* This library is free software; you can redistribute it and/or modify it under * the terms of the GNU Lesser General Public License as published by the Free * Software Foundation; either version 2.1 of the License, or (at your option) * any later version. - * + *
* This library is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more @@ -29,63 +29,66 @@ * * @author Michael C. Han */ -@ExtendedObjectClassDefinition(category = "sso") +@ExtendedObjectClassDefinition( + scope = ExtendedObjectClassDefinition.Scope.COMPANY, + category = "sso" +) @Meta.OCD( - id = "com.liferay.portal.security.sso.cas.configuration.CASConfiguration", - localization = "content/Language", name = "cas-configuration-name" + id = "com.liferay.portal.security.sso.cas.configuration.CASConfiguration", + localization = "content/Language", name = "cas-configuration-name" ) public interface CASConfiguration { - @Meta.AD( - deflt = "false", description = "enabled-help[cas]", name = "enabled", - required = false - ) - public boolean enabled(); + @Meta.AD( + deflt = "false", description = "enabled-help[cas]", name = "enabled", + required = false + ) + public boolean enabled(); - @Meta.AD( - deflt = "false", - description = "a-user-may-be-authenticated-by-cas-and-not-yet-exist-in-the-portal", - name = "import-from-ldap", required = false - ) - public boolean importFromLDAP(); + @Meta.AD( + deflt = "false", + description = "a-user-may-be-authenticated-by-cas-and-not-yet-exist-in-the-portal", + name = "import-from-ldap", required = false + ) + public boolean importFromLDAP(); - @Meta.AD( - deflt = "https://localhost:8443/cas-web/login", name = "login-url", - required = false - ) - public String loginURL(); + @Meta.AD( + deflt = "https://localhost:8443/cas-web/login", name = "login-url", + required = false + ) + public String loginURL(); - @Meta.AD( - deflt = "false", description = "logout-on-session-expiration-help", - name = "logout-on-session-expiration", required = false - ) - public boolean logoutOnSessionExpiration(); + @Meta.AD( + deflt = "false", description = "logout-on-session-expiration-help", + name = "logout-on-session-expiration", required = false + ) + public boolean logoutOnSessionExpiration(); - @Meta.AD( - deflt = "https://localhost:8443/cas-web/logout", name = "logout-url", - required = false - ) - public String logoutURL(); + @Meta.AD( + deflt = "https://localhost:8443/cas-web/logout", name = "logout-url", + required = false + ) + public String logoutURL(); - @Meta.AD( - deflt = "http://localhost:8080", description = "server-name-help", - name = "server-name", required = false - ) - public String serverName(); + @Meta.AD( + deflt = "http://localhost:8080", description = "server-name-help", + name = "server-name", required = false + ) + public String serverName(); - @Meta.AD( - deflt = "https://localhost:8443/cas-web", name = "server-url", - required = false - ) - public String serverURL(); + @Meta.AD( + deflt = "https://localhost:8443/cas-web", name = "server-url", + required = false + ) + public String serverURL(); - @Meta.AD(name = "service-url", required = false) - public String serviceURL(); + @Meta.AD(name = "service-url", required = false) + public String serviceURL(); - @Meta.AD( - deflt = "http://localhost:8080", name = "no-such-user-redirect-url", - required = false - ) - public String noSuchUserRedirectURL(); + @Meta.AD( + deflt = "http://localhost:8080", name = "no-such-user-redirect-url", + required = false + ) + public String noSuchUserRedirectURL(); -} \ No newline at end of file +} diff --git a/modules/portal-security-sso-cas-impl/src/main/java/com/liferay/portal/security/sso/cas/internal/SSOImpl.java b/modules/portal-security-sso-cas-impl/src/main/java/com/liferay/portal/security/sso/cas/internal/SSOImpl.java index 0a6af7d..b941414 100644 --- a/modules/portal-security-sso-cas-impl/src/main/java/com/liferay/portal/security/sso/cas/internal/SSOImpl.java +++ b/modules/portal-security-sso-cas-impl/src/main/java/com/liferay/portal/security/sso/cas/internal/SSOImpl.java @@ -1,11 +1,11 @@ /** * Copyright (c) 2000-present Liferay, Inc. All rights reserved. - * + *
