Search in sources :

Example 46 with SSOTokenManager

use of com.iplanet.sso.SSOTokenManager in project OpenAM by OpenRock.

the class LoginViewBean method handleNewOrgResponse.

private void handleNewOrgResponse(SSOToken ssoToken) {
    String strButton = (String) reqDataHash.get(BUTTON);
    if (strButton == null) {
        strButton = (String) reqDataHash.get(BUTTON_OLD);
    }
    if (loginDebug.messageEnabled()) {
        loginDebug.message("Submit with button : " + strButton);
    }
    if (strButton != null && !strButton.isEmpty()) {
        ISLocaleContext localeContext = new ISLocaleContext();
        localeContext.setLocale(request);
        fallbackLocale = localeContext.getLocale();
        rb = rbCache.getResBundle(bundleName, fallbackLocale);
        if (strButton.trim().equals(rb.getString("Yes").trim())) {
            logIntoDiffOrg = true;
            loginDebug.message("Submit with YES. Destroy session.");
            clearCookie(AuthUtils.getCookieName());
            AuthUtils.clearHostUrlCookie(response);
            AuthUtils.clearlbCookie(request, response);
            try {
                SSOTokenManager tokenMgr = SSOTokenManager.getInstance();
                tokenMgr.destroyToken(ssoToken);
            } catch (SSOException ssoe) {
                loginDebug.message("Unable to destroy old session for new_org case", ssoe);
            }
        } else if (strButton.trim().equals(rb.getString("No").trim())) {
            loginDebug.message("Aborting different realm auth");
            logIntoDiffOrg = false;
        }
    } else {
        setErrorMessage(null);
    }
}
Also used : SSOTokenManager(com.iplanet.sso.SSOTokenManager) SSOException(com.iplanet.sso.SSOException) ISLocaleContext(com.sun.identity.common.ISLocaleContext)

Example 47 with SSOTokenManager

use of com.iplanet.sso.SSOTokenManager in project OpenAM by OpenRock.

the class FAMAuthScheme method verifyFMToken.

private String verifyFMToken(String cookie) {
    cookie = cookie.substring(fmprefixLen, cookie.length());
    logw.println("Check if FM Token is valid" + cookie);
    logw.println(" Checking.. 1");
    SSOToken token = null;
    try {
        SSOTokenManager manager = SSOTokenManager.getInstance();
        token = manager.createSSOToken(cookie);
        if (!manager.isValidToken(token)) {
            logw.println("FM Token is invalid");
            return null;
        }
        logw.println("Token is VALID :" + token.getPrincipal().getName());
        return token.getPrincipal().getName();
    } catch (Throwable ex2) {
        logw.println("FM token is invalid" + ex2.getMessage());
        ex2.printStackTrace();
    }
    return null;
}
Also used : SSOTokenManager(com.iplanet.sso.SSOTokenManager) SSOToken(com.iplanet.sso.SSOToken)

Example 48 with SSOTokenManager

use of com.iplanet.sso.SSOTokenManager in project OpenAM by OpenRock.

the class HOTP method init.

public void init(Subject subject, Map sharedState, Map options) {
    currentConfig = options;
    String authLevel = CollectionHelper.getMapAttr(options, AUTHLEVEL);
    if (authLevel != null) {
        try {
            setAuthLevel(Integer.parseInt(authLevel));
        } catch (Exception e) {
            debug.error("HOTP.init() : " + "Unable to set auth level " + authLevel, e);
        }
    }
    gatewaySMSImplClass = CollectionHelper.getMapAttr(options, GATEWAYSMSImplCLASS);
    codeValidityDuration = CollectionHelper.getMapAttr(options, CODEVALIDITYDURATION);
    codeLength = CollectionHelper.getMapAttr(options, CODELENGTH);
    codeDelivery = CollectionHelper.getMapAttr(options, CODEDELIVERY);
    telephoneAttribute = CollectionHelper.getMapAttr(options, ATTRIBUTEPHONE);
    carrierAttribute = CollectionHelper.getMapAttr(options, ATTRIBUTECARRIER);
    emailAttribute = CollectionHelper.getMapAttr(options, ATTRIBUTEEMAIL);
    try {
        userSearchAttributes = getUserAliasList();
    } catch (final AuthLoginException ale) {
        debug.warning("HOTP.init: unable to retrieve search attributes", ale);
    }
    if (debug.messageEnabled()) {
        debug.message("HOTP.init() : " + "telephone attribute=" + telephoneAttribute + " carrier attribute=" + carrierAttribute + " email attribute=" + emailAttribute + " user search attributes=" + userSearchAttributes);
    }
    java.util.Locale locale = getLoginLocale();
    bundle = amCache.getResBundle(amAuthHOTP, locale);
    if (debug.messageEnabled()) {
        debug.message("HOTP.init() : " + "HOTP resouce bundle locale=" + locale);
    }
    userName = (String) sharedState.get(getUserKey());
    if (userName == null || userName.isEmpty()) {
        try {
            //Session upgrade case. Need to find the user ID from the old session.
            SSOTokenManager mgr = SSOTokenManager.getInstance();
            InternalSession isess = getLoginState("HOTP").getOldSession();
            if (isess == null) {
                throw new AuthLoginException("amAuth", "noInternalSession", null);
            }
            SSOToken token = mgr.createSSOToken(isess.getID().toString());
            userUUID = token.getPrincipal().getName();
            userName = token.getProperty("UserToken");
            if (debug.messageEnabled()) {
                debug.message("HOTP.init() : UserName in SSOToken : " + userName);
            }
        } catch (SSOException ssoe) {
            debug.error("HOTP.init() : Unable to retrieve userName from existing session", ssoe);
        } catch (AuthLoginException ale) {
            debug.error("HOTP.init() : Unable to retrieve userName from existing session", ale);
        }
    }
    this.sharedState = sharedState;
    if (sharedState.containsKey(SKIP_HOTP)) {
        skip = (Boolean) sharedState.get(SKIP_HOTP);
    }
    hotpAutoClicking = CollectionHelper.getMapAttr(options, AUTO_CLICKING).equals("true");
    HOTPParams hotpParams = new HOTPParams(gatewaySMSImplClass, Long.parseLong(codeValidityDuration), telephoneAttribute, carrierAttribute, emailAttribute, codeDelivery, currentConfig, Integer.parseInt(codeLength), bundle.getString("messageSubject"), bundle.getString("messageContent"), FROM_ADDRESS, userSearchAttributes);
    hotpService = new HOTPService(getAMIdentityRepository(getRequestOrg()), userName, hotpParams);
}
Also used : SSOTokenManager(com.iplanet.sso.SSOTokenManager) SSOToken(com.iplanet.sso.SSOToken) InternalSession(com.iplanet.dpro.session.service.InternalSession) AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException) SSOException(com.iplanet.sso.SSOException) AuthErrorCodeException(com.sun.identity.authentication.spi.AuthErrorCodeException) AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException) InvalidPasswordException(com.sun.identity.authentication.spi.InvalidPasswordException) SSOException(com.iplanet.sso.SSOException)

