Save This Page
1 /**
2 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
3 *
4 * Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
5 *
6 * The contents of this file are subject to the terms
7 * of the Common Development and Distribution License
8 * (the License). You may not use this file except in
9 * compliance with the License.
10 *
11 * You can obtain a copy of the License at
12 * https://opensso.dev.java.net/public/CDDLv1.0.html or
13 * opensso/legal/CDDLv1.0.txt
14 * See the License for the specific language governing
15 * permission and limitations under the License.
16 *
17 * When distributing Covered Code, include this CDDL
18 * Header Notice in each file and include the License file
19 * at opensso/legal/CDDLv1.0.txt.
20 * If applicable, add the following below the CDDL Header,
21 * with the fields enclosed by brackets [] replaced by
22 * your own identifying information:
23 * "Portions Copyrighted [year] [name of copyright owner]"
24 *
25 * $Id: AmFilterRequestContext.java,v 1.8 2008/08/07 18:04:46 huacui Exp $
26 *
27 */
28 package com.sun.identity.agents.filter;
29
30 import java.net.MalformedURLException;
31 import java.net.URL;
32 import java.net.URLEncoder;
33 import java.util.Map;
34
35 import javax.servlet.http.Cookie;
36 import javax.servlet.http.HttpServletRequest;
37 import javax.servlet.http.HttpServletResponse;
38
39 import com.sun.identity.agents.arch.AgentConfiguration;
40 import com.sun.identity.agents.arch.AgentException;
41 import com.sun.identity.agents.common.IHttpServletRequestHelper;
42 import com.sun.identity.agents.common.IURLFailoverHelper;
43 import com.sun.identity.agents.common.SSOValidationResult;
44 import com.sun.identity.agents.policy.AmWebPolicyResult;
45 import com.sun.identity.agents.util.CookieUtils;
46 import com.sun.identity.agents.util.IUtilConstants;
47 import com.sun.identity.agents.util.NameValuePair;
48 import com.sun.identity.agents.util.StringUtils;
49
50 /**
51 * A <code>AmFilterRequestContext</code> encapsulates all request and response
52 * related information that is needed for the invocation of various task
53 * handlers by the <code>AmFilter</code> in order to be able to process the
54 * incoming request.
55 */
56 public class AmFilterRequestContext implements IUtilConstants {
57
58 /**
59 * The sole constructor for <code>AmFilterRequestContext</code>.
60 * @param request the HttpServletRequest used for filter invocation
61 * @param response the HttpServletResponse used for filter invocation
62 * @param gotoParameterName the parameter name used for return redirects
63 * @param loginURLFailoverHelper the URL failover helper used to select
64 * the currently available login URL in cases where necessary.
65 * @param logoutURLFailoverHelper the URL failover helper used to select
66 * the currently available logout URL in cases where necessary.
67 * @param isFormLoginRequest a boolean indicating if the current request is
68 * that for a J2EE Form based login.
69 * @param accessDeniedURI the URI to be used for denying access to the
70 * requested resource.
71 * @param amFilter the instance of <code>AmFilter</code> that is creating
72 * this particular request context.
73 * @param filterMode the mode in which the <code>AmFilter</code> is
74 * operating during the execution of this request.
75 */
76 public AmFilterRequestContext(HttpServletRequest request,
77 HttpServletResponse response,
78 String gotoParameterName,
79 IURLFailoverHelper loginURLFailoverHelper,
80 IURLFailoverHelper logoutURLFailoverHelper,
81 boolean isFormLoginRequest,
82 String accessDeniedURI,
83 AmFilter amFilter,
84 AmFilterMode filterMode,
85 String agentHost, int agentPort,
86 String agentProtocol)
87 {
88 setRequest(request);
89 setResponse(response);
90 setGotoParameterName(gotoParameterName);
91 setLoginURLFailoverHelper(loginURLFailoverHelper);
92 setLogoutURLFailoverHelper(logoutURLFailoverHelper);
93 setIsFormLoginRequestFlag(isFormLoginRequest);
94 setAccessDeniedURI(accessDeniedURI);
95 setAmFilter(amFilter);
96 setFilterMode(filterMode);
97 setAgentHost(agentHost);
98 setAgentPort(agentPort);
99 setAgentProtocol(agentProtocol);
100 }
101
102 /**
103 * Returns the original HttpServletRequst that was used for filter
104 * invocation.
