You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lenya.apache.org by ja...@apache.org on 2008/03/20 10:42:41 UTC
svn commit: r639225 -
/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/shibboleth/ShibbolethAuthenticator.java
Author: jann
Date: Thu Mar 20 02:42:40 2008
New Revision: 639225
URL: http://svn.apache.org/viewvc?rev=639225&view=rev
Log:
Use proxy settings ssl=true to get the login uri for shibboleth authentication
Modified:
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/shibboleth/ShibbolethAuthenticator.java
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/shibboleth/ShibbolethAuthenticator.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/shibboleth/ShibbolethAuthenticator.java?rev=639225&r1=639224&r2=639225&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/shibboleth/ShibbolethAuthenticator.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/shibboleth/ShibbolethAuthenticator.java Thu Mar 20 02:42:40 2008
@@ -30,6 +30,8 @@
import org.apache.avalon.framework.configuration.ConfigurationException;
import org.apache.avalon.framework.service.ServiceException;
import org.apache.avalon.framework.service.ServiceSelector;
+import org.apache.cocoon.environment.Context;
+import org.apache.cocoon.environment.ObjectModelHelper;
import org.apache.cocoon.environment.Request;
import org.apache.cocoon.environment.http.HttpEnvironment;
import org.apache.lenya.ac.AccessControlException;
@@ -50,12 +52,17 @@
import org.apache.lenya.ac.saml.AttributeTranslator;
import org.apache.lenya.ac.saml.UserFieldsMapper;
import org.apache.lenya.cms.cocoon.components.context.ContextUtility;
+import org.apache.lenya.cms.publication.Proxy;
+import org.apache.lenya.cms.publication.Publication;
+import org.apache.lenya.cms.publication.PublicationFactory;
+import org.apache.lenya.cms.publication.URLInformation;
import org.apache.lenya.util.ServletHelper;
import org.apache.shibboleth.AssertionConsumerService;
import org.apache.shibboleth.AttributeRequestService;
import org.apache.shibboleth.impl.AssertionConsumerServiceImpl;
import org.opensaml.SAMLBrowserProfile.BrowserProfileResponse;
+
/**
* <p>
* Shibboleth-based authenticator.
@@ -194,7 +201,7 @@
/**
* Passes the attributes from the <em>samlAttributes</em> parameter to the <em>user</em>
- * object. The {@link AttributeTranslator}Êservice is used to translate the attributes. The
+ * object. The {@link AttributeTranslator}�service is used to translate the attributes. The
* name and e-mail attributes are extracted using the {@link UserFieldsMapper}.
* @param user
* @param samlAttributes
@@ -262,7 +269,7 @@
* This method returns the URI which displays the login screen:
* </p>
* <ul>
- * <li>If the configuration option {@link #REDIRECT_TO_WAYF}Êis set to <code>true</code> and
+ * <li>If the configuration option {@link #REDIRECT_TO_WAYF}�is set to <code>true</code> and
* the request points to a page which is only protected by rules, we assume that the Shibboleth
* authentication shall be used and return the URL which redirects to the WAYF server.</li>
* <li>Otherwise, the Lenya login usecase URL is returned.</li>
@@ -270,9 +277,36 @@
* @return A string.
* @see org.apache.lenya.ac.impl.UserAuthenticator#getLoginUri(org.apache.cocoon.environment.Request)
*/
- public String getLoginUri(Request request) {
+ public String getLoginUri(Request request) {
if (this.redirectToWayf && isOnlyRuleProtected(request)) {
- return request.getRequestURI() + "?lenya.usecase=shibboleth&lenya.step=wayf";
+ ContextUtility contextUtil = null;
+ String proxyUrl;
+ try {
+ contextUtil = (ContextUtility) this.manager.lookup(ContextUtility.ROLE);
+ Context context = ObjectModelHelper.getContext(contextUtil.getObjectModel());
+ String servletContextPath = context.getRealPath("");
+ String webappUrl = ServletHelper.getWebappURI(request);
+ URLInformation info = new URLInformation(webappUrl);
+ String pubId = info.getPublicationId();
+ Publication pub = PublicationFactory.getPublication(pubId, servletContextPath);
+
+ String area = info.getArea();
+ Proxy proxy = pub.getProxy(area, true);
+ if (proxy != null) {
+ String prefix = "/" + pubId + "/" + area;
+ String areaUrl = webappUrl.substring(prefix.length());
+ proxyUrl = proxy.getUrl() + areaUrl;
+ } else {
+ proxyUrl = request.getContextPath() + webappUrl;
+ }
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ } finally {
+ if (contextUtil != null) {
+ this.manager.release(contextUtil);
+ }
+ }
+ return proxyUrl + "?lenya.usecase=shibboleth&lenya.step=wayf";
} else {
return super.getLoginUri(request);
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@lenya.apache.org
For additional commands, e-mail: commits-help@lenya.apache.org