1 |
|
/*
|
|
1 |
|
/*
|
|
1 |
|
/*
|
2 |
|
* License
d to the A
pache Soft
ware Found
ation (ASF
) under on
e or more
|
|
2 |
|
* License
d to the A
pache Soft
ware Found
ation (ASF
) under on
e or more
|
|
2 |
|
* License
d to the A
pache Soft
ware Found
ation (ASF
) under on
e or more
|
3 |
|
* contrib
utor licen
se agreeme
nts. See
the NOTICE
file dist
ributed wi
th
|
|
3 |
|
* contrib
utor licen
se agreeme
nts. See
the NOTICE
file dist
ributed wi
th
|
|
3 |
|
* contrib
utor licen
se agreeme
nts. See
the NOTICE
file dist
ributed wi
th
|
4 |
|
* this wo
rk for add
itional in
formation
regarding
copyright
ownership.
|
|
4 |
|
* this wo
rk for add
itional in
formation
regarding
copyright
ownership.
|
|
4 |
|
* this wo
rk for add
itional in
formation
regarding
copyright
ownership.
|
5 |
|
* The ASF
licenses
this file
to You und
er the Apa
che Licens
e, Version
2.0
|
|
5 |
|
* The ASF
licenses
this file
to You und
er the Apa
che Licens
e, Version
2.0
|
|
5 |
|
* The ASF
licenses
this file
to You und
er the Apa
che Licens
e, Version
2.0
|
6 |
|
* (the "L
icense");
you may no
t use this
file exce
pt in comp
liance wit
h
|
|
6 |
|
* (the "L
icense");
you may no
t use this
file exce
pt in comp
liance wit
h
|
|
6 |
|
* (the "L
icense");
you may no
t use this
file exce
pt in comp
liance wit
h
|
7 |
|
* the Lic
ense. You
may obtai
n a copy o
f the Lice
nse at
|
|
7 |
|
* the Lic
ense. You
may obtai
n a copy o
f the Lice
nse at
|
|
7 |
|
* the Lic
ense. You
may obtai
n a copy o
f the Lice
nse at
|
8 |
|
*
|
|
8 |
|
*
|
|
8 |
|
*
|
9 |
|
* ht
tp://www.a
pache.org/
licenses/L
ICENSE-2.0
|
|
9 |
|
* ht
tp://www.a
pache.org/
licenses/L
ICENSE-2.0
|
|
9 |
|
* ht
tp://www.a
pache.org/
licenses/L
ICENSE-2.0
|
10 |
|
*
|
|
10 |
|
*
|
|
10 |
|
*
|
11 |
|
* Unless
required b
y applicab
le law or
agreed to
in writing
, software
|
|
11 |
|
* Unless
required b
y applicab
le law or
agreed to
in writing
, software
|
|
11 |
|
* Unless
required b
y applicab
le law or
agreed to
in writing
, software
|
12 |
|
* distrib
uted under
the Licen
se is dist
ributed on
an "AS IS
" BASIS,
|
|
12 |
|
* distrib
uted under
the Licen
se is dist
ributed on
an "AS IS
" BASIS,
|
|
12 |
|
* distrib
uted under
the Licen
se is dist
ributed on
an "AS IS
" BASIS,
|
13 |
|
* WITHOUT
WARRANTIE
S OR CONDI
TIONS OF A
NY KIND, e
ither expr
ess or imp
lied.
|
|
13 |
|
* WITHOUT
WARRANTIE
S OR CONDI
TIONS OF A
NY KIND, e
ither expr
ess or imp
lied.
|
|
13 |
|
* WITHOUT
WARRANTIE
S OR CONDI
TIONS OF A
NY KIND, e
ither expr
ess or imp
lied.
|
14 |
|
* See the
License f
or the spe
cific lang
uage gover
ning permi
ssions and
|
|
14 |
|
* See the
License f
or the spe
cific lang
uage gover
ning permi
ssions and
|
|
14 |
|
* See the
License f
or the spe
cific lang
uage gover
ning permi
ssions and
|
15 |
|
* limitat
ions under
the Licen
se.
|
|
15 |
|
* limitat
ions under
the Licen
se.
|
|
15 |
|
* limitat
ions under
the Licen
se.
