diff options
author | Andreas Fitzek <afitzek@iaik.tugraz.at> | 2013-04-04 14:38:32 +0200 |
---|---|---|
committer | Andreas Fitzek <afitzek@iaik.tugraz.at> | 2013-04-04 14:38:32 +0200 |
commit | 44b9f57e478cd16ea28137d2aee60de7629f9f4d (patch) | |
tree | b5f24ac1e7f5d79dc73f08cd7f037cdb5740e20f /id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java | |
parent | bf33ab627abe260247c178c3d662477e84cfdfef (diff) | |
download | moa-id-spss-44b9f57e478cd16ea28137d2aee60de7629f9f4d.tar.gz moa-id-spss-44b9f57e478cd16ea28137d2aee60de7629f9f4d.tar.bz2 moa-id-spss-44b9f57e478cd16ea28137d2aee60de7629f9f4d.zip |
added SAML1 Protocol simple implementation
added Loginform builder
added login confirmation builder
added login form template
added modul logic
added entrypoints
Diffstat (limited to 'id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java new file mode 100644 index 000000000..e631523a2 --- /dev/null +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java @@ -0,0 +1,73 @@ +package at.gv.egovernment.moa.id.moduls; + +import java.io.IOException; +import java.io.PrintWriter; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants; +import at.gv.egovernment.moa.id.auth.builder.LoginFormBuilder; +import at.gv.egovernment.moa.id.auth.data.AuthenticationSession; +import at.gv.egovernment.moa.id.util.HTTPSessionUtils; +import at.gv.egovernment.moa.logging.Logger; + +public class AuthenticationManager implements MOAIDAuthConstants { + + public static final String MOA_SESSION = "MoaAuthenticationSession"; + public static final String MOA_AUTHENTICATED = "MoaAuthenticated"; + + public static AuthenticationSession getAuthenticationSession(HttpSession session) { + String sessionID = HTTPSessionUtils.getHTTPSessionString(session, MOA_SESSION, null); + if(sessionID != null) { + return AuthenticationSessionStore.getSession(sessionID); + } + return null; + } + + /** + * Checks if the session is authenticated + * @param request + * @param response + * @return + */ + public static boolean isAuthenticated(HttpServletRequest request, HttpServletResponse response) { + Logger.info("Checking authentication"); + + HttpSession session = request.getSession(); + + String sessionID = (String)request.getAttribute(PARAM_SESSIONID); + if(sessionID != null) { + AuthenticationSession authSession = AuthenticationSessionStore.getSession(sessionID); + if(authSession != null) { + if(authSession.isAuthenticated() && !authSession.isAuthenticatedUsed()) { + session.invalidate(); + session = request.getSession(); + HTTPSessionUtils.setHTTPSessionBoolean(session, MOA_AUTHENTICATED, true); + authSession.setAuthenticatedUsed(true); + HTTPSessionUtils.setHTTPSessionString(session, MOA_SESSION, sessionID); + } + } + } + + return HTTPSessionUtils.getHTTPSessionBoolean(session, MOA_AUTHENTICATED, false); + } + + public static void doAuthentication(HttpServletRequest request, HttpServletResponse response, + ITargetConfiguration target) + throws ServletException, IOException { + HttpSession session = request.getSession(); + Logger.info("Starting authentication ..."); + String loginForm = LoginFormBuilder.buildLoginForm(target.getOAURL()); + + response.setContentType("text/html;charset=UTF-8"); + PrintWriter out = new PrintWriter(response.getOutputStream()); + out.print(loginForm); + out.flush(); + return; + // TODO: Build authentication form + //session.getServletContext().getNamedDispatcher("StartAuthenticationServlet").forward(request, response); + } +} |