View Javadoc

1   /*
2    * Licensed to the University Corporation for Advanced Internet Development, 
3    * Inc. (UCAID) under one or more contributor license agreements.  See the 
4    * NOTICE file distributed with this work for additional information regarding
5    * copyright ownership. The UCAID licenses this file to You under the Apache 
6    * License, Version 2.0 (the "License"); you may not use this file except in 
7    * compliance with the License.  You may obtain a copy of the License at
8    *
9    *    http://www.apache.org/licenses/LICENSE-2.0
10   *
11   * Unless required by applicable law or agreed to in writing, software
12   * distributed under the License is distributed on an "AS IS" BASIS,
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   * See the License for the specific language governing permissions and
15   * limitations under the License.
16   */
17  
18  package edu.internet2.middleware.shibboleth.idp.authn.provider;
19  
20  import javax.servlet.http.HttpServletRequest;
21  import javax.servlet.http.HttpServletResponse;
22  
23  import org.opensaml.saml2.core.AuthnContext;
24  import org.opensaml.xml.util.DatatypeHelper;
25  import org.slf4j.Logger;
26  import org.slf4j.LoggerFactory;
27  
28  import edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine;
29  import edu.internet2.middleware.shibboleth.idp.authn.LoginHandler;
30  import edu.internet2.middleware.shibboleth.idp.session.Session;
31  
32  /** Login handler that is called when user is logged in under a previously existing session. */
33  public class PreviousSessionLoginHandler extends AbstractLoginHandler {
34      
35      /** Class logger. */
36      private final Logger log = LoggerFactory.getLogger(PreviousSessionLoginHandler.class);
37  
38      /** The path of the servlet to which the user agent may be redirected. */
39      private String servletPath;
40  
41      /** Whether to report the authentication method as PreviousSession. */
42      private boolean reportPreviousSessionAuthnMethod;
43  
44      /** Constructor. */
45      public PreviousSessionLoginHandler() {
46          super();
47          servletPath = null;
48          setSupportsPassive(true);
49          setSupportsForceAuthentication(false);
50      }
51  
52      /**
53       * Get the path of the servlet to which the user agent may be redirected.
54       * 
55       * @return path of the servlet to which the user agent may be redirected
56       * 
57       * @deprecated
58       */
59      public String getServletPath() {
60          return servletPath;
61      }
62  
63      /**
64       * Set the path of the servlet to which the user agent may be redirected.
65       * 
66       * @param path path of the servlet to which the user agent may be redirected
67       * 
68       * @deprecated
69       */
70      public void setServletPath(String path) {
71          servletPath = DatatypeHelper.safeTrimOrNullString(path);
72      }
73  
74      /**
75       * Gets whether to use PreviousSession as the users authentication method.
76       * 
77       * @return whether to use PreviousSession as the users authentication method
78       */
79      public boolean reportPreviousSessionAuthnMethod() {
80          return reportPreviousSessionAuthnMethod;
81      }
82  
83      /**
84       * Sets whether to use PreviousSession as the users authentication method.
85       * 
86       * @param report whether to use PreviousSession as the users authentication method
87       */
88      public void setReportPreviousSessionAuthnMethod(boolean report) {
89          reportPreviousSessionAuthnMethod = report;
90      }
91  
92      /** {@inheritDoc} */
93      public boolean supportsPassive() {
94          if (servletPath == null) {
95              return true;
96          }
97  
98          return super.supportsPassive();
99      }
100 
101     /** {@inheritDoc} */
102     public void login(HttpServletRequest httpRequest, HttpServletResponse httpResponse) {
103         if (reportPreviousSessionAuthnMethod) {
104             httpRequest.setAttribute(LoginHandler.AUTHENTICATION_METHOD_KEY, AuthnContext.PREVIOUS_SESSION_AUTHN_CTX);
105         }
106         
107         Session idpSession = (Session) httpRequest.getAttribute(Session.HTTP_SESSION_BINDING_ATTRIBUTE);
108         if(idpSession == null){
109             log.warn("No existing IdP session available.");
110             httpRequest.setAttribute(LoginHandler.AUTHENTICATION_ERROR_KEY, "No existing IdP session available");
111         }else{
112             log.debug("Using existing IdP session for {}", idpSession.getPrincipalName());
113             httpRequest.setAttribute(LoginHandler.PRINCIPAL_NAME_KEY, idpSession.getPrincipalName());
114         }
115 
116         AuthenticationEngine.returnToAuthenticationEngine(httpRequest, httpResponse);
117     }
118 }