|
16 |
|
*/
|
|
16 |
|
*/
|
|
16 |
|
*/
|
17 |
|
package or
g.apache.c
atalina.au
thenticato
r;
|
|
17 |
|
package or
g.apache.c
atalina.au
thenticato
r;
|
|
17 |
|
package or
g.apache.c
atalina.au
thenticato
r;
|
18 |
|
|
|
18 |
|
|
|
18 |
|
|
19 |
|
import jav
a.io.IOExc
eption;
|
|
19 |
|
import jav
a.io.IOExc
eption;
|
|
19 |
|
import jav
a.io.IOExc
eption;
|
20 |
|
import jav
a.io.Objec
tInputStre
am;
|
|
20 |
|
import jav
a.io.Objec
tInputStre
am;
|
|
20 |
|
import jav
a.io.Objec
tInputStre
am;
|
21 |
|
import jav
a.io.Objec
tOutputStr
eam;
|
|
21 |
|
import jav
a.io.Objec
tOutputStr
eam;
|
|
21 |
|
import jav
a.io.Objec
tOutputStr
eam;
|
22 |
|
import jav
a.io.Seria
lizable;
|
|
22 |
|
import jav
a.io.Seria
lizable;
|
|
22 |
|
import jav
a.io.Seria
lizable;
|
23 |
|
import jav
a.security
.Principal
;
|
|
23 |
|
import jav
a.security
.Principal
;
|
|
23 |
|
import jav
a.security
.Principal
;
|
|
|
|
|
|
|
|
|
24 |
|
import jav
a.util.Map
;
|
24 |
|
import jav
a.util.Set
;
|
|
24 |
|
import jav
a.util.Set
;
|
|
25 |
|
import jav
a.util.Set
;
|
25 |
|
import jav
a.util.con
current.Co
ncurrentHa
shMap;
|
|
25 |
|
import jav
a.util.con
current.Co
ncurrentHa
shMap;
|
|
26 |
|
import jav
a.util.con
current.Co
ncurrentHa
shMap;
|
26 |
|
import jav
a.util.con
current.Co
ncurrentMa
p;
|
|
26 |
|
import jav
a.util.con
current.Co
ncurrentMa
p;
|
|
|
|
|
27 |
|
|
|
27 |
|
|
|
27 |
|
|
28 |
|
import jav
ax.servlet
.http.Http
ServletReq
uest;
|
|
28 |
|
import jav
ax.servlet
.http.Http
ServletReq
uest;
|
|
28 |
|
import jav
ax.servlet
.http.Http
ServletReq
uest;
|
29 |
|
|
|
29 |
|
|
|
29 |
|
|
30 |
|
import org
.apache.ca
talina.Ses
sion;
|
|
30 |
|
import org
.apache.ca
talina.Ses
sion;
|
|
30 |
|
import org
.apache.ca
talina.Ses
sion;
|
31 |
|
|
|
31 |
|
|
|
31 |
|
|
32 |
|
/**
|
|
32 |
|
/**
|
|
32 |
|
/**
|
33 |
|
* A class
that repr
esents ent
ries in th
e cache of
authentic
ated users
.
|
|
33 |
|
* A class
that repr
esents ent
ries in th
e cache of
authentic
ated users
.
|
|
33 |
|
* A class
that repr
esents ent
ries in th
e cache of
authentic
ated users
.
|
34 |
|
* This is
necessary
to make i
t availabl
e to
|
|
34 |
|
* This is
necessary
to make i
t availabl
e to
|
|
34 |
|
* This is
necessary
to make i
t availabl
e to
|
35 |
|
* <code>A
uthenticat
orBase</co
de> subcla
sses that
need it in
order to
perform
|
|
35 |
|
* <code>A
uthenticat
orBase</co
de> subcla
sses that
need it in
order to
perform
|
|
35 |
|
* <code>A
uthenticat
orBase</co
de> subcla
sses that
need it in
order to
perform
|
36 |
|
* reauthe
ntications
when Sing
leSignOn i
s in use.
|
|
36 |
|
* reauthe
ntications
when Sing
leSignOn i
s in use.
|
|
36 |
|
* reauthe
ntications
when Sing
leSignOn i
s in use.
|
37 |
|
*
|
|
37 |
|
*
|
|
37 |
|
*
|
38 |
|
* @author
B Stansb
erry, base
d on work
by Craig R
. McClanah
an
|
|
38 |
|
* @author
B Stansb
erry, base
d on work
by Craig R
. McClanah
an
|
|
38 |
|
* @author
B Stansb
erry, base
d on work
by Craig R
. McClanah
an
|
39 |
|
*
|
|
39 |
|
*
|
|
39 |
|
*
|
40 |
|
* @see Si
ngleSignOn
|
|
40 |
|
* @see Si
ngleSignOn
|
|
40 |
|
* @see Si
ngleSignOn
|
41 |
|
* @see Au
thenticato
rBase#reau
thenticate
FromSSO
|
|
41 |
|
* @see Au
thenticato
rBase#reau
thenticate
FromSSO
|
|
41 |
|
* @see Au
thenticato
rBase#reau
thenticate
FromSSO
|
42 |
|
*/
|
|
42 |
|
*/
|
|
42 |
|
*/
|
43 |
|
public cla
ss SingleS
ignOnEntry
implement
s Serializ
able {
|
|
43 |
|
public cla
ss SingleS
ignOnEntry
implement
s Serializ
able {
|
|
43 |
|
public cla
ss SingleS
ignOnEntry
implement
s Serializ
able {
|
44 |
|
|
|
44 |
|
|
|
44 |
|
|
45 |
|
privat
e static f
inal long
serialVers
ionUID = 1
L;
|
|
45 |
|
privat
e static f
inal long
serialVers
ionUID = 1
L;
|
|
45 |
|
privat
e static f
inal long
serialVers
ionUID = 1
L;
|
46 |
|
|
|
46 |
|
|
|
46 |
|
|
47 |
|
