1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.apache.jetspeed.demo.servlet;
18
19 import java.io.IOException;
20 import javax.servlet.ServletException;
21 import javax.servlet.http.HttpServlet;
22 import javax.servlet.http.HttpServletRequest;
23 import javax.servlet.http.HttpServletResponse;
24
25
26 /***
27 * SSODemoServlet - looks for username, password in the URL for single
28 * signon to this servlet from a SSO portlet.
29 * Username request parameter: ssouser
30 * Password request parameter: ssopw
31 *
32 * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
33 * @version $Id: SSODemoServlet.java 517121 2007-03-12 07:45:49Z ate $
34 */
35 public class SSODemoServlet extends HttpServlet
36 {
37 public final static String DEMO_SSO_PRINCIPAL_PARAM = "sso-principal";
38 public final static String DEMO_SSO_CREDENTIAL_PARAM = "sso-credential";
39 public final static String DEMO_SSO_CREDENTIAL = "secret-password";
40
41 public final void doGet(HttpServletRequest request, HttpServletResponse response)
42 throws IOException, ServletException
43 {
44 String principal = request.getParameter(DEMO_SSO_PRINCIPAL_PARAM);
45 String credential = request.getParameter(DEMO_SSO_CREDENTIAL_PARAM);
46 String authenticatedPrincipal = "007";
47
48
49
50
51
52
53
54
55
56
57
58
59
60 if (principal == null)
61 {
62 error403(request, response, "SSO Principal is not valid. Please provide a valid SSO principal.");
63 return;
64 }
65
66 if (credential == null)
67 {
68 error403(request, response, "SSO Credential is not valid. Please provide a valid SSO credential.");
69 return;
70 }
71 if (!principal.equals(authenticatedPrincipal))
72 {
73 error403(request, response, "SSO Principal not found on SSO Server. Please provide a valid SSO principal.");
74 return;
75 }
76 if (!credential.equals(DEMO_SSO_CREDENTIAL))
77 {
78 error403(request, response, "SSO Credential does not match. Please provide a valid SSO credential.");
79 return;
80 }
81
82
83 response.getWriter().println("<b>Welcome to the SSO Gateway!</b><br/>");
84 response.getWriter().println("Remote Principal has been authenticated.<br/>");
85 response.getWriter().println("Remote User = " + authenticatedPrincipal + "<br/>");
86 }
87
88 private void error403(HttpServletRequest request, HttpServletResponse response, String message)
89 throws IOException, ServletException
90 {
91 response.getWriter().println("<b>HTTP Status 403: Access to SSO Demo Site not permitted.<br/>");
92 response.getWriter().println(message + "<br/>");
93 response.getWriter().println("To configure the SSO Principal, switch to Edit Mode.<br/>");
94 return;
95
96 }
97
98 public final void doPost(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException
99 {
100 doGet(req, res);
101 }
102
103 }