TouchInstinct
/
java-cas-client
303
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #52 from battags/CASC-211 

CASC-211 Better Ticket Validation Error Logic
This commit is contained in:
Scott 2013-06-20 16:31:59 -07:00
parent 4b87b4a9f5 8ab75b883a
commit 15103333e5
6 changed files with 123 additions and 138 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

118
assembly.xml
View File

@ -19,66 +19,66 @@
-->
<assembly>
<id>release</id>
<formats>
<format>zip</format>
<format>tar.gz</format>
</formats>
<includeBaseDirectory>true</includeBaseDirectory>
<fileSets>
<fileSet>
<lineEnding>unix</lineEnding>
<useDefaultExcludes>true</useDefaultExcludes>
<useStrictFiltering>false</useStrictFiltering>
<directory>${basedir}</directory>
<outputDirectory></outputDirectory>
<includes>
<include>*.xml</include>
<include>*.txt</include>
</includes>
</fileSet>
</fileSets>
<moduleSets>
<moduleSet>
<includes></includes>
<sources>
<fileSets>
<fileSet>
<directory>src</directory>
<outputDirectory>src</outputDirectory>
<lineEnding>unix</lineEnding>
<useDefaultExcludes>true</useDefaultExcludes>
</fileSet>
<id>release</id>
<formats>
<format>zip</format>
<format>tar.gz</format>
</formats>
<includeBaseDirectory>true</includeBaseDirectory>
<fileSets>
<fileSet>
<lineEnding>unix</lineEnding>
<useDefaultExcludes>true</useDefaultExcludes>
<useStrictFiltering>false</useStrictFiltering>
<directory>${basedir}</directory>
<outputDirectory></outputDirectory>
<includes>
<include>*.xml</include>
<include>*.txt</include>
</includes>
</fileSet>
</fileSets>
<moduleSets>
<moduleSet>
<includes></includes>
<sources>
<fileSets>
<fileSet>
<directory>src</directory>
<outputDirectory>src</outputDirectory>
<lineEnding>unix</lineEnding>
<useDefaultExcludes>true</useDefaultExcludes>
</fileSet>
<fileSet>
<lineEnding>unix</lineEnding>
<useDefaultExcludes>true</useDefaultExcludes>
<includes>
<include>*.xml</include>
</includes>
</fileSet>
<fileSet>
<lineEnding>unix</lineEnding>
<useDefaultExcludes>true</useDefaultExcludes>
<includes>
<include>*.xml</include>
</includes>
</fileSet>
<fileSet>
<lineEnding>unix</lineEnding>
<directory>target/site/apidocs/</directory>
<useDefaultExcludes>true</useDefaultExcludes>
<outputDirectory>docs</outputDirectory>
<includes>
<include>**/*</include>
</includes>
</fileSet>
</fileSets>
<fileSet>
<lineEnding>unix</lineEnding>
<directory>target/site/apidocs/</directory>
<useDefaultExcludes>true</useDefaultExcludes>
<outputDirectory>docs</outputDirectory>
<includes>
<include>**/*</include>
</includes>
</fileSet>
</fileSets>
<includeModuleDirectory>true</includeModuleDirectory>
<useDefaultExcludes>true</useDefaultExcludes>
</sources>
<binaries>
<outputDirectory>modules</outputDirectory>
<includeDependencies>true</includeDependencies>
<unpack>false</unpack>
<useDefaultExcludes>true</useDefaultExcludes>
<includes />
</binaries>
</moduleSet>
</moduleSets>
<includeModuleDirectory>true</includeModuleDirectory>
<useDefaultExcludes>true</useDefaultExcludes>
</sources>
<binaries>
<outputDirectory>modules</outputDirectory>
<includeDependencies>true</includeDependencies>
<unpack>false</unpack>
<useDefaultExcludes>true</useDefaultExcludes>
<includes/>
</binaries>
</moduleSet>
</moduleSets>
</assembly>

32
cas-client-core/src/main/java/org/jasig/cas/client/authentication/AuthenticationFilter.java
View File

