use of com.iplanet.sso.SSOTokenManager in project OpenAM by OpenRock.
the class LoginViewBean method handleNewOrgResponse.
private void handleNewOrgResponse(SSOToken ssoToken) {
String strButton = (String) reqDataHash.get(BUTTON);
if (strButton == null) {
strButton = (String) reqDataHash.get(BUTTON_OLD);
}
if (loginDebug.messageEnabled()) {
loginDebug.message("Submit with button : " + strButton);
}
if (strButton != null && !strButton.isEmpty()) {
ISLocaleContext localeContext = new ISLocaleContext();
localeContext.setLocale(request);
fallbackLocale = localeContext.getLocale();
rb = rbCache.getResBundle(bundleName, fallbackLocale);
if (strButton.trim().equals(rb.getString("Yes").trim())) {
logIntoDiffOrg = true;
loginDebug.message("Submit with YES. Destroy session.");
clearCookie(AuthUtils.getCookieName());
AuthUtils.clearHostUrlCookie(response);
AuthUtils.clearlbCookie(request, response);
try {
SSOTokenManager tokenMgr = SSOTokenManager.getInstance();
tokenMgr.destroyToken(ssoToken);
} catch (SSOException ssoe) {
loginDebug.message("Unable to destroy old session for new_org case", ssoe);
}
} else if (strButton.trim().equals(rb.getString("No").trim())) {
loginDebug.message("Aborting different realm auth");
logIntoDiffOrg = false;
}
} else {
setErrorMessage(null);
}
}
use of com.iplanet.sso.SSOTokenManager in project OpenAM by OpenRock.
the class FAMAuthScheme method verifyFMToken.
private String verifyFMToken(String cookie) {
cookie = cookie.substring(fmprefixLen, cookie.length());
logw.println("Check if FM Token is valid" + cookie);
logw.println(" Checking.. 1");
SSOToken token = null;
try {
SSOTokenManager manager = SSOTokenManager.getInstance();
token = manager.createSSOToken(cookie);
if (!manager.isValidToken(token)) {
logw.println("FM Token is invalid");
return null;
}
logw.println("Token is VALID :" + token.getPrincipal().getName());
return token.getPrincipal().getName();
} catch (Throwable ex2) {
logw.println("FM token is invalid" + ex2.getMessage());
ex2.printStackTrace();
}
return null;
}
use of com.iplanet.sso.SSOTokenManager in project OpenAM by OpenRock.
the class HOTP method init.
public void init(Subject subject, Map sharedState, Map options) {
currentConfig = options;
String authLevel = CollectionHelper.getMapAttr(options, AUTHLEVEL);
if (authLevel != null) {
try {
setAuthLevel(Integer.parseInt(authLevel));
} catch (Exception e) {
debug.error("HOTP.init() : " + "Unable to set auth level " + authLevel, e);
}
}
gatewaySMSImplClass = CollectionHelper.getMapAttr(options, GATEWAYSMSImplCLASS);
codeValidityDuration = CollectionHelper.getMapAttr(options, CODEVALIDITYDURATION);
codeLength = CollectionHelper.getMapAttr(options, CODELENGTH);
codeDelivery = CollectionHelper.getMapAttr(options, CODEDELIVERY);
telephoneAttribute = CollectionHelper.getMapAttr(options, ATTRIBUTEPHONE);
carrierAttribute = CollectionHelper.getMapAttr(options, ATTRIBUTECARRIER);
emailAttribute = CollectionHelper.getMapAttr(options, ATTRIBUTEEMAIL);
try {
userSearchAttributes = getUserAliasList();
} catch (final AuthLoginException ale) {
debug.warning("HOTP.init: unable to retrieve search attributes", ale);
}
if (debug.messageEnabled()) {
debug.message("HOTP.init() : " + "telephone attribute=" + telephoneAttribute + " carrier attribute=" + carrierAttribute + " email attribute=" + emailAttribute + " user search attributes=" + userSearchAttributes);
}
java.util.Locale locale = getLoginLocale();
bundle = amCache.getResBundle(amAuthHOTP, locale);
if (debug.messageEnabled()) {
debug.message("HOTP.init() : " + "HOTP resouce bundle locale=" + locale);
}
userName = (String) sharedState.get(getUserKey());
if (userName == null || userName.isEmpty()) {
try {
//Session upgrade case. Need to find the user ID from the old session.
