use of com.ctrip.infosec.sso.client.principal.AttributePrincipal in project x-pipe by ctripcorp.
the class CtripSSOFilter method validTicket.
private void validTicket(String ticket, final HttpServletRequest request, final HttpServletResponse response) throws ServletException {
if (logger.isDebugEnabled()) {
logger.debug("Attempting to validate ticket: " + ticket);
}
try {
final Assertion assertion = this.validator.validate(ticket, constructServiceUrl(request, response));
if (logger.isDebugEnabled()) {
logger.debug("Successfully authenticated user: " + assertion.getPrincipal().getName());
}
AssertionHolder.setAssertion(assertion);
if (this.isCluster) {
/**
* 用户认证信息写 sso server端接口
*/
AttributePrincipal principal = assertion.getPrincipal();
String uuid = getUUID(principal);
// 设置编码
try {
HttpPost httppost = new HttpPost(casServerUrlPrefix + "/client/principal");
Map<String, Object> map = new HashMap<>();
map.put("id", uuid);
map.put("principal", JSON.toJSONString(principal.getAttributes()));
map.put("expire", EXPIRE_TIME_ASSERTION);
StringEntity entity = new StringEntity(JSON.toJSONString(map), "UTF-8");
entity.setContentEncoding("UTF-8");
entity.setContentType("application/json");
httppost.setEntity(entity);
CloseableHttpResponse httpResponse = httpClient.execute(httppost);
String result = EntityUtils.toString(httpResponse.getEntity(), "UTF-8");
JSONObject jsonObject = JSON.parseObject(result);
if ((Integer) jsonObject.get("code") == 0) {
Cookie cookie = new Cookie(generateCookieName(request.getContextPath()), uuid);
cookie.setMaxAge(EXPIRE_TIME_ASSERTION);
cookie.setPath(StringUtils.isNotBlank(request.getContextPath()) ? request.getContextPath() : "/");
response.addCookie(cookie);
}
} catch (Exception e) {
logger.error(e.getMessage());
}
} else {
/**
* 用户认证信息写session
*/
request.setAttribute(CONST_CAS_ASSERTION, assertion);
request.getSession().setAttribute(CONST_CAS_ASSERTION, assertion);
}
} catch (final TicketValidationException e) {
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
logger.warn(e.getMessage(), e);
if (this.exceptionOnValidationFailure) {
throw new ServletException(e);
}
} catch (Exception e) {
throw new ServletException(e);
}
}
use of com.ctrip.infosec.sso.client.principal.AttributePrincipal in project x-pipe by ctripcorp.
the class CtripUserInfoHolder method getUser.
@Override
public UserInfo getUser() {
try {
Assertion assertion = AssertionHolder.getAssertion();
if (assertion != null) {
AttributePrincipal principal = assertion.getPrincipal();
String userId = principal.getName();
UserInfo userInfo = new CtripUserInfo();
userInfo.setUserId(userId);
return userInfo;
}
} catch (Exception e) {
throw new RuntimeException("get user info from assertion holder error", e);
}
return CtripUserInfo.noBody();
}
Aggregations