Save This Page
Home » opensso-src » com.sun.identity.agents.filter » [javadoc | source]
    1   /**
    2    * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
    3    *
    4    * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
    5    *
    6    * The contents of this file are subject to the terms
    7    * of the Common Development and Distribution License
    8    * (the License). You may not use this file except in
    9    * compliance with the License.
   10    *
   11    * You can obtain a copy of the License at
   12    * https://opensso.dev.java.net/public/CDDLv1.0.html or
   13    * opensso/legal/CDDLv1.0.txt
   14    * See the License for the specific language governing
   15    * permission and limitations under the License.
   16    *
   17    * When distributing Covered Code, include this CDDL
   18    * Header Notice in each file and include the License file
   19    * at opensso/legal/CDDLv1.0.txt.
   20    * If applicable, add the following below the CDDL Header,
   21    * with the fields enclosed by brackets [] replaced by
   22    * your own identifying information:
   23    * "Portions Copyrighted [year] [name of copyright owner]"
   24    *
   25    * $Id: AmFilterRequestContext.java,v 1.8 2008/08/07 18:04:46 huacui Exp $
   26    *
   27    */
   28   package com.sun.identity.agents.filter;
   29   
   30   import java.net.MalformedURLException;
   31   import java.net.URL;
   32   import java.net.URLEncoder;
   33   import java.util.Map;
   34   
   35   import javax.servlet.http.Cookie;
   36   import javax.servlet.http.HttpServletRequest;
   37   import javax.servlet.http.HttpServletResponse;
   38   
   39   import com.sun.identity.agents.arch.AgentConfiguration;
   40   import com.sun.identity.agents.arch.AgentException;
   41   import com.sun.identity.agents.common.IHttpServletRequestHelper;
   42   import com.sun.identity.agents.common.IURLFailoverHelper;
   43   import com.sun.identity.agents.common.SSOValidationResult;
   44   import com.sun.identity.agents.policy.AmWebPolicyResult;
   45   import com.sun.identity.agents.util.CookieUtils;
   46   import com.sun.identity.agents.util.IUtilConstants;
   47   import com.sun.identity.agents.util.NameValuePair;
   48   import com.sun.identity.agents.util.StringUtils;
   49   
   50   /**
   51    * A <code>AmFilterRequestContext</code> encapsulates all request and response
   52    * related information that is needed for the invocation of various task
   53    * handlers by the <code>AmFilter</code> in order to be able to process the
   54    * incoming request.
   55    */
   56   public class AmFilterRequestContext implements IUtilConstants {
   57   
   58       /**
   59        * The sole constructor for <code>AmFilterRequestContext</code>.
   60        * @param request the HttpServletRequest used for filter invocation
   61        * @param response the HttpServletResponse used for filter invocation
   62        * @param gotoParameterName the parameter name used for return redirects
   63        * @param loginURLFailoverHelper the URL failover helper used to select
   64        * the currently available login URL in cases where necessary.
   65        * @param logoutURLFailoverHelper the URL failover helper used to select
   66        * the currently available logout URL in cases where necessary.
   67        * @param isFormLoginRequest a boolean indicating if the current request is
   68        * that for a J2EE Form based login.
   69        * @param accessDeniedURI the URI to be used for denying access to the 
   70        * requested resource.
   71        * @param amFilter the instance of <code>AmFilter</code> that is creating
   72        * this particular request context.
   73        * @param filterMode the mode in which the <code>AmFilter</code> is 
   74        * operating during the execution of this request.
   75        */
   76       public AmFilterRequestContext(HttpServletRequest request,
   77                              HttpServletResponse response,
   78                              String gotoParameterName,
   79                              IURLFailoverHelper loginURLFailoverHelper,
   80                              IURLFailoverHelper logoutURLFailoverHelper,
   81                              boolean isFormLoginRequest,
   82                              String accessDeniedURI,
   83                              AmFilter amFilter,
   84                              AmFilterMode filterMode,
   85                              String agentHost, int agentPort, 
   86                              String agentProtocol)
   87       {
   88           setRequest(request);
   89           setResponse(response);
   90           setGotoParameterName(gotoParameterName);
   91           setLoginURLFailoverHelper(loginURLFailoverHelper);
   92           setLogoutURLFailoverHelper(logoutURLFailoverHelper);
   93           setIsFormLoginRequestFlag(isFormLoginRequest);
   94           setAccessDeniedURI(accessDeniedURI);
   95           setAmFilter(amFilter);
   96           setFilterMode(filterMode);
   97           setAgentHost(agentHost);
   98           setAgentPort(agentPort);
   99           setAgentProtocol(agentProtocol);
  100       }
  101   
  102       /**
  103        * Returns the original HttpServletRequst that was used for filter
  104        * invocation.
