View Javadoc

1   /*
2    * Copyright 2008 University Corporation for Advanced Internet Development, Inc.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package edu.internet2.middleware.shibboleth.idp.authn.provider;
18  
19  import javax.servlet.http.HttpServletRequest;
20  import javax.servlet.http.HttpServletResponse;
21  
22  import org.opensaml.saml2.core.AuthnContext;
23  import org.opensaml.xml.util.DatatypeHelper;
24  import org.slf4j.Logger;
25  import org.slf4j.LoggerFactory;
26  
27  import edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine;
28  import edu.internet2.middleware.shibboleth.idp.authn.LoginHandler;
29  import edu.internet2.middleware.shibboleth.idp.session.Session;
30  
31  /** Login handler that is called when user is logged in under a previously existing session. */
32  public class PreviousSessionLoginHandler extends AbstractLoginHandler {
33      
34      /** Class logger. */
35      private final Logger log = LoggerFactory.getLogger(PreviousSessionLoginHandler.class);
36  
37      /** The path of the servlet to which the user agent may be redirected. */
38      private String servletPath;
39  
40      /** Whether to report the authentication method as PreviousSession. */
41      private boolean reportPreviousSessionAuthnMethod;
42  
43      /** Constructor. */
44      public PreviousSessionLoginHandler() {
45          super();
46          servletPath = null;
47          setSupportsPassive(true);
48          setSupportsForceAuthentication(false);
49      }
50  
51      /**
52       * Get the path of the servlet to which the user agent may be redirected.
53       * 
54       * @return path of the servlet to which the user agent may be redirected
55       * 
56       * @deprecated
57       */
58      public String getServletPath() {
59          return servletPath;
60      }
61  
62      /**
63       * Set the path of the servlet to which the user agent may be redirected.
64       * 
65       * @param path path of the servlet to which the user agent may be redirected
66       * 
67       * @deprecated
68       */
69      public void setServletPath(String path) {
70          servletPath = DatatypeHelper.safeTrimOrNullString(path);
71      }
72  
73      /**
74       * Gets whether to use PreviousSession as the users authentication method.
75       * 
76       * @return whether to use PreviousSession as the users authentication method
77       */
78      public boolean reportPreviousSessionAuthnMethod() {
79          return reportPreviousSessionAuthnMethod;
80      }
81  
82      /**
83       * Sets whether to use PreviousSession as the users authentication method.
84       * 
85       * @param report whether to use PreviousSession as the users authentication method
86       */
87      public void setReportPreviousSessionAuthnMethod(boolean report) {
88          reportPreviousSessionAuthnMethod = report;
89      }
90  
91      /** {@inheritDoc} */
92      public boolean supportsPassive() {
93          if (servletPath == null) {
94              return true;
95          }
96  
97          return super.supportsPassive();
98      }
99  
100     /** {@inheritDoc} */
101     public void login(HttpServletRequest httpRequest, HttpServletResponse httpResponse) {
102         if (reportPreviousSessionAuthnMethod) {
103             httpRequest.setAttribute(LoginHandler.AUTHENTICATION_METHOD_KEY, AuthnContext.PREVIOUS_SESSION_AUTHN_CTX);
104         }
105         
106         Session idpSession = (Session) httpRequest.getAttribute(Session.HTTP_SESSION_BINDING_ATTRIBUTE);
107         if(idpSession == null){
108             log.warn("No existing IdP session available.");
109             httpRequest.setAttribute(LoginHandler.AUTHENTICATION_ERROR_KEY, "No existing IdP session available");
110         }else{
111             log.debug("Using existing IdP session for {}", idpSession.getPrincipalName());
112             httpRequest.setAttribute(LoginHandler.PRINCIPAL_NAME_KEY, idpSession.getPrincipalName());
113         }
114 
115         AuthenticationEngine.returnToAuthenticationEngine(httpRequest, httpResponse);
116     }
117 }