Example 1 with L10NMessageImpl
use of com.sun.identity.shared.locale.L10NMessageImpl in project OpenAM by OpenRock.
the class RestAuthenticationHandler method authenticate.
/**
* Handles either the creation or retrieval of the Login Process, dependent on if the request is a new
* authentication request or a continuation of one.
*
* @param request The HttpServletRequest.
* @param response The HttpServletResponse.
* @param postBody The post body of the request.
* @param authIndexType The authentication index type.
* @param indexValue The authentication index value.
* @param sessionUpgradeSSOTokenId The SSO Token Id of the user's current session, null if not performing a session
* upgrade.
* @return The Response of the authentication request.
*/
private JsonValue authenticate(HttpServletRequest request, HttpServletResponse response, JsonValue postBody, String authIndexType, String indexValue, String sessionUpgradeSSOTokenId) throws RestAuthException {
LoginProcess loginProcess = null;
try {
AuthIndexType indexType = getAuthIndexType(authIndexType);
String authId = null;
String sessionId = null;
if (postBody != null) {
authId = getAuthId(postBody);
if (authId != null) {
SignedJwt jwt = authIdHelper.reconstructAuthId(authId);
sessionId = getSessionId(jwt);
indexType = getAuthIndexType(jwt);
indexValue = getAuthIndexValue(jwt);
String realmDN = getRealmDomainName(jwt);
AuditRequestContext.putProperty(SESSION_ID, sessionId);
authIdHelper.verifyAuthId(realmDN, authId);
}
}
LoginConfiguration loginConfiguration = new LoginConfiguration().httpRequest(request).httpResponse(response).indexType(indexType).indexValue(indexValue).sessionId(sessionId).forceAuth(request.getParameter(AuthUtils.FORCE_AUTH)).sessionUpgrade(sessionUpgradeSSOTokenId);
loginProcess = loginAuthenticator.getLoginProcess(loginConfiguration);
return processAuthentication(request, response, postBody, authId, loginProcess, loginConfiguration);
} catch (RestAuthException e) {
if (loginProcess != null) {
String failureUrl = urlValidator.getRedirectUrl(loginProcess.getAuthContext().getOrgDN(), loginProcess.getFailureURL(), null);
e.setFailureUrl(failureUrl);
}
throw e;
} catch (L10NMessageImpl e) {
throw new RestAuthException(amAuthErrorCodeResponseStatusMapping.getAuthLoginExceptionResponseStatus(e.getErrorCode()), e);
} catch (JsonException e) {
throw new RestAuthException(ResourceException.INTERNAL_ERROR, e);
} catch (SignatureException e) {
throw new RestAuthException(ResourceException.INTERNAL_ERROR, e);
} catch (AuthLoginException e) {
throw new RestAuthException(amAuthErrorCodeResponseStatusMapping.getAuthLoginExceptionResponseStatus(e.getErrorCode()), e);
} catch (JwsSigningException jse) {
DEBUG.error("JwsSigningException", jse);
throw new RestAuthException(ResourceException.INTERNAL_ERROR, "JwsSigningException, " + jse.getMessage());
}
}
Also used :
RestAuthException(org.forgerock.openam.core.rest.authn.exceptions.RestAuthException)
JsonException(org.forgerock.json.JsonException)
JwsSigningException(org.forgerock.json.jose.exceptions.JwsSigningException)
L10NMessageImpl(com.sun.identity.shared.locale.L10NMessageImpl)
AuthIndexType(org.forgerock.openam.core.rest.authn.core.AuthIndexType)
LoginConfiguration(org.forgerock.openam.core.rest.authn.core.LoginConfiguration)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
SignedJwt(org.forgerock.json.jose.jws.SignedJwt)
SignatureException(java.security.SignatureException)
LoginProcess(org.forgerock.openam.core.rest.authn.core.LoginProcess)
Example 2 with L10NMessageImpl
use of com.sun.identity.shared.locale.L10NMessageImpl in project OpenAM by OpenRock.
the class LoginLogoutMapping method processRequest.
/**
* Processes requests for both HTTP <code>GET</code> and <code>POST</code>
* methods.
