Example 61 with AuthController
use of com.tremolosecurity.proxy.auth.AuthController in project OpenUnison by TremoloSecurity.
the class ConfigSys method doConfig.
/* (non-Javadoc)
* @see com.tremolosecurity.proxy.ConfigSys#doConfig(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.tremolosecurity.proxy.util.NextSys)
*/
public void doConfig(HttpServletRequest req, HttpServletResponse resp, NextSys nextSys) throws IOException, ServletException {
UrlHolder holder = null;
AuthInfo userAuth = null;
try {
SessionManager sessionManager = (SessionManager) this.ctx.getAttribute(ProxyConstants.TREMOLO_SESSION_MANAGER);
boolean setSessionCookie = false;
boolean checkLogout = false;
RequestHolder reqHolder = (RequestHolder) req.getAttribute(ProxyConstants.TREMOLO_REQ_HOLDER);
holder = (UrlHolder) req.getAttribute(ProxyConstants.AUTOIDM_CFG);
boolean isForcedAuth = req.getAttribute(ProxyConstants.TREMOLO_IS_FORCED_AUTH) != null ? (Boolean) req.getAttribute(ProxyConstants.TREMOLO_IS_FORCED_AUTH) : false;
checkLogout = true;
StringBuffer resetsb = new StringBuffer(cfg.getAuthPath()).append("resetChain");
HttpSession sharedSession = req.getSession();
if (sharedSession != null) {
AuthController actl = (AuthController) sharedSession.getAttribute(ProxyConstants.AUTH_CTL);
if (actl != null && actl.getHolder() != null) {
RequestHolder presentHolder = actl.getHolder();
AuthInfo authdata = actl.getAuthInfo();
userAuth = authdata;
if (!req.getRequestURI().startsWith(cfg.getAuthPath()) && /*&& ! presentHolder.getUrlNoQueryString().equalsIgnoreCase(req.getRequestURL().toString())*/
(authdata == null || !authdata.isAuthComplete())) {
// we're going to ignore requests for favicon.ico
if (!req.getRequestURI().endsWith("/favicon.ico") && !req.getRequestURI().endsWith("/apple-touch-icon-precomposed.png") && !req.getRequestURI().endsWith("/apple-touch-icon.png")) {
sharedSession.removeAttribute(ProxyConstants.AUTH_CTL);
this.cfg.createAnonUser(sharedSession);
}
} else if (req.getRequestURI().equalsIgnoreCase(resetsb.toString())) {
sharedSession.removeAttribute("TREMOLO_AUTH_URI");
for (AuthStep step : actl.getAuthSteps()) {
step.setExecuted(false);
step.setSuccess(false);
}
actl.setCurrentStep(actl.getAuthSteps().get(0));
String chainName = holder.getUrl().getAuthChain();
AuthChainType chain = cfg.getAuthChains().get(chainName);
String mech = chain.getAuthMech().get(0).getName();
String uri = cfg.getAuthMechs().get(mech).getUri();
holder.getConfig().getAuthManager().loadAmtParams(sharedSession, chain.getAuthMech().get(0));
String redirectURI = "";
if (holder.getConfig().getContextPath().equalsIgnoreCase("/")) {
redirectURI = uri;
} else {
redirectURI = new StringBuffer().append(holder.getConfig().getContextPath()).append(uri).toString();
}
sharedSession.setAttribute("TREMOLO_AUTH_URI", redirectURI);
resp.sendRedirect(redirectURI);
return;
}
}
if (isForcedAuth) {
actl.setHolder(reqHolder);
String authChain = holder.getUrl().getAuthChain();
AuthChainType act = cfg.getAuthChains().get(authChain);
holder.getConfig().getAuthManager().loadAmtParams(sharedSession, act.getAuthMech().get(0));
}
}
if (holder == null) {
if (req.getRequestURI().startsWith(cfg.getAuthPath())) {
req.setAttribute(ProxyConstants.AUTOIDM_MYVD, cfg.getMyVD());
ProxyResponse presp = new ProxyResponse((HttpServletResponse) resp, (HttpServletRequest) req);
// we still need a holder
/*AuthController actl = (AuthController) sharedSession.getAttribute(AuthSys.AUTH_CTL);
if (actl != null) {
holder = cfg.findURL(actl.getHolder().getUrlNoQueryString());
req.setAttribute(ConfigSys.AUTOIDM_CFG, holder);
} else {*/
AuthMechanism authMech = cfg.getAuthMech(((HttpServletRequest) req).getRequestURI());