@ -18,21 +18,16 @@
*/
package org.jasig.cas.client.authentication;
import java.io.IOException;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.jasig.cas.client.util.AbstractCasFilter;
import org.jasig.cas.client.util.CommonUtils;
import org.jasig.cas.client.util.ReflectUtils;
import org.jasig.cas.client.validation.Assertion;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
/**
* Filter implementation to intercept all requests and attempt to authenticate
* the user by redirecting them to CAS (unless the user has a ticket).
@ -66,7 +61,7 @@ public class AuthenticationFilter extends AbstractCasFilter {
* Whether to send the gateway request or not.
*/
private boolean gateway = false;
private GatewayResolver gatewayStorage = new DefaultGatewayResolverImpl();
private AuthenticationRedirectStrategy authenticationRedirectStrategy = new DefaultAuthenticationRedirectStrategy();
@ -87,7 +82,8 @@ public class AuthenticationFilter extends AbstractCasFilter {
this.gatewayStorage = ReflectUtils.newInstance(gatewayStorageClass);
}
final String authenticationRedirectStrategyClass = getPropertyFromInitParams(filterConfig, "authenticationRedirectStrategyClass", null);
final String authenticationRedirectStrategyClass = getPropertyFromInitParams(filterConfig,
"authenticationRedirectStrategyClass", null);
if (authenticationRedirectStrategyClass != null) {
this.authenticationRedirectStrategy = ReflectUtils.newInstance(authenticationRedirectStrategyClass);
@ -100,7 +96,8 @@ public class AuthenticationFilter extends AbstractCasFilter {
CommonUtils.assertNotNull(this.casServerLoginUrl, "casServerLoginUrl cannot be null.");
}
public final void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse, final FilterChain filterChain) throws IOException, ServletException {
public final void doFilter(final ServletRequest servletRequest, final ServletResponse servletResponse,
final FilterChain filterChain) throws IOException, ServletException {
final HttpServletRequest request = (HttpServletRequest) servletRequest;
final HttpServletResponse response = (HttpServletResponse) servletResponse;
final HttpSession session = request.getSession(false);
@ -130,9 +127,10 @@ public class AuthenticationFilter extends AbstractCasFilter {
modifiedServiceUrl = serviceUrl;
}
logger.debug("Constructed service url: {}", modifiedServiceUrl);
logger.debug("Constructed service url: {}", modifiedServiceUrl);
final String urlToRedirectTo = CommonUtils.constructRedirectUrl(this.casServerLoginUrl, getServiceParameterName(), modifiedServiceUrl, this.renew, this.gateway);
final String urlToRedirectTo = CommonUtils.constructRedirectUrl(this.casServerLoginUrl,
getServiceParameterName(), modifiedServiceUrl, this.renew, this.gateway);
logger.debug("redirecting to \"{}\"", urlToRedirectTo);
this.authenticationRedirectStrategy.redirect(request, response, urlToRedirectTo);
@ -149,8 +147,8 @@ public class AuthenticationFilter extends AbstractCasFilter {
public final void setCasServerLoginUrl(final String casServerLoginUrl) {
this.casServerLoginUrl = casServerLoginUrl;
}
public final void setGatewayStorage(final GatewayResolver gatewayStorage) {
this.gatewayStorage = gatewayStorage;
this.gatewayStorage = gatewayStorage;
}
}

9
cas-client-core/src/main/java/org/jasig/cas/client/validation/AbstractTicketValidationFilter.java
View File