// ---
----------
----------
----------
----------
----------
- Instanc
e Fields
|
|
47 |
|
// ---
----------
----------
----------
----------
----------
- Instanc
e Fields
|
|
47 |
|
// ---
----------
----------
----------
----------
----------
- Instanc
e Fields
|
48 |
|
|
|
48 |
|
|
|
48 |
|
|
49 |
|
pr
otec
te
d
String au
thType = n
ull;
|
|
49 |
|
pr
iva
te
String au
thType = n
ull;
|
|
49 |
|
privat
e String a
uthType =
null;
|
50 |
|
|
|
50 |
|
|
|
50 |
|
|
51 |
|
pr
otec
te
d
String pa
ssword = n
ull;
|
|
51 |
|
pr
iva
te
String pa
ssword = n
ull;
|
|
51 |
|
privat
e String p
assword =
null;
|
52 |
|
|
|
52 |
|
|
|
52 |
|
|
53 |
|
// Mar
ked as tra
nsient so
special ha
ndling can
be applie
d to seria
lization
|
|
53 |
|
// Mar
ked as tra
nsient so
special ha
ndling can
be applie
d to seria
lization
|
|
53 |
|
// Mar
ked as tra
nsient so
special ha
ndling can
be applie
d to seria
lization
|
54 |
|
pr
otec
te
d
transient
Principal
principal
= null;
|
|
54 |
|
pr
iva
te
transient
Principal
principal
= null;
|
|
54 |
|
privat
e transien
t Principa
l principa
l = null;
|
55 |
|
|
|
55 |
|
|
|
55 |
|
|
56 |
|
pr
otec
te
d
Concurren
tMap<Singl
eSignOnSes
sionKey,Si
ngleSignOn
SessionKey
> sessionK
eys =
|
|
56 |
|
pr
iva
te
final
Concurrent
Map<Single
SignOnSess
ionKey,Sin
gleSignOnS
essionKey>
sessionKe
ys =
|
|
56 |
|
private fi
nal
Map<Single
SignOnSess
ionKey,Sin
gleSignOnS
essionKey>
sessionKe
ys =
|
57 |
|
new Conc
urrentHash
Map<>();
|
|
57 |
|
new Conc
urrentHash
Map<>();
|
|
57 |
|
new Conc
urrentHash
Map<>();
|
58 |
|
|
|
58 |
|
|
|
58 |
|
|
59 |
|
pr
otec
te
d
String us
ername = n
ull;
|
|
59 |
|
pr
iva
te
String us
ername = n
ull;
|
|
59 |
|
privat
e String u
sername =
null;
|
60 |
|
|
|
60 |
|
|
|
60 |
|
|
61 |
|
pr
otec
te
d
boolean c
anReauthen
ticate = f
alse;
|
|
61 |
|
pr
iva
te
boolean c
anReauthen
ticate = f
alse;
|
|
61 |
|
privat
e boolean
canReauthe
nticate =
false;
|
62 |
|
|
|
62 |
|
|
|
62 |
|
|
63 |
|
// ---
----------
----------
----------
----------
----------
---- Cons
tructors
|
|
63 |
|
// ---
----------
----------
----------
----------
----------
---- Cons
tructors
|
|
63 |
|
// ---
----------
----------
----------
----------
----------
---- Cons
tructors
|
64 |
|
|
|
64 |
|
|
|
64 |
|
|
65 |
|
/**
|
|
65 |
|
/**
|
|
65 |
|
/**
|
66 |
|
* Cre
ates a new
SingleSig
nOnEntry
|
|
66 |
|
* Cre
ates a new
SingleSig
nOnEntry
|
|
66 |
|
* Cre
ates a new
SingleSig
nOnEntry
|
67 |
|
*
|
|
67 |
|
*
|
|
67 |
|
*
|
68 |
|
* @pa
ram princi
pal the <c
ode>Princi
pal</code>
returned
by the lat
est
|
|
68 |
|
* @pa
ram princi
pal the <c
ode>Princi
pal</code>
returned
by the lat
est
|
|
68 |
|
* @pa
ram princi
pal the <c
ode>Princi
pal</code>
returned
by the lat
est
|
69 |
|
*
call t
o <code>Re
alm.authen
ticate</co
de>.
|
|
69 |
|
*
call t
o <code>Re
alm.authen
ticate</co
de>.
|
|
69 |
|
*
call t
o <code>Re
alm.authen
ticate</co
de>.
|
70 |
|
* @pa
ram authTy
pe the ty
pe of auth
enticator
used (BASI
C, CLIENT_
CERT,
|
|
70 |
|
* @pa
ram authTy
pe the ty
pe of auth
enticator
used (BASI
C, CLIENT_
CERT,
|
|
70 |
|
* @pa
ram authTy
pe the ty
pe of auth
enticator
used (BASI
C, CLIENT_
CERT,
|
71 |
|
*
DIGEST
or FORM)
|
|
71 |
|
*
DIGEST
or FORM)
|
|
71 |
|
*
DIGEST
or FORM)
|
72 |
|
* @pa
ram userna
me the us
ername (if
any) used
for the a
uthenticat
ion
|
|
72 |
|
* @pa
ram userna
me the us
ername (if
any) used
for the a
uthenticat
ion
|
|
72 |
|
* @pa
ram userna
me the us
ername (if
any) used
for the a
uthenticat
ion
|
73 |
|
* @pa
ram passwo
rd the pa
ssword (if
any) used
for the a
uthenticat
ion
|
|
73 |
|
* @pa
ram passwo
rd the pa
ssword (if
any) used
for the a
uthenticat
ion
|
|
73 |
|
* @pa
ram passwo
rd the pa
ssword (if
any) used
for the a
uthenticat
ion
|
74 |
|
*/
|
|
74 |
|
*/
|
|
74 |
|
*/
|
75 |
|
public
SingleSig
nOnEntry(P