*
* @param request servlet request
* @param response servlet response
* @throws ServletException
* @throws java.io.IOException
*/
protected void processRequest(HttpServletRequest request, HttpServletResponse response) throws ServletException, java.io.IOException {
// Check content length
try {
RequestUtils.checkContentLength(request);
} catch (L10NMessageImpl e) {
ISLocaleContext localeContext = new ISLocaleContext();
localeContext.setLocale(request);
java.util.Locale locale = localeContext.getLocale();
if (Debug.getInstance("amLoginLogoutMapping").messageEnabled()) {
Debug.getInstance("amLoginLogoutMapping").message("LoginLogoutMapping: " + e.getL10NMessage(locale));
}
throw new ServletException(e.getL10NMessage(locale));
}
String servletPath = request.getServletPath();
String forwardUrl = "";
if (servletPath.equals("/login")) {
forwardUrl = "/UI/Login";
} else if (servletPath.equals("/logout")) {
forwardUrl = "/UI/Logout";
}
RequestDispatcher dispatcher = config.getServletContext().getRequestDispatcher(forwardUrl);
dispatcher.forward(request, response);
return;
}
Also used :
Locale(java.util.Locale)
L10NMessageImpl(com.sun.identity.shared.locale.L10NMessageImpl)
ISLocaleContext(com.sun.identity.common.ISLocaleContext)
Example 3 with L10NMessageImpl
use of com.sun.identity.shared.locale.L10NMessageImpl in project OpenAM by OpenRock.
the class SAML2 method stepLogin.
/**
* In conjuncture with injectCallbacks, steps through an internal auth chain (stored in authenticationContext) until
* it's completed by repeatedly injecting the callbacks from the internal chain's modules and submitting
* them until the status has confirmed failed or succeeded.
*/
private int stepLogin(final Callback[] realCallbacks, final int state) throws AuthLoginException {
if (authenticationContext == null || authenticationContext.getStatus().equals(AuthContext.Status.FAILED)) {
return processError(bundle.getString("samlLocalAuthFailed"), "SAML2 :: process() : failed to perform local authentication - {} ", bundle.getString("samlLocalAuthFailed"));
} else if (authenticationContext.getStatus().equals(AuthContext.Status.IN_PROGRESS)) {
return injectCallbacks(realCallbacks, state);
} else if (authenticationContext.getStatus().equals(AuthContext.Status.SUCCESS)) {
try {
final NameID nameId = getNameId();
final String userName = authenticationContext.getSSOToken().getProperty(UNIVERSAL_IDENTIFIER);
linkAccount(userName, nameId);
return success(authnAssertion, nameId, userName);
} catch (L10NMessageImpl l10NMessage) {
return processError(l10NMessage, null, "SAML2 :: process() : failed to perform local authentication - {} ", l10NMessage.getL10NMessage(getLoginLocale()));
} finally {
authenticationContext.logout();
}
}
return processError(bundle.getString("invalidLoginState"), "SAML2 :: stepLogin() : unexpected login state");
}
Also used :
NameID(com.sun.identity.saml2.assertion.NameID)
L10NMessageImpl(com.sun.identity.shared.locale.L10NMessageImpl)
Example 4 with L10NMessageImpl
use of com.sun.identity.shared.locale.L10NMessageImpl in project OpenAM by OpenRock.
the class ContextHolder method getUniversalId.
/**
* Obtain the universal ID from the SSO token held by the auth context. If there is no SSO token available or there
* is no universal id available then null will be returned.
*
* @return the universalId, or null if none is available.
*/
public String getUniversalId() {
LOG.message("Entering ContextHolder.getUniversalId()");
String universalId = null;
try {
SSOToken token = this.authContext.getSSOToken();
if (token != null) {
universalId = token.getProperty(Constants.UNIVERSAL_IDENTIFIER);
} else {
LOG.message("No SSO token available from the auth context.");
}
} catch (L10NMessageImpl e) {
LOG.warning("Could not get universal ID from the SSOToken.", e);
}
LOG.message("Leaving ContextHolder.getUniversalId()");
return universalId;
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
L10NMessageImpl(com.sun.identity.shared.locale.L10NMessageImpl)
Example 5 with L10NMessageImpl
use of com.sun.identity.shared.locale.L10NMessageImpl in project OpenAM by OpenRock.
the class LoginViewBean method processLoginDisplay.