  105        *
  106        * @return the original HttpServletRequest object
  107        */
  108       public HttpServletRequest getHttpServletRequest() {
  109           return _request;
  110       }
  111   
  112       /**
  113        * Returns the original HttpServletResponse that was used for filter
  114        * invocation.
  115        *
  116        * @return the original HttpServletResponse object
  117        */
  118       public HttpServletResponse getHttpServletResponse() {
  119           return _response;
  120       }
  121   
  122       /**
  123        * Returns the Filter mode
  124        *
  125        * @return the Filter mode
  126        */
  127       public AmFilterMode getFilterMode() {
  128           return _filterMode;
  129       }
  130   
  131   
  132       /**
  133        * Returns the value of parameter name used for return redirects such
  134        * as <code>goto</code> as configured in the Identity Server authentication
  135        * service.
  136        *
  137        * @return the value of parameter name used for return redirects
  138        */
  139       public String getGotoParameterName() {
  140           return _gotoParameterName;
  141       }
  142   
  143       /**
  144        * Returns the value of the actual canoncialized destination URL that
  145        * the user intended to access when the request was submitted.
  146        *
  147        * @return the canonicalized destination URL as submitted by the user.
  148        */
  149       public String getDestinationURL() {
  150           /**
  151            * Note: The <code>AmFilterRequestContext</code> need not be
  152            * thread safe and therefore the following lazy initialization should
  153            * not cause any problems in the runtime.
  154            */
  155           if (_destinationURL == null ) {
  156               initDestinationURL();
  157           }
  158           return _destinationURL;
  159       }
  160       
  161       /**
  162        * Returns the value of the actual destination url in the case 
  163        * of a form login request. This information is not available
  164        * for all agents.
  165        *
  166        * @return the destination URL in the case of a form login request.
  167        */
  168       public String getGotoFormLoginURL() {
  169           return _gotoFormLoginURL;
  170       }    
  171       
  172       /**
  173        * Returns the value of actual canocialized destination URL that the
  174        * user intended to access without the SSO token in the query parameter
  175        * so that it can be used to evaluate policies where necessary.
  176        * 
  177        * @return the canocialized destination URL as submitted by the user 
  178        * without the SSO token in the query parameter if it was present in 
  179        * the original URL.
  180        */
  181       public String getPolicyDestinationURL() {
  182           if (_policyDestinationURL == null) {
  183               initPolicyDestinationURL();
  184           }
  185           
  186           return _policyDestinationURL;
  187       }
  188   
  189       /**
  190        * Returns the value of a named cookie from the underlying
  191        * <code>HttpServletRequest</code> object.
  192        * @param cookieName the name of the cookie to be looked up.
  193        * @return the corresponding cookie value, or <code>null</code> if the
  194        * specified cookie is not present.
  195        */
  196       public String getRequestCookieValue(String cookieName) {
  197           /**
  198            * Note: The <code>AmFilterRequestContext</code> need not be
  199            * thread safe and therefore the following lazy initialization should
  200            * not cause any problems in the runtime.
  201            */
  202           if (getCookieMap() == null) {
  203               initCookieMap();
  204           }
  205           return (String) getCookieMap().get(cookieName);
  206       }
  207   
  208       /**
  209        * Returns a URL that can be used to redirect the current request which may
  210        * be lacking sufficient credentials to the Identity Server Authentication
  211        * service.
  212        *
  213        * @return a String representation of a URL that can be used to redirect the
  214        * current request to the authentication service.
  215        * @throws AgentException in the event when no login URL for Identity Server
  216        * authentication service is available.
  217        */
  218   
  219       public String getAuthRedirectURL() throws AgentException {
  220           return getAuthRedirectURL(null, null);
  221       }
  222   
  223      /**
  224       * Returns the value of the GOTO parameter to be used for post authentication
  225       * redirect by the authentication service. If the request is a form login
  226       * request, the return value will point to the application context root. 
  227       * Otherwise the return value will be a complete URL of the requested 
  228       * resource.
  229       * 
  230       * @return the URL to which the user will be redirected after successful
  231       * authentication.
