Search in sources :

Example 16 with ISLocaleContext

use of com.sun.identity.common.ISLocaleContext in project OpenAM by OpenRock.

the class LocaleContext method getLocale.

/**
     * The {@link Locale} corresponding to the incoming request.
     * @return The client's preferred locale.
     */
public Locale getLocale() {
    if (locale == null) {
        final HttpContext httpContext = asContext(HttpContext.class);
        ISLocaleContext localeContext = new ISLocaleContext();
        localeContext.setLocale(httpContext);
        locale = localeContext.getLocale();
    }
    return locale;
}
Also used : HttpContext(org.forgerock.json.resource.http.HttpContext) ISLocaleContext(com.sun.identity.common.ISLocaleContext)

Example 17 with ISLocaleContext

use of com.sun.identity.common.ISLocaleContext in project OpenAM by OpenRock.

the class LoginServlet method initializeRequestContext.

/**
     *
     *
     */
protected void initializeRequestContext(RequestContext requestContext) {
    super.initializeRequestContext(requestContext);
    // Set a view bean manager in the request context.  This must be
    // done at the module level because the view bean manager is
    // module specifc.
    ViewBeanManager viewBeanManager = new ViewBeanManager(requestContext, PACKAGE_NAME);
    ((RequestContextImpl) requestContext).setViewBeanManager(viewBeanManager);
    HttpServletRequest request = requestContext.getRequest();
    HttpServletResponse response = requestContext.getResponse();
    // by redirecting the response with dummy cookie.
    if (checkForCookiesInBrowser(request, response, debug)) {
        throw new CompleteRequestException();
    }
    // Check content length
    try {
        RequestUtils.checkContentLength(request);
    } catch (L10NMessageImpl e) {
        if (debug.messageEnabled()) {
            ISLocaleContext localeContext = new ISLocaleContext();
            localeContext.setLocale(request);
            java.util.Locale locale = localeContext.getLocale();
            debug.message("LoginServlet: " + e.getL10NMessage(locale));
        }
        AuthExceptionViewBean vb = (AuthExceptionViewBean) viewBeanManager.getViewBean(com.sun.identity.authentication.UI.AuthExceptionViewBean.class);
        vb.forwardTo(requestContext);
        throw new CompleteRequestException();
    }
    // Check if the hostname in the URL is an FQDN else
    // redirect to the fqdn
    String client_type = AuthUtils.getClientType(request);
    if (debug.messageEnabled()) {
        debug.message("Client Type = " + client_type);
    }
    String hostName = AuthUtils.getHostName(request);
    if (!AuthUtils.isValidFQDNRequest(hostName)) {
        try {
            String newHN = AuthUtils.getValidFQDNResource(hostName, request);
            if (debug.messageEnabled()) {
                debug.message("FQDN = " + newHN);
            }
            if (AuthUtils.isGenericHTMLClient(client_type)) {
                debug.message("This is HTML");
                response.sendRedirect(newHN);
            } else {
                String fileName = AuthUtils.getDefaultFileName(request, REDIRECT_JSP);
                if (debug.messageEnabled()) {
                    debug.message("Forward to : " + fileName);
                }
                RequestDispatcher dispatcher = request.getRequestDispatcher(fileName);
                dispatcher.forward(request, response);
            }
        } catch (Exception e) {
        // came here continue
        }
        throw new CompleteRequestException();
    }
    final boolean isLoginRequest = LOGIN_PAGE_NAME.equals(getPageName(request));
    String cookieURL = AuthUtils.getCookieURLForSessionUpgrade(request);
    if (cookieURL != null && isLoginRequest) {
        rerouteRequest(request, response, cookieURL);
        return;
    }
    // Check whether this is the correct server to accept the client
    // response.
    String authCookieValue = AuthUtils.getAuthCookieValue(request);
    if ((authCookieValue != null) && (authCookieValue.length() != 0) && (!authCookieValue.equalsIgnoreCase("LOGOUT"))) {
        //send Auth request to cookie (original) server
        try {
            SessionID sessionID = new SessionID(authCookieValue);
            cookieURL = AuthUtils.getCookieURL(sessionID);
        } catch (Exception e) {
            if (debug.messageEnabled()) {
                debug.message("LoginServlet error in Session : " + e.toString());
            }
        }
        if (debug.messageEnabled()) {
            debug.message("cookieURL : " + cookieURL);
        }
        if (isLoginRequest && cookieURL != null && !cookieURL.isEmpty() && !AuthUtils.isLocalServer(cookieURL, true) && !AuthUtils.isSessionUpgradeOrForceAuth(request)) {
            rerouteRequest(request, response, cookieURL);
        }
    }
}
Also used : L10NMessageImpl(com.sun.identity.shared.locale.L10NMessageImpl) RequestContextImpl(com.iplanet.jato.RequestContextImpl) CompleteRequestException(com.iplanet.jato.CompleteRequestException) HttpServletResponse(javax.servlet.http.HttpServletResponse) ViewBeanManager(com.iplanet.jato.ViewBeanManager) RequestDispatcher(javax.servlet.RequestDispatcher) ServletException(javax.servlet.ServletException) CompleteRequestException(com.iplanet.jato.CompleteRequestException) HttpServletRequest(javax.servlet.http.HttpServletRequest) ISLocaleContext(com.sun.identity.common.ISLocaleContext) SessionID(com.iplanet.dpro.session.SessionID)

