本文整理汇总了Java中org.jasig.cas.client.util.CommonUtils.safeGetParameter方法的典型用法代码示例。如果您正苦于以下问题:Java CommonUtils.safeGetParameter方法的具体用法?Java CommonUtils.safeGetParameter怎么用?Java CommonUtils.safeGetParameter使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.jasig.cas.client.util.CommonUtils的用法示例。
在下文中一共展示了CommonUtils.safeGetParameter方法的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: handleFederationRequest
import org.jasig.cas.client.util.CommonUtils; //导入方法依赖的package包/类
/**
* Handle federation request.
*
* @param response the response
* @param request the request
* @return the model and view
* @throws Exception the exception
*/
@GetMapping(path = WSFederationConstants.ENDPOINT_FEDERATION_REQUEST_CALLBACK)
protected ModelAndView handleFederationRequest(final HttpServletResponse response, final HttpServletRequest request) throws Exception {
final WSFederationRequest fedRequest = WSFederationRequest.of(request);
LOGGER.debug("Received callback profile request [{}]", request.getRequestURI());
final WSFederationRegisteredService service = findAndValidateFederationRequestForRegisteredService(response, request, fedRequest);
LOGGER.debug("Located matching service [{}]", service);
final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
if (StringUtils.isBlank(ticket)) {
LOGGER.error("Can not validate the request because no [{}] is provided via the request", CasProtocolConstants.PARAMETER_TICKET);
return new ModelAndView(CasWebflowConstants.VIEW_ID_ERROR, new HashMap<>(), HttpStatus.FORBIDDEN);
}
final Assertion assertion = validateRequestAndBuildCasAssertion(response, request, fedRequest);
SecurityToken securityToken = getSecurityTokenFromRequest(request);
if (securityToken == null) {
LOGGER.debug("No security token is yet available. Invoking security token service to issue token");
securityToken = validateSecurityTokenInAssertion(assertion, request, response);
}
addSecurityTokenTicketToRegistry(request, securityToken);
final String rpToken = produceRelyingPartyToken(response, request, fedRequest, securityToken, assertion);
return postResponseBackToRelyingParty(rpToken, fedRequest);
}
示例2: handleCallbackProfileRequest
import org.jasig.cas.client.util.CommonUtils; //导入方法依赖的package包/类
/**
* Handle callback profile request.
*
* @param response the response
* @param request the request
* @throws Exception the exception
*/
@GetMapping(path = SamlIdPConstants.ENDPOINT_SAML2_SSO_PROFILE_POST_CALLBACK)
protected void handleCallbackProfileRequest(final HttpServletResponse response, final HttpServletRequest request) throws Exception {
LOGGER.info("Received SAML callback profile request [{}]", request.getRequestURI());
final AuthnRequest authnRequest = retrieveSamlAuthenticationRequestFromHttpRequest(request);
if (authnRequest == null) {
LOGGER.error("Can not validate the request because the original Authn request can not be found.");
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
return;
}
final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
if (StringUtils.isBlank(ticket)) {
LOGGER.error("Can not validate the request because no [{}] is provided via the request", CasProtocolConstants.PARAMETER_TICKET);
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
return;
}
final Pair<AuthnRequest, MessageContext> authenticationContext = buildAuthenticationContextPair(request, authnRequest);
final Assertion assertion = validateRequestAndBuildCasAssertion(response, request, authenticationContext);
buildSamlResponse(response, request, authenticationContext, assertion, SAMLConstants.SAML2_POST_BINDING_URI);
}
示例3: validateRequestAndBuildCasAssertion
import org.jasig.cas.client.util.CommonUtils; //导入方法依赖的package包/类
private Assertion validateRequestAndBuildCasAssertion(final HttpServletResponse response,
final HttpServletRequest request,
final Pair<AuthnRequest, MessageContext> pair) throws Exception {
final AuthnRequest authnRequest = pair.getKey();
final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
final Cas30ServiceTicketValidator validator = new Cas30ServiceTicketValidator(this.serverPrefix);
final HttpsURLConnectionFactory factory = new HttpsURLConnectionFactory();
factory.setHostnameVerifier(this.hostnameVerifier);
validator.setURLConnectionFactory(factory);
validator.setRenew(authnRequest.isForceAuthn());
final String serviceUrl = constructServiceUrl(request, response, pair);
LOGGER.debug("Created service url for validation: [{}]", serviceUrl);
final Assertion assertion = validator.validate(ticket, serviceUrl);
logCasValidationAssertion(assertion);
return assertion;
}
示例4: doGet
import org.jasig.cas.client.util.CommonUtils; //导入方法依赖的package包/类
/**
* @TODO: We have the opportunity to give back more to Shib than just the PRINCIPAL_NAME_KEY. Identify additional information
* we can return as well as the best way to know when to do this.