@ -60,7 +60,7 @@ public abstract class AbstractTicketValidationFilter extends AbstractCasFilter {
private boolean redirectAfterValidation = true;
/** Determines whether an exception is thrown when there is a ticket validation failure. */
private boolean exceptionOnValidationFailure = true;
private boolean exceptionOnValidationFailure = false;
/**
* Specify whether the Assertion should be stored in a session
@ -126,7 +126,7 @@ public abstract class AbstractTicketValidationFilter extends AbstractCasFilter {
protected void initInternal(final FilterConfig filterConfig) throws ServletException {
setExceptionOnValidationFailure(parseBoolean(getPropertyFromInitParams(filterConfig,
"exceptionOnValidationFailure", "true")));
"exceptionOnValidationFailure", "false")));
logger.trace("Setting exceptionOnValidationFailure parameter: {}", this.exceptionOnValidationFailure);
setRedirectAfterValidation(parseBoolean(getPropertyFromInitParams(filterConfig, "redirectAfterValidation",
"true")));
@ -221,8 +221,7 @@ public abstract class AbstractTicketValidationFilter extends AbstractCasFilter {
return;
}
} catch (final TicketValidationException e) {
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
logger.warn(e.getMessage(), e);
logger.debug(e.getMessage(), e);
onFailedValidation(request, response);
@ -230,7 +229,7 @@ public abstract class AbstractTicketValidationFilter extends AbstractCasFilter {
throw new ServletException(e);
}
response.sendError(HttpServletResponse.SC_FORBIDDEN);
response.sendError(HttpServletResponse.SC_FORBIDDEN, e.getMessage());
return;
}

48
cas-client-core/src/test/java/org/jasig/cas/client/authentication/AuthenticationFilterTests.java
View File

@ -18,27 +18,20 @@
*/
package org.jasig.cas.client.authentication;
import static org.junit.Assert.*;
import java.io.IOException;
import java.lang.reflect.Field;
import java.net.URLEncoder;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.jasig.cas.client.util.AbstractCasFilter;
import org.jasig.cas.client.validation.AssertionImpl;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.springframework.mock.web.MockFilterConfig;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.mock.web.MockHttpSession;
import org.springframework.mock.web.MockServletContext;
import static org.junit.Assert.*;
import org.springframework.mock.web.*;
/**
* Tests for the AuthenticationFilter.
@ -77,8 +70,7 @@ public final class AuthenticationFilterTests {
final MockHttpServletResponse response = new MockHttpServletResponse();
final FilterChain filterChain = new FilterChain() {
public void doFilter(ServletRequest arg0, ServletResponse arg1)
throws IOException, ServletException {
public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException {
// nothing to do
}
};
@ -86,9 +78,8 @@ public final class AuthenticationFilterTests {
request.setSession(session);
this.filter.doFilter(request, response, filterChain);
assertEquals(CAS_LOGIN_URL + "?service="
+ URLEncoder.encode(CAS_SERVICE_URL, "UTF-8"), response
.getRedirectedUrl());
assertEquals(CAS_LOGIN_URL + "?service=" + URLEncoder.encode(CAS_SERVICE_URL, "UTF-8"),
response.getRedirectedUrl());
}
@Test
@ -101,8 +92,7 @@ public final class AuthenticationFilterTests {
request.setSecure(true);
final FilterChain filterChain = new FilterChain() {
public void doFilter(ServletRequest arg0, ServletResponse arg1)
throws IOException, ServletException {
public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException {
// nothing to do
}
};
@ -117,11 +107,12 @@ public final class AuthenticationFilterTests {
this.filter.doFilter(request, response, filterChain);
assertEquals(CAS_LOGIN_URL
+ "?service="
+ URLEncoder.encode("https://localhost:8443"
+ request.getRequestURI() + "?" + request.getQueryString(),
"UTF-8"), response.getRedirectedUrl());
assertEquals(
CAS_LOGIN_URL
+ "?service="
+ URLEncoder.encode(
"https://localhost:8443" + request.getRequestURI() + "?" + request.getQueryString(),
"UTF-8"), response.getRedirectedUrl());
}
@Test
@ -131,15 +122,13 @@ public final class AuthenticationFilterTests {
final MockHttpServletResponse response = new MockHttpServletResponse();
final FilterChain filterChain = new FilterChain() {
public void doFilter(ServletRequest arg0, ServletResponse arg1)
throws IOException, ServletException {
public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException {
// nothing to do
}
};
request.setSession(session);
session.setAttribute(AbstractCasFilter.CONST_CAS_ASSERTION,
new AssertionImpl("test"));
session.setAttribute(AbstractCasFilter.CONST_CAS_ASSERTION, new AssertionImpl("test"));
this.filter.doFilter(request, response, filterChain);
assertNull(response.getRedirectedUrl());
@ -152,8 +141,7 @@ public final class AuthenticationFilterTests {
final MockHttpServletResponse response = new MockHttpServletResponse();
final FilterChain filterChain = new FilterChain() {
public void doFilter(ServletRequest arg0, ServletResponse arg1)
throws IOException, ServletException {
public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException {
// nothing to do
}
};
@ -173,8 +161,7 @@ public final class AuthenticationFilterTests {
final MockHttpServletResponse response = new MockHttpServletResponse();
final FilterChain filterChain = new FilterChain() {
public void doFilter(ServletRequest arg0, ServletResponse arg1)
throws IOException, ServletException {
public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException {
// nothing to do
}
};
@ -226,7 +213,8 @@ public final class AuthenticationFilterTests {
final MockServletContext context = new MockServletContext();
context.addInitParameter("casServerLoginUrl", "https://cas.example.com/login");
context.addInitParameter("service", "https://localhost:8443/service");
context.addInitParameter("authenticationRedirectStrategyClass", "org.jasig.cas.client.authentication.FacesCompatibleAuthenticationRedirectStrategy");
context.addInitParameter("authenticationRedirectStrategyClass",
"org.jasig.cas.client.authentication.FacesCompatibleAuthenticationRedirectStrategy");
f.init(new MockFilterConfig(context));
}
}