Example 18 with ISLocaleContext

use of com.sun.identity.common.ISLocaleContext in project OpenAM by OpenRock.

the class LoginViewBean method handleNewOrgResponse.

private void handleNewOrgResponse(SSOToken ssoToken) {
    String strButton = (String) reqDataHash.get(BUTTON);
    if (strButton == null) {
        strButton = (String) reqDataHash.get(BUTTON_OLD);
    }
    if (loginDebug.messageEnabled()) {
        loginDebug.message("Submit with button : " + strButton);
    }
    if (strButton != null && !strButton.isEmpty()) {
        ISLocaleContext localeContext = new ISLocaleContext();
        localeContext.setLocale(request);
        fallbackLocale = localeContext.getLocale();
        rb = rbCache.getResBundle(bundleName, fallbackLocale);
        if (strButton.trim().equals(rb.getString("Yes").trim())) {
            logIntoDiffOrg = true;
            loginDebug.message("Submit with YES. Destroy session.");
            clearCookie(AuthUtils.getCookieName());
            AuthUtils.clearHostUrlCookie(response);
            AuthUtils.clearlbCookie(request, response);
            try {
                SSOTokenManager tokenMgr = SSOTokenManager.getInstance();
                tokenMgr.destroyToken(ssoToken);
            } catch (SSOException ssoe) {
                loginDebug.message("Unable to destroy old session for new_org case", ssoe);
            }
        } else if (strButton.trim().equals(rb.getString("No").trim())) {
            loginDebug.message("Aborting different realm auth");
            logIntoDiffOrg = false;
        }
    } else {
        setErrorMessage(null);
    }
}
Also used : SSOTokenManager(com.iplanet.sso.SSOTokenManager) SSOException(com.iplanet.sso.SSOException) ISLocaleContext(com.sun.identity.common.ISLocaleContext)

Example 19 with ISLocaleContext

use of com.sun.identity.common.ISLocaleContext in project OpenAM by OpenRock.

the class LoginViewBean method forwardTo.

