Java tutorial
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.buzzinate.buzzads.sso; import org.jasig.cas.client.util.CommonUtils; import org.springframework.beans.factory.InitializingBean; import org.springframework.security.cas.ServiceProperties; import org.springframework.security.core.AuthenticationException; import org.springframework.security.web.AuthenticationEntryPoint; import org.springframework.util.Assert; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; /** * Used by the <code>ExceptionTranslationFilter</code> to commence authentication via the JA-SIG Central * Authentication Service (CAS). * <p> * The user's browser will be redirected to the JA-SIG CAS enterprise-wide login page. * This page is specified by the <code>loginUrl</code> property. Once login is complete, the CAS login page will * redirect to the page indicated by the <code>service</code> property. The <code>service</code> is a HTTP URL * belonging to the current application. The <code>service</code> URL is monitored by the * {@link CasAuthenticationFilter}, which will validate the CAS login was successful. * * @author Ben Alex * @author Scott Battaglia */ public class CasAuthenticationEntryPoint implements AuthenticationEntryPoint, InitializingBean { /** Used to identify client source. */ public static final String SOURCE = "source"; //~ Instance fields ================================================================================================ private ServiceProperties serviceProperties; private String loginUrl; private String source; /** * Determines whether the Service URL should include the session id for the specific user. As of CAS 3.0.5, the * session id will automatically be stripped. However, older versions of CAS (i.e. CAS 2), do not automatically * strip the session identifier (this is a bug on the part of the older server implementations), so an option to * disable the session encoding is provided for backwards compatibility. * * By default, encoding is enabled. * @deprecated since 3.0.0 because CAS is currently on 3.3.5. */ @Deprecated private boolean encodeServiceUrlWithSessionId = true; //~ Methods ======================================================================================================== public void afterPropertiesSet() throws Exception { Assert.hasLength(this.loginUrl, "loginUrl must be specified"); Assert.notNull(this.serviceProperties, "serviceProperties must be specified"); } public final void commence(final HttpServletRequest servletRequest, final HttpServletResponse response, final AuthenticationException authenticationException) throws IOException, ServletException { final String urlEncodedService = createServiceUrl(servletRequest, response); final String redirectUrl = createRedirectUrl(urlEncodedService); preCommence(servletRequest, response); response.sendRedirect(redirectUrl); } /** * Constructs a new Service Url. The default implementation relies on the CAS client to do the bulk of the work. * @param request the HttpServletRequest * @param response the HttpServlet Response * @return the constructed service url. CANNOT be NULL. */ protected String createServiceUrl(final HttpServletRequest request, final HttpServletResponse response) { return CommonUtils.constructServiceUrl(null, response, this.serviceProperties.getService(), null, this.serviceProperties.getArtifactParameter(), this.encodeServiceUrlWithSessionId); } /** * Constructs the Url for Redirection to the CAS server. Default implementation relies on the CAS client * to do the bulk of the work. * * @param serviceUrl the service url that should be included. * @return the redirect url. CANNOT be NULL. */ protected String createRedirectUrl(final String serviceUrl) { return CommonUtils.constructRedirectUrl(this.loginUrl, this.serviceProperties.getServiceParameter(), serviceUrl, this.serviceProperties.isSendRenew(), false) + "&" + SOURCE + "=" + source; } /** * Template method for you to do your own pre-processing before the redirect occurs. * * @param request the HttpServletRequest * @param response the HttpServletResponse */ protected void preCommence(final HttpServletRequest request, final HttpServletResponse response) { } /** * The enterprise-wide CAS login URL. Usually something like * <code>https://www.mycompany.com/cas/login</code>. * * @return the enterprise-wide CAS login URL */ public final String getLoginUrl() { return this.loginUrl; } public final ServiceProperties getServiceProperties() { return this.serviceProperties; } public final void setLoginUrl(final String loginUrl) { this.loginUrl = loginUrl; } public final void setServiceProperties(final ServiceProperties serviceProperties) { this.serviceProperties = serviceProperties; } public String getSource() { return source; } public void setSource(String source) { this.source = source; } /** * Sets whether to encode the service url with the session id or not. * * @param encodeServiceUrlWithSessionId whether to encode the service url with the session id or not. * @deprecated since 3.0.0 because CAS is currently on 3.3.5. */ @Deprecated public final void setEncodeServiceUrlWithSessionId(final boolean encodeServiceUrlWithSessionId) { this.encodeServiceUrlWithSessionId = encodeServiceUrlWithSessionId; } /** * Sets whether to encode the service url with the session id or not. * @return whether to encode the service url with the session id or not. * * @deprecated since 3.0.0 because CAS is currently on 3.3.5. */ @Deprecated protected boolean getEncodeServiceUrlWithSessionId() { return this.encodeServiceUrlWithSessionId; } }