CasFilterConfigValidator.java example

Explorer

geoserver-master
- doc
  - en
    - developer
      - source
        programming-guide
        ows-services
        hello
        src
        main
        java
        HelloWorld.java
        web-ui
        ComponentInfo.java
    - user
      - source
        security
        tutorials
        ldap
        acme-ldap
        src
        main
        java
        org
        acme
        Ldap.java
- src

/* (c) 2014 Open Source Geospatial Foundation - all rights reserved
 * (c) 2001 - 2013 OpenPlans
 * This code is licensed under the GPL 2.0 license, available at the root
 * application directory.
 */

package org.geoserver.security.cas;

import java.net.MalformedURLException;
import java.net.URL;

import org.geoserver.security.GeoServerSecurityManager;
import org.geoserver.security.config.PreAuthenticatedUserNameFilterConfig;
import org.geoserver.security.config.SecurityNamedServiceConfig;
import org.geoserver.security.validation.FilterConfigException;
import org.geoserver.security.validation.FilterConfigValidator;
import org.springframework.util.StringUtils;

/**
 * Validator for Cas filter configurations
 * 
 * @author mcr
 *
 */
public class CasFilterConfigValidator extends FilterConfigValidator {

    public CasFilterConfigValidator(GeoServerSecurityManager securityManager) {
        super(securityManager);
        
    }

 
    @Override
    public void validateFilterConfig(SecurityNamedServiceConfig config) throws FilterConfigException {

        if (config instanceof CasAuthenticationFilterConfig) {
            validateCASFilterConfig((CasAuthenticationFilterConfig)config);
        } else {
            super.validateFilterConfig(config);
        }
        

    }
    
    public void validateCASFilterConfig(CasAuthenticationFilterConfig casConfig) throws FilterConfigException {
                        
        
        if (StringUtils.hasLength(casConfig.getUrlInCasLogoutPage())) {    
            try {
                new URL(casConfig.getUrlInCasLogoutPage());
            } catch (MalformedURLException ex) {
                throw  createFilterException(CasFilterConfigException.CAS_URL_IN_LOGOUT_PAGE_MALFORMED);
            }
        }
        super.validateFilterConfig( (PreAuthenticatedUserNameFilterConfig) casConfig);
        
        if (StringUtils.hasLength(casConfig.getCasServerUrlPrefix())==false)
            throw  createFilterException(CasFilterConfigException.CAS_SERVER_URL_REQUIRED);
    
        try {
            new URL(casConfig.getCasServerUrlPrefix());
        } catch (MalformedURLException ex) {
            throw  createFilterException(CasFilterConfigException.CAS_SERVER_URL_MALFORMED);
        }        
        
        if (StringUtils.hasLength(casConfig.getProxyCallbackUrlPrefix())) {
            URL callBackUrl=null;
            try {
                callBackUrl=new URL(casConfig.getProxyCallbackUrlPrefix());
            } catch (MalformedURLException ex) {
                throw  createFilterException(CasFilterConfigException.CAS_PROXYCALLBACK_MALFORMED);
            }
            if ("https".equalsIgnoreCase(callBackUrl.getProtocol())==false)
                throw  createFilterException(CasFilterConfigException.CAS_PROXYCALLBACK_NOT_HTTPS);
            
        }
       
    }
    

    protected CasFilterConfigException createFilterException (String errorid, Object ...args) {
        return new CasFilterConfigException(errorid,args);
    }
    
}