diff options
| -rw-r--r-- | id.server/src/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java | 74 | 
1 files changed, 70 insertions, 4 deletions
| diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java index 64a27ccf0..9d8dc694c 100644 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java @@ -8,6 +8,7 @@ import java.util.Vector;  import javax.net.ssl.SSLSocketFactory;  import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpSession;  import at.gv.egovernment.moa.id.config.ConfigurationException;  import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider; @@ -31,13 +32,20 @@ public class EnhancedConnectionBuilder implements ConnectionBuilder {  	  /** a boolean to disable the HostnameVerification (default = false)*/  	  private static boolean cbDisableHostnameVerification = false; -	   +	  /** Name of the Parameter for the Target */ +	  private static final String PARAM_TARGET = "Target"; +	  /** Name of the Parameter for the SAMLArtifact */   +	  private static final String PARAM_SAMLARTIFACT = "SAMLArtifact"; +	  /** Name of the Attribute for marking the session as authenticated*/   +	  private static final String ATT_AUTHDATAFETCHED = "AuthDataFetched"; +  	  static {  	    HTTPConnection.setDefaultTimeout(0);  	    try {  	      HTTPConnection.removeDefaultModule(Class.forName("HTTPClient.AuthorizationModule"));  	      HTTPConnection.removeDefaultModule(Class.forName("HTTPClient.RedirectionModule"));  	      HTTPConnection.removeDefaultModule(Class.forName("HTTPClient.CookieModule")); +	      //HTTPConnection.removeDefaultModule(Class.forName("HTTPClient.RetryModule"));  	    } catch (ClassNotFoundException e) {  	    } @@ -68,9 +76,14 @@ public class EnhancedConnectionBuilder implements ConnectionBuilder {  	      throw new IOException(MOAIDMessageProvider.getInstance().getMessage(  	        "proxy.01", new Object[] {requestedURL, publicURLPrefix})); -	    if (null != req.getQueryString() && 0 != req.getQueryString().length() ) { -	      String query = req.getQueryString(); -	      requestedURL = requestedURL + "?" + query; +	    String query = req.getQueryString(); +    	if (req.getSession().getAttribute(ATT_AUTHDATAFETCHED)!=null) { +  	      query = removeParameter(query, PARAM_SAMLARTIFACT); +	      query = removeParameter(query, PARAM_TARGET); +	      req.getSession().removeAttribute(ATT_AUTHDATAFETCHED); +    	} +	    if (null != query && 0 != query.length() ) { +    	  requestedURL = requestedURL + "?" + query;  	      String parameter[] = new String[2];    	      for (Iterator iter = parameters.iterator(); iter.hasNext();) { @@ -141,5 +154,58 @@ public class EnhancedConnectionBuilder implements ConnectionBuilder {  	      return true;  	    }  	  } +	   +	  /** +	   * Removes parameters from the query-URL recursively +	   * +	   * @param query the query from which the parameter is to be removed +	   * @param parameter the parameter to be removed +	   * @return the parameterclean query +	   */	   +	  private String removeParameter(String query, String parameter) { +		  return removeParameter(query, parameter, true); +	  } + +	  /** +	   * Removes one parameter from the query-URL recursively +	   * +	   * @param query the query from which the parameter is to be removed +	   * @param parameter the parameter to be removed +	   * @param remove. Boolean value wether a parameter was removed in last call or not. In initial call set to true to check for new occurrences +	   * @return the parameterclean query +	   */	   +	  private String removeParameter(String query, String parameter, boolean remove) { +		  String result = query; +		  if (remove && query!=null && !query.equals("") && parameter!=null && !parameter.equals("")) { +			  String param = parameter; +			  int capEnd=0; +			  if (!param.endsWith("=")) param=param+"="; +			  if (query.startsWith(param)) { +				  //remove leading +				  result=""; +			  } else {  +				  if (!param.startsWith("&")) param="&"+param; +				  capEnd = query.indexOf(param); +				  if (capEnd!=-1) { +					  //leading part +				      result=query.substring(0, capEnd); +				  } +			  } +			  if (capEnd!=-1) { +				  //trailing part +				  capEnd += param.length(); +				  int capBegin = -1; +				  if (capEnd <query.length()) capBegin = query.indexOf("&", capEnd); +				  if (capBegin!=-1) { +					  if (capBegin<query.length()) { +						  result=result + query.substring(capBegin); +						  if (result.startsWith("&")) result = result.substring(1); //if now is leading part +					  } +				  } +		      } +			  result = removeParameter(result, parameter, !query.equals(result)); +		  }   +		  return result; +	  }  	} | 