rincipal p
rincipal,
String aut
hType,
|
|
75 |
|
public
SingleSig
nOnEntry(P
rincipal p
rincipal,
String aut
hType,
|
|
75 |
|
public
SingleSig
nOnEntry(P
rincipal p
rincipal,
String aut
hType,
|
76 |
|
S
tring user
name, Stri
ng passwor
d) {
|
|
76 |
|
S
tring user
name, Stri
ng passwor
d) {
|
|
76 |
|
S
tring user
name, Stri
ng passwor
d) {
|
77 |
|
|
|
77 |
|
|
|
77 |
|
|
78 |
|
up
dateCreden
tials(prin
cipal, aut
hType, use
rname, pas
sword);
|
|
78 |
|
up
dateCreden
tials(prin
cipal, aut
hType, use
rname, pas
sword);
|
|
78 |
|
up
dateCreden
tials(prin
cipal, aut
hType, use
rname, pas
sword);
|
79 |
|
}
|
|
79 |
|
}
|
|
79 |
|
}
|
80 |
|
|
|
80 |
|
|
|
80 |
|
|
81 |
|
// ---
----------
----------
----------
----------
----------
-- Package
Methods
|
|
81 |
|
// ---
----------
----------
----------
----------
----------
-- Package
Methods
|
|
81 |
|
// ---
----------
----------
----------
----------
----------
-- Package
Methods
|
82 |
|
|
|
82 |
|
|
|
82 |
|
|
83 |
|
/**
|
|
83 |
|
/**
|
|
83 |
|
/**
|
84 |
|
* Add
s a <code>
Session</c
ode> to th
e list of
those asso
ciated wit
h
|
|
84 |
|
* Add
s a <code>
Session</c
ode> to th
e list of
those asso
ciated wit
h
|
|
84 |
|
* Add
s a <code>
Session</c
ode> to th
e list of
those asso
ciated wit
h
|
85 |
|
* thi
s SSO.
|
|
85 |
|
* thi
s SSO.
|
|
85 |
|
* thi
s SSO.
|
86 |
|
*
|
|
86 |
|
*
|
|
86 |
|
*
|
87 |
|
* @pa
ram sso
The <c
ode>Single
SignOn</co
de> valve
that is ma
naging
|
|
87 |
|
* @pa
ram sso
The <c
ode>Single
SignOn</co
de> valve
that is ma
naging
|
|
87 |
|
* @pa
ram sso
The <c
ode>Single
SignOn</co
de> valve
that is ma
naging
|
88 |
|
*
the SS
O session.
|
|
88 |
|
*
the SS
O session.
|
|
88 |
|
*
the SS
O session.
|
|
|
|
|
89 |
|
* @pa
ram ssoId
The ID
of the SS
O session.
|
|
89 |
|
* @pa
ram ssoId
The ID
of the SS
O session.
|
89 |
|
* @pa
ram sessio
n The <c
ode>Sessio
n</code> b
eing assoc
iated with
the SSO.
|
|
90 |
|
* @pa
ram sessio
n The <c
ode>Sessio
n</code> b
eing assoc
iated with
the SSO.
|
|
90 |
|
* @pa
ram sessio
n The <c
ode>Sessio
n</code> b
eing assoc
iated with
the SSO.
|
90 |
|
*/
|
|
91 |
|
*/
|
|
91 |
|
*/
|
91 |
|
public
void addS
ession(Sin
gleSignOn
sso, Strin
g ssoId, S
ession ses
sion) {
|
|
92 |
|
public
void addS
ession(Sin
gleSignOn
sso, Strin
g ssoId, S
ession ses
sion) {
|
|
92 |
|
public
void addS
ession(Sin
gleSignOn
sso, Strin
g ssoId, S
ession ses
sion) {
|
92 |
|
Si
ngleSignOn
SessionKey
key = new
SingleSig
nOnSession
Key(sessio
n);
|
|
93 |
|
Si
ngleSignOn
SessionKey
key = new
SingleSig
nOnSession
Key(sessio
n);
|
|
93 |
|
Si
ngleSignOn
SessionKey
key = new
SingleSig
nOnSession
Key(sessio
n);
|
93 |
|
Si
ngleSignOn
SessionKey
currentKe
y = sessio
nKeys.putI
fAbsent(ke
y, key);
|
|
94 |
|
Si
ngleSignOn
SessionKey
currentKe
y = sessio
nKeys.putI
fAbsent(ke
y, key);
|
|
94 |
|
Si
ngleSignOn
SessionKey
currentKe
y = sessio
nKeys.putI
fAbsent(ke
y, key);
|
94 |
|
if
(currentK
ey == null
) {
|
|
95 |
|
if
(currentK
ey == null
) {
|
|
95 |
|
if
(currentK
ey == null
) {
|
95 |
|
// Sessi
on not pre
viously ad
ded
|
|
96 |
|
// Sessi
on not pre
viously ad
ded
|
|
96 |
|
// Sessi
on not pre
viously ad
ded
|
96 |
|
session.
addSession
Listener(s
so.getSess
ionListene
r(ssoId));
|
|
97 |
|
session.
addSession
Listener(s
so.getSess
ionListene
r(ssoId));
|
|
97 |
|
session.
addSession
Listener(s
so.getSess
ionListene
r(ssoId));
|
97 |
|
}
|
|
98 |
|
}
|
|
98 |
|
}
|
98 |
|
}
|
|
99 |
|
}
|
|
99 |
|
}
|
99 |
|
|
|
100 |
|
|
|
100 |
|
|
100 |
|
/**
|
|
101 |
|
/**
|
|
101 |
|
/**
|
101 |
|
* Rem
oves the g
iven <code
>Session</
code> from
the list
of those
|
|
102 |
|
* Rem
oves the g
iven <code
>Session</
code> from
the list
of those
|
|
102 |
|
* Rem
oves the g
iven <code
>Session</
code> from
the list
of those
|
102 |
|
* ass
ociated wi
th this SS
O.
