项目:flex-blazeds
文件:TomcatValve.java
public boolean logout(HttpServletRequest servletRequest)
{
if (servletRequestMatches(servletRequest))
{
Session session = getSession(request,false);
if (session != null)
{
session.setPrincipal(null);
session.setAuthType(null);
session.removeNote(Constants.SESS_USERNAME_NOTE);
session.removeNote(Constants.SESS_PASSWORD_NOTE);
}
return true;
}
return false;
}
项目:flex-blazeds
文件:TomcatValve4150.java
public boolean logout(HttpServletRequest request)
{
if (this.request != null && this.request.getRequest() == request)
{
Session session = getSession(this.request,false);
if (session != null)
{
session.setPrincipal(null);
session.setAuthType(null);
session.removeNote(Constants.SESS_USERNAME_NOTE);
session.removeNote(Constants.SESS_PASSWORD_NOTE);
}
return true;
}
return false;
}
项目:flex-blazeds
文件:Tomcat7Valve.java
public boolean logout(HttpServletRequest servletRequest)
{
if (servletRequestMatches(servletRequest))
{
Session session = getSession(request,false);
if (session != null)
{
session.setPrincipal(null);
session.setAuthType(null);
session.removeNote(Constants.SESS_USERNAME_NOTE);
session.removeNote(Constants.SESS_PASSWORD_NOTE);
}
return true;
}
return false;
}
/**
* Does this request match the saved one (so that it must be the redirect
* we signalled after successful authentication?
*
* @param request The request to be verified
*/
protected boolean matchRequest(Request request) {
// Has a session been created?
Session session = request.getSessionInternal(false);
if (session == null)
return (false);
// Is there a saved request?
SavedRequest sreq = (SavedRequest)
session.getNote(Constants.FORM_REQUEST_NOTE);
if (sreq == null)
return (false);
// Is there a saved principal?
if (session.getNote(Constants.FORM_PRINCIPAL_NOTE) == null)
return (false);
// Does the request URI match?
String requestURI = request.getRequestURI();
if (requestURI == null)
return (false);
return (requestURI.equals(sreq.getRequestURI()));
}
项目:tomcat-openidauth
文件:OpenIDAuthenticator.java
/**
* Process form login authenticator action.
*
* @param request The request.
* @param response The HTTP response.
* @param config Web-application login configuration.
*
* @throws IOException If an I/O error happens sending data in the response.
*/
protected void processformLogin(final Request request,final HttpServletResponse response,final LoginConfig config)
throws IOException {
final boolean debug = this.log.isDebugEnabled();
// get user credentials from the form
final String loginName = request.getParameter(Constants.FORM_USERNAME);
final String password = request.getParameter(Constants.FORM_PASSWORD);
// validate the user in the realm
if (debug)
this.log.debug("form authenticating login name " + loginName);
final Principal principal =
this.context.getRealm().authenticate(loginName,password);
// process authenticated user
this.processAuthenticatedUser(request,response,config,principal,loginName,password,false);
}
项目:tomcat-openidauth
文件:OpenIDAuthenticator.java
/**
* Process form login authenticator action.
*
* @param request The request.
* @param response The HTTP response.
* @param config Web-application login configuration.
*
* @throws IOException If an I/O error happens sending data in the response.
*/
protected void processformLogin(Request request,HttpServletResponse response,LoginConfig config)
throws IOException {
final boolean debug = this.log.isDebugEnabled();
// get user credentials from the form
final String loginName = request.getParameter(Constants.FORM_USERNAME);
final String password = request.getParameter(Constants.FORM_PASSWORD);
// validate the user in the realm
if (debug)
this.log.debug("form authenticating login name " + loginName);
Principal principal =
this.context.getRealm().authenticate(loginName,false);
}
项目:tomcat7
文件:TestCookieFilter.java
@Test
public void test09() {
// Simple SSO case
String id = "0123456789";
String cookie = Constants.SINGLE_SIGN_ON_COOKIE + "=" + id;
// Assert.assertEquals(cookie,CookieFilter.filter(cookie,id));
}
项目:lams
文件:SingleSignOnEntry.java
/**
* Updates the SingleSignOnEntry to reflect the latest security
* information associated with the caller.
*
* @param principal the <code>Principal</code> returned by the latest
* call to <code>Realm.authenticate</code>.
* @param authType the type of authenticator used (BASIC,CLIENT_CERT,* DIGEST or FORM)
* @param username the username (if any) used for the authentication
* @param password the password (if any) used for the authentication
*/
public void updateCredentials(Principal principal,String authType,String username,String password) {
this.principal = principal;
this.authType = authType;
this.username = username;
this.password = password;
this.canReauthenticate =
(Constants.BASIC_METHOD.equals(authType)
|| Constants.FORM_METHOD.equals(authType));
}
项目:lams
文件:JAASRealm.java
/**
* Return the <code>Principal</code> associated with the given user name.
*/
protected Principal getPrincipal(String username) {
return authenticate(username,new JAASCallbackHandler(this,username,null,Constants.CERT_METHOD));
}
项目:apache-tomcat-7.0.73-with-comment
文件:TestCookieFilter.java
@Test
public void test09() {
// Simple SSO case
String id = "0123456789";
String cookie = Constants.SINGLE_SIGN_ON_COOKIE + "=" + id;
Assert.assertEquals(cookie,id));
}
项目:tomcat8-oidcauth
文件:OpenIDConnectAuthenticator.java
/**
* Respond with a redirect to the OpenID Connect provider authorization
* endpoint.
*
* @param request The request.
* @param response The response.
*
* @throws IOException If an I/O error happens sending the response.
*/
protected void redirectToAuthorizationServer(final Request request,final HttpServletResponse response)
throws IOException {
final StringBuilder urlBuf = new StringBuilder(256);
urlBuf.append(this.opConfig.getAuthorizationEndpoint())
.append("?scope=")
.append(URLEncoder.encode("openid email",UTF8.name()))
.append("&response_type=code")
.append("&client_id=")
.append(URLEncoder.encode(this.clientId,UTF8.name()))
.append("&redirect_uri=")
.append(URLEncoder.encode(
this.getBaseURL(request) + Constants.FORM_ACTION,UTF8.name()))
.append("&state=")
.append(URLEncoder.encode(
request.getSessionInternal().getIdInternal(),UTF8.name()));
if (this.hostedDomain != null)
urlBuf.append("&hd=").append(
URLEncoder.encode(this.hostedDomain,UTF8.name()));
final String url = urlBuf.toString();
if (this.log.isDebugEnabled())
this.log.debug("redirecting to " + url);
response.sendRedirect(url);
}
项目:flex-blazeds
文件:TomcatValve.java
public Principal login(String username,String password,HttpServletRequest servletRequest)
{
Realm realm = container.getRealm();
if (realm == null)
return null;
Principal principal = realm.authenticate(username,password);
if (principal == null)
return null;
if (servletRequestMatches(servletRequest))
{
request.setAuthType(AUTH_TYPE);
request.setUserPrincipal(principal);
Session session = getSession(request,true);
// Cache the authentication information in our session.
if (session != null)
{
session.setAuthType(AUTH_TYPE);
session.setPrincipal(principal);
if (username != null)
session.setNote(Constants.SESS_USERNAME_NOTE,username);
else
session.removeNote(Constants.SESS_USERNAME_NOTE);
if (password != null)
session.setNote(Constants.SESS_PASSWORD_NOTE,password);
else
session.removeNote(Constants.SESS_PASSWORD_NOTE);
}
}
return principal;
}
项目:flex-blazeds
文件:TomcatValve4150.java
public Principal login(String username,HttpServletRequest servletRequest)
{
Realm realm = container.getRealm();
if (realm == null)
return null;
Principal principal = realm.authenticate(username,password);
if (principal != null)
{
if (this.request != null && this.request.getRequest() == servletRequest)
{
request.setAuthType("flexmessaging"); //was "flashgateway"
request.setUserPrincipal(principal);
Session session = getSession(request,true);
// Cache the authentication information in our session,if any
if (session != null)
{
session.setAuthType("flexmessaging"); //was "flashgateway"
session.setPrincipal(principal);
if (username != null)
session.setNote(Constants.SESS_USERNAME_NOTE,username);
else
session.removeNote(Constants.SESS_USERNAME_NOTE);
if (password != null)
session.setNote(Constants.SESS_PASSWORD_NOTE,password);
else
session.removeNote(Constants.SESS_PASSWORD_NOTE);
}
}
}
return principal;
}
项目:flex-blazeds
文件:Tomcat7Valve.java
public Principal login(String username,HttpServletRequest servletRequest)
{
Realm realm = valve.getContainer().getRealm();
if (realm == null)
return null;
Principal principal = realm.authenticate(username,password);
else
session.removeNote(Constants.SESS_PASSWORD_NOTE);
}
}
return principal;
}
项目:apache-tomcat-7.0.57
文件:TestCookieFilter.java
@Test
public void test09() {
// Simple SSO case
String id = "0123456789";
String cookie = Constants.SINGLE_SIGN_ON_COOKIE + "=" + id;
Assert.assertEquals(cookie,id));
}
项目:WBSAirback
文件:JAASRealm.java
/**
* Return the <code>Principal</code> associated with the given user name.
