public void setRememberMeCookie(
String principal,
HttpServletResponse httpServletResponse,
HttpServletRequest httpServletRequest) {
if (!isRememberMeEnabled()) {
return;
}
try {
CookieSettings settings = securitySystem.getPolicy().getRememberMeCookieSettings();
int timeout = settings.getCookieTimeout();
KeyManager keyManager = securitySystem.getKeyManager();
AuthenticationKey authkey = keyManager.createKey(principal, "Remember Me Key", timeout);
Cookie cookie =
createCookie(
REMEMBER_ME_KEY,
authkey.getKey(),
settings.getDomain(),
settings.getPath(),
httpServletRequest);
if (timeout > 0) {
cookie.setMaxAge(timeout);
}
httpServletResponse.addCookie(cookie);
} catch (KeyManagerException e) {
log.warn("Unable to set remember me cookie.");
}
}
public void setSignonCookie(
String principal,
HttpServletResponse httpServletResponse,
HttpServletRequest httpServletRequest) {
try {
CookieSettings settings = securitySystem.getPolicy().getSignonCookieSettings();
int timeout = settings.getCookieTimeout();
KeyManager keyManager = securitySystem.getKeyManager();
AuthenticationKey authkey = keyManager.createKey(principal, "Signon Session Key", timeout);
/* The path must remain as "/" in order for SSO to work on installations where the only
* all of the servers are installed into the same web container but under different
* web contexts.
*/
Cookie cookie =
createCookie(
SIGNON_KEY,
authkey.getKey(),
settings.getDomain(),
settings.getPath(),
httpServletRequest);
if (timeout > 0) {
cookie.setMaxAge(timeout);
}
httpServletResponse.addCookie(cookie);
} catch (KeyManagerException e) {
log.warn("Unable to set single sign on cookie.");
}
}
public AuthenticationKey getRememberMeKey(
HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) {
if (!isRememberMeEnabled()) {
return null;
}
Cookie rememberMeCookie = getCookie(httpServletRequest, REMEMBER_ME_KEY);
if (rememberMeCookie == null) {
log.debug("Remember Me Cookie Not Found: {}", REMEMBER_ME_KEY);
return null;
}
// Found user with a remember me key.
String providedKey = rememberMeCookie.getValue();
log.debug("Found remember me cookie : {}", providedKey);
CookieSettings settings = securitySystem.getPolicy().getRememberMeCookieSettings();
return findAuthKey(
REMEMBER_ME_KEY,
providedKey,
settings.getDomain(),
settings.getPath(),
httpServletResponse,
httpServletRequest);
}
public void removeSignonCookie(
HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) {
CookieSettings settings = securitySystem.getPolicy().getSignonCookieSettings();
removeCookie(
httpServletResponse,
httpServletRequest,
SIGNON_KEY,
settings.getDomain(),
settings.getPath());
}
public void removeRememberMeCookie(
HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) {
CookieSettings settings = securitySystem.getPolicy().getRememberMeCookieSettings();
removeCookie(
httpServletResponse,
httpServletRequest,
REMEMBER_ME_KEY,
settings.getDomain(),
settings.getPath());
}
private AuthenticationKey findAuthKey(
String cookieName,
String providedKey,
String domain,
String path,
HttpServletResponse httpServletResponse,
HttpServletRequest httpServletRequest) {
try {
AuthenticationKey authkey = securitySystem.getKeyManager().findKey(providedKey);
log.debug("Found AuthKey: {}", authkey);
return authkey;
} catch (KeyNotFoundException e) {
log.info("Invalid AuthenticationKey {} submitted. Invalidating cookie.", providedKey);
// Invalid Cookie. Remove it.
removeCookie(httpServletResponse, httpServletRequest, cookieName, domain, path);
} catch (KeyManagerException e) {
log.error("KeyManagerException: {}", e.getMessage(), e);
}
return null;
}
public AuthenticationKey getSignonKey(
HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) {
Cookie ssoCookie = getCookie(httpServletRequest, SIGNON_KEY);
if (ssoCookie == null) {
log.debug("Single Sign On Cookie Not Found: {}", SIGNON_KEY);
return null;
}
// Found user with a single sign on key.
String providedKey = ssoCookie.getValue();
log.debug("Found sso cookie : {}", providedKey);
CookieSettings settings = securitySystem.getPolicy().getSignonCookieSettings();
return findAuthKey(
SIGNON_KEY,
providedKey,
settings.getDomain(),
settings.getPath(),
httpServletResponse,
httpServletRequest);
}
public boolean isRememberMeEnabled() {
return securitySystem.getPolicy().getRememberMeCookieSettings().isEnabled();
}
