コード例 #1
0
  /**
   * Perform a remote setProperty on the Session using the remote Service URL.
   *
   * <p>{@inheritDoc}
   */
  public void setProperty(Session session, String name, String value) throws SessionException {
    if (debug.messageEnabled()) {
      debug.message(MessageFormat.format("Remote setProperty {0} {1}={2}", session, name, value));
    }

    SessionID sessionID = session.getID();
    SessionRequest sreq =
        new SessionRequest(SessionRequest.SetProperty, sessionID.toString(), false);
    sreq.setPropertyName(name);
    sreq.setPropertyValue(value);
    if (SystemProperties.isServerMode() && InternalSession.isProtectedProperty(name)) {
      try {
        SSOToken admSSOToken = SessionUtils.getAdminToken();
        sreq.setRequester(RestrictedTokenContext.marshal(admSSOToken));
      } catch (SSOException e) {
        throw new SessionException(e);
      } catch (Exception e) {
        throw new SessionException(e);
      }

      if (debug.messageEnabled()) {
        debug.message(
            "Session.setProperty: "
                + "added admSSOToken in sreq to set "
                + "externalProtectedProperty in remote server");
      }
    }
    requests.sendRequestWithRetry(session.getSessionServiceURL(), sreq, session);
  }
コード例 #2
0
 private String getContextIdFromSessionId(String sessionId) {
   InternalSession session = AuthD.getSession(new SessionID(sessionId));
   return session == null ? "" : session.getProperty(Constants.AM_CTX_ID);
 }
コード例 #3
0
ファイル: SessionUtils.java プロジェクト: aldaris/opensso
  /**
   * Helper method to check if client has taken permission to set value to it. If
   *
   * @param clientToken Token of the client setting protected property.
   * @param key Property key
   * @param value Property value.
   * @throws SessionException if the key is protected property.
   */
  public static void checkPermissionToSetProperty(SSOToken clientToken, String key, String value)
      throws SessionException {
    if (InternalSession.isProtectedProperty(key)) {
      if (clientToken == null) {
        // Throw Ex. Client should identify itself.
        if (SessionService.sessionDebug.warningEnabled()) {
          SessionService.sessionDebug.warning(
              "SessionUtils.checkPermissionToSetProperty(): "
                  + "Attempt to set protected property without client "
                  + "token ["
                  + key
                  + "="
                  + value
                  + "]");
        }
        throw new SessionException(
            SessionBundle.getString("protectedPropertyNoClientToken") + " " + key);
      }

      SSOTokenManager ssoTokenManager = null;
      try {
        ssoTokenManager = SSOTokenManager.getInstance();
      } catch (SSOException ssoEx) {
        // Throw Ex. Not able to get SSOTokenManager instance.
        SessionService.sessionDebug.error(
            "SessionUtils.checkPermissionToSetProperty(): "
                + "Cannot get instance of SSOTokenManager.");
        throw new SessionException(
            SessionBundle.getString("protectedPropertyNoSSOTokenMgrInstance") + " " + key);
      }

      if (!ssoTokenManager.isValidToken(clientToken)) {
        // Throw Ex. Client should identify itself.
        if (SessionService.sessionDebug.warningEnabled()) {
          SessionService.sessionDebug.warning(
              "SessionUtils.checkPermissionToSetProperty(): "
                  + "Attempt to set protected property with invalid client"
                  + " token ["
                  + key
                  + "="
                  + value
                  + "]");
        }
        throw new SessionException(
            SessionBundle.getString("protectedPropertyInvalidClientToken") + " " + key);
      }

      SSOToken admToken = null;
      try {
        admToken = SessionUtils.getAdminToken();
      } catch (SSOException ssoEx) {
        // Throw Ex. Server not able to get Admin Token.
        SessionService.sessionDebug.error(
            "SessionUtils.checkPermissionToSetProperty(): "
                + "Cannot get Admin Token for validation to set protected "
                + "property ["
                + key
                + "="
                + value
                + "]");
        throw new SessionException(
            SessionBundle.getString("protectedPropertyNoAdminToken") + " " + key);
      }
      if (!SessionUtils.isAdmin(admToken, clientToken)) {
        // Throw Ex. Client not authorized to set this property.
        SessionService.sessionDebug.error(
            "SessionUtils.checkPermissionToSetProperty(): "
                + "Client does not have permission to set protected "
                + "property"
                + key
                + "="
                + value
                + "]");
        throw new SessionException(
            SessionBundle.getString("protectedPropertyNoPermission") + " " + key);
      }
    }
  }