1 |
|
|
2 |
|
|
3 |
|
|
4 |
|
|
5 |
|
|
6 |
|
|
7 |
|
|
8 |
|
|
9 |
|
|
10 |
|
|
11 |
|
|
12 |
|
|
13 |
|
|
14 |
|
|
15 |
|
|
16 |
|
|
17 |
|
package org.apache.jetspeed.login; |
18 |
|
|
19 |
|
import java.io.IOException; |
20 |
|
import java.util.Iterator; |
21 |
|
import java.util.List; |
22 |
|
|
23 |
|
import javax.servlet.ServletConfig; |
24 |
|
import javax.servlet.ServletException; |
25 |
|
import javax.servlet.http.HttpServlet; |
26 |
|
import javax.servlet.http.HttpServletRequest; |
27 |
|
import javax.servlet.http.HttpServletResponse; |
28 |
|
import javax.servlet.http.HttpSession; |
29 |
|
|
30 |
|
import org.apache.jetspeed.Jetspeed; |
31 |
|
import org.apache.jetspeed.PortalReservedParameters; |
32 |
|
import org.apache.jetspeed.administration.PortalAuthenticationConfiguration; |
33 |
|
import org.apache.jetspeed.security.activeauthentication.ActiveAuthenticationIdentityProvider; |
34 |
|
import org.apache.jetspeed.security.activeauthentication.IdentityToken; |
35 |
|
|
36 |
|
|
37 |
|
|
38 |
|
|
39 |
|
|
40 |
|
|
41 |
|
|
42 |
0 |
public class LoginProxyServlet extends HttpServlet |
43 |
|
{ |
44 |
0 |
private boolean credentialsFromRequest = true; |
45 |
|
|
46 |
|
public void init(ServletConfig config) throws ServletException |
47 |
|
{ |
48 |
0 |
super.init(config); |
49 |
0 |
String s = config.getInitParameter("credentialsFromRequest"); |
50 |
0 |
if (s != null) |
51 |
|
{ |
52 |
0 |
credentialsFromRequest = s.equalsIgnoreCase("true"); |
53 |
|
} |
54 |
0 |
} |
55 |
|
|
56 |
|
public void doGet(HttpServletRequest request, |
57 |
|
HttpServletResponse response) throws IOException, ServletException |
58 |
|
{ |
59 |
|
String parameter; |
60 |
|
String username; |
61 |
0 |
request.setCharacterEncoding( "UTF-8" ); |
62 |
|
|
63 |
0 |
HttpSession session = request.getSession(true); |
64 |
|
|
65 |
0 |
parameter = request.getParameter(LoginConstants.DESTINATION); |
66 |
0 |
if (parameter != null) |
67 |
0 |
session.setAttribute(LoginConstants.DESTINATION, parameter); |
68 |
|
else |
69 |
0 |
session.removeAttribute(LoginConstants.DESTINATION); |
70 |
0 |
if (credentialsFromRequest) |
71 |
|
{ |
72 |
0 |
username = request.getParameter(LoginConstants.USERNAME); |
73 |
0 |
if (username != null) |
74 |
0 |
session.setAttribute(LoginConstants.USERNAME, username); |
75 |
|
else |
76 |
0 |
session.removeAttribute(LoginConstants.USERNAME); |
77 |
0 |
parameter = request.getParameter(LoginConstants.PASSWORD); |
78 |
0 |
if (parameter != null) |
79 |
0 |
session.setAttribute(LoginConstants.PASSWORD, parameter); |
80 |
|
else |
81 |
0 |
session.removeAttribute(LoginConstants.PASSWORD); |
82 |
|
} |
83 |
|
else |
84 |
|
{ |
85 |
0 |
username = (String)session.getAttribute(LoginConstants.USERNAME); |
86 |
0 |
parameter = (String)session.getAttribute(LoginConstants.PASSWORD); |
87 |
|
} |
88 |
|
|
89 |
|
|
90 |
0 |
if (request |
91 |
|
.getParameter(PortalReservedParameters.PAGE_THEME_OVERRIDE_ATTRIBUTE) != null) |
92 |
|
{ |
93 |
0 |
String decoratorName = request |
94 |
|
.getParameter(PortalReservedParameters.PAGE_THEME_OVERRIDE_ATTRIBUTE); |
95 |
0 |
session.setAttribute( |
96 |
|
PortalReservedParameters.PAGE_THEME_OVERRIDE_ATTRIBUTE, |
97 |
|
decoratorName); |
98 |
|
} |
99 |
|
|
100 |
0 |
PortalAuthenticationConfiguration authenticationConfiguration = (PortalAuthenticationConfiguration) |
101 |
|
Jetspeed.getComponentManager().getComponent("org.apache.jetspeed.administration.PortalAuthenticationConfiguration"); |
102 |
0 |
if (authenticationConfiguration.isCreateNewSessionOnLogin()) |
103 |
|
{ |
104 |
|
|
105 |
0 |
ActiveAuthenticationIdentityProvider identityProvider = (ActiveAuthenticationIdentityProvider) |
106 |
|
Jetspeed.getComponentManager().getComponent("org.apache.jetspeed.security.activeauthentication.ActiveAuthenticationIdentityProvider"); |
107 |
0 |
IdentityToken token = identityProvider.createIdentityToken(username); |
108 |
0 |
saveState(session, token, identityProvider.getSessionAttributeNames()); |
109 |
0 |
request.getSession().invalidate(); |
110 |
0 |
HttpSession newSession = request.getSession(true); |
111 |
0 |
restoreState(newSession, token); |
112 |
0 |
response.sendRedirect(response.encodeURL(request.getContextPath() |
113 |
|
+ "/login/redirector?token=") + token.getToken()); |
114 |
|
|
115 |
0 |
} |
116 |
|
else |
117 |
|
{ |
118 |
0 |
response.sendRedirect(response.encodeURL(request.getContextPath() |
119 |
|
+ "/login/redirector")); |
120 |
|
} |
121 |
0 |
} |
122 |
|
|
123 |
|
protected void saveState(HttpSession session, IdentityToken token, List sessionAttributes) |
124 |
|
{ |
125 |
0 |
Iterator sessionNames = sessionAttributes.iterator(); |
126 |
0 |
while (sessionNames.hasNext()) |
127 |
|
{ |
128 |
0 |
String name = (String)sessionNames.next(); |
129 |
0 |
token.setAttribute(name, session.getAttribute(name)); |
130 |
0 |
} |
131 |
0 |
} |
132 |
|
|
133 |
|
protected void restoreState(HttpSession session, IdentityToken token) |
134 |
|
{ |
135 |
0 |
Iterator names = token.getAttributeNames(); |
136 |
0 |
while (names.hasNext()) |
137 |
|
{ |
138 |
0 |
String name = (String)names.next(); |
139 |
0 |
Object attribute = token.getAttribute(name); |
140 |
0 |
session.setAttribute(name, attribute); |
141 |
0 |
} |
142 |
0 |
} |
143 |
|
|
144 |
|
public final void doPost(HttpServletRequest request, |
145 |
|
HttpServletResponse response) throws IOException, ServletException |
146 |
|
{ |
147 |
0 |
doGet(request, response); |
148 |
0 |
} |
149 |
|
|
150 |
|
} |