if (authMech != null) {
String finalURL = authMech.getFinalURL(req, resp);
if (finalURL != null) {
holder = cfg.findURL(finalURL);
} else {
// throw new ServletException("Can not generate holder");
}
} else {
// throw new ServletException("Can not generate holder");
}
// no holder should be needed beyond this point
// }
/*
String urlChain = holder.getUrl().getAuthChain();
AuthChainType act = holder.getConfig().getAuthChains().get(urlChain);
HashMap<String,Attribute> params = new HashMap<String,Attribute>();
ProxyUtil.loadParams(req, params);
reqHolder = new RequestHolder(HTTPMethod.GET,params,finalURL,true,act.getName());
isForcedAuth = true;
req.setAttribute(ConfigSys.AUTOIDM_CFG, holder);
String chainName = holder.getUrl().getAuthChain();
AuthChainType chain = cfg.getAuthChains().get(chainName);
String mech = chain.getAuthMech().get(0).getName();
String uri = cfg.getAuthMechs().get(mech).getUri();
AuthSys.loadAmtParams(sharedSession, chain.getAuthMech().get(0));
}
}
if (holder == null) {
resp.setStatus(HttpServletResponse.SC_NOT_FOUND);
AccessLog.log(AccessEvent.NotFound, null, req, null, "Resource Not Found");
return;
}*/
nextSys.nextSys(req, presp);
presp.pushHeadersAndCookies(null);
} else {
String redirectLocation = cfg.getErrorPages().get(HttpServletResponse.SC_NOT_FOUND);
if (redirectLocation != null) {
resp.sendRedirect(redirectLocation);
} else {
resp.setStatus(HttpServletResponse.SC_NOT_FOUND);
}
AccessLog.log(AccessEvent.NotFound, null, req, null, "Resource Not Found");
}
} else {
req.setAttribute(ProxyConstants.AUTOIDM_CFG, holder);
req.setAttribute(ProxyConstants.AUTOIDM_MYVD, cfg.getMyVD());
ProxyResponse presp = new ProxyResponse((HttpServletResponse) resp, (HttpServletRequest) req);
ProxyData pd = null;
try {
nextSys.nextSys(req, presp);
pd = (ProxyData) req.getAttribute(ProxyConstants.TREMOLO_PRXY_DATA);
if (holder.getApp().getCookieConfig() != null) {
String logouturi = holder.getApp().getCookieConfig().getLogoutURI();
AuthController actl = (AuthController) sharedSession.getAttribute(ProxyConstants.AUTH_CTL);
if (actl != null) {
AuthInfo authdata = actl.getAuthInfo();
userAuth = authdata;
if ((req.getRequestURI().equalsIgnoreCase(logouturi) || (pd != null && pd.isLogout())) && (authdata != null)) {
// Execute logout handlers
ArrayList<LogoutHandler> logoutHandlers = (ArrayList<LogoutHandler>) sharedSession.getAttribute(LogoutUtil.LOGOUT_HANDLERS);
if (logoutHandlers != null) {
for (LogoutHandler h : logoutHandlers) {
h.handleLogout(req, presp);
}
}
sessionManager.clearSession(holder, sharedSession, (HttpServletRequest) req, (HttpServletResponse) resp);
}
}
}
presp.pushHeadersAndCookies(holder);
if (pd != null && pd.getIns() != null) {
if (pd.getResponse() == null) {
this.procData(pd.getRequest(), resp, holder, pd.isText(), pd.getIns(), sessionManager);
} else {
this.procData(pd.getRequest(), pd.getResponse(), holder, pd.isText(), pd.getIns(), pd.getPostProc(), sessionManager);
}
}
} finally {
if (pd != null && pd.getHttpRequestBase() != null) {
pd.getHttpRequestBase().releaseConnection();
if (!resp.isCommitted()) {
resp.getOutputStream().flush();
resp.getOutputStream().close();
}
}
}
}
} catch (Exception e) {
ApplicationType appType = null;
if (holder != null) {
appType = holder.getApp();
} else {
appType = new ApplicationType();
appType.setName("UNKNOWN");
}
AccessLog.log(AccessEvent.Error, appType, (HttpServletRequest) req, userAuth, "NONE");
req.setAttribute("TREMOLO_ERROR_REQUEST_URL", req.getRequestURL().toString());
req.setAttribute("TREMOLO_ERROR_EXCEPTION", e);
logger.error("Could not process request", e);
String redirectLocation = cfg.getErrorPages().get(500);
if (redirectLocation != null) {