/**
     * Forwards the request to this view bean, displaying the page. This
     * method is the equivalent of <code>RequestDispatcher.forward()</code>,
     * meaning that the same semantics apply to the use of this method.
     * This method makes implicit use of the display URL returned
     * by the <code>getDisplayURL()</code> method.
     * @param requestContext servlet context for auth request
     */
public void forwardTo(RequestContext requestContext) {
    loginDebug.message("In forwardTo()");
    SSOToken ssoToken = null;
    if (requestContext != null) {
        request = requestContext.getRequest();
        response = requestContext.getResponse();
    }
    response.setHeader("Pragma", "no-cache");
    response.setHeader("Expires", "0");
    if (AuthClientUtils.isVersionHeaderEnabled()) {
        response.setHeader("X-DSAMEVersion", AuthClientUtils.getDSAMEVersion());
    }
    // get request ( GET ) parameters for 'login' process
    reqDataHash = AuthUtils.parseRequestParameters(request);
    /*if (loginDebug.messageEnabled()) {
            loginDebug.message("request data hash : " + reqDataHash);
        }*/
    client_type = AuthUtils.getClientType(request);
    // Set header for Misrouted server's usage
    response.setHeader("AM_CLIENT_TYPE", client_type);
    if (loginDebug.messageEnabled()) {
        loginDebug.message("Client Type is: " + client_type);
        loginDebug.message("Request method is : " + request.getMethod());
    }
    if (request.getMethod().equalsIgnoreCase("POST")) {
        isPost = true;
    }
    SessionID sessionID = null;
    InternalSession intSession = null;
    try {
        boolean isBackPost = false;
        // if the request is a GET then iPlanetAMDirectoryPro cookie
        // will be used to retrieve the session for session upgrade
        sessionID = AuthUtils.getSessionIDFromRequest(request);
        ssoToken = AuthUtils.getExistingValidSSOToken(sessionID);
        //Check for session Timeout	 
        if ((ssoToken == null) && (sessionID != null) && (sessionID.toString().length() != 0)) {
            if (AuthUtils.isTimedOut(sessionID)) {
                clearCookie(request);
                errorCode = AMAuthErrorCode.AUTH_TIMEOUT;
                ErrorMessage = AuthUtils.getErrorVal(AMAuthErrorCode.AUTH_TIMEOUT, AuthUtils.ERROR_MESSAGE);
                errorTemplate = AuthUtils.getErrorVal(AMAuthErrorCode.AUTH_TIMEOUT, AuthUtils.ERROR_TEMPLATE);
                ISLocaleContext localeContext = new ISLocaleContext();
                localeContext.setLocale(request);
                java.util.Locale locale = localeContext.getLocale();
                rb = rbCache.getResBundle(bundleName, locale);
                super.forwardTo(requestContext);
                return;
            }
        }
        forceAuth = AuthUtils.forceAuthFlagExists(reqDataHash);
        if (ssoToken != null) {
            if (AuthUtils.newSessionArgExists(reqDataHash)) {
                SSOTokenManager.getInstance().destroyToken(ssoToken);
            } else {
                loginDebug.message("Old Session is Active.");
                newOrgExist = checkNewOrg(ssoToken);
                if (newOrg) {
                    sessionID = new SessionID();
                }
                if (!newOrgExist) {
                    if (isPost) {
                        isBackPost = canGetOrigCredentials(ssoToken);
                    }
                    if (forceAuth) {
                        sessionUpgrade = true;
                    } else {
                        sessionUpgrade = AuthUtils.checkSessionUpgrade(ssoToken, reqDataHash);
                    }
                    if (loginDebug.messageEnabled()) {
                        loginDebug.message("Session Upgrade = " + sessionUpgrade);
                    }
                }
            }
        }
        if ("true".equals(request.getParameter("new_org"))) {
            ssoToken = AuthUtils.getExistingValidSSOToken(new SessionID(request));
            handleNewOrgResponse(ssoToken);
            if (logIntoDiffOrg) {
                //session is already deleted, so we should just continue our login process
                newOrgExist = true;
            } else {
                ac = AuthUtils.getAuthContext(request, response, sessionID, sessionUpgrade, isBackPost);
                clearCookieAndDestroySession(ac);
            }
        }
        if ((ssoToken != null) && !sessionUpgrade && !newOrgExist) {
            try {
                loginDebug.message("Session is Valid / already " + "authenticated");
                bValidSession = true;
                /*
                     * redirect to 'goto' parameter or SPI hook or default
                     * redirect URL.
                     */
                if (request != null) {
                    redirect_url = AuthUtils.getValidGotoURL(request, ssoToken.getProperty("Organization"));
                    if ((redirect_url == null) || (redirect_url.length() == 0)) {
                        redirect_url = ssoToken.getProperty(ISAuthConstants.SUCCESS_URL);
                    }
                }
                if (redirect_url == null) {
                    ResultVal = rb.getString("authentication.already.login");
                }
                LoginSuccess = true;
                boolean doForward = AuthUtils.forwardSuccessExists(request);
                if (doForward || (redirect_url != null && (redirect_url.startsWith(SSO_REDIRECT) || redirect_url.startsWith(SSO_POST)))) {
