Mercurial > dive4elements > river
diff flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java @ 2956:d7f76f197d89
Refactor GGInA authentication
Move authentication related classes to de.intevation.fly.client.server.auth
package. Abstract the authentication classes to allow other authentications
beside WAS/GGInA.
flys-client/trunk@4936 c6561f87-3c4e-4783-a992-168aeb5c3f6f
author | Bjoern Ricks <bjoern.ricks@intevation.de> |
---|---|
date | Wed, 11 Jul 2012 13:31:56 +0000 |
parents | 192eddbbd4cf |
children | 16c71457ed43 |
line wrap: on
line diff
--- a/flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java Wed Jul 11 12:34:26 2012 +0000 +++ b/flys-client/src/main/java/de/intevation/flys/client/server/LoginServlet.java Wed Jul 11 13:31:56 2012 +0000 @@ -1,7 +1,6 @@ package de.intevation.flys.client.server; import java.io.IOException; -import java.security.GeneralSecurityException; import javax.servlet.ServletException; import javax.servlet.http.HttpServlet; @@ -9,23 +8,12 @@ import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; -import org.apache.http.HttpEntity; -import org.apache.http.HttpResponse; -import org.apache.http.client.HttpClient; -import org.apache.http.conn.scheme.Scheme; -import org.apache.http.conn.ssl.SSLSocketFactory; -import org.apache.http.impl.client.DefaultHttpClient; - import org.apache.log4j.Logger; -import de.intevation.flys.client.server.was.Assertion; -import de.intevation.flys.client.server.was.User; -import de.intevation.flys.client.server.was.Request; -import de.intevation.flys.client.server.was.Response; -import de.intevation.flys.client.server.was.ServiceException; -import de.intevation.flys.client.server.was.Signature; - - +import de.intevation.flys.client.server.auth.Authentication; +import de.intevation.flys.client.server.auth.AuthenticationException; +import de.intevation.flys.client.server.auth.AuthenticationFactory; +import de.intevation.flys.client.server.auth.User; public class LoginServlet extends HttpServlet { @@ -63,64 +51,28 @@ this.redirectFailure(resp); } try { - Response wasresp = this.auth(username, password, encoding); - if (wasresp == null || !wasresp.isSuccess()) { + Authentication aresp = this.auth(username, password, encoding); + if (aresp == null || !aresp.isSuccess()) { logger.debug("Athentication not successful"); this.redirectFailure(resp); } HttpSession session = req.getSession(); - User user = new User(username, password); + User user = aresp.getUser(); session.setAttribute("user", user); String uri = (String)session.getAttribute("requesturi"); this.redirectSuccess(resp, uri); - - /* Assertion assertion = wasresponse.getAssertion(); */ - /* System.out.println("ID: " + assertion.getID()); */ - /* System.out.println("UserID: " + assertion.getUserID()); */ - /* System.out.println("NameID: " + assertion.getNameID()); */ - /* System.out.println("GroupID: " + assertion.getGroupID()); */ - /* System.out.println("GroupName: " + assertion.getGroupName()); */ - /* System.out.println("From: " + assertion.getFrom()); */ - /* System.out.println("Until: " + assertion.getUntil()); */ - /* for(String role : assertion.getRoles()) { */ - /* System.out.println("Role: " + role); */ - /* } */ - /* Signature signature = assertion.getSiganture(); */ - /* System.out.println("Cert:"); */ - /* System.out.println(signature.getCertificate()); */ - /* System.out.println("Value: " + signature.getValue()); */ - /* System.out.println("Digest: " + signature.getDigestValue()); */ - /* System.out.println("Reference: " + signature.getReference()); */ - } - catch(ServiceException e) { + catch(AuthenticationException e) { //TODO User could not be authenticated throw new ServletException(e); } - catch(GeneralSecurityException e) { - throw new ServletException(e); - } } - private Response auth(String username, String password, String encoding) - throws IOException, ServiceException, GeneralSecurityException { - SSLSocketFactory sf = new SSLSocketFactory( - new GGInATrustStrategy()); - Scheme https = new Scheme("https", 443, sf); - HttpClient httpclient = new DefaultHttpClient(); - httpclient.getConnectionManager().getSchemeRegistry().register(https); - - Request httpget = new Request("https://geoportal.bafg.de/" + - "administration/WAS", username, password, encoding); - HttpResponse response = httpclient.execute(httpget); - HttpEntity entity = response.getEntity(); - if (entity == null) { - return null; - } - else { - return new Response(entity); - } + private Authentication auth(String username, String password, String encoding) + throws AuthenticationException, IOException { + String auth = this.getInitParameter("authentication"); + return AuthenticationFactory.getInstance(auth).auth(username, password, encoding); } }