Examples of CASReceipt

Examples of com.discursive.cas.extend.client.CASReceipt

393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
        }

        HttpSession session = ((HttpServletRequest) request).getSession();

        // if our attribute's already present and valid, pass through the filter chain
        CASReceipt receipt = (CASReceipt) session.getAttribute(CAS_FILTER_RECEIPT);
        if (receipt != null && isReceiptAcceptable(receipt)) {
            log.trace("CAS_FILTER_RECEIPT attribute was present and acceptable - passing  request through filter..");
            fc.doFilter(request, response);
            return;
        }

        // otherwise, we need to authenticate via CAS
        String ticket = request.getParameter("ticket");

        // no ticket?  abort request processing and redirect
        if (ticket == null || ticket.equals("")) {
            log.trace("CAS ticket was not present on request.");
            // did we go through the gateway already?
            boolean didGateway =
                Boolean
                    .valueOf(
                        (String) session.getAttribute(
                            CAS_FILTER_GATEWAYED))
                    .booleanValue();

            if (casConfig.getCasLogin() == null) {
                //TODO: casLogin should probably be ensured to not be null at filter initialization. -awp9
                log.fatal("casLogin was not set, so filter cannot redirect request for authentication.");
                throw new ServletException(
                    "When CASFilter protects pages that do not receive a 'ticket' "
                        + "parameter, it needs a com.discursive.cas.extend.client.filter.loginUrl "
                        + "filter parameter");
            }
            if (!didGateway) {
                log.trace("Did not previously gateway.  Setting session attribute to true.");
                session.setAttribute(
                    CAS_FILTER_GATEWAYED,
                    "true");
                redirectToCAS(
                    (HttpServletRequest) request,
                    (HttpServletResponse) response);
                // abort chain
                return;
            } else {
                log.trace("Previously gatewayed.");
                // if we should be logged in, make sure validation succeeded
                if (casConfig.isCasGateway()
                    || session.getAttribute(CAS_FILTER_USER) != null) {
                      log.trace("casGateway was true and CAS_FILTER_USER set: passing request along filter chain.");
                    // continue processing the request
                    fc.doFilter(request, response);
                    return;
                } else {
                    // unknown state... redirect to CAS
                    session.setAttribute(
                        CAS_FILTER_GATEWAYED,
                        "true");
                    redirectToCAS(
                        (HttpServletRequest) request,
                        (HttpServletResponse) response);
                    // abort chain
                    return;
                }
            }
        }


        try {
            receipt = getAuthenticatedUser((HttpServletRequest) request);
        } catch (CASAuthenticationException e) {
            log.error(e);
            throw new ServletException(e);
        }

        if (! isReceiptAcceptable(receipt)){
            throw new ServletException("Authentication was technically successful but rejected as a matter of policy. [" + receipt + "]");
        }
       
        // Store the authenticated user in the session
        if (session != null) { // probably unnecessary
            session.setAttribute(CAS_FILTER_USER, receipt.getUserName());
            session.setAttribute(CASFilter.CAS_FILTER_RECEIPT, receipt);
            // don't store extra unnecessary session state
            session.removeAttribute(
                CAS_FILTER_GATEWAYED);
        }
View Full Code Here

Examples of com.discursive.cas.extend.client.CASReceipt

144
145
146
147
148
149
150
151
152
153
154
155
156
        }
        if (! (potentialReceipt instanceof CASReceipt)) {
            log.warn("An object was present in the session attribute " + CASFilter.CAS_FILTER_RECEIPT + " but it wasn't of type " + CASReceipt.class.getName());
            return false;
        }
        CASReceipt receipt = (CASReceipt) potentialReceipt;
       
        if (! this.authorizedProxyChains.contains(receipt.getProxyList())){
            log.info("CAS receipt: " + receipt + " did not present a proxy chain among those authorized: " + this.authorizedProxyChains + " - considering request unauthorized.");
            return false;
        }
        log.trace("returning from isRequestAuthorized() with true");
        return true;
View Full Code Here

Examples of com.discursive.cas.extend.client.CASReceipt

278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
        HttpSession session = ((HttpServletRequest) request).getSession();

        // if our attribute's already present and valid, pass through the filter
        // chain
        CASReceipt receipt = (CASReceipt) session
                .getAttribute(CAS_FILTER_RECEIPT);
        if (receipt != null) {
            log
                    .trace("CAS_FILTER_RECEIPT attribute was present - passing  request through filter..");
            fc.doFilter(request, response);
            return;
        }

        // otherwise, we need to authenticate via CAS
        String ticket = request.getParameter("ticket");

        // no ticket? no validation to be done, pass the request through.
        if (ticket == null || ticket.equals("")) {
            log.trace("CAS ticket was not present on request.");
            fc.doFilter(request, response);
            return;
        }

        try {
            receipt = getAuthenticatedUser((HttpServletRequest) request);
        } catch (CASAuthenticationException e) {
            log.error(e);
            throw new ServletException(e);
        }

        // Store the authenticated user in the session
        if (session != null) { // probably unnecessary
            session.setAttribute(CAS_FILTER_USER, receipt.getUserName());
            session.setAttribute(CASValidateFilter.CAS_FILTER_RECEIPT, receipt);
        }
        if (log.isTraceEnabled()) {
            log.trace("validated ticket to get authenticated receipt ["
                    + receipt + "], now passing request along filter chain.");
View Full Code Here

Examples of com.discursive.cas.extend.client.CASReceipt

62
63
64
65
66
67
68
69
70
71
72
        HttpSession session = ((HttpServletRequest) request).getSession();

        // if our attribute's already present and valid, pass through the filter
        // chain
        CASReceipt receipt = (CASReceipt) session
                .getAttribute(CASFilter.CAS_FILTER_RECEIPT);