105 *
106 * @return the original HttpServletRequest object
107 */
108 public HttpServletRequest getHttpServletRequest() {
109 return _request;
110 }
111
112 /**
113 * Returns the original HttpServletResponse that was used for filter
114 * invocation.
115 *
116 * @return the original HttpServletResponse object
117 */
118 public HttpServletResponse getHttpServletResponse() {
119 return _response;
120 }
121
122 /**
123 * Returns the Filter mode
124 *
125 * @return the Filter mode
126 */
127 public AmFilterMode getFilterMode() {
128 return _filterMode;
129 }
130
131
132 /**
133 * Returns the value of parameter name used for return redirects such
134 * as <code>goto</code> as configured in the Identity Server authentication
135 * service.
136 *
137 * @return the value of parameter name used for return redirects
138 */
139 public String getGotoParameterName() {
140 return _gotoParameterName;
141 }
142
143 /**
144 * Returns the value of the actual canoncialized destination URL that
145 * the user intended to access when the request was submitted.
146 *
147 * @return the canonicalized destination URL as submitted by the user.
148 */
149 public String getDestinationURL() {
150 /**
151 * Note: The <code>AmFilterRequestContext</code> need not be
152 * thread safe and therefore the following lazy initialization should
153 * not cause any problems in the runtime.
154 */
155 if (_destinationURL == null ) {
156 initDestinationURL();
157 }
158 return _destinationURL;
159 }
160
161 /**
162 * Returns the value of the actual destination url in the case
163 * of a form login request. This information is not available
164 * for all agents.
165 *
166 * @return the destination URL in the case of a form login request.
167 */
168 public String getGotoFormLoginURL() {
169 return _gotoFormLoginURL;
170 }
171
172 /**
173 * Returns the value of actual canocialized destination URL that the
174 * user intended to access without the SSO token in the query parameter
175 * so that it can be used to evaluate policies where necessary.
176 *
177 * @return the canocialized destination URL as submitted by the user
178 * without the SSO token in the query parameter if it was present in
179 * the original URL.
180 */
181 public String getPolicyDestinationURL() {
182 if (_policyDestinationURL == null) {
183 initPolicyDestinationURL();
184 }
185
186 return _policyDestinationURL;
187 }
188
189 /**
190 * Returns the value of a named cookie from the underlying
191 * <code>HttpServletRequest</code> object.
192 * @param cookieName the name of the cookie to be looked up.
193 * @return the corresponding cookie value, or <code>null</code> if the
194 * specified cookie is not present.
195 */
196 public String getRequestCookieValue(String cookieName) {
197 /**
198 * Note: The <code>AmFilterRequestContext</code> need not be
199 * thread safe and therefore the following lazy initialization should
200 * not cause any problems in the runtime.
201 */
202 if (getCookieMap() == null) {
203 initCookieMap();
204 }
205 return (String) getCookieMap().get(cookieName);
206 }
207
208 /**
209 * Returns a URL that can be used to redirect the current request which may
210 * be lacking sufficient credentials to the Identity Server Authentication
211 * service.
212 *
213 * @return a String representation of a URL that can be used to redirect the
214 * current request to the authentication service.
215 * @throws AgentException in the event when no login URL for Identity Server
216 * authentication service is available.
217 */
218
219 public String getAuthRedirectURL() throws AgentException {
220 return getAuthRedirectURL(null, null);
221 }
222
223 /**
224 * Returns the value of the GOTO parameter to be used for post authentication
225 * redirect by the authentication service. If the request is a form login
226 * request, the return value will point to the application context root.
227 * Otherwise the return value will be a complete URL of the requested
228 * resource.
