Loading cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/LoginServlet.java +32 −3 Original line number Diff line number Diff line Loading @@ -69,10 +69,14 @@ package ca.nrc.cadc.ac.server.web; import java.io.IOException; import java.net.URI; import java.net.URISyntaxException; import java.security.AccessControlException; import java.security.Principal; import java.security.PrivilegedActionException; import java.security.PrivilegedExceptionAction; import java.util.Calendar; import java.util.GregorianCalendar; import javax.security.auth.Subject; import javax.servlet.ServletConfig; Loading @@ -92,8 +96,10 @@ import ca.nrc.cadc.ac.server.PluginFactory; import ca.nrc.cadc.ac.server.UserPersistence; import ca.nrc.cadc.ac.server.ldap.LdapGroupPersistence; import ca.nrc.cadc.auth.AuthenticatorImpl; import ca.nrc.cadc.auth.DelegationToken; import ca.nrc.cadc.auth.HttpPrincipal; import ca.nrc.cadc.auth.SSOCookieManager; import ca.nrc.cadc.date.DateUtil; import ca.nrc.cadc.log.ServletLogInfo; import ca.nrc.cadc.net.TransientException; import ca.nrc.cadc.util.StringUtil; Loading Loading @@ -152,6 +158,7 @@ public class LoginServlet<T extends Principal> extends HttpServlet log.info(logInfo.start()); String userID = request.getParameter("username"); String password = request.getParameter("password"); String scope = request.getParameter("scope"); if (userID == null || userID.length() == 0) throw new IllegalArgumentException("Missing username"); Loading @@ -174,9 +181,31 @@ public class LoginServlet<T extends Principal> extends HttpServlet (!StringUtil.hasText(proxyUser) && userPersistence.doLogin(userID, password))) { String token = new SSOCookieManager().generate( new HttpPrincipal(userID, proxyUser)); String token = null; HttpPrincipal p = new HttpPrincipal(userID, proxyUser); if (scope != null) { // This cookie will be scope to a certain URI, // such as a VOSpace node URI uri = null; try { uri = new URI(scope); } catch (URISyntaxException e) { throw new IllegalArgumentException("Invalid scope: " + scope); } final Calendar expiryDate = new GregorianCalendar(DateUtil.UTC); expiryDate.add(Calendar.HOUR, SSOCookieManager.SSO_COOKIE_LIFETIME_HOURS); DelegationToken dt = new DelegationToken(p, uri, expiryDate.getTime()); token = DelegationToken.format(dt); } else { token = new SSOCookieManager().generate(p); } response.setContentType(CONTENT_TYPE); response.setContentLength(token.length()); response.getWriter().write(token); Loading Loading
cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/LoginServlet.java +32 −3 Original line number Diff line number Diff line Loading @@ -69,10 +69,14 @@ package ca.nrc.cadc.ac.server.web; import java.io.IOException; import java.net.URI; import java.net.URISyntaxException; import java.security.AccessControlException; import java.security.Principal; import java.security.PrivilegedActionException; import java.security.PrivilegedExceptionAction; import java.util.Calendar; import java.util.GregorianCalendar; import javax.security.auth.Subject; import javax.servlet.ServletConfig; Loading @@ -92,8 +96,10 @@ import ca.nrc.cadc.ac.server.PluginFactory; import ca.nrc.cadc.ac.server.UserPersistence; import ca.nrc.cadc.ac.server.ldap.LdapGroupPersistence; import ca.nrc.cadc.auth.AuthenticatorImpl; import ca.nrc.cadc.auth.DelegationToken; import ca.nrc.cadc.auth.HttpPrincipal; import ca.nrc.cadc.auth.SSOCookieManager; import ca.nrc.cadc.date.DateUtil; import ca.nrc.cadc.log.ServletLogInfo; import ca.nrc.cadc.net.TransientException; import ca.nrc.cadc.util.StringUtil; Loading Loading @@ -152,6 +158,7 @@ public class LoginServlet<T extends Principal> extends HttpServlet log.info(logInfo.start()); String userID = request.getParameter("username"); String password = request.getParameter("password"); String scope = request.getParameter("scope"); if (userID == null || userID.length() == 0) throw new IllegalArgumentException("Missing username"); Loading @@ -174,9 +181,31 @@ public class LoginServlet<T extends Principal> extends HttpServlet (!StringUtil.hasText(proxyUser) && userPersistence.doLogin(userID, password))) { String token = new SSOCookieManager().generate( new HttpPrincipal(userID, proxyUser)); String token = null; HttpPrincipal p = new HttpPrincipal(userID, proxyUser); if (scope != null) { // This cookie will be scope to a certain URI, // such as a VOSpace node URI uri = null; try { uri = new URI(scope); } catch (URISyntaxException e) { throw new IllegalArgumentException("Invalid scope: " + scope); } final Calendar expiryDate = new GregorianCalendar(DateUtil.UTC); expiryDate.add(Calendar.HOUR, SSOCookieManager.SSO_COOKIE_LIFETIME_HOURS); DelegationToken dt = new DelegationToken(p, uri, expiryDate.getTime()); token = DelegationToken.format(dt); } else { token = new SSOCookieManager().generate(p); } response.setContentType(CONTENT_TYPE); response.setContentLength(token.length()); response.getWriter().write(token); Loading
