/** * Constructs a new Service Url. The default implementation relies on the CAS client * to do the bulk of the work. * @param request the HttpServletRequest * @param response the HttpServlet Response * @return the constructed service url. CANNOT be NULL. */ protected String createServiceUrl(final HttpServletRequest request, final HttpServletResponse response) { return CommonUtils.constructServiceUrl(null, response, this.serviceProperties.getService(), null, this.serviceProperties.getArtifactParameter(), this.encodeServiceUrlWithSessionId); }
@Override public Authentication attemptAuthentication(final HttpServletRequest request, final HttpServletResponse response) throws AuthenticationException, IOException { // if the request is a proxy request process it and return null to indicate the // request has been processed if (proxyReceptorRequest(request)) { logger.debug("Responding to proxy receptor request"); CommonUtils.readAndRespondToProxyReceptorRequest(request, response, this.proxyGrantingTicketStorage); return null; } final boolean serviceTicketRequest = serviceTicketRequest(request, response); final String username = serviceTicketRequest ? CAS_STATEFUL_IDENTIFIER : CAS_STATELESS_IDENTIFIER; String password = obtainArtifact(request); if (password == null) { logger.debug("Failed to obtain an artifact (cas ticket)"); password = ""; } final UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken( username, password); authRequest.setDetails(authenticationDetailsSource.buildDetails(request)); return this.getAuthenticationManager().authenticate(authRequest); }
/** * Constructs the Url for Redirection to the CAS server. Default implementation relies * on the CAS client to do the bulk of the work. * * @param serviceUrl the service url that should be included. * @return the redirect url. CANNOT be NULL. */ protected String createRedirectUrl(final String serviceUrl) { return CommonUtils.constructRedirectUrl(this.loginUrl, this.serviceProperties.getServiceParameter(), serviceUrl, this.serviceProperties.isSendRenew(), false); }
/** * Initializes the component for use. */ public void init() { CommonUtils.assertNotNull(this.logoutUri, "logoutUri cannot be null."); CommonUtils.assertTrue(this.logoutUri.startsWith("/"), "logoutUri must start with \"/\""); }
logger.debug("CAS assertion not found in session -- authentication required."); final String token = request.getParameter(this.artifactParameterName); final String service = CommonUtils.constructServiceUrl(request, response, this.serviceUrl, this.serverName, this.serviceParameterName, this.artifactParameterName, true); if (CommonUtils.isBlank(token)) { final String redirectUrl = CommonUtils.constructRedirectUrl(this.casServerLoginUrl, this.serviceParameterName, service, false, false); logger.debug("Redirecting to {}", redirectUrl); CommonUtils.sendRedirect(response, redirectUrl); return null;
public final boolean redirectToCAS(final ServletRequest servletRequest, final ServletResponse servletResponse) throws IOException, ServletException { final HttpServletRequest request = (HttpServletRequest) servletRequest; final HttpServletResponse response = (HttpServletResponse) servletResponse; final HttpSession session = request.getSession(false); final Assertion assertion = session != null ? (Assertion) session.getAttribute(CONST_CAS_ASSERTION) : null; if (assertion != null) { return false; } final String serviceUrl = constructServiceUrl(request, response); final String ticket = CommonUtils.safeGetParameter(request,getArtifactParameterName()); if (CommonUtils.isNotBlank(ticket)) { return false; } final String modifiedServiceUrl; log.debug("no ticket and no assertion found"); modifiedServiceUrl = serviceUrl; if (log.isDebugEnabled()) { log.debug("Constructed service url: " + modifiedServiceUrl); } final String urlToRedirectTo = CommonUtils.constructRedirectUrl(getCasLogin(), getServiceParameterName(), modifiedServiceUrl, false, false); if (log.isDebugEnabled()) { log.debug("redirecting to \"" + urlToRedirectTo + "\""); } response.sendRedirect(urlToRedirectTo); return true; }
/** * Determines whether the given request contains an authentication token. * * @param request HTTP reqest. * * @return True if request contains authentication token, false otherwise. */ private boolean isTokenRequest(final HttpServletRequest request) { return CommonUtils.isNotBlank(CommonUtils.safeGetParameter(request, this.artifactParameterName, this.safeParameters)); }
/** * Initialization method. Called by Filter's init method or by Spring. Similar in concept to the InitializingBean interface's * afterPropertiesSet(); */ public void init() { CommonUtils.assertNotNull(this.artifactParameterName, "artifactParameterName cannot be null."); CommonUtils.assertNotNull(this.serviceParameterName, "serviceParameterName cannot be null."); CommonUtils.assertTrue(CommonUtils.isNotEmpty(this.serverName) || CommonUtils.isNotEmpty(this.service), "serverName or service must be set."); }
