Repository: cxf-fediz Updated Branches: refs/heads/master 4ef71257a -> 84856d7a6
Make the wctx mandatory for the Tomcat plugins Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/f31bc88b Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/f31bc88b Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/f31bc88b Branch: refs/heads/master Commit: f31bc88befe3147acf403e9933b06faa659ce510 Parents: 4ef7125 Author: Colm O hEigeartaigh <[email protected]> Authored: Mon Dec 19 10:44:49 2016 +0000 Committer: Colm O hEigeartaigh <[email protected]> Committed: Mon Dec 19 10:44:49 2016 +0000 ---------------------------------------------------------------------- .../fediz/tomcat7/FederationAuthenticator.java | 45 ++++++++++---------- .../fediz/tomcat8/FederationAuthenticator.java | 45 ++++++++++---------- 2 files changed, 44 insertions(+), 46 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f31bc88b/plugins/tomcat7/src/main/java/org/apache/cxf/fediz/tomcat7/FederationAuthenticator.java ---------------------------------------------------------------------- diff --git a/plugins/tomcat7/src/main/java/org/apache/cxf/fediz/tomcat7/FederationAuthenticator.java b/plugins/tomcat7/src/main/java/org/apache/cxf/fediz/tomcat7/FederationAuthenticator.java index ba33b53..142e166 100644 --- a/plugins/tomcat7/src/main/java/org/apache/cxf/fediz/tomcat7/FederationAuthenticator.java +++ b/plugins/tomcat7/src/main/java/org/apache/cxf/fediz/tomcat7/FederationAuthenticator.java @@ -236,36 +236,35 @@ public class FederationAuthenticator extends FormAuthenticator { return false; } - protected void resumeRequest(HttpServletRequest request, HttpServletResponse response) { - String originalURL = null; + protected void resumeRequest(HttpServletRequest request, HttpServletResponse response) throws IOException { String contextId = request.getParameter(FederationConstants.PARAM_CONTEXT); - if (contextId != null) { + if (contextId == null) { + LOG.warn("The 'wctx' parameter has not been provided back with signin request."); + response.sendError(HttpServletResponse.SC_UNAUTHORIZED); + + } else { Session session = ((Request)request).getSessionInternal(); - originalURL = (String)session.getNote(FederationAuthenticator.SESSION_SAVED_URI_PREFIX + contextId); + String originalURL = (String)session.getNote(FederationAuthenticator.SESSION_SAVED_URI_PREFIX + contextId); session.removeNote(FederationAuthenticator.SESSION_SAVED_URI_PREFIX + contextId); // Cleanup session - } else { - LOG.warn("The 'wctx' parameter has not been provided back with signin request. " - + "Trying to resume now with signin URL (without parameters)"); - originalURL = request.getRequestURI(); - } - try { - if (originalURL != null) { - LOG.debug("Restore request to {}", originalURL); - response.sendRedirect(response.encodeRedirectURL(originalURL)); - } else { - LOG.debug("User took so long to log on the session expired"); - if (landingPage == null) { - response.sendError(HttpServletResponse.SC_REQUEST_TIMEOUT, sm - .getString("authenticator.sessionExpired")); + try { + if (originalURL != null) { + LOG.debug("Restore request to {}", originalURL); + response.sendRedirect(response.encodeRedirectURL(originalURL)); } else { - // Redirect to landing page - String uri = request.getContextPath() + landingPage; - response.sendRedirect(response.encodeRedirectURL(uri)); + LOG.debug("User took so long to log on the session expired"); + if (landingPage == null) { + response.sendError(HttpServletResponse.SC_REQUEST_TIMEOUT, sm + .getString("authenticator.sessionExpired")); + } else { + // Redirect to landing page + String uri = request.getContextPath() + landingPage; + response.sendRedirect(response.encodeRedirectURL(uri)); + } } + } catch (IOException e) { + LOG.error("Cannot resume with request.", e.getMessage()); } - } catch (IOException e) { - LOG.error("Cannot resume with request.", e.getMessage()); } } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/f31bc88b/plugins/tomcat8/src/main/java/org/apache/cxf/fediz/tomcat8/FederationAuthenticator.java ---------------------------------------------------------------------- diff --git a/plugins/tomcat8/src/main/java/org/apache/cxf/fediz/tomcat8/FederationAuthenticator.java b/plugins/tomcat8/src/main/java/org/apache/cxf/fediz/tomcat8/FederationAuthenticator.java index dbd1f4c..485d2aa 100644 --- a/plugins/tomcat8/src/main/java/org/apache/cxf/fediz/tomcat8/FederationAuthenticator.java +++ b/plugins/tomcat8/src/main/java/org/apache/cxf/fediz/tomcat8/FederationAuthenticator.java @@ -226,36 +226,35 @@ public class FederationAuthenticator extends FormAuthenticator { return false; } - protected void resumeRequest(HttpServletRequest request, HttpServletResponse response) { - String originalURL = null; + protected void resumeRequest(HttpServletRequest request, HttpServletResponse response) throws IOException { String contextId = request.getParameter(FederationConstants.PARAM_CONTEXT); - if (contextId != null) { + if (contextId == null) { + LOG.warn("The 'wctx' parameter has not been provided back with signin request."); + response.sendError(HttpServletResponse.SC_UNAUTHORIZED); + + } else { Session session = ((Request)request).getSessionInternal(); - originalURL = (String)session.getNote(FederationAuthenticator.SESSION_SAVED_URI_PREFIX + contextId); + String originalURL = (String)session.getNote(FederationAuthenticator.SESSION_SAVED_URI_PREFIX + contextId); session.removeNote(FederationAuthenticator.SESSION_SAVED_URI_PREFIX + contextId); // Cleanup session - } else { - LOG.warn("The 'wctx' parameter has not been provided back with signin request. " - + "Trying to resume now with signin URL (without parameters)"); - originalURL = request.getRequestURI(); - } - try { - if (originalURL != null) { - LOG.debug("Restore request to {}", originalURL); - response.sendRedirect(response.encodeRedirectURL(originalURL)); - } else { - LOG.debug("User took so long to log on the session expired"); - if (landingPage == null) { - response.sendError(HttpServletResponse.SC_REQUEST_TIMEOUT, sm - .getString("authenticator.sessionExpired")); + try { + if (originalURL != null) { + LOG.debug("Restore request to {}", originalURL); + response.sendRedirect(response.encodeRedirectURL(originalURL)); } else { - // Redirect to landing page - String uri = request.getContextPath() + landingPage; - response.sendRedirect(response.encodeRedirectURL(uri)); + LOG.debug("User took so long to log on the session expired"); + if (landingPage == null) { + response.sendError(HttpServletResponse.SC_REQUEST_TIMEOUT, sm + .getString("authenticator.sessionExpired")); + } else { + // Redirect to landing page + String uri = request.getContextPath() + landingPage; + response.sendRedirect(response.encodeRedirectURL(uri)); + } } + } catch (IOException e) { + LOG.error("Cannot resume with request.", e.getMessage()); } - } catch (IOException e) { - LOG.error("Cannot resume with request.", e.getMessage()); } }
