Example 6 with AuthException
use of com.sun.identity.authentication.service.AuthException in project OpenAM by OpenRock.
the class LoginAuthenticator method startLoginProcess.
/**
* Starts the login process by calling the appropriate login() method on the underlying AuthContextLocal.
*
* @param loginProcess The Login Process object that will maintain the login process state for the request.
* @return The Login Process object.
* @throws AuthLoginException If there is a problem starting the login process.
*/
LoginProcess startLoginProcess(LoginProcess loginProcess) throws AuthLoginException {
LoginConfiguration loginConfiguration = loginProcess.getLoginConfiguration();
HttpServletRequest request = loginConfiguration.getHttpRequest();
AuthIndexType indexType = loginConfiguration.getIndexType();
String indexValue = loginConfiguration.getIndexValue();
AuthenticationContext authContext = loginProcess.getAuthContext();
if (indexType != null && indexType.equals(AuthIndexType.RESOURCE)) {
Map<String, Set<String>> envMap = coreServicesWrapper.getEnvMap(request);
// If the resource value is the string "true" then get the value from the resourceURL or goto parameter
if (StringUtils.isBlank(indexValue) || Boolean.parseBoolean(indexValue)) {
indexValue = coreServicesWrapper.getResourceURL(request);
}
authContext.login(indexType.getIndexType(), indexValue, envMap, null);
} else if (indexType != null && indexType.getIndexType() != null) {
authContext.login(indexType.getIndexType(), indexValue);
} else {
authContext.login();
}
// When starting a new login process, add the load balancer cookies to the response.
try {
HttpServletResponse response = loginConfiguration.getHttpResponse();
coreServicesWrapper.setLbCookie(authContext.getAuthContext(), request, response);
} catch (AuthException e) {
throw new AuthLoginException(e);
}
return loginProcess;
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
Set(java.util.Set)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
AuthException(com.sun.identity.authentication.service.AuthException)
RestAuthException(org.forgerock.openam.core.rest.authn.exceptions.RestAuthException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
Example 7 with AuthException
use of com.sun.identity.authentication.service.AuthException in project OpenAM by OpenRock.
the class AuthXMLHandler method processRequest.
/* process the request */
private Response processRequest(PLLAuditor auditor, Request req, HttpServletRequest servletReq, HttpServletResponse servletRes) {
// this call is to create a http session so that the JSESSIONID cookie
// is created. The appserver(8.1) load balancer plugin relies on the
// JSESSIONID cookie to set its JROUTE sticky cookie.
debug.message("=======================Entering processRequest");
servletReq.getSession(true);
String content = req.getContent();
AuthXMLResponse authResponse = null;
// Check for mis-routed requests
String cookieURL = null;
int index = content.indexOf(AuthXMLTags.AUTH_ID_HANDLE);
if (index != -1) {
// Check for mis-routed requests, get server URL for
// AuthIdentifier
int beginIndex = content.indexOf('"', index);
int endIndex = content.indexOf('"', beginIndex + 1);
String authIdentifier = content.substring(beginIndex + 1, endIndex);
if (debug.messageEnabled()) {
debug.message("authIdentifier = " + authIdentifier + "beginIndex = " + beginIndex + "endIndex =" + endIndex);
}
if (!authIdentifier.equals("0")) {
try {
SessionID sessionID = new SessionID(authIdentifier);
URL sessionServerURL = SESSION_SERVICE_URL_SERVICE.getSessionServiceURL(sessionID);
StringBuilder srtBuff = new StringBuilder(100);
srtBuff.append(sessionServerURL.getProtocol()).append("://").append(sessionServerURL.getHost()).append(":").append(Integer.toString(sessionServerURL.getPort())).append(serviceURI);
cookieURL = srtBuff.toString();
} catch (Exception exp) {
debug.error("Error in getting URL from session", exp);
cookieURL = null;
}
}
}
if ((cookieURL != null) && (cookieURL.trim().length() != 0) && !(AuthUtils.isLocalServer(cookieURL, serviceURI))) {
// Routing to the correct server, the looks like a mis-routed
// requested.
