aboutsummaryrefslogtreecommitdiff
path: root/id.server/src/at/gv
diff options
context:
space:
mode:
Diffstat (limited to 'id.server/src/at/gv')
-rw-r--r--id.server/src/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java74
1 files changed, 70 insertions, 4 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java b/id.server/src/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java
index 64a27ccf0..9d8dc694c 100644
--- a/id.server/src/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java
+++ b/id.server/src/at/gv/egovernment/moa/id/proxy/EnhancedConnectionBuilder.java
@@ -8,6 +8,7 @@ import java.util.Vector;
import javax.net.ssl.SSLSocketFactory;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
import at.gv.egovernment.moa.id.config.ConfigurationException;
import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider;
@@ -31,13 +32,20 @@ public class EnhancedConnectionBuilder implements ConnectionBuilder {
/** a boolean to disable the HostnameVerification (default = false)*/
private static boolean cbDisableHostnameVerification = false;
-
+ /** Name of the Parameter for the Target */
+ private static final String PARAM_TARGET = "Target";
+ /** Name of the Parameter for the SAMLArtifact */
+ private static final String PARAM_SAMLARTIFACT = "SAMLArtifact";
+ /** Name of the Attribute for marking the session as authenticated*/
+ private static final String ATT_AUTHDATAFETCHED = "AuthDataFetched";
+
static {
HTTPConnection.setDefaultTimeout(0);
try {
HTTPConnection.removeDefaultModule(Class.forName("HTTPClient.AuthorizationModule"));
HTTPConnection.removeDefaultModule(Class.forName("HTTPClient.RedirectionModule"));
HTTPConnection.removeDefaultModule(Class.forName("HTTPClient.CookieModule"));
+ //HTTPConnection.removeDefaultModule(Class.forName("HTTPClient.RetryModule"));
} catch (ClassNotFoundException e) {
}
@@ -68,9 +76,14 @@ public class EnhancedConnectionBuilder implements ConnectionBuilder {
throw new IOException(MOAIDMessageProvider.getInstance().getMessage(
"proxy.01", new Object[] {requestedURL, publicURLPrefix}));
- if (null != req.getQueryString() && 0 != req.getQueryString().length() ) {
- String query = req.getQueryString();
- requestedURL = requestedURL + "?" + query;
+ String query = req.getQueryString();
+ if (req.getSession().getAttribute(ATT_AUTHDATAFETCHED)!=null) {
+ query = removeParameter(query, PARAM_SAMLARTIFACT);
+ query = removeParameter(query, PARAM_TARGET);
+ req.getSession().removeAttribute(ATT_AUTHDATAFETCHED);
+ }
+ if (null != query && 0 != query.length() ) {
+ requestedURL = requestedURL + "?" + query;
String parameter[] = new String[2];
for (Iterator iter = parameters.iterator(); iter.hasNext();) {
@@ -141,5 +154,58 @@ public class EnhancedConnectionBuilder implements ConnectionBuilder {
return true;
}
}
+
+ /**
+ * Removes parameters from the query-URL recursively
+ *
+ * @param query the query from which the parameter is to be removed
+ * @param parameter the parameter to be removed
+ * @return the parameterclean query
+ */
+ private String removeParameter(String query, String parameter) {
+ return removeParameter(query, parameter, true);
+ }
+
+ /**
+ * Removes one parameter from the query-URL recursively
+ *
+ * @param query the query from which the parameter is to be removed
+ * @param parameter the parameter to be removed
+ * @param remove. Boolean value wether a parameter was removed in last call or not. In initial call set to true to check for new occurrences
+ * @return the parameterclean query
+ */
+ private String removeParameter(String query, String parameter, boolean remove) {
+ String result = query;
+ if (remove && query!=null && !query.equals("") && parameter!=null && !parameter.equals("")) {
+ String param = parameter;
+ int capEnd=0;
+ if (!param.endsWith("=")) param=param+"=";
+ if (query.startsWith(param)) {
+ //remove leading
+ result="";
+ } else {
+ if (!param.startsWith("&")) param="&"+param;
+ capEnd = query.indexOf(param);
+ if (capEnd!=-1) {
+ //leading part
+ result=query.substring(0, capEnd);
+ }
+ }
+ if (capEnd!=-1) {
+ //trailing part
+ capEnd += param.length();
+ int capBegin = -1;
+ if (capEnd <query.length()) capBegin = query.indexOf("&", capEnd);
+ if (capBegin!=-1) {
+ if (capBegin<query.length()) {
+ result=result + query.substring(capBegin);
+ if (result.startsWith("&")) result = result.substring(1); //if now is leading part
+ }
+ }
+ }
+ result = removeParameter(result, parameter, !query.equals(result));
+ }
+ return result;
+ }
}