                    if (loginDebug.messageEnabled()) {
                        loginDebug.message("LoginViewBean.forwardRequest=true");
                        loginDebug.message("LoginViewBean.forwardTo():Forward URL before appending cookie is " + redirect_url);
                        loginDebug.message("LoginViewBean.forwardTo():Final Forward URL is " + redirect_url);
                    }
                    RequestDispatcher dispatcher = request.getRequestDispatcher(redirect_url);
                    request.setAttribute(Constants.FORWARD_PARAM, Constants.FORWARD_YES_VALUE);
                    dispatcher.forward(request, response);
                } else {
                    response.sendRedirect(redirect_url);
                }
                return;
            } catch (Exception er) {
                if (loginDebug.messageEnabled()) {
                    loginDebug.message("Session getState exception: ", er);
                }
                setErrorMessage(er);
            }
        }
        ac = AuthUtils.getAuthContext(request, response, sessionID, sessionUpgrade, isBackPost);
        if (sessionID != null) {
            intSession = AuthD.getSession(sessionID);
        }
        if ((intSession != null) && (intSession.isTimedOut())) {
            //Session Timeout
            // clear the cookie only if cookie supported
            loginDebug.message("Session timeout TRUE");
            if (sessionUpgrade) {
                try {
                    redirect_url = getPrevSuccessURLAndSetCookie();
                    clearGlobals();
                    response.sendRedirect(redirect_url);
                    return;
                } catch (Exception e) {
                    loginDebug.message("Error redirecting :", e);
                }
            } else {
                // clear AM Cookie if it exists.
                if (CookieUtils.getCookieValueFromReq(request, AuthUtils.getCookieName()) != null) {
                    clearCookie(AuthUtils.getCookieName());
                }
                // clear Auth Cookie if it exists.
                if (CookieUtils.getCookieValueFromReq(request, AuthUtils.getAuthCookieName()) != null) {
                    clearCookie(AuthUtils.getAuthCookieName());
                }
                loginURL = intSession.getProperty(ISAuthConstants.FULL_LOGIN_URL);
                errorTemplate = AuthUtils.getErrorVal(AMAuthErrorCode.AUTH_TIMEOUT, AuthUtils.ERROR_TEMPLATE);
                errorCode = AMAuthErrorCode.AUTH_TIMEOUT;
                ErrorMessage = AuthUtils.getErrorVal(AMAuthErrorCode.AUTH_TIMEOUT, AuthUtils.ERROR_MESSAGE);
            }
        }
        java.util.Locale locale = com.sun.identity.shared.locale.Locale.getLocale(AuthUtils.getLocale(ac));
        fallbackLocale = locale;
        rb = rbCache.getResBundle(bundleName, locale);
        if (loginDebug.messageEnabled()) {
            loginDebug.message("ac = " + ac);
            loginDebug.message("JSPLocale = " + locale);
        }
        if (sessionUpgrade) {
            ac.getLoginState().setForceAuth(forceAuth);
        }
        if (!AuthUtils.getInetDomainStatus(ac)) {
            //domain inactive
            if ((errorTemplate == null) || (errorTemplate.length() == 0)) {
                setErrorMessage(null);
            }
        }
        // add cookie only if cookie is supported
        if (!isBackPost) {
            loginURL = AuthUtils.getLoginURL(ac);
        }
        /*if (loginDebug.messageEnabled()) {
                loginDebug.message("loginURL : " + loginURL);
            }*/
        // Check whether need to detect the cookie support in the browser
        String cookieless = (String) request.getAttribute("displayCookieError");
        if (cookieless != null && cookieless.equals("true")) {
            ErrorMessage = rb.getString("nocookiesupport");
            errorTemplate = "Message.jsp";
        }
        if (AuthUtils.isNewRequest(ac)) {
            loginDebug.message("New AuthContext created");
            if (AuthUtils.isCookieSupported(ac)) {
                if (AuthUtils.persistAMCookie(reqDataHash)) {
                    enableCookieTimeToLive();
                }
                setCookie();
                setlbCookie();
            }
        } else {
            // check if client still have the cookie we set.
            if (AuthUtils.isCookieSet(ac)) {
                if (AuthUtils.checkForCookies(request, ac)) {
                    loginDebug.message("Client support cookie");
                    AuthUtils.setCookieSupported(ac, true);
                } else {
                    loginDebug.message("Client do not support cookie");
                    AuthUtils.setCookieSupported(ac, false);
                }
            }
        }
    } catch (Exception e) {
        ISLocaleContext localeContext = new ISLocaleContext();
        localeContext.setLocale(request);
        fallbackLocale = localeContext.getLocale();
        rb = rbCache.getResBundle(bundleName, fallbackLocale);
        if (loginDebug.messageEnabled()) {
            loginDebug.message("JSPLocale = " + fallbackLocale);
        }
        setErrorMessage(e);
        jsp_page = errorTemplate;
        if (requestContext == null) {
            return;
        }
        super.forwardTo(requestContext);
        return;
    }
    if (errorTemplate == null || errorTemplate.isEmpty()) {
        processLogin();
        if (requestContext == null) {
            // solve the recursive case
            clearGlobals();