  232       */
  233       public String populateGotoParameterValue() {
  234           String       gotoURL  = null;
  235           String       gotoFormLoginURL = getGotoFormLoginURL();
  236           if (isFormLoginRequest()) {
  237               if (gotoFormLoginURL != null) {
  238                   gotoURL = gotoFormLoginURL;
  239               } else {
  240                   gotoURL = getApplicationContextURL();
  241               }
  242           } else {
  243               gotoURL = getDestinationURL();
  244           }
  245           
  246           return gotoURL;
  247       }
  248   
  249       /**
  250        * Returns a URL that can be used to redirect the current request which may
  251        * be lacking sufficient credentials to the Identity Server Authentication
  252        * service.
  253        *
  254        * @param amWebPolicyResult an optional policy result object that may be
  255        * carrying any applicable advices.
  256        * @return a String representation of a URL that can be used to redirect the
  257        * current request to the authentication service.
  258        * @throws AgentException in the event when no login URL for Identity Server
  259        * authentication service is available.
  260        */
  261       public String getAuthRedirectURL(AmWebPolicyResult amWebPolicyResult)
  262           throws AgentException
  263       {
  264           return getAuthRedirectURL(amWebPolicyResult, null);
  265       }
  266       
  267       public String getAuthRedirectURL(String gotoURL) throws AgentException {
  268           return getAuthRedirectURL(null, gotoURL);
  269       }
  270   
  271       /**
  272        * Returns a URL that can be used to redirect the current request which may
  273        * be lacking sufficient credentials to the Identity Server Authentication
  274        * service.
  275        *
  276        * @param amWebPolicyResult an optional policy result object that may be
  277        * carrying any applicable advices.
  278        * @param gotoURL the goto parameter Value
  279        * @return a String representation of a URL that can be used to redirect the
  280        * current request to the authentication service.
  281        * @throws AgentException in the event when no login URL for Identity Server
  282        * authentication service is available.
  283        */
  284       public String getAuthRedirectURL(AmWebPolicyResult amWebPolicyResult,
  285                                        String gotoURL)
  286           throws AgentException
  287       {
  288   
  289   
  290           StringBuffer buff     = new StringBuffer();
  291           String       loginURL = getLoginURL();
  292           buff.append(loginURL);
  293   
  294           if(loginURL.indexOf("?") != -1) {
  295               buff.append("&");
  296           } else {
  297               buff.append("?");
  298           }
  299   
  300           if (gotoURL == null) {
  301               gotoURL = populateGotoParameterValue();
  302           }
  303   
  304           buff.append(getGotoParameterName());
  305           buff.append("=");
  306           buff.append(URLEncoder.encode(gotoURL));
  307   
  308           if((amWebPolicyResult != null) && amWebPolicyResult.hasNameValuePairs()) {
  309               NameValuePair[] nvp = amWebPolicyResult.getNameValuePairs();
  310   
  311               buff.append("&");
  312   
  313               for(int i = 0; i < nvp.length; i++) {
  314                   buff.append(URLEncoder.encode(nvp[i].getName()));
  315                   buff.append("=");
  316                   buff.append(URLEncoder.encode(nvp[i].getValue()));
  317   
  318                   if(i != nvp.length - 1) {
  319                       buff.append("&");
  320                   }
  321               }
  322           }
  323   
  324           String redirectURL = buff.toString();
  325   
  326           return redirectURL;
  327       }
  328   
  329   
  330       /**
  331        * Returns a URL that can be used to logout the user from the
  332        * OpenSSO server and redirect the user to a specific URL. 
  333        * @param gotoURL the redirect URL after logging out 
  334        * @return a String representation of a URL that can be used to 
  335        * logout the user from the OpenSSO server and redirect 
  336        * the user to the gotoURL. 
  337        */
  338       public String getLogoutURL(String gotoURL) {
  339           String logoutURL = null;
  340           try {
  341               logoutURL = getLogoutURL();
  342           } catch (AgentException ae) {
  343               return null;
  344           }
  345         
  346           if (logoutURL == null) {
  347               return null;
  348           } 
  349   
  350           StringBuffer buff = new StringBuffer();
  351           buff.append(logoutURL);
  352   
  353           if (logoutURL.indexOf("?") != -1) {
  354               buff.append("&");
  355           } else {
  356               buff.append("?");
  357           }
  358   
  359           if (gotoURL == null) {
  360               gotoURL = populateGotoParameterValue();
  361           }
  362   
  363           buff.append(getGotoParameterName());
  364           buff.append("=");
  365           buff.append(URLEncoder.encode(gotoURL));
  366           return buff.toString();
  367       }
  368   
  369   
  370       /**
  371        * Returns a redirect result that can be used to redirect the user to
  372        * the sepcified URL.
