001: /*
002: * $Id: BasicAuthentication.java,v 1.15 2005/11/30 11:27:20 ss150821 Exp $
003: * $Source: /m/portal/ps/srap/src/com/sun/portal/rproxy/connectionhandler/BasicAuthentication.java,v $
004: * $Log: BasicAuthentication.java,v $
005: * Revision 1.15 2005/11/30 11:27:20 ss150821
006: * 6356996 - Srap Code base needs to save files in the unix file format and not windows
007: *
008: * Revision 1.14 2005/02/25 09:44:12 ss150821
009: * RFE 6223490 - SRA Should use JDK based logging, changed to start throwing the full stacktrace for the exception in the logs
010: *
011: * Revision 1.13 2005/02/24 07:36:43 ss150821
012: * RFE 6223490 - SRA Should use JDK based logging
013: *
014: * Revision 1.12 2005/02/23 09:15:03 ss150821
015: * RFE 6223490 - SRA Should use JDK based logging
016: *
017: * Revision 1.11 2004/11/18 09:53:15 ss150821
018: * Bug #6195816 - Significant performance degradation when Gateway Logging (Identity) Enabled on the SRA
019: *
020: * Revision 1.10 2004/07/27 12:55:00 vt126379
021: * RFE#5075809, CRT#99
022: *
023: * Revision 1.9 2003/08/05 13:51:15 mm132998
024: * Encrypt Basic Auth SSO passwords
025: *
026: * Revision 1.8 2003/07/10 14:07:50 mm132998
027: * no message
028: *
029: * Revision 1.7 2003/07/10 14:06:10 mm132998
030: * no message
031: *
032: * Revision 1.6 2003/03/13 14:06:03 mm132998
033: * Bug Id's : 4783937 , 4821960 , 4809307, 4828938
034: *
035: * Revision 1.5 2002/11/22 11:28:35 bv131302
036: * CRT#2052 - using the same session ID
037: *
038: * Revision 1.4 2002/10/17 12:38:31 bv131302
039: * bringing some early changes of appserver_branch into the tip
040: *
041: * Revision 1.3 2002/06/21 13:04:13 bv131302
042: * LDAP Attribute name changes
043: *
044: * Revision 1.2 2002/06/19 11:40:50 mm132998
045: * Bug ID : 4644755,4644757,4644759 Hana CRT : 393 , Desc : Lihue PRD : 7.6.1 , 7.6.2 and 7.6.3
046: *
047: * Revision 1.1 2002/06/14 09:53:50 rt130506
048: * SRAP rebranding
049: *
050: * Revision 1.6 2002/06/11 16:02:03 bv131302
051: * new branded
052: *
053: * Revision 1.5 2002/05/22 11:14:37 mm132998
054: * iDSAME related changes (lowercasing attributes) , CRT - 1145
055: *
056: * Revision 1.4 2002/05/13 06:22:23 mm132998
057: * Perf related modifications
058: *
059: * Revision 1.3 2002/03/01 06:38:43 mm132998
060: * Bug ID : 4644755,4644757,4644759 Hana CRT : 393 , Desc : Lihue PRD : 7.6.1 , 7.6.2 and 7.6.3
061: *
062: *
063: */
064: /*
065: * BasicAuthentication.java
066: *
067: * $Author: ss150821 $
068: *
069: * $Date: 2005/11/30 11:27:20 $ $Revision: 1.15 $
070: *
071: * Copyright (c) 1996 Sun Microsystems, Inc. All Rights Reserved.
072: *
073: * Developed by SunPS and SunIR
074: */
075:
076: package com.sun.portal.rproxy.connectionhandler;
077:
078: import java.util.HashSet;
079: import java.util.Iterator;
080: import java.util.List;
081: import java.util.ListIterator;
082: import java.util.StringTokenizer;
083: import java.util.Vector;
084: import java.util.logging.Level;
085: import java.util.logging.Logger;
086:
087: import com.iplanet.sso.SSOException;
088: import com.iplanet.sso.SSOToken;
089: import com.sun.portal.cli.cert.JSSUtil;
090: import com.sun.portal.cli.cert.SRADecoderException;
091: import com.sun.portal.log.common.PortalLogger;
092: import com.sun.portal.rproxy.configservlet.client.UserProfile;
093: import com.sun.portal.util.SSOUtil;
094:
095: public class BasicAuthentication {
096:
097: // Lihue PRD - 7.6.3
098: private final static String HOST_ALREADY_DONE_LIST = "list-Hosts-Basic-Authentication-Done";
099:
100: // private static Logger logger =
101: // Logger.getLogger("com.sun.portal.sra.rproxy");
102: private static Logger logger = PortalLogger
103: .getLogger(BasicAuthentication.class);
104:
105: public static boolean getPassword(Request req,
106: String destinationHost)
107: // EOC :: Lihue PRD - 7.6.3
108: {
109: String password = null;
110:
111: if (destinationHost == null) {
112: return false;
113: }
114:
115: try {
116: String sid = req.getSessionID();
117: if (sid == null)
118: return false;
119: // System.out.println("\n\nBefore sesid - "+sid);
120: // sid = java.net.URLDecoder.decode(sid).trim();
121: // System.out.println("sesid - "+sid);
122: UserProfile _userProfile = new UserProfile(sid);
123: // Lihue PRD - 7.6.1
124: String destHost = destinationHost.trim().toLowerCase();
125: boolean doSSO = _userProfile.getBoolean(
126: "sunPortalGatewayEnableSSO", true);
127:
128: if (!doSSO) {
129: return false;
130: }
131: // End of Code : Lihue PRD - 7.6.1
132: // Lihue PRD - 7.6.2
133: List disableList = _userProfile
134: .getStringList("sunPortalGatewayWWWDisableSSOHostList");
135: if (disableList != null && disableList.size() > 0) {
136: Iterator iter = disableList.iterator();
137: Object nextEle;
138: String host;
139: while (iter.hasNext()) {
140: nextEle = iter.next();
141: if (nextEle != null) {
142: host = nextEle.toString().trim().toLowerCase();
143: if (host.equals(destHost)) {
144: // In case we need exhaustive check :-)
145: // if (destHost.startsWith(host) ||
146: // host.startsWith(destHost)) {
147: return false;
148: }
149: }
150: }
151: }
152: // End of Code : Lihue PRD - 7.6.2
153: // Lihue PRD - 7.6.3
154: boolean doSSOPerSess = _userProfile.getBoolean(
155: "sunPortalGatewayWWWDoSSOPerSession", false);
156:
157: if (doSSOPerSess) {
158: try {
159: // SSOTokenManager ssoTokenManager =
160: // SSOTokenManager.getInstance();
161: // SSOToken ssoToken = ssoTokenManager.createSSOToken(sid);
162: SSOToken ssoToken = SSOUtil.getSSOToken(sid);
163: String hostsDone = ssoToken
164: .getProperty(HOST_ALREADY_DONE_LIST);
165:
166: if (hostsDone != null) {
167: hostsDone = hostsDone.trim();
168: if (hostsDone.length() > 0) {
169: StringTokenizer st = new StringTokenizer(
170: hostsDone, "|");
171: String hostName;
172: StringBuffer passwdList = new StringBuffer();
173: while (st.hasMoreElements()) {
174: hostName = st.nextToken();
175: if (hostName.equals(destHost)) {
176: req.setRequestHeader(
177: "Authorization", st
178: .nextToken().trim()
179: + "\r\n");
180: return true;
181: }
182: // no need for this password
183: st.nextToken();
184: }
185: }
186: }
187: } catch (SSOException ex) {
188: // logger.log(Level.SEVERE, "Exception getting User
189: // attribute from Session ", ex);
190: logger.log(Level.SEVERE,
191: "PSSRRPROXY_CSPRCONHNDLR004", ex);
192: } finally {
193: return false;
194: }
195: }
196: // End of Code : Lihue PRD - 7.6.3
197: List _list = _userProfile
198: .getStringList("sunPortalGatewayWWWAuthorization");
199: for (Iterator it = _list.iterator(); it.hasNext();) {
200: String tmp = (String) it.next();
201: try {
202: tmp = JSSUtil.decryptPassword(tmp).getPassword();
203: } catch (SRADecoderException syEx) {
204: }
205: StringTokenizer st = new StringTokenizer(tmp, "|");
206: String url = st.nextToken().trim();
207: if (url.compareTo(destinationHost) == 0) {
208: password = st.nextToken().trim();
209: break;
210: }
211: }
212: } catch (Exception ex) {
213: // ex.printStackTrace();
214: return false;
215: }
216:
217: if (password == null) {
218: return false;
219: }
220:
221: req.setRequestHeader("Authorization", password + "\r\n");
222: return true;
223: }
224:
225: public static void storePassword(Request req, String destinationHost) {
226:
227: String authorization = req.getRequestHeader("Authorization")
228: .trim();
229: // System.out.println("Storing password " + authorization + " for : " +
230: // destinationHost);
231: String password;
232:
233: if (destinationHost == null) {
234: return;
235: }
236: String destHost = null;
237: if (authorization == null) {
238: return;
239: } else {
240: destHost = destinationHost.trim().toLowerCase();
241: password = destHost + "|" + authorization;
242: }
243:
244: try {
245: // SessionID sid = new SessionID(req.getSessionID());
246: String sid = req.getSessionID();
247: // sid = java.net.URLDecoder.decode(sid).trim();
248: UserProfile profile = new UserProfile(sid);
249: // Lihue PRD - 7.6.1
250: boolean doSSO = profile.getBoolean(
251: "sunPortalGatewayEnableSSO", true);
252: // System.out.println("doSSO : " + doSSO);
253:
254: if (!doSSO) {
255: return;
256: }
257: // End of Code : Lihue PRD - 7.6.1
258: // Lihue PRD - 7.6.2
259: List disableList = profile
260: .getStringList("sunPortalGatewayWWWDisableSSOHostList");
261: // System.out.println("disableList : " + disableList);
262: if (disableList != null && destinationHost != null) {
263: Iterator iter = disableList.iterator();
264: Object nextEle;
265: while (iter.hasNext()) {
266: nextEle = iter.next();
267: if (nextEle != null) {
268: String host = nextEle.toString().trim()
269: .toLowerCase();
270: if (host.equals(destHost)) {
271: // In case we need exhaustive check :-)
272: // if (destHost.startsWith(host) ||
273: // host.startsWith(destHost)) {
274: return;
275: }
276: }
277: }
278: }
279: // End of Code : Lihue PRD - 7.6.2
280: // Lihue PRD - 7.6.3
281: boolean doSSOPerSess = profile.getBoolean(
282: "sunPortalGatewayWWWDoSSOPerSession", false);
283: // System.out.println("doSSOPerSess : " + doSSOPerSess);
284: if (doSSOPerSess) {
285: try {
286: // SSOTokenManager ssoTokenManager =
287: // SSOTokenManager.getInstance();
288: // SSOToken ssoToken = ssoTokenManager.createSSOToken(sid);
289: SSOToken ssoToken = SSOUtil.getSSOToken(sid);
290: String hostsDone = ssoToken
291: .getProperty(HOST_ALREADY_DONE_LIST);
292: if (hostsDone != null) {
293: hostsDone = hostsDone.trim();
294: boolean found = false;
295: if (hostsDone.length() > 0) {
296: StringTokenizer st = new StringTokenizer(
297: hostsDone, "|");
298: String hostName;
299: StringBuffer passwdList = new StringBuffer();
300: while (st.hasMoreElements()) {
301: hostName = st.nextToken();
302: if (found) {
303: if (st.hasMoreElements()) {
304: passwdList.append(hostName)
305: .append("|").append(
306: st.nextToken())
307: .append("|");
308: }
309: } else if (hostName.equals(destHost)) {
310: found = true;
311: if (st.hasMoreElements()) {
312: st.nextToken();
313: }
314: } else {
315: if (st.hasMoreElements()) {
316: passwdList.append(hostName)
317: .append("|").append(
318: st.nextToken())
319: .append("|");
320: }
321: }
322: }
323: passwdList.append(password);
324: hostsDone = passwdList.toString();
325: } else {
326: hostsDone = password;
327: }
328: } else {
329: hostsDone = password;
330: }
331: ssoToken.setProperty(HOST_ALREADY_DONE_LIST,
332: hostsDone);
333: } catch (SSOException ex) {
334: }
335:
336: return;
337: }
338: // End of Code : Lihue PRD - 7.6.3
339: Vector passwordVector = new Vector();
340: try {
341: passwordVector.add(JSSUtil.encryptPassword(password));
342: } catch (SRADecoderException syEx) {
343: passwordVector.add(password);
344: }
345: // Enumeration ee = (Enumeration)
346: // profile.getAttribute("iwtUser-WWW-Authorization");
347: List list = profile
348: .getStringList("sunPortalGatewayWWWAuthorization");
349: String pass = null;
350: String host = null;
351: String auth;
352: StringTokenizer st;
353: if (list != null) {
354: ListIterator iter = list.listIterator();
355:
356: while (iter.hasNext()) {
357: pass = (String) iter.next();
358: try {
359: pass = JSSUtil.decryptPassword(pass)
360: .getPassword();
361: } catch (SRADecoderException syEx) {
362: }
363:
364: st = new StringTokenizer(pass, "|");
365: host = st.nextToken().trim();
366: auth = st.nextToken().trim();
367:
368: if (host.equalsIgnoreCase(destinationHost)) {
369: if (authorization.equals(auth)) {
370: // System.out.println("auth already present : " +
371: // auth);
372: return;
373: }
374: } else {
375: try {
376: passwordVector.add(JSSUtil
377: .encryptPassword(pass));
378: } catch (SRADecoderException syEx) {
379: passwordVector.add(pass);
380: }
381: }
382: }
383: }
384:
385: // profile.setAttribute("iwtUser-WWW-Authorization",
386: // passwordVector.elements(), Profile.NEW);
387: // profile.store(true);
388: // Create a set out of the Vector and send it
389: UserProfile.setAttributes(profile.getSessionID(),
390: "sunPortalGatewayWWWAuthorization", new HashSet(
391: passwordVector));
392: } catch (Exception ex) {
393: // ex.printStackTrace();
394: // logger.log(Level.SEVERE, "Cannot store in profile", ex);
395: logger.log(Level.SEVERE, "PSSRRPROXY_CSPRCONHNDLR005", ex);
396: }
397: }
398: }
|