HashMap cookieTable = new HashMap();
Map headers = new HashMap();
Enumeration headerNames = servletReq.getHeaderNames();
while (headerNames.hasMoreElements()) {
String headerName = (String) headerNames.nextElement();
List headerValues = new ArrayList();
Enumeration enum1 = servletReq.getHeaders(headerName);
while (enum1.hasMoreElements()) {
headerValues.add(enum1.nextElement());
}
headers.put(headerName, headerValues);
}
if (debug.messageEnabled()) {
debug.message("Headers: " + headers);
}
PLLClient.parseCookies(headers, cookieTable);
if (debug.messageEnabled()) {
debug.message("Cookies: " + cookieTable);
}
RequestSet set = new RequestSet(AuthXMLTags.AUTH_SERVICE);
set.addRequest(req);
try {
Vector responses = PLLClient.send(new URL(cookieURL), set, cookieTable);
if (!responses.isEmpty()) {
auditor.auditAccessAttempt();
// Just record result as success here to avoid parsing response
auditor.auditAccessSuccess();
debug.message("=====================Returning redirected");
return ((Response) responses.elementAt(0));
}
} catch (Exception e) {
debug.error("Error in misrouted ", e);
// Attempt to contact server failed
authResponse = new AuthXMLResponse(AuthXMLRequest.NewAuthContext);
setErrorCode(authResponse, e);
auditor.auditAccessAttempt();
auditor.auditAccessFailure(authResponse.errorCode, authResponse.authErrorMessage);
return new Response(authResponse.toXMLString());
}
}
// Either local request or new request, handle it locally
try {
AuthXMLRequest sreq = AuthXMLRequest.parseXML(content, servletReq);
sreq.setHttpServletRequest(servletReq);
authResponse = processAuthXMLRequest(content, auditor, sreq, servletReq, servletRes);
} catch (AuthException e) {
debug.error("Got Auth Exception", e);
authResponse = new AuthXMLResponse(AuthXMLRequest.NewAuthContext);
authResponse.setErrorCode(e.getErrorCode());
} catch (Exception ex) {
debug.error("Error while processing xml request", ex);
authResponse = new AuthXMLResponse(AuthXMLRequest.NewAuthContext);
setErrorCode(authResponse, ex);
}
debug.message("=======================Returning");
if (authResponse.isException) {
auditor.auditAccessFailure(authResponse.errorCode, authResponse.authErrorMessage);
} else {
auditor.auditAccessSuccess();
}
return new Response(authResponse.toXMLString());
}
Also used :
Enumeration(java.util.Enumeration)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
AuthException(com.sun.identity.authentication.service.AuthException)
URL(java.net.URL)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
SSOException(com.iplanet.sso.SSOException)
AuthException(com.sun.identity.authentication.service.AuthException)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
Response(com.iplanet.services.comm.share.Response)
RequestSet(com.iplanet.services.comm.share.RequestSet)
List(java.util.List)
ArrayList(java.util.ArrayList)
SessionID(com.iplanet.dpro.session.SessionID)
Map(java.util.Map)
HashMap(java.util.HashMap)
Vector(java.util.Vector)
Example 8 with AuthException
use of com.sun.identity.authentication.service.AuthException in project OpenAM by OpenRock.
the class AuthXMLRequestParser method parseXML.
/**
* Parses the authentication request xml document.
*
* @return a AuthXMLRequest object.
* @throws AuthException if it fails to parse the xml.