  373        *
  374        * @param redirectURL the URL to which the user will be redirected to.
  375        * @return an <code>AmFilter</code> to redirect the user to the specified URL.
  376        */
  377       public AmFilterResult getCustomRedirectResult(String redirectURL) {
  378           return new AmFilterResult(AmFilterResultStatus.STATUS_REDIRECT,
  379                                      redirectURL);
  380       }
  381   
  382       /**
  383        * Returns a redirect result that can be used to authenticate the user
  384        * by Identity Server Authentication service.
  385        *
  386        * @return an <code>AmFilterResult</code> to authenticate the user
  387        *
  388        * @throws AgentException if the processing of this request results in an
  389        * unrecoverable error condition.
  390        */
  391       public AmFilterResult getAuthRedirectResult() throws AgentException {
  392           return getAuthRedirectResult(null);
  393       }
  394   
  395       /**
  396        * Returns a redirect result that can be used to authenticate the user
  397        * by Identity Server Authentication service.
  398        *
  399        * @param amWebPolicyResult an optional policy result instance which may
  400        * contain the necessary advices for authenticating the user
  401        * @return an <code>AmFilterResult</code> to authenticate the user
  402        *
  403        * @throws AgentException if the processing of this request results in an
  404        * unrecoverable error condition.
  405        */
  406       public AmFilterResult getAuthRedirectResult(
  407           AmWebPolicyResult amWebPolicyResult)
  408           throws AgentException
  409       {
  410           return new AmFilterResult(AmFilterResultStatus.STATUS_REDIRECT,
  411                                      getAuthRedirectURL(amWebPolicyResult));
  412       }
  413   
  414       /**
  415        * Returns a redirect result that can be used to authenticate the user
  416        * by Identity Server Authentication service.
  417        *
  418        * @param amWebPolicyResult an optional policy result instance which may
  419        * contain the necessary advices for authenticating the user
  420        * @param gotoURL the goto parameter value
  421        * @return an <code>AmFilterResult</code> to authenticate the user
  422        *
  423        * @throws AgentException if the processing of this request results in an
  424        * unrecoverable error condition.
  425        */
  426       public AmFilterResult getAuthRedirectResult(
  427           AmWebPolicyResult amWebPolicyResult,
  428           String gotoURL)
  429           throws AgentException
  430       {
  431           return new AmFilterResult(AmFilterResultStatus.STATUS_REDIRECT,
  432                                     getAuthRedirectURL(amWebPolicyResult,
  433                                     gotoURL));
  434       }
  435   
  436       /**
  437        * Returns a result for serving some specified data for handling the request.
  438        *
  439        * @param data the data to be served to the requestor.
  440        * @return an <code>AmFilterResult</code> to serve the sepcified data for
  441        * to the requestor.
  442        */
  443       public AmFilterResult getServeDataResult(String data) {
  444           return new AmFilterResult(AmFilterResultStatus.STATUS_SERVE_DATA,
  445                                       null, data);
  446       }
  447   
  448       /**
  449        * Returns an <code>AmFilterResult</code> instance that represents a continue
  450        * result for filter processing. If a <code>IHttpServletRequestHelper</code>
  451        * has been set for this request, it will be automatically added to the result.
  452        *
  453        * @return an <code>AmFilterResult</code> to allow the reqeust to continue
  454        */
  455       public AmFilterResult getContinueResult() {
  456           AmFilterResult result = new AmFilterResult(
  457                   AmFilterResultStatus.STATUS_CONTINUE);
  458           if (hasHttpServletRequestHelper()) {
  459               result.setHttpServletRequestHelper(getHttpServletRequestHelper());
  460           }
  461           return result;
  462       }
  463   
  464       /**
  465        * Returns an <code>AmFilterResult</code> instance that represents a server error 
  466        * result for filter processing.
  467        *
  468        * @return an <code>AmFilterResult</code> to indicate a server error
  469        */
  470       public AmFilterResult getServerErrorResult() {
  471           return new AmFilterResult(AmFilterResultStatus.STATUS_SERVER_ERROR);
  472       }
  473   
  474       /**
  475        * Returns an <code>AmFilterResult</code> instance that represents a blocked
  476        * result for filter processing.
