mirror of
https://github.com/yacy/yacy_search_server.git
synced 2025-07-18 08:36:07 -04:00
now you can use userDB Users to login
git-svn-id: https://svn.berlios.de/svnroot/repos/yacy/trunk@959 6c8d7289-2bf4-0310-a012-ef5d649a1542
This commit is contained in:
@ -70,6 +70,7 @@ import de.anomic.server.serverSwitch;
|
||||
import de.anomic.server.logging.serverLog;
|
||||
import de.anomic.yacy.yacyCore;
|
||||
import de.anomic.yacy.yacySeed;
|
||||
import de.anomic.data.userDB;
|
||||
|
||||
public class dir {
|
||||
|
||||
@ -112,15 +113,20 @@ public class dir {
|
||||
final String downloadAccountBase64MD5 = switchboard.getConfig("downloadAccountBase64MD5", "");
|
||||
|
||||
final String logoutAccountBase64MD5 = de.anomic.server.serverCodings.encodeMD5Hex(serverCodings.standardCoder.encodeBase64String(":"));
|
||||
final String authorizationMD5 = de.anomic.server.serverCodings.encodeMD5Hex(((String) header.get("Authorization", "xxxxxx")).trim().substring(6));
|
||||
// if (logoutAccountBase64.equals(authorization))
|
||||
final boolean adminAuthorization = (adminAccountBase64MD5.length() != 0 &&
|
||||
adminAccountBase64MD5.equals(authorizationMD5));
|
||||
final boolean uploadAuthorization = (adminAuthorization ||(uploadAccountBase64MD5.length() != 0 &&
|
||||
uploadAccountBase64MD5.equals(authorizationMD5)));
|
||||
final boolean downloadAuthorization = (adminAuthorization || uploadAuthorization ||
|
||||
downloadAccountBase64MD5.length() == 0 ||
|
||||
downloadAccountBase64MD5.equals(authorizationMD5));
|
||||
|
||||
userDB.Entry entry = switchboard.userDB.proxyAuth((String)header.get("Authorization", "xxxxxx"));
|
||||
boolean adminAuthorization, downloadAuthorization, uploadAuthorization;
|
||||
if(entry == null){
|
||||
final String authorizationMD5 = de.anomic.server.serverCodings.encodeMD5Hex(((String) header.get("Authorization", "xxxxxx")).trim().substring(6));
|
||||
// if (logoutAccountBase64.equals(authorization))
|
||||
adminAuthorization = (adminAccountBase64MD5.length() != 0 && adminAccountBase64MD5.equals(authorizationMD5));
|
||||
uploadAuthorization = (adminAuthorization ||(uploadAccountBase64MD5.length() != 0 && uploadAccountBase64MD5.equals(authorizationMD5)));
|
||||
downloadAuthorization = (adminAuthorization || uploadAuthorization || downloadAccountBase64MD5.length() == 0 || downloadAccountBase64MD5.equals(authorizationMD5));
|
||||
}else{ //userDB
|
||||
adminAuthorization=entry.hasAdminRight();
|
||||
uploadAuthorization=entry.hasUploadRight();
|
||||
downloadAuthorization=entry.hasDownloadRight();
|
||||
}
|
||||
|
||||
// do authentitcate processes by triggering the http authenticate method
|
||||
if (action.equals("authenticateAdmin") && !adminAuthorization) {
|
||||
|
Reference in New Issue
Block a user