*/
public AuthXMLRequest parseXML() throws AuthException {
try {
debug.message("entering parseXML");
if (xmlDocument == null) {
return null;
}
authXMLRequest = new AuthXMLRequest();
// get the document root
Element docElem = xmlDocument.getDocumentElement();
if (docElem != null) {
String temp = docElem.getAttribute("version");
if (debug.messageEnabled()) {
debug.message("Request Version is.. : " + temp);
}
if (temp != null) {
authXMLRequest.setRequestVersion(temp);
}
Node requestNode = XMLUtils.getChildNode((Node) docElem, "Request");
String authIdentifier = null;
if (requestNode != null) {
authIdentifier = parseNodeAttributes(requestNode, "authIdentifier");
if (debug.messageEnabled()) {
debug.message("AuthIdentifier is : " + authIdentifier);
}
authXMLRequest.setAuthIdentifier(authIdentifier);
}
Node appSSOTokenNode = XMLUtils.getChildNode((Node) requestNode, "AppSSOToken");
if (appSSOTokenNode != null) {
debug.message("Got the SSO Token node: ");
String appSSOTokenID = XMLUtils.getValueOfValueNode(appSSOTokenNode);
if (appSSOTokenID != null) {
if (debug.messageEnabled()) {
debug.message("Got the Session Id: " + appSSOTokenID);
}
authXMLRequest.setAppSSOTokenID(appSSOTokenID);
}
}
// get the Nodes for the Request Element
// get new auth context node
Node newAuthContextNode = XMLUtils.getChildNode(requestNode, "NewAuthContext");
if (newAuthContextNode != null) {
String orgName = parseNodeAttributes(newAuthContextNode, "orgName");
authXMLRequest.setOrgName(orgName);
authXMLRequest.setRequestType(AuthXMLRequest.NewAuthContext);
AuthContextLocal authContext = AuthUtils.getAuthContext(orgName, authIdentifier, false, servletReq, null, null);
authXMLRequest.setAuthContext(authContext);
}
// get query node
Node queryInfoNode = XMLUtils.getChildNode(requestNode, "QueryInformation");
if (queryInfoNode != null) {
String queryType = parseNodeAttributes(queryInfoNode, "requestedInformation");
authXMLRequest.setRequestInformation(queryType);
authXMLRequest.setRequestType(AuthXMLRequest.QueryInformation);
String orgName = parseNodeAttributes(queryInfoNode, "orgName");
AuthContextLocal authContext = null;
if (orgName != null) {
authContext = AuthUtils.getAuthContext(orgName, servletReq);
} else {
authContext = AuthUtils.getAuthContext(null, authIdentifier, false);
}
authXMLRequest.setAuthContext(authContext);
}
// get login node
Node loginNode = XMLUtils.getChildNode(requestNode, "Login");
if (loginNode != null) {
debug.message("found login node !!");
String orgName = parseNodeAttributes(loginNode, "orgName");
//Let's set the request type to Login by default
authXMLRequest.setRequestType(AuthXMLRequest.Login);
//this method can change the default requesttype to
//LoginIndex type if indexname/indextype was supplied in the
//request
parseLoginNodeElements(loginNode, authXMLRequest);
AuthContext.IndexType indexType = authXMLRequest.getIndexType();
String indexTypeParam = convertIndexType(indexType);
String indexName = authXMLRequest.getIndexName();
if (indexType == AuthContext.IndexType.COMPOSITE_ADVICE) {
//realm name from policy advice has precedence over
//the orgName attribute
orgName = AuthUtils.getRealmFromPolicyAdvice(indexName);
}
AuthContextLocal authContext = null;
if (orgName != null) {
authXMLRequest.setOrgName(orgName);
}
String hostName = parseNodeAttributes(loginNode, "hostName");
if (hostName != null) {
authXMLRequest.setHostName(hostName);
}
String localeAttr = parseNodeAttributes(loginNode, AuthXMLTags.LOCALE);
if (localeAttr != null) {
authXMLRequest.setLocale(localeAttr);
}
String forceAuth = parseNodeAttributes(loginNode, "forceAuth");
if (forceAuth != null) {
authXMLRequest.setForceAuth(forceAuth);
if (debug.messageEnabled()) {
debug.message("AuthXMLRequestParser.parseXML: " + "Got the force auth flag: " + forceAuth);
