Package org.oa4mp.server.api.storage.servlet

Class AbstractAuthenticationServlet

java.lang.Object

javax.servlet.GenericServlet

javax.servlet.http.HttpServlet

edu.uiuc.ncsa.security.servlet.AbstractServlet

org.oa4mp.server.api.storage.servlet.EnvServlet

org.oa4mp.server.api.storage.servlet.OA4MPServlet

org.oa4mp.server.api.storage.servlet.AbstractAuthenticationServlet

All Implemented Interfaces:

edu.uiuc.ncsa.security.core.Logable, edu.uiuc.ncsa.security.servlet.Presentable, Serializable, javax.servlet.Servlet, javax.servlet.ServletConfig, TransactionFilter

Direct Known Subclasses:

OA2AuthenticationServer

public abstract class AbstractAuthenticationServlet
extends OA4MPServlet
implements edu.uiuc.ncsa.security.servlet.Presentable

Created by Jeff Gaynor
on 1/14/14 at 11:50 AM

See Also:

Serialized Form

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	AbstractAuthenticationServlet.AuthorizedState	State object after authorization has worked.
static class	AbstractAuthenticationServlet.MyHttpServletResponseWrapper	This class is needed to pass information between servlets, where one servlet calls another.
static class	AbstractAuthenticationServlet.UserLoginException

Field Summary

Fields

Modifier and Type	Field	Description
static int	AUTHORIZATION_ACTION_DF_CONSENT
static String	AUTHORIZATION_ACTION_DF_CONSENT_VALUE
static int	AUTHORIZATION_ACTION_DONE
static String	AUTHORIZATION_ACTION_DONE_VALUE
static String	AUTHORIZATION_ACTION_KEY
static int	AUTHORIZATION_ACTION_OK
static String	AUTHORIZATION_ACTION_OK_VALUE
static int	AUTHORIZATION_ACTION_START
static String	AUTHORIZATION_PASSWORD_KEY
static String	AUTHORIZATION_USER_NAME_KEY
static String	AUTHORIZATION_USER_NAME_VALUE
static String	ERROR_PAGE
static String	INITIAL_PAGE
static String	OK_PAGE
static String	REMOTE_USER_INITIAL_PAGE
static String	RETRY_MESSAGE

Fields inherited from class org.oa4mp.server.api.storage.servlet.OA4MPServlet

caThread, kpt, lastAccessedThread, transactionCleanup

Fields inherited from class org.oa4mp.server.api.storage.servlet.EnvServlet

ERROR_NOTIFICATION_BODY_KEY, ERROR_NOTIFICATION_SUBJECT_KEY, notificationListeners, storeUpdatesDone

Fields inherited from class edu.uiuc.ncsa.security.servlet.AbstractServlet

environment, initialization, IP_HEADERS, PING_PARAMETER

Constructor Summary

Constructors

Constructor	Description
AbstractAuthenticationServlet()

Method Summary

Modifier and Type	Method	Description
void	checkUser(String username, String password)	If OA4MP has been extended to have a native concept of a user, this is the method that is used to verify them.
abstract String	createCallback(ServiceTransaction transaction, Map<String,String> params)	This will take whatever the passed in callback from the client is and append any parameters needed.
protected void	createRedirect(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, ServiceTransaction trans)
protected abstract void	createRedirectInit(ServiceTransaction trans, String userName, String password)	Additional setup for the callback.
protected void	doIt(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
protected void	doProxy(AbstractAuthenticationServlet.AuthorizedState state)
protected ServiceTransaction	getAndCheckTransaction(String token)
protected String	getInitialPage()
protected String	getOkPage()
protected String	getParam(javax.servlet.http.HttpServletRequest request, String key)
protected String	getRemoteUserInitialPage()
static int	getState(javax.servlet.http.HttpServletRequest request)	Basically a switch statement for the auth actions, but with the special case that no action means AUTHORIZATION_ACTION_START, since that is an initial request with no state.
void	handleError(edu.uiuc.ncsa.security.servlet.PresentableState state, Throwable t)
void	prepare(edu.uiuc.ncsa.security.servlet.PresentableState state)
void	present(edu.uiuc.ncsa.security.servlet.PresentableState state)
protected void	setClientRequestAttributes(AbstractAuthenticationServlet.AuthorizedState aState)
ServiceTransaction	verifyAndGet(IssuerResponse iResponse)	This is called after the response is received so that the system can get the approproate transaction.

Methods inherited from class org.oa4mp.server.api.storage.servlet.OA4MPServlet

checkAdminClientStatus, checkClientApproval, createDebugger, destroy, getAGI, getATI, getClient, getClient, getClient, getFirstParameters, getFirstParameterValue, getGrantIDFromRequest, getServiceEnvironment, getTransaction, getTransactionByGrantID, getTransactionStore, isEmpty, loadProperties2, newTransaction, postprocess, preprocess, realStoreUpdates, say, shutdownCleanup, storeUpdates

Methods inherited from class org.oa4mp.server.api.storage.servlet.EnvServlet

addNotificationListener, loadEnvironment, processStoreCheck, removeNotificationListener

Methods inherited from class edu.uiuc.ncsa.security.servlet.AbstractServlet

checkContentType, CONST, debug, doGet, doPing, doPost, error, error, getConfigurationLoader, getEnvironment, getExceptionHandler, getInitialization, getMyLogger, getRequestIPAddress, handleException, info, init, isDebugOn, logOK, logOK, printAllParameters, printAllParameters, resetState, setConfigurationLoader, setDebugOn, setEnvironment, setExceptionHandler, setInitialization, warn