* This library is free software; you can redistribute it and/or modify it under * the terms of the GNU Lesser General Public License as published by the Free * Software Foundation; either version 2.1 of the License, or (at your option) * any later version. - * + *
* This library is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more @@ -19,10 +19,7 @@ import com.liferay.portal.kernel.log.LogFactoryUtil; import com.liferay.portal.kernel.module.configuration.ConfigurationException; import com.liferay.portal.kernel.security.sso.SSO; -import com.liferay.portal.kernel.settings.CompanyServiceSettingsLocator; import com.liferay.portal.security.sso.cas.configuration.CASConfiguration; -import com.liferay.portal.security.sso.cas.constants.CASConstants; - import org.osgi.service.component.annotations.Component; import org.osgi.service.component.annotations.Reference; @@ -33,74 +30,71 @@ * @author Michael C. Han */ @Component( - configurationPid = "com.liferay.portal.security.sso.cas.configuration.CASConfiguration", - immediate = true, service = SSO.class + configurationPid = "com.liferay.portal.security.sso.cas.configuration.CASConfiguration", + immediate = true, service = SSO.class ) public class SSOImpl implements SSO { - @Override - public String getSessionExpirationRedirectUrl(long companyId) { - CASConfiguration casConfiguration = _getCASConfiguration(companyId); + @Override + public String getSessionExpirationRedirectUrl(long companyId) { + CASConfiguration casConfiguration = _getCASConfiguration(companyId); - if (casConfiguration.logoutOnSessionExpiration()) { - return casConfiguration.logoutURL(); - } + if (casConfiguration.logoutOnSessionExpiration()) { + return casConfiguration.logoutURL(); + } - return null; - } + return null; + } - @Override - public String getSignInURL(long companyId, String defaultSigninURL) { - return defaultSigninURL; - } + @Override + public String getSignInURL(long companyId, String defaultSigninURL) { + return defaultSigninURL; + } - @Override - public boolean isLoginRedirectRequired(long companyId) { - return _isCASAuthEnabled(companyId); - } + @Override + public boolean isLoginRedirectRequired(long companyId) { + return _isCASAuthEnabled(companyId); + } - @Override - public boolean isRedirectRequired(long companyId) { - return _isCASAuthEnabled(companyId); - } + @Override + public boolean isRedirectRequired(long companyId) { + return _isCASAuthEnabled(companyId); + } - @Override - public boolean isSessionRedirectOnExpire(long companyId) { - CASConfiguration casConfiguration = _getCASConfiguration(companyId); + @Override + public boolean isSessionRedirectOnExpire(long companyId) { + CASConfiguration casConfiguration = _getCASConfiguration(companyId); - return casConfiguration.logoutOnSessionExpiration(); - } + return casConfiguration.logoutOnSessionExpiration(); + } - @Reference(unbind = "-") - protected void setConfigurationProvider( - ConfigurationProvider configurationProvider) { + @Reference(unbind = "-") + protected void setConfigurationProvider( + ConfigurationProvider configurationProvider) { - _configurationProvider = configurationProvider; - } + _configurationProvider = configurationProvider; + } - private CASConfiguration _getCASConfiguration(long companyId) { - try { - return _configurationProvider.getConfiguration( - CASConfiguration.class, - new CompanyServiceSettingsLocator( - companyId, CASConstants.SERVICE_NAME)); - } - catch (ConfigurationException configurationException) { - _log.error( - "Unable to get CAS configuration", configurationException); - } + private CASConfiguration _getCASConfiguration(long companyId) { + try { + return _configurationProvider.getCompanyConfiguration( + CASConfiguration.class, companyId); + } catch (ConfigurationException configurationException) { + _log.error( + "Unable to get CAS configuration", configurationException); + } - return null; - } + return null; + } - private boolean _isCASAuthEnabled(long companyId) { - CASConfiguration casConfiguration = _getCASConfiguration(companyId); + private boolean _isCASAuthEnabled(long companyId) { + CASConfiguration casConfiguration = _getCASConfiguration(companyId); - return casConfiguration.enabled(); - } + return casConfiguration.enabled(); + } - private static final Log _log = LogFactoryUtil.getLog(SSOImpl.class); + private static final Log _log = LogFactoryUtil.getLog(SSOImpl.class); - private ConfigurationProvider _configurationProvider; + private ConfigurationProvider _configurationProvider; } diff --git a/modules/portal-security-sso-cas-impl/src/main/java/com/liferay/portal/security/sso/cas/internal/auto/login/CASAutoLogin.java b/modules/portal-security-sso-cas-impl/src/main/java/com/liferay/portal/security/sso/cas/internal/auto/login/CASAutoLogin.java index 5e7a398..67845dd 100644 --- a/modules/portal-security-sso-cas-impl/src/main/java/com/liferay/portal/security/sso/cas/internal/auto/login/CASAutoLogin.java +++ b/modules/portal-security-sso-cas-impl/src/main/java/com/liferay/portal/security/sso/cas/internal/auto/login/CASAutoLogin.java @@ -1,11 +1,11 @@ /** * Copyright (c) 2000-present Liferay, Inc. All rights reserved. - * + *
* This library is free software; you can redistribute it and/or modify it under * the terms of the GNU Lesser General Public License as published by the Free * Software Foundation; either version 2.1 of the License, or (at your option) * any later version. - * + *
* This library is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more @@ -25,14 +25,12 @@ import com.liferay.portal.kernel.security.auto.login.AutoLogin; import com.liferay.portal.kernel.security.auto.login.BaseAutoLogin; import com.liferay.portal.kernel.service.UserLocalService; -import com.liferay.portal.kernel.settings.CompanyServiceSettingsLocator; import com.liferay.portal.kernel.util.Portal; import com.liferay.portal.kernel.util.PrefsPropsUtil; import com.liferay.portal.kernel.util.PropsKeys; import com.liferay.portal.kernel.util.Validator; import com.liferay.portal.security.ldap.exportimport.LDAPUserImporter; import com.liferay.portal.security.sso.cas.configuration.CASConfiguration; -import com.liferay.portal.security.sso.cas.constants.CASConstants; import com.liferay.portal.security.sso.cas.internal.constants.CASWebKeys; import com.liferay.portal.util.PropsValues; import org.osgi.service.component.annotations.Component; @@ -64,142 +62,137 @@ * @author Daeyoung Song */ @Component( - configurationPid = "com.liferay.portal.security.sso.cas.configuration.CASConfiguration", - immediate = true, service = AutoLogin.class + configurationPid = "com.liferay.portal.security.sso.cas.configuration.CASConfiguration", + immediate = true, service = AutoLogin.class ) public class CASAutoLogin extends BaseAutoLogin { - @Override - protected String[] doHandleException( - HttpServletRequest httpServletRequest, - HttpServletResponse httpServletResponse, Exception exception) { + @Override + protected String[] doHandleException( + HttpServletRequest httpServletRequest, + HttpServletResponse httpServletResponse, Exception exception) { - if (exception instanceof NoSuchUserException) { - HttpSession httpSession = httpServletRequest.getSession(); + if (exception instanceof NoSuchUserException) { + HttpSession httpSession = httpServletRequest.getSession(); - httpSession.removeAttribute(CASWebKeys.CAS_LOGIN); + httpSession.removeAttribute(CASWebKeys.CAS_LOGIN); - httpSession.setAttribute( - CASWebKeys.CAS_NO_SUCH_USER_EXCEPTION, Boolean.TRUE); - } + httpSession.setAttribute( + CASWebKeys.CAS_NO_SUCH_USER_EXCEPTION, Boolean.TRUE); + } - _log.error(exception); + _log.error(exception); - return