void HttpConnection::ProcessMessageAsync(HttpRequest& request) { Log(LogInformation, "HttpConnection", "Processing Http message"); String auth_header = request.Headers->Get("authorization"); String::SizeType pos = auth_header.FindFirstOf(" "); String username, password; if (pos != String::NPos && auth_header.SubStr(0, pos) == "Basic") { String credentials_base64 = auth_header.SubStr(pos + 1); String credentials = Base64::Decode(credentials_base64); String::SizeType cpos = credentials.FindFirstOf(":"); if (cpos != String::NPos) { username = credentials.SubStr(0, cpos); password = credentials.SubStr(cpos + 1); } } ApiUser::Ptr user; if (m_ApiUser) user = m_ApiUser; else { user = ApiUser::GetByName(username); if (!user || !user->CheckPassword(password)) user.reset(); } HttpResponse response(m_Stream, request); if (!user) { response.SetStatus(401, "Unauthorized"); response.AddHeader("Content-Type", "text/html"); response.AddHeader("WWW-Authenticate", "Basic realm=\"Icinga 2\""); String msg = "<h1>Unauthorized</h1>"; response.WriteBody(msg.CStr(), msg.GetLength()); } else { try { HttpHandler::ProcessRequest(user, request, response); } catch (const std::exception& ex) { response.SetStatus(503, "Unhandled exception"); response.AddHeader("Content-Type", "text/plain"); String errorInfo = DiagnosticInformation(ex); response.WriteBody(errorInfo.CStr(), errorInfo.GetLength()); } } response.Finish(); m_PendingRequests--; }