Example 49 with SSOTokenManager

use of com.iplanet.sso.SSOTokenManager in project OpenAM by OpenRock.

the class AuthenticatorOATH method checkForSessionAndGetUsernameAndUUID.

private void checkForSessionAndGetUsernameAndUUID() throws SSOException, AuthLoginException {
    if (StringUtils.isEmpty(userName)) {
        // session upgrade case. Need to find the user ID from the old
        SSOTokenManager mgr = SSOTokenManager.getInstance();
        InternalSession isess = getLoginState("OATH").getOldSession();
        if (isess == null) {
            throw new AuthLoginException("amAuth", "noInternalSession", null);
        }
        SSOToken token = mgr.createSSOToken(isess.getID().toString());
        userId = token.getPrincipal().getName();
        userName = token.getProperty("UserToken");
        if (debug.messageEnabled()) {
            debug.message("OATH.process() : Username from SSOToken : " + userName);
        }
        if (StringUtils.isEmpty(userName)) {
            throw new AuthLoginException("amAuth", "noUserName", null);
        }
    }
}
Also used : SSOTokenManager(com.iplanet.sso.SSOTokenManager) SSOToken(com.iplanet.sso.SSOToken) InternalSession(com.iplanet.dpro.session.service.InternalSession) AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)

Example 50 with SSOTokenManager

use of com.iplanet.sso.SSOTokenManager in project OpenAM by OpenRock.

the class AuthClientUtils method isSessionUpgradeOrForceAuth.

/**
     * Tells whether the incoming request corresponds to a session upgrade or ForceAuth.
     *
     * @param request The incoming HttpServletRequest.
     * @return <code>true</code> if the request corresponds to a session upgrade or ForceAuth, <code>false</code>
     * otherwise.
     */
public static boolean isSessionUpgradeOrForceAuth(HttpServletRequest request) {
    Hashtable reqDataHash = parseRequestParameters(request);
    boolean isForceAuth = forceAuthFlagExists(reqDataHash);
    if (!isForceAuth) {
        try {
            SSOTokenManager tokenManager = SSOTokenManager.getInstance();
            SSOToken token = tokenManager.createSSOToken(request);
            return checkSessionUpgrade(token, reqDataHash);
        } catch (SSOException ssoe) {
            if (utilDebug.messageEnabled()) {
                utilDebug.message("Unable to create sso token for isSessionUpgrade check: ", ssoe);
            }
        }
    }
    return isForceAuth;
}
Also used : SSOTokenManager(com.iplanet.sso.SSOTokenManager) SSOToken(com.iplanet.sso.SSOToken) Hashtable(java.util.Hashtable) SSOException(com.iplanet.sso.SSOException)

Aggregations

SSOTokenManager (com.iplanet.sso.SSOTokenManager)53 SSOToken (com.iplanet.sso.SSOToken)48 SSOException (com.iplanet.sso.SSOException)39 IdRepoException (com.sun.identity.idm.IdRepoException)11 AMIdentity (com.sun.identity.idm.AMIdentity)9 AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)8 IOException (java.io.IOException)7 Map (java.util.Map)6 Set (java.util.Set)6 ForbiddenException (org.forgerock.json.resource.ForbiddenException)6 SessionException (com.iplanet.dpro.session.SessionException)5 InternalSession (com.iplanet.dpro.session.service.InternalSession)5 AuthPrincipal (com.sun.identity.authentication.internal.AuthPrincipal)5 AuthException (com.sun.identity.authentication.service.AuthException)5 Iterator (java.util.Iterator)5 AuthContext (com.sun.identity.authentication.AuthContext)4 SMSException (com.sun.identity.sm.SMSException)4 Response (com.iplanet.services.comm.share.Response)3 UnsupportedEncodingException (java.io.UnsupportedEncodingException)3 HashMap (java.util.HashMap)3