View Javadoc

1   /*
2    * Copyright 2006 University Corporation for Advanced Internet Development, Inc.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package edu.internet2.middleware.shibboleth.idp.authn.provider;
18  
19  import java.io.IOException;
20  
21  import javax.servlet.http.HttpServletRequest;
22  import javax.servlet.http.HttpServletResponse;
23  
24  import org.slf4j.Logger;
25  import org.slf4j.LoggerFactory;
26  
27  import edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper;
28  
29  /**
30   * Authenticate a username and password against a JAAS source.
31   * 
32   * This login handler creates a {@link javax.security.auth.Subject} and binds it to the request as described in the
33   * {@link edu.internet2.middleware.shibboleth.idp.authn.LoginHandler} documentation. If the JAAS module does not create
34   * a principal for the user a {@link edu.internet2.middleware.shibboleth.idp.authn.UsernamePrincipal} is created, using
35   * the entered username. If the <code>storeCredentialsInSubject</code> init parameter of the authentication servlet is
36   * set to true a {@link UsernamePasswordCredential} is created, based on the entered username and password, and stored
37   * in the Subject's private credentials.
38   */
39  public class UsernamePasswordLoginHandler extends AbstractLoginHandler {
40  
41      /** Class logger. */
42      private final Logger log = LoggerFactory.getLogger(UsernamePasswordLoginHandler.class);
43  
44      /** The context-relative path of the servlet used to perform authentication. */
45      private String authenticationServletPath;
46  
47      /**
48       * Constructor.
49       * 
50       * @param servletPath context-relative path to the authentication servlet, may start with "/"
51       */
52      public UsernamePasswordLoginHandler(String servletPath) {
53          super();
54          setSupportsPassive(false);
55          setSupportsForceAuthentication(true);
56          authenticationServletPath = servletPath;
57      }
58  
59      /** {@inheritDoc} */
60      public void login(final HttpServletRequest httpRequest, final HttpServletResponse httpResponse) {
61          // forward control to the servlet.
62          try {
63              String authnServletUrl = HttpServletHelper.getContextRelativeUrl(httpRequest, authenticationServletPath)
64                      .buildURL();
65              log.debug("Redirecting to {}", authnServletUrl);
66              httpResponse.sendRedirect(authnServletUrl);
67              return;
68          } catch (IOException ex) {
69              log.error("Unable to redirect to authentication servlet.", ex);
70          }
71  
72      }
73  }