            return;
        }
    }
    if ((redirect_url != null) && (redirect_url.length() != 0)) {
        // forward check for liberty federation, if the redirect_url
        // is the federation post login servlet, use forward instead
        boolean doForward = AuthUtils.isForwardSuccess(ac, request);
        if (AuthUtils.isGenericHTMLClient(client_type) || doForward) {
            try {
                if (loginDebug.messageEnabled()) {
                    loginDebug.message("Send Redirect to " + redirect_url);
                }
                // destroy session if necessary.
                InternalSession oldSession = AuthUtils.getOldSession(ac);
                if (ac.getStatus() == AuthContext.Status.FAILED) {
                    loginDebug.message("forwardTo(): Auth failed - Destroy Session!");
                    if (AuthUtils.isSessionUpgrade(ac)) {
                        clearCookieAndDestroySession(ac);
                        loginDebug.message("forwardTo(): Session upgrade - " + "Restoring original Session!");
                        if (oldSession != null) {
                            ac.getLoginState().setSession(oldSession);
                        }
                    } else {
                        clearCookieAndDestroySession(ac);
                        if (oldSession != null) {
                            loginDebug.message("Destroy existing/old valid session");
                            AuthD authD = AuthD.getAuth();
                            authD.destroySession(oldSession.getID());
                        }
                    }
                    loginDebug.message("Login failure, current session destroyed!");
                } else if (ac.getStatus() == AuthContext.Status.SUCCESS) {
                    response.setHeader("X-AuthErrorCode", "0");
                    if (ac.getLoginState().getForceFlag()) {
                        if (loginDebug.messageEnabled()) {
                            loginDebug.message("Forced Auth Succeed." + "Restoring updated session");
                        }
                        clearCookieAndDestroySession(ac);
                        ac.getLoginState().setSession(oldSession);
                    } else {
                        if (AuthUtils.isCookieSupported(ac)) {
                            setCookie();
                            clearCookie(AuthUtils.getAuthCookieName());
                        }
                        if (SystemProperties.getAsBoolean(Constants.DESTROY_SESSION_AFTER_UPGRADE) && oldSession != null) {
                            loginDebug.message("Destroy existing/old valid session");
                            AuthD authD = AuthD.getAuth();
                            authD.destroySession(oldSession.getID());
                        }
                    }
                }
                Cookie appendCookie = AuthUtils.getCookieString(ac, null);
                clearGlobals();
                if (doForward || redirect_url.startsWith(SSO_REDIRECT) || redirect_url.startsWith(SSO_POST)) {
                    if (loginDebug.messageEnabled()) {
                        loginDebug.message("LoginViewBean.forwardRequest=true");
                        loginDebug.message("LoginViewBean.forwardTo():" + "Forward URL before appending cookie is " + redirect_url);
                    }
                    //but the new isn't.
                    if (redirect_url.indexOf("?") == -1) {
                        redirect_url = redirect_url + "?" + appendCookie.getName() + "=" + URLEncDec.encode(appendCookie.getValue());
                    } else {
                        redirect_url = redirect_url + "&" + appendCookie.getName() + "=" + URLEncDec.encode(appendCookie.getValue());
                    }
                    if (loginDebug.messageEnabled()) {
                        loginDebug.message("LoginViewBean.forwardTo():" + "Final Forward URL is " + redirect_url);
                    }
                    RequestDispatcher dispatcher = request.getRequestDispatcher(redirect_url);
                    request.setAttribute(Constants.FORWARD_PARAM, Constants.FORWARD_YES_VALUE);
                    dispatcher.forward(request, response);
                } else {
                    response.sendRedirect(redirect_url);
                }
                forward = false;
                return;
            } catch (IOException e) {
                loginDebug.error("LoginViewBean.forwardTo(): There was an IOException doing the forward/redirect", e);
                ResultVal = rb.getString("redirect.error");
            } catch (Exception e) {
                loginDebug.error("LoginViewBean.forwardTo(): There was an Exception doing the forward/redirect", e);
                setErrorMessage(e);
                redirect_url = null;
            }
        }
    }
    if (forward) {
        forward = false;
        super.forwardTo(requestContext);
    }
    clearGlobals();
}
Also used : Cookie(javax.servlet.http.Cookie) SSOToken(com.iplanet.sso.SSOToken) IOException(java.io.IOException) RequestDispatcher(javax.servlet.RequestDispatcher) ModelControlException(com.iplanet.jato.model.ModelControlException) AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException) SSOException(com.iplanet.sso.SSOException) IOException(java.io.IOException) InternalSession(com.iplanet.dpro.session.service.InternalSession) AuthD(com.sun.identity.authentication.service.AuthD) ISLocaleContext(com.sun.identity.common.ISLocaleContext) SessionID(com.iplanet.dpro.session.SessionID)