*/
@Override
protected Principal getPrincipal(String username) {
return authenticate(username,Constants.CERT_METHOD));
}
/**
* Return the request URI (with the corresponding query string,if any)
* from the saved request so that we can redirect to it.
*
* @param session Our current session
*/
protected String savedRequestURL(Session session) {
SavedRequest saved =
(SavedRequest) session.getNote(Constants.FORM_REQUEST_NOTE);
if (saved == null)
return (null);
StringBuffer sb = new StringBuffer(saved.getRequestURI());
if (saved.getQueryString() != null) {
sb.append('?');
sb.append(saved.getQueryString());
}
return (sb.toString());
}
项目:eap-examples
文件:GenericHeaderAuthenticator.java
public boolean authenticate(Request request,LoginConfig config) throws IOException {
// set remote host value
HostThreadLocal.set(request.getRemoteAddr());
log.trace("Authenticating user");
Principal principal = request.getUserPrincipal();
if (principal != null) {
log.trace("Already authenticated '" + principal.getName() + "'");
return true;
}
Realm realm = context.getRealm();
Session session = request.getSessionInternal(true);
String username = getUserId(request);
String password = getSessionCookie(request);
// Check if there is sso id as well as sessionkey
if (username == null || password == null) {
log.trace("Username is null or password(sessionkey) is null:fallback to form auth");
return super.authenticate(request,config);
}
principal = realm.authenticate(username,password);
if (principal == null) {
forwardToErrorPage(request,config);
return false;
}
session.setNote(Constants.SESS_USERNAME_NOTE,username);
session.setNote(Constants.SESS_PASSWORD_NOTE,password);
request.setUserPrincipal(principal);
register(request,HttpServletRequest.FORM_AUTH,password);
return true;
}
项目:jboss-as-quickstart
文件:GenericHeaderAuthenticator.java
public boolean authenticate(Request request,password);
return true;
}
项目:tomcat-openidauth
文件:OpenIDAuthenticator.java
@Override
public void logout(final Request request) {
Session session = request.getSessionInternal(false);
if (session != null) {
session.removeNote(Constants.FORM_PRINCIPAL_NOTE);
session.removeNote(Constants.SESS_USERNAME_NOTE);
session.removeNote(Constants.SESS_PASSWORD_NOTE);
session.removeNote(OPENID_AUTH_NOTE);
}
super.logout(request);
}
项目:tomcat-openidauth
文件:OpenIDAuthenticator.java
/**
* Process re-submission of the original request after successful
* authentication.
*
* @param request The request.
* @param response The HTTP response.
*
* @throws IOException If an I/O error happens sending data in the response.
*/
protected void processOriginalRequestResubmission(final Request request,final HttpServletResponse response)
throws IOException {
// get the session
final Session session = request.getSessionInternal(true);
// get authenticated principal from the session and register it
final Principal principal =
(Principal) session.getNote(Constants.FORM_PRINCIPAL_NOTE);
this.register(request,this.getAuthMethod(),(String) session.getNote(Constants.SESS_USERNAME_NOTE),(String) session.getNote(Constants.SESS_PASSWORD_NOTE));
// remove unused attributes from the session
session.removeNote(Constants.FORM_PRINCIPAL_NOTE);
if (this.cache) {
session.removeNote(Constants.SESS_USERNAME_NOTE);
session.removeNote(Constants.SESS_PASSWORD_NOTE);
session.removeNote(OPENID_AUTH_NOTE);
}
// restore the original request context
if (this.log.isDebugEnabled())
this.log.debug("restoring original request context");
this.restoreRequest(request,session);
}
项目:tomcat-openidauth
文件:OpenIDAuthenticator.java
@Override
public void logout(Request request)
throws servletexception {
Session session = request.getSessionInternal(false);
if (session != null) {
session.removeNote(Constants.FORM_PRINCIPAL_NOTE);
session.removeNote(Constants.SESS_USERNAME_NOTE);
session.removeNote(Constants.SESS_PASSWORD_NOTE);
session.removeNote(OPENID_AUTH_NOTE);
}
super.logout(request);
}
项目:tomcat-openidauth
文件:OpenIDAuthenticator.java
/**
* Process re-submission of the original request after successful
* authentication.
