/** * Redirects the HTTP request to the Authentication module. It gets the authentication url from * <code>SystemProperties</code>. * * @param request an HttpServletRequest object that contains the request the client has made of * the servlet. * @param response an HttpServletResponse object that contains the response the servlet sends to * the client. * @exception IOException If an input or output exception occurs */ private void redirectForAuthentication( HttpServletRequest request, HttpServletResponse response, String policyAdviceList, String requestParams) throws IOException { if (debug.messageEnabled()) { debug.message( "CDCClientServlet.redirectForAuthentication: " + "requestURL=" + request.getRequestURL()); } StringBuilder redirectURL = new StringBuilder(100); StringBuilder gotoURL = new StringBuilder(100); // Check if user has authenticated to another OpenAM // instance String authURL = null; Cookie authCookie = CookieUtils.getCookieFromReq(request, authURLCookieName); if (authCookie != null) { authURL = CookieUtils.getCookieValue(authCookie); if (debug.messageEnabled()) { debug.message( "CDCClientServlet.redirectForAuthentication: " + "got an authenticated URL= " + authURL); } } try { if (authURL == null || authURL.length() == 0 || !authURL.toLowerCase().startsWith("http") || policyAdviceList != null) { String finalURL = request.getParameter(GOTO_PARAMETER); if (finalURL == null || finalURL.equals("")) { finalURL = request.getParameter(TARGET_PARAMETER); } if (finalURL == null || finalURL.equals("")) { if (debug.messageEnabled()) { debug.message( "CDCClientServlet.redirectForAuthentication: " + "goto or target parameter is missing in the request."); } showError(response, SERVER_ERROR_STR_MATCH); return; } gotoURL .append(deployDescriptor) .append(CDCURI) .append(QUESTION_MARK) .append(TARGET_PARAMETER) .append(EQUAL_TO) .append(URLEncDec.encode(finalURL)) .append(AMPERSAND) .append(requestParams); // Construct the login URL String loginURI = request.getParameter(LOGIN_URI); String cdcUri; if (loginURI != null && !loginURI.isEmpty() && isValidCDCURI(loginURI)) { if (debug.messageEnabled()) { debug.message( "CDCClientServlet.redirectForAuthentication:found " + LOGIN_URI + "=" + loginURI); } cdcUri = loginURI; } else { cdcUri = cdcAuthURI; } if (debug.messageEnabled()) { debug.message( "CDCClientServlet.redirectForAuthentication: Login URI is set to = " + cdcUri); } if (cdcUri.indexOf(QUESTION_MARK) == -1) { redirectURL.append(cdcUri).append(QUESTION_MARK); } else { redirectURL.append(cdcUri).append(AMPERSAND); } if (policyAdviceList != null) { redirectURL.append(policyAdviceList).append(AMPERSAND); } redirectURL .append(GOTO_PARAMETER) .append(EQUAL_TO) .append(URLEncDec.encode(gotoURL.toString())); if (debug.messageEnabled()) { debug.message( "CDCClientServlet.redirectForAuthentication" + ":redirectURL before dispatching is=" + redirectURL); } RequestDispatcher dispatcher = request.getRequestDispatcher(redirectURL.toString()); dispatcher.forward(request, response); } else { // Redirect the user to the authenticated URL redirectURL .append(authURL) .append(deployDescriptor) .append(CDCURI) .append(QUESTION_MARK) .append(request.getQueryString()); // Reset the cookie value to null, to avoid continuous loop // when a load balancer is used if (authCookie != null) { authCookie.setValue(""); response.addCookie(authCookie); } response.sendRedirect(redirectURL.toString()); } if (debug.messageEnabled()) { debug.message( "CDCClientServlet.redirectForAuthentication:" + "Forwarding for authentication to= " + redirectURL); } } catch (IOException ex) { debug.error( "CDCClientServlet.redirectForAuthentication: Failed " + "in forwarding to Authentication service. IOException", ex); showError(response, "Could for forward to authentication service:" + ex.getMessage()); } catch (ServletException se) { debug.error( "CDCClientServlet.redirectForAuthentication : Failed " + "in forwarding to Authentication service. ServletException", se); showError(response, "Could for forward to authentication service:" + se.getMessage()); } catch (IllegalStateException ie) { debug.error( "CDCClientServlet.redirectForAuthentication : Failed " + "in forwarding to Authentication service. Illegal state", ie); showError(response, "Could for forward to authentication service:" + ie.getMessage()); } }
