add Interfederation to redirect servlet

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-05-08 14:39:32 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2014-05-08 14:39:32 +0200
commit: f1fc72bdc42766c8195be1c150cf165685dc3abb (patch)
tree: ab6c9e4e76e1b79ca595e9956f1b29ef13dc8524 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
parent: 49e202080467e3da1b43505ace711001b6c18c4b (diff)
download: moa-id-spss-f1fc72bdc42766c8195be1c150cf165685dc3abb.tar.gz
moa-id-spss-f1fc72bdc42766c8195be1c150cf165685dc3abb.tar.bz2
moa-id-spss-f1fc72bdc42766c8195be1c150cf165685dc3abb.zip
1 files changed, 54 insertions, 31 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
index 00acdc540..57755ca9f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
@@ -33,6 +33,7 @@ import at.gv.egovernment.moa.id.auth.builder.RedirectFormBuilder;
 import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
 import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.moduls.SSOManager;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
 import at.gv.egovernment.moa.util.URLEncoder;
@@ -53,8 +54,10 @@ public class RedirectServlet extends AuthServlet{
 		String url = req.getParameter(REDIRCT_PARAM_URL);
 		String target = req.getParameter(PARAM_TARGET);
 		String artifact = req.getParameter(PARAM_SAMLARTIFACT);
+		String interIDP = req.getParameter(INTERFEDERATION_IDP);
 		
-		if (MiscUtil.isEmpty(artifact)) {
+				
+		if (MiscUtil.isEmpty(artifact) && MiscUtil.isEmpty(interIDP)) {
 			resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Parameters not valid");
 			return;
 		}
@@ -68,14 +71,57 @@ public class RedirectServlet extends AuthServlet{
 				resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Parameters not valid");
 				return;
 				
-			} else {
-				try {
-					String test = oa.getAuthComponentOA().getTemplates().getBKUSelectionCustomization().getAppletRedirectTarget();
-					if (MiscUtil.isNotEmpty(test))
-						redirectTarget = test;
+			} else {				
+				//Redirect is a SAML1 send Artifact redirct
+				if (MiscUtil.isNotEmpty(artifact)) {
+					try {
+						String test = oa.getAuthComponentOA().getTemplates().getBKUSelectionCustomization().getAppletRedirectTarget();
+						if (MiscUtil.isNotEmpty(test))
+							redirectTarget = test;
+					
+					} catch (Exception e) {
+						Logger.debug("Use default redirectTarget.");
+					}
+				
+					Logger.info("Redirect to " + url);
+					
+					if (MiscUtil.isNotEmpty(target)) {
+//						redirectURL = addURLParameter(redirectURL, PARAM_TARGET,
+//								URLEncoder.encode(session.getTarget(), "UTF-8"));
+						url = addURLParameter(url, PARAM_TARGET,
+								URLEncoder.encode(target, "UTF-8"));
+
+
+					}
+					url = addURLParameter(url, PARAM_SAMLARTIFACT,
+							URLEncoder.encode(artifact, "UTF-8"));
+					url = resp.encodeRedirectURL(url);
+					
+					String redirect_form = RedirectFormBuilder.buildLoginForm(url, redirectTarget);
+				
+					resp.setContentType("text/html;charset=UTF-8");
+					resp.setStatus(HttpServletResponse.SC_OK);
+					PrintWriter out = new PrintWriter(resp.getOutputStream()); 
+					out.write(redirect_form);
+					out.flush();
+					
+				} else if (MiscUtil.isNotEmpty(interIDP)) {
+					//store IDP identifier and redirect to generate AuthRequst service					
+					Logger.info("Receive an interfederation redirect request for IDP " + interIDP);					
+					SSOManager sso = SSOManager.getInstance();
+					sso.setInterfederationIDPCookie(req, resp, interIDP);
+
+					Logger.debug("Redirect to " + url);					
+					url = resp.encodeRedirectURL(url);					
+					resp.setContentType("text/html");
+					resp.setStatus(HttpServletResponse.SC_FOUND);
+					resp.addHeader("Location", url);
+					
+					
+				} else {
+					resp.sendError(HttpServletResponse.SC_FORBIDDEN, "Parameters not valid");
+					return;
 					
-				} catch (Exception e) {
-					Logger.debug("Use default redirectTarget.");
 				}
 				
 			}
@@ -88,29 +134,6 @@ public class RedirectServlet extends AuthServlet{
 			ConfigurationDBUtils.closeSession();
 			
 		}
-					
-		Logger.info("Redirect to " + url);
-		
-		if (MiscUtil.isNotEmpty(target)) {
-//			redirectURL = addURLParameter(redirectURL, PARAM_TARGET,
-//					URLEncoder.encode(session.getTarget(), "UTF-8"));
-			url = addURLParameter(url, PARAM_TARGET,
-			URLEncoder.encode(target, "UTF-8"));
-
-
-		}
-		url = addURLParameter(url, PARAM_SAMLARTIFACT,
-				URLEncoder.encode(artifact, "UTF-8"));
-		url = resp.encodeRedirectURL(url);
-		
-		String redirect_form = RedirectFormBuilder.buildLoginForm(url, redirectTarget);
-		
-		resp.setContentType("text/html;charset=UTF-8");
-		PrintWriter out = new PrintWriter(resp.getOutputStream()); 
-		out.write(redirect_form);
-		out.flush();
-		
-
 	}
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-05-08 14:39:32 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2014-05-08 14:39:32 +0200
commit	f1fc72bdc42766c8195be1c150cf165685dc3abb (patch)
tree	ab6c9e4e76e1b79ca595e9956f1b29ef13dc8524 /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
parent	49e202080467e3da1b43505ace711001b6c18c4b (diff)
download	moa-id-spss-f1fc72bdc42766c8195be1c150cf165685dc3abb.tar.gz moa-id-spss-f1fc72bdc42766c8195be1c150cf165685dc3abb.tar.bz2 moa-id-spss-f1fc72bdc42766c8195be1c150cf165685dc3abb.zip