Package org.gatein.sso.agent.opensso

Class OpenSSOAgentImpl

java.lang.Object

org.gatein.sso.agent.GenericAgent

org.gatein.sso.agent.opensso.OpenSSOAgentImpl

All Implemented Interfaces:

OpenSSOAgent

public class OpenSSOAgentImpl
extends GenericAgent
implements OpenSSOAgent

Author:

Sohil Shah

Field Summary

Fields

Modifier and Type	Field	Description
static final String	IN_RESPONSE_TO_ATTR

Fields inherited from class org.gatein.sso.agent.GenericAgent

AUTHENTICATED_CREDENTIALS

Constructor Summary

Constructors

Constructor	Description
OpenSSOAgentImpl(org.exoplatform.container.xml.InitParams params)

Method Summary

Modifier and Type	Method	Description
protected String	getSubject(String token)
protected boolean	isTokenValid(String token)
protected Properties	loadAttributes(String response)
void	setCookieName(String cookieName)
void	setServerUrl(String serverUrl)
protected boolean	tryMessageFromCDC(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse)	This method is useful only for Cross-Domain (CD) authentication scenario when GateIn and OpenSSO are in different DNS domains and they can't share cookie.
protected void	validateCDMessageContext(javax.servlet.http.HttpServletRequest httpRequest, org.gatein.sso.agent.opensso.CDMessageContext context)	Validation of various criterias in CDMessageContext
void	validateTicket(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse)

Methods inherited from class org.gatein.sso.agent.GenericAgent

getContainer, getUserPrincipal, saveSSOCredentials

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

IN_RESPONSE_TO_ATTR

public static final String IN_RESPONSE_TO_ATTR

See Also:

• Constant Field Values

Constructor Details

OpenSSOAgentImpl

public OpenSSOAgentImpl(org.exoplatform.container.xml.InitParams params)

Method Details

setCookieName

public void setCookieName(String cookieName)

Specified by:

setCookieName in interface OpenSSOAgent

setServerUrl

public void setServerUrl(String serverUrl)

Specified by:

setServerUrl in interface OpenSSOAgent

validateTicket

public void validateTicket(javax.servlet.http.HttpServletRequest httpRequest,
 javax.servlet.http.HttpServletResponse httpResponse)
                    throws Exception

Specified by:

validateTicket in interface OpenSSOAgent

Throws:

Exception

tryMessageFromCDC

protected boolean tryMessageFromCDC(javax.servlet.http.HttpServletRequest httpRequest,
 javax.servlet.http.HttpServletResponse httpResponse)
                             throws IOException

This method is useful only for Cross-Domain (CD) authentication scenario when GateIn and OpenSSO are in different DNS domains and they can't share cookie. It performs:

• Parse and validate message from OpenSSO CDCServlet.
• Use ssoToken from parsed message and establish OpenSSO cookie iPlanetDirectoryPro
• Redirects to InitiateLoginFilter but with cookie established. So in next request, we can perform agent validation against OpenSSO server

Parameters:

httpRequest -

httpResponse -

Returns:

true if parameter LARES with message from CDC is present in HttpServletRequest

Throws:

IOException

validateCDMessageContext

protected void validateCDMessageContext(javax.servlet.http.HttpServletRequest httpRequest,
 org.gatein.sso.agent.opensso.CDMessageContext context)

Validation of various criterias in CDMessageContext

Parameters:

httpRequest -

context -

isTokenValid

protected boolean isTokenValid(String token)
                        throws Exception

Throws:

Exception

getSubject

protected String getSubject(String token)
                     throws Exception

Throws:

Exception

loadAttributes

protected Properties loadAttributes(String response)
                             throws Exception

Throws:

Exception