📄 openidlogininitiationservlet.java
字号:
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.acegisecurity.ui.openid;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.util.StringUtils;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* This servlet starts the OpenID authentication process.
* <br/>
* <br/>Sample web.xml configuration:
* <br/>
* <br/> <servlet>
* <br/> <servlet-name>openid</servlet-name>
* <br/> <servlet-class>org.acegisecurity.ui.openid.OpenIDLoginInitiationServlet</servlet-class>
* <br/> <load-on-startup>1</load-on-startup>
* <br/> <init-param>
* <br/> <description>The error page - will receive error "message"</description>
* <br/> <param-name>errorPage</param-name>
* <br/> <param-value>index.jsp</param-value>
* <br/> </init-param>
* <br/> </servlet>
* <br/> <servlet-mapping>
* <br/> <servlet-name>openid</servlet-name>
* <br/> <url-pattern>/j_acegi_openid_start</url-pattern>
* <br/> </servlet-mapping>
* <br/>
* <br/>Sample login form:
* <br/><form method="POST" action="j_acegi_openid_start">
* <br/> <input type="text" name="j_username" />
* <br/> <input type="password" name="j_password" />
* <br/> <input type="submit" value="Verify" />
* <br/></form>
* <br/>
* <br/>Usage notes:
* <li>Requires an <code>openIDConsumer</code> Spring bean implementing the {@link OpenIDConsumer} interface</li>
* <li>It will pass off to standard form-based authentication if appropriate</li>
* (note that <code>AuthenticationProcessingFilter</code> requires j_username, j_password)
* <br/>
* <br/>Outstanding items:
* TODO: config flag for whether OpenID only or dual mode?
* TODO: username matching logic
*
* @author Robin Bramley, Opsera Ltd
* @version $Id:$
*/
public class OpenIDLoginInitiationServlet extends HttpServlet {
final static long serialVersionUID = -997766L;
private static final Log logger = LogFactory.getLog(OpenIDLoginInitiationServlet.class);
private static final String passwordField = "j_password";
/**
* Servlet config key for looking up the the HttpServletRequest parameter name
* containing the OpenID Identity URL from the Servlet config.
* <br/><b>Only set the identityField servlet init-param if you are not using</b> <code>j_username</code>
* <br/>
* <br/> <init-param>
* <br/> <description>The identity form field parameter</description>
* <br/> <param-name>identityField</param-name>
* <br/> <param-value>/openid_url</param-value>
* <br/> </init-param>
*/
public static final String IDENTITY_FIELD_KEY = "identityField";
/**
* Servlet config key for the return to URL
*/
public static final String ERROR_PAGE_KEY = "errorPage";
/**
* Servlet config key for looking up the form login URL from the Servlet config.
* <br/><b>Only set the formLogin servlet init-param if you are not using</b> <code>/j_acegi_security_check</code>
* <br/>
* <br/> <init-param>
* <br/> <description>The form login URL - for standard authentication</description>
* <br/> <param-name>formLogin</param-name>
* <br/> <param-value>/custom_acegi_security_check</param-value>
* <br/> </init-param>
*/
public static final String FORM_LOGIN_URL_KEY = "formLogin";
/**
* Spring context key for the OpenID consumer bean
*/
public static final String CONSUMER_KEY = "openIDConsumer";
private String errorPage = "index.jsp";
private String identityField = "j_username";
private String formLoginUrl = "/j_acegi_security_check";
/**
* Check for init-params
*
* @Override
*/
public void init() throws ServletException {
super.init();
String configErrorPage = getServletConfig()
.getInitParameter(ERROR_PAGE_KEY);
if (StringUtils.hasText(configErrorPage)) {
errorPage = configErrorPage;
}
String configIdentityField = getServletConfig()
.getInitParameter(IDENTITY_FIELD_KEY);
if (StringUtils.hasText(configIdentityField)) {
identityField = configIdentityField;
}
String configFormLoginUrl = getServletConfig()
.getInitParameter(FORM_LOGIN_URL_KEY);
if (StringUtils.hasText(configFormLoginUrl)) {
formLoginUrl = configFormLoginUrl;
}
}
/**
* Process the form post - all the work is done by the OpenIDConsumer.beginConsumption method
*
* @Override
*/
protected void doPost(HttpServletRequest req, HttpServletResponse res)
throws ServletException, IOException {
WebApplicationContext webApplicationContext = WebApplicationContextUtils.getRequiredWebApplicationContext(getServletContext());
OpenIDConsumer consumer = (OpenIDConsumer) webApplicationContext.getBean(CONSUMER_KEY);
// get the submitted id field
String id = req.getParameter(identityField);
// assume page will validate?
//TODO: null checking!
//TODO: pattern matching
String password = req.getParameter(passwordField);
if ((password != null) && (password.length() > 0)) {
logger.debug("Attempting to authenticate using username/password");
// forward to authenticationProcessingFilter (/j_acegi_security_check - depends on param names)
req.getRequestDispatcher(formLoginUrl).forward(req, res);
} else {
// send the user the redirect url to proceed with OpenID authentication
try {
String redirect = consumer.beginConsumption(req, id, req.getRequestURL().toString());
logger.debug("Redirecting to: " + redirect);
res.sendRedirect(redirect);
} catch (OpenIDConsumerException oice) {
logger.error("Consumer error!", oice);
req.setAttribute("message", oice.getMessage());
req.getRequestDispatcher(errorPage).forward(req, res);
}
}
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -