01: /*
02: * JOSSO: Java Open Single Sign-On
03: *
04: * Copyright 2004-2008, Atricore, Inc.
05: *
06: * This is free software; you can redistribute it and/or modify it
07: * under the terms of the GNU Lesser General Public License as
08: * published by the Free Software Foundation; either version 2.1 of
09: * the License, or (at your option) any later version.
10: *
11: * This software is distributed in the hope that it will be useful,
12: * but WITHOUT ANY WARRANTY; without even the implied warranty of
13: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14: * Lesser General Public License for more details.
15: *
16: * You should have received a copy of the GNU Lesser General Public
17: * License along with this software; if not, write to the Free
18: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
19: * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
20: */
21:
22: package org.josso.servlet.agent;
23:
24: import org.apache.commons.logging.Log;
25: import org.apache.commons.logging.LogFactory;
26: import org.josso.agent.Constants;
27:
28: import javax.servlet.http.HttpServletRequest;
29: import javax.servlet.http.HttpServletResponse;
30: import java.io.IOException;
31:
32: /**
33: * Generic utils to be used by partner application developres to trigger authentication process and obtain current security context.
34: *
35: * Date: Nov 29, 2007
36: * Time: 4:41:53 PM
37: *
38: * @author <a href="mailto:sgonzalez@josso.org">Sebastian Gonzalez Oyuela</a>
39: */
40: public class JOSSOGenericServletUtil {
41:
42: public static final Log log = LogFactory
43: .getLog(JOSSOGenericServletUtil.class);
44:
45: public static final String KEY_JOSSO_SAVED_REQUEST_URI = "org.josso.servlet.agent.savedRequest";
46:
47: /**
48: * Attribute key used to store current security context instance.
49: */
50: public static final String KEY_JOSSO_SECURITY_CONTEXT = "org.josso.servlet.agent.JOSSOSecurityContext";
51:
52: /**
53: * This method will redirect the user the the login page configured in the JOSSO Gateway.
54: */
55: public static void askForLogin(HttpServletRequest request,
56: HttpServletResponse response) throws IOException {
57:
58: StringBuffer sb = new StringBuffer(request.getRequestURI());
59: if (request.getQueryString() != null) {
60: sb.append('?');
61: sb.append(request.getQueryString());
62: }
63:
64: request.getSession(true).setAttribute(
65: KEY_JOSSO_SAVED_REQUEST_URI, sb.toString());
66:
67: if (log.isDebugEnabled())
68: log.debug("Storing original request : " + sb.toString());
69:
70: response.sendRedirect(request.getContextPath()
71: + Constants.JOSSO_LOGIN_URI);
72: }
73:
74: /**
75: * This method provides access to JOSSO securit context, if no context is present is because user is not authenticated.
76: *
77: * @param request
78: * @return
79: */
80: public static JOSSOSecurityContext getSecurityContext(
81: HttpServletRequest request) {
82: return (JOSSOSecurityContext) request
83: .getSession()
84: .getAttribute(
85: JOSSOGenericServletUtil.KEY_JOSSO_SECURITY_CONTEXT);
86: }
87: }
|