/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: AmFilter.java,v 1.8 2009/05/26 22:47:58 leiming Exp $
*
*/
/**
* Portions Copyrighted 2012 ForgeRock Inc
*/
/**
* The <code>AmFilter</code> is the service class for the filter module.
* This class provides the necessary functions needed to enforce J2EE as
* well as URL policies for various resources in the protected application.
*/
implements IAmFilter, IFilterConfigurationConstants
{
/**
* Constructs an <code>AmFilter</code> instance with the filter mode set
* to the specified filter mode.
*
* @param manager the <code>Manager</code> of the containing subsystem
* @param filterMode the filter mode identifier in which this instance will
* operate in
* @throws AgentException if the instance fails to initialze
*/
super(manager);
}
// Initialize various handlers
if (isLogMessageEnabled()) {
logMessage("AmFilter: The following inbound task handlers are "
logMessage("AmFilter: The following self-redriect task handlers are"
logMessage("AmFilter: The following result handlers are active"
logMessage("AmFilter initialized");
}
}
/**
* Determines if access to the requested resource should be allowed or any
* other corrective action needs to be taken in case the request is a
* special request such as a notification, or lacks the necessary
* credentials. The return value of <code>AmFilterResult</code> carries
* the necessary information regarding what action must be taken for this
* request including any ncessary redirects or error codes that must be
* sent to the client from where this request originated.
*
* @param request the incoming <code>HttpServletRequest</code>
* @param response the incoming <code>HttpServletResponse</code>
*
* @return an <code>AmFilterResult</code> instance which indicates what
* specific action must be taken in order to fulfill this request.
*/
{
if(isLogMessageEnabled()) {
logMessage("AmFilter: incoming request => "
}
} else {
}
// First: Process the task handlers
try {
result = new AmFilterResult(
} else {
}
logError("AmFilter: An error occurred while processing request. "
+ "Access will be denied.", th);
}
// Now: Process the result task handlers
if (isLogMessageEnabled()) {
logMessage("AmFilter: result => "
}
// If verified session associate with request, propagate it down
if (ctx.isAuthenticated()) {
}
return result;
}
throws AgentException
{
int index = 0;
try {
if (isLogMessageEnabled()) {
logMessage("AmFilter: now processing: "
}
index++;
} catch (AgentServerErrorException ase) {
} catch (AgentSSOException assoe) {
if (isLogMessageEnabled()) {
logMessage("AmFilter: user SSO Token is invalid. "
+ assoe.getMessage()
+ ". Redirect to authentication page.");
}
logError("AmFilter: Error while delegating to inbound"
+ ", access will be denied", ex);
}
}
}
return result;
}
{
int index = 0;
try {
if (isLogMessageEnabled()) {
logMessage("AmFilter: now processing: "
}
throw new AgentException("Result handler invocation " +
"failed." );
}
index++;
logError("AmFilter: Error while delegating to result handler: "
+ ", access will be denied", ex);
}
}
// Final sanity check
logError("AmFilter: Failed to process request: no result available "
+ "access will be denied.");
}
return result;
}
/**
* This method constructs and returns an instance of
* <code>AmFilterResult</code> which can be used to redirect the request to
* its original destination.
*
* @param ctx the <code>AmFilterRequestContext</code> which carries the
* information pertaining to the request that is currently being processed.
*
* @return an <code>AmFilterResult</code> that can be used to redirect the
* request back to its destination thereby making a roundtrip before passing
* the request to the downstream application.
*/
{
int index = 0;
try {
index++;
logError("Error while delegating to self-redirect handler: "
+ ", access will be denied", ex);
}
}
ctx.getDestinationURL());
}
return result;
}
}
if (isLogMessageEnabled()) {
logMessage("AmFilter: Applicable result handlers are: "
+ handlers);
}
if (isLogMessageEnabled()) {
}
}
}
}
if (isLogMessageEnabled()) {
logMessage("AmFilter: For the current configuration, there are "
+ " active self-redirect task handlers");
}
}
if (isLogMessageEnabled()) {
logMessage("AmFilter: Applicable self-redirect handlers: "
+ handlers);
}
if (isLogMessageEnabled()) {
}
}
}
}
if (isLogMessageEnabled()) {
logMessage("AmFilter: For the current configuration, there are "
+ " active self-redirect task handlers");
}
}
if (isLogMessageEnabled()) {
}
if (isLogMessageEnabled()) {
}
}
}
}
if (isLogMessageEnabled()) {
logMessage("AmFilter: For the current configuration, there are "
}
}
return _selfRedirectTaskHandler;
}
}
return _inboundTaskHandler;
}
}
}
} else {
}
}
}
return _resultHandler;
}
if (isCDSSOEnabled()) {
} else {
}
}
protected boolean isCDSSOEnabled() {
return _cdssoEnabledFlag;
}
if (isLogMessageEnabled()) {
}
}
return _ssoContext;
}
if (isLogMessageEnabled()) {
}
}
throws AgentException
{
boolean isPrioritized = getConfigurationBoolean(
boolean probeEnabled = getConfigurationBoolean(
CONFIG_LOGIN_URL_PROBE_ENABLED, true);
long timeout = getConfigurationLong(
CONFIG_LOGIN_URL_PROBE_TIMEOUT, 2000);
}
throws AgentException
{
boolean isPrioritized = getConfigurationBoolean(
boolean probeEnabled = getConfigurationBoolean(
CONFIG_LOGOUT_URL_PROBE_ENABLED, true);
long timeout = getConfigurationLong(
CONFIG_LOGOUT_URL_PROBE_TIMEOUT, 2000);
}
if (isLogMessageEnabled()) {
logMessage("AmFilter: login url failover helper: "
}
}
if (isLogMessageEnabled()) {
logMessage("AmFilter: logout url failover helper: "
}
}
return _loginURLFailoverHelper;
}
return _logoutURLFailoverHelper;
}
return _redirectParameterName;
}
if (isLogMessageEnabled()) {
logMessage("AmFilter: redirect parameter name is set to: "
}
}
private void initFormLoginList() {
}
return _formLoginList;
}
if (isLogMessageEnabled()) {
}
}
return getManager().getApplicationConfigurationString(
}
}
}
}
return _filterMode;
}
_filterMode = mode;
if (isLogMessageEnabled()) {
}
}
}
return result;
}
}
return result;
}
int result = _agentPort;
if (result == 0) {
}
return result;
}
}
} else {
if (isLogWarningEnabled()) {
logWarning("AmFilter: invalid agent protocol: "
+ agentProtocol);
}
}
}
if (agentPort > 0) {
if (agentPort < 65535) {
} else {
if (isLogWarningEnabled()) {
}
}
}
}
_agentHost = host;
if (isLogMessageEnabled()) {
}
}
_agentPort = port;
if (isLogMessageEnabled()) {
}
}
if (isLogMessageEnabled()) {
}
}
return _matcher;
}
}
private boolean _defaultRefererInitialized;
private boolean _cdssoEnabledFlag;
private int _agentPort;
}