public String getProxyTicketIdFor(final String proxyGrantingTicketId, final String targetService) { CommonUtils.assertNotNull(proxyGrantingTicketId, "proxyGrantingTicketId cannot be null."); CommonUtils.assertNotNull(targetService, "targetService cannot be null."); final URL url = constructUrl(proxyGrantingTicketId, targetService); final String response; if (this.urlConnectionFactory != null) { response = CommonUtils.getResponseFromServer(url, this.urlConnectionFactory, this.encoding); } else { response = CommonUtils.getResponseFromServer(url, this.encoding); } final String error = XmlUtils.getTextForElement(response, "proxyFailure"); if (CommonUtils.isNotEmpty(error)) { logger.debug(error); return null; } final String ticket = XmlUtils.getTextForElement(response, "proxyTicket"); logger.debug("Got proxy ticket {}", ticket); return ticket; }
/** * Sets the name of the CAS principal attribute that contains role data. * * @param roleAttribute Role attribute name. MUST NOT be blank. */ public void setRoleAttribute(final String roleAttribute) { CommonUtils.isNotBlank(roleAttribute); this.roleAttribute = roleAttribute; }
public ConfigurationKey(final String name, final E defaultValue) { CommonUtils.assertNotNull(name, "name must not be null."); this.name = name; this.defaultValue = defaultValue; }
/** * Initialization method. Called by Filter's init method or by Spring. Similar in concept to the InitializingBean interface's * afterPropertiesSet(); */ public void init() { CommonUtils.assertTrue(CommonUtils.isNotEmpty(this.serverName) || CommonUtils.isNotEmpty(this.service), "serverName or service must be set."); CommonUtils.assertTrue(CommonUtils.isBlank(this.serverName) || CommonUtils.isBlank(this.service), "serverName and service cannot both be set. You MUST ONLY set one."); }
String logoutMessage = CommonUtils.safeGetParameter(request, this.logoutParameterName, this.safeParameters); if (CommonUtils.isBlank(logoutMessage)) { logger.error("Could not locate logout message of the request from {}", this.logoutParameterName); return; if (CommonUtils.isNotBlank(token)) { final HttpSession session = this.sessionMappingStorage.removeSessionByMappingId(token);
/** * This processes the ProxyReceptor request before the ticket validation code executes. */ protected final boolean preFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain filterChain) throws IOException, ServletException { final HttpServletRequest request = (HttpServletRequest) servletRequest; final HttpServletResponse response = (HttpServletResponse) servletResponse; final String requestUri = request.getRequestURI(); if (CommonUtils.isEmpty(this.proxyReceptorUrl) || !requestUri.endsWith(this.proxyReceptorUrl)) { return true; } try { CommonUtils.readAndRespondToProxyReceptorRequest(request, response, this.proxyGrantingTicketStorage); } catch (final RuntimeException e) { logger.error(e.getMessage(), e); throw e; } return false; }
final Cas20ServiceTicketValidator validator; if (CommonUtils.isNotBlank(allowAnyProxy) || CommonUtils.isNotBlank(allowedProxyChains)) { final Cas20ProxyTicketValidator v = new Cas20ProxyTicketValidator(casServerUrlPrefix); v.setAcceptAnyProxy(parseBoolean(allowAnyProxy)); v.setAllowedProxyChains(CommonUtils.createProxyList(allowedProxyChains)); validator = v; } else {
final boolean wasGatewayed = this.gateway && this.gatewayStorage.hasGatewayedAlready(request, serviceUrl); if (CommonUtils.isNotBlank(ticket) || wasGatewayed) { filterChain.doFilter(request, response); return; final String urlToRedirectTo = CommonUtils.constructRedirectUrl(this.casServerLoginUrl, getProtocol().getServiceParameterName(), modifiedServiceUrl, this.renew, this.gateway);
/** * Exists purely for testing purposes. */ protected String retrieveResponseFromServer(final String url, final String encoding) { return CommonUtils.getResponseFromServer(url, "UTF-8"); }
/** {@inheritDoc} */ public String[] getRoles(final Principal p) { CommonUtils.assertTrue(p instanceof AttributePrincipal, "Expected instance of AttributePrincipal but got " + p.getClass()); final Collection<String> roles = getRoleCollection(p); final String[] array = new String[roles.size()]; roles.toArray(array); return array; }
public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain filterChain) throws IOException, ServletException { final String parameter = CommonUtils.safeGetParameter((HttpServletRequest) request, this.requestParameterName); if (CommonUtils.isNotEmpty(parameter)) { for (final String key : this.delegators.keySet()) { if ((parameter.equals(key) && this.exactMatch) || (parameter.matches(key) && !this.exactMatch)) { final Filter filter = this.delegators.get(key); logger.debug("Match found for parameter [{}] with value [{}]. Delegating to filter [{}]", this.requestParameterName, parameter, filter.getClass().getName()); filter.doFilter(request, response, filterChain); return; } } } logger.debug("No match found for parameter [{}] with value [{}]", this.requestParameterName, parameter); if (this.defaultFilter != null) { this.defaultFilter.doFilter(request, response, filterChain); } else { filterChain.doFilter(request, response); } }
public static String safeGetParameter(final HttpServletRequest request, final String parameter) { return safeGetParameter(request, parameter, Arrays.asList("logoutRequest")); }