229 *
230 * @return the URL to which the user will be redirected after successful
231 * authentication.
232 */
233 public String populateGotoParameterValue() {
234 String gotoURL = null;
235 String gotoFormLoginURL = getGotoFormLoginURL();
236 if (isFormLoginRequest()) {
237 if (gotoFormLoginURL != null) {
238 gotoURL = gotoFormLoginURL;
239 } else {
240 gotoURL = getApplicationContextURL();
241 }
242 } else {
243 gotoURL = getDestinationURL();
244 }
245
246 return gotoURL;
247 }
248
249 /**
250 * Returns a URL that can be used to redirect the current request which may
251 * be lacking sufficient credentials to the Identity Server Authentication
252 * service.
253 *
254 * @param amWebPolicyResult an optional policy result object that may be
255 * carrying any applicable advices.
256 * @return a String representation of a URL that can be used to redirect the
257 * current request to the authentication service.
258 * @throws AgentException in the event when no login URL for Identity Server
259 * authentication service is available.
260 */
261 public String getAuthRedirectURL(AmWebPolicyResult amWebPolicyResult)
262 throws AgentException
263 {
264 return getAuthRedirectURL(amWebPolicyResult, null);
265 }
266
267 public String getAuthRedirectURL(String gotoURL) throws AgentException {
268 return getAuthRedirectURL(null, gotoURL);
269 }
270
271 /**
272 * Returns a URL that can be used to redirect the current request which may
273 * be lacking sufficient credentials to the Identity Server Authentication
274 * service.
275 *
276 * @param amWebPolicyResult an optional policy result object that may be
277 * carrying any applicable advices.
278 * @param gotoURL the goto parameter Value
279 * @return a String representation of a URL that can be used to redirect the
280 * current request to the authentication service.
281 * @throws AgentException in the event when no login URL for Identity Server
282 * authentication service is available.
283 */
284 public String getAuthRedirectURL(AmWebPolicyResult amWebPolicyResult,
285 String gotoURL)
286 throws AgentException
287 {
288
289
290 StringBuffer buff = new StringBuffer();
291 String loginURL = getLoginURL();
292 buff.append(loginURL);
293
294 if(loginURL.indexOf("?") != -1) {
295 buff.append("&");
296 } else {
297 buff.append("?");
298 }
299
300 if (gotoURL == null) {
301 gotoURL = populateGotoParameterValue();
302 }
303
304 buff.append(getGotoParameterName());
305 buff.append("=");
306 buff.append(URLEncoder.encode(gotoURL));
307
308 if((amWebPolicyResult != null) && amWebPolicyResult.hasNameValuePairs()) {
309 NameValuePair[] nvp = amWebPolicyResult.getNameValuePairs();
310
311 buff.append("&");
312
313 for(int i = 0; i < nvp.length; i++) {
314 buff.append(URLEncoder.encode(nvp[i].getName()));
315 buff.append("=");
316 buff.append(URLEncoder.encode(nvp[i].getValue()));
317
318 if(i != nvp.length - 1) {
319 buff.append("&");
320 }
321 }
322 }
323
324 String redirectURL = buff.toString();
325
326 return redirectURL;
327 }
328
329
330 /**
331 * Returns a URL that can be used to logout the user from the
332 * OpenSSO server and redirect the user to a specific URL.
333 * @param gotoURL the redirect URL after logging out
334 * @return a String representation of a URL that can be used to
335 * logout the user from the OpenSSO server and redirect
336 * the user to the gotoURL.
337 */
338 public String getLogoutURL(String gotoURL) {
339 String logoutURL = null;
340 try {
341 logoutURL = getLogoutURL();
342 } catch (AgentException ae) {
343 return null;
344 }
345
346 if (logoutURL == null) {
347 return null;
348 }
349
350 StringBuffer buff = new StringBuffer();
351 buff.append(logoutURL);
352
353 if (logoutURL.indexOf("?") != -1) {
354 buff.append("&");
355 } else {
356 buff.append("?");
357 }
358
359 if (gotoURL == null) {
360 gotoURL = populateGotoParameterValue();
361 }
362
363 buff.append(getGotoParameterName());
364 buff.append("=");
365 buff.append(URLEncoder.encode(gotoURL));
366 return buff.toString();
367 }
368
369
370 /**
371 * Returns a redirect result that can be used to redirect the user to
372 * the sepcified URL.
