Example 11 with AuthController
use of com.tremolosecurity.proxy.auth.AuthController in project OpenUnison by TremoloSecurity.
the class UserToJSON method doFilter.
@Override
public void doFilter(HttpFilterRequest request, HttpFilterResponse response, HttpFilterChain chain) throws Exception {
HttpSession session = request.getSession();
AuthController actl = (AuthController) session.getAttribute(ProxyConstants.AUTH_CTL);
if (actl == null) {
throw new Exception("No authentication");
}
if (actl.getAuthInfo() != null) {
AuthInfo authInfo = actl.getAuthInfo();
if (authInfo.getAttribs().containsKey("UserJSON")) {
authInfo.getAttribs().remove("UserJSON");
}
Gson gson = new Gson();
String ret = gson.toJson(authInfo);
if (doProxy) {
chain.setNoProxy(false);
authInfo.getAttribs().put("UserJSON", new Attribute("UserJSON", ret));
chain.nextFilter(request, response, chain);
} else {
response.addHeader("UserJSON", ret);
chain.setNoProxy(true);
}
}
}
Also used :
AuthInfo(com.tremolosecurity.proxy.auth.AuthInfo)
Attribute(com.tremolosecurity.saml.Attribute)
HttpSession(javax.servlet.http.HttpSession)
Gson(com.google.gson.Gson)
AuthController(com.tremolosecurity.proxy.auth.AuthController)
Example 12 with AuthController
use of com.tremolosecurity.proxy.auth.AuthController in project OpenUnison by TremoloSecurity.
the class LastMile method doFilter.
@Override
public void doFilter(HttpFilterRequest request, HttpFilterResponse response, HttpFilterChain chain) throws Exception {
DateTime notBefore = new DateTime();
notBefore = notBefore.minusSeconds(timeScew);
DateTime notAfter = new DateTime();
notAfter = notAfter.plusSeconds(timeScew);
AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
com.tremolosecurity.lastmile.LastMile lastmile = new com.tremolosecurity.lastmile.LastMile(request.getRequestURI(), notBefore, notAfter, userData.getAuthLevel(), userData.getAuthChain());
Iterator<String> it = this.headers.keySet().iterator();
while (it.hasNext()) {
String fromUser = it.next();
String toApp = this.headers.get(fromUser);
Attribute attrib = userData.getAttribs().get(fromUser);
request.removeHeader(toApp);
if (logger.isDebugEnabled()) {
logger.debug("Header to add : " + fromUser);
}
if (attrib != null) {
if (logger.isDebugEnabled()) {
logger.debug("Attribute " + fromUser + "='" + attrib.getValues() + "' for " + userData.getUserDN());
}
Attribute toAppAttrib = new Attribute(toApp);
toAppAttrib.getValues().addAll(attrib.getValues());
lastmile.getAttributes().add(toAppAttrib);
} else {
if (logger.isDebugEnabled()) {
logger.debug("Attribute " + fromUser + " is not available for " + userData.getUserDN());
}
}
}
String encryptedXML = lastmile.generateLastMileToken(encKey);
if (this.headerPrefix != null && !this.headerPrefix.isEmpty()) {
StringBuffer b = new StringBuffer();
b.append(this.headerPrefix).append(' ').append(encryptedXML);
encryptedXML = b.toString();
}
request.addHeader(new Attribute(this.headerName, encryptedXML));
// response.addHeader(this.headerName, requestKey.getEncrypted());
chain.nextFilter(request, response, chain);
}
Also used :
AuthInfo(com.tremolosecurity.proxy.auth.AuthInfo)
Attribute(com.tremolosecurity.saml.Attribute)
AuthController(com.tremolosecurity.proxy.auth.AuthController)
DateTime(org.joda.time.DateTime)
Example 13 with AuthController
use of com.tremolosecurity.proxy.auth.AuthController in project OpenUnison by TremoloSecurity.
the class LastMileJSON method doFilter.
@Override
public void doFilter(HttpFilterRequest request, HttpFilterResponse response, HttpFilterChain chain) throws Exception {
chain.setNoProxy(true);
ConfigManager cfgMgr = (ConfigManager) request.getAttribute(ProxyConstants.TREMOLO_CFG_OBJ);
PrintWriter out = response.getWriter();
out.println("<html><head>");
out.println("<script type=\"text/javascript\">");
out.println(" function onBodyLoad() {");
out.println(" var element = document.getElementById(\"json\");");
// out.println(" alert(element.innerHTML);");
out.println(" window.javascriptAccessor.setJSON(element.innerHTML);");
out.println(" }");
out.println("</script></head><body onload=\"onBodyLoad()\">");
out.print("<div id=\"json\">");
DateTime notBefore = new DateTime().minusSeconds(secondsScew);
DateTime notAfter = new DateTime().plusSeconds(secondsToLive);
AuthController actl = (AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL);
com.tremolosecurity.lastmile.LastMile lmreq = new com.tremolosecurity.lastmile.LastMile(request.getRequestURI(), notBefore, notAfter, 1, "chainName");
lmreq.getAttributes().add(new Attribute("dn", actl.getAuthInfo().getUserDN()));
AccessTokenResponse resp = new AccessTokenResponse();
resp.setAccess_token(lmreq.generateLastMileToken(cfgMgr.getSecretKey(encKeyAlias)));
resp.setToken_type("bearer");
resp.setExpires_in(this.secondsToLive);
Gson gson = new Gson();
out.print(gson.toJson(resp));
out.print("</div></body></html>");
}
Also used :
Attribute(com.tremolosecurity.saml.Attribute)
Gson(com.google.gson.Gson)
AuthController(com.tremolosecurity.proxy.auth.AuthController)
AccessTokenResponse(com.tremolosecurity.proxy.auth.oauth2.AccessTokenResponse)
ConfigManager(com.tremolosecurity.config.util.ConfigManager)
DateTime(org.joda.time.DateTime)
PrintWriter(java.io.PrintWriter)
Example 14 with AuthController
use of com.tremolosecurity.proxy.auth.AuthController in project OpenUnison by TremoloSecurity.
the class AnonAz method doFilter.
