use of com.sun.identity.authentication.AuthContext in project OpenAM by OpenRock.
the class AuthXMLHandler method processRequirements.
/*
* process callbacks
*/
private void processRequirements(String xml, AuthContextLocal authContext, AuthXMLResponse authResponse, String params, HttpServletRequest servletRequest) {
String[] paramArray = null;
StringTokenizer paramsSet = null;
if (params != null) {
paramsSet = new StringTokenizer(params, ISAuthConstants.PIPE_SEPARATOR);
}
boolean allCallbacksAreSet = true;
String param;
while (authContext.hasMoreRequirements()) {
Callback[] reqdCallbacks = authContext.getRequirements();
for (int i = 0; i < reqdCallbacks.length; i++) {
if (reqdCallbacks[i] instanceof X509CertificateCallback) {
X509CertificateCallback certCallback = (X509CertificateCallback) reqdCallbacks[i];
LoginState loginState = AuthUtils.getLoginState(authContext);
if (loginState != null) {
X509Certificate cert = loginState.getX509Certificate(servletRequest);
if (cert != null) {
certCallback.setCertificate(cert);
certCallback.setReqSignature(false);
} else {
allCallbacksAreSet = false;
}
}
} else {
param = null;
if (reqdCallbacks[i] instanceof NameCallback) {
param = getNextParam(paramsSet);
if (param != null) {
NameCallback nc = (NameCallback) reqdCallbacks[i];
nc.setName(param);
if (messageEnabled) {
debug.message("Name callback set to " + param);
}
} else {
allCallbacksAreSet = false;
break;
}
} else if (reqdCallbacks[i] instanceof PasswordCallback) {
param = getNextParam(paramsSet);
if (param != null) {
PasswordCallback pc = (PasswordCallback) reqdCallbacks[i];
pc.setPassword(param.toCharArray());
if (messageEnabled) {
debug.message("Password callback is set");
}
} else {
allCallbacksAreSet = false;
break;
}
} else {
if (params == null) {
allCallbacksAreSet = false;
}
}
// add more callbacks if required
}
}
if (getNextParam(paramsSet) != null) {
allCallbacksAreSet = false;
}
if (allCallbacksAreSet) {
if (messageEnabled) {
debug.message("submit callbacks with passed in params");
}
authContext.submitRequirements(reqdCallbacks);
} else {
authResponse.setReqdCallbacks(reqdCallbacks);
break;
}
}
if (!authContext.hasMoreRequirements()) {
AuthContext.Status loginStatus = authContext.getStatus();
if (messageEnabled) {
debug.message(" Status: " + loginStatus);
}
authResponse.setLoginStatus(loginStatus);
}
}
use of com.sun.identity.authentication.AuthContext in project OpenAM by OpenRock.
the class AuthXMLRequestParser method parseXML.
/**
* Parses the authentication request xml document.
*
* @return a AuthXMLRequest object.
* @throws AuthException if it fails to parse the xml.
