| | |
|---|
| | | import org.springframework.webflow.execution.Event; |
|---|
| | | import org.springframework.webflow.execution.RequestContext; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * @author Tanbin |
|---|
| | | * @date 2018-12-12 |
|---|
| | | */ |
|---|
| | | public class SendTicketGrantingTicketAction extends AbstractAction { |
|---|
| | | private static final Logger LOGGER = LoggerFactory.getLogger(SendTicketGrantingTicketAction.class); |
|---|
| | | |
|---|
| | |
|---|
| | | |
|---|
| | | private AuthenticationSystemSupport authenticationSystemSupport; |
|---|
| | | |
|---|
| | | private static String mRenew = "renew"; |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | protected Event doExecute(RequestContext context) { |
|---|
| | | String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(context); |
|---|
| | | String ticketGrantingTicketValueFromCookie = (String)context.getFlowScope().get("ticketGrantingTicketId"); |
|---|
| | | if (ticketGrantingTicketId == null) |
|---|
| | | if (ticketGrantingTicketId == null) { |
|---|
| | | return success(); |
|---|
| | | } |
|---|
| | | if (WebUtils.isAuthenticatingAtPublicWorkstation(context)) { |
|---|
| | | LOGGER.info("Authentication is at a public workstation. SSO cookie will not be generated. Subsequent requests will be challenged for authentication."); |
|---|
| | | } else if (!this.createSsoSessionCookieOnRenewAuthentications && isAuthenticationRenewed(context)) { |
|---|
| | |
|---|
| | | this.ticketGrantingTicketCookieGenerator.addCookie(WebUtils.getHttpServletRequest(context), |
|---|
| | | WebUtils.getHttpServletResponse(context), ticketGrantingTicketId); |
|---|
| | | } |
|---|
| | | if (ticketGrantingTicketValueFromCookie != null && !ticketGrantingTicketId.equals(ticketGrantingTicketValueFromCookie)) |
|---|
| | | if (ticketGrantingTicketValueFromCookie != null && !ticketGrantingTicketId.equals(ticketGrantingTicketValueFromCookie)) { |
|---|
| | | this.centralAuthenticationService.destroyTicketGrantingTicket(ticketGrantingTicketValueFromCookie); |
|---|
| | | } |
|---|
| | | return success(); |
|---|
| | | } |
|---|
| | | |
|---|
| | | public void setCreateSsoSessionCookieOnRenewAuthentications(boolean createSsoSessionCookieOnRenewAuthentications) { this.createSsoSessionCookieOnRenewAuthentications = createSsoSessionCookieOnRenewAuthentications; } |
|---|
| | | |
|---|
| | | private boolean isAuthenticationRenewed(RequestContext ctx) { |
|---|
| | | if (ctx.getRequestParameters().contains("renew")) { |
|---|
| | | if (ctx.getRequestParameters().contains(mRenew)) { |
|---|
| | | LOGGER.debug("[{}] is specified for the request. The authentication session will be considered renewed.", "renew"); |
|---|
| | | return true; |
|---|
| | | } |
|---|
