Пример #1
0
  /**
   * Authenticates a user and retrieves its information.
   *
   * @param token the authentication token
   * @throws AuthenticationException if there is an error during authentication.
   */
  @Override
  @SuppressWarnings("unchecked")
  protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
      throws AuthenticationException {
    CasToken casToken = (CasToken) token;
    if (token == null) {
      return null;
    }

    String ticket = (String) casToken.getCredentials();
    if (!StringUtils.hasText(ticket)) {
      return null;
    }

    TicketValidator ticketValidator = ensureTicketValidator();

    try {
      // contact CAS server to validate service ticket
      Assertion casAssertion = ticketValidator.validate(ticket, getCasService());
      // get principal, user id and attributes
      AttributePrincipal casPrincipal = casAssertion.getPrincipal();
      String userId = casPrincipal.getName();
      log.debug(
          "Validate ticket : {} in CAS server : {} to retrieve user : {}",
          new Object[] {ticket, getCasServerUrlPrefix(), userId});

      Map<String, Object> attributes = casPrincipal.getAttributes();
      // refresh authentication token (user id + remember me)
      casToken.setUserId(userId);
      String rememberMeAttributeName = getRememberMeAttributeName();
      String rememberMeStringValue = (String) attributes.get(rememberMeAttributeName);
      boolean isRemembered =
          rememberMeStringValue != null && Boolean.parseBoolean(rememberMeStringValue);
      if (isRemembered) {
        casToken.setRememberMe(true);
      }
      // create simple authentication info
      List<Object> principals = CollectionUtils.asList(userId, attributes);
      PrincipalCollection principalCollection =
          new SimplePrincipalCollection(principals, getName());
      return new SimpleAuthenticationInfo(principalCollection, ticket);
    } catch (TicketValidationException e) {
      throw new CasAuthenticationException("Unable to validate ticket [" + ticket + "]", e);
    }
  }
Пример #2
0
  @Override
  protected void processFilter(
      HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
      throws Exception {

    HttpSession session = request.getSession();

    long companyId = PortalUtil.getCompanyId(request);

    String pathInfo = request.getPathInfo();

    Object forceLogout = session.getAttribute(WebKeys.CAS_FORCE_LOGOUT);

    if (forceLogout != null) {
      session.removeAttribute(WebKeys.CAS_FORCE_LOGOUT);

      String logoutUrl =
          PrefsPropsUtil.getString(companyId, PropsKeys.CAS_LOGOUT_URL, PropsValues.CAS_LOGOUT_URL);

      response.sendRedirect(logoutUrl);

      return;
    }

    if (pathInfo.indexOf("/portal/logout") != -1) {
      session.invalidate();

      String logoutUrl =
          PrefsPropsUtil.getString(companyId, PropsKeys.CAS_LOGOUT_URL, PropsValues.CAS_LOGOUT_URL);

      response.sendRedirect(logoutUrl);

      return;
    } else {
      String login = (String) session.getAttribute(WebKeys.CAS_LOGIN);

      String serverName =
          PrefsPropsUtil.getString(
              companyId, PropsKeys.CAS_SERVER_NAME, PropsValues.CAS_SERVER_NAME);

      String serviceUrl =
          PrefsPropsUtil.getString(
              companyId, PropsKeys.CAS_SERVICE_URL, PropsValues.CAS_SERVICE_URL);

      if (Validator.isNull(serviceUrl)) {
        serviceUrl =
            CommonUtils.constructServiceUrl(
                request, response, serviceUrl, serverName, "ticket", false);
      }

      String ticket = ParamUtil.getString(request, "ticket");

      if (Validator.isNull(ticket)) {
        if (Validator.isNotNull(login)) {
          processFilter(CASFilter.class, request, response, filterChain);
        } else {
          String loginUrl =
              PrefsPropsUtil.getString(
                  companyId, PropsKeys.CAS_LOGIN_URL, PropsValues.CAS_LOGIN_URL);

          loginUrl = HttpUtil.addParameter(loginUrl, "service", serviceUrl);

          response.sendRedirect(loginUrl);
        }

        return;
      }

      TicketValidator ticketValidator = getTicketValidator(companyId);

      Assertion assertion = ticketValidator.validate(ticket, serviceUrl);

      if (assertion != null) {
        AttributePrincipal attributePrincipal = assertion.getPrincipal();

        login = attributePrincipal.getName();

        session.setAttribute(WebKeys.CAS_LOGIN, login);
      }
    }

    processFilter(CASFilter.class, request, response, filterChain);
  }