Example 1 with RemoteHttpServletRequest
use of org.forgerock.openam.authentication.service.protocol.RemoteHttpServletRequest in project OpenAM by OpenRock.
the class AuthContext method runRemoteLogin.
private void runRemoteLogin(IndexType indexType, String indexName, String[] params, Map envMap, String locale, HttpServletRequest req, HttpServletResponse res) throws AuthLoginException {
try {
String xmlString;
// remote auth
StringBuilder request = new StringBuilder(100);
String authHandle = getAuthHandle();
if (ssoTokenID != null && "0".equals(authHandle)) {
if (authDebug.messageEnabled()) {
authDebug.message("AuthContext.runRemoteLogin: Found SSOTokenID " + ssoTokenID);
}
authHandle = ssoTokenID;
}
request.append(MessageFormat.format(AuthXMLTags.XML_REQUEST_PREFIX, authHandle));
if (appSSOToken != null) {
request.append(AuthXMLTags.APPSSOTOKEN_BEGIN);
request.append(appSSOToken.getTokenID().toString());
request.append(AuthXMLTags.APPSSOTOKEN_END);
}
request.append(AuthXMLTags.LOGIN_BEGIN);
if (!useOldStyleRemoteAuthentication) {
request.append(AuthXMLTags.SPACE).append(AuthXMLTags.ORG_NAME_ATTR).append(AuthXMLTags.EQUAL).append(AuthXMLTags.QUOTE).append(XMLUtils.escapeSpecialCharacters(organizationName)).append(AuthXMLTags.QUOTE);
if (hostName != null) {
request.append(AuthXMLTags.SPACE).append(AuthXMLTags.HOST_NAME_ATTR).append(AuthXMLTags.EQUAL).append(AuthXMLTags.QUOTE).append(XMLUtils.escapeSpecialCharacters(hostName)).append(AuthXMLTags.QUOTE);
}
if (locale != null && !locale.isEmpty()) {
request.append(AuthXMLTags.SPACE).append(AuthXMLTags.LOCALE).append(AuthXMLTags.EQUAL).append(AuthXMLTags.QUOTE).append(XMLUtils.escapeSpecialCharacters(locale)).append(AuthXMLTags.QUOTE);
}
if (forceAuth) {
request.append(AuthXMLTags.SPACE).append(AuthXMLTags.FORCE_AUTH_ATTR).append(AuthXMLTags.EQUAL).append(AuthXMLTags.QUOTE).append("true").append(AuthXMLTags.QUOTE);
}
}
request.append(AuthXMLTags.ELEMENT_END);
if (indexType != null) {
request.append(AuthXMLTags.INDEX_TYPE_PAIR_BEGIN).append(AuthXMLTags.SPACE).append(AuthXMLTags.INDEX_TYPE).append(AuthXMLTags.EQUAL).append(AuthXMLTags.QUOTE);
if (indexType == IndexType.USER) {
request.append(AuthXMLTags.INDEX_TYPE_USER_ATTR);
} else if (indexType == IndexType.ROLE) {
request.append(AuthXMLTags.INDEX_TYPE_ROLE_ATTR);
} else if (indexType == IndexType.SERVICE) {
request.append(AuthXMLTags.INDEX_TYPE_SVC_ATTR);
} else if (indexType == IndexType.MODULE_INSTANCE) {
request.append(AuthXMLTags.INDEX_TYPE_MODULE_ATTR);
} else if (indexType == IndexType.LEVEL) {
request.append(AuthXMLTags.INDEX_TYPE_LEVEL_ATTR);
} else if (indexType == IndexType.COMPOSITE_ADVICE) {
request.append(AuthXMLTags.INDEX_TYPE_COMPOSITE_ADVICE_ATTR);
} else if (indexType == IndexType.RESOURCE) {
request.append(AuthXMLTags.INDEX_TYPE_RESOURCE);
}
request.append(AuthXMLTags.QUOTE).append(AuthXMLTags.ELEMENT_END).append(AuthXMLTags.INDEX_NAME_BEGIN).append(XMLUtils.escapeSpecialCharacters(indexName)).append(AuthXMLTags.INDEX_NAME_END).append(AuthXMLTags.INDEX_TYPE_PAIR_END);
}
if (locale != null && locale.length() > 0) {
request.append(AuthXMLTags.LOCALE_BEGIN);
request.append(XMLUtils.escapeSpecialCharacters(locale));
request.append(AuthXMLTags.LOCALE_END);
}
if (params != null) {
StringBuilder paramString = new StringBuilder();
for (int i = 0; i < params.length; i++) {
if (i != 0) {
paramString.append(ISAuthConstants.PIPE_SEPARATOR);
}
paramString.append(XMLUtils.escapeSpecialCharacters(params[i]));
}
request.append(AuthXMLTags.PARAMS_BEGIN).append(paramString.toString()).append(AuthXMLTags.PARAMS_END);
}
if (envMap != null && !envMap.isEmpty()) {
StringBuilder envString = new StringBuilder();
