fix UserDB.proxyAuth from header string

(take care of prefix "Basic" in header entry)
8 years ago · 28afd3a2f8
parent fd22d8c08b
commit 28afd3a2f8
1 changed files with 14 additions and 10 deletions
--- a/source/net/yacy/data/UserDB.java
+++ b/source/net/yacy/data/UserDB.java
@ -35,6 +35,7 @@ import java.util.HashSet;
 import java.util.Iterator;
 import java.util.Map;
 import java.util.Random;
+import javax.servlet.http.HttpServletRequest;

 import net.yacy.cora.document.encoding.UTF8;
 import net.yacy.cora.order.Base64Order;
@ -129,13 +130,15 @@ public final class UserDB {
    }    

    /**
-     * Use a ProxyAuth Value to authenticate user.
-     * @param auth base64 Encoded String, which contains "username:pw".
+     * Use a ProxyAuth Value to authenticate user from HttpHeader.Authentication.
+     * This supports only Basic authentication
+     * @param auth "BASIC " followed by base64 Encoded String, which contains "username:pw" for basic authentication
     */
-    public Entry proxyAuth(final String auth) {
+    public Entry proxyAuth(final String authHeader) {
        Entry entry = null;
-        
-        if (auth != null) {
+        if (authHeader != null) {
+            if (authHeader.toUpperCase().startsWith(HttpServletRequest.BASIC_AUTH)) {
+                String auth = authHeader.substring(6); // take out prefix "BASIC"
                final String[] tmp = Base64Order.standardCoder.decodeString(auth.trim()).split(":");
                if (tmp.length == 2) {
                    entry = this.passwordAuth(tmp[0], tmp[1]);
@ -144,6 +147,7 @@ public final class UserDB {
                    }
                }
            }
+        }
        return entry;
    }