List of usage examples for org.springframework.security.cas ServiceProperties DEFAULT_CAS_ARTIFACT_PARAMETER
String DEFAULT_CAS_ARTIFACT_PARAMETER
To view the source code for org.springframework.security.cas ServiceProperties DEFAULT_CAS_ARTIFACT_PARAMETER.
Click Source Link
From source file:org.georchestra.security.Proxy.java
/** * Main entry point for methods where the request path is encoded in the * path of the URL/*from ww w . ja va 2s . co m*/ */ private void handlePathEncodedRequests(HttpServletRequest request, HttpServletResponse response, RequestType requestType) { try { String contextPath = request.getServletPath() + request.getContextPath(); String forwardRequestURI = buildForwardRequestURL(request); logger.debug("handlePathEncodedRequests: -- Handling Request: " + requestType + ":" + forwardRequestURI + " from: " + request.getRemoteAddr()); String sURL = findTarget(forwardRequestURI); if (sURL == null) { response.sendError(404); return; } URL url; try { url = new URL(sURL); } catch (MalformedURLException e) { throw new MalformedURLException(sURL + " is not a valid URL"); } boolean sameHostAndPort = false; try { sameHostAndPort = isSameHostAndPort(request, url); } catch (UnknownHostException e) { logger.error("Unknown host in requested URL", e); response.sendError(503); return; } if (sameHostAndPort && (isRecursiveCallToProxy(forwardRequestURI, contextPath) || isRecursiveCallToProxy(url.getPath(), contextPath))) { response.sendError(403, forwardRequestURI + " is a recursive call to this service. That is not a legal request"); } if (request.getQueryString() != null && !isFormContentType(request)) { StringBuilder query = new StringBuilder("?"); Enumeration paramNames = request.getParameterNames(); boolean needCasValidation = false; while (paramNames.hasMoreElements()) { String name = (String) paramNames.nextElement(); String[] values = request.getParameterValues(name); for (String string : values) { if (query.length() > 1) { query.append('&'); } // special case: if we have a ticket parameter and no // authentication principal, we need to validate/open // the session against CAS server if ((request.getUserPrincipal() == null) && (name.equals(ServiceProperties.DEFAULT_CAS_ARTIFACT_PARAMETER))) { needCasValidation = true; } else { query.append(name); query.append('='); query.append(URLEncoder.encode(string, "UTF-8")); } } } sURL += query; if ((needCasValidation) && (urlIsProtected(request, new URL(sURL)))) { // loginUrl: sends a redirect to the client with a ?login (or &login if other arguments) // since .*login patterns are protected by the SP, this would trigger an authentication // onto CAS (which should succeed if the user is already connected onto the platform). String loginUrl = String.format("%s%s%s", request.getPathInfo(), query, "login"); redirectStrategy.sendRedirect(request, response, loginUrl); return; } } handleRequest(request, response, requestType, sURL, true); } catch (IOException e) { logger.error("Error connecting to client", e); } }