001/* 002 * Copyright (c) 2000-2003 Yale University. All rights reserved. 003 * 004 * THIS SOFTWARE IS PROVIDED "AS IS," AND ANY EXPRESS OR IMPLIED 005 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 006 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, ARE EXPRESSLY 007 * DISCLAIMED. IN NO EVENT SHALL YALE UNIVERSITY OR ITS EMPLOYEES BE 008 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 009 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED, THE COSTS OF 010 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA OR 011 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 012 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 013 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 014 * SOFTWARE, EVEN IF ADVISED IN ADVANCE OF THE POSSIBILITY OF SUCH 015 * DAMAGE. 016 * 017 * Redistribution and use of this software in source or binary forms, 018 * with or without modification, are permitted, provided that the 019 * following conditions are met: 020 * 021 * 1. Any redistribution must include the above copyright notice and 022 * disclaimer and this list of conditions in any related documentation 023 * and, if feasible, in the redistributed software. 024 * 025 * 2. Any redistribution must include the acknowledgment, "This product 026 * includes software developed by Yale University," in any related 027 * documentation and, if feasible, in the redistributed software. 028 * 029 * 3. The names "Yale" and "Yale University" must not be used to endorse 030 * or promote products derived from this software. 031 */ 032 033package edu.yale.its.tp.cas.client; 034 035import java.util.ArrayList; 036import java.util.List; 037 038import org.xml.sax.Attributes; 039import org.xml.sax.SAXException; 040import org.xml.sax.helpers.DefaultHandler; 041 042/** 043 * Validates PTs and optionally retrieves PGT IOUs. Subclassed instead of collapsed into parent because we don't want 044 * users to accidentally accept a proxy ticket when they mean only to accept service tickets. That is, proxy targets 045 * need to know that they're proxy targets, not first-level web applications. 046 */ 047public class ProxyTicketValidator extends ServiceTicketValidator { 048 049 // ********************************************************************* 050 // Additive state 051 052 protected List proxyList; 053 054 // ********************************************************************* 055 // Accessors 056 057 /** 058 * Retrieves a list of proxies involved in the current authentication. 059 */ 060 public List getProxyList() { 061 return proxyList; 062 } 063 064 // ********************************************************************* 065 // Response parser 066 067 protected DefaultHandler newHandler() { 068 return new ProxyHandler(); 069 } 070 071 protected class ProxyHandler extends ServiceTicketValidator.Handler { 072 073 // ********************************************** 074 // Constants 075 076 protected static final String PROXIES = "cas:proxies"; 077 078 protected static final String PROXY = "cas:proxy"; 079 080 // ********************************************** 081 // Parsing state 082 083 protected List proxyList = new ArrayList(); 084 085 protected boolean proxyFragment = false; 086 087 // ********************************************** 088 // Parsing logic 089 090 public void startElement(String ns, String ln, String qn, Attributes a) { 091 super.startElement(ns, ln, qn, a); 092 if (authenticationSuccess && qn.equals(PROXIES)) 093 proxyFragment = true; 094 } 095 096 public void endElement(String ns, String ln, String qn) throws SAXException { 097 super.endElement(ns, ln, qn); 098 if (qn.equals(PROXIES)) 099 proxyFragment = false; 100 else if (proxyFragment && qn.equals(PROXY)) 101 proxyList.add(currentText.toString().trim()); 102 } 103 104 public void endDocument() throws SAXException { 105 super.endDocument(); 106 if (authenticationSuccess) 107 ProxyTicketValidator.this.proxyList = proxyList; 108 } 109 } 110 111 // ********************************************************************* 112 // Utility methods 113 114 /** 115 * Clears internally manufactured state. 116 */ 117 protected void clear() { 118 super.clear(); 119 proxyList = null; 120 } 121 122}