/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: LocalAuthTaskHandler.java,v 1.3 2008/06/25 05:51:47 qcheng Exp $
*
* Portions Copyrighted 2014 ForgeRock AS.
*/
/**
* <p>
* This task handler provides the necessary functionality to process incoming
* requests for local authentication in J2EE Policy mode.
* </p>
*/
implements ILocalAuthTaskHandler {
/**
* The constructor that takes a <code>Manager</code> instance in order
* to gain access to the infrastructure services such as configuration
* and log access.
*
* @param manager the <code>Manager</code> for the <code>filter</code>
* subsystem.
* @throws AgentException if this task handler could not be initialized
*/
super(manager);
}
throws AgentException {
}
/**
* Processes the incoming requests for local authentication and suggests
* any necessary action needed in order to achieve this functionality.
*
* @param ctx the <code>AmFilterRequestContext</code> that carries
* information about the incoming request and response objects.
*
* @return <code>null</code> if no action is necessary, or
* <code>AmFilterResult</code> object indicating the necessary action in
* order to handle notifications.
* @throws AgentException if this request cannot be handled by the task
* handler successfully.
*/
throws AgentException
{
if(!authResult) {
if(isLogWarningEnabled()) {
"LocalAuthTaskHandler: Local authentication failed for : "
+ ", SSO Token: "
}
}
return result;
}
/**
* Returns a String that can be used to identify this task handler
* @return the name of this task handler
*/
}
public boolean isActive() {
return isModeJ2EEPolicyActive();
}
throws AgentException {
boolean authResult = false;
if (existingPrincipal != null &&
if (isLogMessageEnabled()) {
logMessage("LocalAuthTaskHandler: Principal is set, bypassing "
+ "local authentication for " + userName);
}
authResult = true;
} else {
if (isLogMessageEnabled()) {
logMessage("LocalAuthTaskHandler: No principal found. "
+ "Initiating local authentication for " + userName);
}
if (isSessionBindingEnabled()) {
} else {
}
}
return authResult;
}
/**
* Method getJ2EEAuthHandler
*
*
* @return
*
*/
synchronized(this) {
if (handlerMap != null) {
}
try {
throw new AgentException(
"Unable to initialize authentication handler: "
+ className + " for application: "
+ applicationName, ex);
}
}
if (isLogMessageEnabled()) {
"AmFilter: using global authentication handler "
+ "for app: "
+ applicationName);
}
}
}
}
}
return result;
}
return _authenticationHandlers;
}
/**
* Method setJ2EEAuthHandler
*
* @throws AgentException
*
*/
try {
throw new AgentException(
"Unable to load Global Authentication handler", ex);
}
}
/**
* Method getGlobalAuthenticationHandler
*
* @returns IJ2EEAuthenticationHandler
*
*/
return _globalAuthenticationHandler;
}
private boolean doLocalAuthWithSessionBinding(
if (isLogMessageEnabled()) {
"LocalAuthTaskHandler: doing local authentication with "
+ "session binding");
}
try {
if (isLogMessageEnabled()) {
"LocalAuthTaskHandler: Exception caught while doing local "
+ "authentication",
ex);
}
}
boolean authResult = false;
}
if (!authResult) {
if (isLogMessageEnabled()) {
"LocalAuthTaskHandler: Local authentication failed, "
+ "invalidating session.");
}
// The authHandler implementation may have already invalidated the session so don't fail here is it has.
try {
} catch (IllegalStateException e) {
logMessage("LocalAuthTaskHandler: Session was already invalidated.");
}
} else {
if(isLogMessageEnabled()) {
"LocalAuthTaskHandler: Local authentication successful for "
+ userName + ", session is valid.");
}
}
return authResult;
}
private boolean doLocalAuthWithoutSessionBinding(
if (isLogMessageEnabled()) {
"LocalAuthTaskHandler: doing local authentication without "
+ "session binding");
}
if (!existingSession) {
if(isLogMessageEnabled()) {
"LocalAuthTaskHandler: session does not exist, will be "
+ "created for authentication only");
}
}
try {
if(isLogMessageEnabled()) {
"LocalAuthTaskHandler: Exception caught while doing local "
+ "authentication",
ex);
}
}
boolean authResult = false;
}
if (!existingSession) {
if (isLogMessageEnabled()) {
"LocalAuthTaskHandler: invalidating session after "
+ "authentication");
}
// The authHandler implementation may have already invalidated the session so don't fail here is it has.
try {
} catch (IllegalStateException e) {
logMessage("LocalAuthTaskHandler: Session was already invalidated.");
}
}
if (isLogMessageEnabled()) {
if (authResult) {
"LocalAuthTaskHandler: Local authentication successful for "
+ userName);
} else {
logMessage("LocalAuthTaskHandler: Local authentication failed");
}
}
return authResult;
}
}