null; - } + return null; + } - @Override - protected String[] doLogin( - HttpServletRequest httpServletRequest, - HttpServletResponse httpServletResponse) - throws Exception { + @Override + protected String[] doLogin( + HttpServletRequest httpServletRequest, + HttpServletResponse httpServletResponse) + throws Exception { - long companyId = _portal.getCompanyId(httpServletRequest); + long companyId = _portal.getCompanyId(httpServletRequest); - CASConfiguration casConfiguration = - _configurationProvider.getConfiguration( - CASConfiguration.class, - new CompanyServiceSettingsLocator( - companyId, CASConstants.SERVICE_NAME)); + CASConfiguration casConfiguration = + _configurationProvider.getCompanyConfiguration( + CASConfiguration.class, companyId); - if (!casConfiguration.enabled()) { - return null; - } + if (!casConfiguration.enabled()) { + return null; + } - HttpSession httpSession = httpServletRequest.getSession(); + HttpSession httpSession = httpServletRequest.getSession(); - String login = (String)httpSession.getAttribute(CASWebKeys.CAS_LOGIN); + String login = (String) httpSession.getAttribute(CASWebKeys.CAS_LOGIN); - if (Validator.isNull(login)) { - Object noSuchUserException = httpSession.getAttribute( - CASWebKeys.CAS_NO_SUCH_USER_EXCEPTION); + if (Validator.isNull(login)) { + Object noSuchUserException = httpSession.getAttribute( + CASWebKeys.CAS_NO_SUCH_USER_EXCEPTION); - if (noSuchUserException == null) { - return null; - } + if (noSuchUserException == null) { + return null; + } - httpSession.removeAttribute(CASWebKeys.CAS_NO_SUCH_USER_EXCEPTION); + httpSession.removeAttribute(CASWebKeys.CAS_NO_SUCH_USER_EXCEPTION); - httpSession.setAttribute(CASWebKeys.CAS_FORCE_LOGOUT, Boolean.TRUE); + httpSession.setAttribute(CASWebKeys.CAS_FORCE_LOGOUT, Boolean.TRUE); - String redirect = casConfiguration.noSuchUserRedirectURL(); + String redirect = casConfiguration.noSuchUserRedirectURL(); - httpServletRequest.setAttribute( - AutoLogin.AUTO_LOGIN_REDIRECT, redirect); + httpServletRequest.setAttribute( + AutoLogin.AUTO_LOGIN_REDIRECT, redirect); - return null; - } + return null; + } - User user = null; + User user = null; - String authType = PrefsPropsUtil.getString( - companyId, PropsKeys.COMPANY_SECURITY_AUTH_TYPE, - PropsValues.COMPANY_SECURITY_AUTH_TYPE); + String authType = PrefsPropsUtil.getString( + companyId, PropsKeys.COMPANY_SECURITY_AUTH_TYPE, + PropsValues.COMPANY_SECURITY_AUTH_TYPE); - if (casConfiguration.importFromLDAP()) { - try { - if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) { - user = _userImporter.importUser( - companyId, StringPool.BLANK, login); - } - else { - user = _userImporter.importUser( - companyId, login, StringPool.BLANK); - } - } - catch (SystemException systemException) { + if (casConfiguration.importFromLDAP()) { + try { + if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) { + user = _userImporter.importUser( + companyId, StringPool.BLANK, login); + } else { + user = _userImporter.importUser( + companyId, login, StringPool.BLANK); + } + } catch (SystemException systemException) { - // LPS-52675 + // LPS-52675 - if (_log.isDebugEnabled()) { - _log.debug(systemException); - } - } - } + if (_log.isDebugEnabled()) { + _log.debug(systemException); + } + } + } - if (user == null) { - if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) { - user = _userLocalService.getUserByScreenName(companyId, login); - } - else { - user = _userLocalService.getUserByEmailAddress( - companyId, login); - } - } + if (user == null) { + if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) { + user = _userLocalService.getUserByScreenName(companyId, login); + } else { + user = _userLocalService.getUserByEmailAddress( + companyId, login); + } + } - addRedirect(httpServletRequest); + addRedirect(httpServletRequest); - String[] credentials = new String[3]; + String[] credentials = new String[3]; - credentials[0] = String.valueOf(user.getUserId()); - credentials[1] = user.getPassword(); - credentials[2] = Boolean.TRUE.toString(); + credentials[0] = String.valueOf(user.getUserId()); + credentials[1] = user.getPassword(); + credentials[2] = Boolean.TRUE.toString(); - return credentials; - } + return credentials; + } - @Reference(unbind = "-") - protected void setConfigurationProvider( - ConfigurationProvider configurationProvider) { + @Reference(unbind = "-") + protected void setConfigurationProvider( + ConfigurationProvider configurationProvider) { - _configurationProvider = configurationProvider; - } + _configurationProvider = configurationProvider; + } - @Reference(unbind = "-") - protected void setUserLocalService(UserLocalService userLocalService) { - _userLocalService = userLocalService; - } + @Reference(unbind = "-") + protected void setUserLocalService(UserLocalService userLocalService) { + _userLocalService = userLocalService; + } - private static final Log _log = LogFactoryUtil.getLog(CASAutoLogin.class); + private static final Log _log = LogFactoryUtil.getLog(CASAutoLogin.class); - private ConfigurationProvider _configurationProvider; + private ConfigurationProvider _configurationProvider; - @Reference - private Portal _portal; + @Reference + private Portal _portal; - @Reference - private LDAPUserImporter _userImporter; + @Reference + private LDAPUserImporter _userImporter; - private UserLocalService _userLocalService; + private UserLocalService _userLocalService; } diff --git a/modules/portal-security-sso-cas-impl/src/main/java/com/liferay/portal/security/sso/cas/internal/servlet/filter/CASFilter.java b/modules/portal-security-sso-cas-impl/src/main/java/com/liferay/portal/security/sso/cas/internal/servlet/filter/CASFilter.java index 6320bda..f2990b2 100644 --- a/modules/portal-security-sso-cas-impl/src/main/java/com/liferay/portal/security/sso/cas/internal/servlet/filter/CASFilter.java +++ b/modules/portal-security-sso-cas-impl/src/main/java/com/liferay/portal/security/sso/cas/internal/servlet/filter/CASFilter.java @@ -1,11 +1,11 @@ /** * Copyright (c) 2000-present Liferay, Inc. All rights reserved. - * + *
* This library is free software; you can redistribute it and/or modify it under * the terms of the GNU Lesser General Public License as published by the Free * Software Foundation; either version 2.1 of the License, or (at your option) * any later version. - * + *
* This library is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
* FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
@@ -19,35 +19,26 @@
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.servlet.BaseFilter;
-import com.liferay.portal.kernel.settings.CompanyServiceSettingsLocator;
-import com.liferay.portal.kernel.util.HashMapBuilder;
-import com.liferay.portal.kernel.util.HttpComponentsUtil;
-import com.liferay.portal.kernel.util.ParamUtil;
-import com.liferay.portal.kernel.util.Portal;
-import com.liferay.portal.kernel.util.Validator;
+import com.liferay.portal.kernel.util.*;
import com.liferay.portal.security.sso.cas.configuration.CASConfiguration;
-import com.liferay.portal.security.sso.cas.constants.CASConstants;
import com.liferay.portal.security.sso.cas.internal.constants.CASWebKeys;
-
-import java.util.Map;
-import java.util.concurrent.ConcurrentHashMap;
-
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-
import org.jasig.cas.client.authentication.AttributePrincipal;
import org.jasig.cas.client.util.CommonUtils;
import org.jasig.cas.client.validation.Assertion;
import org.jasig.cas.client.validation.Cas20ProxyTicketValidator;
import org.jasig.cas.client.validation.TicketValidationException;
import org.jasig.cas.client.validation.TicketValidator;
-
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
+
/**
* Participates in every login and logout that triggers an HTTP request to
* Liferay Portal.