protected void processLoginDisplay() throws Exception {
loginDebug.message("In processLoginDisplay()");
String tmp = "";
try {
if (!onePageLogin) {
if (AuthUtils.isNewRequest(ac)) {
loginDebug.message("In processLoginDisplay() : Session New ");
getLoginDisplay();
return;
}
}
String page_state = request.getParameter("page_state");
if (loginDebug.messageEnabled()) {
loginDebug.message("Submit with Page State : " + page_state);
}
if ((page_state != null) && (page_state.length() != 0)) {
callbacks = AuthUtils.getCallbacksPerState(ac, page_state);
if (callbacks == null) {
errorCode = AMAuthErrorCode.AUTH_TIMEOUT;
ErrorMessage = AuthUtils.getErrorVal(AMAuthErrorCode.AUTH_TIMEOUT, AuthUtils.ERROR_MESSAGE);
errorTemplate = AuthUtils.getErrorVal(AMAuthErrorCode.AUTH_TIMEOUT, AuthUtils.ERROR_TEMPLATE);
return;
}
//Get Callbacks in order to set the page state
Callback[] callbacksForPageState = AuthUtils.getRecdCallback(ac);
for (int i = 0; i < callbacksForPageState.length; i++) {
if (loginDebug.messageEnabled()) {
loginDebug.message("In processLoginDisplay() callbacksForPageState : " + callbacksForPageState[i]);
}
if (callbacksForPageState[i] instanceof PagePropertiesCallback) {
PagePropertiesCallback ppc = (PagePropertiesCallback) callbacksForPageState[i];
if (loginDebug.messageEnabled()) {
loginDebug.message("setPageState in PPC to : " + page_state);
}
ppc.setPageState(page_state);
break;
}
}
} else {
callbacks = AuthUtils.getRecdCallback(ac);
}
indexType = AuthUtils.getIndexType(ac);
// Assign user specified values
for (int i = 0; i < callbacks.length; i++) {
if (loginDebug.messageEnabled()) {
loginDebug.message("In processLoginDisplay() callback : " + callbacks[i]);
}
if (callbacks[i] instanceof NameCallback) {
NameCallback nc = (NameCallback) callbacks[i];
tmp = (String) reqDataHash.get(TOKEN + Integer.toString(i));
if (tmp == null) {
tmp = (String) reqDataHash.get(TOKEN_OLD + Integer.toString(i));
}
if ((bAuthLevel) || (tmp == null)) {
tmp = "";
}
nc.setName(tmp.trim());
} else if (callbacks[i] instanceof PasswordCallback) {
PasswordCallback pc = (PasswordCallback) callbacks[i];
tmp = (String) reqDataHash.get(TOKEN + Integer.toString(i));
if (tmp == null) {
tmp = (String) reqDataHash.get(TOKEN_OLD + Integer.toString(i));
}
if (tmp == null) {
tmp = "";
}
pc.setPassword(tmp.toCharArray());
} else if (callbacks[i] instanceof ChoiceCallback) {
ChoiceCallback cc = (ChoiceCallback) callbacks[i];
choice = (String) reqDataHash.get(TOKEN + Integer.toString(i));
if (choice == null) {
choice = (String) reqDataHash.get(TOKEN_OLD + Integer.toString(i));
}
if (loginDebug.messageEnabled()) {
loginDebug.message("choice : " + choice);
}
String[] choices = cc.getChoices();
if (choice == null) {
if (loginDebug.messageEnabled()) {
loginDebug.message("No selected choice.");
}
} else if (choice.indexOf("|") != -1) {
StringTokenizer st = new StringTokenizer(choice, "|");
int cnt = st.countTokens();
int[] selectIndexs = new int[cnt];
int j = 0;
if (loginDebug.messageEnabled()) {
loginDebug.message("No of tokens : " + Integer.toString(cnt));
}
while (st.hasMoreTokens()) {
choice = st.nextToken();
if (choice != null && choice.length() != 0) {
int selected = Integer.parseInt(choice);
choice = choices[selected];
selectIndexs[j++] = selected;
if (loginDebug.messageEnabled()) {
loginDebug.message("selected choice : " + choice + " & selected index : " + selected);
}
}
}
cc.setSelectedIndexes(selectIndexs);
if (loginDebug.messageEnabled()) {
loginDebug.message("Selected indexes : " + selectIndexs);
}
} else {
int selected = Integer.parseInt(choice);
cc.setSelectedIndex(selected);
choice = choices[selected];
if (loginDebug.messageEnabled()) {
loginDebug.message("selected ONE choice : " + choice + " & selected ONE index : " + selected);
}
}
} else if (callbacks[i] instanceof ConfirmationCallback) {
