public void removePropertyValue(PropertyTypeDefinition propDef) throws Exception {
RequestContext requestContext = RequestContext.getRequestContext();
Repository repository = requestContext.getRepository();
String token = SecurityContext.getSecurityContext().getToken();
Path uri = requestContext.getResourceURI();
Resource resource = repository.retrieve(token, uri, true);
if (resource.getProperty(propDef) != null) {
resource.removeProperty(propDef);
repository.store(token, resource);
}
}
public void setPropertyDateValue(PropertyTypeDefinition datePropDef, Date date) throws Exception {
RequestContext requestContext = RequestContext.getRequestContext();
Repository repository = requestContext.getRepository();
String token = SecurityContext.getSecurityContext().getToken();
Path uri = requestContext.getResourceURI();
Resource resource = repository.retrieve(token, uri, true);
Property dateProp = resource.getProperty(datePropDef);
if (dateProp == null) {
dateProp = datePropDef.createProperty();
resource.addProperty(dateProp);
}
dateProp.setDateValue(date);
repository.store(token, resource);
}
public boolean postAuthentication(HttpServletRequest req, HttpServletResponse resp) {
String authHeader = req.getHeader("Authorization");
if (authHeader == null) {
return false;
}
String headerFields = authHeader.substring("Digest: ".length() - 1);
String nonce = HttpUtil.extractHeaderField(headerFields, "nonce");
String opaque = HttpUtil.extractHeaderField(headerFields, "opaque");
if (nonce == null || opaque == null) {
return false;
}
Principal principal = SecurityContext.getSecurityContext().getPrincipal();
if (principal == null) {
return false;
}
if (this.maintainState) {
StateEntry entry = (StateEntry) this.stateMap.remove(nonce + ":" + opaque);
if (entry == null) {
return false;
}
Date timestamp = new Date();
String nextNonce = this.generateNonce();
entry.setUsername(principal.getQualifiedName());
entry.setNonce(nextNonce);
entry.setTimestamp(timestamp);
entry.setNonceCount(entry.getNonceCount() + 1);
entry.setStale(false);
this.stateMap.put(nextNonce + ":" + opaque, entry);
resp.addHeader("Authentication-Info", "nextnonce=" + nextNonce);
}
return false;
}
/** @see vtk.web.ContextInitializer#destroyContext() */
public void destroyContext() {
if (logger.isDebugEnabled()) {
logger.debug("Destroying security context: " + SecurityContext.getSecurityContext());
}
SecurityContext.setSecurityContext(null);
}
/**
* Logs out the client from the authentication system. Clears the {@link SecurityContext} and
* removes the principal from the {@link TokenManager}. Finally, calls the authentication
* handler's {@link AuthenticationHandler#logout logout} method.
*
* @param request the request
* @param response the response
* @return the return value of the authentication handler's <code>logout()</code> method.
* @throws AuthenticationProcessingException if an underlying problem prevented the request from
* being processed
* @throws IOException
* @throws ServletException
* @see AuthenticationHandler#logout
*/
public boolean logout(HttpServletRequest request, HttpServletResponse response)
throws AuthenticationProcessingException, ServletException, IOException {
if (!SecurityContext.exists()) {
return false;
}
SecurityContext securityContext = SecurityContext.getSecurityContext();
Principal principal = securityContext.getPrincipal();
if (principal == null) {
return false;
}
AuthenticationHandler handler =
this.tokenManager.getAuthenticationHandler(securityContext.getToken());
// FIXME: what if handler.isLogoutSupported() == false?
boolean result = handler.logout(principal, request, response);
String status = result ? "OK" : "FAIL";
if (authLogger.isDebugEnabled()) {
authLogger.debug(
request.getRemoteAddr()
+ " - request-URI: "
+ request.getRequestURI()
+ " - "
+ "logout_method: Logout: principal: '"
+ principal
+ "' - method: '"
+ handler.getIdentifier()
+ "' - status: "
+ status);
}
this.tokenManager.removeToken(securityContext.getToken());
SecurityContext.setSecurityContext(null);
if (this.rememberAuthMethod) {
List<String> spCookies = new ArrayList<String>();
spCookies.add(vrtxAuthSP);
spCookies.add(uioAuthIDP);
if (this.cookieLinksEnabled) {
spCookies.add(VRTXLINK_COOKIE);
}
for (String cookie : spCookies) {
Cookie c = getCookie(request, cookie);
if (c != null) {
if (logger.isDebugEnabled()) {
logger.debug("Deleting cookie " + cookie);
}
c = new Cookie(cookie, c.getValue());
if (!cookie.equals(VRTXLINK_COOKIE)) {
c.setSecure(true);
}
c.setPath("/");
if (this.spCookieDomain != null && !cookie.equals(VRTXLINK_COOKIE)) {
c.setDomain(this.spCookieDomain);
}
c.setMaxAge(0);
response.addCookie(c);
}
}
}
return result;
}
/**
* Removes authentication state from the authentication system. The {@link SecurityContext} is
* cleared, the current principal is removed from the {@link TokenManager}, but the {@link
* AuthenticationHandler#logout logout} process is not initiated.
*
* @return <code>true</code> if any state was removed, <code>false</code> otherwise
*/
public boolean removeAuthState(HttpServletRequest request, HttpServletResponse response) {
if (!SecurityContext.exists()) {
return false;
}
SecurityContext securityContext = SecurityContext.getSecurityContext();
Principal principal = securityContext.getPrincipal();
if (principal == null) {
return false;
}
this.tokenManager.removeToken(securityContext.getToken());
SecurityContext.setSecurityContext(null);
if (authLogger.isDebugEnabled()) {
authLogger.debug(
request.getRemoteAddr()
+ " - request-URI: "
+ request.getRequestURI()
+ " - "
+ "removeAuthState_method: Logout: principal: '"
+ principal
+ "' - method: '<none>' - status: OK");
}
if (this.rememberAuthMethod) {
List<String> spCookies = new ArrayList<String>();
spCookies.add(vrtxAuthSP);
spCookies.add(uioAuthIDP);
spCookies.add(VRTXLINK_COOKIE);
for (String cookie : spCookies) {
Cookie c = getCookie(request, cookie);
if (c != null) {
if (logger.isDebugEnabled()) {
logger.debug("Deleting cookie " + cookie);
}
if (authLogger.isDebugEnabled()) {
authLogger.debug(
request.getRemoteAddr()
+ " - request-URI: "
+ request.getRequestURI()
+ " - "
+ "Deleting cookie "
+ cookie);
}
c = new Cookie(cookie, c.getValue());
if (!cookie.equals(VRTXLINK_COOKIE)) {
c.setSecure(true);
}
c.setPath("/");
if (this.spCookieDomain != null && !cookie.equals(VRTXLINK_COOKIE)) {
c.setDomain(this.spCookieDomain);
}
c.setMaxAge(0);
response.addCookie(c);
}
}
}
HttpSession session = request.getSession(false);
if (session != null) {
session.invalidate();
}
return true;
}
