Search in sources :

Example 16 with UrlHolder

use of com.tremolosecurity.config.util.UrlHolder in project OpenUnison by TremoloSecurity.

the class WebAuthn method doGet.

@Override
public void doGet(HttpServletRequest request, HttpServletResponse response, AuthStep as) throws IOException, ServletException {
    if (request.getParameter("requestOptions") != null && request.getParameter("requestOptions").equalsIgnoreCase("true")) {
        AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
        // SharedSession.getSharedSession().getSession(req.getSession().getId());
        HttpSession session = ((HttpServletRequest) request).getSession();
        UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
        RequestHolder reqHolder = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getHolder();
        String urlChain = holder.getUrl().getAuthChain();
        AuthChainType act = holder.getConfig().getAuthChains().get(reqHolder.getAuthChainName());
        AuthMechType amt = act.getAuthMech().get(as.getId());
        HashMap<String, Attribute> authParams = (HashMap<String, Attribute>) session.getAttribute(ProxyConstants.AUTH_MECH_PARAMS);
        String attributeName = authParams.get("attribute").getValues().get(0);
        String encryptionKeyName = authParams.get("encryptionKeyName").getValues().get(0);
        if (userData.getAttribs().get(attributeName) == null) {
            StringBuilder sb = new StringBuilder();
            sb.append("User '").append(userData.getUserDN()).append("' does not have attribute '").append(attributeName).append("'");
            logger.warn(sb.toString());
            as.setExecuted(true);
            as.setSuccess(false);
            holder.getConfig().getAuthManager().nextAuth(request, response, session, false);
            return;
        }
        WebAuthnUserData webauthnUser = WebAuthnUtils.lookupWebAuthnUserData(userData, attributeName, encryptionKeyName);
        if (webauthnUser == null) {
            throw new ServletException("No webauthn user data, can not happen");
        }
        try {
            Challenge challenge = new DefaultChallenge();
            JSONObject resp = new JSONObject();
            JSONObject publicKey = new JSONObject();
            resp.put("publicKey", publicKey);
            JSONArray allowedCredentials = new JSONArray();
            publicKey.put("allowedCredentials", allowedCredentials);
            for (Authenticator auth : webauthnUser.getAuthenticators()) {
                byte[] credentialId = auth.getAttestedCredentialData().getCredentialId();
                JSONObject credential = new JSONObject();
                allowedCredentials.add(credential);
                credential.put("type", "public-key");
                credential.put("id", Base64UrlUtil.encodeToString(credentialId));
            }
            publicKey.put("challenge", Base64UrlUtil.encodeToString(challenge.getValue()));
            publicKey.put("rpId", WebAuthnRegistration.getRpId(request));
            publicKey.put("timeout", 30000);
            publicKey.put("userVerification", authParams.get("userVerificationRequirement").getValues().get(0));
            ServerProperty serverProperty = new ServerProperty(new Origin(request.getRequestURL().toString()), WebAuthnRegistration.getRpId(request), challenge, webauthnUser.getId());
            ByteArrayOutputStream bos = new ByteArrayOutputStream();
            ObjectOutputStream out = null;
            byte[] yourBytes = null;
            try {
                out = new ObjectOutputStream(bos);
                out.writeObject(serverProperty);
                out.flush();
                yourBytes = bos.toByteArray();
            } finally {
                try {
                    bos.close();
                } catch (IOException ex) {
                // ignore close exception
                }
            }
            resp.put("serverProperty", java.util.Base64.getUrlEncoder().encodeToString(yourBytes));
            response.getWriter().println(resp.toString());
        } catch (Exception e) {
            throw new ServletException(e);
        }
    } else {
        AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
        // SharedSession.getSharedSession().getSession(req.getSession().getId());
        HttpSession session = ((HttpServletRequest) request).getSession();
        UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
        RequestHolder reqHolder = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getHolder();
        String urlChain = holder.getUrl().getAuthChain();
        AuthChainType act = holder.getConfig().getAuthChains().get(reqHolder.getAuthChainName());
        AuthMechType amt = act.getAuthMech().get(as.getId());
        HashMap<String, Attribute> authParams = (HashMap<String, Attribute>) session.getAttribute(ProxyConstants.AUTH_MECH_PARAMS);
        String formURI = authParams.get("formURI").getValues().get(0);
        request.getRequestDispatcher(formURI).forward(request, response);
    }
}
Also used : Origin(com.webauthn4j.data.client.Origin) Attribute(com.tremolosecurity.saml.Attribute) HashMap(java.util.HashMap) ObjectOutputStream(java.io.ObjectOutputStream) Challenge(com.webauthn4j.data.client.challenge.Challenge) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) HttpServletRequest(javax.servlet.http.HttpServletRequest) UrlHolder(com.tremolosecurity.config.util.UrlHolder) ServletException(javax.servlet.ServletException) DefaultChallenge(com.webauthn4j.data.client.challenge.DefaultChallenge) AuthChainType(com.tremolosecurity.config.xml.AuthChainType) Authenticator(com.webauthn4j.authenticator.Authenticator) ServerProperty(com.webauthn4j.server.ServerProperty) HttpSession(javax.servlet.http.HttpSession) WebAuthnUserData(com.tremolosecurity.proxy.auth.webauthn.WebAuthnUserData) JSONArray(org.json.simple.JSONArray) AuthMechType(com.tremolosecurity.config.xml.AuthMechType) ByteArrayOutputStream(java.io.ByteArrayOutputStream) IOException(java.io.IOException) ValidationException(com.webauthn4j.validator.exception.ValidationException) ServletException(javax.servlet.ServletException) DataConversionException(com.webauthn4j.converter.exception.DataConversionException) ParseException(org.json.simple.parser.ParseException) IOException(java.io.IOException) JSONObject(org.json.simple.JSONObject)

