Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
OATS-CADC
ac
Commits
6b4fabc1
Commit
6b4fabc1
authored
Apr 28, 2016
by
Brian Major
Browse files
t72959 - added scope parameter to login servlet
parent
efc84b5d
Changes
1
Show whitespace changes
Inline
Side-by-side
cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/LoginServlet.java
View file @
6b4fabc1
...
...
@@ -69,10 +69,14 @@
package
ca.nrc.cadc.ac.server.web
;
import
java.io.IOException
;
import
java.net.URI
;
import
java.net.URISyntaxException
;
import
java.security.AccessControlException
;
import
java.security.Principal
;
import
java.security.PrivilegedActionException
;
import
java.security.PrivilegedExceptionAction
;
import
java.util.Calendar
;
import
java.util.GregorianCalendar
;
import
javax.security.auth.Subject
;
import
javax.servlet.ServletConfig
;
...
...
@@ -92,8 +96,10 @@ import ca.nrc.cadc.ac.server.PluginFactory;
import
ca.nrc.cadc.ac.server.UserPersistence
;
import
ca.nrc.cadc.ac.server.ldap.LdapGroupPersistence
;
import
ca.nrc.cadc.auth.AuthenticatorImpl
;
import
ca.nrc.cadc.auth.DelegationToken
;
import
ca.nrc.cadc.auth.HttpPrincipal
;
import
ca.nrc.cadc.auth.SSOCookieManager
;
import
ca.nrc.cadc.date.DateUtil
;
import
ca.nrc.cadc.log.ServletLogInfo
;
import
ca.nrc.cadc.net.TransientException
;
import
ca.nrc.cadc.util.StringUtil
;
...
...
@@ -152,6 +158,7 @@ public class LoginServlet<T extends Principal> extends HttpServlet
log
.
info
(
logInfo
.
start
());
String
userID
=
request
.
getParameter
(
"username"
);
String
password
=
request
.
getParameter
(
"password"
);
String
scope
=
request
.
getParameter
(
"scope"
);
if
(
userID
==
null
||
userID
.
length
()
==
0
)
throw
new
IllegalArgumentException
(
"Missing username"
);
...
...
@@ -174,9 +181,31 @@ public class LoginServlet<T extends Principal> extends HttpServlet
(!
StringUtil
.
hasText
(
proxyUser
)
&&
userPersistence
.
doLogin
(
userID
,
password
)))
{
String
token
=
new
SSOCookieManager
().
generate
(
new
HttpPrincipal
(
userID
,
proxyUser
));
String
token
=
null
;
HttpPrincipal
p
=
new
HttpPrincipal
(
userID
,
proxyUser
);
if
(
scope
!=
null
)
{
// This cookie will be scope to a certain URI,
// such as a VOSpace node
URI
uri
=
null
;
try
{
uri
=
new
URI
(
scope
);
}
catch
(
URISyntaxException
e
)
{
throw
new
IllegalArgumentException
(
"Invalid scope: "
+
scope
);
}
final
Calendar
expiryDate
=
new
GregorianCalendar
(
DateUtil
.
UTC
);
expiryDate
.
add
(
Calendar
.
HOUR
,
SSOCookieManager
.
SSO_COOKIE_LIFETIME_HOURS
);
DelegationToken
dt
=
new
DelegationToken
(
p
,
uri
,
expiryDate
.
getTime
());
token
=
DelegationToken
.
format
(
dt
);
}
else
{
token
=
new
SSOCookieManager
().
generate
(
p
);
}
response
.
setContentType
(
CONTENT_TYPE
);
response
.
setContentLength
(
token
.
length
());
response
.
getWriter
().
write
(
token
);
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment