SSOUtil.java :  » Portal » Open-Portal » com » sun » portal » util » Java Open Source

Java Open Source » Portal » Open Portal 
Open Portal » com » sun » portal » util » SSOUtil.java
/**
 * $Id: SSOUtil.java,v 1.7 2005/09/21 13:12:20 mg155852 Exp $
 * Copyright 2004 Sun Microsystems, Inc. All
 * rights reserved. Use of this product is subject
 * to license terms. Federal Acquisitions:
 * Commercial Software -- Government Users
 * Subject to Standard License Terms and
 * Conditions.
 *
 * Sun, Sun Microsystems, the Sun logo, and Sun ONE
 * are trademarks or registered trademarks of Sun Microsystems,
 * Inc. in the United States and other countries.
 */
package com.sun.portal.util;

import javax.security.auth.callback.Callback;
import javax.security.auth.callback.NameCallback;
import javax.security.auth.callback.PasswordCallback;

import java.net.URLDecoder;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.security.AccessController;

import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.iplanet.sso.SSOTokenManager;
import com.sun.identity.security.AdminTokenAction;
import com.sun.identity.authentication.AuthContext;
import com.sun.portal.log.common.PortalLogger;
import netscape.ldap.util.DN;


public class SSOUtil {
    private static Logger logger = PortalLogger.getLogger(SSOUtil.class);
    private static SSOTokenManager _tokenMgr = null;

    public static SSOToken getSSOToken(String strSessionId) throws Exception {

        boolean decode = true;

        String cookieEncode = com.iplanet.am.util.SystemProperties.get("com.iplanet.am.cookie.encode");
        if (cookieEncode.equals("false"))
            decode = false;
        logger.log(Level.FINE, "Value of the AMConfig encode property = " + cookieEncode + " decoding cookies = "
                + decode);

        if (decode)
            return getSSOTokenNoDecode(URLDecoder.decode(strSessionId));
        else
            return getSSOTokenNoDecode(strSessionId);
    }

    public static SSOToken getSSOTokenThrowExceptionToClient(String strSessionId) throws Exception {

        boolean decode = true;

        String cookieEncode = com.iplanet.am.util.SystemProperties.get("com.iplanet.am.cookie.encode");
        if (cookieEncode.equals("false"))
            decode = false;
        logger.log(Level.FINE, "Value of the AMConfig encode property = " + cookieEncode + " decoding cookies = "
                + decode);

        if (decode)
            return getSSOTokenNoDecodeX(URLDecoder.decode(strSessionId));
        else
            return getSSOTokenNoDecodeX(strSessionId);
    }

    public static SSOToken getSSOTokenNoDecode(String strSessionId) throws Exception {

        try {
            return getSSOTokenNoDecodeX(strSessionId);
        } catch (SSOException ssoEx) {
            // Thread.currentThread().dumpStack();
            logger.log(Level.SEVERE, "PSSR_CSPU069", ssoEx );
            throw ssoEx;
        } catch (Exception e) {
            // Thread.currentThread().dumpStack();
            logger.log(Level.SEVERE, "PSSR_CSPU070", e);
            throw e;
        }

    }

    public static SSOToken getSSOTokenNoDecodeX(String strSessionId) throws SSOException {
        SSOToken ssoToken = null;
        SSOTokenManager ssoTokenManager = SSOTokenManager.getInstance();
        ssoToken = ssoTokenManager.createSSOToken(strSessionId);
        if (!ssoTokenManager.isValidToken(ssoToken)) {
            throw new SSOException("SSOToken creation suceeded , but it is not valid");
        }
        return ssoToken;
    }

    /**
     * New way to obtain AdminSSOToken
     * @return
     */

    public static SSOToken getAdminSSOToken(){
        return (SSOToken) AccessController.doPrivileged(AdminTokenAction.getInstance());
    }

    /**
     * This method is written to replace deprecated createSSOToken()
     * method of SSOTokenManager.
     * @param uid
     * @param password
     * @return
     * @throws SSOException
     */
    public static SSOToken createSSOToken(final String uid, String password) throws SSOException {
        /*  This implementation is returning SSOToken which expires after time
        passing of "Maximum Idle Time:" as specified in AM
        Replacing this with old way of obtaining SSOToken.

        SSOToken amSSOToken = null;
        AuthContext lc = null;

        try {
        lc = new AuthContext("/");
        //IndexName is intentionally coded as Application
        //By doing so, the SSOToken created for authlessannonymous
        //user should never expire.
        lc.login(AuthContext.IndexType.MODULE_INSTANCE, "Application");
        } catch (Exception e) {
        throw new SSOException(e);
        }

        Callback[] callbacks = null;
        // get information requested from module
        while (lc.hasMoreRequirements()) {
        callbacks = lc.getRequirements();
        if (callbacks != null) {
        try {
        for (int i = 0; i < callbacks.length; i++) {
        if (callbacks[i] instanceof NameCallback) {
        NameCallback nc = (NameCallback) callbacks[i];
        nc.setName(uid);
        } else if (callbacks[i] instanceof PasswordCallback) {
        PasswordCallback pc = (PasswordCallback) callbacks[i];
        pc.setPassword(password.toCharArray());
        }
        }
        lc.submitRequirements(callbacks);
        } catch (Exception e) {
        throw new SSOException(e);
        }
        }
        }

        if (lc.getStatus() == AuthContext.Status.SUCCESS) {
        try {
        amSSOToken = lc.getSSOToken();
        return amSSOToken;
        } catch (Exception e) {
        throw new SSOException(e);
        }
        } else if (lc.getStatus() == AuthContext.Status.FAILED) {
        throw new SSOException("ldap authentication failed");
        }
        return amSSOToken;
        */
        SSOTokenManager ssom = getSSOTokenManager();
        //Following is deprecated.
        SSOToken token = ssom.createSSOToken(new java.security.Principal() {
            public String getName() {
                return uid;
            }
        }, password);
        return token;
    }

    /**
     * This method is written to replace deprecated createSSOToken()
     * method of SSOTokenManager.
     *
     * @param uid
     * @param password
     * @return
     * @throws SSOException
     */
    public static SSOToken createSSOToken(String uid, String password,
                                          String orgDN) throws SSOException {

        SSOToken amSSOToken = null;
        AuthContext lc = null;
        String userName = null;
        
        DN dn = new DN(uid);
        String[] RDN = dn.explodeDN(true);
        if (RDN != null && RDN.length > 0) {
            userName = RDN[0];
        } else {
            userName = uid;
        }

        try {
            lc = new AuthContext(orgDN);
            //IndexName is intentionally coded as Application
            //By doing so, the SSOToken created for authlessannonymous 
            //user should never expire.
            lc.login(AuthContext.IndexType.MODULE_INSTANCE, "Application");
        } catch (Exception e) {
            throw new SSOException(e);
        }

        Callback[] callbacks = null;
        // get information requested from module
        while (lc.hasMoreRequirements()) {
            callbacks = lc.getRequirements();
            if (callbacks != null) {
                try {
                    for (int i = 0; i < callbacks.length; i++) {
                        if (callbacks[i] instanceof NameCallback) {
                            NameCallback nc = (NameCallback) callbacks[i];
                            nc.setName(userName);
                        } else if (callbacks[i] instanceof PasswordCallback) {
                            PasswordCallback pc = (PasswordCallback) callbacks[i];
                            pc.setPassword(password.toCharArray());
                        }
                    }
                    lc.submitRequirements(callbacks);
                } catch (Exception e) {
                    throw new SSOException(e);
                }
            }
        }

        if (lc.getStatus() == AuthContext.Status.SUCCESS) {
            try {
                amSSOToken = lc.getSSOToken();
                return amSSOToken;
            } catch (Exception e) {
                throw new SSOException(e);
            }
        } else if (lc.getStatus() == AuthContext.Status.FAILED) {
            throw new SSOException("ldap authentication failed");
        }
        return amSSOToken;
    }

    protected static SSOTokenManager getSSOTokenManager() throws SSOException {
        if (_tokenMgr == null) {
            _tokenMgr = SSOTokenManager.getInstance();
            if (_tokenMgr == null) {
                throw new SSOException("SSOUtil.getSSOTokenMgr(): "
                        + "Failed to get SSOTokenManager. ");
            }
        }

        return _tokenMgr;
    }
}

java2s.com  | Contact Us | Privacy Policy
Copyright 2009 - 12 Demo Source and Support. All rights reserved.
All other trademarks are property of their respective owners.