001/** 002 * Copyright 2005-2015 The Kuali Foundation 003 * 004 * Licensed under the Educational Community License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.opensource.org/licenses/ecl2.php 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 */ 016package org.kuali.rice.ksb.security.httpinvoker; 017 018import org.apache.commons.codec.binary.Base64; 019import org.apache.http.client.HttpClient; 020import org.apache.http.client.methods.HttpPost; 021import org.kuali.rice.core.api.security.credentials.CredentialsSource; 022import org.kuali.rice.ksb.api.bus.ServiceConfiguration; 023import org.kuali.rice.ksb.messaging.KSBHttpInvokerRequestExecutor; 024import org.kuali.rice.ksb.security.credentials.UsernamePasswordCredentials; 025import org.springframework.remoting.httpinvoker.HttpInvokerClientConfiguration; 026import org.springframework.util.Assert; 027 028import java.io.ByteArrayOutputStream; 029import java.io.IOException; 030 031 032/** 033 * Extension to {@link KSBHttpInvokerRequestExecutor} that retrieves 034 * credentials from the CredentialsSource and places them in a BASIC HTTP 035 * Authorization header. 036 * 037 * @author Kuali Rice Team (rice.collab@kuali.org) 038 * @since 0.9 039 */ 040public final class AuthenticationCommonsHttpInvokerRequestExecutor extends 041 KSBHttpInvokerRequestExecutor { 042 043 /** 044 * Source of the credentials to pass via BASIC AUTH. 045 */ 046 private final CredentialsSource credentialsSource; 047 048 /** 049 * Details about the service that the CredentialsSource may need. 050 */ 051 private final ServiceConfiguration serviceConfiguration; 052 053 /** 054 * Constructor that accepts the CredentialsSource and Service Info. 055 * 056 * @param httpClient the http client 057 * @param credentialsSource the source of credentials. 058 * @param serviceConfiguration the service configuration. 059 */ 060 public AuthenticationCommonsHttpInvokerRequestExecutor(final HttpClient httpClient, 061 final CredentialsSource credentialsSource, final ServiceConfiguration serviceConfiguration) { 062 super(httpClient); 063 Assert.notNull(credentialsSource, "credentialsSource cannot be null."); 064 Assert.notNull(serviceConfiguration, "serviceConfiguration cannot be null."); 065 this.credentialsSource = credentialsSource; 066 this.serviceConfiguration = serviceConfiguration; 067 } 068 069 /** 070 * Overridden to obtain the Credentials from the CredentialsSource and pass 071 * them via HTTP BASIC Authorization. 072 */ 073 074 protected void setRequestBody(final HttpInvokerClientConfiguration config, 075 final HttpPost httpPost, final ByteArrayOutputStream baos) throws IOException { 076 final UsernamePasswordCredentials credentials = (UsernamePasswordCredentials) this.credentialsSource.getCredentials(this.serviceConfiguration.getEndpointUrl().toExternalForm()); 077 078 final String base64 = credentials.getUsername() + ":" 079 + credentials.getPassword(); 080 httpPost.addHeader("Authorization", "Basic " + new String(Base64.encodeBase64(base64.getBytes()))); 081 082 if (logger.isDebugEnabled()) { 083 logger 084 .debug("HttpInvocation now presenting via BASIC authentication CredentialsSource-derived: " 085 + credentials.getUsername()); 086 } 087 088 super.setRequestBody(config, httpPost, baos); 089 } 090}