373 *
374 * @param redirectURL the URL to which the user will be redirected to.
375 * @return an <code>AmFilter</code> to redirect the user to the specified URL.
376 */
377 public AmFilterResult getCustomRedirectResult(String redirectURL) {
378 return new AmFilterResult(AmFilterResultStatus.STATUS_REDIRECT,
379 redirectURL);
380 }
381
382 /**
383 * Returns a redirect result that can be used to authenticate the user
384 * by Identity Server Authentication service.
385 *
386 * @return an <code>AmFilterResult</code> to authenticate the user
387 *
388 * @throws AgentException if the processing of this request results in an
389 * unrecoverable error condition.
390 */
391 public AmFilterResult getAuthRedirectResult() throws AgentException {
392 return getAuthRedirectResult(null);
393 }
394
395 /**
396 * Returns a redirect result that can be used to authenticate the user
397 * by Identity Server Authentication service.
398 *
399 * @param amWebPolicyResult an optional policy result instance which may
400 * contain the necessary advices for authenticating the user
401 * @return an <code>AmFilterResult</code> to authenticate the user
402 *
403 * @throws AgentException if the processing of this request results in an
404 * unrecoverable error condition.
405 */
406 public AmFilterResult getAuthRedirectResult(
407 AmWebPolicyResult amWebPolicyResult)
408 throws AgentException
409 {
410 return new AmFilterResult(AmFilterResultStatus.STATUS_REDIRECT,
411 getAuthRedirectURL(amWebPolicyResult));
412 }
413
414 /**
415 * Returns a redirect result that can be used to authenticate the user
416 * by Identity Server Authentication service.
417 *
418 * @param amWebPolicyResult an optional policy result instance which may
419 * contain the necessary advices for authenticating the user
420 * @param gotoURL the goto parameter value
421 * @return an <code>AmFilterResult</code> to authenticate the user
422 *
423 * @throws AgentException if the processing of this request results in an
424 * unrecoverable error condition.
425 */
426 public AmFilterResult getAuthRedirectResult(
427 AmWebPolicyResult amWebPolicyResult,
428 String gotoURL)
429 throws AgentException
430 {
431 return new AmFilterResult(AmFilterResultStatus.STATUS_REDIRECT,
432 getAuthRedirectURL(amWebPolicyResult,
433 gotoURL));
434 }
435
436 /**
437 * Returns a result for serving some specified data for handling the request.
438 *
439 * @param data the data to be served to the requestor.
440 * @return an <code>AmFilterResult</code> to serve the sepcified data for
441 * to the requestor.
442 */
443 public AmFilterResult getServeDataResult(String data) {
444 return new AmFilterResult(AmFilterResultStatus.STATUS_SERVE_DATA,
445 null, data);
446 }
447
448 /**
449 * Returns an <code>AmFilterResult</code> instance that represents a continue
450 * result for filter processing. If a <code>IHttpServletRequestHelper</code>
451 * has been set for this request, it will be automatically added to the result.
452 *
453 * @return an <code>AmFilterResult</code> to allow the reqeust to continue
454 */
455 public AmFilterResult getContinueResult() {
456 AmFilterResult result = new AmFilterResult(
457 AmFilterResultStatus.STATUS_CONTINUE);
458 if (hasHttpServletRequestHelper()) {
459 result.setHttpServletRequestHelper(getHttpServletRequestHelper());
460 }
461 return result;
462 }
463
464 /**
465 * Returns an <code>AmFilterResult</code> instance that represents a server error
466 * result for filter processing.
