001: /*
002: * JOSSO: Java Open Single Sign-On
003: *
004: * Copyright 2004-2008, Atricore, Inc.
005: *
006: * This is free software; you can redistribute it and/or modify it
007: * under the terms of the GNU Lesser General Public License as
008: * published by the Free Software Foundation; either version 2.1 of
009: * the License, or (at your option) any later version.
010: *
011: * This software is distributed in the hope that it will be useful,
012: * but WITHOUT ANY WARRANTY; without even the implied warranty of
013: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
014: * Lesser General Public License for more details.
015: *
016: * You should have received a copy of the GNU Lesser General Public
017: * License along with this software; if not, write to the Free
018: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
019: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
020: */
021:
022: package org.josso.wls92.agent;
023:
024: import org.apache.commons.logging.Log;
025: import org.apache.commons.logging.LogFactory;
026: import org.josso.agent.AbstractSSOAgent;
027: import org.josso.agent.SSOAgentRequest;
028: import org.josso.servlet.agent.GenericServletSSOAgentRequest;
029: import weblogic.servlet.security.ServletAuthentication;
030:
031: import javax.security.auth.login.LoginException;
032: import java.security.Principal;
033:
034: /**
035: * Weblogic SSO Agent implementation, it will create Weblogic security context.
036: *
037: *
038: * Date: Nov 27, 2007
039: * Time: 11:08:18 AM
040: *
041: * @author <a href="mailto:sgonzalez@josso.org">Sebastian Gonzalez Oyuela</a>
042: */
043: public class WLSSSOAgent extends AbstractSSOAgent {
044:
045: private static Log logger = LogFactory.getLog(WLSSSOAgent.class);
046:
047: protected Principal authenticate(SSOAgentRequest request) {
048:
049: if (logger.isDebugEnabled())
050: logger.debug("Authenticating SSO Agent request ... ");
051:
052: try {
053: GenericServletSSOAgentRequest r = (GenericServletSSOAgentRequest) request;
054: String ssoSessionId = r.getSessionId();
055:
056: int result = ServletAuthentication.login(ssoSessionId,
057: ssoSessionId, r.getRequest(), r.getResponse());
058:
059: if (logger.isDebugEnabled())
060: logger.debug("Authenticating SSO Agent request : "
061: + result);
062:
063: if (result == ServletAuthentication.AUTHENTICATED) {
064:
065: Principal p = this .getSSOIdentityManager()
066: .findUserInSession(ssoSessionId);
067:
068: if (logger.isDebugEnabled())
069: logger.debug("WLS Principal is " + p.getName());
070:
071: System.out.println("WLS Principal is " + p.getName());
072:
073: return p;
074: }
075:
076: } catch (LoginException e) {
077: logger.warn(e.getMessage());
078:
079: if (logger.isDebugEnabled())
080: logger.debug(e, e);
081: return null;
082: } catch (Exception e) {
083: logger.error(e.getMessage());
084: if (logger.isDebugEnabled())
085: logger.debug(e, e);
086: return null;
087: }
088:
089: return null;
090:
091: }
092:
093: /**
094: * Log messages to common logging infrastructrue
095: * @param message
096: */
097: protected void log(String message) {
098: // TODO : Can we use a BEA Logger ?!
099: logger.info(message);
100: }
101:
102: /**
103: * Log messages to common logging infrastructrue
104: * @param message
105: */
106: protected void log(String message, Throwable throwable) {
107: logger.info(message, throwable);
108: }
109: }
|