1 | package ve.gob.cenditel.murachi; |
---|
2 | |
---|
3 | import java.io.IOException; |
---|
4 | //import java.util.Base64; |
---|
5 | import java.util.StringTokenizer; |
---|
6 | |
---|
7 | import org.apache.commons.codec.binary.Base64; |
---|
8 | import org.apache.log4j.Logger; |
---|
9 | |
---|
10 | /** |
---|
11 | * Clase para ejecutar el servicio de autenticacion basica HTTP. |
---|
12 | * |
---|
13 | * @author aaraujo |
---|
14 | * |
---|
15 | */ |
---|
16 | public class AuthenticationService { |
---|
17 | |
---|
18 | final static Logger logger = Logger.getLogger(AuthenticationService.class); |
---|
19 | |
---|
20 | public boolean authenticate(String authCredentials) { |
---|
21 | |
---|
22 | if (null == authCredentials) |
---|
23 | return false; |
---|
24 | // header value format will be "Basic encodedstring" for Basic |
---|
25 | // authentication. Example "Basic YWRtaW46YWRtaW4=" |
---|
26 | final String encodedUserPassword = authCredentials.replaceFirst("Basic" |
---|
27 | + " ", ""); |
---|
28 | String usernameAndPassword = null; |
---|
29 | try { |
---|
30 | //byte[] decodedBytes = Base64.getDecoder().decode(encodedUserPassword); |
---|
31 | |
---|
32 | // usando la clase Base64 de org.apache.commons.codec.binary.Base64 |
---|
33 | byte[] decodedBytes = Base64.decodeBase64(encodedUserPassword); |
---|
34 | |
---|
35 | usernameAndPassword = new String(decodedBytes, "UTF-8"); |
---|
36 | } catch (IOException e) { |
---|
37 | e.printStackTrace(); |
---|
38 | } |
---|
39 | final StringTokenizer tokenizer = new StringTokenizer( |
---|
40 | usernameAndPassword, ":"); |
---|
41 | final String username = tokenizer.nextToken(); |
---|
42 | final String password = tokenizer.nextToken(); |
---|
43 | |
---|
44 | logger.debug(username); |
---|
45 | logger.debug(password); |
---|
46 | |
---|
47 | |
---|
48 | |
---|
49 | // we have fixed the userid and password as admin |
---|
50 | // call some UserService/LDAP here |
---|
51 | boolean authenticationStatus = "admin".equals(username) |
---|
52 | && "admin".equals(password); |
---|
53 | |
---|
54 | if (!authenticationStatus) { |
---|
55 | logger.error("Fallo la autenticación básica de HTTP; no se ejecuta el recurso"); |
---|
56 | } |
---|
57 | |
---|
58 | |
---|
59 | return authenticationStatus; |
---|
60 | } |
---|
61 | } |
---|