@@ -82,215 +73,205 @@
* @author Zsolt Balogh
*/
@Component(
- configurationPid = "com.liferay.portal.security.sso.cas.configuration.CASConfiguration",
- immediate = true,
- property = {
- "before-filter=Auto Login Filter", "dispatcher=FORWARD",
- "dispatcher=REQUEST", "servlet-context-name=",
- "servlet-filter-name=SSO CAS Filter", "url-pattern=/c/portal/login",
- "url-pattern=/c/portal/logout"
- },
- service = Filter.class
+ configurationPid = "com.liferay.portal.security.sso.cas.configuration.CASConfiguration",
+ immediate = true,
+ property = {
+ "before-filter=Auto Login Filter", "dispatcher=FORWARD",
+ "dispatcher=REQUEST", "servlet-context-name=",
+ "servlet-filter-name=SSO CAS Filter", "url-pattern=/c/portal/login",
+ "url-pattern=/c/portal/logout"
+ },
+ service = Filter.class
)
public class CASFilter extends BaseFilter {
- public static void reload(long companyId) {
- _ticketValidators.remove(companyId);
- }
+ public static void reload(long companyId) {
+ _ticketValidators.remove(companyId);
+ }
- @Override
- public boolean isFilterEnabled(
- HttpServletRequest httpServletRequest,
- HttpServletResponse httpServletResponse) {
+ @Override
+ public boolean isFilterEnabled(
+ HttpServletRequest httpServletRequest,
+ HttpServletResponse httpServletResponse) {
- try {
- CASConfiguration casConfiguration =
- _configurationProvider.getConfiguration(
- CASConfiguration.class,
- new CompanyServiceSettingsLocator(
- _portal.getCompanyId(httpServletRequest),
- CASConstants.SERVICE_NAME));
+ try {
+ CASConfiguration casConfiguration =
+ _configurationProvider.getCompanyConfiguration(
+ CASConfiguration.class, _portal.getCompanyId(httpServletRequest));
- if (casConfiguration.enabled()) {
- return true;
- }
- }
- catch (Exception exception) {
- _log.error(exception);
- }
+ if (casConfiguration.enabled()) {
+ return true;
+ }
+ } catch (Exception exception) {
+ _log.error(exception);
+ }
- return false;
- }
+ return false;
+ }
- @Override
- protected Log getLog() {
- return _log;
- }
+ @Override
+ protected Log getLog() {
+ return _log;
+ }
- @Override
- protected void processFilter(
- HttpServletRequest httpServletRequest,
- HttpServletResponse httpServletResponse, FilterChain filterChain)
- throws Exception {
+ @Override
+ protected void processFilter(
+ HttpServletRequest httpServletRequest,
+ HttpServletResponse httpServletResponse, FilterChain filterChain)
+ throws Exception {
- HttpSession httpSession = httpServletRequest.getSession();
+ HttpSession httpSession = httpServletRequest.getSession();
- long companyId = _portal.getCompanyId(httpServletRequest);
+ long companyId = _portal.getCompanyId(httpServletRequest);
- CASConfiguration casConfiguration =
- _configurationProvider.getConfiguration(
- CASConfiguration.class,
- new CompanyServiceSettingsLocator(
- companyId, CASConstants.SERVICE_NAME));
+ CASConfiguration casConfiguration =
+ _configurationProvider.getCompanyConfiguration(
+ CASConfiguration.class, companyId);
- Object forceLogout = httpSession.getAttribute(
- CASWebKeys.CAS_FORCE_LOGOUT);
+ Object forceLogout = httpSession.getAttribute(
+ CASWebKeys.CAS_FORCE_LOGOUT);
- if (forceLogout != null) {
- httpSession.removeAttribute(CASWebKeys.CAS_FORCE_LOGOUT);
+ if (forceLogout != null) {
