WIP: Fix for #59.

hazendaz · Aug 25, 2014 · b707348 · b707348
1 parent 5add5b4
commit b707348
Show file tree

Hide file tree

Showing 7 changed files with 38 additions and 2 deletions.
diff --git a/Source/JNA/waffle-jna/src/main/java/waffle/servlet/spi/NegotiateSecurityFilterProvider.java b/Source/JNA/waffle-jna/src/main/java/waffle/servlet/spi/NegotiateSecurityFilterProvider.java
@@ -114,6 +114,9 @@ public IWindowsIdentity doFilter(final HttpServletRequest request, final HttpSer
         if (securityContext.isContinue() || ntlmPost) {
             response.setHeader("Connection", "keep-alive");
             response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+            final String body = "Unauthorized";
+            response.getWriter().write(body);
+            response.setContentLength(body.length());
             response.flushBuffer();
             return null;
         }

diff --git a/Source/JNA/waffle-tests/src/main/java/waffle/mock/http/SimpleHttpResponse.java b/Source/JNA/waffle-tests/src/main/java/waffle/mock/http/SimpleHttpResponse.java
@@ -151,4 +151,9 @@ public String getOutputText() {
         }
         return null;
     }
+
+    @Override
+    public void setContentLength(int len) {
+        setHeader("Content-Length", Integer.toString(len));
+    }
 }
diff --git a/Source/JNA/waffle-tests/src/test/java/waffle/servlet/NegotiateSecurityFilterTests.java b/Source/JNA/waffle-tests/src/test/java/waffle/servlet/NegotiateSecurityFilterTests.java
@@ -165,10 +165,26 @@ public void testNegotiate() throws IOException, ServletException {
                     break;
                 }
 
+                assertEquals(401, response.getStatus());
+
+                // security package requested is one negotiate continues with
                 assertTrue(response.getHeader("WWW-Authenticate").startsWith(securityPackage + " "));
+
+                // keep-alive, NTLM is a connection-oriented protocol
                 assertEquals("keep-alive", response.getHeader("Connection"));
-                assertEquals(2, response.getHeaderNamesSize());
-                assertEquals(401, response.getStatus());
+
+                // Connection: keep-alive
+                // WWW-Authenticate: ...
+                // Content-Length: ...
+                assertEquals(3, response.getHeaderNamesSize());
+
+                // response has a body and a content length (.NET clients require this)
+                int contentLength = Integer.parseInt(response.getHeader("Content-Length"));
+                assertTrue(contentLength > 0);
+                String content = response.getOutputText();
+                assertEquals(contentLength, content.length());
+
+                // continue token
                 String continueToken = response.getHeader("WWW-Authenticate").substring(securityPackage.length() + 1);
                 byte[] continueTokenBytes = BaseEncoding.base64().decode(continueToken);
                 assertTrue(continueTokenBytes.length > 0);

diff --git a/Source/JNA/waffle-tomcat5/src/main/java/waffle/apache/NegotiateAuthenticator.java b/Source/JNA/waffle-tomcat5/src/main/java/waffle/apache/NegotiateAuthenticator.java
@@ -105,6 +105,9 @@ public boolean authenticate(final Request request, final Response response, fina
                 if (securityContext.isContinue() || ntlmPost) {
                     response.setHeader("Connection", "keep-alive");
                     response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
+                    final String body = "Unauthorized";
+                    response.getWriter().write(body);
+                    response.setContentLength(body.length());
                     response.flushBuffer();
                     return false;
                 }

diff --git a/Source/JNA/waffle-tomcat6/src/main/java/waffle/apache/NegotiateAuthenticator.java b/Source/JNA/waffle-tomcat6/src/main/java/waffle/apache/NegotiateAuthenticator.java
@@ -105,6 +105,9 @@ public boolean authenticate(final Request request, final Response response, fina
                 if (securityContext.isContinue() || ntlmPost) {
                     response.setHeader("Connection", "keep-alive");
                     response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
+                    final String body = "Unauthorized";
+                    response.getWriter().write(body);
+                    response.setContentLength(body.length());
                     response.flushBuffer();
                     return false;
                 }

diff --git a/Source/JNA/waffle-tomcat7/src/main/java/waffle/apache/NegotiateAuthenticator.java b/Source/JNA/waffle-tomcat7/src/main/java/waffle/apache/NegotiateAuthenticator.java
@@ -107,6 +107,9 @@ public boolean authenticate(final Request request, final HttpServletResponse res
                 if (securityContext.isContinue() || ntlmPost) {
                     response.setHeader("Connection", "keep-alive");
                     response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
+                    final String body = "Unauthorized";
+                    response.getWriter().write(body);
+                    response.setContentLength(body.length());
                     response.flushBuffer();
                     return false;
                 }

diff --git a/Source/JNA/waffle-tomcat8/src/main/java/waffle/apache/NegotiateAuthenticator.java b/Source/JNA/waffle-tomcat8/src/main/java/waffle/apache/NegotiateAuthenticator.java
@@ -106,6 +106,9 @@ public boolean authenticate(final Request request, final HttpServletResponse res
                 if (securityContext.isContinue() || ntlmPost) {
                     response.setHeader("Connection", "keep-alive");
                     response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
+                    final String body = "Unauthorized";
+                    response.getWriter().write(body);
+                    response.setContentLength(body.length());
                     response.flushBuffer();
                     return false;
                 }