/** * Executes the block main action * * @param dataSet a value of type 'DataSet' * @return the port to go to the next block */ public Port after(UserInfoInterface userInfo, ProcessData procData) { Port outPort = portFalse; try { String sLogin = null; String sPass = null; sLogin = this.getAttribute(LOGIN_ATTR); sLogin = procData.transform(userInfo, sLogin); try { sPass = procData.transform(userInfo, this.getAttribute(PASS_ATTR)); } catch (Exception ee) { } AuthProfile ap = BeanFactory.getAuthProfileBean(); boolean bOk = ap.checkUser(sLogin, sPass); Logger.info( userInfo.getUtilizador(), this, "after", "[" + procData.getFlowId() + "," + procData.getPid() + "," + procData.getSubPid() + "] " + "checked authentication for " + sLogin + ": " + bOk); if (bOk) { outPort = portTrue; } else { outPort = portFalse; } } catch (Exception e) { Logger.error( userInfo.getUtilizador(), this, "after", procData.getSignature(this.getId()) + "Exception caught: " + e.getMessage()); e.printStackTrace(); } return outPort; }
protected void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { HttpSession session = request.getSession(); AuthenticationResult result = new AuthenticationResult(); String samlXMLB64Response = request.getParameter("SAMLResponse"); // if (StringUtils.isBlank(samlXMLB64Response)) // samlXMLB64Response = request.getAttribute("SAMLResponse").toString(); // samlXMLB64Response = org.apache.commons.lang.StringUtils.replaceChars(samlXMLB64Response, ' // ', '+'); // samlXMLB64Response = // "PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIERlc3RpbmF0aW9uPSJodHRwczovL2JhcmNsYXlzLmNsLmluZm9zaXN0ZW1hLmNvbS9pRmxvdy9zYW1sMi9TU09TZXJ2aWNlIiBJRD0iaWQtcFEtdVlzdUdZTVktdEVyVzgtWlBvRlFYamtBLSIgSXNzdWVJbnN0YW50PSIyMDE0LTEwLTAzVDA5OjMxOjM1WiIgVmVyc2lvbj0iMi4wIj48c2FtbDpJc3N1ZXIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6bmFtZWlkLWZvcm1hdDplbnRpdHkiPmh0dHA6Ly9mZWRlcmF0aW9uLmJhcmNhcGludC5jb20vZmVkL2lkcDwvc2FtbDpJc3N1ZXI+PGRzaWc6U2lnbmF0dXJlIHhtbG5zOmRzaWc9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxkc2lnOlNpZ25lZEluZm8+PGRzaWc6Q2Fub25pY2FsaXphdGlvbk1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjxkc2lnOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPjxkc2lnOlJlZmVyZW5jZSBVUkk9IiNpZC1wUS11WXN1R1lNWS10RXJXOC1aUG9GUVhqa0EtIj48ZHNpZzpUcmFuc2Zvcm1zPjxkc2lnOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+PGRzaWc6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+PC9kc2lnOlRyYW5zZm9ybXM+PGRzaWc6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz48ZHNpZzpEaWdlc3RWYWx1ZT51cFBxY1IwYlAwMThCdHRpRmNZWHNxNytFdDQ9PC9kc2lnOkRpZ2VzdFZhbHVlPjwvZHNpZzpSZWZlcmVuY2U+PC9kc2lnOlNpZ25lZEluZm8+PGRzaWc6U2lnbmF0dXJlVmFsdWU+enlkcEdqc2J5dEdrc2JEYWNrdjh1Ym01d2htaEpUT2Q0SGwrTkhVK3hsTm9lNU5IdGJ0Y2ZsU2tZTGJRK05Mek5FMUdYOGQ4Nlh6R1BCYkN2MkRzN09WbGN6VEV1aDMrRHI0TFV2WWM1Qm1nMDRWT05IZ2Vka09oZFRKUlNabDFTd1Z4NzQ2Ymt3dThCOVp6NVA5VDJ6eGtBdkhlek5yOEwrMXFXOG1MTDhSL1VHMWNLMG5lclNIYzF2VHR4MGFjcWNsUFBZajhoMlBodEFxb21RY3FmK2c5TlRmRnM0M1F0ZUtxdkdVd3dIQm1oTWNSdUtLa1lJbUZ0V3ppY2ZLSWxjeGwvVm9vWldDZHRucVdIWWVxYmlONEZ2dzNtRkZScGRqSHAxZFlpcUlBWTY5RktDMk05OCtyTWFJSlo1cjAzRW1VLzJ0TU1zNDRNYjQyWTlXV1FBPT08L2RzaWc6U2lnbmF0dXJlVmFsdWU+PC9kc2lnOlNpZ25hdHVyZT48c2FtbHA6U3RhdHVzPjxzYW1scDpTdGF0dXNDb2RlIFZhbHVlPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6c3RhdHVzOlN1Y2Nlc3MiLz48L3NhbWxwOlN0YXR1cz48c2FtbDpBc3NlcnRpb24geG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgSUQ9ImlkLWFMMVQ1LU5wY0p6a0lKR3lxcG1NTjZVT3gtay0iIElzc3VlSW5zdGFudD0iMjAxNC0xMC0wM1QwOTozMTozNVoiIFZlcnNpb249IjIuMCI+PHNhbWw6SXNzdWVyIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6ZW50aXR5Ij5odHRwOi8vZmVkZXJhdGlvbi5iYXJjYXBpbnQuY29tL2ZlZC9pZHA8L3NhbWw6SXNzdWVyPjxkc2lnOlNpZ25hdHVyZSB4bWxuczpkc2lnPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj48ZHNpZzpTaWduZWRJbmZvPjxkc2lnOkNhbm9uaWNhbGl6YXRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz48ZHNpZzpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiLz48ZHNpZzpSZWZlcmVuY2UgVVJJPSIjaWQtYUwxVDUtTnBjSnprSUpHeXFwbU1ONlVPeC1rLSI+PGRzaWc6VHJhbnNmb3Jtcz48ZHNpZzpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPjxkc2lnOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyIvPjwvZHNpZzpUcmFuc2Zvcm1zPjxkc2lnOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+PGRzaWc6RGlnZXN0VmFsdWU+NDNiWTZYR245SmhTSEloSU1FSkR5S3ZENXdNPTwvZHNpZzpEaWdlc3RWYWx1ZT48L2RzaWc6UmVmZXJlbmNlPjwvZHNpZzpTaWduZWRJbmZvPjxkc2lnOlNpZ25hdHVyZVZhbHVlPmVxY2FkazkybHpTcmRxM3N5b2V0KzJta3FwaThiTkFhZUltNTdUK1VsMUE0ang2NEJVZzA0V1B0MUFpenJMaXorSXVQaTZvWHdJNm9sVmFFZHdKRk5xR2VYVk5OalNBSlZuYjBNVVVvd2ErdDBhWldwbFAreWlDNlFEWVBZYjNCN25RSjE2Qk8zaGVNQkpsWVJsbWl0eEE0SDBISit4UzhtVEpYV3hnckVJUVhEZFlIVzdXbVNhWGR5K0c0ZVQ4ZUxZTmJQcHE3bVlVNkI4VXRuZU40VnJIdXFxUkl5eXVSdVdFdk5iSEtGRGpaQVFsK29CcDl3WHpFRm5VOGhWdklEdit5VTN4NjZkQ0NmNFRGMXIvY1ZwM2tVb3lvMjJGOW81N2VqcldUK1VUSFlDT25nNzdUQnlseU9KdnFGbmpKL1VsSkIwNlVUWldNa0ZJb3BBekgxdz09PC9kc2lnOlNpZ25hdHVyZVZhbHVlPjwvZHNpZzpTaWduYXR1cmU+PHNhbWw6U3ViamVjdD48c2FtbDpOYW1lSUQgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlkLWZvcm1hdDpYNTA5U3ViamVjdE5hbWUiPkUyMDAxMDM3Nzwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAxNC0xMC0wM1QwOTo0NjozNVoiIFJlY2lwaWVudD0iaHR0cHM6Ly9iYXJjbGF5cy5jbC5pbmZvc2lzdGVtYS5jb20vaUZsb3cvc2FtbDIvU1NPU2VydmljZSIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPjwvc2FtbDpTdWJqZWN0PjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDE0LTEwLTAzVDA5OjIxOjM1WiIgTm90T25PckFmdGVyPSIyMDE0LTEwLTAzVDA5OjQ2OjM1WiI+PHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48c2FtbDpBdWRpZW5jZT5odHRwczovL2JhcmNsYXlzLmNsLmluZm9zaXN0ZW1hLmNvbS9pRmxvdzwvc2FtbDpBdWRpZW5jZT48L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48L3NhbWw6Q29uZGl0aW9ucz48c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTQtMTAtMDNUMDk6MzE6MzVaIiBTZXNzaW9uSW5kZXg9ImlkLXlLYWJkN3FzZEd3QlQ0Vi1SLTViWDd0MklGby0iIFNlc3Npb25Ob3RPbk9yQWZ0ZXI9IjIwMTQtMTAtMDNUMDk6MzE6NDVaIj48c2FtbDpBdXRobkNvbnRleHQ+PHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6S2VyYmVyb3M8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+PC9zYW1sOkF1dGhuQ29udGV4dD48L3NhbWw6QXV0aG5TdGF0ZW1lbnQ+PC9zYW1sOkFzc2VydGlvbj48L3NhbWxwOlJlc3BvbnNlPg=="; samlXMLB64Response = StringEscapeUtils.unescapeHtml(samlXMLB64Response); result.nextUrl = "../main.jsp"; UserInfoInterface ui = BeanFactory.getUserInfoFactory().newUserInfo(); AuthProfile ap = BeanFactory.getAuthProfileBean(); Boolean foundValidKey = false; try { Integer ePId = Integer.parseInt(Setup.getProperty("ENTITY_PROVIDERS_NUMBER")); String employeeid = null; for (int i = 1; i < ePId; i++) { String publicEPKey = Setup.getProperty("ENTITY_PROVIDER_PUBLIC_KEY_" + i); // user account specific settings. Import the certificate here AccountSettings accountSettings = new AccountSettings(); accountSettings.setCertificate(publicEPKey); Response samlResponse = new Response(accountSettings); Logger.debug("System", this, "service", "Received Saml Response:" + samlXMLB64Response); samlResponse.loadXmlFromBase64(samlXMLB64Response); // samlResponse.loadXml(samlXMLB64Response); if (samlResponse.isValid()) { // the signature of the SAML Response is valid. The source is trusted foundValidKey = true; employeeid = samlResponse.getNameId(); break; } } if (!foundValidKey) { // the signature of the SAML Response is not valid session.setAttribute( "login_error", ui.getMessages().getString("login.error.sso.signature")); return; } //////////////////////////// ui.loginSSO(employeeid); boolean isAuth = result.isAuth = ui.isLogged(); if (isAuth) { ///////////////////////////// // // Now set some session vars // ///////////////////////////// // Application Data session.setAttribute("login", ui.getUtilizador()); session.setAttribute(Const.USER_INFO, ui); UserSettings settings = ui.getUserSettings(); OrganizationData orgData = ap.getOrganizationInfo(ui.getOrganization()); session.setAttribute(Const.ORG_INFO, orgData); OrganizationTheme orgTheme = BeanFactory.getOrganizationThemeBean(); if (orgTheme != null) { OrganizationThemeData themeData = orgTheme.getOrganizationTheme(ui); session.setAttribute("themedata", themeData); } if (settings.isDefault() && Const.USE_INDIVIDUAL_LOCALE && Const.ASK_LOCALE_AT_LOGIN) { result.nextUrl = "../setupUser"; } // check license status // if(!licenseOk && isSystem) { // result.nextUrl = "Admin/licenseValidation.jsp"; // } session.setAttribute("SessionHelperToken", new SimpleSessionHelper()); } else { session.setAttribute("login_error", ui.getError()); } PersistSession ps = new PersistSession(); ps.getSession(ui, session); } catch (Exception e) { ui.loginSSO(null); session.setAttribute("login_error", ui.getError()); } finally { response.sendRedirect(result.nextUrl + "?" + Utils.makeSycnhronizerToken()); } }