@Override
public void doFilter(HttpFilterRequest request, HttpFilterResponse response, HttpFilterChain chain) throws Exception {
// SharedSession.getSharedSession().getSession(req.getSession().getId());
HttpSession session = request.getSession();
AuthController actl = (AuthController) session.getAttribute(ProxyConstants.AUTH_CTL);
if (actl == null) {
actl = new AuthController();
session.setAttribute(ProxyConstants.AUTH_CTL, actl);
}
if (actl.getAuthInfo() == null) {
AuthInfo authInfo = new AuthInfo(this.rdn, (String) session.getAttribute(ProxyConstants.AUTH_MECH_NAME), "anonymous", 0);
((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).setAuthInfo(authInfo);
authInfo.getAttribs().put(this.uidAttr, new Attribute(this.uidAttr, this.uidVal));
authInfo.getAttribs().put("objectClass", new Attribute("objectClass", GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getUserObjectClass()));
actl.setAuthInfo(authInfo);
}
chain.nextFilter(request, response, chain);
}
Also used :
AuthInfo(com.tremolosecurity.proxy.auth.AuthInfo)
Attribute(com.tremolosecurity.saml.Attribute)
HttpSession(javax.servlet.http.HttpSession)
AuthController(com.tremolosecurity.proxy.auth.AuthController)
Example 15 with AuthController
use of com.tremolosecurity.proxy.auth.AuthController in project OpenUnison by TremoloSecurity.
the class AzFilter method doFilter.
@Override
public void doFilter(HttpFilterRequest request, HttpFilterResponse response, HttpFilterChain chain) throws Exception {
HttpSession session = request.getSession();
AuthInfo authData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
List<AzRuleType> rules = holder.getUrl().getAzRules().getRule();
boolean OK = az.checkRules(authData, holder.getConfig(), holder.getAzRules(), null);
if (OK) {
String respGroup = az.getResponseSuccessGroup(holder);
AccessLog.log(AccessEvent.AzSuccess, holder.getApp(), request.getServletRequest(), authData, respGroup != null ? respGroup : "NONE");
if (respGroup != null) {
az.processRequestResult(request.getServletRequest(), response.getServletResponse(), holder.getConfig().getResultGroup(respGroup), authData);
}
chain.nextFilter(request, response, chain);
if (respGroup != null) {
az.proccessResponseResult(request.getServletRequest(), response.getServletResponse(), holder.getConfig().getResultGroup(respGroup), false, authData, holder.getApp().getCookieConfig());
}
} else {
String respGroup = az.getResponseFailGroup(holder);
AccessLog.log(AccessEvent.AzFail, holder.getApp(), request.getServletRequest(), authData, respGroup != null ? respGroup : "NONE");
if (respGroup != null) {
az.proccessResponseResult(request.getServletRequest(), response.getServletResponse(), holder.getConfig().getResultGroup(respGroup), true, authData, holder.getApp().getCookieConfig());
} else {
((HttpServletResponse) response).sendError(401);
}
}
}
Also used :
UrlHolder(com.tremolosecurity.config.util.UrlHolder)
AzRuleType(com.tremolosecurity.config.xml.AzRuleType)
AuthInfo(com.tremolosecurity.proxy.auth.AuthInfo)
HttpSession(javax.servlet.http.HttpSession)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
AuthController(com.tremolosecurity.proxy.auth.AuthController)
Aggregations
AuthController (com.tremolosecurity.proxy.auth.AuthController)76
AuthInfo (com.tremolosecurity.proxy.auth.AuthInfo)59
Attribute (com.tremolosecurity.saml.Attribute)45
ServletException (javax.servlet.ServletException)28
HttpSession (javax.servlet.http.HttpSession)28
UrlHolder (com.tremolosecurity.config.util.UrlHolder)26
HashMap (java.util.HashMap)25
IOException (java.io.IOException)24
LDAPAttribute (com.novell.ldap.LDAPAttribute)21
LDAPException (com.novell.ldap.LDAPException)19
AuthChainType (com.tremolosecurity.config.xml.AuthChainType)19
Gson (com.google.gson.Gson)18
RequestHolder (com.tremolosecurity.proxy.auth.RequestHolder)17
HttpServletRequest (javax.servlet.http.HttpServletRequest)15
LDAPSearchResults (com.novell.ldap.LDAPSearchResults)14
ConfigManager (com.tremolosecurity.config.util.ConfigManager)14
ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)12
MalformedURLException (java.net.MalformedURLException)12
ArrayList (java.util.ArrayList)12
LDAPEntry (com.novell.ldap.LDAPEntry)11
