/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2007 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: ConsoleServletBase.java,v 1.7 2009/03/24 23:57:32 babysunil Exp $
*
*/
/*
* Portions Copyrighted 2011-2012 ForgeRock AS
*/
/**
* This is the base class for all the module servlets. The basic function of
* this class is to perform authentication check. If the user is not
* authenticated, then he is redirected to the login page. If the user is
* entering for the first time after login, then he is redirected to the
* <code>AMAdminFrame</code>. This servlet will do nothing if the user has a
* valid SSO Token.
* Every module servlet in console must extend from this servlet.
*/
public abstract class ConsoleServletBase
extends ApplicationServletBase
{
public ConsoleServletBase() {
// Disable the "strict session timeouts" warnings
// in the server container log.
}
/**
* Forwards request to login view bean if user has not logged in.
*
* @param requestContext request context.
* @throws ServletException if redirection fails.
*/
throws ServletException
{
/*
* This case will not happen, unless the user agent does not set
* this header while making this connection.
*/
host = getConsoleHost();
} else {
try {
} catch (IOException ioe) {
"failed to redirect to fully qualified host");
}
throw new CompleteRequestException();
}
}
}
) {
.append("://")
if (queryString != null) {
}
}
throws ServletException
{
try {
/*
* Since all supported web containers now support
* servlet 2.3 and above, we use setCharacterEncoding
* to set request charset.
*/
try {
} catch (UnsupportedEncodingException ex) {
"Unsupported encoding", ex);
}
} catch (SSOException soe) {
throw new CompleteRequestException();
}
}
AMLoginViewBean.class);
if (getDebug().messageEnabled()) {
"redirecting unauthenticated user to " + url);
}
}
/**
* Ignores HTTP session time out. Console uses SSO Token Session.
*
* @param requestContext - The JATO request context.
*/
throws ServletException {
// do nothing
}
/**
* Forwards to invalid URL view bean, in case of an invalid target
* request handler (page).
*
* @param requestContext - request context
* @param handlerName - name of handler
* @throws ServletException
*/
protected void onRequestHandlerNotFound(
throws ServletException
{
AMInvalidURLViewBean.class);
throw new CompleteRequestException();
}
/**
* Forwards to invalid URL view bean, in case of no handler specified
*
* @param requestContext - request context
* @throws ServletException
*/
throws ServletException
{
AMInvalidURLViewBean.class);
throw new CompleteRequestException();
}
protected void onPageSessionDeserializationException(
Exception e)
throws ServletException, IOException {
//redirect, since forwardTo would carry the invalid pagesession
throw new CompleteRequestException();
}
/**
* Forwards to uncaught exception view bean, to respond to uncaught
* application error messages.
*
* @param requestContext - request context
* @param e Exception that was not handled by the application.
* @throws ServletException
* @throws IOException
*/
protected void onUncaughtException(
Exception e)
throws ServletException, IOException
{
"../base/AMUncaughtException");
}
/**
* Checks if the user is authenticated, that is, if SSO Token is available
* and whether the token is still valid, else throws
* <code>SSOException</code>.
*
* @param request HTTP Servlet request object.
* @return The valid SSO Token.
* @throws SSOException if SSO Token is invalid
*/
throws SSOException
{
return ssoToken;
}
/**
* Return appropriate redirect URL if the SSO is failed
*
* @param request HTTP Servlet request
*/
"ConsoleServletBase.formGotoURL Host header is null.");
/*
* This case will not happen, unless the user agent does not
* set this header while making this connection.
*/
host = getConsoleHost();
}
} else {
if (isConsoleRemote()) {
.append(getServerURI())
} else {
.append("://")
.append(getServerURI())
}
}
if (isConsoleRemote()) {
} else {
.append("://")
}
/*
* We only append query parameters are passed from amconsole URI. e.g.
* http://<host>.<domain>:<port>/amconsole?org=dc%3Diplanet%2Cdc%3Dcom
* should be append to this URL. We use a query parameter,
* amconsoleRedirect to track this kind of parameter.
*/
/** TBD
if (!containOrgDomainParam(queryParam)) {
String orgParam = getOrganizationQueryParam(request,host);
if (orgParam != null) {
redirectURL.append(orgParam);
}
} */
}
return redirectURL.toString();
}
if (idx != -1) {
} else {
}
hostname);
/*
* this required because FQDNUtils default hostname to
* server host. for the case of remote console
* installation, default should be console host.
*/
hostname = getConsoleHost();
}
}
}
return validHostname;
}
/**
* Returns the query string portion of the URL. Example,
* <code>http://<host>:<port>/amconsole/?org=iplanet</code>, This method
* returns <code>&org=iplanet</code>. This method returns empty string
* if there is no query string.
*
* @param request HTTP Servlet Request.
* @return query string portion of the URL.
*/
if (index != -1) {
if ( queryString.length() >
x += queryString.substring(
}
queryString = x;
}
boolean isValid = ESAPI.validator().isValidInput("AMLogin_params", queryString, "HTTPURI", 1024, true);
}
}
}
}
}
return uri;
}
}
return uri;
}
getConsoleHost() + ":" +
}
getServerHost() + ":" +
}
private static boolean isConsoleRemote() {
}
}
}