Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
  package hudson.plugins.collabnet.auth;
  
  
 
 
 
Class for filtering CollabNet auth information for SSO.
 
 public class CNFilter implements Filter {
     private static Logger log = Logger.getLogger("CNFilter");
 
     public void init(FilterConfig filterConfig) {
     }

    
Filter for the CollabNet plugin. Handles 2 separate tasks: 1. Attempts to use CollabNet tokens to login (if they are present and we're not currently authed.). 2. If we have not yet logged into the CollabNet server, redirect to the CollabNet server and login.

Parameters:
request
reponse
chain remaining filters to handle.
 
     public void doFilter(ServletRequest requestServletResponse response
                          FilterChain chainthrows IOException
                                                    ServletException {
         // check if we're already authenticated
         Authentication auth = Hudson.getAuthentication();
         // check if we're in the CollabNetSecurity Realm
         SecurityRealm securityRealm = Hudson.getInstance().getSecurityRealm();
         if (Hudson.getInstance().isUseSecurity() && 
             (!auth.isAuthenticated() || 
              auth.getPrincipal().equals("anonymous")) 
             && securityRealm instanceof CollabNetSecurityRealm) {
             this.attemptSFLogin((CollabNetSecurityRealm)securityRealm
                                 requestresponse);
         } else if (Hudson.getInstance().isUseSecurity() && 
                    securityRealm instanceof CollabNetSecurityRealm &&
                    auth instanceof CNAuthentication &&
                    !((CNAuthenticationauth).isCNAuthed()) {
             this.doSFAuth((CNAuthenticationauth
                           (CollabNetSecurityRealm)securityRealm,
                           (HttpServletRequestrequest
                           (HttpServletResponseresponsechain);
             return;            
         } 
  
         chain.doFilter(requestresponse);
     }

    
Catch SSO data from CollabNet if data is present, and automatically login. Used when the Hudson server is setup as a linked application in the CollabNet server. The CollabNet server will sent 2 parameters: sfUsername and sfLoginToken. The token is a one-time token that can be used to initiate a SOAP session and set authentication.

Parameters:
securityRealm
request
response
 
     private void attemptSFLogin(CollabNetSecurityRealm securityRealm
                                 ServletRequest request
                                 ServletResponse response) {
         String url = securityRealm.getCollabNetUrl();
         String username = request.getParameter("sfUsername");
         String token = request.getParameter("sfLoginToken");
         if (username != null && token != null) {
             CollabNetApp ca = new CollabNetApp(urlusername);
             try {
                 ca.loginWithToken(token);
                 Authentication cnauthentication = 
                     new CNAuthentication(usernameca);
                 // ensure that a session exists before we set context in it
                 // see artf42298
                 ((HttpServletRequest)request).getSession(true);
                SecurityContextHolder.getContext().
                    setAuthentication(cnauthentication);
            } catch (RemoteException re) {
                // login failed, but continue
                .severe("Login failed with RemoteException: " + 
                           re.getMessage());
            }
        } 
    }
    
    
Redirect to the CollabNet Server to login there, and then redirect back to our original location.

Parameters:
auth
securityRealm
req
rsp
chain
Throws:
java.io.IOException
javax.servlet.ServletException
    private void doSFAuth(CNAuthentication auth
                          CollabNetSecurityRealm securityRealm
                          HttpServletRequest reqHttpServletResponse rsp
                          FilterChain chainthrows IOException
                                                    ServletException {
        auth.setCNAuthed(true);
        String reqUrl = getCurrentUrl(req);
        String collabNetUrl = securityRealm.getCollabNetUrl();
        String username = (String)auth.getPrincipal();
        String id = ((CNAuthenticationauth).getSessionId();
        String cnauthUrl = collabNetUrl + "/sf/sfmain/do/soapredirect?id=" 
            + URLEncoder.encode(id"UTF-8") + "&user=" + 
            URLEncoder.encode(username,"UTF-8")+"&redirectUrl=" + 
            URLEncoder.encode(reqUrl,"UTF-8");
        // prepare a redirect
        rsp.setHeader("Location"cnauthUrl);
        
    }

    

Parameters:
req the servlet request to pull data from, if root url is unset.
useReferer if true, use the referer to get the base URL.
Returns:
the best guess for the current base URL (i.e. just the scheme, server, port).
    public static String getCurrentBaseUrl(HttpServletRequest req) {
        StringBuilder url = new StringBuilder();
        
        // Use the user configured url, if available.
        String rootUrl = Hudson.getInstance().getRootUrl();
        if (rootUrl != null) {
            url.append(rootUrl);
        }else {
            // otherwise, use the request
            url.append(req.getScheme());
            url.append("://");
            url.append(req.getServerName());
            if (req.getServerPort() != 80) {
                url.append(':').append(req.getServerPort());
            }
        }
        return url.toString();
    }
    
    

Returns:
the best guess for the current full URL. It will use the "referer" field from the request to determine the url, if it is present.
    public static String getCurrentUrl(HttpServletRequest req) {
        StringBuilder url = new StringBuilder(getCurrentBaseUrl(req));
        if (req.getContextPath() != null) {
            url.append(req.getContextPath());
        }
        if (req.getRequestURI() != null) {
            url.append(req.getRequestURI());
        }
        if (req.getQueryString() != null) {
            url.append("?" + req.getQueryString());
        }
        return url.toString();
    }
        
    // destroy is currently a no-op
    public void destroy() {
    } 
New to GrepCode? Check out our FAQ X