Mercurial > dive4elements > river
comparison gwt-client/src/main/java/org/dive4elements/river/client/server/SamlServlet.java @ 5953:24dc13ac8e6c
Add AuthenticationServlet, a common base class for the login servlets
LoginServlet and SamlServlet to reduce code duplication.
author | Bernhard Herzog <bh@intevation.de> |
---|---|
date | Wed, 08 May 2013 17:57:51 +0200 |
parents | 38d161edba77 |
children | ea9eef426962 |
comparison
equal
deleted
inserted
replaced
5952:42b8447fa7ef | 5953:24dc13ac8e6c |
---|---|
12 import java.io.InputStream; | 12 import java.io.InputStream; |
13 import java.io.StringBufferInputStream; | 13 import java.io.StringBufferInputStream; |
14 | 14 |
15 import javax.servlet.ServletException; | 15 import javax.servlet.ServletException; |
16 import javax.servlet.ServletContext; | 16 import javax.servlet.ServletContext; |
17 import javax.servlet.http.HttpServlet; | |
18 import javax.servlet.http.HttpServletRequest; | 17 import javax.servlet.http.HttpServletRequest; |
19 import javax.servlet.http.HttpServletResponse; | 18 import javax.servlet.http.HttpServletResponse; |
20 import javax.servlet.http.HttpSession; | |
21 | 19 |
22 import org.apache.commons.codec.binary.Base64InputStream; | 20 import org.apache.commons.codec.binary.Base64InputStream; |
23 | 21 |
24 import org.apache.log4j.Logger; | 22 import org.apache.log4j.Logger; |
25 | 23 |
26 import org.dive4elements.river.client.server.auth.AuthenticationException; | 24 import org.dive4elements.river.client.server.auth.AuthenticationException; |
27 import org.dive4elements.river.client.server.auth.User; | 25 import org.dive4elements.river.client.server.auth.User; |
28 import org.dive4elements.river.client.server.auth.UserClient; | |
29 import org.dive4elements.river.client.server.auth.saml.TicketValidator; | 26 import org.dive4elements.river.client.server.auth.saml.TicketValidator; |
30 import org.dive4elements.river.client.server.auth.saml.Assertion; | 27 import org.dive4elements.river.client.server.auth.saml.Assertion; |
31 import org.dive4elements.river.client.server.features.Features; | 28 import org.dive4elements.river.client.server.features.Features; |
32 | 29 |
33 | 30 |
34 public class SamlServlet extends HttpServlet { | 31 public class SamlServlet extends AuthenticationServlet { |
35 | 32 |
36 private static Logger logger = Logger.getLogger(SamlServlet.class); | 33 private static Logger logger = Logger.getLogger(SamlServlet.class); |
37 | |
38 private static final String FLYS_PAGE = "FLYS.html"; | |
39 private static final String LOGIN_PAGE = "login.jsp"; | |
40 | |
41 private void redirectFailure(HttpServletResponse resp, String path) | |
42 throws IOException { | |
43 resp.sendRedirect(path + "/" + LOGIN_PAGE); | |
44 } | |
45 | |
46 private void redirectFailure(HttpServletResponse resp, String path, | |
47 Exception e) throws IOException { | |
48 this.redirectFailure(resp, path, e.getMessage()); | |
49 } | |
50 | |
51 private void redirectFailure(HttpServletResponse resp, String path, | |
52 String message) throws IOException { | |
53 resp.sendRedirect(path + "/" + LOGIN_PAGE + "?error=" + message); | |
54 } | |
55 | |
56 private void redirectSuccess(HttpServletResponse resp, String path, | |
57 String uri) throws IOException { | |
58 if (uri == null) { | |
59 String redirecturl = getServletContext().getInitParameter("redirect-url"); | |
60 if (redirecturl == null) { | |
61 redirecturl = FLYS_PAGE; | |
62 } | |
63 uri = "/" + redirecturl; | |
64 } | |
65 resp.sendRedirect(uri); | |
66 } | |
67 | |
68 @Override | |
69 protected void doGet(HttpServletRequest req, HttpServletResponse resp) | |
70 throws ServletException, IOException { | |
71 logger.debug("Processing get request"); | |
72 this.redirectFailure(resp, req.getContextPath()); | |
73 } | |
74 | 34 |
75 @Override | 35 @Override |
76 protected void doPost(HttpServletRequest req, HttpServletResponse resp) | 36 protected void doPost(HttpServletRequest req, HttpServletResponse resp) |
77 throws ServletException, IOException | 37 throws ServletException, IOException |
78 { | 38 { |
92 if (user == null) { | 52 if (user == null) { |
93 logger.debug("Authentication not successful"); | 53 logger.debug("Authentication not successful"); |
94 this.redirectFailure(resp, req.getContextPath()); | 54 this.redirectFailure(resp, req.getContextPath()); |
95 return; | 55 return; |
96 } | 56 } |
97 | 57 this.performLogin(req, resp, user); |
98 String url = getServletContext().getInitParameter("server-url"); | |
99 UserClient client = new UserClient(url); | |
100 if (!client.userExists(user)) { | |
101 logger.debug("Creating db user"); | |
102 if (!client.createUser(user)) { | |
103 this.redirectFailure(resp, req.getContextPath(), | |
104 "Could not create new user"); | |
105 return; | |
106 } | |
107 } | |
108 | |
109 HttpSession session = req.getSession(); | |
110 session.setAttribute("user", user); | |
111 | |
112 String uri = (String)session.getAttribute("requesturi"); | |
113 | |
114 this.redirectSuccess(resp, req.getContextPath(), uri); | |
115 } | 58 } |
116 catch(AuthenticationException e) { | 59 catch(AuthenticationException e) { |
117 logger.error(e, e); | 60 logger.error(e, e); |
118 this.redirectFailure(resp, req.getContextPath(), e); | 61 this.redirectFailure(resp, req.getContextPath(), e); |
119 } | 62 } |