Mercurial > dive4elements > river

view gwt-client/src/main/java/org/dive4elements/river/client/server/auth/was/Authenticator.java @ 5948:d7b9b3e3c61a

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Make instantiation of saml.User easier. Most of the parameters of the constructor can be taken from the Assertion object, so there's no reason to pass them separately. Also, trying to check the validity dates isn't useful for the single sign on case. See comments in the hasExpired method.
author Bernhard Herzog <bh@intevation.de>
date Wed, 08 May 2013 17:56:14 +0200
parents a96350a1c160
children ea9eef426962
line wrap: on
line source
/* Copyright (C) 2011, 2012, 2013 by Bundesanstalt für Gewässerkunde
 * Software engineering by Intevation GmbH
 *
 * This file is Free Software under the GNU AGPL (>=v3) 
 * and comes with ABSOLUTELY NO WARRANTY! Check out the
 * documentation coming with Dive4Elements River for details. 
 */

package org.dive4elements.river.client.server.auth.was;

import java.io.IOException;
import java.security.GeneralSecurityException;
import javax.servlet.ServletContext;

import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.StatusLine;
import org.apache.http.client.HttpClient;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;

import org.dive4elements.river.client.server.GGInATrustStrategy;
import org.dive4elements.river.client.server.auth.Authentication;
import org.dive4elements.river.client.server.auth.AuthenticationException;
import org.dive4elements.river.client.server.features.Features;

public class Authenticator
implements org.dive4elements.river.client.server.auth.Authenticator {

    @Override
    public Authentication auth(
        String username,
        String password,
        String encoding,
        Features features,
        ServletContext context
    ) throws
        AuthenticationException,
        IOException
    {
            try {
                SSLSocketFactory sf = new SSLSocketFactory(
                        new GGInATrustStrategy());
                Scheme https = new Scheme("https", 443, sf);
                HttpClient httpclient = new DefaultHttpClient();
                httpclient.getConnectionManager().getSchemeRegistry().register(
                        https);

                Request httpget = new Request("https://geoportal.bafg.de/" +
                        "administration/WAS", username, password, encoding);
                HttpResponse response = httpclient.execute(httpget);
                StatusLine stline = response.getStatusLine();
                if (stline.getStatusCode() != 200) {
                    throw new AuthenticationException("GGInA Server Error. " +
                            "Statuscode: " + stline.getStatusCode() +
                            ". Reason: " + stline.getReasonPhrase());
                }
                HttpEntity entity = response.getEntity();
                if (entity == null) {
                    //FIXME throw AuthenticationException
                    return null;
                }
                else {
                    String trustedKey =
                    (String)context.getInitParameter("saml-trusted-public-key");
                    return new Response(entity, username, password, features,
                                        context.getRealPath(trustedKey));
                }
            }
            catch(GeneralSecurityException e) {
                throw new AuthenticationException(e);
            }
    }
}
http://dive4elements.wald.intevation.org