467 *
468 * @return an <code>AmFilterResult</code> to indicate a server error
469 */
470 public AmFilterResult getServerErrorResult() {
471 return new AmFilterResult(AmFilterResultStatus.STATUS_SERVER_ERROR);
472 }
473
474 /**
475 * Returns an <code>AmFilterResult</code> instance that represents a blocked
476 * result for filter processing.
477 *
478 * @return an <code>AmFilterResult</code> to block the current request
479 */
480 public AmFilterResult getBlockAccessResult() {
481 return getBlockAccessResult(false);
482 }
483
484 /**
485 * Returns an <code>AmFilterResult</code> instance that represents a blocked
486 * result for filter processing.
487 *
488 * @param forceForbidden when set to true, will force the result to require
489 * the use of HTTP status code 403 in order to block the current request.
490 * @return an <code>AmFilterResult</code> to block the current request
491 */
492 public AmFilterResult getBlockAccessResult(boolean forceForbidden) {
493
494 AmFilterResult result = null;
495
496 if (forceForbidden) {
497 result = new AmFilterResult(AmFilterResultStatus.STATUS_FORBIDDEN);
498 } else {
499 String accessDeniedURI =
500 getAccessDeniedURI();
501
502 if (accessDeniedURI != null) {
503 String url = getAccessDeniedURL();
504 String gotoURL = populateGotoParameterValue();
505 if(gotoURL != null){
506 StringBuffer buff = new StringBuffer(url);
507 buff.append("?");
508 buff.append(getGotoParameterName());
509 buff.append("=");
510 buff.append(URLEncoder.encode(populateGotoParameterValue()));
511 url = buff.toString();
512 }
513
514 result =
515 new AmFilterResult(AmFilterResultStatus.STATUS_REDIRECT,
516 url);
517 } else {
518
519 result =
520 new AmFilterResult(AmFilterResultStatus.STATUS_FORBIDDEN);
521 }
522 }
523 result.markBlocked();
524
525 return result;
526 }
527
528 /**
529 * Returns an <code>AmFilterResult</code> instance that can be used to
530 * redirect the incoming request back to itself. This may be necessary in
531 * cases such as where the Task Handler has set certain cookies and these
532 * cookies must be made available to the downstream application.
533 *
534 * @return an <code>AmFilterResult</code> that can be used to redirect the
535 * request back to its destination thereby making a roundtrip before passing
536 * the request to the downstream application.
537 */
538 public AmFilterResult getRedirectToSelfResult() {
539 return getAmFilter().redirectToSelf(this);
540 }
541
542 /**
543 * Adds a cookie with age set to 0 for the given name, thereby expiring the
544 * cookie on the client.
545 * @param cookieName the name of the cookie to be expired.
546 */
547 public void expireCookie(String cookieName) {
548 expireCookie(cookieName, null, null);
549 }
550
551 /**
552 * Adds a cookie with age set to 0 for the given name, thereby expiring the
553 * cookie on the client.
554 * @param cookieName the name of the cookie to be expired.
555 * @param domain the domain of the cookie to be expired
556 */
557 public void expireCookie(String cookieName, String domain) {
558 expireCookie(cookieName, domain, null);
559 }
560
561 /**
562 * Adds a cookie with age set to 0 for the given name, thereby expiring the
563 * cookie on the client.
564 * @param cookieName the name of the cookie to be expired.
565 * @param domain the domain of the cookie to be expired
566 * @param path the path of the cookie to be expired
567 */
568 public void expireCookie(String cookieName, String domain, String path) {
569 Cookie expiredCookie =
570 CookieUtils.getExpiredCookie(cookieName, domain, path);
571 getHttpServletResponse().addCookie(expiredCookie);
572 }
573
574 /**
575 * Returns the DN of the currently authenticated user. If the task handler
576 * specific to SSO validation has not been invoked yet, the user is considered
577 * unauthenticated and therefore this method will return a <code>null</code>
578 * value.
579 *
580 * @return the DN of the currently authenticated user or <code>null</code> if
581 * the current request has not been subjected to SSO validation yet.
582 */
583 public String getUserPrincipal() {
584 return (getSSOValidationResult() != null) ?