resp.sendRedirect(redirectLocation);
} else {
StringBuffer b = new StringBuffer();
b.append(cfg.getAuthFormsPath()).append("error.jsp");
resp.setStatus(500);
req.getRequestDispatcher(b.toString()).forward(req, resp);
}
}
}
Also used :
AuthInfo(com.tremolosecurity.proxy.auth.AuthInfo)
HttpSession(javax.servlet.http.HttpSession)
ArrayList(java.util.ArrayList)
RequestHolder(com.tremolosecurity.proxy.auth.RequestHolder)
AuthStep(com.tremolosecurity.proxy.auth.util.AuthStep)
AuthController(com.tremolosecurity.proxy.auth.AuthController)
ServletException(javax.servlet.ServletException)
SocketException(java.net.SocketException)
IOException(java.io.IOException)
ConnectionClosedException(org.apache.http.ConnectionClosedException)
UrlHolder(com.tremolosecurity.config.util.UrlHolder)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
ApplicationType(com.tremolosecurity.config.xml.ApplicationType)
AuthMechanism(com.tremolosecurity.proxy.auth.AuthMechanism)
LogoutHandler(com.tremolosecurity.proxy.logout.LogoutHandler)
AuthChainType(com.tremolosecurity.config.xml.AuthChainType)
Example 62 with AuthController
use of com.tremolosecurity.proxy.auth.AuthController in project OpenUnison by TremoloSecurity.
the class NextEmbSys method nextSys.
@Override
public void nextSys(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
ConfigManager cfg = this.cfgSys.getConfigManager();
switch(this.state) {
case Config:
this.state = SysState.Auth;
cfgSys.doConfig(request, response, this);
break;
case Auth:
if (request.getRequestURI().startsWith(cfg.getAuthFormsPath())) /*|| request.getRequestURI().startsWith(cfg.getAuthIdPPath() ) /*|| request.getRequestURI().startsWith("/auth/idp/")*/
{
// processesing the authentications, skip auth and az processing
this.state = SysState.Skip;
// System.out.println(request.getSession());
chain.doFilter(request, response);
} else {
this.state = SysState.Az;
auSys.doAuth(request, response, this);
}
break;
case Az:
this.state = SysState.AuthMgr;
azSys.doAz(request, response, this);
break;
case AuthMgr:
this.state = SysState.Fwd;
AuthController actl = (AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL);
if (actl != null) {
AuthStep curStep = actl.getCurrentStep();
if (curStep != null) {
curStep.setExecuted(true);
curStep.setSuccess(false);
}
authMgrSys.doAuthMgr(request, response, this, curStep);
} else {
authMgrSys.doAuthMgr(request, response, this, null);
}
break;
case Fwd:
if (this.passOn) {
if (request.getRequestURI().startsWith(cfg.getAuthPath()) || proxy == null) {
chain.doFilter(request, response);
} else {
if (((ProxyRequest) request).isPush()) {
proxy.doPush(request, response);
} else {
proxy.doURI(request, response);
}
/*
if (request.getMethod().equalsIgnoreCase("get")) {
proxy.doGet(request, response);
} else if (request.getMethod().equalsIgnoreCase("post")) {
proxy.doPost(request, response);
} else if (request.getMethod().equalsIgnoreCase("options")) {
proxy.doOptions(request, response);
} else if (request.getMethod().equalsIgnoreCase("delete")) {
proxy.doDelete(request, response);
} else if (request.getMethod().equalsIgnoreCase("put")) {
proxy.doPut(request, response);
} else {
throw new ServletException("Method not supported");
}*/
}
} else {
((ProxyRequest) request).copyQSParamsToFormParams();
fwd.doEmbResults(request, response, chain, this);
}
break;
default:
}
}
Also used :
AuthStep(com.tremolosecurity.proxy.auth.util.AuthStep)
ProxyRequest(com.tremolosecurity.proxy.ProxyRequest)
AuthController(com.tremolosecurity.proxy.auth.AuthController)
ConfigManager(com.tremolosecurity.config.util.ConfigManager)
Example 63 with AuthController
use of com.tremolosecurity.proxy.auth.AuthController in project OpenUnison by TremoloSecurity.