|
|
103 |
|
* ass
ociated wi
th this SS
O.
|
|
103 |
|
* ass
ociated wi
th this SS
O.
|
103 |
|
*
|
|
104 |
|
*
|
|
104 |
|
*
|
104 |
|
* @pa
ram sessio
n the <co
de>Session
</code> to
remove.
|
|
105 |
|
* @pa
ram sessio
n the <co
de>Session
</code> to
remove.
|
|
105 |
|
* @pa
ram sessio
n the <co
de>Session
</code> to
remove.
|
105 |
|
*/
|
|
106 |
|
*/
|
|
106 |
|
*/
|
106 |
|
public
void remo
veSession(
Session se
ssion) {
|
|
107 |
|
public
void remo
veSession(
Session se
ssion) {
|
|
107 |
|
public
void remo
veSession(
Session se
ssion) {
|
107 |
|
Si
ngleSignOn
SessionKey
key = new
SingleSig
nOnSession
Key(sessio
n);
|
|
108 |
|
Si
ngleSignOn
SessionKey
key = new
SingleSig
nOnSession
Key(sessio
n);
|
|
108 |
|
Si
ngleSignOn
SessionKey
key = new
SingleSig
nOnSession
Key(sessio
n);
|
108 |
|
se
ssionKeys.
remove(key
);
|
|
109 |
|
se
ssionKeys.
remove(key
);
|
|
109 |
|
se
ssionKeys.
remove(key
);
|
109 |
|
}
|
|
110 |
|
}
|
|
110 |
|
}
|
110 |
|
|
|
111 |
|
|
|
111 |
|
|
111 |
|
/**
|
|
112 |
|
/**
|
|
112 |
|
/**
|
112 |
|
* Ret
urns the H
TTP Sessio
n identifi
ers associ
ated with
this SSO.
|
|
113 |
|
* Ret
urns the H
TTP Sessio
n identifi
ers associ
ated with
this SSO.
|
|
113 |
|
* Ret
urns the H
TTP Sessio
n identifi
ers associ
ated with
this SSO.
|
113 |
|
*
|
|
114 |
|
*
|
|
114 |
|
*
|
114 |
|
* @re
turn The i
dentifiers
for the H
TTP sessio
ns that ar
e current
associated
|
|
115 |
|
* @re
turn The i
dentifiers
for the H
TTP sessio
ns that ar
e current
associated
|
|
115 |
|
* @re
turn The i
dentifiers
for the H
TTP sessio
ns that ar
e current
associated
|
115 |
|
*
with
this SSo e
ntry
|
|
116 |
|
*
with
this SSo e
ntry
|
|
116 |
|
*
with
this SSo e
ntry
|
116 |
|
*/
|
|
117 |
|
*/
|
|
117 |
|
*/
|
117 |
|
public
Set<Singl
eSignOnSes
sionKey> f
indSession
s() {
|
|
118 |
|
public
Set<Singl
eSignOnSes
sionKey> f
indSession
s() {
|
|
118 |
|
public
Set<Singl
eSignOnSes
sionKey> f
indSession
s() {
|
118 |
|
re
turn sessi
onKeys.key
Set();
|
|
119 |
|
re
turn sessi
onKeys.key
Set();
|
|
119 |
|
re
turn sessi
onKeys.key
Set();
|
119 |
|
}
|
|
120 |
|
}
|
|
120 |
|
}
|
120 |
|
|
|
121 |
|
|
|
121 |
|
|
121 |
|
/**
|
|
122 |
|
/**
|
|
122 |
|
/**
|
122 |
|
* Get
s the name
of the au
thenticati
on type or
iginally u
sed to aut
henticate
|
|
123 |
|
* Get
s the name
of the au
thenticati
on type or
iginally u
sed to aut
henticate
|
|
123 |
|
* Get
s the name
of the au
thenticati
on type or
iginally u
sed to aut
henticate
|
123 |
|
* the
user asso
ciated wit
h the SSO.
|
|
124 |
|
* the
user asso
ciated wit
h the SSO.
|
|
124 |
|
* the
user asso
ciated wit
h the SSO.
|
124 |
|
*
|
|
125 |
|
*
|
|
125 |
|
*
|
125 |
|
* @re
turn "BASI
C", "CLIEN
T_CERT", "
DIGEST", "
FORM" or "
NONE"
|
|
126 |
|
* @re
turn "BASI
C", "CLIEN
T_CERT", "
DIGEST", "
FORM" or "
NONE"
|
|
126 |
|
* @re
turn "BASI
C", "CLIEN
T_CERT", "
DIGEST", "
FORM" or "
NONE"
|
126 |
|
*/
|
|
127 |
|
*/
|
|
127 |
|
*/
|
127 |
|
public
String ge
tAuthType(
) {
|
|
128 |
|
public
String ge
tAuthType(
) {
|
|
128 |
|
public
String ge
tAuthType(
) {
|
128 |
|
re
turn this.
authType;
|
|
129 |
|
re
turn this.
authType;
|
|
129 |
|
re
turn this.
