Mercurial > dive4elements > river
diff gwt-client/src/main/java/org/dive4elements/river/client/server/SamlServlet.java @ 9497:d6d5ca6d4af0
Enabled logging of saml-group-name in log-ing logfile.
Some cleanup/refaktoring.
author | gernotbelger |
---|---|
date | Thu, 27 Sep 2018 17:40:39 +0200 |
parents | 5e38e2924c07 |
children | ca19b7186294 |
line wrap: on
line diff
--- a/gwt-client/src/main/java/org/dive4elements/river/client/server/SamlServlet.java Mon Sep 17 19:07:57 2018 +0200 +++ b/gwt-client/src/main/java/org/dive4elements/river/client/server/SamlServlet.java Thu Sep 27 17:40:39 2018 +0200 @@ -12,32 +12,28 @@ import java.io.InputStream; import java.io.StringBufferInputStream; +import javax.servlet.ServletContext; import javax.servlet.ServletException; -import javax.servlet.ServletContext; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.codec.binary.Base64InputStream; - import org.apache.log4j.Logger; - import org.dive4elements.river.client.server.auth.AuthenticationException; import org.dive4elements.river.client.server.auth.User; -import org.dive4elements.river.client.server.auth.saml.TicketValidator; import org.dive4elements.river.client.server.auth.saml.Assertion; +import org.dive4elements.river.client.server.auth.saml.TicketValidator; +import org.dive4elements.river.client.server.auth.was.Response; import org.dive4elements.river.client.server.features.Features; - public class SamlServlet extends AuthenticationServlet { private static Logger log = Logger.getLogger(SamlServlet.class); @Override - protected void doPost(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException - { - String encoding = req.getCharacterEncoding(); - String samlTicketXML = req.getParameter("saml"); + protected void doPost(final HttpServletRequest req, final HttpServletResponse resp) throws ServletException, IOException { + // final String encoding = req.getCharacterEncoding(); + final String samlTicketXML = req.getParameter("saml"); log.debug("Processing post request"); @@ -48,7 +44,7 @@ } try { - User user = this.auth(samlTicketXML); + final User user = this.auth(samlTicketXML); if (user == null) { log.debug("Authentication not successful"); this.redirectFailure(resp, req.getContextPath()); @@ -57,40 +53,33 @@ this.performLogin(req, resp, user); log.info("Authentication with existing SAML ticket."); } - catch(AuthenticationException e) { + catch (final AuthenticationException e) { log.error(e, e); this.redirectFailure(resp, req.getContextPath(), e); } } - private User auth(String samlTicketXML) - throws AuthenticationException, IOException - { - ServletContext sc = this.getServletContext(); + private User auth(final String samlTicketXML) throws AuthenticationException { + final ServletContext sc = this.getServletContext(); Assertion assertion = null; try { - String keyfile = - (String)sc.getInitParameter("saml-trusted-public-key"); - int timeEps = Integer.parseInt( - sc.getInitParameter("saml-time-tolerance")); - TicketValidator validator = - new TicketValidator(sc.getRealPath(keyfile), timeEps); + final String keyfile = sc.getInitParameter("saml-trusted-public-key"); + final int timeEps = Integer.parseInt(sc.getInitParameter("saml-time-tolerance")); + final TicketValidator validator = new TicketValidator(sc.getRealPath(keyfile), timeEps); - InputStream in = new StringBufferInputStream(samlTicketXML); + final InputStream in = new StringBufferInputStream(samlTicketXML); assertion = validator.checkTicket(new Base64InputStream(in)); } - catch (Exception e) { + catch (final Exception e) { log.error(e.getLocalizedMessage(), e); } - if (assertion == null) { - throw new AuthenticationException("Login failed."); - } - Features features = (Features)sc.getAttribute( - Features.CONTEXT_ATTRIBUTE); - return new org.dive4elements.river.client.server.auth.saml.User( - assertion, samlTicketXML, - features.getFeatures(assertion.getRoles()), null); + if (assertion == null) + throw new AuthenticationException("Login failed."); + + final Features features = (Features) sc.getAttribute(Features.CONTEXT_ATTRIBUTE); + + return Response.createUser(null, samlTicketXML, assertion, features); } -} +} \ No newline at end of file