the class UnisonServletFilter method doFilter.
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = new LocalSessionRequest((HttpServletRequest) request);
HttpServletResponse resp = (HttpServletResponse) response;
ConfigManager cfg = (ConfigManager) ctx.getAttribute(ProxyConstants.TREMOLO_CONFIG);
SessionManager sessionMgr = (SessionManager) ctx.getAttribute(ProxyConstants.TREMOLO_SESSION_MANAGER);
ProxyRequest pr = null;
try {
pr = new ProxyRequest((HttpServletRequest) req);
} catch (Exception e1) {
logger.error("Unable to create request", e1);
throw new IOException("Could not create request");
}
try {
req.setAttribute(ProxyConstants.TREMOLO_FILTER_CHAIN, chain);
NextEmbSys embSys = new NextEmbSys(this.cfg.getServletContext(), chain, passOn);
/*System.err.println("*** Begin Request ****");
System.err.println("url = '" + ((HttpServletRequest)req).getRequestURL() + "'");
Cookie[] cookies = ((HttpServletRequest) req).getCookies();
if (cookies != null) {
for (Cookie cookie : cookies) {
System.err.println("'" + cookie.getName() + "'='" + cookie.getValue() + "'");
}
}
System.err.println("*** End Request ****");*/
String fwdProto = req.getHeader("X-Forwarded-Proto");
boolean toSSL = false;
if (cfg.isForceToSSL()) {
if (fwdProto != null) {
toSSL = fwdProto.equalsIgnoreCase("http");
} else {
toSSL = !req.getRequestURL().toString().toLowerCase().startsWith("https");
}
}
if (toSSL) {
StringBuffer redirURL = new StringBuffer();
URL reqURL = new URL(req.getRequestURL().toString());
redirURL.append("https://").append(reqURL.getHost());
if (cfg.getExternalSecurePort() != 443) {
redirURL.append(":").append(cfg.getSecurePort());
}
redirURL.append(reqURL.getPath());
if (reqURL.getQuery() != null) {
redirURL.append('?').append(reqURL.getQuery());
}
resp.sendRedirect(redirURL.toString());
return;
}
// add hsts
if (GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getApplications().isHsts()) {
StringBuffer sb = new StringBuffer();
sb.append("max-age=").append(GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getApplications().getHstsTTL()).append(" ; includeSubDomains");
resp.addHeader("Strict-Transport-Security", sb.toString());
}
req.setAttribute(ProxyConstants.TREMOLO_CFG_OBJ, cfg);
HttpServletRequest servReq = (HttpServletRequest) req;
String URL;
HttpSession sharedSession = null;
UrlHolder holder = null;
URL = servReq.getRequestURL().toString();
holder = cfg.findURL(URL);
boolean isForcedAuth = false;
RequestHolder reqHolder = null;
String sessionCookieName = req.getParameter("sessionCookie");
if (sessionCookieName == null) {
Cookie[] cookies = ((HttpServletRequest) req).getCookies();
if (cookies != null) {
for (int i = 0; i < cookies.length; i++) {
if (cookies[i].getName().equals("autoIdmSessionCookieName")) {
sessionCookieName = cookies[i].getValue();
}
}
}
}
if (sessionCookieName == null) {
} else {
}
if (holder == null) {
// check the session
sharedSession = sessionMgr.getSession(sessionCookieName, holder, ((HttpServletRequest) req), ((HttpServletResponse) resp), this.ctx);
if (sharedSession != null) {
AuthController actl = (AuthController) sharedSession.getAttribute(ProxyConstants.AUTH_CTL);
if (actl.getHolder() != null) {
URL = ((AuthController) sharedSession.getAttribute(ProxyConstants.AUTH_CTL)).getHolder().getURL();
holder = cfg.findURL(URL);
}
}
} else {
sharedSession = sessionMgr.getSession(holder, ((HttpServletRequest) req), ((HttpServletResponse) resp), this.ctx);