  477        *
  478        * @return an <code>AmFilterResult</code> to block the current request
  479        */
  480       public AmFilterResult getBlockAccessResult() {
  481           return getBlockAccessResult(false);
  482       }
  483   
  484       /**
  485        * Returns an <code>AmFilterResult</code> instance that represents a blocked
  486        * result for filter processing.
  487        *
  488        * @param forceForbidden when set to true, will force the result to require
  489        * the use of HTTP status code 403 in order to block the current request.
  490        * @return an <code>AmFilterResult</code> to block the current request
  491        */
  492       public AmFilterResult getBlockAccessResult(boolean forceForbidden) {
  493   
  494           AmFilterResult result = null;
  495   
  496           if (forceForbidden) {
  497               result = new AmFilterResult(AmFilterResultStatus.STATUS_FORBIDDEN);
  498           } else {
  499               String accessDeniedURI =
  500                   getAccessDeniedURI();
  501   
  502               if (accessDeniedURI != null) {
  503                   String url = getAccessDeniedURL();
  504                   String gotoURL = populateGotoParameterValue();
  505                   if(gotoURL != null){
  506                      StringBuffer buff     = new StringBuffer(url);
  507                      buff.append("?");
  508                      buff.append(getGotoParameterName());
  509                      buff.append("=");
  510                      buff.append(URLEncoder.encode(populateGotoParameterValue()));
  511                      url = buff.toString();
  512                   }
  513   
  514                   result =
  515                       new AmFilterResult(AmFilterResultStatus.STATUS_REDIRECT,
  516                                          url);
  517               } else {
  518   
  519                   result =
  520                       new AmFilterResult(AmFilterResultStatus.STATUS_FORBIDDEN);
  521               }
  522           }
  523           result.markBlocked();
  524   
  525           return result;
  526       }
  527   
  528       /**
  529        * Returns an <code>AmFilterResult</code> instance that can be used to
  530        * redirect the incoming request back to itself. This may be necessary in
  531        * cases such as where the Task Handler has set certain cookies and these
  532        * cookies must be made available to the downstream application.
  533        *
  534        * @return an <code>AmFilterResult</code> that can be used to redirect the
  535        * request back to its destination thereby making a roundtrip before passing
  536        * the request to the downstream application.
  537        */
  538       public AmFilterResult getRedirectToSelfResult() {
  539           return getAmFilter().redirectToSelf(this);
  540       }
  541   
  542       /**
  543        * Adds a cookie with age set to 0 for the given name, thereby expiring the
  544        * cookie on the client.
  545        * @param cookieName the name of the cookie to be expired.
  546        */
  547       public void expireCookie(String cookieName) {
  548           expireCookie(cookieName, null, null);
  549       }
  550   
  551       /**
  552        * Adds a cookie with age set to 0 for the given name, thereby expiring the
  553        * cookie on the client.
  554        * @param cookieName the name of the cookie to be expired.
  555        * @param domain the domain of the cookie to be expired
  556        */
  557       public void expireCookie(String cookieName, String domain) {
  558           expireCookie(cookieName, domain, null);
  559       }
  560   
  561       /**
  562        * Adds a cookie with age set to 0 for the given name, thereby expiring the
  563        * cookie on the client.
  564        * @param cookieName the name of the cookie to be expired.
  565        * @param domain the domain of the cookie to be expired
  566        * @param path the path of the cookie to be expired
  567        */
  568       public void expireCookie(String cookieName, String domain, String path) {
  569           Cookie expiredCookie =
  570               CookieUtils.getExpiredCookie(cookieName, domain, path);
  571           getHttpServletResponse().addCookie(expiredCookie);
  572       }
  573   
  574       /**
  575        * Returns the DN of the currently authenticated user. If the task handler
  576        * specific to SSO validation has not been invoked yet, the user is considered
  577        * unauthenticated and therefore this method will return a <code>null</code>
  578        * value.
  579        *
  580        * @return the DN of the currently authenticated user or <code>null</code> if
  581        * the current request has not been subjected to SSO validation yet.
  582        */
  583       public String getUserPrincipal() {
  584           return (getSSOValidationResult() != null) ?
