ssoauth.java

sso(single sign on)

package DesktopSSO;

import java.io.*;
import java.net.*;
import java.text.*;
import java.util.*;
import java.util.concurrent.*;

import javax.servlet.*;
import javax.servlet.http.*;

/**
 *
 * @author Wang Yu
 * @version
 */
public class SSOAuth extends HttpServlet {
    
    static private ConcurrentMap accounts;
    static private ConcurrentMap SSOIDs;
    String cookiename="WangYuDesktopSSOID";
    String domainname;
    
     public void init(ServletConfig config) throws ServletException {
        super.init(config);
        domainname= config.getInitParameter("domainname");
        cookiename = config.getInitParameter("cookiename");
        SSOIDs = new ConcurrentHashMap();
        accounts=new ConcurrentHashMap();
        accounts.put("wangyu", "wangyu");
        accounts.put("paul", "paul");
        accounts.put("carol", "carol");
    }
     
    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
    throws ServletException, IOException {
        PrintWriter out = response.getWriter();
        String action = request.getParameter("action");
        String gotoURL = request.getParameter("goto");
        String result="failed";
        if (action==null) {
            handlerFromLogin(request,response);
        } else if (action.equals("authcookie")){
            String myCookie = request.getParameter("cookiename");
            if (myCookie != null)  result = authCookie(myCookie);
            out.print(result);
            out.close();
        } else if (action.equals("authuser")) {
            result=authNameAndPasswd(request,response);
            out.print(result);
            out.close();
        }  else if (action.equals("logout")) {
            String myCookie = request.getParameter("cookiename");
            logout(myCookie);
            out.close();
        }
    }
    
    
      
    //static method used by other servlet in the same container
    static public String authCookie(String value){
        String result = (String) SSOIDs.get(value);
        if (result == null) {
            result = "failed";
            System.out.println("Authentication failed!");
        } else {
            System.out.println("Authentication success!");
        }
        return result;
    }
    
    //static method used by other servlet in the same container
    static public String authUserAndPass(String username, String password){
        String pass = (String)accounts.get(username);
        if ((pass==null)||(!pass.equals(password))) return "failed";
        String newID = createUID();
        SSOIDs.put(newID, username);
        return username;
    }
    
    
    /*
     * auth from Username and Password
     * if success, create UID, store in MAP with username
     * and set cookie, return the cookie value
     * else return "failed"
     *
     *This method is used by rich client instead of browser
     */
    protected String authNameAndPasswd(HttpServletRequest request,HttpServletResponse response){
        String username = request.getParameter("username");
        String password = request.getParameter("password");
        String pass = (String)accounts.get(username);
        if ((pass==null)||(!pass.equals(password))) return "failed";
  
        String newID = createUID();
        SSOIDs.put(newID, username);
        return newID;
    }
    
    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
    /** Handles the HTTP <code>GET</code> method.
     * @param request servlet request
     * @param response servlet response
     */
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
    throws ServletException, IOException {
        processRequest(request, response);
    }
    
    /** Handles the HTTP <code>POST</code> method.
     * @param request servlet request
     * @param response servlet response
     */
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
    throws ServletException, IOException {
        processRequest(request, response);
    }
    
    /** Returns a short description of the servlet.
     */
    public String getServletInfo() {
        return "Short description";
    }
    // </editor-fold>
    
   
    
    static private String createUID() {
        Date now = new Date();
        long time = now.getTime();
        return "wangyu"+time;
    }
    
    private void logout(String UID){
        System.out.println("Logout for " + UID);
        SSOIDs.remove(UID);
    }

    private void handlerFromLogin(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        String username = request.getParameter("username");
        String password = request.getParameter("password");
        String pass = (String)accounts.get(username);
        if ((pass==null)||(!pass.equals(password))) 
            getServletContext().getRequestDispatcher("/failed.html").forward(request, response);
        else {
            String gotoURL = request.getParameter("goto");
            String newID = createUID();
            SSOIDs.put(newID, username);
            Cookie wangyu = new Cookie(cookiename, "22222");
            wangyu.setDomain(domainname);
            wangyu.setMaxAge(60000);
            wangyu.setValue(newID);
            wangyu.setPath("/");
            response.addCookie(wangyu);
            System.out.println("login success, goto back url:" + gotoURL);
            if (gotoURL != null) {
                PrintWriter out = response.getWriter();
                response.sendRedirect(gotoURL);
                out.close();
            }
        }   
        
        
    }
    
}