1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.apache.jetspeed.login;
18
19 import java.io.IOException;
20 import java.util.Iterator;
21 import java.util.List;
22
23 import javax.servlet.ServletException;
24 import javax.servlet.http.HttpServlet;
25 import javax.servlet.http.HttpServletRequest;
26 import javax.servlet.http.HttpServletResponse;
27 import javax.servlet.http.HttpSession;
28
29 import org.apache.jetspeed.Jetspeed;
30 import org.apache.jetspeed.PortalReservedParameters;
31 import org.apache.jetspeed.administration.PortalAuthenticationConfiguration;
32 import org.apache.jetspeed.security.activeauthentication.ActiveAuthenticationIdentityProvider;
33 import org.apache.jetspeed.security.activeauthentication.IdentityToken;
34
35 /***
36 * LoginProxyServlet
37 *
38 * @author <a href="mailto:ate@douma.nu">Ate Douma </a>
39 * @version $Id: LoginProxyServlet.java 544402 2007-06-05 06:20:00Z taylor $
40 */
41 public class LoginProxyServlet extends HttpServlet
42 {
43
44 public void doGet(HttpServletRequest request,
45 HttpServletResponse response) throws IOException, ServletException
46 {
47 String parameter;
48
49 request.setCharacterEncoding( "UTF-8" );
50
51 HttpSession session = request.getSession(true);
52
53 parameter = request.getParameter(LoginConstants.DESTINATION);
54 if (parameter != null)
55 session.setAttribute(LoginConstants.DESTINATION, parameter);
56 else
57 session.removeAttribute(LoginConstants.DESTINATION);
58 String username = request.getParameter(LoginConstants.USERNAME);
59 if (username != null)
60 session.setAttribute(LoginConstants.USERNAME, username);
61 else
62 session.removeAttribute(LoginConstants.USERNAME);
63 parameter = request.getParameter(LoginConstants.PASSWORD);
64 if (parameter != null)
65 session.setAttribute(LoginConstants.PASSWORD, parameter);
66 else
67 session.removeAttribute(LoginConstants.PASSWORD);
68
69
70 if (request
71 .getParameter(PortalReservedParameters.PAGE_THEME_OVERRIDE_ATTRIBUTE) != null)
72 {
73 String decoratorName = request
74 .getParameter(PortalReservedParameters.PAGE_THEME_OVERRIDE_ATTRIBUTE);
75 session.setAttribute(
76 PortalReservedParameters.PAGE_THEME_OVERRIDE_ATTRIBUTE,
77 decoratorName);
78 }
79
80 PortalAuthenticationConfiguration authenticationConfiguration = (PortalAuthenticationConfiguration)
81 Jetspeed.getComponentManager().getComponent("org.apache.jetspeed.administration.PortalAuthenticationConfiguration");
82 if (authenticationConfiguration.isCreateNewSessionOnLogin())
83 {
84
85 ActiveAuthenticationIdentityProvider identityProvider = (ActiveAuthenticationIdentityProvider)
86 Jetspeed.getComponentManager().getComponent("org.apache.jetspeed.security.activeauthentication.ActiveAuthenticationIdentityProvider");
87 IdentityToken token = identityProvider.createIdentityToken(username);
88 saveState(session, token, identityProvider.getSessionAttributeNames());
89 request.getSession().invalidate();
90 HttpSession newSession = request.getSession(true);
91 restoreState(newSession, token);
92 response.sendRedirect(response.encodeURL(request.getContextPath()
93 + "/login/redirector?token=") + token.getToken());
94
95 }
96 else
97 {
98 response.sendRedirect(response.encodeURL(request.getContextPath()
99 + "/login/redirector"));
100 }
101 }
102
103 protected void saveState(HttpSession session, IdentityToken token, List sessionAttributes)
104 {
105 Iterator sessionNames = sessionAttributes.iterator();
106 while (sessionNames.hasNext())
107 {
108 String name = (String)sessionNames.next();
109 token.setAttribute(name, session.getAttribute(name));
110 }
111 }
112
113 protected void restoreState(HttpSession session, IdentityToken token)
114 {
115 Iterator names = token.getAttributeNames();
116 while (names.hasNext())
117 {
118 String name = (String)names.next();
119 Object attribute = token.getAttribute(name);
120 session.setAttribute(name, attribute);
121 }
122 }
123
124 public final void doPost(HttpServletRequest request,
125 HttpServletResponse response) throws IOException, ServletException
126 {
127 doGet(request, response);
128 }
129
130 }