Source Code Cross Referenced for StrongLoginAction.java in  » Authentication-Authorization » josso-1.7 » org » josso » gateway » signon » Java Source Code / Java DocumentationJava Source Code and Java Documentation

01:        /*
02:         * JOSSO: Java Open Single Sign-On
03:         *
04:         * Copyright 2004-2008, Atricore, Inc.
05:         *
06:         * This is free software; you can redistribute it and/or modify it
07:         * under the terms of the GNU Lesser General Public License as
08:         * published by the Free Software Foundation; either version 2.1 of
09:         * the License, or (at your option) any later version.
10:         *
11:         * This software is distributed in the hope that it will be useful,
12:         * but WITHOUT ANY WARRANTY; without even the implied warranty of
13:         * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14:         * Lesser General Public License for more details.
15:         *
16:         * You should have received a copy of the GNU Lesser General Public
17:         * License along with this software; if not, write to the Free
18:         * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
19:         * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
20:         */
21:        package org.josso.gateway.signon;
22:
23:        import org.apache.commons.logging.Log;
24:        import org.apache.commons.logging.LogFactory;
25:        import org.josso.auth.Credential;
26:        import org.josso.auth.exceptions.SSOAuthenticationException;
27:        import org.josso.gateway.SSOGateway;
28:
29:        import javax.servlet.http.HttpServletRequest;
30:        import java.security.cert.X509Certificate;
31:
32:        /**
33:         * Strong Authentication Struts Action which instantiates the Credentials using the
34:         * X.509 Certificate provided in the Http Request.
35:         *
36:         * @author <a href="mailto:gbrigand@josso.org">Gianluca Brigandi</a>
37:         * @version CVS $Id: StrongLoginAction.java 508 2008-02-18 13:32:29Z sgonzalez $
38:         */
39:
40:        public class StrongLoginAction extends LoginAction {
41:
42:            private static final Log logger = LogFactory
43:                    .getLog(StrongLoginAction.class);
44:
45:            /**
46:             * Obtain the X.509 Certificate from the Request.
47:             * <p/>
48:             * In order for strong authentication to work, the SSL connection must be established
49:             * in client authentication mode, so that client certificates are sent to the server.
50:             *
51:             * @param request
52:             * @throws SSOAuthenticationException
53:             */
54:            protected Credential[] getCredentials(HttpServletRequest request)
55:                    throws SSOAuthenticationException {
56:
57:                String cipherSuite = (String) request
58:                        .getAttribute("javax.servlet.request.cipher_suite");
59:
60:                if (cipherSuite != null) {
61:                    X509Certificate certChain[] =
62:
63:                    (X509Certificate[]) request
64:                            .getAttribute("javax.servlet.request.X509Certificate");
65:
66:                    if (certChain != null && certChain.length >= 1) {
67:                        SSOGateway g = getSSOGateway();
68:                        Credential x509_certificate = g.newCredential(
69:                                "strong-authentication", "userCertificate",
70:                                certChain[0]);
71:                        Credential[] c = { x509_certificate };
72:
73:                        return c;
74:                    } else
75:                        logger.error("No X.509 Certificate Received");
76:                } else
77:                    logger
78:                            .error("An SSL Connection is Required to perform Strong Authentication");
79:
80:                return new Credential[0];
81:            }
82:        }