/** * Redirects the HTTP request to the Authentication module. It gets the authentication url from * <code>SystemProperties</code>. * * @param request an HttpServletRequest object that contains the request the client has made of * the servlet. * @param response an HttpServletResponse object that contains the response the servlet sends to * the client. * @exception IOException If an input or output exception occurs */ private void redirectForAuthentication(HttpServletRequest request, HttpServletResponse response) throws IOException { if (debug.messageEnabled()) { debug.message( "CDCClientServlet.redirectForAuthentication: " + "requestURL=" + request.getRequestURL()); } StringBuffer redirectURL = new StringBuffer(100); StringBuffer gotoURL = new StringBuffer(100); // Check if user has authenticated to another OpenSSO // instance String authURL = null; Cookie authCookie = CookieUtils.getCookieFromReq(request, authURLCookieName); if (authCookie != null) { authURL = CookieUtils.getCookieValue(authCookie); if (debug.messageEnabled()) { debug.message( "CDCClientServlet.redirectForAuthentication: " + "got an authenticated URL= " + authURL); } } try { if (authURL == null || authURL.length() == 0 || !authURL.toLowerCase().startsWith("http") || policyAdviceList != null) { String finalURL = request.getParameter(GOTO_PARAMETER); if (finalURL == null || finalURL.equals("")) { finalURL = request.getParameter(TARGET_PARAMETER); } if (finalURL == null || finalURL.equals("")) { showError(response, "GOTO or TARGET parameter is missing" + " in the request"); return; } gotoURL .append(deployDescriptor) .append(CDCURI) .append(QUESTION_MARK) .append(TARGET_PARAMETER) .append(EQUAL_TO) .append(URLEncDec.encode(finalURL)) .append(AMPERSAND) .append(requestParams); // Construct the login URL String cdcurl = SystemProperties.get(Constants.CDCSERVLET_LOGIN_URL); if (cdcurl != null && cdcurl.length() > 0) { if (cdcurl.indexOf("?") == -1) { redirectURLStr = cdcurl + QUESTION_MARK; } else { redirectURLStr = cdcurl + AMPERSAND; } } else { redirectURLStr = AUTHURI + QUESTION_MARK; } if (debug.messageEnabled()) { debug.message("CDCClientServlet init redirect URL is" + "set to= " + redirectURLStr); } redirectURL.append(redirectURLStr); if (policyAdviceList != null) { redirectURL.append(policyAdviceList).append(AMPERSAND); } redirectURL .append(GOTO_PARAMETER) .append(EQUAL_TO) .append(URLEncDec.encode(gotoURL.toString())); // Check for policy advices if (policyAdviceList != null) { redirectURL.append(AMPERSAND).append(policyAdviceList); } if (debug.messageEnabled()) { debug.message( "CDCClientServlet.redirectForAuthentication" + ":redirectURL before dispatching is=" + redirectURL); } RequestDispatcher dispatcher = request.getRequestDispatcher(redirectURL.toString()); dispatcher.forward(request, response); } else { // Redirect the user to the authenticated URL redirectURL .append(authURL) .append(deployDescriptor) .append(CDCURI) .append(QUESTION_MARK) .append(request.getQueryString()); // Reset the cookie value to null, to avoid continous loop // when a load balancer is used if (authCookie != null) { authCookie.setValue(""); response.addCookie(authCookie); } response.sendRedirect(redirectURL.toString()); } if (debug.messageEnabled()) { debug.message( "CDCClientServlet.redirectForAuthentication:" + "Forwarding for authentication to= " + redirectURL); } } catch (IOException ex) { debug.error( "CDCClientServlet.redirectForAuthentication: Failed " + "in forwarding to Authentication service. IOException", ex); showError(response, "Could for forward to authentication service:" + ex.getMessage()); } catch (ServletException se) { debug.error( "CDCClientServlet.redirectForAuthentication : Failed " + "in forwarding to Authentication service. ServletException", se); showError(response, "Could for forward to authentication service:" + se.getMessage()); } catch (IllegalStateException ie) { debug.error( "CDCClientServlet.redirectForAuthentication : Failed " + "in forwarding to Authentication service. Illegal state", ie); showError(response, "Could for forward to authentication service:" + ie.getMessage()); } }