Search in sources :

Example 1 with TokenDescriptor

use of netegrity.siteminder.javaagent.TokenDescriptor in project OpenAM by OpenRock.

the class SMAuthModule method process.

/**
     * This method process the login procedure for this authentication
     * module. In this auth module, if the user chooses to just validate
     * the HTTP headers set by the siteminder agent, this will not further
     * validate the SMSESSION by the siteminder SDK since the same thing
     * might have already been validated by the agent.
     */
public int process(Callback[] callbacks, int state) throws AuthLoginException {
    HttpServletRequest request = getHttpServletRequest();
    if (configuredHTTPHeaders != null) {
        request.setAttribute("SM-HTTPHeaders", configuredHTTPHeaders);
    }
    if (checkRemoteUserOnly) {
        Enumeration headers = request.getHeaderNames();
        while (headers.hasMoreElements()) {
            String headerName = (String) headers.nextElement();
            if (headerName.equals(remoteUserHeader)) {
                userId = request.getHeader(headerName);
            }
        }
        if (userId == null) {
            throw new AuthLoginException("No remote user header found");
        }
        return ISAuthConstants.LOGIN_SUCCEED;
    }
    Cookie[] cookies = request.getCookies();
    String SMCookie = null;
    String principal = null;
    boolean cookieFound = false;
    for (int i = 0; i < cookies.length; i++) {
        Cookie cookie = cookies[i];
        if (cookie.getName().equals("SMSESSION")) {
            cookieFound = true;
            String value = cookie.getValue();
            System.out.println("cookie value" + value);
            //value = java.net.URLEncoder.encode(value);
            value = value.replaceAll(" ", "+");
            value = value.replaceAll("%3D", "=");
            System.out.println("cookie value afer replacing: " + value);
            InitDef id = new InitDef(hostName, sharedSecret, true, new ServerDef());
            id.addServerDef(policyServerIP, connectionMin, connectionMin, connectionStep, timeout, authorizationPort, authenticationPort, authorizationPort);
            AgentAPI agentAPI = new AgentAPI();
            int initStat = agentAPI.init(id);
            if (initStat == AgentAPI.SUCCESS) {
                System.out.println("Agent API init succeeded");
            }
            int version = 0;
            boolean thirdParty = false;
            TokenDescriptor td = new TokenDescriptor(version, thirdParty);
            AttributeList al = new AttributeList();
            StringBuffer token = new StringBuffer();
            int status = agentAPI.decodeSSOToken(value, td, al, true, token);
            if (status == AgentAPI.FAILURE) {
                System.out.println("SM session decode failed");
                throw new AuthLoginException("SMSession decode failed");
            } else {
                Enumeration attributes = al.attributes();
                while (attributes.hasMoreElements()) {
                    Attribute attr = (Attribute) attributes.nextElement();
                    int attrId = attr.id;
                    // debugging
                    System.out.println("Attribute Id: " + attrId);
                    String attrValue = XMLUtils.removeNullCharAtEnd(new String(attr.value));
                    System.out.println("Attribute value: " + attrValue);
                    if (attrId == AgentAPI.ATTR_USERDN)
                        userId = attrValue;
                }
            }
        }
    }
    return ISAuthConstants.LOGIN_SUCCEED;
}
Also used : Cookie(javax.servlet.http.Cookie) Enumeration(java.util.Enumeration) Attribute(netegrity.siteminder.javaagent.Attribute) AttributeList(netegrity.siteminder.javaagent.AttributeList) AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException) InitDef(netegrity.siteminder.javaagent.InitDef) ServerDef(netegrity.siteminder.javaagent.ServerDef) HttpServletRequest(javax.servlet.http.HttpServletRequest) TokenDescriptor(netegrity.siteminder.javaagent.TokenDescriptor) AgentAPI(netegrity.siteminder.javaagent.AgentAPI)

Aggregations

AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)1 Enumeration (java.util.Enumeration)1 Cookie (javax.servlet.http.Cookie)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 AgentAPI (netegrity.siteminder.javaagent.AgentAPI)1 Attribute (netegrity.siteminder.javaagent.Attribute)1 AttributeList (netegrity.siteminder.javaagent.AttributeList)1 InitDef (netegrity.siteminder.javaagent.InitDef)1 ServerDef (netegrity.siteminder.javaagent.ServerDef)1 TokenDescriptor (netegrity.siteminder.javaagent.TokenDescriptor)1