*
* @param request The request.
* @param response The HTTP response.
*
* @throws IOException If an I/O error happens sending data in the response.
*/
protected void processOriginalRequestResubmission(Request request,HttpServletResponse response)
throws IOException {
// get the session
Session session = request.getSessionInternal(true);
// get authenticated principal from the session and register it
Principal principal =
(Principal) session.getNote(Constants.FORM_PRINCIPAL_NOTE);
this.register(request,session);
}
项目:apache-tomcat-7.0.73-with-comment
文件:TestCookieFilter.java
@Test
public void test07() {
// Simple SSO case
Assert.assertEquals(Constants.SINGLE_SIGN_ON_COOKIE + "=[obfuscated]",CookieFilter.filter(Constants.SINGLE_SIGN_ON_COOKIE + "=0123456789",null));
}
项目:apache-tomcat-7.0.57
文件:TestCookieFilter.java
@Test
public void test07() {
// Simple SSO case
Assert.assertEquals(Constants.SINGLE_SIGN_ON_COOKIE + "=[obfuscated]",null));
}
/**
* Save the original request information into our session.
*
* @param request The request to be saved
* @param session The session to contain the saved information
* @throws IOException
*/
protected void saveRequest(Request request,Session session)
throws IOException {
// Create and populate a SavedRequest object for this request
SavedRequest saved = new SavedRequest();
Cookie cookies[] = request.getCookies();
if (cookies != null) {
for (int i = 0; i < cookies.length; i++)
saved.addCookie(cookies[i]);
}
Enumeration names = request.getHeaderNames();
while (names.hasMoreElements()) {
String name = (String) names.nextElement();
Enumeration values = request.getHeaders(name);
while (values.hasMoreElements()) {
String value = (String) values.nextElement();
saved.addHeader(name,value);
}
}
Enumeration locales = request.getLocales();
while (locales.hasMoreElements()) {
Locale locale = (Locale) locales.nextElement();
saved.addLocale(locale);
}
if ("POST".equalsIgnoreCase(request.getmethod())) {
ByteChunk body = new ByteChunk();
body.setLimit(request.getConnector().getMaxSavePostSize());
byte[] buffer = new byte[4096];
int bytesRead;
InputStream is = request.getInputStream();
while ( (bytesRead = is.read(buffer) ) >= 0) {
body.append(buffer,bytesRead);
}
saved.setBody(body);
//saved.setContentType(request.getContentType());
}
saved.setMethod(request.getmethod());
saved.setQueryString(request.getQueryString());
saved.setRequestURI(request.getRequestURI());
// Stash the SavedRequest in our session for later use
session.setNote(Constants.FORM_REQUEST_NOTE,saved);
}
项目:tomcat-openidauth
文件:OpenIDAuthenticator.java
/**
* Process authenticated user and redirect to the original request.
*
* @param request The request.
* @param response The HTTP response.
* @param config Web-application login configuration.
* @param principal Authenticated principal,or {@code null} if
* authentication was unsuccessful,in which case the method forwards to the
* configured error page.
* @param loginName User login name.
* @param password User password.
* @param openID {@code true} if OpenID authentication.
*
* @throws IOException If an I/O error happens sending data in the response.
