/* * (C) Copyright 2006-2009 Nuxeo SA (http://nuxeo.com/) and others. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * * Contributors: * Nuxeo - initial API and implementation * Academie de Rennes - proxy CAS support * * $Id: JOOoConvertPluginImpl.java 18651 2007-05-13 20:28:53Z sfermigier $ */ package org.nuxeo.ecm.platform.ui.web.auth.cas2; import java.io.IOException; import java.util.HashMap; import java.util.Map; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.nuxeo.common.utils.URIUtils; import org.nuxeo.ecm.platform.ui.web.auth.NXAuthConstants; import org.nuxeo.ecm.platform.ui.web.auth.interfaces.NuxeoAuthenticationPlugin; import org.nuxeo.ecm.platform.ui.web.auth.plugins.AnonymousAuthenticator; import org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService; import org.nuxeo.runtime.api.Framework; /** * Anonymous authenticator that redirect logout to CAS server authentication to connect to nuxeo. * * @author Benjamin JALON */ public class AnonymousAuthenticatorForCAS2 extends AnonymousAuthenticator { protected static final Log log = LogFactory.getLog(AnonymousAuthenticatorForCAS2.class); protected Cas2Authenticator casAuthenticator; @Override public Boolean handleLogout(HttpServletRequest httpRequest, HttpServletResponse httpResponse) { boolean isRedirectionToCas = false; Cookie[] cookies = httpRequest.getCookies(); for (Cookie cookie : cookies) { if (NXAuthConstants.SSO_INITIAL_URL_REQUEST_KEY.equals(cookie.getName())) { isRedirectionToCas = true; break; } } if (isRedirectionToCas) { String authURL = getCas2Authenticator().getServiceURL(httpRequest, Cas2Authenticator.LOGIN_ACTION); String appURL = getCas2Authenticator().getAppURL(httpRequest); try { Map<String, String> urlParameters = new HashMap<String, String>(); urlParameters.put("service", appURL); String location = URIUtils.addParametersToURIQuery(authURL, urlParameters); httpResponse.sendRedirect(location); return true; } catch (IOException e) { log.error("Unable to redirect to CAS logout screen:", e); return false; } } return super.handleLogout(httpRequest, httpResponse); } public Cas2Authenticator getCas2Authenticator() { if (casAuthenticator != null) { return casAuthenticator; } PluggableAuthenticationService service = (PluggableAuthenticationService) Framework.getRuntime().getComponent( PluggableAuthenticationService.NAME); if (service == null) { log.error("Can't get PluggableAuthenticationService"); return null; } NuxeoAuthenticationPlugin plugin = service.getPlugin("CAS2_AUTH"); if (plugin == null) { log.error("Can't get Cas Authenticator from PluggableAuthenticationService"); } casAuthenticator = (Cas2Authenticator) plugin; return casAuthenticator; } }