Example 17 with UrlHolder

use of com.tremolosecurity.config.util.UrlHolder in project OpenUnison by TremoloSecurity.

the class WebAuthn method doPost.

@Override
public void doPost(HttpServletRequest request, HttpServletResponse response, AuthStep as) throws IOException, ServletException {
    if (request.getParameter("webauthnResponse") != null) {
        AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
        // SharedSession.getSharedSession().getSession(req.getSession().getId());
        HttpSession session = ((HttpServletRequest) request).getSession();
        UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
        RequestHolder reqHolder = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getHolder();
        String urlChain = holder.getUrl().getAuthChain();
        AuthChainType act = holder.getConfig().getAuthChains().get(reqHolder.getAuthChainName());
        AuthMechType amt = act.getAuthMech().get(as.getId());
        HashMap<String, Attribute> authParams = (HashMap<String, Attribute>) session.getAttribute(ProxyConstants.AUTH_MECH_PARAMS);
        ByteArrayInputStream bais = new ByteArrayInputStream(Base64UrlUtil.decode((String) request.getParameter("serverProperty")));
        ObjectInputStream ois = new ObjectInputStream(bais);
        ServerProperty serverProperty = null;
        try {
            serverProperty = (ServerProperty) ois.readObject();
        } catch (ClassNotFoundException | IOException e) {
            throw new ServletException(e);
        }
        String attributeName = authParams.get("attribute").getValues().get(0);
        String encryptionKeyName = authParams.get("encryptionKeyName").getValues().get(0);
        Authenticator auth = null;
        if (userData.getAttribs().get(attributeName) == null) {
            StringBuilder sb = new StringBuilder();
            sb.append("User '").append(userData.getUserDN()).append("' does not have attribute '").append(attributeName).append("'");
            logger.warn(sb.toString());
            as.setExecuted(true);
            as.setSuccess(false);
            holder.getConfig().getAuthManager().nextAuth(request, response, session, false);
            return;
        }
        WebAuthnUserData webauthnUser = WebAuthnUtils.lookupWebAuthnUserData(userData, attributeName, encryptionKeyName);
        if (webauthnUser == null) {
            throw new ServletException("No webauthn user data, can not happen");
        }
        JSONObject webauthnResp = null;
        try {
            webauthnResp = (JSONObject) new JSONParser().parse(request.getParameter("webauthnResponse"));
        } catch (ParseException e) {
            throw new ServletException("could not parse webauthn response", e);
        }
        byte[] credentialId = java.util.Base64.getUrlDecoder().decode((String) webauthnResp.get("credential_id"));
        byte[] userHandle = java.util.Base64.getUrlDecoder().decode((String) webauthnResp.get("userHandle"));
        ;
        byte[] authenticatorData = java.util.Base64.getUrlDecoder().decode((String) webauthnResp.get("authenticatorData"));
        byte[] clientDataJSON = java.util.Base64.getUrlDecoder().decode((String) webauthnResp.get("clientDataJSON"));
        String clientExtensionJSON = (String) webauthnResp.get("clientExtResults");
        byte[] signature = java.util.Base64.getUrlDecoder().decode((String) webauthnResp.get("signature"));
        if (!Arrays.equals(userHandle, webauthnUser.getId())) {
            StringBuilder sb = new StringBuilder();
            sb.append("User '").append(userData.getUserDN()).append("' credential not owned by the client");
            logger.warn(sb.toString());
            as.setExecuted(true);
            as.setSuccess(false);
            holder.getConfig().getAuthManager().nextAuth(request, response, session, false);
            return;
        }
        auth = null;
        for (Authenticator checkUser : webauthnUser.getAuthenticators()) {
            if (Arrays.equals(checkUser.getAttestedCredentialData().getCredentialId(), credentialId)) {
                auth = checkUser;
            }
        }
        if (auth == null) {
            StringBuilder sb = new StringBuilder();
