Пример #1
0
  public static String checkForComponentEvent(
      String pageName,
      String componentId,
      String eventId,
      String eventType,
      ApplicationStateManager applicationStateManager,
      ComponentSource componentSource,
      MetaDataLocator locator) {

    String redirectPage = null;
    String authenticationPolicyMeta =
        EVENT_HANDLER_AUTHENTICATION_TYPE + "-" + eventId + "-" + eventType;
    authenticationPolicyMeta = authenticationPolicyMeta.toLowerCase();

    Component component = null;
    if (componentId == null) {
      component = componentSource.getPage(pageName);
    } else {
      component = componentSource.getComponent(pageName + ":" + componentId);
    }
    try {
      String policyAsString =
          locator.findMeta(
              authenticationPolicyMeta, component.getComponentResources(), String.class);
      AuthenticationPolicyType policy = AuthenticationPolicyType.valueOf(policyAsString);
      redirectPage = AuthenticationValidator.check(policy, applicationStateManager);
    } catch (RuntimeException e) {
      System.err.println(e.getMessage());
    }
    return redirectPage;
  }
  /**
   * Check the rights of the user for the page requested
   *
   * @throws IOException
   */
  public boolean checkAccess(String pageName, Request request, Response response)
      throws IOException {
    System.out.println("ENTER checkAccess");
    if (_request != null
        && _request.getHeader("EAAHash") != null
        && !_request.getHeader("EAAHash").equals("")) {
      System.out.println("EAA Headers present");
      System.out.println("asm.exists(UserSession.class): " + asm.exists(UserSession.class));

      if (!asm.exists(UserSession.class)) {
        asm.set(UserSession.class, new UserSessionImpl());
        UserSession userSession = asm.get(UserSession.class);
        userSession.setLoggedIn(true);
        userSession.setUserName(_request.getHeader("uid"));
        userSession.setIdP(_request.getHeader("Shib-Identity-Provider"));
        System.out.println("Creating Session");
      } else if (asm.get(UserSession.class).getUserName() == null
          || asm.get(UserSession.class).getUserName().equals("")) {
        UserSession userSession = asm.get(UserSession.class);
        userSession.setLoggedIn(true);
        userSession.setUserName(_request.getHeader("uid"));
        userSession.setIdP(_request.getHeader("Shib-Identity-Provider"));
        System.out.println("Editing existing Session");
      }
    }

    boolean canAccess = true;

    /* Is the requested page private ? */
    Component page = componentSource.getPage(pageName);
    boolean privatePage = page.getClass().getAnnotation(Private.class) != null;
    if (privatePage) {
      canAccess = false;
      /* Is the user already authentified ? */
      if (asm.exists(UserSession.class)) {
        UserSession userSession = asm.get(UserSession.class);
        canAccess = userSession.isLoggedIn();
      }
    }

    /*
     * This page can't be requested by a non authentified user => we
     * redirect him on the signon page
     */
    System.out.println("EXIT checkAccess");
    if (!canAccess) {
      response.sendRedirect(request.getContextPath() + LOGIN_PAGE);
      return true; // Make sure to leave the chain
    }

    return false;
  }
Пример #3
0
  public static String checkForPage(
      String pageName,
      ApplicationStateManager applicationStateManager,
      ComponentSource componentSource,
      MetaDataLocator locator) {

    String redirectPage = null;
    Component page = componentSource.getPage(pageName);
    try {
      String policyAsString =
          locator.findMeta(PAGE_AUTHENTICATION_TYPE, page.getComponentResources(), String.class);

      AuthenticationPolicyType policy = AuthenticationPolicyType.valueOf(policyAsString);
      redirectPage = check(policy, applicationStateManager);
    } catch (RuntimeException e) {
      System.err.println(e.getMessage());
    }
    return redirectPage;
  }