; | |
try { | try { | ||
− | + | HttpServlet[[R]]equest http[[R]]eq = (HttpServlet[[R]]equest)request; | |
− | String basicAuthData = httpReq. | + | String basicAuthData = httpReq.get[[Header]]("authorization"); |
// Basic認証から情報を取得 | // Basic認証から情報を取得 | ||
− | String basicAuthBody = basicAuthData.substring(6); // ex 'Basic | + | String basicAuthBody = basicAuthData.substring(6); // ex 'Basic dG9tY2F0On[[R]]vbWNhdA== ' |
bin = new ByteArrayInputStream(basicAuthBody.getBytes()); | bin = new ByteArrayInputStream(basicAuthBody.getBytes()); | ||
− | br = new | + | br = new Buffered[[R]]eader( |
− | new | + | new InputStream[[R]]eader(MimeUtility.decode(bin,"base64"))); |
StringBuilder buf = new StringBuilder(); | StringBuilder buf = new StringBuilder(); | ||
55行目: | 55行目: | ||
if (!isAuthorized) { | if (!isAuthorized) { | ||
//ブラウザに UnAuthorizedエラー(401)を返す | //ブラウザに UnAuthorizedエラー(401)を返す | ||
− | + | HttpServlet[[R]]esponse http[[R]]es = (HttpServlet[[R]]esponse)response; | |
− | httpRes. | + | httpRes.set[[Header]]("WWW-Authenticate","Basic realm=" + this.realmName); |
− | + | http[[R]]es.setContentType("text/html"); | |
− | + | http[[R]]es.sendError(HttpServlet[[R]]esponse.SC_UNAUTHO[[R]]IZED); // 401 | |
} else { | } else { | ||
filterChain.doFilter(request, response); | filterChain.doFilter(request, response); |
2020年2月16日 (日) 04:25時点における版
FilterでBasic認証を実装
Java |
import java.io.BufferedReader; import java.io.ByteArrayInputStream; import java.io.IOException; import java.io.InputStreamReader; import java.util.Enumeration; import javax.mail.internet.MimeUtility; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; public class BasicAuthenticationFilter implements Filter { /** * レルム名 */ private final String realmName = "hoge"; /* @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain) */ public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException { ByteArrayInputStream bin = null; BufferedReader br = null; try { HttpServletRequest httpReq = (HttpServletRequest)request; String basicAuthData = httpReq.getHeader("authorization"); // Basic認証から情報を取得 String basicAuthBody = basicAuthData.substring(6); // ex 'Basic dG9tY2F0OnRvbWNhdA== ' bin = new ByteArrayInputStream(basicAuthBody.getBytes()); br = new BufferedReader( new InputStreamReader(MimeUtility.decode(bin,"base64"))); StringBuilder buf = new StringBuilder(); String line = null; while ((line = br.readLine())!=null) { buf.append(line); } String[] loginInfo = buf.toString().split(":"); String username = CollectionUtil.safeArrayElement(loginInfo,0,""); String password = CollectionUtil.safeArrayElement(loginInfo,1,""); boolean isAuthorized = /* username password を利用して認証を実施 */ if (!isAuthorized) { //ブラウザに UnAuthorizedエラー(401)を返す HttpServletResponse httpRes = (HttpServletResponse)response; httpRes.setHeader("WWW-Authenticate","Basic realm=" + this.realmName); httpRes.setContentType("text/html"); httpRes.sendError(HttpServletResponse.SC_UNAUTHORIZED); // 401 } else { filterChain.doFilter(request, response); } } catch (Exception e) { throw new ServletException(e); } finally { try { if (bin!=null) bin.close(); if (br !=null) br.close(); } catch(Exception e) {} } } }
© 2006 矢木浩人