authType;
|
129 |
|
}
|
|
130 |
|
}
|
|
130 |
|
}
|
130 |
|
|
|
131 |
|
|
|
131 |
|
|
131 |
|
/**
|
|
132 |
|
/**
|
|
132 |
|
/**
|
132 |
|
* Get
s whether
the authen
tication t
ype associ
ated with
the origin
al
|
|
133 |
|
* Get
s whether
the authen
tication t
ype associ
ated with
the origin
al
|
|
133 |
|
* Get
s whether
the authen
tication t
ype associ
ated with
the origin
al
|
133 |
|
* aut
henticatio
n supports
reauthent
ication.
|
|
134 |
|
* aut
henticatio
n supports
reauthent
ication.
|
|
134 |
|
* aut
henticatio
n supports
reauthent
ication.
|
134 |
|
*
|
|
135 |
|
*
|
|
135 |
|
*
|
135 |
|
* @re
turn <cod
e>true</co
de> if <co
de>getAuth
Type</code
> returns
|
|
136 |
|
* @re
turn <cod
e>true</co
de> if <co
de>getAuth
Type</code
> returns
|
|
136 |
|
* @re
turn <cod
e>true</co
de> if <co
de>getAuth
Type</code
> returns
|
136 |
|
*
"BAS
IC" or "FO
RM", <code
>false</co
de> otherw
ise.
|
|
137 |
|
*
"BAS
IC" or "FO
RM", <code
>false</co
de> otherw
ise.
|
|
137 |
|
*
"BAS
IC" or "FO
RM", <code
>false</co
de> otherw
ise.
|
137 |
|
*/
|
|
138 |
|
*/
|
|
138 |
|
*/
|
138 |
|
public
boolean g
etCanReaut
henticate(
) {
|
|
139 |
|
public
boolean g
etCanReaut
henticate(
) {
|
|
139 |
|
public
boolean g
etCanReaut
henticate(
) {
|
139 |
|
re
turn this.
canReauthe
nticate;
|
|
140 |
|
re
turn this.
canReauthe
nticate;
|
|
140 |
|
re
turn this.
canReauthe
nticate;
|
140 |
|
}
|
|
141 |
|
}
|
|
141 |
|
}
|
141 |
|
|
|
142 |
|
|
|
142 |
|
|
142 |
|
/**
|
|
143 |
|
/**
|
|
143 |
|
/**
|
143 |
|
* Get
s the pass
word crede
ntial (if
any) assoc
iated with
the SSO.
|
|
144 |
|
* Get
s the pass
word crede
ntial (if
any) assoc
iated with
the SSO.
|
|
144 |
|
* Get
s the pass
word crede
ntial (if
any) assoc
iated with
the SSO.
|
144 |
|
*
|
|
145 |
|
*
|
|
145 |
|
*
|
145 |
|
* @re
turn the
password c
redential
associated
with the
SSO, or
|
|
146 |
|
* @re
turn the
password c
redential
associated
with the
SSO, or
|
|
146 |
|
* @re
turn the
password c
redential
associated
with the
SSO, or
|
146 |
|
*
<cod
e>null</co
de> if the
original
authentica
tion type
|
|
147 |
|
*
<cod
e>null</co
de> if the
original
authentica
tion type
|
|
147 |
|
*
<cod
e>null</co
de> if the
original
authentica
tion type
|
147 |
|
*
does
not invol
ve a passw
ord.
|
|
148 |
|
*
does
not invol
ve a passw
ord.
|
|
148 |
|
*
does
not invol
ve a passw
ord.
|
148 |
|
*/
|
|
149 |
|
*/
|
|
149 |
|
*/
|
149 |
|
public
String ge
tPassword(
) {
|
|
150 |
|
public
String ge
tPassword(
) {
|
|
150 |
|
public
String ge
tPassword(
) {
|
150 |
|
re
turn this.
password;
|
|
151 |
|
re
turn this.
password;
|
|
151 |
|
re
turn this.
password;
|
151 |
|
}
|
|
152 |
|
}
|
|
152 |
|
}
|
152 |
|
|
|
153 |
|
|
|
153 |
|
|
153 |
|
/**
|
|
154 |
|
/**
|
|
154 |
|
/**
|
154 |
|
* Get
s the <cod
e>Principa
l</code> t
hat has be
en authent
icated by
the SSO.
|
|
155 |
|
* Get
s the <cod
e>Principa
l</code> t
hat has be
en authent
icated by
the SSO.
|
|
155 |
|
* Get
s the <cod
e>Principa
l</code> t
hat has be
en authent
icated by
the SSO.
|
155 |
|
*
|
|
156 |
|
*
|
|
156 |
|
*
|
156 |
|
* @re
turn The P
rincipal t
hat was cr
eated by t
he authent
ication th
at
|
|
157 |
|
* @re
turn The P
rincipal t
hat was cr
eated by t
he authent
ication th
at
|
|
157 |
|
* @re
turn The P
rincipal t
hat was cr
eated by t
he authent
ication th
at
|
157 |
|
*
trigg
ered the c
reation of
the SSO e
ntry
|
|
158 |
|
*
trigg
ered the c
reation of
the SSO e
ntry
|
|
158 |
|
*
trigg
ered the c
reation of
the SSO e
ntry
|
158 |
|
*/
|
|
159 |
|
*/
|
|
159 |
|
*/
|
159 |
|
public
Principal
getPrinci
pal() {
|
|
160 |
|
public
Principal
getPrinci
pal() {
|
|
160 |
|
public
Principal
getPrinci
pal() {
|
160 |
|
re
turn this.
