Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
   * JBoss, Home of Professional Open Source.
   * Copyright 2012, Red Hat, Inc., and individual contributors
   * as indicated by the @author tags. See the copyright.txt file in the
   * distribution for a full listing of individual contributors.
   * This is free software; you can redistribute it and/or modify it
   * under the terms of the GNU Lesser General Public License as
   * published by the Free Software Foundation; either version 2.1 of
  * the License, or (at your option) any later version.
  * This software is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * Lesser General Public License for more details.
  * You should have received a copy of the GNU Lesser General Public
  * License along with this software; if not, write to the Free
  * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
  * 02110-1301 USA, or see the FSF site:
 package org.picketlink.identity.federation.bindings.jboss.auth;
 import java.util.Map;
 import  javax.servlet.http.HttpServletRequest;
This is not login module with full functionality. It just adds ability to get SAML token from http header specified by module option.

Peter Skopek: pskopek at redhat dot com
 public abstract class SAMLTokenFromHttpRequestAbstractLoginModule extends
         AbstractServerLoginModule {
     protected static final PicketLinkLogger logger = PicketLinkLoggerFactory.getLogger();
Specify which http header contains saml token. If null, default behavior will be used, credentials got from callback.
     private String samlTokenHttpHeader = null;

Regular expression to parse samlTokenHttpHeader to obtain saml token only. Token itself has to be Base64 encoded. Use .* to match whole content.
     private String samlTokenHttpHeaderRegEx = null;
     private Pattern pattern = null

Group which will be used to retrieve matched part of the token header content. Defaults to 0.
     private int samlTokenHttpHeaderRegExGroup = 0;
Key to specify token compression. Supported types: GZIP_TOKEN_ENCODING - gzip BASE64_TOKEN_ENCODING - base64 NONE_TOKEN_ENCODING - none
     public static final String TOKEN_ENCODING_TYPE_KEY = "tokenEncodingType";

Token encoding type: gzip
     public static final String GZIP_TOKEN_ENCODING = "gzip"

Token encoding type: none
     public static final String NONE_TOKEN_ENCODING = "none"

Token encoding type: base64
     public static final String BASE64_TOKEN_ENCODING = "base64"
    public static final String WEB_REQUEST_KEY = "javax.servlet.http.HttpServletRequest";
    public static final String REG_EX_PATTERN_KEY = "samlTokenHttpHeaderRegEx";
    public static final String REG_EX_GROUP_KEY = "samlTokenHttpHeaderRegExGroup";
    public static final String SAML_TOKEN_HTTP_HEADER_KEY = "samlTokenHttpHeader";
    protected SamlCredential getCredentialFromHttpRequest() throws Exception {
        HttpServletRequest request = (HttpServletRequest) PolicyContext.getContext();
        String encodedSamlToken = null;
        if ( != null && !.equals("")) {
            String content = request.getHeader();
            if (.isTraceEnabled()) {
                log.trace("http header with SAML token [" +  + "]=" + content);
            Matcher m = .matcher(content);
            encodedSamlToken =;
        else {
            encodedSamlToken = request.getHeader();
        if (.isTraceEnabled()) {
        String samlToken = null;
                ||  == null) {
            samlToken = encodedSamlToken;
        else { 
            // gzip and base64 encodings are handled in this Base64.decode call
            byte[] decompressed = Base64.decode(encodedSamlToken);
            samlToken = new String(decompressed);
        if (.isTraceEnabled()) {
            .trace("decoded samlToken="+samlToken);
        return new SamlCredential(samlToken);


the tokenEncoding
    public String getTokenEncoding() {
        return ;


the samlTokenHttpHeader
    public String getSamlTokenHttpHeader() {
        return ;


the samlTokenHttpHeaderRegEx
        return ;


the samlTokenHttpHeaderRegExGroup
    public int getSamlTokenHttpHeaderRegExGroup() {
        return ;
    /* (non-Javadoc)
     * @see,, java.util.Map, java.util.Map)
    public void initialize(Subject subjectCallbackHandler callbackHandler,
            Map<String, ?> sharedStateMap<String, ?> options) {
        String encoding = (String)this..get();
        if (encoding != null) {
            this. = encoding;
        if ( != null) {
            this. = Pattern.compile(.);
        String group = (String)this..get();
        if (group != null) {
             = Integer.parseInt(group);
New to GrepCode? Check out our FAQ X