001: /*
002: * JOSSO: Java Open Single Sign-On
003: *
004: * Copyright 2004-2008, Atricore, Inc.
005: *
006: * This is free software; you can redistribute it and/or modify it
007: * under the terms of the GNU Lesser General Public License as
008: * published by the Free Software Foundation; either version 2.1 of
009: * the License, or (at your option) any later version.
010: *
011: * This software is distributed in the hope that it will be useful,
012: * but WITHOUT ANY WARRANTY; without even the implied warranty of
013: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
014: * Lesser General Public License for more details.
015: *
016: * You should have received a copy of the GNU Lesser General Public
017: * License along with this software; if not, write to the Free
018: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
019: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
020: */
021:
022: package org.josso.servlet.agent;
023:
024: import org.apache.commons.logging.Log;
025: import org.apache.commons.logging.LogFactory;
026: import org.josso.agent.AbstractSSOAgent;
027: import org.josso.agent.SSOAgentRequest;
028: import org.josso.agent.SingleSignOnEntry;
029: import org.josso.servlet.agent.jaas.SSOGatewayHandler;
030:
031: import javax.security.auth.Subject;
032: import javax.security.auth.callback.CallbackHandler;
033: import javax.security.auth.login.LoginContext;
034: import javax.security.auth.login.LoginException;
035: import java.security.Principal;
036:
037: /**
038: * This agent will authenticate users against JAAS Infrastructure directly. It will look up for the "josso" login context.
039: * You have to configure a JAAS context under the name "josso", delcaring the SSOGatewayLoginModule, for example :
040: * <br>
041: * <br>
042: * <pre>
043: * josso {
044: * org.josso.servlet.agent.jaas.SSOGatewayLoginModule required debug=true;
045: * };
046: * </pre>
047: *
048: * Date: Nov 27, 2007
049: * Time: 11:47:26 AM
050: *
051: * @author <a href="mailto:sgonzalez@josso.org">Sebastian Gonzalez Oyuela</a>
052: *
053: */
054: public class GenericServletSSOAgent extends AbstractSSOAgent {
055:
056: private static final Log log = LogFactory
057: .getLog(GenericServletSSOAgent.class);
058:
059: /**
060: * This extension will delegate processing to super class and publish JOSSO Security Context
061: * instance in the LocalSession associated to the request.
062: */
063: public SingleSignOnEntry processRequest(SSOAgentRequest request) {
064:
065: SingleSignOnEntry entry = super .processRequest(request);
066:
067: GenericServletSSOAgentRequest r = (GenericServletSSOAgentRequest) request;
068:
069: if (r.getSecurityContext() != null) {
070:
071: if (log.isDebugEnabled())
072: log
073: .debug("Publishing JOSSO Security Context instance in session ["
074: + (entry != null ? entry.ssoId
075: : "<NO-SSO-ID>") + "]");
076:
077: GenericServletLocalSession localSession = (GenericServletLocalSession) r
078: .getLocalSession();
079: localSession.setSecurityContext(r.getSecurityContext());
080: }
081:
082: return entry;
083: }
084:
085: /**
086: * Resolves an authentication request using JAAS infrastructure.
087: * @param request containing the SSO Session id.
088: * @return null if no principal can be authenticated using the received SSO Session Id
089: */
090: protected Principal authenticate(SSOAgentRequest request) {
091:
092: String ssoSessionId = request.getSessionId();
093: if (log.isDebugEnabled())
094: log.debug("Attempting SSO Session authentication : "
095: + ssoSessionId);
096:
097: try {
098:
099: // Look up for JAAS security context configured for JOSSO.
100: CallbackHandler ch = new SSOGatewayHandler(ssoSessionId);
101: LoginContext lc = new LoginContext("josso", ch);
102:
103: // Perform login
104: lc.login();
105:
106: if (log.isDebugEnabled())
107: log.debug("SSO Session authenticated " + ssoSessionId);
108:
109: // Lookup for specific principal
110:
111: if (log.isDebugEnabled())
112: log
113: .debug("Creating new JOSSO Security Context instance");
114:
115: Subject s = lc.getSubject();
116:
117: GenericServletSSOAgentRequest r = (GenericServletSSOAgentRequest) request;
118: JOSSOSecurityContext ctx = new JOSSOSecurityContext(s);
119: r.setSecurityContext(ctx);
120:
121: return ctx.getCurrentPrincipal();
122:
123: } catch (LoginException e) {
124: log.error(e.getMessage());
125: }
126:
127: return null;
128: }
129:
130: protected void log(String message) {
131: log.debug(message);
132: }
133:
134: protected void log(String message, Throwable throwable) {
135: log.debug(message, throwable);
136: }
137: }
|