+ httpSession.removeAttribute(CASWebKeys.CAS_FORCE_LOGOUT);
- String logoutUrl = casConfiguration.logoutURL();
+ String logoutUrl = casConfiguration.logoutURL();
- httpServletResponse.sendRedirect(logoutUrl);
+ httpServletResponse.sendRedirect(logoutUrl);
- return;
- }
+ return;
+ }
- String pathInfo = httpServletRequest.getPathInfo();
+ String pathInfo = httpServletRequest.getPathInfo();
- if (Validator.isNotNull(pathInfo) &&
- pathInfo.contains("/portal/logout")) {
+ if (Validator.isNotNull(pathInfo) &&
+ pathInfo.contains("/portal/logout")) {
- httpSession.invalidate();
+ httpSession.invalidate();
- String logoutUrl = casConfiguration.logoutURL();
+ String logoutUrl = casConfiguration.logoutURL();
- httpServletResponse.sendRedirect(logoutUrl);
+ httpServletResponse.sendRedirect(logoutUrl);
- return;
- }
+ return;
+ }
- String login = (String)httpSession.getAttribute(CASWebKeys.CAS_LOGIN);
+ String login = (String) httpSession.getAttribute(CASWebKeys.CAS_LOGIN);
- if (Validator.isNotNull(login)) {
- processFilter(
- CASFilter.class.getName(), httpServletRequest,
- httpServletResponse, filterChain);
+ if (Validator.isNotNull(login)) {
+ processFilter(
+ CASFilter.class.getName(), httpServletRequest,
+ httpServletResponse, filterChain);
- return;
- }
+ return;
+ }
- String serverName = casConfiguration.serverName();
+ String serverName = casConfiguration.serverName();
- String serviceURL = casConfiguration.serviceURL();
+ String serviceURL = casConfiguration.serviceURL();
- if (Validator.isNull(serviceURL)) {
- serviceURL = CommonUtils.constructServiceUrl(
- httpServletRequest, httpServletResponse, serviceURL, serverName,
- "service", "ticket", true);
- }
+ if (Validator.isNull(serviceURL)) {
+ serviceURL = CommonUtils.constructServiceUrl(
+ httpServletRequest, httpServletResponse, serviceURL, serverName,
+ "service", "ticket", true);
+ }
- String ticket = ParamUtil.getString(httpServletRequest, "ticket");
+ String ticket = ParamUtil.getString(httpServletRequest, "ticket");
- if (Validator.isNull(ticket)) {
- String loginUrl = casConfiguration.loginURL();
+ if (Validator.isNull(ticket)) {
+ String loginUrl = casConfiguration.loginURL();
- loginUrl = HttpComponentsUtil.addParameter(
- loginUrl, "service", serviceURL);
+ loginUrl = HttpComponentsUtil.addParameter(
+ loginUrl, "service", serviceURL);
- httpServletResponse.sendRedirect(loginUrl);
+ httpServletResponse.sendRedirect(loginUrl);
- return;
- }
+ return;
+ }
- TicketValidator ticketValidator = _getTicketValidator(companyId);
+ TicketValidator ticketValidator = _getTicketValidator(companyId);
- Assertion assertion = null;
+ Assertion assertion = null;
- try {
- assertion = ticketValidator.validate(ticket, serviceURL);
- }
- catch (TicketValidationException ticketValidationException) {
- if (_log.isDebugEnabled()) {
- _log.debug(ticketValidationException);
- }
- else if (_log.isInfoEnabled()) {
- _log.info(ticketValidationException);
- }
+ try {
+ assertion = ticketValidator.validate(ticket, serviceURL);
+ } catch (TicketValidationException ticketValidationException) {
+ if (_log.isDebugEnabled()) {
+ _log.debug(ticketValidationException);
+ } else if (_log.isInfoEnabled()) {
+ _log.info(ticketValidationException);
+ }
- _portal.sendError(
- new PortalException(
