CasProcessingFilterEntryPoint xref

View Javadoc

1   /* Copyright 2004 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  
16  package org.acegisecurity.ui.cas;
17  
18  import org.acegisecurity.AuthenticationException;
19  import org.acegisecurity.intercept.web.AuthenticationEntryPoint;
20  
21  import org.springframework.beans.factory.InitializingBean;
22  import org.springframework.util.Assert;
23  
24  import java.io.IOException;
25  
26  import java.net.URLEncoder;
27  
28  import javax.servlet.ServletException;
29  import javax.servlet.ServletRequest;
30  import javax.servlet.ServletResponse;
31  import javax.servlet.http.HttpServletResponse;
32  
33  
34  /***
35   * Used by the <code>SecurityEnforcementFilter</code> to commence
36   * authentication via the Yale Central Authentication Service (CAS).
37   * 
38   * <P>
39   * The user's browser will be redirected to the Yale CAS enterprise-wide login
40   * page. This page is specified by the <code>loginUrl</code> property. Once
41   * login is complete, the CAS login page will redirect to the page indicated
42   * by the <code>service</code> property. The <code>service</code> is a HTTP
43   * URL belonging to the current application. The <code>service</code> URL is
44   * monitored by the {@link CasProcessingFilter}, which will validate the CAS
45   * login was successful.
46   * </p>
47   *
48   * @author Ben Alex
49   * @version $Id: CasProcessingFilterEntryPoint.java,v 1.5 2005/11/17 00:55:49 benalex Exp $
50   */
51  public class CasProcessingFilterEntryPoint implements AuthenticationEntryPoint,
52      InitializingBean {
53      //~ Instance fields ========================================================
54  
55      private ServiceProperties serviceProperties;
56      private String loginUrl;
57  
58      //~ Methods ================================================================
59  
60      public void setLoginUrl(String loginUrl) {
61          this.loginUrl = loginUrl;
62      }
63  
64      /***
65       * The enterprise-wide CAS login URL. Usually something like
66       * <code>https://www.mycompany.com/cas/login</code>.
67       *
68       * @return the enterprise-wide CAS login URL
69       */
70      public String getLoginUrl() {
71          return loginUrl;
72      }
73  
74      public void setServiceProperties(ServiceProperties serviceProperties) {
75          this.serviceProperties = serviceProperties;
76      }
77  
78      public ServiceProperties getServiceProperties() {
79          return serviceProperties;
80      }
81  
82      public void afterPropertiesSet() throws Exception {
83          Assert.hasLength(loginUrl, "loginUrl must be specified");
84          Assert.notNull(serviceProperties, "serviceProperties must be specified");
85      }
86  
87      public void commence(ServletRequest request, ServletResponse response,
88          AuthenticationException authenticationException)
89          throws IOException, ServletException {
90          String url;
91  
92          if (serviceProperties.isSendRenew()) {
93              url = loginUrl + "?renew=true" + "&service="
94                  + serviceProperties.getService();
95          } else {
96              url = loginUrl + "?service="
97                  + URLEncoder.encode(serviceProperties.getService(), "UTF-8");
98          }
99  
100         ((HttpServletResponse) response).sendRedirect(url);
101     }
102 }