  585               getSSOValidationResult().getUserPrincipal():null;
  586       }
  587   
  588       /**
  589        * Returns the user name for the currently authenticated user. If the property
  590        * use dn is set to true, the name will be the user DN. If set to false, this
  591        * value will be the UID of the user. This method will return <code>null</code>
  592        * if the current user has not been authenticated yet.
  593        *
  594        * @return the user name of the currently authenticated user, or <code>null</code>
  595        * otherwise.
  596        */
  597       public String getUserId() {
  598           return (getSSOValidationResult() != null) ?
  599               getSSOValidationResult().getUserId(): null;
  600   
  601       }
  602   
  603       /**
  604        * Returns the instance of <code>IHttpServletRequestHelper</code> that can
  605        * be used to wrap this request.
  606        * @return the instnace of <code>IHttpServletRequestHelper</code> if available
  607        * or <code>null</code> if no such instnace is available.
  608        */
  609       public IHttpServletRequestHelper getHttpServletRequestHelper() {
  610           return _httpServletRequestHelper;
  611       }
  612   
  613       /**
  614        * Returns true if the current request context has an instnace of
  615        * <code>IHttpServletRequestHelper</code> available for wrapping the reqeust.
  616        *
  617        * @return true if an instance of <code>IHttpServletRequestHelper</code> is
  618        * available, false otherwise.
  619        */
  620       public boolean hasHttpServletRequestHelper() {
  621           return getHttpServletRequestHelper() != null;
  622       }
  623   
  624       /**
  625        * Returns a boolean indicating if the current request is that for a J2EE
  626        * form login.
  627        * @return true if the current request is that for a form login, false
  628        * otherwise.
  629        */
  630       public boolean isFormLoginRequest() {
  631           return _isFormLoginRequestFlag;
  632       }
  633   
  634       /**
  635        * Returns the <code>SSOValidationResult</code> object for the current
  636        * request if available. This instance is created and made available only
  637        * after the SSO task handler has operated on this request. If the SSO task
  638        * handler was not invoked prior to this method call, or if the SSO validation
  639        * failed for the current user, the return from this method will be <code>null</code>.
  640        * @return the <code>SSOValidationResult</code> object for the current request
  641        * if available, <code>null</code> otherwise.
  642        */
  643       public SSOValidationResult getSSOValidationResult() {
  644           return _ssoValidationResult;
  645       }
  646   
  647       /**
  648        * Returns the access denied URL to be used for blocking this request
  649        * if necessary. If the access denied URI is not specified, the return
  650        * will be a <code>null</code> value.
  651        *
  652        * @return the access denied URL or <code>null</code> if the access denied
  653        * URI is not specified.
  654        */
  655       public String getAccessDeniedURL() {
  656           if (getAccessDeniedURI() != null) {
  657               if (_accessDeniedURL == null) {
  658                   initAccessDeniedURL();
  659               }
  660           }
  661   
  662           return _accessDeniedURL;
  663       }
  664       
  665       /**
  666        * Returns the base URL for this request. The base URL simply specifies the
  667        * protocol, host and port information and does not contain any URI or
  668        * query strings.
  669        *
  670        * @return the base URL tbe used for this request
  671        */
  672       public String getBaseURL() {
  673       	if (_baseURL == null) {
  674       		initBaseURL();
  675       	}
  676       	return _baseURL;
  677       }    
  678   
  679       /**
  680        * Sets the <code>IHttpServletRequestHelper</code> instance where needed.
  681        * @param httpServletRequestHelper the <code>IHttpServletRequestHelper</code>
  682        * instance that will be used for wrapping this request.
  683        */
  684       public void addHttpServletRequestHelper(IHttpServletRequestHelper helper) {
  685           if (_httpServletRequestHelper == null) {
  686               _httpServletRequestHelper = helper;
  687           } else {
  688               _httpServletRequestHelper.addUserAttributes(
  689                       helper.getUserAttributes());
  690           }
  691       }
  692       
  693      /**
  694       * Sets a <code>Map</code> that contains the response attributes as evaluated
  695       * by the remote policy.
  696       * @param responseAttributes
  697       */
  698       public void setPolicyResponseAttributes(Map responseAttributes) {
  699           _policyResponseAttributes = responseAttributes;
  700       }
  701       
  702      /**
  703       * Returns the response attributes associated with the current request as
  704       * determined by remote policy evaluation. This method can return 
  705       * <code>null</code> if no attributes have been set.