*/
public AuthXMLRequest parseXML() throws AuthException {
try {
debug.message("entering parseXML");
if (xmlDocument == null) {
return null;
}
authXMLRequest = new AuthXMLRequest();
// get the document root
Element docElem = xmlDocument.getDocumentElement();
if (docElem != null) {
String temp = docElem.getAttribute("version");
if (debug.messageEnabled()) {
debug.message("Request Version is.. : " + temp);
}
if (temp != null) {
authXMLRequest.setRequestVersion(temp);
}
Node requestNode = XMLUtils.getChildNode((Node) docElem, "Request");
String authIdentifier = null;
if (requestNode != null) {
authIdentifier = parseNodeAttributes(requestNode, "authIdentifier");
if (debug.messageEnabled()) {
debug.message("AuthIdentifier is : " + authIdentifier);
}
authXMLRequest.setAuthIdentifier(authIdentifier);
}
Node appSSOTokenNode = XMLUtils.getChildNode((Node) requestNode, "AppSSOToken");
if (appSSOTokenNode != null) {
debug.message("Got the SSO Token node: ");
String appSSOTokenID = XMLUtils.getValueOfValueNode(appSSOTokenNode);
if (appSSOTokenID != null) {
if (debug.messageEnabled()) {
debug.message("Got the Session Id: " + appSSOTokenID);
}
authXMLRequest.setAppSSOTokenID(appSSOTokenID);
}
}
// get the Nodes for the Request Element
// get new auth context node
Node newAuthContextNode = XMLUtils.getChildNode(requestNode, "NewAuthContext");
if (newAuthContextNode != null) {
String orgName = parseNodeAttributes(newAuthContextNode, "orgName");
authXMLRequest.setOrgName(orgName);
authXMLRequest.setRequestType(AuthXMLRequest.NewAuthContext);
AuthContextLocal authContext = AuthUtils.getAuthContext(orgName, authIdentifier, false, servletReq, null, null);
authXMLRequest.setAuthContext(authContext);
}
// get query node
Node queryInfoNode = XMLUtils.getChildNode(requestNode, "QueryInformation");
if (queryInfoNode != null) {
String queryType = parseNodeAttributes(queryInfoNode, "requestedInformation");
authXMLRequest.setRequestInformation(queryType);
authXMLRequest.setRequestType(AuthXMLRequest.QueryInformation);
String orgName = parseNodeAttributes(queryInfoNode, "orgName");
AuthContextLocal authContext = null;
if (orgName != null) {
authContext = AuthUtils.getAuthContext(orgName, servletReq);
} else {
authContext = AuthUtils.getAuthContext(null, authIdentifier, false);
}
authXMLRequest.setAuthContext(authContext);
}
// get login node
Node loginNode = XMLUtils.getChildNode(requestNode, "Login");
if (loginNode != null) {
debug.message("found login node !!");
String orgName = parseNodeAttributes(loginNode, "orgName");
//Let's set the request type to Login by default
authXMLRequest.setRequestType(AuthXMLRequest.Login);
//this method can change the default requesttype to
//LoginIndex type if indexname/indextype was supplied in the
//request
parseLoginNodeElements(loginNode, authXMLRequest);
AuthContext.IndexType indexType = authXMLRequest.getIndexType();
String indexTypeParam = convertIndexType(indexType);
String indexName = authXMLRequest.getIndexName();
if (indexType == AuthContext.IndexType.COMPOSITE_ADVICE) {
//realm name from policy advice has precedence over
//the orgName attribute
orgName = AuthUtils.getRealmFromPolicyAdvice(indexName);
}
AuthContextLocal authContext = null;
if (orgName != null) {
authXMLRequest.setOrgName(orgName);
}
String hostName = parseNodeAttributes(loginNode, "hostName");
if (hostName != null) {
authXMLRequest.setHostName(hostName);
}
String localeAttr = parseNodeAttributes(loginNode, AuthXMLTags.LOCALE);
if (localeAttr != null) {
authXMLRequest.setLocale(localeAttr);
}
String forceAuth = parseNodeAttributes(loginNode, "forceAuth");
if (forceAuth != null) {
authXMLRequest.setForceAuth(forceAuth);
if (debug.messageEnabled()) {
debug.message("AuthXMLRequestParser.parseXML: " + "Got the force auth flag: " + forceAuth);
}
}
boolean forceAuthBool = Boolean.parseBoolean(forceAuth);
authContext = AuthUtils.getAuthContext(orgName, authIdentifier, false, servletReq, indexTypeParam, authXMLRequest, forceAuthBool);
authXMLRequest.setAuthContext(authContext);
if (localeAttr != null) {
