removed never-used server access account function

git-svn-id: https://svn.berlios.de/svnroot/repos/yacy/trunk@6731 6c8d7289-2bf4-0310-a012-ef5d649a1542

defaults/yacy.init

@@ -373,18 +373,6 @@ serverClient=*
 #use User_p.html to create some Users.
 use_proxyAccounts=false
 
-# serverAccount: a user:password - pair for web server access
-# this is the access to the 'public' pages on the server
-# should be always open, but you get the option here
-# if set to a user:password, you get a conflict with the administration account
-# future versions will check if the server is unprotected,
-# because the p2p-index-sharing function will use the http server for
-# data exchange.
-# example
-#serverAccount=admin:mysecretpassword
-serverAccount=
-serverAccountBase64MD5=
-
 # adminAccount: a user:password - pair for administration of
 # settings through the web interface
 # should be set to a secret. By default it is without a password

htroot/SettingsAck_p.java

@@ -276,8 +276,6 @@ public class SettingsAck_p {
             
             // check passed. set account:
             env.setConfig("serverClient", filter);
-            //env.setConfig("serverAccountBase64MD5", serverCodings.encodeMD5Hex(kelondroBase64Order.standardCoder.encodeString(user + ":" + pw1)));
-            env.setConfig("serverAccount", "");
             
             prop.put("info", "8");//server access filter updated
             //prop.put("info_user", user);

htroot/Settings_p.java

@@ -142,18 +142,7 @@ public final class Settings_p {
         prop.putHTML("serverfilter", env.getConfig("serverClient", "*"));
         
         // server password
-        if (env.getConfig("serverAccountBase64", "").length() == 0) {
-            // no password has been specified
-            prop.put("serveruser","server");
-        } else {
-            s = env.getConfig("serverAccount", "server:void");
-            pos = s.indexOf(":");
-            if (pos < 0) {
-                prop.put("serveruser","server");
-            } else {
-                prop.put("serveruser",s.substring(0, pos));
-            }
-        }
+        prop.put("serveruser","server");
         
         // clientIP
         prop.putXML("clientIP", header.get(HeaderFramework.CONNECTION_PROP_CLIENTIP, "<unknown>")); // read an artificial header addendum

source/de/anomic/http/server/HTTPDemon.java

@@ -133,7 +133,6 @@ public final class HTTPDemon implements serverHandler, Cloneable {
     // for authentication
     private boolean use_proxyAccounts = false;
     private boolean proxyAccounts_init = false; // is use_proxyAccounts set?
-    private String serverAccountBase64MD5;
     private String clientIP;
     private boolean allowProxy;
     private boolean allowServer;
@@ -156,7 +155,6 @@ public final class HTTPDemon implements serverHandler, Cloneable {
         
         // authentication: by default none
         this.proxyAccounts_init = false;
-        this.serverAccountBase64MD5 = null;
         this.clientIP = null;
         
         // configuring keep alive support
@@ -179,7 +177,6 @@ public final class HTTPDemon implements serverHandler, Cloneable {
         this.allowServer = false;
         this.allowYaCyHop = false;
         this.proxyAccounts_init = false;
-        this.serverAccountBase64MD5 = null;
         this.clientIP = null;
         this.prop.clear();
         
@@ -214,7 +211,6 @@ public final class HTTPDemon implements serverHandler, Cloneable {
         }
 
         this.proxyAccounts_init = false;
-        this.serverAccountBase64MD5 = null;
     }
 
     private static boolean match(final String key, final String latch) {
@@ -304,39 +300,6 @@ public final class HTTPDemon implements serverHandler, Cloneable {
         return 1;
     }
     
