1 /*
2 * Copyright 2006 University Corporation for Advanced Internet Development, Inc.
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 package edu.internet2.middleware.shibboleth.idp.authn.provider;
18
19 import java.io.IOException;
20
21 import javax.servlet.http.HttpServletRequest;
22 import javax.servlet.http.HttpServletResponse;
23
24 import org.opensaml.util.URLBuilder;
25 import org.slf4j.Logger;
26 import org.slf4j.LoggerFactory;
27
28 /**
29 * Authenticate a username and password against a JAAS source.
30 *
31 * This login handler creates a {@link javax.security.auth.Subject} and binds it to the request as described in the
32 * {@link edu.internet2.middleware.shibboleth.idp.authn.LoginHandler} documentation. If the JAAS module does not create
33 * a principal for the user a {@link edu.internet2.middleware.shibboleth.idp.authn.UsernamePrincipal} is created, using the
34 * entered username. If the <code>storeCredentialsInSubject</code> init parameter of the authentication servlet is set
35 * to true a {@link UsernamePasswordCredential} is created, based on the entered username and password, and stored in
36 * the Subject's private credentials.
37 */
38 public class UsernamePasswordLoginHandler extends AbstractLoginHandler {
39
40 /** Class logger. */
41 private final Logger log = LoggerFactory.getLogger(UsernamePasswordLoginHandler.class);
42
43 /** The URL of the servlet used to perform authentication. */
44 private String authenticationServletURL;
45
46 /**
47 * Constructor.
48 *
49 * @param servletURL URL to the authentication servlet
50 */
51 public UsernamePasswordLoginHandler(String servletURL) {
52 super();
53 setSupportsPassive(false);
54 setSupportsForceAuthentication(true);
55 authenticationServletURL = servletURL;
56 }
57
58 /** {@inheritDoc} */
59 public void login(final HttpServletRequest httpRequest, final HttpServletResponse httpResponse) {
60 // forward control to the servlet.
61 try {
62 StringBuilder pathBuilder = new StringBuilder();
63 pathBuilder.append(httpRequest.getContextPath());
64 if (!authenticationServletURL.startsWith("/")) {
65 pathBuilder.append("/");
66 }
67 pathBuilder.append(authenticationServletURL);
68
69 URLBuilder urlBuilder = new URLBuilder();
70 urlBuilder.setScheme(httpRequest.getScheme());
71 urlBuilder.setHost(httpRequest.getServerName());
72 urlBuilder.setPort(httpRequest.getServerPort());
73 urlBuilder.setPath(pathBuilder.toString());
74
75 log.debug("Redirecting to {}", urlBuilder.buildURL());
76 httpResponse.sendRedirect(urlBuilder.buildURL());
77 return;
78 } catch (IOException ex) {
79 log.error("Unable to redirect to authentication servlet.", ex);
80 }
81
82 }
83 }