Example 1 with SSOAuthenticator
use of com.zimbra.cs.service.authenticator.SSOAuthenticator in project zm-mailbox by Zimbra.
the class CertAuthServlet method doGet.
@Override
public void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
ZimbraLog.clearContext();
addRemoteIpToLoggingContext(req);
addUAToLoggingContext(req);
String url = req.getRequestURI();
Matcher matcher = allowedUrl.matcher(url);
boolean isAdminRequest = false;
if (!matcher.matches()) {
String msg = "resource not allowed on the certauth servlet: " + url;
ZimbraLog.account.error(msg);
sendback403Message(req, resp, msg);
return;
} else {
if (matcher.groupCount() > 3 && "admin".equals(matcher.group(3))) {
isAdminRequest = true;
}
}
try {
SSOAuthenticator authenticator = new ClientCertAuthenticator(req, resp);
ZimbraPrincipal principal = null;
principal = authenticator.authenticate();
AuthToken authToken = authorize(req, AuthContext.Protocol.client_certificate, principal, isAdminRequest);
setAuthTokenCookieAndRedirect(req, resp, principal.getAccount(), authToken);
return;
} catch (ServiceException e) {
String reason = "";
if (e instanceof AuthFailedServiceException) {
reason = ((AuthFailedServiceException) e).getReason(", %s");
}
ZimbraLog.account.debug("client certificate auth failed: " + e.getMessage() + reason, e);
dispatchOnError(req, resp, isAdminRequest, e.getMessage());
}
}
Also used :
ClientCertAuthenticator(com.zimbra.cs.service.authenticator.ClientCertAuthenticator)
AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)
ServiceException(com.zimbra.common.service.ServiceException)
SSOAuthenticatorServiceException(com.zimbra.cs.service.authenticator.SSOAuthenticator.SSOAuthenticatorServiceException)
AuthFailedServiceException(com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)
Matcher(java.util.regex.Matcher)
SSOAuthenticator(com.zimbra.cs.service.authenticator.SSOAuthenticator)
ZimbraPrincipal(com.zimbra.cs.service.authenticator.SSOAuthenticator.ZimbraPrincipal)
AuthToken(com.zimbra.cs.account.AuthToken)
Example 2 with SSOAuthenticator
use of com.zimbra.cs.service.authenticator.SSOAuthenticator in project zm-mailbox by Zimbra.
the class SpnegoFilter method authenticate.
private void authenticate(HttpServletRequest req, HttpServletResponse resp) throws ServiceException {
if (spnegoUserRealm == null) {
throw ServiceException.FAILURE("no spnego user realm", null);
}
SSOAuthenticator authenticator = new SpnegoAuthenticator(req, resp, spnegoUserRealm, error401Page);
authenticator.authenticate();
}
Also used :
SSOAuthenticator(com.zimbra.cs.service.authenticator.SSOAuthenticator)
SpnegoAuthenticator(com.zimbra.cs.service.authenticator.SpnegoAuthenticator)
Aggregations
SSOAuthenticator (com.zimbra.cs.service.authenticator.SSOAuthenticator)2
ServiceException (com.zimbra.common.service.ServiceException)1
AuthFailedServiceException (com.zimbra.cs.account.AccountServiceException.AuthFailedServiceException)1
AuthToken (com.zimbra.cs.account.AuthToken)1
ClientCertAuthenticator (com.zimbra.cs.service.authenticator.ClientCertAuthenticator)1
SSOAuthenticatorServiceException (com.zimbra.cs.service.authenticator.SSOAuthenticator.SSOAuthenticatorServiceException)1
ZimbraPrincipal (com.zimbra.cs.service.authenticator.SSOAuthenticator.ZimbraPrincipal)1
SpnegoAuthenticator (com.zimbra.cs.service.authenticator.SpnegoAuthenticator)1
Matcher (java.util.regex.Matcher)1
