Mercurial > dive4elements > river
view flys-client/src/main/java/de/intevation/flys/client/server/auth/was/Response.java @ 4488:5041105d2edd
Check if response code from GGInA is 200 OK
Only parse the GGInA response if the status code is 200 OK. This improves the
error message if GGInA is not available and shows the real reason instead of a
JDOM error while parsing the response.
author | Björn Ricks <bjoern.ricks@intevation.de> |
---|---|
date | Wed, 14 Nov 2012 10:36:21 +0100 |
parents | 1387cdeb8d93 |
children |
line wrap: on
line source
package de.intevation.flys.client.server.auth.was; import java.io.IOException; import java.io.InputStream; import java.util.List; import org.apache.commons.codec.binary.Base64InputStream; import org.apache.http.HttpEntity; import org.apache.log4j.Logger; import org.jdom.Document; import org.jdom.Element; import org.jdom.JDOMException; import org.jdom.input.SAXBuilder; import de.intevation.flys.client.server.auth.Authentication; import de.intevation.flys.client.server.auth.AuthenticationException; import de.intevation.flys.client.server.features.Features; public class Response implements Authentication { private static Logger logger = Logger.getLogger(Response.class); private Element root; private Assertion assertion; private String username; private String password; private Features features; public Response(HttpEntity entity, String username, String password, Features features) throws AuthenticationException, IOException { if (entity == null) { throw new ServiceException("Invalid response"); } String contenttype = entity.getContentType().getValue(); try { InputStream in = entity.getContent(); if (!contenttype.equals("application/vnd.ogc.se_xml")) { // XXX: Assume base64 encoded content. in = new Base64InputStream(in); } SAXBuilder builder = new SAXBuilder(); Document doc = builder.build(in); Element root = doc.getRootElement(); String rname = root.getName(); if (rname != null && rname.equals("ServiceExceptionReport")) { throw new ServiceException(root.getChildText("ServiceException")); } this.root = root; this.username = username; this.password = password; this.features = features; } catch(JDOMException e) { throw new AuthenticationException(e); } } public Element getRoot() { return this.root; } @Override public boolean isSuccess() { String status = getStatus(); return status != null && status.equals("samlp:Success"); } public String getStatus() { Element status = this.root.getChild("Status", Namespaces.SAML_NS_PROTO); if (status == null) { return null; } Element statuscode = status.getChild("StatusCode", Namespaces.SAML_NS_PROTO); if (statuscode == null) { return null; } return statuscode.getAttributeValue("Value"); } public Assertion getAssertion() { if (this.assertion == null && this.root != null) { Element assertion = this.root.getChild("Assertion", Namespaces.SAML_NS_ASSERT); if (assertion != null) { this.assertion = new Assertion(assertion); } } return this.assertion; } @Override public User getUser() throws AuthenticationException { Assertion assertion = this.getAssertion(); if (assertion == null) { throw new AuthenticationException("Response doesn't contain an assertion"); } List<String> features = this.features.getFeatures( this.assertion.getRoles()); logger.debug("User " + this.username + " with features " + features + " successfully authenticated."); return new User(this.username, this.password, assertion.getNameID(), this.assertion.getRoles(), assertion, features); } } // vim: set si et fileencoding=utf-8 ts=4 sw=4 tw=80: