simulate Authorization cookie for yacy servlet header

pull/1/head
reger 11 years ago
parent ea7cef5d05
commit 6e2fe777af

@ -88,8 +88,10 @@ public class Jetty8YaCySecurityHandler extends ConstraintSecurityHandler {
}
//final boolean accountEmpty = adminAccountBase64MD5.length() == 0;
if (protectedPage) { // TODO: none public site
if (!grantedForLocalhost) {
if (protectedPage) {
if (grantedForLocalhost) {
return null; // quick return for local admin
} else {
RoleInfo roleinfo = new RoleInfo();
roleinfo.setChecked(true); // RoleInfo.setChecked() : in Jetty this means - marked to have any security constraint
roleinfo.addRole(AccessRight.ADMIN_RIGHT.toString()); // use AccessRights as role

@ -644,6 +644,13 @@ public class YaCyDefaultServlet extends HttpServlet {
legacyRequestHeader.put(HeaderFramework.CONNECTION_PROP_PATH, target);
legacyRequestHeader.put(HeaderFramework.CONNECTION_PROP_EXT, targetExt);
// for userDB user legacyRequest expect login in Cookie (add one)
if (request.getUserPrincipal() != null) {
String userpassEncoded = request.getHeader("Authorization"); // e.g. "Basic xxXXxxXXxxXX"
if (userpassEncoded != null) {
legacyRequestHeader.setCookie("login", userpassEncoded);
}
}
return legacyRequestHeader;
}

Loading…
Cancel
Save