principal;
|
|
161 |
|
re
turn this.
principal;
|
|
161 |
|
re
turn this.
principal;
|
161 |
|
}
|
|
162 |
|
}
|
|
162 |
|
}
|
162 |
|
|
|
163 |
|
|
|
163 |
|
|
163 |
|
/**
|
|
164 |
|
/**
|
|
164 |
|
/**
|
164 |
|
* Get
s the user
name prov
ided by th
e user as
part of th
e authenti
cation
|
|
165 |
|
* Get
s the user
name prov
ided by th
e user as
part of th
e authenti
cation
|
|
165 |
|
* Get
s the user
name prov
ided by th
e user as
part of th
e authenti
cation
|
165 |
|
* pro
cess.
|
|
166 |
|
* pro
cess.
|
|
166 |
|
* pro
cess.
|
166 |
|
*
|
|
167 |
|
*
|
|
167 |
|
*
|
167 |
|
* @re
turn The u
ser name t
hat was au
thenticate
d as part
of the
|
|
168 |
|
* @re
turn The u
ser name t
hat was au
thenticate
d as part
of the
|
|
168 |
|
* @re
turn The u
ser name t
hat was au
thenticate
d as part
of the
|
168 |
|
*
authe
ntication
that trigg
ered the c
reation of
the SSO e
ntry
|
|
169 |
|
*
authe
ntication
that trigg
ered the c
reation of
the SSO e
ntry
|
|
169 |
|
*
authe
ntication
that trigg
ered the c
reation of
the SSO e
ntry
|
169 |
|
*/
|
|
170 |
|
*/
|
|
170 |
|
*/
|
170 |
|
public
String ge
tUsername(
) {
|
|
171 |
|
public
String ge
tUsername(
) {
|
|
171 |
|
public
String ge
tUsername(
) {
|
171 |
|
re
turn this.
username;
|
|
172 |
|
re
turn this.
username;
|
|
172 |
|
re
turn this.
username;
|
172 |
|
}
|
|
173 |
|
}
|
|
173 |
|
}
|
173 |
|
|
|
174 |
|
|
|
174 |
|
|
174 |
|
|
|
175 |
|
|
|
175 |
|
|
175 |
|
/**
|
|
176 |
|
/**
|
|
176 |
|
/**
|
176 |
|
* Upd
ates the S
ingleSignO
nEntry to
reflect th
e latest s
ecurity
|
|
177 |
|
* Upd
ates the S
ingleSignO
nEntry to
reflect th
e latest s
ecurity
|
|
177 |
|
* Upd
ates the S
ingleSignO
nEntry to
reflect th
e latest s
ecurity
|
177 |
|
* inf
ormation a
ssociated
with the c
aller.
|
|
178 |
|
* inf
ormation a
ssociated
with the c
aller.
|
|
178 |
|
* inf
ormation a
ssociated
with the c
aller.
|
178 |
|
*
|
|
179 |
|
*
|
|
179 |
|
*
|
179 |
|
* @pa
ram princi
pal the <c
ode>Princi
pal</code>
returned
by the lat
est
|
|
180 |
|
* @pa
ram princi
pal the <c
ode>Princi
pal</code>
returned
by the lat
est
|
|
180 |
|
* @pa
ram princi
pal the <c
ode>Princi
pal</code>
returned
by the lat
est
|
180 |
|
*
call t
o <code>Re
alm.authen
ticate</co
de>.
|
|
181 |
|
*
call t
o <code>Re
alm.authen
ticate</co
de>.
|
|
181 |
|
*
call t
o <code>Re
alm.authen
ticate</co
de>.
|
181 |
|
* @pa
ram authTy
pe the ty
pe of auth
enticator
used (BASI
C, CLIENT_
CERT,
|
|
182 |
|
* @pa
ram authTy
pe the ty
pe of auth
enticator
used (BASI
C, CLIENT_
CERT,
|
|
182 |
|
* @pa
ram authTy
pe the ty
pe of auth
enticator
used (BASI
C, CLIENT_
CERT,
|
182 |
|
*
DIGEST
or FORM)
|
|
183 |
|
*
DIGEST
or FORM)
|
|
183 |
|
*
DIGEST
or FORM)
|
183 |
|
* @pa
ram userna
me the us
ername (if
any) used
for the a
uthenticat
ion
|
|
184 |
|
* @pa
ram userna
me the us
ername (if
any) used
for the a
uthenticat
ion
|
|
184 |
|
* @pa
ram userna
me the us
ername (if
any) used
for the a
uthenticat
ion
|
184 |
|
* @pa
ram passwo
rd the pa
ssword (if
any) used
for the a
uthenticat
ion
|
|
185 |
|
* @pa
ram passwo
rd the pa
ssword (if
any) used
for the a
uthenticat
ion
|
|
185 |
|
* @pa
ram passwo
rd the pa
ssword (if
any) used
for the a
uthenticat
ion
|
185 |
|
*/
|
|
186 |
|
*/
|
|
186 |
|
*/
|
186 |
|
public
synchroni
zed void u
pdateCrede
ntials(Pri
ncipal pri
ncipal, St
ring authT
ype,
|
|
187 |
|
public
synchroni
zed void u
pdateCrede
ntials(Pri
ncipal pri
ncipal, St