            sb.append("User '").append(userData.getUserDN()).append("' does not have a credential associated with '").append((String) webauthnResp.get("credential_id")).append("'");
            logger.warn(sb.toString());
            as.setExecuted(true);
            as.setSuccess(false);
            holder.getConfig().getAuthManager().nextAuth(request, response, session, false);
            return;
        }
        AuthenticationRequest authenticationRequest = new AuthenticationRequest(credentialId, userHandle, authenticatorData, clientDataJSON, clientExtensionJSON, signature);
        AuthenticationParameters authenticationParameters = new AuthenticationParameters(serverProperty, auth, null, false, true);
        WebAuthnManager webAuthnManager = WebAuthnManager.createNonStrictWebAuthnManager();
        AuthenticationData authenticationData;
        try {
            authenticationData = webAuthnManager.parse(authenticationRequest);
        } catch (DataConversionException e) {
            StringBuilder sb = new StringBuilder();
            sb.append("User '").append(userData.getUserDN()).append("' could not parse authentication data with credential '").append((String) webauthnResp.get("credential_id")).append("'");
            logger.warn(sb.toString(), e);
            as.setExecuted(true);
            as.setSuccess(false);
            holder.getConfig().getAuthManager().nextAuth(request, response, session, false);
            return;
        }
        try {
            webAuthnManager.validate(authenticationData, authenticationParameters);
        } catch (ValidationException e) {
            StringBuilder sb = new StringBuilder();
            sb.append("User '").append(userData.getUserDN()).append("' could not validate authentication data with credential '").append((String) webauthnResp.get("credential_id")).append("'");
            logger.warn(sb.toString(), e);
            as.setExecuted(true);
            as.setSuccess(false);
            holder.getConfig().getAuthManager().nextAuth(request, response, session, false);
            return;
        }
        as.setExecuted(true);
        as.setSuccess(true);
        holder.getConfig().getAuthManager().nextAuth(request, response, session, false);
    } else {
        // redirect the user to the correct URL
        AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
        // SharedSession.getSharedSession().getSession(req.getSession().getId());
        HttpSession session = ((HttpServletRequest) request).getSession();
        UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
        RequestHolder reqHolder = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getHolder();
        String urlChain = holder.getUrl().getAuthChain();
        AuthChainType act = holder.getConfig().getAuthChains().get(reqHolder.getAuthChainName());
        AuthMechType amt = act.getAuthMech().get(as.getId());
        response.sendRedirect(holder.getConfig().getAuthMechs().get(amt.getName()).getUri());
        return;
    }
}
Also used : AuthenticationParameters(com.webauthn4j.data.AuthenticationParameters) ValidationException(com.webauthn4j.validator.exception.ValidationException) AuthenticationData(com.webauthn4j.data.AuthenticationData) Attribute(com.tremolosecurity.saml.Attribute) HashMap(java.util.HashMap) HttpServletRequest(javax.servlet.http.HttpServletRequest) UrlHolder(com.tremolosecurity.config.util.UrlHolder) ServletException(javax.servlet.ServletException) AuthenticationRequest(com.webauthn4j.data.AuthenticationRequest) AuthChainType(com.tremolosecurity.config.xml.AuthChainType) Authenticator(com.webauthn4j.authenticator.Authenticator) ServerProperty(com.webauthn4j.server.ServerProperty) HttpSession(javax.servlet.http.HttpSession) WebAuthnUserData(com.tremolosecurity.proxy.auth.webauthn.WebAuthnUserData) AuthMechType(com.tremolosecurity.config.xml.AuthMechType) WebAuthnManager(com.webauthn4j.WebAuthnManager) IOException(java.io.IOException) JSONObject(org.json.simple.JSONObject) ByteArrayInputStream(java.io.ByteArrayInputStream) JSONParser(org.json.simple.parser.JSONParser) ParseException(org.json.simple.parser.ParseException) DataConversionException(com.webauthn4j.converter.exception.DataConversionException) ObjectInputStream(java.io.ObjectInputStream)

