1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.mycore.user2.login;
20
21 import org.apache.logging.log4j.LogManager;
22 import org.apache.logging.log4j.Logger;
23 import org.jasig.cas.client.authentication.AttributePrincipal;
24 import org.jasig.cas.client.validation.Assertion;
25 import org.jasig.cas.client.validation.Cas20ProxyTicketValidator;
26 import org.mycore.common.MCRSessionMgr;
27 import org.mycore.common.config.MCRConfiguration2;
28 import org.mycore.frontend.servlets.MCRServlet;
29 import org.mycore.frontend.servlets.MCRServletJob;
30 import org.mycore.user2.MCRUser;
31 import org.mycore.user2.MCRUser2Constants;
32 import org.mycore.user2.MCRUserManager;
33
34 import jakarta.servlet.ServletException;
35 import jakarta.servlet.http.HttpServletRequest;
36 import jakarta.servlet.http.HttpServletResponse;
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65 public class MCRCASServlet extends MCRServlet {
66 private static final long serialVersionUID = 1L;
67
68
69 private static Logger LOGGER = LogManager.getLogger();
70
71
72 private String clientURL;
73
74
75 private String serverURL;
76
77
78 private String realmID;
79
80 @Override
81 public void init() throws ServletException {
82 super.init();
83
84 clientURL = MCRConfiguration2.getStringOrThrow(MCRUser2Constants.CONFIG_PREFIX + "CAS.ClientURL");
85 serverURL = MCRConfiguration2.getStringOrThrow(MCRUser2Constants.CONFIG_PREFIX + "CAS.ServerURL");
86 realmID = MCRConfiguration2.getStringOrThrow(MCRUser2Constants.CONFIG_PREFIX + "CAS.RealmID");
87
88
89 String trustStore = MCRConfiguration2.getStringOrThrow(MCRUser2Constants.CONFIG_PREFIX + "CAS.SSL.TrustStore");
90 String trustStorePassword = MCRConfiguration2
91 .getStringOrThrow(MCRUser2Constants.CONFIG_PREFIX + "CAS.SSL.TrustStore.Password");
92
93 System.setProperty("javax.net.ssl.trustStore", trustStore);
94 System.setProperty("javax.net.ssl.trustStorePassword", trustStorePassword);
95 }
96
97 public void doGetPost(MCRServletJob job) throws Exception {
98 HttpServletRequest req = job.getRequest();
99 HttpServletResponse res = job.getResponse();
100
101 String ticket = req.getParameter("ticket");
102 if ((ticket == null) || (ticket.trim().length() == 0)) {
103 res.sendError(HttpServletResponse.SC_BAD_REQUEST);
104 return;
105 }
106
107
108 Cas20ProxyTicketValidator sv = new Cas20ProxyTicketValidator(serverURL);
109 sv.setAcceptAnyProxy(true);
110 Assertion a = sv.validate(ticket, clientURL);
111 AttributePrincipal principal = a.getPrincipal();
112
113
114 String userName = principal.getName();
115 LOGGER.info("Login {}", userName);
116
117 MCRUser user;
118 boolean userExists = MCRUserManager.exists(userName, realmID);
119 if (userExists) {
120 user = MCRUserManager.getUser(userName, realmID);
121 } else {
122 user = new MCRUser(userName, realmID);
123 }
124
125
126 boolean userChanged = MCRLDAPClient.instance().updateUserProperties(user);
127 if (userChanged && userExists) {
128 MCRUserManager.updateUser(user);
129 }
130
131
132 MCRSessionMgr.getCurrentSession().setUserInformation(user);
133
134 req.changeSessionId();
135 MCRLoginServlet.redirect(res);
136 }
137 }