  706       * 
  707       * @return
  708       */
  709       public Map getPolicyResponseAttributes() {
  710           return _policyResponseAttributes;
  711       }
  712   
  713       /**
  714        * Sets the <code>SSOValidationResult</code> instance where needed. This
  715        * is done by the SSO Task Handler on successful validation of the user
  716        * session.
  717        *
  718        * @param ssoValidationResult the <code>SSOValidationResult</code> instance
  719        * that may be used by various task handlers downstream to facilitate the
  720        * further processing of the request.
  721        */
  722       public void setSSOValidationResult(SSOValidationResult ssoValidationResult) 
  723       {
  724           _ssoValidationResult = ssoValidationResult;
  725       }
  726       
  727       public boolean isAuthenticated() {
  728       	boolean result = false;
  729       	if (_ssoValidationResult != null && _ssoValidationResult.isValid()) {
  730       		result = true;
  731       	}
  732       	
  733       	return result;
  734       }
  735   
  736       private void setAccessDeniedURL(String url) {
  737           _accessDeniedURL = url;
  738       }
  739   
  740       /**
  741        * Initializes the access denied URL. The access denied URL is constructed
  742        * using the current request's base URL followed by the access denied URI
  743        * as specified in the agent configuration.
  744        *
  745        */
  746       private void initAccessDeniedURL() {
  747           setAccessDeniedURL(getBaseURL() + getAccessDeniedURI());
  748       }
  749   
  750       private Map getCookieMap() {
  751           return _cookieMap;
  752       }
  753   
  754       private void setCookieMap(Map cookieMap) {
  755           _cookieMap = cookieMap;
  756       }
  757   
  758       private void initCookieMap() {
  759           setCookieMap(
  760               CookieUtils.getRequestCookies(getHttpServletRequest()));
  761       }
  762   
  763       private void setDestinationURL(String url) {
  764           _destinationURL = url;
  765       }
  766       
  767       public void setGotoFormLoginURL(String url) throws AgentException {
  768           try {
  769               URL u = new URL(url);
  770               _gotoFormLoginURL = getBaseURL() + u.getFile();
  771           } catch (MalformedURLException me) {
  772               throw new AgentException("Invalid form login url" + url, me);
  773           }
  774       }    
  775       
  776       private void setPolicyDestinationURL(String url) {
  777           _policyDestinationURL = url;
  778       }
  779   
  780       /**
  781        * Initializes the destination URL. The destination URL is the same as
  782        * the URL requested by the client browser including the necessary
  783        * request URI and query strings if applicable.
  784        */
  785       private void initDestinationURL() {
  786           String       queryString = getHttpServletRequest().getQueryString();
  787           StringBuffer buff        = new StringBuffer();
  788           buff.append(getBaseURL());
  789           buff.append(getHttpServletRequest().getRequestURI());
  790   
  791           if(queryString != null) {
  792               if (!queryString.startsWith("?")) {
  793                   buff.append("?");
  794               }
  795               buff.append(queryString);
  796           }
  797   
  798           setDestinationURL(buff.toString());
  799       }
  800       
  801       private void initPolicyDestinationURL() {
  802           String queryString = StringUtils.removeQueryParameter(
  803                   getHttpServletRequest().getQueryString(), 
  804                   AgentConfiguration.getSSOTokenName());
  805           StringBuffer buff = new StringBuffer();
  806           buff.append(getBaseURL());
  807           buff.append(getHttpServletRequest().getRequestURI());
  808   
  809           if(queryString != null) {
  810               if (!queryString.startsWith("?")) {
  811                   buff.append("?");
  812               }
  813               buff.append(queryString);
  814           }
  815   
  816           setPolicyDestinationURL(buff.toString());
  817       }
  818   
  819       private void setRequest(HttpServletRequest request) {
  820           _request = request;
  821       }
  822   
  823       private void setResponse(HttpServletResponse response) {
  824           _response = response;
  825       }
  826   
  827       private void setGotoParameterName(String gotoPrameterName) {
  828           _gotoParameterName = gotoPrameterName;
  829       }
  830   
  831       private String getLoginURL() throws AgentException {
  832           return getLoginURLFailoverHelper().getAvailableURL();
  833       }
  834   
  835       private String getLogoutURL() throws AgentException {