Methods inherited from class javax.servlet.http.HttpServlet

doDelete, doHead, doOptions, doPut, doTrace, getLastModified, service, service

Methods inherited from class javax.servlet.GenericServlet

getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, log, log

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

AUTHORIZATION_ACTION_KEY

public static final String AUTHORIZATION_ACTION_KEY

See Also:

Constant Field Values

AUTHORIZATION_USER_NAME_KEY

public static final String AUTHORIZATION_USER_NAME_KEY

See Also:

Constant Field Values

AUTHORIZATION_USER_NAME_VALUE

public static final String AUTHORIZATION_USER_NAME_VALUE

See Also:

Constant Field Values

AUTHORIZATION_PASSWORD_KEY

public static final String AUTHORIZATION_PASSWORD_KEY

See Also:

Constant Field Values

AUTHORIZATION_ACTION_OK_VALUE

public static final String AUTHORIZATION_ACTION_OK_VALUE

See Also:

Constant Field Values

AUTHORIZATION_ACTION_DONE_VALUE

public static final String AUTHORIZATION_ACTION_DONE_VALUE

See Also:

Constant Field Values

AUTHORIZATION_ACTION_DF_CONSENT_VALUE

public static final String AUTHORIZATION_ACTION_DF_CONSENT_VALUE

See Also:

Constant Field Values

AUTHORIZATION_ACTION_DONE

public static final int AUTHORIZATION_ACTION_DONE

See Also:

Constant Field Values

AUTHORIZATION_ACTION_DF_CONSENT

public static final int AUTHORIZATION_ACTION_DF_CONSENT

See Also:

Constant Field Values

AUTHORIZATION_ACTION_OK

public static final int AUTHORIZATION_ACTION_OK

See Also:

Constant Field Values

AUTHORIZATION_ACTION_START

public static final int AUTHORIZATION_ACTION_START

See Also:

Constant Field Values

RETRY_MESSAGE

public static final String RETRY_MESSAGE

See Also:

Constant Field Values

INITIAL_PAGE

public static String INITIAL_PAGE

REMOTE_USER_INITIAL_PAGE

public static String REMOTE_USER_INITIAL_PAGE

OK_PAGE

public static String OK_PAGE

ERROR_PAGE

public static String ERROR_PAGE

Constructor Detail

AbstractAuthenticationServlet

public AbstractAuthenticationServlet()

Method Detail

verifyAndGet

public ServiceTransaction verifyAndGet(IssuerResponse iResponse)
                                throws IOException

Description copied from class: OA4MPServlet

This is called after the response is received so that the system can get the approproate transaction. Checks for the validity of the transaction should be done here too.

Specified by:

verifyAndGet in class OA4MPServlet

Returns:

Throws:

IOException

createCallback

public abstract String createCallback(ServiceTransaction transaction,
                                      Map<String,String> params)

This will take whatever the passed in callback from the client is and append any parameters needed. Generally these parameters are protocol specific.

Parameters:

transaction -

Returns:

prepare

public void prepare(edu.uiuc.ncsa.security.servlet.PresentableState state)
             throws Throwable

Specified by:

prepare in interface edu.uiuc.ncsa.security.servlet.Presentable

Throws:

Throwable

setClientRequestAttributes

protected void setClientRequestAttributes(AbstractAuthenticationServlet.AuthorizedState aState)

getInitialPage

protected String getInitialPage()

getRemoteUserInitialPage

protected String getRemoteUserInitialPage()

getOkPage

protected String getOkPage()

doProxy

protected void doProxy(AbstractAuthenticationServlet.AuthorizedState state)
                throws Throwable

Throws:

Throwable

present

public void present(edu.uiuc.ncsa.security.servlet.PresentableState state)
             throws Throwable

Specified by:

present in interface edu.uiuc.ncsa.security.servlet.Presentable

Throws:

Throwable

handleError

public void handleError(edu.uiuc.ncsa.security.servlet.PresentableState state,
                        Throwable t)
                 throws IOException,
                        javax.servlet.ServletException

Specified by:

handleError in interface edu.uiuc.ncsa.security.servlet.Presentable

Throws:

IOException

javax.servlet.ServletException

getParam

protected String getParam(javax.servlet.http.HttpServletRequest request,
                          String key)

doIt

protected void doIt(javax.servlet.http.HttpServletRequest request,
                    javax.servlet.http.HttpServletResponse response)
             throws Throwable

Specified by:

doIt in class edu.uiuc.ncsa.security.servlet.AbstractServlet

Throws:

Throwable

getState

public static int getState(javax.servlet.http.HttpServletRequest request)

Basically a switch statement for the auth actions, but with the special case that no action means AUTHORIZATION_ACTION_START, since that is an initial request with no state.

Parameters:

request -

Returns:

getAndCheckTransaction

protected ServiceTransaction getAndCheckTransaction(String token)
                                             throws IOException

Throws:

IOException

createRedirect

protected void createRedirect(javax.servlet.http.HttpServletRequest request,
                              javax.servlet.http.HttpServletResponse response,
                              ServiceTransaction trans)
                       throws Throwable

Throws:

Throwable

createRedirectInit

protected abstract void createRedirectInit(ServiceTransaction trans,
                                           String userName,
                                           String password)

Additional setup for the callback. This is aimed at MyProxy aware services.

Parameters:

trans -

userName -

password -

checkUser

public void checkUser(String username,
                      String password)
               throws GeneralSecurityException

If OA4MP has been extended to have a native concept of a user, this is the method that is used to verify them. Normally this is only called if explicitly set and no other authorization method (such as a proxy) is configured. Therefore, the default behavior is to throw an exception, but this is where the logic has to be. To add a user, extend OA2AuthorizationServer, override this method to talk to whatever manages your users and set your servlet as the authorization endpoint.

Parameters:

username -

password -

Throws:

GeneralSecurityException