* @see javax.servlet.http.HttpServlet#doGet(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
@Override
protected void doGet(final HttpServletRequest request, final HttpServletResponse response) throws ServletException,
IOException {
String ticket = CommonUtils.safeGetParameter(request, artifactParameterName);
Object authnType = request.getSession().getAttribute(AUTHN_TYPE);
Assertion assertion = null;
try {
ticketValidator.setRenew(null != authnType && authnType.toString().contains("&renew=true"));
assertion = ticketValidator.validate(ticket, constructServiceUrl(request, response));
} catch (final TicketValidationException e) {
logger.error("Unable to validate login attempt.", e);
boolean wasPassiveAttempt = null != authnType && authnType.toString().contains("&gateway=true");
// If it was a passive attempt, send back the indicator that the responding provider cannot authenticate
// the principal passively, as has been requested. Otherwise, send the generic authn failed code.
request.setAttribute(LoginHandler.AUTHENTICATION_ERROR_KEY, wasPassiveAttempt ? StatusCode.NO_PASSIVE_URI
: StatusCode.AUTHN_FAILED_URI);
AuthenticationEngine.returnToAuthenticationEngine(request, response);
return;
}
for (CasToShibTranslator casToShibTranslator : translators) {
casToShibTranslator.doTranslation(request, response, assertion);
}
AuthenticationEngine.returnToAuthenticationEngine(request, response);
}
示例5: validateRequestAndBuildCasAssertion
import org.jasig.cas.client.util.CommonUtils; //导入方法依赖的package包/类
private Assertion validateRequestAndBuildCasAssertion(final HttpServletResponse response,
final HttpServletRequest request,
final WSFederationRequest fedRequest) throws Exception {
final String ticket = CommonUtils.safeGetParameter(request, CasProtocolConstants.PARAMETER_TICKET);
final Cas30ServiceTicketValidator validator = new Cas30ServiceTicketValidator(casProperties.getServer().getPrefix());
final String serviceUrl = constructServiceUrl(request, response, fedRequest);
LOGGER.debug("Created service url for validation: [{}]", serviceUrl);
final Assertion assertion = validator.validate(ticket, serviceUrl);
LOGGER.debug("Located CAS assertion [{}]", assertion);
return assertion;
}
示例6: onAuthentication
import org.jasig.cas.client.util.CommonUtils; //导入方法依赖的package包/类
public void onAuthentication(Authentication authentication, HttpServletRequest request,
HttpServletResponse response) {
super.onAuthentication(authentication, request, response);
HttpSession newSession = request.getSession();
String token = CommonUtils.safeGetParameter(request, this.artifactParameterName, this.safeParameters);
logger.debug("Recording the new session after the previous one was destroyed to prevent session fixation " +
"(token " + token + ").");
if ((token != null) && (!token.trim().isEmpty())) {
this.sessionMappingStorage.addSessionById(token, newSession);
}
}
示例7: doFilter
import org.jasig.cas.client.util.CommonUtils; //导入方法依赖的package包/类
public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain)
throws IOException, ServletException {
CasSingleLogoutClusterFilter.LOG.trace("Filtering with request: [{}] ; method: [{}]", request);
if (!this.peers.isEmpty() && (request instanceof HttpServletRequest)) {
final HttpServletRequest httpRequest = (HttpServletRequest) request;
CasSingleLogoutClusterFilter.LOG.trace("Filtering with HTTP method: [{}] ; parameters: [{}] ", httpRequest.getMethod(), httpRequest.getParameterMap().toString());
if ("POST".equals(httpRequest.getMethod())) {
//This a CAS client method I use
final String logoutRequest = CommonUtils.safeGetParameter(httpRequest, CasSingleLogoutClusterFilter.CAS_LOGOUT_REQUEST_HTTP_PARAM);
//final String logoutRequest = httpRequest.getParameter(CasSingleLogoutClusterFilter.CAS_LOGOUT_REQUEST_HTTP_PARAM);
