diff options
Diffstat (limited to 'id.server/src/at/gv/egovernment/moa/id/proxy')
-rw-r--r-- | id.server/src/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java | 74 |
1 files changed, 70 insertions, 4 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java index 64a27ccf0..9d8dc694c 100644 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java @@ -8,6 +8,7 @@ import java.util.Vector; import javax.net.ssl.SSLSocketFactory; import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpSession; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider; @@ -31,13 +32,20 @@ public class EnhancedConnectionBuilder implements ConnectionBuilder { /** a boolean to disable the HostnameVerification (default = false)*/ private static boolean cbDisableHostnameVerification = false; - + /** Name of the Parameter for the Target */ + private static final String PARAM_TARGET = "Target"; + /** Name of the Parameter for the SAMLArtifact */ + private static final String PARAM_SAMLARTIFACT = "SAMLArtifact"; + /** Name of the Attribute for marking the session as authenticated*/ + private static final String ATT_AUTHDATAFETCHED = "AuthDataFetched"; + static { HTTPConnection.setDefaultTimeout(0); try { HTTPConnection.removeDefaultModule(Class.forName("HTTPClient.AuthorizationModule")); HTTPConnection.removeDefaultModule(Class.forName("HTTPClient.RedirectionModule")); HTTPConnection.removeDefaultModule(Class.forName("HTTPClient.CookieModule")); + //HTTPConnection.removeDefaultModule(Class.forName("HTTPClient.RetryModule")); } catch (ClassNotFoundException e) { } @@ -68,9 +76,14 @@ public class EnhancedConnectionBuilder implements ConnectionBuilder { throw new IOException(MOAIDMessageProvider.getInstance().getMessage( "proxy.01", new Object[] {requestedURL, publicURLPrefix})); - if (null != req.getQueryString() && 0 != req.getQueryString().length() ) { - String query = req.getQueryString(); - requestedURL = requestedURL + "?" + query; + String query = req.getQueryString(); + if (req.getSession().getAttribute(ATT_AUTHDATAFETCHED)!=null) { + query = removeParameter(query, PARAM_SAMLARTIFACT); + query = removeParameter(query, PARAM_TARGET); + req.getSession().removeAttribute(ATT_AUTHDATAFETCHED); + } + if (null != query && 0 != query.length() ) { + requestedURL = requestedURL + "?" + query; String parameter[] = new String[2]; for (Iterator iter = parameters.iterator(); iter.hasNext();) { @@ -141,5 +154,58 @@ public class EnhancedConnectionBuilder implements ConnectionBuilder { return true; } } + + /** + * Removes parameters from the query-URL recursively + * + * @param query the query from which the parameter is to be removed + * @param parameter the parameter to be removed + * @return the parameterclean query + */ + private String removeParameter(String query, String parameter) { + return removeParameter(query, parameter, true); + } + + /** + * Removes one parameter from the query-URL recursively + * + * @param query the query from which the parameter is to be removed + * @param parameter the parameter to be removed + * @param remove. Boolean value wether a parameter was removed in last call or not. In initial call set to true to check for new occurrences + * @return the parameterclean query + */ + private String removeParameter(String query, String parameter, boolean remove) { + String result = query; + if (remove && query!=null && !query.equals("") && parameter!=null && !parameter.equals("")) { + String param = parameter; + int capEnd=0; + if (!param.endsWith("=")) param=param+"="; + if (query.startsWith(param)) { + //remove leading + result=""; + } else { + if (!param.startsWith("&")) param="&"+param; + capEnd = query.indexOf(param); + if (capEnd!=-1) { + //leading part + result=query.substring(0, capEnd); + } + } + if (capEnd!=-1) { + //trailing part + capEnd += param.length(); + int capBegin = -1; + if (capEnd <query.length()) capBegin = query.indexOf("&", capEnd); + if (capBegin!=-1) { + if (capBegin<query.length()) { + result=result + query.substring(capBegin); + if (result.startsWith("&")) result = result.substring(1); //if now is leading part + } + } + } + result = removeParameter(result, parameter, !query.equals(result)); + } + return result; + } } |