Example 18 with UrlHolder

use of com.tremolosecurity.config.util.UrlHolder in project OpenUnison by TremoloSecurity.

the class OTPAuth method doPost.

@Override
public void doPost(HttpServletRequest request, HttpServletResponse response, AuthStep as) throws IOException, ServletException {
    if (request.getParameter("code") == null) {
        this.doGet(request, response, as);
        return;
    }
    HttpSession session = ((HttpServletRequest) request).getSession();
    HashMap<String, Attribute> authParams = (HashMap<String, Attribute>) session.getAttribute(ProxyConstants.AUTH_MECH_PARAMS);
    UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
    RequestHolder reqHolder = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getHolder();
    String urlChain = holder.getUrl().getAuthChain();
    AuthChainType act = holder.getConfig().getAuthChains().get(reqHolder.getAuthChainName());
    AuthMechType amt = act.getAuthMech().get(as.getId());
    Attribute attr = authParams.get("keyName");
    if (attr == null) {
        throw new ServletException("keyName not present");
    }
    SecretKey key = this.cfgMgr.getSecretKey(attr.getValues().get(0));
    if (key == null) {
        throw new ServletException("Key '" + attr.getValues().get(0) + "' does not exist");
    }
    int windowSize = 3;
    attr = authParams.get("windowSize");
    if (attr == null) {
        logger.warn("No windowSize set");
    } else {
        windowSize = Integer.parseInt(attr.getValues().get(0));
    }
    attr = authParams.get("attributeName");
    if (attr == null) {
        throw new ServletException("attributeName not present");
    }
    String attributeName = attr.getValues().get(0);
    AuthController ac = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL));
    attr = ac.getAuthInfo().getAttribs().get(attributeName);
    if (attr == null) {
        if (logger.isDebugEnabled()) {
            logger.info("Attribute '" + attributeName + "' not present");
        }
        as.setSuccess(false);
    } else {
        try {
            String keyjson = attr.getValues().get(0);
            if (logger.isDebugEnabled()) {
                logger.debug("token json : '" + keyjson + "'");
            }
            Gson gson = new Gson();
            Token token = gson.fromJson(new String(Base64.decode(keyjson)), Token.class);
            byte[] iv = org.bouncycastle.util.encoders.Base64.decode(token.getIv());
            IvParameterSpec spec = new IvParameterSpec(iv);
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(Cipher.DECRYPT_MODE, key, spec);
            byte[] encBytes = org.bouncycastle.util.encoders.Base64.decode(token.getEncryptedRequest());
            String totpJson = new String(cipher.doFinal(encBytes));
            TOTPKey totp = gson.fromJson(totpJson, TOTPKey.class);
            GoogleAuthenticatorConfigBuilder b = new GoogleAuthenticatorConfigBuilder();
            b.setWindowSize(windowSize);
            GoogleAuthenticatorConfig cfg = b.build();
            GoogleAuthenticator ga = new GoogleAuthenticator(cfg);
            String code = request.getParameter("code");
            if (code == null) {
                as.setSuccess(false);
            } else {
                as.setSuccess(ga.authorize(totp.getSecretKey(), Integer.parseInt(code)));
            }
            String redirectToURL = request.getParameter("target");
            if (redirectToURL != null && !redirectToURL.isEmpty()) {
                reqHolder.setURL(redirectToURL);
            }
        } catch (Exception e) {
            as.setSuccess(false);
            logger.error("Could not decrypt key", e);
        }
        holder.getConfig().getAuthManager().nextAuth(request, response, session, false);
    }
}
Also used : GoogleAuthenticator(com.warrenstrange.googleauth.GoogleAuthenticator) Attribute(com.tremolosecurity.saml.Attribute) HashMap(java.util.HashMap) HttpSession(javax.servlet.http.HttpSession) GoogleAuthenticatorConfig(com.warrenstrange.googleauth.GoogleAuthenticatorConfig) AuthMechType(com.tremolosecurity.config.xml.AuthMechType) Gson(com.google.gson.Gson) Token(com.tremolosecurity.json.Token) GoogleAuthenticatorConfigBuilder(com.warrenstrange.googleauth.GoogleAuthenticatorConfig.GoogleAuthenticatorConfigBuilder) RequestHolder(com.tremolosecurity.proxy.auth.RequestHolder) AuthController(com.tremolosecurity.proxy.auth.AuthController) ServletException(javax.servlet.ServletException) IOException(java.io.IOException) HttpServletRequest(javax.servlet.http.HttpServletRequest) UrlHolder(com.tremolosecurity.config.util.UrlHolder) ServletException(javax.servlet.ServletException) SecretKey(javax.crypto.SecretKey) IvParameterSpec(javax.crypto.spec.IvParameterSpec) Cipher(javax.crypto.Cipher) AuthChainType(com.tremolosecurity.config.xml.AuthChainType)