}
// LocalSessionRequest lsr = new LocalSessionRequest((HttpServletRequest)req,sharedSession);
if (sharedSession != null) {
pr.setSession(sharedSession);
}
if ((holder == null || holder.getUrl().getUri().equalsIgnoreCase("/")) && req.getRequestURI().startsWith(cfg.getAuthPath()) && sessionCookieName == null) {
// if (req.getRequestURI().startsWith("/auth/")) {
AuthMechanism authMech = cfg.getAuthMech(((HttpServletRequest) req).getRequestURI());
if (authMech != null) {
String finalURL = authMech.getFinalURL(pr, resp);
if (resp.getStatus() == 302) {
// redirect sent, stop processing
return;
}
if (finalURL != null) {
holder = cfg.findURL(finalURL);
if (holder != null) {
String urlChain = holder.getUrl().getAuthChain();
AuthChainType act = holder.getConfig().getAuthChains().get(urlChain);
HashMap<String, Attribute> params = new HashMap<String, Attribute>();
ProxyUtil.loadParams(req, params);
if (req instanceof ProxyRequest) {
reqHolder = new RequestHolder(HTTPMethod.GET, params, finalURL, true, act.getName(), ((ProxyRequest) req).getQueryStringParams());
} else {
reqHolder = new RequestHolder(HTTPMethod.GET, params, finalURL, true, act.getName(), ((com.tremolosecurity.embedd.LocalSessionRequest) req).getQueryStringParams());
}
isForcedAuth = true;
sharedSession = sessionMgr.getSession(holder, ((HttpServletRequest) req), ((HttpServletResponse) resp), this.ctx);
if (sharedSession != null) {
pr.setSession(sharedSession);
}
Cookie lsessionCookieName = new Cookie("autoIdmSessionCookieName", holder.getApp().getCookieConfig().getSessionCookieName());
String domain = ProxyTools.getInstance().getCookieDomain(holder.getApp().getCookieConfig(), req);
if (domain != null) {
lsessionCookieName.setDomain(domain);
}
lsessionCookieName.setPath("/");
lsessionCookieName.setMaxAge(-1);
lsessionCookieName.setSecure(false);
if ((holder.getApp() == null || holder.getApp().getCookieConfig() == null || holder.getApp().getCookieConfig() == null || holder.getApp().getCookieConfig().isCookiesEnabled() == null) || holder.getApp().getCookieConfig().isCookiesEnabled()) {
ProxyResponse.addCookieToResponse(holder, lsessionCookieName, (HttpServletResponse) response);
}
Cookie appCookieName = new Cookie("autoIdmAppName", URLEncoder.encode(holder.getApp().getName(), "UTF-8"));
if (domain != null) {
appCookieName.setDomain(domain);
}
appCookieName.setPath("/");
appCookieName.setMaxAge(-1);
appCookieName.setSecure(false);
if ((holder.getApp() == null || holder.getApp().getCookieConfig() == null || holder.getApp().getCookieConfig() == null || holder.getApp().getCookieConfig().isCookiesEnabled() == null) || holder.getApp().getCookieConfig().isCookiesEnabled()) {
ProxyResponse.addCookieToResponse(holder, appCookieName, (HttpServletResponse) response);
}
// resp.addCookie(appCookieName);
}
}
}
}
req.setAttribute(ProxyConstants.AUTOIDM_CFG, holder);
req.setAttribute(ProxyConstants.TREMOLO_IS_FORCED_AUTH, isForcedAuth);
req.setAttribute(ProxyConstants.TREMOLO_REQ_HOLDER, reqHolder);
if (!resp.isCommitted()) {
embSys.nextSys(pr, (HttpServletResponse) resp);
}
} catch (Exception e) {
req.setAttribute("TREMOLO_ERROR_REQUEST_URL", req.getRequestURL().toString());
req.setAttribute("TREMOLO_ERROR_EXCEPTION", e);
logger.error("Could not process request", e);
StringBuffer b = new StringBuffer();
b.append(cfg.getAuthFormsPath()).append("error.jsp");
