AbstractServlet.java

package org.kisst.servlet4j;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.kisst.props4j.Props;
import org.kisst.util.Base64;
import org.kisst.util.CryptoUtil;



public abstract class AbstractServlet {
	private final String adminPassword;

	public AbstractServlet(Props props) {
		String password=props.getString("admin.password", null);

		if (password==null)
			password=CryptoUtil.decrypt(props.getString("admin.encryptedPassword"));
		this.adminPassword=password;
	}

	abstract public void handle(HttpServletRequest request, HttpServletResponse response)
	throws ServletException, IOException;

	protected String getUser(HttpServletRequest req, HttpServletResponse res) {
		return getBasicUser(req,res);
	}

	private  String getBasicUser(HttpServletRequest req, HttpServletResponse res) {
		String authhead=req.getHeader("Authorization");

		if(authhead!=null)
		{
			String usernpass;
			try {
				usernpass = new String(Base64.decode(authhead.substring(6)));
			} catch (IOException e) { throw new RuntimeException(e);}
			String user=usernpass.substring(0,usernpass.indexOf(":"));
			String password=usernpass.substring(usernpass.indexOf(":")+1);


			if (user.equals("admin") && password.equals(adminPassword))
				return user;
		}
		res.setHeader("WWW-Authenticate","Basic realm=\"Authorisation test servlet\"");
		try {
			res.sendError(HttpServletResponse.SC_UNAUTHORIZED, "");
		} catch (IOException e) { throw new RuntimeException(e);}
		return null;
	}

	public static String quoteXml(String s) {
		s=s.replaceAll("&", "&");
		s=s.replaceAll("<", "<");
		s=s.replaceAll(">", ">");
		return s;
	}}