001/*
002 * (C) Copyright 2006-2009 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *
016 * Contributors:
017 *     Nuxeo - initial API and implementation
018 *     Academie de Rennes - proxy CAS support
019 *
020 * $Id: JOOoConvertPluginImpl.java 18651 2007-05-13 20:28:53Z sfermigier $
021 */
022
023package org.nuxeo.ecm.platform.ui.web.auth.cas2;
024
025import java.io.IOException;
026import java.util.HashMap;
027import java.util.Map;
028
029import javax.servlet.http.Cookie;
030import javax.servlet.http.HttpServletRequest;
031import javax.servlet.http.HttpServletResponse;
032
033import org.apache.commons.logging.Log;
034import org.apache.commons.logging.LogFactory;
035import org.nuxeo.common.utils.URIUtils;
036import org.nuxeo.ecm.platform.ui.web.auth.NXAuthConstants;
037import org.nuxeo.ecm.platform.ui.web.auth.interfaces.NuxeoAuthenticationPlugin;
038import org.nuxeo.ecm.platform.ui.web.auth.plugins.AnonymousAuthenticator;
039import org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService;
040import org.nuxeo.runtime.api.Framework;
041
042/**
043 * Anonymous authenticator that redirect logout to CAS server authentication to connect to nuxeo.
044 *
045 * @author Benjamin JALON
046 */
047public class AnonymousAuthenticatorForCAS2 extends AnonymousAuthenticator {
048
049    protected static final Log log = LogFactory.getLog(AnonymousAuthenticatorForCAS2.class);
050
051    protected Cas2Authenticator casAuthenticator;
052
053    @Override
054    public Boolean handleLogout(HttpServletRequest httpRequest, HttpServletResponse httpResponse) {
055
056        boolean isRedirectionToCas = false;
057
058        Cookie[] cookies = httpRequest.getCookies();
059        for (Cookie cookie : cookies) {
060            if (NXAuthConstants.SSO_INITIAL_URL_REQUEST_KEY.equals(cookie.getName())) {
061                isRedirectionToCas = true;
062                break;
063            }
064        }
065
066        if (isRedirectionToCas) {
067            String authURL = getCas2Authenticator().getServiceURL(httpRequest, Cas2Authenticator.LOGIN_ACTION);
068            String appURL = getCas2Authenticator().getAppURL(httpRequest);
069
070            try {
071                Map<String, String> urlParameters = new HashMap<String, String>();
072                urlParameters.put("service", appURL);
073                String location = URIUtils.addParametersToURIQuery(authURL, urlParameters);
074                httpResponse.sendRedirect(location);
075                return true;
076            } catch (IOException e) {
077                log.error("Unable to redirect to CAS logout screen:", e);
078                return false;
079            }
080        }
081
082        return super.handleLogout(httpRequest, httpResponse);
083    }
084
085    public Cas2Authenticator getCas2Authenticator() {
086        if (casAuthenticator != null) {
087            return casAuthenticator;
088        }
089
090        PluggableAuthenticationService service = (PluggableAuthenticationService) Framework.getRuntime().getComponent(
091                PluggableAuthenticationService.NAME);
092        if (service == null) {
093            log.error("Can't get PluggableAuthenticationService");
094            return null;
095        }
096
097        NuxeoAuthenticationPlugin plugin = service.getPlugin("CAS2_AUTH");
098        if (plugin == null) {
099            log.error("Can't get Cas Authenticator from PluggableAuthenticationService");
100        }
101
102        casAuthenticator = (Cas2Authenticator) plugin;
103        return casAuthenticator;
104    }
105
106}