req.getRequestDispatcher(b.toString()).forward(pr, resp);
}
}
Also used :
Attribute(com.tremolosecurity.saml.Attribute)
HashMap(java.util.HashMap)
NextEmbSys(com.tremolosecurity.embedd.NextEmbSys)
RequestHolder(com.tremolosecurity.proxy.auth.RequestHolder)
URL(java.net.URL)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
LocalSessionRequest(com.tremolosecurity.embedd.LocalSessionRequest)
UrlHolder(com.tremolosecurity.config.util.UrlHolder)
AuthMechanism(com.tremolosecurity.proxy.auth.AuthMechanism)
ProxyRequest(com.tremolosecurity.proxy.ProxyRequest)
AuthChainType(com.tremolosecurity.config.xml.AuthChainType)
Cookie(javax.servlet.http.Cookie)
SessionManager(com.tremolosecurity.proxy.SessionManager)
HttpSession(javax.servlet.http.HttpSession)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
IOException(java.io.IOException)
AuthController(com.tremolosecurity.proxy.auth.AuthController)
ConfigManager(com.tremolosecurity.config.util.ConfigManager)
ServletException(javax.servlet.ServletException)
IOException(java.io.IOException)
Example 64 with AuthController
use of com.tremolosecurity.proxy.auth.AuthController in project OpenUnison by TremoloSecurity.
the class SamlTransaction method completeFederation.
private void completeFederation(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException, MalformedURLException {
final SamlTransaction transaction = (SamlTransaction) request.getSession().getAttribute(Saml2Idp.TRANSACTION_DATA);
final AuthInfo authInfo = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
if (!authInfo.isAuthComplete()) {
logger.warn("Attempted completetd federation before autthentication is completeed, clearing authentication and redirecting to the original URL");
UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
request.getSession().removeAttribute(ProxyConstants.AUTH_CTL);
holder.getConfig().createAnonUser(request.getSession());
this.postErrorResponse(transaction, request, response, authInfo, holder);
return;
}
request.setAttribute(AzSys.FORCE, "true");
NextSys completeFed = new NextSys() {
@Override
public void nextSys(final HttpServletRequest request, final HttpServletResponse response) throws IOException, ServletException {
// System.out.println("Authorized!!!!");
final AuthInfo authInfo = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
HttpFilterRequest filterReq = new HttpFilterRequestImpl(request, null);
HttpFilterResponse filterResp = new HttpFilterResponseImpl(response);
PostProcess postProc = new PostProcess() {
@Override
public void postProcess(HttpFilterRequest req, HttpFilterResponse resp, UrlHolder holder, HttpFilterChain chain) throws Exception {
postResponse(transaction, request, response, authInfo, holder);
}
@Override
public boolean addHeader(String name) {
return false;
}
};
HttpFilterChain chain = new HttpFilterChainImpl(holder, postProc);
try {
chain.nextFilter(filterReq, filterResp, chain);
} catch (Exception e) {
throw new ServletException(e);
}
}
};
AzSys az = new AzSys();
az.doAz(request, response, completeFed);
}
Also used :
AuthInfo(com.tremolosecurity.proxy.auth.AuthInfo)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
NextSys(com.tremolosecurity.proxy.util.NextSys)
AuthController(com.tremolosecurity.proxy.auth.AuthController)
ServletException(javax.servlet.ServletException)
SignatureException(java.security.SignatureException)
