1 |
|
|
2 |
|
|
3 |
|
|
4 |
|
|
5 |
|
|
6 |
|
|
7 |
|
|
8 |
|
|
9 |
|
|
10 |
|
|
11 |
|
|
12 |
|
|
13 |
|
|
14 |
|
|
15 |
|
|
16 |
|
|
17 |
|
package org.apache.jetspeed.login; |
18 |
|
|
19 |
|
import java.io.IOException; |
20 |
|
import java.util.Iterator; |
21 |
|
import java.util.List; |
22 |
|
|
23 |
|
import javax.servlet.ServletException; |
24 |
|
import javax.servlet.http.HttpServlet; |
25 |
|
import javax.servlet.http.HttpServletRequest; |
26 |
|
import javax.servlet.http.HttpServletResponse; |
27 |
|
import javax.servlet.http.HttpSession; |
28 |
|
|
29 |
|
import org.apache.jetspeed.Jetspeed; |
30 |
|
import org.apache.jetspeed.PortalReservedParameters; |
31 |
|
import org.apache.jetspeed.administration.PortalAuthenticationConfiguration; |
32 |
|
import org.apache.jetspeed.security.activeauthentication.ActiveAuthenticationIdentityProvider; |
33 |
|
import org.apache.jetspeed.security.activeauthentication.IdentityToken; |
34 |
|
|
35 |
|
|
36 |
|
|
37 |
|
|
38 |
|
|
39 |
|
|
40 |
|
|
41 |
0 |
public class LoginProxyServlet extends HttpServlet |
42 |
|
{ |
43 |
|
|
44 |
|
public void doGet(HttpServletRequest request, |
45 |
|
HttpServletResponse response) throws IOException, ServletException |
46 |
|
{ |
47 |
|
String parameter; |
48 |
|
|
49 |
0 |
request.setCharacterEncoding( "UTF-8" ); |
50 |
|
|
51 |
0 |
HttpSession session = request.getSession(true); |
52 |
|
|
53 |
0 |
parameter = request.getParameter(LoginConstants.DESTINATION); |
54 |
0 |
if (parameter != null) |
55 |
0 |
session.setAttribute(LoginConstants.DESTINATION, parameter); |
56 |
|
else |
57 |
0 |
session.removeAttribute(LoginConstants.DESTINATION); |
58 |
0 |
String username = request.getParameter(LoginConstants.USERNAME); |
59 |
0 |
if (username != null) |
60 |
0 |
session.setAttribute(LoginConstants.USERNAME, username); |
61 |
|
else |
62 |
0 |
session.removeAttribute(LoginConstants.USERNAME); |
63 |
0 |
parameter = request.getParameter(LoginConstants.PASSWORD); |
64 |
0 |
if (parameter != null) |
65 |
0 |
session.setAttribute(LoginConstants.PASSWORD, parameter); |
66 |
|
else |
67 |
0 |
session.removeAttribute(LoginConstants.PASSWORD); |
68 |
|
|
69 |
|
|
70 |
0 |
if (request |
71 |
|
.getParameter(PortalReservedParameters.PAGE_THEME_OVERRIDE_ATTRIBUTE) != null) |
72 |
|
{ |
73 |
0 |
String decoratorName = request |
74 |
|
.getParameter(PortalReservedParameters.PAGE_THEME_OVERRIDE_ATTRIBUTE); |
75 |
0 |
session.setAttribute( |
76 |
|
PortalReservedParameters.PAGE_THEME_OVERRIDE_ATTRIBUTE, |
77 |
|
decoratorName); |
78 |
|
} |
79 |
|
|
80 |
0 |
PortalAuthenticationConfiguration authenticationConfiguration = (PortalAuthenticationConfiguration) |
81 |
|
Jetspeed.getComponentManager().getComponent("org.apache.jetspeed.administration.PortalAuthenticationConfiguration"); |
82 |
0 |
if (authenticationConfiguration.isCreateNewSessionOnLogin()) |
83 |
|
{ |
84 |
|
|
85 |
0 |
ActiveAuthenticationIdentityProvider identityProvider = (ActiveAuthenticationIdentityProvider) |
86 |
|
Jetspeed.getComponentManager().getComponent("org.apache.jetspeed.security.activeauthentication.ActiveAuthenticationIdentityProvider"); |
87 |
0 |
IdentityToken token = identityProvider.createIdentityToken(username); |
88 |
0 |
saveState(session, token, identityProvider.getSessionAttributeNames()); |
89 |
0 |
request.getSession().invalidate(); |
90 |
0 |
HttpSession newSession = request.getSession(true); |
91 |
0 |
restoreState(newSession, token); |
92 |
0 |
response.sendRedirect(response.encodeURL(request.getContextPath() |
93 |
|
+ "/login/redirector?token=") + token.getToken()); |
94 |
|
|
95 |
0 |
} |
96 |
|
else |
97 |
|
{ |
98 |
0 |
response.sendRedirect(response.encodeURL(request.getContextPath() |
99 |
|
+ "/login/redirector")); |
100 |
|
} |
101 |
0 |
} |
102 |
|
|
103 |
|
protected void saveState(HttpSession session, IdentityToken token, List sessionAttributes) |
104 |
|
{ |
105 |
0 |
Iterator sessionNames = sessionAttributes.iterator(); |
106 |
0 |
while (sessionNames.hasNext()) |
107 |
|
{ |
108 |
0 |
String name = (String)sessionNames.next(); |
109 |
0 |
token.setAttribute(name, session.getAttribute(name)); |
110 |
0 |
} |
111 |
0 |
} |
112 |
|
|
113 |
|
protected void restoreState(HttpSession session, IdentityToken token) |
114 |
|
{ |
115 |
0 |
Iterator names = token.getAttributeNames(); |
116 |
0 |
while (names.hasNext()) |
117 |
|
{ |
118 |
0 |
String name = (String)names.next(); |
119 |
0 |
Object attribute = token.getAttribute(name); |
120 |
0 |
session.setAttribute(name, attribute); |
121 |
0 |
} |
122 |
0 |
} |
123 |
|
|
124 |
|
public final void doPost(HttpServletRequest request, |
125 |
|
HttpServletResponse response) throws IOException, ServletException |
126 |
|
{ |
127 |
0 |
doGet(request, response); |
128 |
0 |
} |
129 |
|
|
130 |
|
} |