Example 20 with ISLocaleContext

use of com.sun.identity.common.ISLocaleContext in project OpenAM by OpenRock.

the class LogoutViewBean method forwardTo.

/**
     * Forwards the request to this view bean, displaying the page. This
     * method is the equivalent of <code>RequestDispatcher.forward()</code>,
     * meaning that the same semantics apply to the use of this method.
     * This method makes implicit use of the display URL returned
     * by the <code>getDisplayURL()</code> method.
     * @param requestContext servlet context for auth request
     */
public void forwardTo(RequestContext requestContext) {
    SessionID sessionID = null;
    SSOToken token = null;
    InternalSession intSess = null;
    java.util.Locale locale = null;
    logoutDebug.message("In forwardTo()");
    if (requestContext != null) {
        request = requestContext.getRequest();
        response = requestContext.getResponse();
    }
    response.setHeader("Pragma", "no-cache");
    response.setHeader("Expires", "0");
    gotoUrl = request.getParameter("goto");
    if (logoutDebug.messageEnabled()) {
        logoutDebug.message("Goto query param : " + gotoUrl);
    }
    try {
        sessionID = new SessionID(request);
        intSess = AuthD.getSession(sessionID);
        if (intSess != null) {
            populateL10NFileAttrs(intSess);
            String localeStr = intSess.getProperty(ISAuthConstants.LOCALE);
            // I18N get resource bundle
            locale = com.sun.identity.shared.locale.Locale.getLocale(localeStr);
            fallbackLocale = locale;
        } else {
            ISLocaleContext localeContext = new ISLocaleContext();
            localeContext.setLocale(request);
            locale = localeContext.getLocale();
            if (locale == null) {
                String localeStr = AuthD.getAuth().getPlatformLocale();
                locale = com.sun.identity.shared.locale.Locale.getLocale(localeStr);
            }
        }
        rb = (ResourceBundle) rbCache.getResBundle("amAuthUI", locale);
        clientType = AuthUtils.getClientType(request);
        if (logoutDebug.messageEnabled()) {
            logoutDebug.message("clienttype is : " + clientType);
        }
        token = SSOTokenManager.getInstance().createSSOToken(sessionID.toString());
    } catch (Exception e) {
        ResultVal = getL10NMessage(e, locale);
    }
    // Get the Login URL and query map
    if (token != null) {
        try {
            loginURL = token.getProperty(ISAuthConstants.FULL_LOGIN_URL);
        } catch (com.iplanet.sso.SSOException ssoExp) {
            if (logoutDebug.messageEnabled()) {
                logoutDebug.message("LogoutViewBean.forwardTo: " + " Cannot get Login URL");
            }
        }
    }
    // If there is a gotoUrl value and the orgDN is null do some additional processing
    if (orgDN == null && isGotoSet()) {
        if (logoutDebug.messageEnabled()) {
            logoutDebug.message("OrgDN was null, getting from request for goto validation");
        }
        // First check if there is a org parameter in request, for example realm=/sub-realm
        String orgParm = AuthUtils.getOrgParam(AuthUtils.parseRequestParameters(request));
        if (orgParm == null) {
            if (logoutDebug.messageEnabled()) {
                logoutDebug.message("Attempting to get orgDN from AuthUtils for serverName " + request.getServerName());
            }
            orgDN = AuthUtils.getOrganizationDN(request.getServerName(), true, request);
        } else {
            if (logoutDebug.messageEnabled()) {
                logoutDebug.message("Attempting to get orgDN from AuthUtils for orgParm " + orgParm);
            }
            orgDN = AuthUtils.getOrganizationDN(orgParm, true, request);
        }
        if (orgDN == null) {
            // Last resort, get it from the root domain
            orgDN = DNMapper.orgNameToDN("/");
        }
    }
    if (isGotoSet()) {
        gotoUrl = AuthUtils.getValidGotoURL(request, orgDN);
        if (logoutDebug.messageEnabled()) {
            logoutDebug.message("Goto after validation for orgDN: " + orgDN + " gotoUrl: " + gotoUrl);
        }
    }
    // set the cookie Value or set the logoutcookie string in
    // the case of URL rewriting otherwise set in the responsed
    // header
    Cookie[] cookieArr = request.getCookies();
    if ((cookieArr != null) && (cookieArr.length != 0)) {
        cookieSupported = true;
    } else {
        cookieSupported = false;
    }
    if (cookieSupported) {
        logoutDebug.message("Cookie is supported");
        AuthUtils.clearAllCookies(request, response);
    } else {
        logoutDebug.message("Cookie is not supported");
        if ((sessionID != null) && (sessionID.toString().length() != 0)) {
            logoutCookie = AuthUtils.getLogoutCookieString(sessionID);