UnmarshallingException(org.opensaml.core.xml.io.UnmarshallingException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
SAXException(org.xml.sax.SAXException)
InvalidKeyException(java.security.InvalidKeyException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
InitializationException(org.opensaml.core.config.InitializationException)
MalformedURLException(java.net.MalformedURLException)
IOException(java.io.IOException)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
UrlHolder(com.tremolosecurity.config.util.UrlHolder)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
HttpFilterResponse(com.tremolosecurity.proxy.filter.HttpFilterResponse)
ServletException(javax.servlet.ServletException)
PostProcess(com.tremolosecurity.proxy.filter.PostProcess)
HttpFilterRequestImpl(com.tremolosecurity.proxy.filter.HttpFilterRequestImpl)
HttpFilterResponseImpl(com.tremolosecurity.proxy.filter.HttpFilterResponseImpl)
AzSys(com.tremolosecurity.proxy.auth.AzSys)
HttpFilterChainImpl(com.tremolosecurity.proxy.filter.HttpFilterChainImpl)
HttpFilterChain(com.tremolosecurity.proxy.filter.HttpFilterChain)
HttpFilterRequest(com.tremolosecurity.proxy.filter.HttpFilterRequest)
Example 65 with AuthController
use of com.tremolosecurity.proxy.auth.AuthController in project OpenUnison by TremoloSecurity.
the class CompleteLogin method doFilter.
@Override
public void doFilter(HttpFilterRequest request, HttpFilterResponse response, HttpFilterChain chain) throws Exception {
RequestHolder reqHolder = (RequestHolder) request.getSession().getAttribute(LoginService.ORIG_REQ_HOLDER);
((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).setHolder(reqHolder);
StringBuffer redirURL;
ConfigManager cfg = (ConfigManager) request.getAttribute(ProxyConstants.TREMOLO_CFG_OBJ);
redirURL = cfg.getAuthManager().getGetRedirectURL(reqHolder);
/*
switch (reqHolder.getMethod()) {
case GET : redirURL = cfg.getAuthManager().getGetRedirectURL(reqHolder);
break;
case POST : redirURL = (new StringBuffer(cfg.getAuthFormsPath())).append("/postPreservation.jsp");
break;
default : redirURL = new StringBuffer(reqHolder.getURL());
}*/
response.sendRedirect(redirURL.toString());
chain.setNoProxy(true);
}
Also used :
RequestHolder(com.tremolosecurity.proxy.auth.RequestHolder)
AuthController(com.tremolosecurity.proxy.auth.AuthController)
ConfigManager(com.tremolosecurity.config.util.ConfigManager)
Aggregations
AuthController (com.tremolosecurity.proxy.auth.AuthController)76
AuthInfo (com.tremolosecurity.proxy.auth.AuthInfo)59
Attribute (com.tremolosecurity.saml.Attribute)45
ServletException (javax.servlet.ServletException)28
HttpSession (javax.servlet.http.HttpSession)28
UrlHolder (com.tremolosecurity.config.util.UrlHolder)26
HashMap (java.util.HashMap)25
IOException (java.io.IOException)24
LDAPAttribute (com.novell.ldap.LDAPAttribute)21
LDAPException (com.novell.ldap.LDAPException)19
AuthChainType (com.tremolosecurity.config.xml.AuthChainType)19
Gson (com.google.gson.Gson)18
RequestHolder (com.tremolosecurity.proxy.auth.RequestHolder)17
HttpServletRequest (javax.servlet.http.HttpServletRequest)15
LDAPSearchResults (com.novell.ldap.LDAPSearchResults)14
ConfigManager (com.tremolosecurity.config.util.ConfigManager)14
ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)12
MalformedURLException (java.net.MalformedURLException)12
ArrayList (java.util.ArrayList)12
LDAPEntry (com.novell.ldap.LDAPEntry)11
