1 /* 2 * Copyright 2006 University Corporation for Advanced Internet Development, Inc. 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package edu.internet2.middleware.shibboleth.idp.authn.provider; 18 19 import java.io.IOException; 20 21 import javax.servlet.http.HttpServletRequest; 22 import javax.servlet.http.HttpServletResponse; 23 24 import org.slf4j.Logger; 25 import org.slf4j.LoggerFactory; 26 27 import edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper; 28 29 /** 30 * Authenticate a username and password against a JAAS source. 31 * 32 * This login handler creates a {@link javax.security.auth.Subject} and binds it to the request as described in the 33 * {@link edu.internet2.middleware.shibboleth.idp.authn.LoginHandler} documentation. If the JAAS module does not create 34 * a principal for the user a {@link edu.internet2.middleware.shibboleth.idp.authn.UsernamePrincipal} is created, using 35 * the entered username. If the <code>storeCredentialsInSubject</code> init parameter of the authentication servlet is 36 * set to true a {@link UsernamePasswordCredential} is created, based on the entered username and password, and stored 37 * in the Subject's private credentials. 38 */ 39 public class UsernamePasswordLoginHandler extends AbstractLoginHandler { 40 41 /** Class logger. */ 42 private final Logger log = LoggerFactory.getLogger(UsernamePasswordLoginHandler.class); 43 44 /** The context-relative path of the servlet used to perform authentication. */ 45 private String authenticationServletPath; 46 47 /** 48 * Constructor. 49 * 50 * @param servletPath context-relative path to the authentication servlet, may start with "/" 51 */ 52 public UsernamePasswordLoginHandler(String servletPath) { 53 super(); 54 setSupportsPassive(false); 55 setSupportsForceAuthentication(true); 56 authenticationServletPath = servletPath; 57 } 58 59 /** {@inheritDoc} */ 60 public void login(final HttpServletRequest httpRequest, final HttpServletResponse httpResponse) { 61 // forward control to the servlet. 62 try { 63 String authnServletUrl = HttpServletHelper.getContextRelativeUrl(httpRequest, authenticationServletPath) 64 .buildURL(); 65 log.debug("Redirecting to {}", authnServletUrl); 66 httpResponse.sendRedirect(authnServletUrl); 67 return; 68 } catch (IOException ex) { 69 log.error("Unable to redirect to authentication servlet.", ex); 70 } 71 72 } 73 }