LoginState loginState = authContext.getLoginState();
loginState.setRemoteLocale(localeAttr);
}
HttpServletRequest clientRequest = AuthXMLUtils.getRemoteRequest(XMLUtils.getChildNode(requestNode, AuthXMLTags.REMOTE_REQUEST_RESPONSE));
HttpServletResponse clientResponse = AuthXMLUtils.getRemoteResponse(XMLUtils.getChildNode(requestNode, AuthXMLTags.REMOTE_REQUEST_RESPONSE));
authXMLRequest.setClientRequest(clientRequest);
authXMLRequest.setClientResponse(clientResponse);
}
// get submit requirements node
Node submitReqNode = XMLUtils.getChildNode(requestNode, "SubmitRequirements");
if (submitReqNode != null) {
authXMLRequest.setRequestType(AuthXMLRequest.SubmitRequirements);
AuthContextLocal authContext = AuthUtils.getAuthContext(servletReq, authIdentifier);
authXMLRequest.setAuthContext(authContext);
Callback[] callbacks = AuthUtils.getRecdCallback(authContext);
parseSubmitReqElements(submitReqNode, authXMLRequest, callbacks);
String localeStr = authXMLRequest.getLocale();
LoginState loginState = authContext.getLoginState();
loginState.setRemoteLocale(localeStr);
HttpServletRequest clientRequest = AuthXMLUtils.getRemoteRequest(XMLUtils.getChildNode(requestNode, AuthXMLTags.REMOTE_REQUEST_RESPONSE));
HttpServletResponse clientResponse = AuthXMLUtils.getRemoteResponse(XMLUtils.getChildNode(requestNode, AuthXMLTags.REMOTE_REQUEST_RESPONSE));
authXMLRequest.setClientRequest(clientRequest);
authXMLRequest.setClientResponse(clientResponse);
}
// get logout node
Node logoutNode = XMLUtils.getChildNode(requestNode, "Logout");
if (logoutNode != null) {
authXMLRequest.setRequestType(AuthXMLRequest.Logout);
}
// get abort node
Node abortNode = XMLUtils.getChildNode(requestNode, "Abort");
if (abortNode != null) {
authXMLRequest.setRequestType(AuthXMLRequest.Abort);
AuthContextLocal authContext = AuthUtils.getAuthContext(null, authIdentifier, true);
authXMLRequest.setAuthContext(authContext);
}
}
} catch (AuthException e) {
throw e;
} catch (Exception e) {
debug.message("Error in parseXML: : ", e);
}
return authXMLRequest;
}
use of com.sun.identity.authentication.AuthContext in project OpenAM by OpenRock.
the class Authenticator method sessionBasedLoginInternal.
private AuthContext sessionBasedLoginInternal(CommandManager mgr, String bindUser, String bindPwd, String indexType, String indexName) throws CLIException {
AuthContext lc = getAuthContext(mgr, indexType, indexName);
processCallback(mgr, lc, bindUser, bindPwd);
try {
lc.getSSOToken();
} catch (Exception e) {
ResourceBundle rb = mgr.getResourceBundle();
throw new CLIException(rb.getString("exception-session-based-login-failed"), ExitCodes.SESSION_BASED_LOGIN_FAILED);
}
return lc;
}
use of com.sun.identity.authentication.AuthContext in project OpenAM by OpenRock.
the class Authenticator method sessionBasedLogin.
public AuthContext sessionBasedLogin(CommandManager mgr, String bindUser, String bindPwd) throws CLIException {
String[] param = { bindUser };
LogWriter.log(mgr, LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_LOGIN", param, null);
try {
AuthContext ac = sessionBasedLoginInternal(mgr, bindUser, bindPwd);
LogWriter.log(mgr, LogWriter.LOG_ACCESS, Level.INFO, "SUCCEED_LOGIN", param, null);
return ac;
} catch (CLIException e) {
String[] params = { bindUser, e.getMessage() };
LogWriter.log(mgr, LogWriter.LOG_ERROR, Level.INFO, "FAILED_LOGIN", params, null);
throw e;
}
}
use of com.sun.identity.authentication.AuthContext in project OpenAM by OpenRock.
the class SessionCommand method handleRequest.
public void handleRequest(RequestContext rc) throws CLIException {
super.handleRequest(rc);
Authenticator auth = Authenticator.getInstance();
String bindUser = getAdminID();
AuthContext lc = auth.sessionBasedLogin(getCommandManager(), bindUser, getAdminPassword());
try {
boolean isQuiet = isOptionSet(QUIET_PARAM);
handleRequest(lc.getSSOToken(), isQuiet);
try {
lc.logout();
} catch (AuthLoginException e) {
throw new CLIException(e, ExitCodes.SESSION_BASED_LOGOUT_FAILED);
}
} catch (Exception e) {
throw new CLIException(e, ExitCodes.SESSION_BASED_LOGIN_FAILED);
}
}
Aggregations