@Override protected Event doExecute(final RequestContext context) throws Exception { final Service service = WebUtils.getService(context); // No service == plain /login request. Return success indicating transition to the login form if (service == null) { return success(); } final RegisteredService registeredService = this.servicesManager.findServiceBy(service); if (registeredService == null) { logger.warn( "Unauthorized Service Access for Service: [ {} ] - service is not defined in the service registry.", service.getId()); throw new UnauthorizedServiceException(); } else if (!registeredService.isEnabled()) { logger.warn( "Unauthorized Service Access for Service: [ {} ] - service is not enabled in the service registry.", service.getId()); if (registeredService instanceof RegisteredServiceWithAttributes) { String disabledServiceUrl = (String) RegisteredServiceWithAttributes.class .cast(registeredService) .getExtraAttributes() .get(DISABLED_SERVICE_URL_ATTRIBUTE); if (disabledServiceUrl != null) { context.getRequestScope().put(DISABLED_SERVICE_URL_ATTRIBUTE, disabledServiceUrl); return no(); } } throw new UnauthorizedServiceException(); } return success(); }
@Override protected Event doExecute(final RequestContext context) throws Exception { final Service service = WebUtils.getService(context); if (service == null) { logger.debug("No service found in the request context, so resuming normally."); return success(); } final RegisteredService registeredService = this.servicesManager.findServiceBy(service); if (registeredService == null) { logger.warn( "Unauthorized Service Access for Service: [{}] - service is not defined in the service registry.", service.getId()); throw new UnauthorizedServiceException(); } if (!registeredService.isEnabled()) { logger.warn( "Unauthorized Service Access for Service: [{}] - service is not enabled in the service registry.", service.getId()); throw new UnauthorizedServiceException(); } if (registeredService instanceof RegisteredServiceWithAttributes) { final RegisteredServiceWithAttributes regSvcWithAttr = RegisteredServiceWithAttributes.class.cast(registeredService); final String redirectToUrl = (String) regSvcWithAttr.getExtraAttributes().get(REDIRECT_TO_URL_ATTRIBUTE); if (redirectToUrl != null && this.redirectionAdvisor.shouldRedirectServiceRequest( context, regSvcWithAttr, redirectToUrl)) { logger.info("Redirecting to url [{}] for service [{}]", redirectToUrl, service.getId()); context.getRequestScope().put(REDIRECT_TO_URL_ATTRIBUTE, redirectToUrl); return yes(); } } logger.debug( "No redirect url is configured, or redirection for service [{}] is not needed", service.getId()); return success(); }
/** * Ensure that the service is found and enabled in the service registry. * * @param registeredService the located entry in the registry * @param service authenticating service * @throws UnauthorizedServiceException */ private void verifyRegisteredServiceProperties( final RegisteredService registeredService, final Service service) { if (registeredService == null) { final String msg = String.format( "ServiceManagement: Unauthorized Service Access. " + "Service [%s] is not found in service registry.", service.getId()); logger.warn(msg); throw new UnauthorizedServiceException( UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, msg); } if (!registeredService.isEnabled()) { final String msg = String.format( "ServiceManagement: Unauthorized Service Access. " + "Service %s] is not enabled in service registry.", service.getId()); logger.warn(msg); throw new UnauthorizedServiceException( UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, msg); } }