        // otherwise, we need to authenticate via CAS
        String ticket = request.getParameter("ticket");
View Full Code Here

Examples of com.discursive.cas.extend.client.CASReceipt

388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
        }

        HttpSession session = ((HttpServletRequest) request).getSession();

        // if our attribute's already present and valid, pass through the filter chain
        CASReceipt receipt = (CASReceipt) session.getAttribute(CAS_FILTER_RECEIPT);
        if (receipt != null && isReceiptAcceptable(receipt)) {
            log.trace("CAS_FILTER_RECEIPT attribute was present and acceptable - passing  request through filter..");
            fc.doFilter(request, response);
            return;
        }

        // otherwise, we need to authenticate via CAS
        String ticket = request.getParameter("ticket");

        // no ticket?  abort request processing and redirect
        if (ticket == null || ticket.equals("")) {
            log.trace("CAS ticket was not present on request.");
            // did we go through the gateway already?
            boolean didGateway =
                Boolean
                    .valueOf(
                        (String) session.getAttribute(
                            CAS_FILTER_GATEWAYED))
                    .booleanValue();

            if (casConfig.getCasLogin() == null) {
                //TODO: casLogin should probably be ensured to not be null at filter initialization. -awp9
                log.fatal("casLogin was not set, so filter cannot redirect request for authentication.");
                throw new ServletException(
                    "When CASFilter protects pages that do not receive a 'ticket' "
                        + "parameter, it needs a com.discursive.cas.extend.client.filter.loginUrl "
                        + "filter parameter");
            }
            if (!didGateway) {
                log.trace("Did not previously gateway.  Setting session attribute to true.");
                session.setAttribute(
                    CAS_FILTER_GATEWAYED,
                    "true");
                redirectToCAS(
                    (HttpServletRequest) request,
                    (HttpServletResponse) response);
                // abort chain
                return;
            } else {
                log.trace("Previously gatewayed.");
                // if we should be logged in, make sure validation succeeded
                if (casConfig.isCasGateway()
                    || session.getAttribute(CAS_FILTER_USER) != null) {
                      log.trace("casGateway was true and CAS_FILTER_USER set: passing request along filter chain.");
                    // continue processing the request
                    fc.doFilter(request, response);
                    return;
                } else {
                    // unknown state... redirect to CAS
                    session.setAttribute(
                        CAS_FILTER_GATEWAYED,
                        "true");
                    redirectToCAS(
                        (HttpServletRequest) request,
                        (HttpServletResponse) response);
                    // abort chain
                    return;
                }
            }
        }


        try {
            receipt = getAuthenticatedUser((HttpServletRequest) request);
        } catch (CASAuthenticationException e) {
            log.error(e);
            throw new ServletException(e);
        }

        if (! isReceiptAcceptable(receipt)){
            throw new ServletException("Authentication was technically successful but rejected as a matter of policy. [" + receipt + "]");
        }
       
        // Store the authenticated user in the session
        if (session != null) { // probably unnecessary
            session.setAttribute(CAS_FILTER_USER, receipt.getUserName());
            session.setAttribute(CASFilter.CAS_FILTER_RECEIPT, receipt);
            // don't store extra unnecessary session state
            session.removeAttribute(
                CAS_FILTER_GATEWAYED);
        }
View Full Code Here

Examples of com.discursive.cas.extend.client.CASReceipt

277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
        HttpSession session = ((HttpServletRequest) request).getSession();

        // if our attribute's already present and valid, pass through the filter
        // chain
        CASReceipt receipt = (CASReceipt) session
                .getAttribute(CAS_FILTER_RECEIPT);
        if (receipt != null) {
            log
                    .trace("CAS_FILTER_RECEIPT attribute was present - passing  request through filter..");
            fc.doFilter(request, response);
            return;
        }

        // otherwise, we need to authenticate via CAS
        String ticket = request.getParameter("ticket");

        // no ticket? no validation to be done, pass the request through.
        if (ticket == null || ticket.equals("")) {
            log.trace("CAS ticket was not present on request.");
            fc.doFilter(request, response);
            return;
        }

        try {
            receipt = getAuthenticatedUser((HttpServletRequest) request);
        } catch (CASAuthenticationException e) {
            log.error(e);
            throw new ServletException(e);
        }

        // Store the authenticated user in the session
        if (session != null) { // probably unnecessary
            session.setAttribute(CAS_FILTER_USER, receipt.getUserName());
            session.setAttribute(CASValidateFilter.CAS_FILTER_RECEIPT, receipt);
        }
        if (log.isTraceEnabled()) {
            log.trace("validated ticket to get authenticated receipt ["
                    + receipt + "], now passing request along filter chain.");
View Full Code Here

Examples of edu.yale.its.tp.cas.client.CASReceipt

91
92
93
94
95
96
97
98
99
100
101
102
      SourceBean engineConfig = EnginConf.getInstance().getConfig();
      SourceBean sourceBeanConf = (SourceBean) engineConfig.getAttribute("FILTER_RECEIPT");
      String filterReceipt = (String) sourceBeanConf.getCharacters();
      logger.debug("Read filterReceipt=" + filterReceipt);
      filterReceipt = spagoBiServerURL + filterReceipt;
      CASReceipt cr = (CASReceipt) session.getAttribute(CASFilter.CAS_FILTER_RECEIPT);
      logger.debug("Read cr=" + cr);
      if (cr==null) logger.warn("CASReceipt in session is NULL");
      String ticket=ProxyTicketReceptor.getProxyTicket(cr.getPgtIou(), filterReceipt);
      logger.debug("OUT.ticket="+ticket);
      return ticket;
    }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.