585 getSSOValidationResult().getUserPrincipal():null;
586 }
587
588 /**
589 * Returns the user name for the currently authenticated user. If the property
590 * use dn is set to true, the name will be the user DN. If set to false, this
591 * value will be the UID of the user. This method will return <code>null</code>
592 * if the current user has not been authenticated yet.
593 *
594 * @return the user name of the currently authenticated user, or <code>null</code>
595 * otherwise.
596 */
597 public String getUserId() {
598 return (getSSOValidationResult() != null) ?
599 getSSOValidationResult().getUserId(): null;
600
601 }
602
603 /**
604 * Returns the instance of <code>IHttpServletRequestHelper</code> that can
605 * be used to wrap this request.
606 * @return the instnace of <code>IHttpServletRequestHelper</code> if available
607 * or <code>null</code> if no such instnace is available.
608 */
609 public IHttpServletRequestHelper getHttpServletRequestHelper() {
610 return _httpServletRequestHelper;
611 }
612
613 /**
614 * Returns true if the current request context has an instnace of
615 * <code>IHttpServletRequestHelper</code> available for wrapping the reqeust.
616 *
617 * @return true if an instance of <code>IHttpServletRequestHelper</code> is
618 * available, false otherwise.
619 */
620 public boolean hasHttpServletRequestHelper() {
621 return getHttpServletRequestHelper() != null;
622 }
623
624 /**
625 * Returns a boolean indicating if the current request is that for a J2EE
626 * form login.
627 * @return true if the current request is that for a form login, false
628 * otherwise.
629 */
630 public boolean isFormLoginRequest() {
631 return _isFormLoginRequestFlag;
632 }
633
634 /**
635 * Returns the <code>SSOValidationResult</code> object for the current
636 * request if available. This instance is created and made available only
637 * after the SSO task handler has operated on this request. If the SSO task
638 * handler was not invoked prior to this method call, or if the SSO validation
639 * failed for the current user, the return from this method will be <code>null</code>.
640 * @return the <code>SSOValidationResult</code> object for the current request
641 * if available, <code>null</code> otherwise.
642 */
643 public SSOValidationResult getSSOValidationResult() {
644 return _ssoValidationResult;
645 }
646
647 /**
648 * Returns the access denied URL to be used for blocking this request
649 * if necessary. If the access denied URI is not specified, the return
650 * will be a <code>null</code> value.
651 *
652 * @return the access denied URL or <code>null</code> if the access denied
653 * URI is not specified.
654 */
655 public String getAccessDeniedURL() {
656 if (getAccessDeniedURI() != null) {
657 if (_accessDeniedURL == null) {
658 initAccessDeniedURL();
659 }
660 }
661
662 return _accessDeniedURL;
663 }
664
665 /**
666 * Returns the base URL for this request. The base URL simply specifies the
667 * protocol, host and port information and does not contain any URI or
668 * query strings.
669 *
670 * @return the base URL tbe used for this request
671 */
672 public String getBaseURL() {
673 if (_baseURL == null) {
674 initBaseURL();
675 }
676 return _baseURL;
677 }
678
679 /**
680 * Sets the <code>IHttpServletRequestHelper</code> instance where needed.
681 * @param httpServletRequestHelper the <code>IHttpServletRequestHelper</code>
682 * instance that will be used for wrapping this request.
683 */
684 public void addHttpServletRequestHelper(IHttpServletRequestHelper helper) {
685 if (_httpServletRequestHelper == null) {
686 _httpServletRequestHelper = helper;
687 } else {
688 _httpServletRequestHelper.addUserAttributes(
689 helper.getUserAttributes());
690 }
691 }
692
693 /**
694 * Sets a <code>Map</code> that contains the response attributes as evaluated
695 * by the remote policy.
696 * @param responseAttributes
697 */
698 public void setPolicyResponseAttributes(Map responseAttributes) {
699 _policyResponseAttributes = responseAttributes;
700 }
701
702 /**
703 * Returns the response attributes associated with the current request as
704 * determined by remote policy evaluation. This method can return
705 * <code>null</code> if no attributes have been set.
