|
|
@@ -1,180 +0,0 @@
|
|
|
-/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
|
|
|
- *
|
|
|
- * Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
- * you may not use this file except in compliance with the License.
|
|
|
- * You may obtain a copy of the License at
|
|
|
- *
|
|
|
- * http://www.apache.org/licenses/LICENSE-2.0
|
|
|
- *
|
|
|
- * Unless required by applicable law or agreed to in writing, software
|
|
|
- * distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
- * See the License for the specific language governing permissions and
|
|
|
- * limitations under the License.
|
|
|
- */
|
|
|
-package org.springframework.security.ui.openid;
|
|
|
-
|
|
|
-import org.apache.commons.logging.Log;
|
|
|
-import org.apache.commons.logging.LogFactory;
|
|
|
-import org.springframework.util.StringUtils;
|
|
|
-import org.springframework.web.context.WebApplicationContext;
|
|
|
-import org.springframework.web.context.support.WebApplicationContextUtils;
|
|
|
-
|
|
|
-import javax.servlet.ServletException;
|
|
|
-import javax.servlet.http.HttpServlet;
|
|
|
-import javax.servlet.http.HttpServletRequest;
|
|
|
-import javax.servlet.http.HttpServletResponse;
|
|
|
-import java.io.IOException;
|
|
|
-
|
|
|
-
|
|
|
-/**
|
|
|
- * This servlet starts the OpenID authentication process.
|
|
|
- * <br/>
|
|
|
- * <br/>Sample web.xml configuration:
|
|
|
- * <br/>
|
|
|
- * <br/> <servlet>
|
|
|
- * <br/> <servlet-name>openid</servlet-name>
|
|
|
- * <br/> <servlet-class>org.springframework.security.ui.openid.OpenIDLoginInitiationServlet</servlet-class>
|
|
|
- * <br/> <load-on-startup>1</load-on-startup>
|
|
|
- * <br/> <init-param>
|
|
|
- * <br/> <description>The error page - will receive error "message"</description>
|
|
|
- * <br/> <param-name>errorPage</param-name>
|
|
|
- * <br/> <param-value>index.jsp</param-value>
|
|
|
- * <br/> </init-param>
|
|
|
- * <br/> </servlet>
|
|
|
- * <br/> <servlet-mapping>
|
|
|
- * <br/> <servlet-name>openid</servlet-name>
|
|
|
- * <br/> <url-pattern>/j_spring_security_openid_start</url-pattern>
|
|
|
- * <br/> </servlet-mapping>
|
|
|
- * <br/>
|
|
|
- * <br/>Sample login form:
|
|
|
- * <br/><form method="POST" action="j_spring_security_openid_start">
|
|
|
- * <br/> <input type="text" name="j_username" />
|
|
|
- * <br/> <input type="password" name="j_password" />
|
|
|
- * <br/> <input type="submit" value="Verify" />
|
|
|
- * <br/></form>
|
|
|
- * <br/>
|
|
|
- * <br/>Usage notes:
|
|
|
- * <li>Requires an <code>openIDConsumer</code> Spring bean implementing the {@link OpenIDConsumer} interface</li>
|
|
|
- * <li>It will pass off to standard form-based authentication if appropriate</li>
|
|
|
- * (note that <code>AuthenticationProcessingFilter</code> requires j_username, j_password)
|
|
|
- * <br/>
|
|
|
- * <br/>Outstanding items:
|
|
|
- * TODO: config flag for whether OpenID only or dual mode?
|
|
|
- * TODO: username matching logic
|
|
|
- *
|
|
|
- * @author Robin Bramley, Opsera Ltd
|
|
|
- * @version $Id:$
|
|
|
- */
|
|
|
-public class OpenIDLoginInitiationServlet extends HttpServlet {
|
|
|
- final static long serialVersionUID = -997766L;
|
|
|
- private static final Log logger = LogFactory.getLog(OpenIDLoginInitiationServlet.class);
|
|
|
- private static final String passwordField = "j_password";
|
|
|
-
|
|
|
- /**
|
|
|
- * Servlet config key for looking up the the HttpServletRequest parameter name
|
|
|
- * containing the OpenID Identity URL from the Servlet config.
|
|
|
- * <br/><b>Only set the identityField servlet init-param if you are not using</b> <code>j_username</code>
|
|
|
- * <br/>
|
|
|
- * <br/> <init-param>
|
|
|
- * <br/> <description>The identity form field parameter</description>
|
|
|
- * <br/> <param-name>identityField</param-name>
|
|
|
- * <br/> <param-value>/openid_url</param-value>
|
|
|
- * <br/> </init-param>
|
|
|
- */
|
|
|
- public static final String IDENTITY_FIELD_KEY = "identityField";
|
|
|
-
|
|
|
- /**
|
|
|
- * Servlet config key for the return to URL
|
|
|
- */
|
|
|
- public static final String ERROR_PAGE_KEY = "errorPage";
|
|
|
-
|
|
|
- /**
|
|
|
- * Servlet config key for looking up the form login URL from the Servlet config.
|
|
|
- * <br/><b>Only set the formLogin servlet init-param if you are not using</b> <code>/j_spring_security_check</code>
|
|
|
- * <br/>
|
|
|
- * <br/> <init-param>
|
|
|
- * <br/> <description>The form login URL - for standard authentication</description>
|
|
|
- * <br/> <param-name>formLogin</param-name>
|
|
|
- * <br/> <param-value>/custom_acegi_security_check</param-value>
|
|
|
- * <br/> </init-param>
|
|
|
- */
|
|
|
- public static final String FORM_LOGIN_URL_KEY = "formLogin";
|
|
|
-
|
|
|
- /**
|
|
|
- * Spring context key for the OpenID consumer bean
|
|
|
- */
|
|
|
- public static final String CONSUMER_KEY = "openIDConsumer";
|
|
|
- private String errorPage = "index.jsp";
|
|
|
- private String identityField = "j_username";
|
|
|
- private String formLoginUrl = "/j_spring_security_check";
|
|
|
-
|
|
|
- /**
|
|
|
- * Check for init-params
|
|
|
- *
|
|
|
- * @Override
|
|
|
- */
|
|
|
- public void init() throws ServletException {
|
|
|
- super.init();
|
|
|
-
|
|
|
- String configErrorPage = getServletConfig()
|
|
|
- .getInitParameter(ERROR_PAGE_KEY);
|
|
|
-
|
|
|
- if (StringUtils.hasText(configErrorPage)) {
|
|
|
- errorPage = configErrorPage;
|
|
|
- }
|
|
|
-
|
|
|
- String configIdentityField = getServletConfig()
|
|
|
- .getInitParameter(IDENTITY_FIELD_KEY);
|
|
|
-
|
|
|
- if (StringUtils.hasText(configIdentityField)) {
|
|
|
- identityField = configIdentityField;
|
|
|
- }
|
|
|
-
|
|
|
- String configFormLoginUrl = getServletConfig()
|
|
|
- .getInitParameter(FORM_LOGIN_URL_KEY);
|
|
|
-
|
|
|
- if (StringUtils.hasText(configFormLoginUrl)) {
|
|
|
- formLoginUrl = configFormLoginUrl;
|
|
|
- }
|
|
|
- }
|
|
|
-
|
|
|
- /**
|
|
|
- * Process the form post - all the work is done by the OpenIDConsumer.beginConsumption method
|
|
|
- *
|
|
|
- * @Override
|
|
|
- */
|
|
|
- protected void doPost(HttpServletRequest req, HttpServletResponse res)
|
|
|
- throws ServletException, IOException {
|
|
|
- WebApplicationContext webApplicationContext = WebApplicationContextUtils.getRequiredWebApplicationContext(getServletContext());
|
|
|
- OpenIDConsumer consumer = (OpenIDConsumer) webApplicationContext.getBean(CONSUMER_KEY);
|
|
|
-
|
|
|
- // get the submitted id field
|
|
|
- String id = req.getParameter(identityField);
|
|
|
-
|
|
|
- // assume page will validate?
|
|
|
- //TODO: null checking!
|
|
|
-
|
|
|
- //TODO: pattern matching
|
|
|
- String password = req.getParameter(passwordField);
|
|
|
-
|
|
|
- if ((password != null) && (password.length() > 0)) {
|
|
|
- logger.debug("Attempting to authenticate using username/password");
|
|
|
-
|
|
|
- // forward to authenticationProcessingFilter (/j_spring_security_check - depends on param names)
|
|
|
- req.getRequestDispatcher(formLoginUrl).forward(req, res);
|
|
|
-
|
|
|
- } else {
|
|
|
- // send the user the redirect url to proceed with OpenID authentication
|
|
|
- try {
|
|
|
- String redirect = consumer.beginConsumption(req, id, req.getRequestURL().toString());
|
|
|
- logger.debug("Redirecting to: " + redirect);
|
|
|
- res.sendRedirect(redirect);
|
|
|
- } catch (OpenIDConsumerException oice) {
|
|
|
- logger.error("Consumer error!", oice);
|
|
|
- req.setAttribute("message", oice.getMessage());
|
|
|
- req.getRequestDispatcher(errorPage).forward(req, res);
|
|
|
- }
|
|
|
- }
|
|
|
- }
|
|
|
-}
|
Ray Krueger