*/
protected void processAuthenticatedUser(final Request request,final LoginConfig config,final Principal principal,final String loginName,final String password,final boolean openID)
throws IOException {
final boolean debug = this.log.isDebugEnabled();
// check if user authenticated
if (principal == null) {
if (debug)
this.log.debug("Failed to authenticate the user in the" +
" realm,forwarding to the error page");
this.forwardToErrorPage(request,config);
return;
}
if (debug)
this.log.debug("successfully authenticated user " +
principal.getName());
// save the principal data for the original request restoration
final Session session = request.getSessionInternal(true);
session.setNote(Constants.FORM_PRINCIPAL_NOTE,principal);
session.setNote(Constants.SESS_USERNAME_NOTE,loginName);
session.setNote(Constants.SESS_PASSWORD_NOTE,password);
if (openID)
session.setNote(OPENID_AUTH_NOTE,Boolean.TRUE);
// get saved request URL from the session
String savedRequestURL = this.savedRequestURL(session);
if (savedRequestURL == null) {
savedRequestURL = request.getcontextpath() +
(this.landingPage != null ? this.landingPage : "");
if (debug)
this.log.debug("no saved requested in the session,making" +
" it GET " + savedRequestURL);
final SavedRequest saved = new SavedRequest();
saved.setMethod("GET");
saved.setRequestURI(savedRequestURL);
saved.setDecodedRequestURI(savedRequestURL);
session.setNote(Constants.FORM_REQUEST_NOTE,saved);
}
// redirect to the original request URL
if (debug)
this.log.debug("redirecting to the original request URL at " +
savedRequestURL);
response.sendRedirect(response.encodeRedirectURL(savedRequestURL));
}
项目:tomcat-openidauth
文件:OpenIDAuthenticator.java
/**
* Process authenticated user and redirect to the original request.
*
* @param request The request.
* @param response The HTTP response.
* @param config Web-application login configuration.
* @param principal Authenticated principal,in which case the method forwards to the
* configured error page.
* @param loginName User login name.
* @param password User password.
* @param openID {@code true} if OpenID authentication.
*
* @throws IOException If an I/O error happens sending data in the response.
*/
protected void processAuthenticatedUser(Request request,LoginConfig config,Principal principal,String loginName,boolean openID)
throws IOException {
final boolean debug = this.log.isDebugEnabled();
// check if user authenticated
if (principal == null) {
if (debug)
this.log.debug("Failed to authenticate the user in the" +
" realm,config);
return;
}
if (debug)
this.log.debug("successfully authenticated user " +
principal.getName());
// save the principal data for the original request restoration
Session session = request.getSessionInternal(true);
session.setNote(Constants.FORM_PRINCIPAL_NOTE,making" +
" it GET " + savedRequestURL);
SavedRequest saved = new SavedRequest();
saved.setMethod("GET");
saved.setRequestURI(savedRequestURL);
saved.setDecodedRequestURI(savedRequestURL);
session.setNote(Constants.FORM_REQUEST_NOTE,saved);
}
// redirect to the original request URL
if (debug)
this.log.debug("redirecting to the original request URL at " +
savedRequestURL);
response.sendRedirect(response.encodeRedirectURL(savedRequestURL));
}
项目:lams
文件:JAASRealm.java
/**
* Return the <code>Principal</code> associated with the specified username
* and digest,if there is one; otherwise return <code>null</code>.
*
* @param username Username of the <code>Principal</code> to look up
* @param clientDigest Digest to use in authenticating this username
* @param nonce Server generated nonce
* @param nc Nonce count
* @param cnonce Client generated nonce
* @param qop Quality of protection aplied to the message
* @param realmName Realm name
* @param md5a2 Second MD5 digest used to calculate the digest
* MD5(Method + ":" + uri)
* @param authMethod The authentication scheme in use
*/
public Principal authenticate(String username,String clientDigest,String nonce,String nc,String cnonce,String qop,String realmName,String md5a2) {
return authenticate(username,clientDigest,nonce,nc,cnonce,qop,realmName,md5a2,Constants.DIGEST_METHOD));
}
项目:WBSAirback
文件:JAASRealm.java
/**
* Return the <code>Principal</code> associated with the specified username
* and digest,if there is one; otherwise return <code>null</code>.
*
* @param username Username of the <code>Principal</code> to look up
* @param clientDigest Digest to use in authenticating this username
* @param nonce Server generated nonce
* @param nc Nonce count
* @param cnonce Client generated nonce
* @param qop Quality of protection applied to the message
* @param realmName Realm name
* @param md5a2 Second MD5 digest used to calculate the digest
* MD5(Method + ":" + uri)
*/
@Override
public Principal authenticate(String username,Constants.DIGEST_METHOD));
}