1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18 package edu.internet2.middleware.shibboleth.idp.authn.provider;
19
20 import java.io.IOException;
21
22 import javax.servlet.RequestDispatcher;
23 import javax.servlet.ServletException;
24 import javax.servlet.http.HttpServletRequest;
25 import javax.servlet.http.HttpServletResponse;
26
27 import org.opensaml.xml.util.DatatypeHelper;
28 import org.slf4j.Logger;
29 import org.slf4j.LoggerFactory;
30
31 import edu.internet2.middleware.shibboleth.idp.authn.LoginContext;
32 import edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper;
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47 public class ExternalAuthnSystemLoginHandler extends AbstractLoginHandler {
48
49
50 public static final String FORCE_AUTHN_PARAM = "forceAuthn";
51
52
53 public static final String PASSIVE_AUTHN_PARAM = "isPassive";
54
55
56 public static final String AUTHN_METHOD_PARAM = "authnMethod";
57
58
59 public static final String RELYING_PARTY_PARAM = "relyingParty";
60
61
62 private final Logger log = LoggerFactory.getLogger(RemoteUserLoginHandler.class);
63
64
65 private String externalAuthnPath;
66
67
68 public ExternalAuthnSystemLoginHandler() {
69 super();
70 }
71
72
73
74
75
76
77 public String getExternalAuthnPath() {
78 return externalAuthnPath;
79 }
80
81
82
83
84
85
86
87 public void setExternalAuthnPath(String path) {
88 String trimmedPath = DatatypeHelper.safeTrimOrNullString(path);
89 if (trimmedPath == null) {
90 throw new IllegalArgumentException("External Authn path may not be null or empty");
91 }
92
93 externalAuthnPath = trimmedPath;
94 }
95
96
97 public void login(HttpServletRequest httpRequest, HttpServletResponse httpResponse) {
98
99 try {
100 log.debug("Forwarding authentication request to {}", externalAuthnPath);
101 populateRequestAttributes(httpRequest);
102 RequestDispatcher dispatcher = httpRequest.getRequestDispatcher(externalAuthnPath);
103 dispatcher.forward(httpRequest, httpResponse);
104 return;
105 } catch (IOException e) {
106 log.error("Unable to forward authentication request to external authentication system.", e);
107 } catch (ServletException e) {
108 log.error("Unable to forward authentication request to external authentication system.", e);
109 }
110 }
111
112
113
114
115
116
117 protected void populateRequestAttributes(HttpServletRequest httpRequest) {
118 LoginContext loginContext = HttpServletHelper.getLoginContext(httpRequest);
119
120 if (loginContext.isForceAuthRequired()) {
121 httpRequest.setAttribute(FORCE_AUTHN_PARAM, Boolean.TRUE);
122 } else {
123 httpRequest.setAttribute(FORCE_AUTHN_PARAM, Boolean.FALSE);
124 }
125
126 if (loginContext.isPassiveAuthRequired()) {
127 httpRequest.setAttribute(PASSIVE_AUTHN_PARAM, Boolean.TRUE);
128 } else {
129 httpRequest.setAttribute(PASSIVE_AUTHN_PARAM, Boolean.FALSE);
130 }
131
132 httpRequest.setAttribute(AUTHN_METHOD_PARAM, loginContext.getAttemptedAuthnMethod());
133
134 httpRequest.setAttribute(RELYING_PARTY_PARAM, loginContext.getRelyingPartyId());
135 }
136 }