706 *
707 * @return
708 */
709 public Map getPolicyResponseAttributes() {
710 return _policyResponseAttributes;
711 }
712
713 /**
714 * Sets the <code>SSOValidationResult</code> instance where needed. This
715 * is done by the SSO Task Handler on successful validation of the user
716 * session.
717 *
718 * @param ssoValidationResult the <code>SSOValidationResult</code> instance
719 * that may be used by various task handlers downstream to facilitate the
720 * further processing of the request.
721 */
722 public void setSSOValidationResult(SSOValidationResult ssoValidationResult)
723 {
724 _ssoValidationResult = ssoValidationResult;
725 }
726
727 public boolean isAuthenticated() {
728 boolean result = false;
729 if (_ssoValidationResult != null && _ssoValidationResult.isValid()) {
730 result = true;
731 }
732
733 return result;
734 }
735
736 private void setAccessDeniedURL(String url) {
737 _accessDeniedURL = url;
738 }
739
740 /**
741 * Initializes the access denied URL. The access denied URL is constructed
742 * using the current request's base URL followed by the access denied URI
743 * as specified in the agent configuration.
744 *
745 */
746 private void initAccessDeniedURL() {
747 setAccessDeniedURL(getBaseURL() + getAccessDeniedURI());
748 }
749
750 private Map getCookieMap() {
751 return _cookieMap;
752 }
753
754 private void setCookieMap(Map cookieMap) {
755 _cookieMap = cookieMap;
756 }
757
758 private void initCookieMap() {
759 setCookieMap(
760 CookieUtils.getRequestCookies(getHttpServletRequest()));
761 }
762
763 private void setDestinationURL(String url) {
764 _destinationURL = url;
765 }
766
767 public void setGotoFormLoginURL(String url) throws AgentException {
768 try {
769 URL u = new URL(url);
770 _gotoFormLoginURL = getBaseURL() + u.getFile();
771 } catch (MalformedURLException me) {
772 throw new AgentException("Invalid form login url" + url, me);
773 }
774 }
775
776 private void setPolicyDestinationURL(String url) {
777 _policyDestinationURL = url;
778 }
779
780 /**
781 * Initializes the destination URL. The destination URL is the same as
782 * the URL requested by the client browser including the necessary
783 * request URI and query strings if applicable.
784 */
785 private void initDestinationURL() {
786 String queryString = getHttpServletRequest().getQueryString();
787 StringBuffer buff = new StringBuffer();
788 buff.append(getBaseURL());
789 buff.append(getHttpServletRequest().getRequestURI());
790
791 if(queryString != null) {
792 if (!queryString.startsWith("?")) {
793 buff.append("?");
794 }
795 buff.append(queryString);
796 }
797
798 setDestinationURL(buff.toString());
799 }
800
801 private void initPolicyDestinationURL() {
802 String queryString = StringUtils.removeQueryParameter(
803 getHttpServletRequest().getQueryString(),
804 AgentConfiguration.getSSOTokenName());
805 StringBuffer buff = new StringBuffer();
806 buff.append(getBaseURL());
807 buff.append(getHttpServletRequest().getRequestURI());
808
809 if(queryString != null) {
810 if (!queryString.startsWith("?")) {
811 buff.append("?");
812 }
813 buff.append(queryString);
814 }
815
816 setPolicyDestinationURL(buff.toString());
817 }
818
819 private void setRequest(HttpServletRequest request) {
820 _request = request;
821 }
822
823 private void setResponse(HttpServletResponse response) {
824 _response = response;
825 }
826
827 private void setGotoParameterName(String gotoPrameterName) {
828 _gotoParameterName = gotoPrameterName;
829 }
830
831 private String getLoginURL() throws AgentException {
832 return getLoginURLFailoverHelper().getAvailableURL();
833 }
834
835 private String getLogoutURL() throws AgentException {
