HTTPRequestHandler.java revision 4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1c
/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2007 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: HTTPRequestHandler.java,v 1.10 2009/07/23 20:42:52 mrudul_uchil Exp $
*
*/
/* iPlanet-PUBLIC-CLASS */
/**
* This class <code>HTTPRequestHandler</code> is to process and secure the
* in-bound or out-bound HTTPRequest of the web service clients
* and web service providers.
*
*/
public class HTTPRequestHandler implements HTTPRequestHandlerInterface {
/**
* Initialize the HTTP Request handler with a configuration map.
* @param config the configuration map.
*/
}
/**
* Checks whether client should be authenticated or not.
*
* @param subject the subject that may be used by the callers
* to store Principals and credentials validated in the request.
*
* @param request the <code>HttpServletRequest</code> associated with
* this Client message request.
*
* @return true if the client should be authenticated
*/
if(debug.messageEnabled()) {
"valid SSOToken exists");
}
return false;
}
if(debug.messageEnabled()) {
+ providername);
}
return true;
}
try {
return true;
}
return true;
}
if(!pc.forceUserAuthentication()) {
return false;
}
} catch (ProviderException pe) {
"provider exception", pe);
}
return true;
}
/**
* Validates and sets SSOToken into client's Subject.
*
* @param subject the subject that may be used by the callers
* to store Principals and credentials validated in the request.
*
* @param request the <code>HttpServletRequest</code> associated with
* this Client message request.
*
* @return false if any error occured during validating
* SSOToken or setting SSOToken into Subject, otherwise true.
*/
try {
if(debug.messageEnabled()) {
" Valid SSOToken ");
}
return true;
} else {
return false;
}
} catch (SSOException se) {
if(debug.messageEnabled()) {
"Invalid SSOToken ");
}
return false;
} catch (Exception e) {
if(debug.messageEnabled()) {
"Can not set SSOToken in Subject ", e);
}
return false;
}
}
/**
* Returns Login URL for client to be redirected.
* @param request the <code>HttpServletRequest</code>.
*
* @return String Login URL
*/
// This is useful for SAML2 integrations.
"com.sun.identity.loginurl.goto", GOTO);
}
return loginURL;
}
/**
* Adds SSOToken Id as private credential of given Subject.
* @param httpAuthParam
* @param subject
*
* @exception AuthException
*/
throws Exception {
return null;
}
});
//ThreadLocalService.setSSOToken(ssoToken);
}
// Sets the authenticated principal to the subject.
Principal p = new SecurityPrincipal(
"com.sun.identity.jsr196.authenticated.user",
}
}