for (Map.Entry<String, Set<String>> entry : ((Map<String, Set<String>>) envMap).entrySet()) {
// convert Map to XMLString as follows:
// <EnvValue>keyname|value1|value2|...</EnvValue>
String keyName = entry.getKey();
Set<String> values = entry.getValue();
if (values != null && !values.isEmpty()) {
envString.append(AuthXMLTags.ENV_AV_BEGIN).append(AuthClientUtils.escapePipe(XMLUtils.escapeSpecialCharacters(keyName)));
for (String value : values) {
envString.append(ISAuthConstants.PIPE_SEPARATOR).append(AuthClientUtils.escapePipe(XMLUtils.escapeSpecialCharacters(value)));
}
envString.append(AuthXMLTags.ENV_AV_END);
}
}
request.append(AuthXMLTags.ENV_BEGIN).append(envString.toString()).append(AuthXMLTags.ENV_END);
}
request.append(AuthXMLTags.LOGIN_END);
if (includeReqRes) {
request.append(AuthXMLTags.REMOTE_REQUEST_RESPONSE_START).append(AuthXMLTags.HTTP_SERVLET_REQUEST_START);
String encObj = "";
if (req != null) {
try {
encObj = AuthXMLUtils.serializeToString(new RemoteHttpServletRequest(req));
} catch (IOException ioe) {
authDebug.error("AuthXMLUtils::runRemoteLogin Unable to serailize http request", ioe);
}
if (authDebug.messageEnabled()) {
authDebug.message("req=" + new RemoteHttpServletRequest(req).toString());
}
request.append(encObj);
}
request.append(AuthXMLTags.HTTP_SERVLET_REQUEST_END);
request.append(AuthXMLTags.HTTP_SERVLET_RESPONSE_START);
if (res != null) {
encObj = "";
try {
encObj = AuthXMLUtils.serializeToString(new RemoteHttpServletResponse(res));
} catch (IOException ioe) {
authDebug.error("AuthXMLUtils::runRemoteLogin Unable to serailize http response", ioe);
}
if (authDebug.messageEnabled()) {
authDebug.message("res=" + res);
}
request.append(encObj);
}
request.append(AuthXMLTags.HTTP_SERVLET_RESPONSE_END).append(AuthXMLTags.REMOTE_REQUEST_RESPONSE_END);
} else {
if (authDebug.messageEnabled()) {
authDebug.message("Not including req/res " + includeReqRes);
}
}
request.append(AuthXMLTags.XML_REQUEST_SUFFIX);
xmlString = request.toString();
// process the request, which will check for exceptions
// and also get the authentication handle ID
receivedDocument = processRequest(xmlString);
// Check set the login status
checkAndSetLoginStatus();
// if the app token was refreshed, retry remote login
if (loginException != null && loginException.getErrorCode().equals(AMAuthErrorCode.REMOTE_AUTH_INVALID_SSO_TOKEN) && retryRunLogin > 0) {
retryRunLogin--;
if (authDebug.messageEnabled()) {
authDebug.message("Run remote login failed due to expired app token, retying");
}
// reset as we are starting again
loginStatus = Status.IN_PROGRESS;
runRemoteLogin(indexType, indexName, params, envMap, locale, req, res);
}
} catch (AuthLoginException le) {
// Login has failed
loginStatus = Status.FAILED;
loginException = le;
}
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
RequestSet(com.iplanet.services.comm.share.RequestSet)
RemoteHttpServletResponse(org.forgerock.openam.authentication.service.protocol.RemoteHttpServletResponse)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
IOException(java.io.IOException)
RemoteHttpServletRequest(org.forgerock.openam.authentication.service.protocol.RemoteHttpServletRequest)
Map(java.util.Map)
HashMap(java.util.HashMap)
Aggregations
RequestSet (com.iplanet.services.comm.share.RequestSet)1
AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)1
IOException (java.io.IOException)1
HashMap (java.util.HashMap)1
HashSet (java.util.HashSet)1
Map (java.util.Map)1
Set (java.util.Set)1
RemoteHttpServletRequest (org.forgerock.openam.authentication.service.protocol.RemoteHttpServletRequest)1
RemoteHttpServletResponse (org.forgerock.openam.authentication.service.protocol.RemoteHttpServletResponse)1