ConfirmationCallback conc = (ConfirmationCallback) callbacks[i];
buttonOptions = conc.getOptions();
tmp = (String) reqDataHash.get(BUTTON);
if (tmp == null) {
tmp = (String) reqDataHash.get(BUTTON_OLD);
}
if (tmp == null) {
tmp = "";
}
int selectedIndex = 0;
for (int j = 0; j < buttonOptions.length; j++) {
if ((buttonOptions[j].trim()).equals(tmp.trim())) {
selectedIndex = j;
}
}
conc.setSelectedIndex(selectedIndex);
if (loginDebug.messageEnabled()) {
loginDebug.message("selected button : " + buttonOptions[selectedIndex] + " & selected button index : " + selectedIndex);
}
} else if (callbacks[i] instanceof RedirectCallback) {
RedirectCallback rc = (RedirectCallback) callbacks[i];
String status = request.getParameter(rc.getStatusParameter());
clearCookie(rc.getRedirectBackUrlCookieName());
loginDebug.message("Redirect callback : set status");
rc.setStatus(status);
}
}
// testing
if (loginDebug.messageEnabled()) {
loginDebug.message(" length 0f callbacks : " + callbacks.length);
loginDebug.message(" Index type : " + indexType + " Index name : " + indexName);
}
if ((indexType == AuthContext.IndexType.LEVEL) || (indexType == AuthContext.IndexType.COMPOSITE_ADVICE)) {
if (loginDebug.messageEnabled()) {
loginDebug.message("In processLoginDisplay(), Index type" + " is Auth Level or Composite Advice and selected Module " + "or Service is : " + choice);
}
indexName = AMAuthUtils.getDataFromRealmQualifiedData(choice);
String qualifiedRealm = AMAuthUtils.getRealmFromRealmQualifiedData(choice);
String orgDN = null;
if ((qualifiedRealm != null) && (qualifiedRealm.length() != 0)) {
orgDN = DNMapper.orgNameToDN(qualifiedRealm);
ac.setOrgDN(orgDN);
}
int type = AuthUtils.getCompositeAdviceType(ac);
if (type == AuthUtils.MODULE) {
indexType = AuthContext.IndexType.MODULE_INSTANCE;
} else if (type == AuthUtils.SERVICE) {
indexType = AuthContext.IndexType.SERVICE;
} else if (type == AuthUtils.REALM) {
indexType = AuthContext.IndexType.SERVICE;
orgDN = DNMapper.orgNameToDN(choice);
indexName = AuthUtils.getOrgConfiguredAuthenticationChain(orgDN);
ac.setOrgDN(orgDN);
} else {
indexType = AuthContext.IndexType.MODULE_INSTANCE;
}
bAuthLevel = true;
if ((indexName != null) && (indexType == AuthContext.IndexType.MODULE_INSTANCE)) {
if (indexName.equalsIgnoreCase("Application")) {
onePageLogin = true;
}
}
if (loginDebug.messageEnabled()) {
loginDebug.message("Index type : " + indexType);
loginDebug.message("Index name : " + indexName);
loginDebug.message("qualified orgDN : " + orgDN);
}
getLoginDisplay();
} else {
// Submit the information to auth module
ac.submitRequirements(callbacks);
// Check if more information is required
if (loginDebug.messageEnabled()) {
loginDebug.message("before hasMoreRequirements: Status is: " + ac.getStatus());
}
if (ac.hasMoreRequirements()) {
loginDebug.message("Has more requirements after Submit ");
callbacks = ac.getRequirements();
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof HttpCallback) {
processHttpCallback((HttpCallback) callbacks[i]);
return;
} else if (callbacks[i] instanceof RedirectCallback) {
processRedirectCallback((RedirectCallback) callbacks[i]);
return;
}
}
addLoginCallbackMessage(callbacks);
if (!LoginFail) {
//if the login already failed, then LoginState is already
//nullified, hence any attempt of calling this method
//the errormessage/code/template should be already set
//so a proper error page is shown.
AuthUtils.setCallbacksPerState(ac, pageState, callbacks);
}
} else {
if (loginDebug.messageEnabled()) {
loginDebug.message("No more Requirements : Status is : " + ac.getStatus());
}
if (ac.getStatus() == AuthContext.Status.SUCCESS) {
LoginSuccess = true;
ResultVal = rb.getString("authentication.successful");
/*
* redirect to 'goto' parameter or SPI hook or default
* redirect URL.
