AuthClientUtils.java revision f8143b41df708513215262ee90734c78495c6538
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunnington * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunnington * Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunnington * The contents of this file are subject to the terms
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunnington * of the Common Development and Distribution License
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunnington * (the License). You may not use this file except in
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunnington * compliance with the License.
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunnington * You can obtain a copy of the License at
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunnington * https://opensso.dev.java.net/public/CDDLv1.0.html or
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunnington * See the License for the specific language governing
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunnington * permission and limitations under the License.
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunnington * When distributing Covered Code, include this CDDL
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunnington * Header Notice in each file and include the License file
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunnington * If applicable, add the following below the CDDL Header,
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunnington * with the fields enclosed by brackets [] replaced by
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunnington * your own identifying information:
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunnington * "Portions Copyrighted [year] [name of copyright owner]"
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunnington * $Id: AuthClientUtils.java,v 1.40 2010/01/22 03:31:01 222713 Exp $
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunnington * Portions Copyrighted 2010-2014 ForgeRock AS
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunningtonpackage com.sun.identity.authentication.client;
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunningtonimport javax.servlet.http.HttpServletRequest;
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunningtonimport javax.servlet.http.HttpServletResponse;
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunningtonimport com.iplanet.dpro.session.share.SessionEncodeURL;
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunningtonimport com.sun.identity.session.util.SessionUtils;
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunningtonimport com.iplanet.am.util.AMClientDetector;
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunningtonimport com.iplanet.am.util.SystemProperties;
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunningtonimport com.iplanet.dpro.session.SessionException;
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunningtonimport com.iplanet.services.cdm.ClientsManager;
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunningtonimport com.iplanet.services.naming.ServerEntryNotFoundException;
33908fb93167e643fbb21b47d87c5b632df0dc59Phill Cunningtonimport com.iplanet.services.naming.WebtopNaming;
public class AuthClientUtils {
private static boolean setRequestEncoding = false;
private static final boolean urlRewriteInPath =
private static final boolean isVersionHeaderEnabled =
private static boolean setCookieToAllDomains = true;
private static boolean isSessionHijackingEnabled =
if (isClientDetectionEnabled()) {
setCookieToAllDomains = false;
} catch (Exception e) {
e.toString());
protected AuthClientUtils() {
return (data);
return (logoutCookie);
new EncodeAction(
} catch (Exception e) {
return (logout_cookie );
return (queryOrg);
} catch (Exception e) {
} catch (Exception e) {
+ e.getMessage());
return (cookie);
return cookie;
return (errorMessage);
return (errorTemplate);
+ origRedirectURL);
return (origRedirectURL);
} catch (Exception e) {
+ e.toString());
return (null);
return (null);
boolean isCookieSupported) {
return (logoutURL);
//Let's check the URL first in case this is a forwarded request from Federation. URL should have precedence
//over the actual cookie value, so this way a new federated auth can always start with a clear auth session.
return sessionID;
if (isGetRequest) {
return (sessionID);
boolean newSessionArgExists =
return (newSessionArgExists);
return (indexType);
} catch (Exception e) {
return (indexName);
return (indexName);
return (firstIndexName);
} catch (Exception e) {
public static boolean checkSessionUpgrade(
boolean upgrade = false;
upgrade = true;
upgrade = true;
upgrade = true;
upgrade = true;
upgrade = true;
upgrade = true;
} catch (Exception e) {
return (upgrade);
return cookieURL;
return null;
return cookieURL;
public static boolean isClientDetectionEnabled() {
boolean clientDetectionEnabled = false;
return (clientDetectionEnabled);
return (getDefaultClientType());
} catch (Exception e) {
+ e.toString());
return (defaultClientType);
return (defaultClient);
return null;
return (null);
if (isClientDetectionEnabled()) {
return (charset);
return (DEFAULT_FILE_PATH);
return (filePath);
return (DEFAULT_CONTENT_TYPE);
return (contentType);
return (DEFAULT_COOKIE_SUPPORT);
return (cookieSup);
return (setCookie);
return (setCookie);
boolean cookieDetect
return (cookieDetect);
return (clientURL);
return (rewriteURL);
return (dsameVersion);
public static boolean isVersionHeaderEnabled() {
return isVersionHeaderEnabled;
return (authCookieName);
return (distAuthCookieName);
return (cookieName);
return (persistentCookieName);
return loadBalanceCookieName;
} catch (Exception e) {
return (null);
return (cookieDomains);
if (setCookieToAllDomains) {
return allDomains;
+ domains);
return domains;
} catch (Exception e) {
return (orgName);
boolean noQueryParam=false;
noQueryParam= true;
return (orgDN);
return orgParam;
return (in);
if (retVal) {
return (retVal);
return (requestURL);
return (hostname);
return (urlString);
boolean ignore = false;
ignore = true;
return ignore;
+ queryParams);
value =
} catch (Exception e) {
+ e.toString());
return (ssoToken);
return (ssoToken);
boolean isTimedOut = false;
isTimedOut = false;
} catch (Exception e) {
isTimedOut = true;
return isTimedOut;
return (errorMsg);
return (templateName);
return (null);
boolean cookieSupported = true;
cookieSupported = false;
return (cookieSupported);
boolean cookieSet = false;
cookieSet = true;
return (cookieSet);
return (pCookie);
lbCookie =
return (lbCookie);
} catch (Exception e) {
} catch (Exception e) {
+ e.getMessage());
return (cookie);
return (url);
if (urlRewriteInPath) {
return(encodedURL);
return (encodedURL);
templatePath,true);
} catch (Exception e) {
return (templateFile);
return (rootSuffix);
return (fileRoot);
return (null);
return (charsetFilename);
templatePath,true);
templatePath,true);
return (resourceName);
return (null);
return (newFilePath);
orgName);
return (orgPath);
} catch (Exception e) {
return (templateFile);
//Let's check the URL first in case this is a forwarded request from Federation. URL should have precedence
//over the actual cookie value, so this way a new federated auth can always start with a clear auth session.
return orgDN;
return null;
return null;
return realm;
boolean local = false;
local = true;
+ platformList);
local = true;
} catch (Exception e) {
return (local);
boolean isSiteMember = false;
isSiteMember = true;
isSiteMember = true;
isSiteMember = true;
return isSiteMember;
conn.setRequestProperty(ISAuthConstants.ACCEPT_LANG_HEADER, request.getHeader(ISAuthConstants.ACCEPT_LANG_HEADER));
int len;
} catch (Exception e) {
return (origRequestData);
+ cookieStr);
return (strCookies);
throws AuthException {
domain);
domain);
boolean first = true;
if (first) {
first = false;
+ returnValue);
return (returnValue);
boolean globalPersist =
if (globalPersist) {
boolean persistCookie = false;
boolean allowRequestPersist =
return persistCookie;
if (forceFlag == false) {
return forceFlag;
boolean returnForcedAuth = false;
+ adviceMap);
returnForcedAuth = true;
return returnForcedAuth;
boolean urlEncoded = false;
if (s != null) {
urlEncoded = true;
return urlEncoded;
if (isSessionHijackingEnabled) {
} catch(ServerEntryNotFoundException e) {
} catch (Exception e) {
if (isSessionHijackingEnabled) {
} catch (Exception e) {
return resourceUrl;
return envParameters;
for (; i < len; i++) {
return text;
return data;
return strIn;
while (i < len) {
byte b = (byte) carr[i];
return strOut;