SSOTokenManager mgr = SSOTokenManager.getInstance();
InternalSession isess = getLoginState("HOTP").getOldSession();
if (isess == null) {
throw new AuthLoginException("amAuth", "noInternalSession", null);
}
SSOToken token = mgr.createSSOToken(isess.getID().toString());
userUUID = token.getPrincipal().getName();
userName = token.getProperty("UserToken");
if (debug.messageEnabled()) {
debug.message("HOTP.init() : UserName in SSOToken : " + userName);
}
} catch (SSOException ssoe) {
debug.error("HOTP.init() : Unable to retrieve userName from existing session", ssoe);
} catch (AuthLoginException ale) {
debug.error("HOTP.init() : Unable to retrieve userName from existing session", ale);
}
}
this.sharedState = sharedState;
if (sharedState.containsKey(SKIP_HOTP)) {
skip = (Boolean) sharedState.get(SKIP_HOTP);
}
hotpAutoClicking = CollectionHelper.getMapAttr(options, AUTO_CLICKING).equals("true");
HOTPParams hotpParams = new HOTPParams(gatewaySMSImplClass, Long.parseLong(codeValidityDuration), telephoneAttribute, carrierAttribute, emailAttribute, codeDelivery, currentConfig, Integer.parseInt(codeLength), bundle.getString("messageSubject"), bundle.getString("messageContent"), FROM_ADDRESS, userSearchAttributes);
hotpService = new HOTPService(getAMIdentityRepository(getRequestOrg()), userName, hotpParams);
}
use of com.iplanet.sso.SSOTokenManager in project OpenAM by OpenRock.
the class AuthenticatorOATH method checkForSessionAndGetUsernameAndUUID.
private void checkForSessionAndGetUsernameAndUUID() throws SSOException, AuthLoginException {
if (StringUtils.isEmpty(userName)) {
// session upgrade case. Need to find the user ID from the old
SSOTokenManager mgr = SSOTokenManager.getInstance();
InternalSession isess = getLoginState("OATH").getOldSession();
if (isess == null) {
throw new AuthLoginException("amAuth", "noInternalSession", null);
}
SSOToken token = mgr.createSSOToken(isess.getID().toString());
userId = token.getPrincipal().getName();
userName = token.getProperty("UserToken");
if (debug.messageEnabled()) {
debug.message("OATH.process() : Username from SSOToken : " + userName);
}
if (StringUtils.isEmpty(userName)) {
throw new AuthLoginException("amAuth", "noUserName", null);
}
}
}
use of com.iplanet.sso.SSOTokenManager in project OpenAM by OpenRock.
the class AuthClientUtils method isSessionUpgradeOrForceAuth.
/**
* Tells whether the incoming request corresponds to a session upgrade or ForceAuth.
*
* @param request The incoming HttpServletRequest.
* @return <code>true</code> if the request corresponds to a session upgrade or ForceAuth, <code>false</code>
* otherwise.
*/
public static boolean isSessionUpgradeOrForceAuth(HttpServletRequest request) {
Hashtable reqDataHash = parseRequestParameters(request);
boolean isForceAuth = forceAuthFlagExists(reqDataHash);
if (!isForceAuth) {
try {
SSOTokenManager tokenManager = SSOTokenManager.getInstance();
SSOToken token = tokenManager.createSSOToken(request);
return checkSessionUpgrade(token, reqDataHash);
} catch (SSOException ssoe) {
if (utilDebug.messageEnabled()) {
utilDebug.message("Unable to create sso token for isSessionUpgrade check: ", ssoe);
}
}
}
return isForceAuth;
}
Aggregations