- "Unable to validate CAS ticket: " + ticket,
- ticketValidationException),
- httpServletRequest, httpServletResponse);
+ _portal.sendError(
+ new PortalException(
+ "Unable to validate CAS ticket: " + ticket,
+ ticketValidationException),
+ httpServletRequest, httpServletResponse);
- return;
- }
+ return;
+ }
- if (assertion != null) {
- AttributePrincipal attributePrincipal = assertion.getPrincipal();
+ if (assertion != null) {
+ AttributePrincipal attributePrincipal = assertion.getPrincipal();
- login = attributePrincipal.getName();
+ login = attributePrincipal.getName();
- httpSession.setAttribute(CASWebKeys.CAS_LOGIN, login);
- }
+ httpSession.setAttribute(CASWebKeys.CAS_LOGIN, login);
+ }
- processFilter(
- CASFilter.class.getName(), httpServletRequest, httpServletResponse,
- filterChain);
- }
+ processFilter(
+ CASFilter.class.getName(), httpServletRequest, httpServletResponse,
+ filterChain);
+ }
- @Reference(unbind = "-")
- protected void setConfigurationProvider(
- ConfigurationProvider configurationProvider) {
+ @Reference(unbind = "-")
+ protected void setConfigurationProvider(
+ ConfigurationProvider configurationProvider) {
- _configurationProvider = configurationProvider;
- }
+ _configurationProvider = configurationProvider;
+ }
- private TicketValidator _getTicketValidator(long companyId)
- throws Exception {
+ private TicketValidator _getTicketValidator(long companyId)
+ throws Exception {
- TicketValidator ticketValidator = _ticketValidators.get(companyId);
+ TicketValidator ticketValidator = _ticketValidators.get(companyId);
- if (ticketValidator != null) {
- return ticketValidator;
- }
+ if (ticketValidator != null) {
+ return ticketValidator;
+ }
- CASConfiguration casConfiguration =
- _configurationProvider.getConfiguration(
- CASConfiguration.class,
- new CompanyServiceSettingsLocator(
- companyId, CASConstants.SERVICE_NAME));
+ CASConfiguration casConfiguration =
+ _configurationProvider.getCompanyConfiguration(
+ CASConfiguration.class, companyId);
- String serverUrl = casConfiguration.serverURL();
+ String serverUrl = casConfiguration.serverURL();
- Cas20ProxyTicketValidator cas20ProxyTicketValidator =
- new Cas20ProxyTicketValidator(serverUrl);
+ Cas20ProxyTicketValidator cas20ProxyTicketValidator =
+ new Cas20ProxyTicketValidator(serverUrl);
- cas20ProxyTicketValidator.setCustomParameters(
- HashMapBuilder.put(
- "casServerLoginUrl", casConfiguration.loginURL()
- ).put(
- "casServerUrlPrefix", serverUrl
- ).put(
- "redirectAfterValidation", "false"
- ).put(
- "serverName", casConfiguration.serverName()
- ).build());
+ cas20ProxyTicketValidator.setCustomParameters(
+ HashMapBuilder.put(
+ "casServerLoginUrl", casConfiguration.loginURL()
+ ).put(
+ "casServerUrlPrefix", serverUrl
+ ).put(
+ "redirectAfterValidation", "false"
+ ).put(
+ "serverName", casConfiguration.serverName()
+ ).build());
- _ticketValidators.put(companyId, cas20ProxyTicketValidator);
+ _ticketValidators.put(companyId, cas20ProxyTicketValidator);
- return cas20ProxyTicketValidator;
- }
+ return cas20ProxyTicketValidator;
+ }
- private static final Log _log = LogFactoryUtil.getLog(CASFilter.class);
+ private static final Log _log = LogFactoryUtil.getLog(CASFilter.class);
- private static final Map