36
cas-client-core/src/test/resources/cas20ProxyTicketValidator.xml
View File

@ -23,23 +23,23 @@
xmlns:p="http://www.springframework.org/schema/p"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">
<bean id="proxyTicketValidator"
class="org.jasig.cas.client.validation.Cas20ProxyTicketValidator">
<constructor-arg index="0" value="http://localhost:8089/" />
<property name="allowedProxyChains">
<value>
test test2 test3 test4 test5
mytest mytest1 mytest2 mytest3
proxy1 proxy2 proxy3
</value>
</property>
<property name="proxyCallbackUrl" value="https://localhost:8443/test" />
<property name="renew" value="true" />
<bean id="proxyTicketValidator"
class="org.jasig.cas.client.validation.Cas20ProxyTicketValidator">
<constructor-arg index="0" value="http://localhost:8089/"/>
<property name="allowedProxyChains">
<value>
test test2 test3 test4 test5
mytest mytest1 mytest2 mytest3
proxy1 proxy2 proxy3
</value>
</property>
<property name="proxyCallbackUrl" value="https://localhost:8443/test"/>
<property name="renew" value="true"/>
</bean>
<bean id="proxyTicketValidatorWithAllowAnyProxy"
class="org.jasig.cas.client.validation.Cas20ProxyTicketValidator"
p:acceptAnyProxy="true">
<constructor-arg index="0" value="http://localhost:8089/"/>
</bean>
<bean id="proxyTicketValidatorWithAllowAnyProxy"
class="org.jasig.cas.client.validation.Cas20ProxyTicketValidator"
p:acceptAnyProxy="true">
<constructor-arg index="0" value="http://localhost:8089/" />
</bean>
</beans>

18
src/licensing/header-definitions.xml
View File

@ -1,12 +1,12 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<additionalHeaders>
<javadoc_style>
<firstLine>/*</firstLine>
<beforeEachLine> * </beforeEachLine>
<endLine> */</endLine>
<firstLineDetectionPattern>( |\t)*/\*( |\t)*$</firstLineDetectionPattern>
<lastLineDetectionPattern>( |\t)*\*/( |\t)*$</lastLineDetectionPattern>
<allowBlankLines>true</allowBlankLines>
<isMultiline>true</isMultiline>
</javadoc_style>
<javadoc_style>
<firstLine>/*</firstLine>
<beforeEachLine>*</beforeEachLine>
<endLine>*/</endLine>
<firstLineDetectionPattern>( |\t)*/\*( |\t)*$</firstLineDetectionPattern>
<lastLineDetectionPattern>( |\t)*\*/( |\t)*$</lastLineDetectionPattern>
<allowBlankLines>true</allowBlankLines>
<isMultiline>true</isMultiline>
</javadoc_style>
</additionalHeaders>