Example 19 with UrlHolder

use of com.tremolosecurity.config.util.UrlHolder in project OpenUnison by TremoloSecurity.

the class ProxySys method doPush.

public void doPush(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
    UrlHolder holder = (UrlHolder) req.getAttribute(ProxyConstants.AUTOIDM_CFG);
    HttpFilterRequest filterReq = new HttpFilterRequestImpl(req, null);
    HttpFilterResponse filterResp = new HttpFilterResponseImpl(resp);
    HashMap<String, String> uriParams = (HashMap<String, String>) req.getAttribute("TREMOLO_URI_PARAMS");
    if (uriParams == null) {
        uriParams = new HashMap<String, String>();
        req.setAttribute("TREMOLO_URI_PARAMS", uriParams);
    }
    uriParams.put("fullURI", req.getRequestURI());
    HashSet<String> queryParams = new HashSet<String>();
    req.setAttribute(ProxySys.QUERY_PARAMS, queryParams);
    String qs = req.getQueryString();
    if (qs != null) {
        StringTokenizer toker = new StringTokenizer(qs, "&", false);
        while (toker.hasMoreTokens()) {
            String qsParam = toker.nextToken();
            int eqIndex = qsParam.indexOf('=');
            String paramName;
            if (eqIndex == -1) {
                paramName = qsParam;
            } else {
                paramName = qsParam.substring(0, eqIndex);
            }
            if (!queryParams.contains(paramName)) {
                queryParams.add(paramName);
            }
        }
    }
    PostProcess postProc = null;
    if (holder.getUrl().getProxyTo() == null || holder.getUrl().getProxyTo().isEmpty()) {
        FilterChain filterChain = (FilterChain) req.getAttribute(ProxyConstants.TREMOLO_FILTER_CHAIN);
        if (filterChain == null) {
            logger.warn("Could not find filter chain");
        }
        postProc = new EmbPostProc(filterChain);
    } else {
        postProc = new PushRequestProcess();
        ;
    }
    HttpFilterChain chain = new HttpFilterChainImpl(holder, postProc);
    try {
        chain.nextFilter(filterReq, filterResp, chain);
    } catch (Exception e) {
        throw new ServletException(e);
    }
    ProxyData pd = new ProxyData();
    pd.setHolder(holder);
    pd.setIns(chain.getIns());
    pd.setPostProc(postProc);
    pd.setRequest(filterReq);
    pd.setResponse(filterResp);
    pd.setText(chain.isText());
    pd.setLogout(chain.isLogout());
    pd.setHttpRequestBase(chain.getHttpRequestBase());
    req.setAttribute(ProxyConstants.TREMOLO_PRXY_DATA, pd);
}
Also used : EmbPostProc(com.tremolosecurity.embedd.EmbPostProc) HashMap(java.util.HashMap) FilterChain(javax.servlet.FilterChain) HttpFilterChain(com.tremolosecurity.proxy.filter.HttpFilterChain) PushRequestProcess(com.tremolosecurity.proxy.postProcess.PushRequestProcess) ServletException(javax.servlet.ServletException) IOException(java.io.IOException) UrlHolder(com.tremolosecurity.config.util.UrlHolder) HttpFilterResponse(com.tremolosecurity.proxy.filter.HttpFilterResponse) ServletException(javax.servlet.ServletException) StringTokenizer(java.util.StringTokenizer) PostProcess(com.tremolosecurity.proxy.filter.PostProcess) HttpFilterRequestImpl(com.tremolosecurity.proxy.filter.HttpFilterRequestImpl) HttpFilterResponseImpl(com.tremolosecurity.proxy.filter.HttpFilterResponseImpl) HttpFilterChainImpl(com.tremolosecurity.proxy.filter.HttpFilterChainImpl) HttpFilterChain(com.tremolosecurity.proxy.filter.HttpFilterChain) HttpFilterRequest(com.tremolosecurity.proxy.filter.HttpFilterRequest) HashSet(java.util.HashSet)

