From 84def268a82210d29afe5489be5fbe039717de98 Mon Sep 17 00:00:00 2001 From: "peter.danner" Date: Thu, 8 Sep 2005 06:58:27 +0000 Subject: WebDAV Enhancement des Proxy mit Auskommentierung u.a. des Cookie-Mangers git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@501 d688527b-c9ab-4aba-bd8d-4036d912da1d --- .../moa/id/proxy/servlet/ProxyServlet.java | 817 ++++++++++++++++----- 1 file changed, 624 insertions(+), 193 deletions(-) (limited to 'id.server/src/at/gv/egovernment') diff --git a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java index f82ad93ed..50b07eeb4 100644 --- a/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java +++ b/id.server/src/at/gv/egovernment/moa/id/proxy/servlet/ProxyServlet.java @@ -3,14 +3,19 @@ package at.gv.egovernment.moa.id.proxy.servlet; import java.io.BufferedInputStream; import java.io.BufferedOutputStream; import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; import java.io.PrintWriter; import java.io.StringWriter; import java.net.HttpURLConnection; +import java.net.MalformedURLException; +import java.net.URL; import java.net.URLEncoder; import java.util.Enumeration; import java.util.HashMap; import java.util.Iterator; import java.util.Map; +import java.util.Vector; import javax.net.ssl.SSLSocketFactory; import javax.servlet.RequestDispatcher; @@ -29,9 +34,9 @@ import at.gv.egovernment.moa.id.ParseException; import at.gv.egovernment.moa.id.ServiceException; import at.gv.egovernment.moa.id.config.ConfigurationException; import at.gv.egovernment.moa.id.config.ConnectionParameter; -import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider; import at.gv.egovernment.moa.id.config.proxy.OAConfiguration; import at.gv.egovernment.moa.id.config.proxy.OAProxyParameter; +import at.gv.egovernment.moa.id.config.proxy.ProxyConfigurationProvider; import at.gv.egovernment.moa.id.data.AuthenticationData; import at.gv.egovernment.moa.id.data.CookieManager; import at.gv.egovernment.moa.id.proxy.ConnectionBuilder; @@ -69,8 +74,26 @@ public class ProxyServlet extends HttpServlet { private static final String ATT_LOGIN_HEADERS = "LoginHeaders"; /** Name of the Attribute for the LoginParameters */ private static final String ATT_LOGIN_PARAMETERS = "LoginParameters"; - /** Name of the Attribute for the SAMLARTIFACT */ - private static final String ATT_SAML_ARTIFACT = "SamlArtifact"; + /** Name of the Attribute for the SAMLARTIFACT */ + private static final String ATT_SAML_ARTIFACT = "SamlArtifact"; + /** Name of the Attribute for the state of the browser request for login dialog*/ + private static final String ATT_BROWSERREQU = "BrowserLoginRequest"; + /** Name of the Attribute for the state of the browser request for login dialog*/ + private static final String ATT_OA_CONF = "oaConf"; + /** Name of the Attribute for the Logintype of the OnlineApplication*/ + private static final String ATT_OA_LOGINTYPE = "LoginType"; + /** Name of the Attribute for the number of the try to login into the OnlineApplication*/ + private static final String ATT_OA_LOGINTRY = "LoginTry"; + /** Maximum permitted login tries */ + private static final int MAX_OA_LOGINTRY = 3; + /** Name of the Attribute for authorization value for further connections*/ + private static final String ATT_OA_AUTHORIZATION_HEADER = "authorizationkey"; + /** Name of the Attribute for user binding */ + private static final String ATT_OA_USER_BINDING = "UserBinding"; + /** For extended internal debug messages */ + private static final boolean INTERNAL_DEBUG = false; + /** Message to be given if browser login failed */ + private static final String RET_401_MSG = "Ein Fehler ist aufgetreten

Fehler bei der Anmeldung

Bei der Anmeldung ist ein Fehler aufgetreten.

Fehler bei der Anmeldung.
Prüfen Sie bitte ihre Berechtigung.
Abbruch durch den Benutzer.

"; /** * @see javax.servlet.http.HttpServlet#service(HttpServletRequest, HttpServletResponse) @@ -81,13 +104,26 @@ public class ProxyServlet extends HttpServlet { try { if (req.getParameter(PARAM_SAMLARTIFACT) != null && req.getParameter(PARAM_TARGET) != null) { + //boolean basicauth = + + //if ((!binding full) && (!isBasicAuthenticationHeaderProvided(req))) { + + // browserRequest(); + + //} else { + // check if SAML Artifact was already used in this session (in case of page reload) HttpSession session = req.getSession(); - if(null != session && req.getParameter(PARAM_SAMLARTIFACT).equals(session.getAttribute(ATT_SAML_ARTIFACT))) { - tunnelRequest(req, resp); + if (null != session && req.getParameter(PARAM_SAMLARTIFACT).equals(session.getAttribute(ATT_SAML_ARTIFACT))) { + if (session.getAttribute(ATT_BROWSERREQU)==null) { + tunnelRequest(req, resp); + }else{ + login(req, resp); //login after browser login dialog + } } else // it is the first time that the SAML Artifact was used login(req, resp); + //} } else tunnelRequest(req, resp); @@ -99,7 +135,7 @@ public class ProxyServlet extends HttpServlet { handleError(ex.getMessage(), ex, req, resp); } } - + /** * Login to online application at first call of servlet for a user session.
*