            if (logoutDebug.messageEnabled()) {
                logoutDebug.message("Logout Cookie is " + logoutCookie);
            }
        }
    }
    // get the Logout JSP page path
    jsp_page = appendLogoutCookie(getFileName(LOGOUT_JSP));
    if ((intSess != null) && intSess.isTimedOut()) {
        try {
            if (logoutDebug.messageEnabled()) {
                logoutDebug.message("Goto Login URL : " + loginURL);
            }
            if (doSendRedirect(loginURL)) {
                response.sendRedirect(appendLogoutCookie(loginURL));
                return;
            } else {
                int queryIndex = loginURL.indexOf("?");
                String qString = null;
                if (queryIndex != -1) {
                    qString = loginURL.substring(queryIndex);
                }
                if (qString != null) {
                    jsp_page = appendLogoutCookie(getFileName(LOGIN_JSP) + qString);
                } else {
                    jsp_page = appendLogoutCookie(getFileName(LOGIN_JSP));
                }
            }
        } catch (Exception e) {
            if (logoutDebug.messageEnabled()) {
                logoutDebug.message("Redirect failed : " + loginURL, e);
            }
            ResultVal = getL10NMessage(e, locale);
        }
        super.forwardTo(requestContext);
        return;
    }
    boolean wasTokenValid = false;
    try {
        wasTokenValid = AuthUtils.logout(intSess, token, request, response);
        ResultVal = rb.getString("logout.successful");
        String postProcessURL = AuthUtils.getPostProcessURL(request, AMPostAuthProcessInterface.POST_PROCESS_LOGOUT_URL);
        if (postProcessURL != null) {
            gotoUrl = postProcessURL;
        }
    } catch (SSOException ssoe) {
        try {
            if (logoutDebug.messageEnabled()) {
                logoutDebug.message("Exception during logout", ssoe);
                logoutDebug.message("Goto Login URL : " + LOGINURL);
            }
            if (doSendRedirect(LOGINURL)) {
                response.sendRedirect(appendLogoutCookie(LOGINURL));
                return;
            } else {
                jsp_page = appendLogoutCookie(getFileName(LOGIN_JSP));
            }
        } catch (Exception ex) {
            if (logoutDebug.messageEnabled()) {
                logoutDebug.message("Redirect failed:" + LOGINURL, ex);
            }
            ResultVal = ex.getMessage();
        }
        super.forwardTo(requestContext);
        return;
    }
    if (!wasTokenValid) {
        if (!isGotoSet()) {
            String originalRedirectURL = AuthUtils.getOrigRedirectURL(request, sessionID);
            if (originalRedirectURL != null) {
                try {
                    if (logoutDebug.messageEnabled()) {
                        logoutDebug.message("Original Redirect URL: " + originalRedirectURL);
                    }
                    int index = originalRedirectURL.indexOf("/Login");
                    if (index != -1) {
                        originalRedirectURL = originalRedirectURL.substring(0, index) + "/Logout";
                    }
                    if (logoutDebug.messageEnabled()) {
                        logoutDebug.message("Redirect to Original Redirect URL :" + originalRedirectURL);
                    }
                    if (doSendRedirect(originalRedirectURL)) {
                        response.sendRedirect(appendLogoutCookie(originalRedirectURL));
                        return;
                    }
                } catch (Exception e) {
                    ResultVal = getL10NMessage(e, locale);
                }
            } else {
                try {
                    if (logoutDebug.messageEnabled()) {
                        logoutDebug.message("Goto LOGINURL : " + LOGINURL);
                    }
                    if (doSendRedirect(LOGINURL)) {
                        response.sendRedirect(appendLogoutCookie(LOGINURL));
                        return;
                    } else {
                        jsp_page = appendLogoutCookie(getFileName(LOGIN_JSP));
                    }
                } catch (Exception e) {
                    ResultVal = getL10NMessage(e, locale);
                }
            }
        }
    }
    if (!redirectToGoto(locale)) {
        super.forwardTo(requestContext);
    }
}
Also used : Cookie(javax.servlet.http.Cookie) SSOToken(com.iplanet.sso.SSOToken) SSOException(com.iplanet.sso.SSOException) ServletException(javax.servlet.ServletException) ModelControlException(com.iplanet.jato.model.ModelControlException) IOException(java.io.IOException) SSOException(com.iplanet.sso.SSOException) InternalSession(com.iplanet.dpro.session.service.InternalSession) SSOException(com.iplanet.sso.SSOException) ISLocaleContext(com.sun.identity.common.ISLocaleContext) SessionID(com.iplanet.dpro.session.SessionID)

