001    /**
002     * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
003     *
004     * The contents of this file are subject to the terms of the Liferay Enterprise
005     * Subscription License ("License"). You may not use this file except in
006     * compliance with the License. You can obtain a copy of the License by
007     * contacting Liferay, Inc. See the License for the specific language governing
008     * permissions and limitations under the License, including but not limited to
009     * distribution rights of the Software.
010     *
011     *
012     *
013     */
014    
015    package com.liferay.portal.spring.remoting;
016    
017    import com.liferay.portal.PwdEncryptorException;
018    import com.liferay.portal.kernel.util.GetterUtil;
019    import com.liferay.portal.kernel.util.StringPool;
020    import com.liferay.portal.security.pwd.PwdEncryptor;
021    
022    import java.io.IOException;
023    
024    import java.net.HttpURLConnection;
025    
026    import org.apache.commons.codec.binary.Base64;
027    
028    import org.springframework.remoting.httpinvoker.SimpleHttpInvokerRequestExecutor;
029    
030    /**
031     * <p>
032     * An HttpInvoker request executor for Spring Remoting that provides HTTP BASIC
033     * authentication information for service invocations.
034     * </p>
035     *
036     * @author Joel Kozikowski
037     */
038    public class AuthenticatingHttpInvokerRequestExecutor
039            extends SimpleHttpInvokerRequestExecutor {
040    
041            public AuthenticatingHttpInvokerRequestExecutor() {
042                    super();
043            }
044    
045            public long getUserId() {
046                    return _userId;
047            }
048    
049            public void setUserId(long userId) {
050                    _userId = userId;
051            }
052    
053            public String getPassword() {
054                    return _password;
055            }
056    
057            public void setPassword(String password) throws PwdEncryptorException {
058                    _password = PwdEncryptor.encrypt(password);
059            }
060    
061            /**
062             * Called every time a HTTP invocation is made. This implementation allows
063             * the parent to setup the connection, and then adds an
064             * <code>Authorization</code> HTTP header property for BASIC authentication.
065             */
066            protected void prepareConnection(HttpURLConnection con, int contentLength)
067                    throws IOException {
068    
069                    super.prepareConnection(con, contentLength);
070    
071                    if (getUserId() > 0) {
072                            String password = GetterUtil.getString(getPassword());
073    
074                            String base64 = getUserId() + StringPool.COLON + password;
075    
076                            con.setRequestProperty(
077                                    "Authorization",
078                                    "Basic " + new String(Base64.encodeBase64(base64.getBytes())));
079                    }
080            }
081    
082            private long _userId;
083            private String _password;
084    
085    }