ring authT
ype,
|
|
187 |
|
public
synchroni
zed void u
pdateCrede
ntials(Pri
ncipal pri
ncipal, St
ring authT
ype,
|
187 |
|
String
username,
String pa
ssword) {
|
|
188 |
|
String
username,
String pa
ssword) {
|
|
188 |
|
String
username,
String pa
ssword) {
|
188 |
|
th
is.princip
al = princ
ipal;
|
|
189 |
|
th
is.princip
al = princ
ipal;
|
|
189 |
|
th
is.princip
al = princ
ipal;
|
189 |
|
th
is.authTyp
e = authTy
pe;
|
|
190 |
|
th
is.authTyp
e = authTy
pe;
|
|
190 |
|
th
is.authTyp
e = authTy
pe;
|
190 |
|
th
is.usernam
e = userna
me;
|
|
191 |
|
th
is.usernam
e = userna
me;
|
|
191 |
|
th
is.usernam
e = userna
me;
|
191 |
|
th
is.passwor
d = passwo
rd;
|
|
192 |
|
th
is.passwor
d = passwo
rd;
|
|
192 |
|
th
is.passwor
d = passwo
rd;
|
192 |
|
th
is.canReau
thenticate
= (HttpSe
rvletReque
st.BASIC_A
UTH.equals
(authType)
||
|
|
193 |
|
th
is.canReau
thenticate
= (HttpSe
rvletReque
st.BASIC_A
UTH.equals
(authType)
||
|
|
193 |
|
th
is.canReau
thenticate
= (HttpSe
rvletReque
st.BASIC_A
UTH.equals
(authType)
||
|
193 |
|
Http
ServletReq
uest.FORM_
AUTH.equal
s(authType
));
|
|
194 |
|
Http
ServletReq
uest.FORM_
AUTH.equal
s(authType
));
|
|
194 |
|
Http
ServletReq
uest.FORM_
AUTH.equal
s(authType
));
|
194 |
|
}
|
|
195 |
|
}
|
|
195 |
|
}
|
195 |
|
|
|
196 |
|
|
|
196 |
|
|
196 |
|
|
|
197 |
|
|
|
197 |
|
|
197 |
|
privat
e void wri
teObject(O
bjectOutpu
tStream ou
t) throws
IOExceptio
n {
|
|
198 |
|
privat
e void wri
teObject(O
bjectOutpu
tStream ou
t) throws
IOExceptio
n {
|
|
198 |
|
privat
e void wri
teObject(O
bjectOutpu
tStream ou
t) throws
IOExceptio
n {
|
198 |
|
ou
t.defaultW
riteObject
();
|
|
199 |
|
ou
t.defaultW
riteObject
();
|
|
199 |
|
ou
t.defaultW
riteObject
();
|
199 |
|
if
(principa
l instance
of Seriali
zable) {
|
|
200 |
|
if
(principa
l instance
of Seriali
zable) {
|
|
200 |
|
if
(principa
l instance
of Seriali
zable) {
|
200 |
|
out.writ
eBoolean(t
rue);
|
|
201 |
|
out.writ
eBoolean(t
rue);
|
|
201 |
|
out.writ
eBoolean(t
rue);
|
201 |
|
out.writ
eObject(pr
incipal);
|
|
202 |
|
out.writ
eObject(pr
incipal);
|
|
202 |
|
out.writ
eObject(pr
incipal);
|
202 |
|
}
else {
|
|
203 |
|
}
else {
|
|
203 |
|
}
else {
|
203 |
|
out.writ
eBoolean(f
alse);
|
|
204 |
|
out.writ
eBoolean(f
alse);
|
|
204 |
|
out.writ
eBoolean(f
alse);
|
204 |
|
}
|
|
205 |
|
}
|
|
205 |
|
}
|
205 |
|
}
|
|
206 |
|
}
|
|
206 |
|
}
|
206 |
|
|
|
207 |
|
|
|
207 |
|
|
207 |
|
privat
e void rea
dObject(Ob
jectInputS
tream in)
throws IOE
xception,
|
|
208 |
|
privat
e void rea
dObject(Ob
jectInputS
tream in)
throws IOE
xception,
|
|
208 |
|
privat
e void rea
dObject(Ob
jectInputS
tream in)
throws IOE
xception,
|
208 |
|
ClassNot
FoundExcep
tion {
|
|
209 |
|
ClassNot
FoundExcep
tion {
|
|
209 |
|
ClassNot
FoundExcep
tion {
|
209 |
|
in
.defaultRe
adObject()
;
|
|
210 |
|
in
.defaultRe
adObject()
;
|
|
210 |
|
in
.defaultRe
adObject()
;
|
210 |
|
bo
olean hasP
rincipal =
in.readBo
olean();
|
|
211 |
|
bo
olean hasP
rincipal =
in.readBo
olean();
|
|
211 |
|
bo
olean hasP
rincipal =
in.readBo
olean();
|
211 |
|
if
(hasPrinc
ipal) {
|
|
212 |
|
if
(hasPrinc
ipal) {
|
|
212 |
|
if
(hasPrinc
ipal) {
|
212 |
|
principa
l = (Princ
ipal) in.r
eadObject(
);
|
|
213 |
|
principa
l = (Princ
ipal) in.r
eadObject(
);
|
|
213 |
|
principa
l = (Princ
ipal) in.r
eadObject(
);
|
213 |
|
}
|
|
214 |
|
}
|
|
214 |
|
}
|
214 |
|
}
|
|
215 |
|
}
|
|
215 |
|
}
|
215 |
|
}
|
|
216 |
|
}
|
|
216 |
|
}
|