*/
redirect_url = AuthUtils.getLoginSuccessURL(ac);
if ((redirect_url != null) && (redirect_url.length() != 0)) {
if (loginDebug.messageEnabled()) {
loginDebug.message("LoginSuccessURL (in case of " + " successful auth) : " + redirect_url);
}
}
} else if (ac.getStatus() == AuthContext.Status.FAILED) {
handleAuthLoginException(null);
/*
* redirect to 'goto' parameter or SPI hook or default
* redirect URL.
*/
redirect_url = AuthUtils.getLoginFailedURL(ac);
if ((redirect_url != null) && (redirect_url.length() != 0)) {
if (loginDebug.messageEnabled()) {
loginDebug.message("LoginFailedURL : " + redirect_url);
}
}
} else {
/*
* redirect to 'goto' parameter or SPI hook or default
* redirect URL.
*/
redirect_url = AuthUtils.getLoginFailedURL(ac);
if (loginDebug.warningEnabled()) {
loginDebug.warning("Login Status is " + ac.getStatus() + " - redirect to loginFailedURL : " + redirect_url);
}
setErrorMessage(null);
}
}
}
} catch (Exception e) {
if (loginDebug.messageEnabled()) {
loginDebug.message("Error in processing LoginDisplay : ", e);
}
setErrorMessage(e);
throw new L10NMessageImpl(bundleName, "loginDisplay.process", new Object[] { e.getMessage() });
}
}
Also used :
RedirectCallback(com.sun.identity.authentication.spi.RedirectCallback)
ConfirmationCallback(javax.security.auth.callback.ConfirmationCallback)
PagePropertiesCallback(com.sun.identity.authentication.spi.PagePropertiesCallback)
L10NMessageImpl(com.sun.identity.shared.locale.L10NMessageImpl)
HttpCallback(com.sun.identity.authentication.spi.HttpCallback)
ModelControlException(com.iplanet.jato.model.ModelControlException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
SSOException(com.iplanet.sso.SSOException)
IOException(java.io.IOException)
ChoiceCallback(javax.security.auth.callback.ChoiceCallback)
StringTokenizer(java.util.StringTokenizer)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
Callback(javax.security.auth.callback.Callback)
PagePropertiesCallback(com.sun.identity.authentication.spi.PagePropertiesCallback)
HttpCallback(com.sun.identity.authentication.spi.HttpCallback)
RedirectCallback(com.sun.identity.authentication.spi.RedirectCallback)
ChoiceCallback(javax.security.auth.callback.ChoiceCallback)
NameCallback(javax.security.auth.callback.NameCallback)
ConfirmationCallback(javax.security.auth.callback.ConfirmationCallback)
NameCallback(javax.security.auth.callback.NameCallback)
PasswordCallback(javax.security.auth.callback.PasswordCallback)
Aggregations
L10NMessageImpl (com.sun.identity.shared.locale.L10NMessageImpl)11
SSOException (com.iplanet.sso.SSOException)4
AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)4
ISLocaleContext (com.sun.identity.common.ISLocaleContext)4
IOException (java.io.IOException)3
ServletException (javax.servlet.ServletException)3
ModelControlException (com.iplanet.jato.model.ModelControlException)2
HttpCallback (com.sun.identity.authentication.spi.HttpCallback)2
RedirectCallback (com.sun.identity.authentication.spi.RedirectCallback)2
ChoiceCallback (javax.security.auth.callback.ChoiceCallback)2
ConfirmationCallback (javax.security.auth.callback.ConfirmationCallback)2
NameCallback (javax.security.auth.callback.NameCallback)2
PasswordCallback (javax.security.auth.callback.PasswordCallback)2
RequestDispatcher (javax.servlet.RequestDispatcher)2
HttpServletRequest (javax.servlet.http.HttpServletRequest)2
HttpServletResponse (javax.servlet.http.HttpServletResponse)2
SessionID (com.iplanet.dpro.session.SessionID)1
InternalSession (com.iplanet.dpro.session.service.InternalSession)1
CompleteRequestException (com.iplanet.jato.CompleteRequestException)1
RequestContextImpl (com.iplanet.jato.RequestContextImpl)1