  836           return getLogoutURLFailoverHelper().getAvailableURL();
  837       }
  838   
  839       private IURLFailoverHelper getLoginURLFailoverHelper() {
  840           return _loginURLFailoverHelper;
  841       }
  842   
  843       private IURLFailoverHelper getLogoutURLFailoverHelper() {
  844           return _logoutURLFailoverHelper;
  845       }
  846   
  847       private void setLoginURLFailoverHelper(IURLFailoverHelper loginURLFailoverHelper) {
  848           _loginURLFailoverHelper = loginURLFailoverHelper;
  849       }
  850   
  851       private void setLogoutURLFailoverHelper(IURLFailoverHelper logoutURLFailoverHelper) {
  852           _logoutURLFailoverHelper = logoutURLFailoverHelper;
  853       }
  854   
  855       private void setAccessDeniedURI(String accessDeniedURI) {
  856           _accessDeniedURI = accessDeniedURI;
  857       }
  858   
  859       private void setFilterMode(AmFilterMode filterMode) {
  860           _filterMode = filterMode;
  861       }
  862   
  863       String getAccessDeniedURI() {
  864           return _accessDeniedURI;
  865       }
  866   
  867       private void setAmFilter(IAmFilter amFilter) {
  868           _amFilter = amFilter;
  869       }
  870   
  871       private IAmFilter getAmFilter() {
  872           return _amFilter;
  873       }
  874   
  875       private void setIsFormLoginRequestFlag(boolean isFormLoginRequest) {
  876           _isFormLoginRequestFlag = isFormLoginRequest;
  877       }
  878   
  879       /**
  880        * Initializes the base URL to be used for this request. The base URL simply
  881        * specifies the protocol, host and port information and does nto contain any
  882        * URI or query strings.
  883        *
  884        */
  885       private void initBaseURL() {
  886           //FIXME use entry point definitions
  887   		StringBuffer buff = new StringBuffer();
  888   		buff.append(getAgentProtocol());
  889   		buff.append("://");
  890   		buff.append(getAgentHost());
  891   		buff.append(":");
  892   		buff.append(getAgentPort());
  893   		_baseURL = buff.toString();
  894       }
  895   
  896       public String getApplicationContextURL() {
  897           if (_applicationContextURL == null) {
  898               initApplicationContextURL();
  899           }
  900           return _applicationContextURL;
  901       }
  902   
  903       private void initApplicationContextURL() {
  904           _applicationContextURL = getBaseURL() +
  905               getHttpServletRequest().getContextPath();
  906       }
  907       
  908       /**
  909        * Sets the base URL for this request. The base URL simply specifies the
  910        * protocol, host and port information and does not contain any URI or
  911        * query strings.
  912        *
  913        * @param baseURL the base URL to be set for this request
  914        */
  915       private void setBaseURL(String baseURL) {
  916       	_baseURL = baseURL;
  917       }
  918       
  919       private void setAgentHost(String agentHost) {
  920           _agentHost = agentHost;
  921       }
  922       
  923       public String getAgentHost() {
  924           return _agentHost;
  925       }
  926       
  927       private void setAgentPort(int agentPort) {
  928           _agentPort = agentPort;
  929       }
  930       
  931       public int getAgentPort() {
  932           return _agentPort;
  933       }
  934       
  935       private void setAgentProtocol(String agentProtocol) {
  936           _agentProtocol = agentProtocol;
  937       }
  938       
  939       public String getAgentProtocol() {
  940           return _agentProtocol;
  941       }
  942   
  943       private HttpServletRequest _request;
  944       private HttpServletResponse _response;
  945       private String _gotoParameterName;
  946       private String _destinationURL;
  947       private String _gotoFormLoginURL;
  948       private String _policyDestinationURL;
  949       private Map _cookieMap;
  950       private IURLFailoverHelper _loginURLFailoverHelper;
  951       private IURLFailoverHelper _logoutURLFailoverHelper;
  952       private boolean _isFormLoginRequestFlag;
  953       private String _accessDeniedURI;
  954       private String _accessDeniedURL;
  955       private IAmFilter _amFilter;
  956       private IHttpServletRequestHelper _httpServletRequestHelper;
  957       private SSOValidationResult _ssoValidationResult;
  958       private String _baseURL;
  959       private String _applicationContextURL;
  960       private AmFilterMode _filterMode;
  961       private Map _policyResponseAttributes;
  962       private String _agentHost;
  963       private int _agentPort;
  964       private String _agentProtocol;
  965   }

Save This Page
Home » opensso-src » com.sun.identity.agents.filter » [javadoc | source]