}
}
boolean forceAuthBool = Boolean.parseBoolean(forceAuth);
authContext = AuthUtils.getAuthContext(orgName, authIdentifier, false, servletReq, indexTypeParam, authXMLRequest, forceAuthBool);
authXMLRequest.setAuthContext(authContext);
if (localeAttr != null) {
LoginState loginState = authContext.getLoginState();
loginState.setRemoteLocale(localeAttr);
}
HttpServletRequest clientRequest = AuthXMLUtils.getRemoteRequest(XMLUtils.getChildNode(requestNode, AuthXMLTags.REMOTE_REQUEST_RESPONSE));
HttpServletResponse clientResponse = AuthXMLUtils.getRemoteResponse(XMLUtils.getChildNode(requestNode, AuthXMLTags.REMOTE_REQUEST_RESPONSE));
authXMLRequest.setClientRequest(clientRequest);
authXMLRequest.setClientResponse(clientResponse);
}
// get submit requirements node
Node submitReqNode = XMLUtils.getChildNode(requestNode, "SubmitRequirements");
if (submitReqNode != null) {
authXMLRequest.setRequestType(AuthXMLRequest.SubmitRequirements);
AuthContextLocal authContext = AuthUtils.getAuthContext(servletReq, authIdentifier);
authXMLRequest.setAuthContext(authContext);
Callback[] callbacks = AuthUtils.getRecdCallback(authContext);
parseSubmitReqElements(submitReqNode, authXMLRequest, callbacks);
String localeStr = authXMLRequest.getLocale();
LoginState loginState = authContext.getLoginState();
loginState.setRemoteLocale(localeStr);
HttpServletRequest clientRequest = AuthXMLUtils.getRemoteRequest(XMLUtils.getChildNode(requestNode, AuthXMLTags.REMOTE_REQUEST_RESPONSE));
HttpServletResponse clientResponse = AuthXMLUtils.getRemoteResponse(XMLUtils.getChildNode(requestNode, AuthXMLTags.REMOTE_REQUEST_RESPONSE));
authXMLRequest.setClientRequest(clientRequest);
authXMLRequest.setClientResponse(clientResponse);
}
// get logout node
Node logoutNode = XMLUtils.getChildNode(requestNode, "Logout");
if (logoutNode != null) {
authXMLRequest.setRequestType(AuthXMLRequest.Logout);
}
// get abort node
Node abortNode = XMLUtils.getChildNode(requestNode, "Abort");
if (abortNode != null) {
authXMLRequest.setRequestType(AuthXMLRequest.Abort);
AuthContextLocal authContext = AuthUtils.getAuthContext(null, authIdentifier, true);
authXMLRequest.setAuthContext(authContext);
}
}
} catch (AuthException e) {
throw e;
} catch (Exception e) {
debug.message("Error in parseXML: : ", e);
}
return authXMLRequest;
}
Also used :
Element(org.w3c.dom.Element)
Node(org.w3c.dom.Node)
AuthContext(com.sun.identity.authentication.AuthContext)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
AuthException(com.sun.identity.authentication.service.AuthException)
AuthException(com.sun.identity.authentication.service.AuthException)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
Callback(javax.security.auth.callback.Callback)
LoginState(com.sun.identity.authentication.service.LoginState)
Aggregations
AuthException (com.sun.identity.authentication.service.AuthException)8
AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)5
SSOException (com.iplanet.sso.SSOException)4
LoginState (com.sun.identity.authentication.service.LoginState)3
HttpServletRequest (javax.servlet.http.HttpServletRequest)3
HttpServletResponse (javax.servlet.http.HttpServletResponse)3
SessionID (com.iplanet.dpro.session.SessionID)2
InternalSession (com.iplanet.dpro.session.service.InternalSession)2
RequestSet (com.iplanet.services.comm.share.RequestSet)2
AuthContext (com.sun.identity.authentication.AuthContext)2
IOException (java.io.IOException)2
ArrayList (java.util.ArrayList)2
Enumeration (java.util.Enumeration)2
HashMap (java.util.HashMap)2
List (java.util.List)2
Map (java.util.Map)2
Set (java.util.Set)2
Vector (java.util.Vector)2
Callback (javax.security.auth.callback.Callback)2
SessionException (com.iplanet.dpro.session.SessionException)1
