Mercurial > dive4elements > river
comparison gwt-client/src/main/java/org/dive4elements/river/client/server/auth/was/Response.java @ 8839:2c8259176c46
Add configurable time tolerance to SAML ticket validation.
This allows e.g. to account for time skew between the ISP and
the server this servlet is run on.
| author | Tom Gottfried <tom@intevation.de> |
|---|---|
| date | Wed, 28 Jun 2017 20:09:53 +0200 |
| parents | 5aff82e77ec3 |
| children | 5e38e2924c07 |
comparison
equal
deleted
inserted
replaced
| 8838:1fa03f3c9d3d | 8839:2c8259176c46 |
|---|---|
| 43 private Assertion assertion; | 43 private Assertion assertion; |
| 44 private String username; | 44 private String username; |
| 45 private String password; | 45 private String password; |
| 46 private Features features; | 46 private Features features; |
| 47 private String trustedKeyFile; | 47 private String trustedKeyFile; |
| 48 private String timeEpsilon; | |
| 48 | 49 |
| 49 | 50 |
| 50 public Response(HttpEntity entity, String username, String password, | 51 public Response(HttpEntity entity, String username, String password, |
| 51 Features features, String trustedKeyFile) | 52 Features features, String trustedKeyFile, String timeEpsilon) |
| 52 throws AuthenticationException, IOException { | 53 throws AuthenticationException, IOException { |
| 53 | 54 |
| 54 if (entity == null) { | 55 if (entity == null) { |
| 55 throw new ServiceException("Invalid response"); | 56 throw new ServiceException("Invalid response"); |
| 56 } | 57 } |
| 78 this.root = root; | 79 this.root = root; |
| 79 this.username = username; | 80 this.username = username; |
| 80 this.password = password; | 81 this.password = password; |
| 81 this.features = features; | 82 this.features = features; |
| 82 this.trustedKeyFile = trustedKeyFile; | 83 this.trustedKeyFile = trustedKeyFile; |
| 84 this.timeEpsilon = timeEpsilon; | |
| 83 } | 85 } |
| 84 | 86 |
| 85 @Override | 87 @Override |
| 86 public boolean isSuccess() { | 88 public boolean isSuccess() { |
| 87 String status = getStatus(); | 89 String status = getStatus(); |
| 95 | 97 |
| 96 | 98 |
| 97 public Assertion getAssertion() { | 99 public Assertion getAssertion() { |
| 98 if (this.assertion == null && this.root != null) { | 100 if (this.assertion == null && this.root != null) { |
| 99 try { | 101 try { |
| 102 int timeEps = Integer.parseInt(this.timeEpsilon); | |
| 100 TicketValidator validator = | 103 TicketValidator validator = |
| 101 new TicketValidator(this.trustedKeyFile); | 104 new TicketValidator(this.trustedKeyFile, timeEps); |
| 102 this.assertion = validator.checkTicket(this.root); | 105 this.assertion = validator.checkTicket(this.root); |
| 103 } | 106 } |
| 104 catch (Exception e) { | 107 catch (Exception e) { |
| 105 log.error(e.getLocalizedMessage(), e); | 108 log.error(e.getLocalizedMessage(), e); |
| 106 } | 109 } |