Aggregations

ISLocaleContext (com.sun.identity.common.ISLocaleContext)20 SSOException (com.iplanet.sso.SSOException)4 L10NMessageImpl (com.sun.identity.shared.locale.L10NMessageImpl)4 ServletException (javax.servlet.ServletException)4 HttpContext (org.forgerock.json.resource.http.HttpContext)4 SessionID (com.iplanet.dpro.session.SessionID)3 Map (java.util.Map)3 RequestDispatcher (javax.servlet.RequestDispatcher)3 HttpServletRequest (javax.servlet.http.HttpServletRequest)3 InternalSession (com.iplanet.dpro.session.service.InternalSession)2 RequestContext (com.iplanet.jato.RequestContext)2 ModelControlException (com.iplanet.jato.model.ModelControlException)2 SSOToken (com.iplanet.sso.SSOToken)2 PWResetQuestionModel (com.sun.identity.password.ui.model.PWResetQuestionModel)2 PWResetUserValidationModel (com.sun.identity.password.ui.model.PWResetUserValidationModel)2 IOException (java.io.IOException)2 HashMap (java.util.HashMap)2 HashSet (java.util.HashSet)2 Cookie (javax.servlet.http.Cookie)2 CompleteRequestException (com.iplanet.jato.CompleteRequestException)1