KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > sslexplorer > webforwards > AbstractAuthenticatingWebForwardHandler


1 /*
2  * SSL-Explorer
3  *
4  * Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public License
8  * as published by the Free Software Foundation; either version 2 of
9  * the License, or (at your option) any later version.
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public
16  * License along with this program; if not, write to the Free Software
17  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
18  */
19             
20 package com.sslexplorer.webforwards;
21
22 import java.io.IOException JavaDoc;
23 import java.io.OutputStream JavaDoc;
24 import java.util.StringTokenizer JavaDoc;
25
26 import javax.servlet.http.Cookie JavaDoc;
27
28 import org.apache.commons.logging.Log;
29 import org.apache.commons.logging.LogFactory;
30
31 import com.sslexplorer.boot.RequestHandler;
32 import com.sslexplorer.boot.RequestHandlerRequest;
33 import com.sslexplorer.boot.RequestHandlerResponse;
34 import com.sslexplorer.core.stringreplacement.SessionInfoReplacer;
35 import com.sslexplorer.policyframework.LaunchSession;
36 import com.sslexplorer.replacementproxy.ProxiedRequestDispatcher;
37 import com.sslexplorer.security.Constants;
38 import com.sslexplorer.security.LogonControllerFactory;
39 import com.sslexplorer.security.SessionInfo;
40
41 public abstract class AbstractAuthenticatingWebForwardHandler implements RequestHandler {
42
43     final static Log log = LogFactory.getLog(AbstractAuthenticatingWebForwardHandler.class);
44
45     /**
46      * Launch session attribute for storing whether authentication has been
47      * posted yet
48      */
49     public static final String JavaDoc LAUNCH_ATTR_AUTH_POSTED = "authPosted";
50
51     protected final static String JavaDoc sessionCookie = System.getProperty("sslexplorer.cookie", "JSESSIONID");
52     
53
54     protected SessionInfo locateSession(RequestHandlerRequest request,
55                                 RequestHandlerResponse response) {
56         /*
57          * When not authenticated, dont reverse proxy anything. We use the logon
58          * ticket to get the HttpSession in use
59          */
60         SessionInfo session = null;
61         
62         Cookie JavaDoc[] cookies = request.getCookies();
63
64         if (cookies != null) {
65             for (int i = 0; i < cookies.length; i++) {
66                 if (cookies[i].getName().equalsIgnoreCase(sessionCookie)) {
67                     session = LogonControllerFactory.getInstance().getSessionInfoBySessionId(cookies[i].getValue());
68                     if (session != null) {
69                         LogonControllerFactory.getInstance().addCookies(request, response, session.getLogonTicket(), session);
70                         break;
71                     }
72                 }
73                 if (cookies[i].getName().equalsIgnoreCase(Constants.DOMAIN_LOGON_TICKET) || cookies[i].getName()
74                                 .equalsIgnoreCase(Constants.LOGON_TICKET)) {
75                     session = LogonControllerFactory.getInstance().getSessionInfo(cookies[i].getValue());
76                     if (session != null) {
77                         LogonControllerFactory.getInstance().addCookies(request, response, session.getLogonTicket(), session);
78                         break;
79                     }
80                 }
81
82             }
83         }
84         
85         if(session==null) {
86             // LDP - Fallback position, if no session check for a launchId parameter.
87 // BPS - ?
88 }
89
90         return session;
91     }
92     
93     public long addJavaScriptAuthenticationCode(LaunchSession launchSession, OutputStream JavaDoc out, long length) throws IOException JavaDoc {
94         AbstractAuthenticatingWebForward webForward = (AbstractAuthenticatingWebForward)launchSession.getResource();
95
96         StringBuffer JavaDoc buf = new StringBuffer JavaDoc();
97         buf.append("<script type=\"text/javascript\">\n");
98         buf.append("<!--\n");
99         buf.append("function sslxAutoAuthenticate() {\n");
100         buf.append("var fctl;\n");
101         StringTokenizer JavaDoc tokens = new StringTokenizer JavaDoc(webForward.getFormParameters(), "\n");
102         String JavaDoc param;
103         while (tokens.hasMoreTokens()) {
104             param = SessionInfoReplacer.replace(launchSession.getSession(), tokens.nextToken().trim());
105             int idx = param.indexOf('=');
106             String JavaDoc val = "";
107             if (idx > -1) {
108                 val = param.substring(idx + 1);
109                 param = param.substring(0, idx);
110             }
111             buf.append("fctl = document.forms[0].");
112             buf.append(param);
113             buf.append(";\n");
114             buf.append("if(fctl) { fctl.value = '");
115             buf.append(val);
116             buf.append("';");
117             buf.append("} else { alert('Could not locate form parameter \"");
118             buf.append(param);
119             buf.append("\", please check your web forward configuration.'");
120             buf.append("); }\n");
121         }
122         launchSession.setAttribute(ProxiedRequestDispatcher.LAUNCH_ATTR_AUTH_POSTED, Boolean.TRUE);
123         buf.append("document.forms[0].submit();\n");
124         buf.append("}\n");
125         buf.append("setTimeout('sslxAutoAuthenticate()', 1000);\n");
126         buf.append("-->\n");
127         buf.append("</script>");
128         byte[] b = buf.toString().getBytes();
129         out.write(b);
130         length += b.length;
131         return length;
132         
133     }
134 }
135
Popular Tags