1 19 20 package com.sslexplorer.webforwards; 21 22 import java.io.IOException ; 23 import java.io.OutputStream ; 24 import java.util.StringTokenizer ; 25 26 import javax.servlet.http.Cookie ; 27 28 import org.apache.commons.logging.Log; 29 import org.apache.commons.logging.LogFactory; 30 31 import com.sslexplorer.boot.RequestHandler; 32 import com.sslexplorer.boot.RequestHandlerRequest; 33 import com.sslexplorer.boot.RequestHandlerResponse; 34 import com.sslexplorer.core.stringreplacement.SessionInfoReplacer; 35 import com.sslexplorer.policyframework.LaunchSession; 36 import com.sslexplorer.replacementproxy.ProxiedRequestDispatcher; 37 import com.sslexplorer.security.Constants; 38 import com.sslexplorer.security.LogonControllerFactory; 39 import com.sslexplorer.security.SessionInfo; 40 41 public abstract class AbstractAuthenticatingWebForwardHandler implements RequestHandler { 42 43 final static Log log = LogFactory.getLog(AbstractAuthenticatingWebForwardHandler.class); 44 45 49 public static final String LAUNCH_ATTR_AUTH_POSTED = "authPosted"; 50 51 protected final static String sessionCookie = System.getProperty("sslexplorer.cookie", "JSESSIONID"); 52 53 54 protected SessionInfo locateSession(RequestHandlerRequest request, 55 RequestHandlerResponse response) { 56 60 SessionInfo session = null; 61 62 Cookie [] cookies = request.getCookies(); 63 64 if (cookies != null) { 65 for (int i = 0; i < cookies.length; i++) { 66 if (cookies[i].getName().equalsIgnoreCase(sessionCookie)) { 67 session = LogonControllerFactory.getInstance().getSessionInfoBySessionId(cookies[i].getValue()); 68 if (session != null) { 69 LogonControllerFactory.getInstance().addCookies(request, response, session.getLogonTicket(), session); 70 break; 71 } 72 } 73 if (cookies[i].getName().equalsIgnoreCase(Constants.DOMAIN_LOGON_TICKET) || cookies[i].getName() 74 .equalsIgnoreCase(Constants.LOGON_TICKET)) { 75 session = LogonControllerFactory.getInstance().getSessionInfo(cookies[i].getValue()); 76 if (session != null) { 77 LogonControllerFactory.getInstance().addCookies(request, response, session.getLogonTicket(), session); 78 break; 79 } 80 } 81 82 } 83 } 84 85 if(session==null) { 86 } 89 90 return session; 91 } 92 93 public long addJavaScriptAuthenticationCode(LaunchSession launchSession, OutputStream out, long length) throws IOException { 94 AbstractAuthenticatingWebForward webForward = (AbstractAuthenticatingWebForward)launchSession.getResource(); 95 96 StringBuffer buf = new StringBuffer (); 97 buf.append("<script type=\"text/javascript\">\n"); 98 buf.append("<!--\n"); 99 buf.append("function sslxAutoAuthenticate() {\n"); 100 buf.append("var fctl;\n"); 101 StringTokenizer tokens = new StringTokenizer (webForward.getFormParameters(), "\n"); 102 String param; 103 while (tokens.hasMoreTokens()) { 104 param = SessionInfoReplacer.replace(launchSession.getSession(), tokens.nextToken().trim()); 105 int idx = param.indexOf('='); 106 String val = ""; 107 if (idx > -1) { 108 val = param.substring(idx + 1); 109 param = param.substring(0, idx); 110 } 111 buf.append("fctl = document.forms[0]."); 112 buf.append(param); 113 buf.append(";\n"); 114 buf.append("if(fctl) { fctl.value = '"); 115 buf.append(val); 116 buf.append("';"); 117 buf.append("} else { alert('Could not locate form parameter \""); 118 buf.append(param); 119 buf.append("\", please check your web forward configuration.'"); 120 buf.append("); }\n"); 121 } 122 launchSession.setAttribute(ProxiedRequestDispatcher.LAUNCH_ATTR_AUTH_POSTED, Boolean.TRUE); 123 buf.append("document.forms[0].submit();\n"); 124 buf.append("}\n"); 125 buf.append("setTimeout('sslxAutoAuthenticate()', 1000);\n"); 126 buf.append("-->\n"); 127 buf.append("</script>"); 128 byte[] b = buf.toString().getBytes(); 129 out.write(b); 130 length += b.length; 131 return length; 132 133 } 134 } 135 | Popular Tags |