1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18 package org.kathrynhuxtable.middleware.shibshim.filter;
19
20 import java.io.BufferedReader;
21 import java.io.FileNotFoundException;
22 import java.io.IOException;
23 import java.io.InputStreamReader;
24 import java.net.MalformedURLException;
25 import java.net.URL;
26 import java.util.HashMap;
27 import java.util.Map;
28
29 import javax.servlet.Filter;
30 import javax.servlet.FilterChain;
31 import javax.servlet.FilterConfig;
32 import javax.servlet.ServletException;
33 import javax.servlet.ServletRequest;
34 import javax.servlet.ServletResponse;
35
36 import org.apache.log4j.Logger;
37 import org.kathrynhuxtable.middleware.shibshim.util.properties.PropertiesBundle;
38 import org.kathrynhuxtable.middleware.shibshim.util.properties.PropertiesBundleException;
39
40
41
42
43 public final class ShibShimFilter implements Filter {
44
45
46
47 private static Logger log = Logger.getLogger(ShibShimFilter.class.getName());
48
49
50
51
52 private static final int DEFAULT_TIMEOUT = 60;
53
54
55
56
57 private static final int MILLI_PER_SEC = 1000;
58
59
60
61
62 private String acsUrl;
63
64
65
66
67 private String application;
68
69
70
71
72
73 private Map attributeMap = new HashMap();
74
75
76
77
78
79 private String localAcsPath;
80
81
82
83
84 private String loginRedirectPath;
85
86
87
88
89 private String logoutRedirectPath;
90
91
92
93
94
95 private String remoteUserAttribute;
96
97
98
99
100
101 private String sessionAttribute;
102
103
104
105
106
107
108 private boolean sessionRequired;
109
110
111
112
113
114 private String shibShimServerCert;
115
116
117
118
119
120 private String shibShimServerCryptKey;
121
122
123
124
125
126 private long timeout;
127
128
129
130
131 public String getAcsUrl() {
132 return acsUrl;
133 }
134
135
136
137
138 public String getApplication() {
139 return application;
140 }
141
142
143
144
145
146 public void setApplication(String application) {
147 this.application = application;
148 }
149
150
151
152
153 public Map getAttributeMap() {
154 return attributeMap;
155 }
156
157
158
159
160 public String getLocalAcsPath() {
161 return localAcsPath;
162 }
163
164
165
166
167 public String getLoginRedirectPath() {
168 return loginRedirectPath;
169 }
170
171
172
173
174 public String getLogoutRedirectPath() {
175 return logoutRedirectPath;
176 }
177
178
179
180
181 public String getRemoteUserAttribute() {
182 return remoteUserAttribute;
183 }
184
185
186
187
188 public String getSessionAttribute() {
189 return sessionAttribute;
190 }
191
192
193
194
195 public boolean isSessionRequired() {
196 return sessionRequired;
197 }
198
199
200
201
202 public String getShibShimServerCert() {
203 return shibShimServerCert;
204 }
205
206
207
208
209 public String getShibShimServerCryptKey() {
210 return shibShimServerCryptKey;
211 }
212
213
214
215
216 public long getTimeout() {
217 return timeout;
218 }
219
220
221
222
223
224
225
226
227
228
229
230
231 public void init(FilterConfig config) throws ServletException {
232 String propertiesFile = config.getInitParameter("ShibShimFilterPropertiesFile");
233 if (propertiesFile == null || propertiesFile.length() <= 0) {
234 log.fatal("No Shibboleth Shim filter properties file specified in filter parameters.");
235 log.fatal("Use filter param ShibShimFilterPropertiesFile.");
236 throw new ServletException("Incorrect configuration data supplied.");
237 }
238
239
240
241 try {
242 PropertiesBundle.init(propertiesFile);
243
244
245 acsUrl = PropertiesBundle.getString("Assertion Consumer Service URL", "acsUrl");
246 attributeMap = PropertiesBundle.getMap("attribute map", "attributeMap.");
247 shibShimServerCert = readFile(PropertiesBundle.getString("server cert file", "certFile"));
248 shibShimServerCryptKey = readFile(PropertiesBundle.getString("server encryption key file", "cryptKeyFile"));
249 localAcsPath = PropertiesBundle.getString("local Assertion Consumer Service path", "localAcsPath");
250 sessionAttribute = PropertiesBundle.getString("name of session attribute", "sessionAttribute");
251
252
253 application = PropertiesBundle.getString("application", "application", null);
254 loginRedirectPath = PropertiesBundle.getString("login redirect path", "loginRedirectPath", null);
255 logoutRedirectPath = PropertiesBundle.getString("logout redirect path", "logoutRedirectPath", null);
256 remoteUserAttribute = PropertiesBundle.getString("remote user attribute", "remoteUserAttribute", null);
257 sessionRequired = "true".equals(PropertiesBundle.getString("session required", "sessionRequired", "true"));
258 timeout = PropertiesBundle.getInteger("session timeout", "timeout", DEFAULT_TIMEOUT) * MILLI_PER_SEC;
259 } catch (PropertiesBundleException e) {
260 throw new ServletException(e);
261 }
262
263 log.debug("ShibShimFilter initialized");
264 }
265
266
267
268
269 public void destroy() {
270
271 }
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298 public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) {
299 try {
300 FilterHandler handler = new FilterHandler(req, res, chain, this);
301 handler.filterRequest();
302 } catch (ImmediateReturnException e) {
303
304
305 }
306 }
307
308
309
310
311
312
313
314
315
316
317 private String readFile(String filename) throws ServletException {
318 String text = null;
319 try {
320 URL resource = null;
321 try {
322 resource = new URL(filename);
323 } catch (MalformedURLException e) {
324 resource = PropertiesBundle.class.getResource(filename);
325 }
326 if (resource == null) {
327 log.fatal("File could not be found at the specified location: " + filename);
328 throw new ServletException("File could not be found at the specified location: " + filename);
329 }
330 BufferedReader reader = new BufferedReader(new InputStreamReader(resource.openStream()));
331 StringBuffer textBuffer = new StringBuffer();
332 String buffer = null;
333 while ((buffer = reader.readLine()) != null) {
334 textBuffer.append(buffer).append('\n');
335 }
336 reader.close();
337 text = new String(textBuffer);
338 } catch (FileNotFoundException e) {
339 throw new ServletException("File not found: " + filename, e);
340 } catch (IOException e) {
341 throw new ServletException("IOException reading file: " + filename, e);
342 }
343 return text;
344 }
345 }