-    private boolean handleServerAuthentication(final RequestHeader header) throws IOException {
-        // getting the http version that is used by the client
-        final String httpVersion = this.prop.getProperty(HeaderFramework.CONNECTION_PROP_HTTP_VER, "HTTP/0.9");        
-        
-        // reading the authentication settings from switchboard
-        if (this.serverAccountBase64MD5 == null) 
-            this.serverAccountBase64MD5 = switchboard.getConfig("serverAccountBase64MD5", "");
-        
-        if (this.serverAccountBase64MD5.length() > 0) {
-            final String auth = header.get(RequestHeader.AUTHORIZATION);
-            if (auth == null) {
-                // authorization requested, but no authorizeation given in header. Ask for authenticate:
-                this.session.out.write((httpVersion + " 401 log-in required" + serverCore.CRLF_STRING +
-                        RequestHeader.WWW_AUTHENTICATE + ": Basic realm=\"log-in\"" + serverCore.CRLF_STRING +
-                        serverCore.CRLF_STRING).getBytes());
-                this.session.out.write((HeaderFramework.CONTENT_LENGTH + ": 0\r\n").getBytes());
-                this.session.out.write("\r\n".getBytes());
-                return false;
-            } else if (!this.serverAccountBase64MD5.equals(Digest.encodeMD5Hex(auth.trim().substring(6)))) {
-                // wrong password given: ask for authenticate again
-                log.logInfo("Wrong log-in for account 'server' in HTTPD.GET " + this.prop.getProperty("PATH") + " from IP " + this.clientIP);
-                this.session.out.write((httpVersion + " 401 log-in required" + serverCore.CRLF_STRING +
-                        RequestHeader.WWW_AUTHENTICATE + ": Basic realm=\"log-in\"" + 
-                        serverCore.CRLF_STRING).getBytes());
-                this.session.out.write((HeaderFramework.CONTENT_LENGTH + ": 0\r\n").getBytes());
-                this.session.out.write("\r\n".getBytes());                
-                this.session.out.flush();
-                return false;
-            }
-        }
-        return true;
-    }
-    
     private boolean handleYaCyHopAuthentication(final RequestHeader header) {
         // check if the user has allowed that his/her peer is used for hops
         if (!this.allowYaCyHop) return false;
@@ -488,9 +451,7 @@ public final class HTTPDemon implements serverHandler, Cloneable {
             if (this.prop.getProperty(HeaderFramework.CONNECTION_PROP_HOST).equals(virtualHost)) {
                 // pass to server
                 if (this.allowServer) {
-                    if (this.handleServerAuthentication(header)) {
-                       HTTPDFileHandler.doGet(this.prop, header, this.session.out);
-                    }
+                    HTTPDFileHandler.doGet(this.prop, header, this.session.out);
                 } else {
                     // not authorized through firewall blocking (ip does not match filter)
                     this.session.out.write((httpVersion + " 403 refused (IP not granted)" + serverCore.CRLF_STRING + serverCore.CRLF_STRING + "you are not allowed to connect to this server, because you are using a non-granted IP. allowed are only connections that match with the following filter: " + switchboard.getConfig("serverClient", "*") + serverCore.CRLF_STRING).getBytes());
@@ -557,9 +518,7 @@ public final class HTTPDemon implements serverHandler, Cloneable {
             if (this.prop.getProperty(HeaderFramework.CONNECTION_PROP_HOST).equals(virtualHost)) {
                 // pass to server
                 if (allowServer) {
-                    if (handleServerAuthentication(header)) {
-                        HTTPDFileHandler.doHead(prop, header, this.session.out);
-                    }
+                    HTTPDFileHandler.doHead(prop, header, this.session.out);
                 } else {
                     // not authorized through firewall blocking (ip does not match filter)
                     session.out.write((httpVersion + " 403 refused (IP not granted)" +
@@ -625,9 +584,7 @@ public final class HTTPDemon implements serverHandler, Cloneable {
             if (prop.getProperty(HeaderFramework.CONNECTION_PROP_HOST).equals(virtualHost)) {
                 // pass to server
                 if (allowServer) {
-                    if (handleServerAuthentication(header)) {
-                        HTTPDFileHandler.doPost(prop, header, this.session.out, sessionIn);
-                    }
+                    HTTPDFileHandler.doPost(prop, header, this.session.out, sessionIn);
                 } else {
                     // not authorized through firewall blocking (ip does not match filter)
                     session.out.write((httpVersion + " 403 refused (IP not granted)" + serverCore.CRLF_STRING + serverCore.CRLF_STRING + "you are not allowed to connect to this server, because you are using the non-granted IP " + clientIP + ". allowed are only connections that match with the following filter: " + switchboard.getConfig("serverClient", "*") + serverCore.CRLF_STRING).getBytes());

source/net/yacy/migration.java

@@ -204,10 +204,6 @@ public class migration {
     public static void presetPasswords(final Switchboard sb) {
         // set preset accounts/passwords
         String acc;
-        if ((acc = sb.getConfig("serverAccount", "")).length() > 0) {
-            sb.setConfig("serverAccountBase64MD5", Digest.encodeMD5Hex(Base64Order.standardCoder.encodeString(acc)));
-            sb.setConfig("serverAccount", "");
-        }
         if ((acc = sb.getConfig("adminAccount", "")).length() > 0) {
             sb.setConfig(HTTPDemon.ADMIN_ACCOUNT_B64MD5, Digest.encodeMD5Hex(Base64Order.standardCoder.encodeString(acc)));
             sb.setConfig("adminAccount", "");
@@ -218,10 +214,6 @@ public class migration {
             sb.setConfig("proxyAccountBase64MD5", Digest.encodeMD5Hex(acc));
             sb.setConfig("proxyAccountBase64", "");
         }
-        if ((acc = sb.getConfig("serverAccountBase64", "")).length() > 0) {
-            sb.setConfig("serverAccountBase64MD5", Digest.encodeMD5Hex(acc));
-            sb.setConfig("serverAccountBase64", "");
-        }
         if ((acc = sb.getConfig("adminAccountBase64", "")).length() > 0) {
             sb.setConfig(HTTPDemon.ADMIN_ACCOUNT_B64MD5, Digest.encodeMD5Hex(acc));
             sb.setConfig("adminAccountBase64", "");