836 return getLogoutURLFailoverHelper().getAvailableURL();
837 }
838
839 private IURLFailoverHelper getLoginURLFailoverHelper() {
840 return _loginURLFailoverHelper;
841 }
842
843 private IURLFailoverHelper getLogoutURLFailoverHelper() {
844 return _logoutURLFailoverHelper;
845 }
846
847 private void setLoginURLFailoverHelper(IURLFailoverHelper loginURLFailoverHelper) {
848 _loginURLFailoverHelper = loginURLFailoverHelper;
849 }
850
851 private void setLogoutURLFailoverHelper(IURLFailoverHelper logoutURLFailoverHelper) {
852 _logoutURLFailoverHelper = logoutURLFailoverHelper;
853 }
854
855 private void setAccessDeniedURI(String accessDeniedURI) {
856 _accessDeniedURI = accessDeniedURI;
857 }
858
859 private void setFilterMode(AmFilterMode filterMode) {
860 _filterMode = filterMode;
861 }
862
863 String getAccessDeniedURI() {
864 return _accessDeniedURI;
865 }
866
867 private void setAmFilter(IAmFilter amFilter) {
868 _amFilter = amFilter;
869 }
870
871 private IAmFilter getAmFilter() {
872 return _amFilter;
873 }
874
875 private void setIsFormLoginRequestFlag(boolean isFormLoginRequest) {
876 _isFormLoginRequestFlag = isFormLoginRequest;
877 }
878
879 /**
880 * Initializes the base URL to be used for this request. The base URL simply
881 * specifies the protocol, host and port information and does nto contain any
882 * URI or query strings.
883 *
884 */
885 private void initBaseURL() {
886 //FIXME use entry point definitions
887 StringBuffer buff = new StringBuffer();
888 buff.append(getAgentProtocol());
889 buff.append("://");
890 buff.append(getAgentHost());
891 buff.append(":");
892 buff.append(getAgentPort());
893 _baseURL = buff.toString();
894 }
895
896 public String getApplicationContextURL() {
897 if (_applicationContextURL == null) {
898 initApplicationContextURL();
899 }
900 return _applicationContextURL;
901 }
902
903 private void initApplicationContextURL() {
904 _applicationContextURL = getBaseURL() +
905 getHttpServletRequest().getContextPath();
906 }
907
908 /**
909 * Sets the base URL for this request. The base URL simply specifies the
910 * protocol, host and port information and does not contain any URI or
911 * query strings.
912 *
913 * @param baseURL the base URL to be set for this request
914 */
915 private void setBaseURL(String baseURL) {
916 _baseURL = baseURL;
917 }
918
919 private void setAgentHost(String agentHost) {
920 _agentHost = agentHost;
921 }
922
923 public String getAgentHost() {
924 return _agentHost;
925 }
926
927 private void setAgentPort(int agentPort) {
928 _agentPort = agentPort;
929 }
930
931 public int getAgentPort() {
932 return _agentPort;
933 }
934
935 private void setAgentProtocol(String agentProtocol) {
936 _agentProtocol = agentProtocol;
937 }
938
939 public String getAgentProtocol() {
940 return _agentProtocol;
941 }
942
943 private HttpServletRequest _request;
944 private HttpServletResponse _response;
945 private String _gotoParameterName;
946 private String _destinationURL;
947 private String _gotoFormLoginURL;
948 private String _policyDestinationURL;
949 private Map _cookieMap;
950 private IURLFailoverHelper _loginURLFailoverHelper;
951 private IURLFailoverHelper _logoutURLFailoverHelper;
952 private boolean _isFormLoginRequestFlag;
953 private String _accessDeniedURI;
954 private String _accessDeniedURL;
955 private IAmFilter _amFilter;
956 private IHttpServletRequestHelper _httpServletRequestHelper;
957 private SSOValidationResult _ssoValidationResult;
958 private String _baseURL;
959 private String _applicationContextURL;
960 private AmFilterMode _filterMode;
961 private Map _policyResponseAttributes;
962 private String _agentHost;
963 private int _agentPort;
964 private String _agentProtocol;
965 }