View Javadoc

1   // ========================================================================
2   // Copyright 2003-2005 Mort Bay Consulting Pty. Ltd.
3   // ------------------------------------------------------------------------
4   // Licensed under the Apache License, Version 2.0 (the "License");
5   // you may not use this file except in compliance with the License.
6   // You may obtain a copy of the License at 
7   // http://www.apache.org/licenses/LICENSE-2.0
8   // Unless required by applicable law or agreed to in writing, software
9   // distributed under the License is distributed on an "AS IS" BASIS,
10  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
11  // See the License for the specific language governing permissions and
12  // limitations under the License.
13  // ========================================================================
14  
15  package org.mortbay.jetty.security;
16  
17  import java.security.Principal;
18  import java.security.SecureRandom;
19  import java.util.HashMap;
20  import java.util.Random;
21  
22  import javax.servlet.http.Cookie;
23  
24  import org.mortbay.jetty.Request;
25  import org.mortbay.jetty.Response;
26  import org.mortbay.jetty.webapp.WebAppContext;
27  import org.mortbay.log.Log;
28  
29  
30  
31  
32  public class HashSSORealm implements SSORealm
33  {
34      
35      /* ------------------------------------------------------------ */
36      public static final String SSO_COOKIE_NAME = "SSO_ID";
37      private HashMap _ssoId2Principal = new HashMap();
38      private HashMap _ssoUsername2Id = new HashMap();
39      private HashMap _ssoPrincipal2Credential = new HashMap();
40      private transient Random _random = new SecureRandom();
41      
42      /* ------------------------------------------------------------ */
43      public Credential getSingleSignOn(Request request, Response response)
44      {
45          String ssoID = null;
46          Cookie[] cookies = request.getCookies();
47          for (int i = 0; cookies!=null && i < cookies.length; i++)
48          {
49              if (cookies[i].getName().equals(SSO_COOKIE_NAME))
50              {
51                  ssoID = cookies[i].getValue();
52                  break;
53              }
54          }
55          if(Log.isDebugEnabled())Log.debug("get ssoID="+ssoID);
56          
57          Principal principal=null;
58          Credential credential=null;
59          synchronized(_ssoId2Principal)
60          {
61              principal=(Principal)_ssoId2Principal.get(ssoID);
62              credential=(Credential)_ssoPrincipal2Credential.get(principal);
63          }
64          
65          if(Log.isDebugEnabled())Log.debug("SSO principal="+principal);
66          
67          if (principal!=null && credential!=null)
68          {
69              // TODO - make this work for non webapps
70              UserRealm realm = ((WebAppContext)(request.getContext().getContextHandler())).getSecurityHandler().getUserRealm();
71              Principal authPrincipal = realm.authenticate(principal.getName(), credential, request);
72              if (authPrincipal != null)
73              {
74                  request.setUserPrincipal(authPrincipal);
75                  return credential;
76              }
77              else
78              {
79                  synchronized(_ssoId2Principal)
80                  {
81                      _ssoId2Principal.remove(ssoID);
82                      _ssoPrincipal2Credential.remove(principal);
83                      _ssoUsername2Id.remove(principal.getName());
84                  }    
85              }
86          }
87          return null;
88      }
89      
90      
91      /* ------------------------------------------------------------ */
92      public void setSingleSignOn(Request request,
93                                  Response response,
94                                  Principal principal,
95                                  Credential credential)
96      {
97          
98          String ssoID=null;
99          
100         synchronized(_ssoId2Principal)
101         {
102             // Create new SSO ID
103             while (true)
104             {
105                 ssoID = Long.toString(Math.abs(_random.nextLong()),
106                                       30 + (int)(System.currentTimeMillis() % 7));
107                 if (!_ssoId2Principal.containsKey(ssoID))
108                     break;
109             }
110             
111             if(Log.isDebugEnabled())Log.debug("set ssoID="+ssoID);
112             _ssoId2Principal.put(ssoID,principal);
113             _ssoPrincipal2Credential.put(principal,credential);
114             _ssoUsername2Id.put(principal.getName(),ssoID);
115         }
116         
117         Cookie cookie = new Cookie(SSO_COOKIE_NAME, ssoID);
118         cookie.setPath("/");
119         response.addCookie(cookie);
120     }
121     
122     
123     /* ------------------------------------------------------------ */
124     public void clearSingleSignOn(String username)
125     {
126         synchronized(_ssoId2Principal)
127         {
128             Object ssoID=_ssoUsername2Id.remove(username);
129             Object principal=_ssoId2Principal.remove(ssoID);
130             _ssoPrincipal2Credential.remove(principal);
131         }        
132     }
133 }