1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package edu.internet2.middleware.shibboleth.idp.authn.provider;
18
19 import java.io.IOException;
20
21 import javax.servlet.RequestDispatcher;
22 import javax.servlet.ServletException;
23 import javax.servlet.http.HttpServletRequest;
24 import javax.servlet.http.HttpServletResponse;
25
26 import org.opensaml.xml.util.DatatypeHelper;
27 import org.slf4j.Logger;
28 import org.slf4j.LoggerFactory;
29
30 import edu.internet2.middleware.shibboleth.idp.authn.LoginContext;
31 import edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper;
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46 public class ExternalAuthnSystemLoginHandler extends AbstractLoginHandler {
47
48
49 public static final String FORCE_AUTHN_PARAM = "forceAuthn";
50
51
52 public static final String PASSIVE_AUTHN_PARAM = "isPassive";
53
54
55 public static final String AUTHN_METHOD_PARAM = "authnMethod";
56
57
58 public static final String RELYING_PARTY_PARAM = "relyingParty";
59
60
61 private final Logger log = LoggerFactory.getLogger(RemoteUserLoginHandler.class);
62
63
64 private String externalAuthnPath;
65
66
67 public ExternalAuthnSystemLoginHandler() {
68 super();
69 }
70
71
72
73
74
75
76 public String getExternalAuthnPath() {
77 return externalAuthnPath;
78 }
79
80
81
82
83
84
85
86 public void setExternalAuthnPath(String path) {
87 String trimmedPath = DatatypeHelper.safeTrimOrNullString(path);
88 if (trimmedPath == null) {
89 throw new IllegalArgumentException("External Authn path may not be null or empty");
90 }
91
92 externalAuthnPath = trimmedPath;
93 }
94
95
96 public void login(HttpServletRequest httpRequest, HttpServletResponse httpResponse) {
97
98 try {
99 log.debug("Forwarding authentication request to {}", externalAuthnPath);
100 populateRequestAttributes(httpRequest);
101 RequestDispatcher dispatcher = httpRequest.getRequestDispatcher(externalAuthnPath);
102 dispatcher.forward(httpRequest, httpResponse);
103 return;
104 } catch (IOException e) {
105 log.error("Unable to forward authentication request to external authentication system.", e);
106 } catch (ServletException e) {
107 log.error("Unable to forward authentication request to external authentication system.", e);
108 }
109 }
110
111
112
113
114
115
116 protected void populateRequestAttributes(HttpServletRequest httpRequest) {
117 LoginContext loginContext = HttpServletHelper.getLoginContext(httpRequest);
118
119 if (loginContext.isForceAuthRequired()) {
120 httpRequest.setAttribute(FORCE_AUTHN_PARAM, Boolean.TRUE);
121 } else {
122 httpRequest.setAttribute(FORCE_AUTHN_PARAM, Boolean.FALSE);
123 }
124
125 if (loginContext.isPassiveAuthRequired()) {
126 httpRequest.setAttribute(PASSIVE_AUTHN_PARAM, Boolean.TRUE);
127 } else {
128 httpRequest.setAttribute(PASSIVE_AUTHN_PARAM, Boolean.FALSE);
129 }
130
131 httpRequest.setAttribute(AUTHN_METHOD_PARAM, loginContext.getAttemptedAuthnMethod());
132
133 httpRequest.setAttribute(RELYING_PARTY_PARAM, loginContext.getRelyingPartyId());
134 }
135 }