amauthplugin.java

Sun公司Dream项目

/*
 * The contents of this file are subject to the terms
 * of the Common Development and Distribution License
 * (the "License").  You may not use this file except
 * in compliance with the License.
 *
 * You can obtain a copy of the license at
 * http://www.opensource.org/licenses/cddl1.php
 * See the License for the specific language governing
 * permissions and limitations under the License.
 *
 * When distributing Covered Code, include this CDDL
 * HEADER in each file and include the License file at
 * http://www.opensource.org/licenses/cddl1.php.  If 
 * applicable, add the following below this CDDL HEADER, 
 * with the fields enclosed by brackets "[]" replaced 
 * with your own identifying information: 
 * Portions Copyright [yyyy]
 * [name of copyright owner]
 */ 

/*
 * $(@)AMAuthPlugin.java $Revision: 1.1.1.1 $ $Date: 2006/07/24 21:49:54 $
 * 
 * Copyright 2006 Sun Microsystems, Inc. All Rights Reserved.
 */
package com.sun.dream;

import javax.servlet.*;
import javax.naming.*;
import javax.servlet.http.*;
import com.iplanet.sso.*;
import com.iplanet.am.sdk.*;
import com.sun.identity.agents.filter.*;
import java.net.URLDecoder;
import sun.misc.*;

public class AMAuthPlugin implements AuthPlugin {
    
    private SSOToken token;
    
    public AMAuthPlugin() {
        token = null;
    }
    
    public boolean checkCredentials(String pUserId, String pPassword) {
        // Not implemented
        return false;
    }
    
    public boolean authenticateUser(HttpServletRequest request, HttpServletResponse response) {
        // Authentication would have been done by the AMPlugin
        try {
            SSOTokenManager ssotokenmgr= SSOTokenManager.getInstance();
            String tokenstr = AmFilterManager.getAmSSOCache().getSSOTokenForUser(request);
            System.out.println("tokenstr: "+tokenstr);
            //token = ssotokenmgr.createSSOToken(request);
            token = ssotokenmgr.createSSOToken(tokenstr);
            ssotokenmgr.validateToken(token);
        } catch (SSOException ssoEx){
            System.err.println("AMAuthPlugin: couldn't authenticate user's token");
            ssoEx.printStackTrace();
            return false;
        }
        return true;
    }
    
    public String getUserId() {
        if (token == null)
            return null;
        String userId = null;
        try {
            AMStoreConnection conn = new AMStoreConnection(token);
            AMUser user = conn.getUser(token.getPrincipal().getName());
            userId = user.getStringAttribute("uid");
        } catch (Exception ex){
            System.err.println("AMAuthPlugin: couldn't extract userId from user's token");
            ex.printStackTrace();
        }
        return userId;
    }
    
    public String getPassword() {
        // Not implemented
        return null;
    }
    
    public String getSessionId() {
        if (token == null)
            return null;
        String sessionId = null;
        try {
            sessionId = token.getTokenID().toString();
        } catch (Exception ex){
            System.err.println("AMAuthPlugin: couldn't extract sessionId from user's token");
            ex.printStackTrace();
        }
        return sessionId;
    }
    
    /* This method decodes iPlanetDirectoryPro cookie present in an http request
     * and returns the SSO UserId.
     */
    public String decodeToken(HttpServletRequest request, HttpServletResponse response) {
        String ssotokenid = request.getParameter("iPlanetDirectoryPro");
        String userID = null;
        if(ssotokenid != null) {
            try {
                //logger.finer("Raw SSO token"+ssotokenid);
                ssotokenid = URLDecoder.decode(ssotokenid, "UTF-8");
                //logger.finer("After URLDecode "+ssotokenid);
                BASE64Decoder bd = new BASE64Decoder();
                byte[] temp_token = bd.decodeBuffer(ssotokenid);
                ssotokenid = new String(temp_token);
                //logger.finer("After Base64 Decoder SSOtoken ID: "+ssotokenid);
                SSOTokenManager ssotokenmgr = SSOTokenManager.getInstance();
                SSOToken ssotoken = ssotokenmgr.createSSOToken(ssotokenid);
                if (!ssotokenmgr.isValidToken(ssotoken)) {
                    request.getRequestDispatcher("/Error.jsp").forward(request,response);
                }
                AMStoreConnection amconn = new AMStoreConnection(ssotoken);
                AMUser amuser = amconn.getUser(ssotoken.getPrincipal().getName());
                userID = amuser.getStringAttribute("uid");
                //logger.finer("SSOtoken name: "+ssotoken.getPrincipal().getName());
                //logger.finer("SSO UserId : "+userID);
            } catch (Exception ex) {
                System.err.println("Error decoding iPlanetDirectoryPro cookie");
                ex.printStackTrace();
            }
        }
        
        return userID;
    }
    
    
    public void logout(HttpServletRequest request, HttpServletResponse response) {
        try {
            if (token != null) {
                SSOTokenManager ssotokenmgr = SSOTokenManager.getInstance();
                ssotokenmgr.destroyToken(token);
            }
        }catch(SSOException ssoEx) {
            System.out.println("Error destroying sso token - session may have timed out");
            ssoEx.printStackTrace();
        }
        
        /*try {
            request.getRequestDispatcher("/shop/index.jsp").forward(request,response);
        } catch (Exception ex) {
            System.err.println("AMAuthPlugin: couldn't forward to login page");
            ex.printStackTrace();
        }*/
        
    }
    
    public void setLoginPage(String loginPage) {
        // Not implemented
    }
    
}