CasSingleLogoutClusterFilter.LOG.debug("{}: [{}]", CasSingleLogoutClusterFilter.CAS_LOGOUT_REQUEST_HTTP_PARAM, logoutRequest);
// Set a flag so an application getting a rebroadcast doesn't rebroadcast it. don't want a packet storm
final String rebroadcast = httpRequest.getHeader(CasSingleLogoutClusterFilter.X_FORWARDED_LOGOUT_HEADER);
CasSingleLogoutClusterFilter.LOG.debug("rebroadcast: [{}]", rebroadcast);
if (hasText(logoutRequest) && (rebroadcast == null)) {
try {
final String path = httpRequest.getServletPath();
final String context = httpRequest.getContextPath();
final String protocol = httpRequest.getScheme();
CasSingleLogoutClusterFilter.LOG.debug("Got a single logout request ; protocol: [{}] ; context: [{}] ; path: [{}].",
new Object[]{protocol, context, path});
// Set up the http client connection
CasSingleLogoutClusterFilter.LOG.debug("Attempting to rebroadcast");
// Peers are set in the init() method
for (Peer peer : this.peers) {
if (!peer.getHostName().equals(this.clientHostName)) {
// don't rebroadcast to your self!
CasSingleLogoutClusterFilter.LOG.debug("Processing peer: [{}]", peer);
// set rebroadcast=false so peers don't rebroacast. Only first recipient reboradcasts
this.sendLogoutRequestToPeer(peer, context + path, logoutRequest, true);
}
}
} catch (Exception e) {
CasSingleLogoutClusterFilter.LOG.error("Error while broadcasting logout request !", e);
}
}
}
}
chain.doFilter(request, response);
}
示例8: doFilter
import org.jasig.cas.client.util.CommonUtils; //导入方法依赖的package包/类
/**
* {@inheritDoc}
*/
@Override
public void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse,
final FilterChain chain) throws IOException, ServletException {
final HttpServletRequest request = (HttpServletRequest) servletRequest;
final HttpServletResponse response = (HttpServletResponse) servletResponse;
HttpSession session = request.getSession();
final String ticket = CommonUtils.safeGetParameter(request, getArtifactParameterName());
if (session != null && session.getAttribute(CONST_CAS_ASSERTION) == null && ticket != null) {
try {
final String service = constructServiceUrl(request, response);
Cas20ServiceTicketValidator v = new Cas20ServiceTicketValidator(casServerUrl);
v.validate(ticket, service);
if (!new WebAuthentication().login(service, ticket)) {
throw new GeneralSecurityException("JBoss Web authentication failed.");
}
/*
* This line of obtaining the session again was necessary as following the login with
* the WebAuthentication above, the original Session that was obtained was no longer
* valid.
*/
session = request.getSession();
if (request.getUserPrincipal() instanceof AssertionPrincipal) {
final AssertionPrincipal principal = (AssertionPrincipal) request.getUserPrincipal();
session.setAttribute(CONST_CAS_ASSERTION, principal.getAssertion());
} else {
throw new GeneralSecurityException(
"JBoss Web authentication did not produce CAS AssertionPrincipal.");
}
} catch (final GeneralSecurityException e) {
response.sendError(HttpServletResponse.SC_FORBIDDEN, e.getMessage());
} catch (TicketValidationException tve) {
response.sendError(HttpServletResponse.SC_FORBIDDEN, tve.getMessage());
}
} else if (session != null && request.getUserPrincipal() == null) {
// There is evidence that in some cases the principal can disappear
// in JBoss despite a valid session.
// This block forces consistency between principal and assertion.
session.removeAttribute(CONST_CAS_ASSERTION);
}
chain.doFilter(request, response);
}
示例9: retrieveTicketFromRequest
import org.jasig.cas.client.util.CommonUtils; //导入方法依赖的package包/类
/**
* method to retrieve the ticket.
*
* @param request the HTTP ServletRequest. CANNOT be NULL.
* @return the ticket if its found, null otherwise.
*/
protected String retrieveTicketFromRequest(final HttpServletRequest request) {
return CommonUtils.safeGetParameter(request, getArtifactParameterName());
}