Example 20 with UrlHolder

use of com.tremolosecurity.config.util.UrlHolder in project OpenUnison by TremoloSecurity.

the class AuthManagerImpl method nextAuth.

/* (non-Javadoc)
	 * @see com.tremolosecurity.proxy.auth.sys.AuthManager#nextAuth(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, javax.servlet.http.HttpSession, boolean, com.tremolosecurity.proxy.util.NextSys)
	 */
@Override
public boolean nextAuth(HttpServletRequest req, HttpServletResponse resp, HttpSession session, boolean jsRedirect, NextSys next) throws ServletException, IOException {
    if (next == null) {
        next = (NextSys) req.getAttribute(NEXT_SYS);
        if (next == null) {
            throw new ServletException("Unknown state");
        }
    }
    // HttpSession session = req.getSession(true);
    AuthController actl = (AuthController) req.getSession().getAttribute(ProxyConstants.AUTH_CTL);
    RequestHolder reqHolder = actl.getHolder();
    String actName = "";
    UrlHolder holder = (UrlHolder) req.getAttribute(ProxyConstants.AUTOIDM_CFG);
    if (reqHolder != null) {
        actName = reqHolder.getAuthChainName();
    } else {
        actName = holder.getUrl().getAuthChain();
    }
    AuthChainType act = holder.getConfig().getAuthChains().get(actName);
    if (act == null) {
        act = holder.getConfig().getAuthFailChain();
    }
    return execAuth(req, resp, session, jsRedirect, holder, act, req.getRequestURL().toString(), next);
}
Also used : ServletException(javax.servlet.ServletException) UrlHolder(com.tremolosecurity.config.util.UrlHolder) RequestHolder(com.tremolosecurity.proxy.auth.RequestHolder) AuthController(com.tremolosecurity.proxy.auth.AuthController) AuthChainType(com.tremolosecurity.config.xml.AuthChainType)

Aggregations

UrlHolder (com.tremolosecurity.config.util.UrlHolder)61 ServletException (javax.servlet.ServletException)42 HttpSession (javax.servlet.http.HttpSession)39 HashMap (java.util.HashMap)38 HttpServletRequest (javax.servlet.http.HttpServletRequest)36 AuthChainType (com.tremolosecurity.config.xml.AuthChainType)34 Attribute (com.tremolosecurity.saml.Attribute)31 AuthMechType (com.tremolosecurity.config.xml.AuthMechType)26 AuthController (com.tremolosecurity.proxy.auth.AuthController)26 IOException (java.io.IOException)26 AuthInfo (com.tremolosecurity.proxy.auth.AuthInfo)18 RequestHolder (com.tremolosecurity.proxy.auth.RequestHolder)18 LDAPException (com.novell.ldap.LDAPException)17 LDAPAttribute (com.novell.ldap.LDAPAttribute)16 ConfigManager (com.tremolosecurity.config.util.ConfigManager)12 MyVDConnection (com.tremolosecurity.proxy.myvd.MyVDConnection)10 MalformedURLException (java.net.MalformedURLException)10 ArrayList (java.util.ArrayList)10 ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)9 Gson (com.google.gson.Gson)8