diff options
author | Emmanuel Raviart <eraviart@entrouvert.com> | 2004-09-08 00:44:52 +0000 |
---|---|---|
committer | Emmanuel Raviart <eraviart@entrouvert.com> | 2004-09-08 00:44:52 +0000 |
commit | 5b7353c5f8cc2545aea69b49d2df6c6a32ea03a1 (patch) | |
tree | bd6adb63263f59e8de92a3e3357332bcb7d1caad | |
parent | fd9574d0becacec6e0b85e0b7af842cfd3a71592 (diff) | |
download | lasso-5b7353c5f8cc2545aea69b49d2df6c6a32ea03a1.tar.gz lasso-5b7353c5f8cc2545aea69b49d2df6c6a32ea03a1.tar.xz lasso-5b7353c5f8cc2545aea69b49d2df6c6a32ea03a1.zip |
Restructured ColdFusion code. Added single logout code. Both single sign-on
and single logout work.
-rw-r--r-- | java/coldfusion/src/CFLassoSingleLogout.java | 98 | ||||
-rw-r--r-- | java/coldfusion/src/CFLassoSingleSignOn.java (renamed from java/coldfusion/src/CFLasso.java) | 35 | ||||
-rw-r--r-- | java/coldfusion/web/assertionConsumer.cfm | 11 | ||||
-rw-r--r-- | java/coldfusion/web/singleLogout.cfm | 40 | ||||
-rw-r--r-- | java/coldfusion/web/singleSignOn.cfm | 8 |
5 files changed, 170 insertions, 22 deletions
diff --git a/java/coldfusion/src/CFLassoSingleLogout.java b/java/coldfusion/src/CFLassoSingleLogout.java new file mode 100644 index 00000000..588c97dd --- /dev/null +++ b/java/coldfusion/src/CFLassoSingleLogout.java @@ -0,0 +1,98 @@ +/* + * ColdFusionLasso -- ColdFusion bindings for Lasso library + * + * Copyright (C) 2004 Entr'ouvert + * http://lasso.entrouvert.org + * + * Authors: Emmanuel Raviart <eraviart@entrouvert.com> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + + +import com.entrouvert.lasso.AuthnRequest; +import com.entrouvert.lasso.Identity; +import com.entrouvert.lasso.lassoConstants; +import com.entrouvert.lasso.lasso; +import com.entrouvert.lasso.Logout; +import com.entrouvert.lasso.Server; +import com.entrouvert.lasso.Session; + + +public class CFLassoSingleLogout { + /* A simple service provider single logout */ + + protected Logout logout = null; + protected Server server = null; + + public String idpProviderId = null; + + public void buildRequestMsg() { + logout.buildRequestMsg(); + } + + public void configure(String metadataPath, String publicKeyPath, String privateKeyPath, + String idpProviderId, String idpMetadataPath, String idpPublicKeyPath) { + server = new Server(metadataPath, publicKeyPath, privateKeyPath, null, + lassoConstants.signatureMethodRsaSha1); + this.idpProviderId = idpProviderId; + server.addProvider(idpMetadataPath, idpPublicKeyPath, null); + logout = new Logout(server, lassoConstants.providerTypeSp); + } + + public String getIdentityDump() { + Identity identity = logout.getIdentity(); + if (identity != null) + return identity.dump(); + else + return null; + } + + public String getMsgBody() { + return logout.getMsgBody(); + } + + public String getMsgUrl() { + return logout.getMsgUrl(); + } + + public String getNameIdentifier() { + return logout.getNameIdentifier(); + } + + public String getSessionDump() { + Session session = logout.getSession(); + if (session != null) + return session.dump(); + else + return null; + } + + public void initRequest() { + logout.initRequest(idpProviderId, lassoConstants.httpMethodAny); + } + + public void processResponseMsg(String responseMsg) { + logout.processResponseMsg(responseMsg, lassoConstants.httpMethodSoap); + } + + public void setIdentityFromDump(String identityDump) { + logout.setIdentityFromDump(identityDump); + } + + public void setSessionFromDump(String sessionDump) { + logout.setSessionFromDump(sessionDump); + } +} diff --git a/java/coldfusion/src/CFLasso.java b/java/coldfusion/src/CFLassoSingleSignOn.java index 9233379c..cfcff127 100644 --- a/java/coldfusion/src/CFLasso.java +++ b/java/coldfusion/src/CFLassoSingleSignOn.java @@ -26,14 +26,14 @@ * Simple wrapper for JLasso, to ease its use by ColdFusion applications. * * To compile it: - * $ javac -classpath ../../lasso.jar CFLasso.java + * $ javac -classpath ../../lasso.jar *.java * * To test it: * $ export LD_LIBRARY_PATH=../../.libs/ - * $ java -classpath ../../lasso.jar:. CFLasso + * $ java -classpath ../../lasso.jar:. CFLassoLogin * * To use it: - * $ jar cf CFLasso.jar CFLasso.class + * $ jar cf CFLasso.jar *.class * edit ColdFusion file bin/jvm.config: * - Add libjlasso.so directory to java.library.path variable. * - Add lasso.jar & CFLasso.jar to java.class.path variable. @@ -48,8 +48,8 @@ import com.entrouvert.lasso.Server; import com.entrouvert.lasso.Session; -public class CFLasso { - /* A simple service provider */ +public class CFLassoSingleSignOn { + /* A simple service provider single sign-on */ protected Login login = null; protected Server server = null; @@ -60,9 +60,11 @@ public class CFLasso { login.acceptSso(); } - public void assertionConsumer(String queryString) { - login = new Login(server); - login.initRequest(queryString, lassoConstants.httpMethodRedirect); + public void buildAuthnRequestMsg() { + login.buildAuthnRequestMsg(idpProviderId); + } + + public void buildRequestMsg() { login.buildRequestMsg(); } @@ -72,6 +74,7 @@ public class CFLasso { lassoConstants.signatureMethodRsaSha1); this.idpProviderId = idpProviderId; server.addProvider(idpMetadataPath, idpPublicKeyPath, null); + login = new Login(server); } public String getIdentityDump() { @@ -106,11 +109,10 @@ public class CFLasso { return null; } - public String login(String relayState) { + public void initAuthnRequest(String relayState) { AuthnRequest authnRequest; String authnRequestUrl; - login = new Login(server); login.initAuthnRequest(lassoConstants.httpMethodRedirect); authnRequest = login.getAuthnRequest(); authnRequest.setIsPassive(false); @@ -118,20 +120,23 @@ public class CFLasso { authnRequest.setConsent(lassoConstants.libConsentObtained); if (relayState != null) authnRequest.setRelayState(relayState); - login.buildAuthnRequestMsg(idpProviderId); - authnRequestUrl = login.getMsgUrl(); - return authnRequestUrl; + } + + public void initRequest(String queryString) { + login.initRequest(queryString, lassoConstants.httpMethodRedirect); } static public void main(String [] args) { - CFLasso lasso = new CFLasso(); + CFLassoSingleSignOn lasso = new CFLassoSingleSignOn(); lasso.configure("../../../tests/data/sp2-la/metadata.xml", "../../../tests/data/sp2-la/public-key.pem", "../../../tests/data/sp2-la/private-key-raw.pem", "https://idp2/metadata", "../../../tests/data/idp2-la/metadata.xml", "../../../tests/data/idp2-la/public-key.pem"); - String ssoUrl = lasso.login("data to get back"); + lasso.initAuthnRequest("data-to-get-back"); + lasso.buildAuthnRequestMsg(); + String ssoUrl = lasso.getMsgUrl(); System.out.println("Test"); System.out.print("Identity provider single sign-on URL = "); System.out.println(ssoUrl); diff --git a/java/coldfusion/web/assertionConsumer.cfm b/java/coldfusion/web/assertionConsumer.cfm index 37c2b878..d942318e 100644 --- a/java/coldfusion/web/assertionConsumer.cfm +++ b/java/coldfusion/web/assertionConsumer.cfm @@ -10,10 +10,11 @@ <cfset properties=sys.getProperties()> <cfdump var="#properties#"> --> - <cfobject action="create" type="Java" class="CFLasso" name="lasso"> + <cfobject action="create" type="Java" class="CFLassoSingleSignOn" name="lasso"> <cfset lasso.init()> <cfset lasso.configure("/opt/coldfusionmx/wwwroot/lasso/data/metadata.xml", "/opt/coldfusionmx/wwwroot/lasso/data/public-key-la.pem", "/opt/coldfusionmx/wwwroot/lasso/data/private-key-raw-la.pem", "https://idp2/metadata", "/opt/coldfusionmx/wwwroot/lasso/data/metadata-idp.xml", "/opt/coldfusionmx/wwwroot/lasso/data/idp2-la/public-key.pem")> - <cfset lasso.assertionConsumer(#QUERY_STRING#)> + <cfset lasso.initRequest(#QUERY_STRING#)> + <cfset lasso.buildRequestMsg()> <cfset soapUrl=lasso.getMsgUrl()> <cfset soapBody=lasso.getMsgBody()> <cfset relayState=lasso.getMsgRelayState()> @@ -30,13 +31,15 @@ <cfdump var="#cfhttp.fileContent#"> --> <cfset lasso.processResponseMsg(#cfhttp.fileContent#)> - <!-- TODO: Retrieve identity dump and session dump in your users and sessions databases. --> + <cfset nameIdentifier=lasso.getNameIdentifier()> + <!-- TODO: Retrieve identity dump and session dump in your users and sessions databases, + using nameIdentifier to retrieve user and session. --> <!-- cfset lasso.setIdentityFromDump(#identityDump#) --> <!-- cfset lasso.setSessionFromDump(#sessionDump#) --> <cfset lasso.acceptSso()> <cfset identityDump=lasso.getIdentityDump()> <cfset sessionDump=lasso.getSessionDump()> - <!-- TODO: Store identity dump and session dump into your users and sessions databases.--> + <!-- TODO: Store identity dump and session dump into your users and sessions databases. --> <cfoutput> <p>User is now logged. RelayState = #relayState#</p> </cfoutput> diff --git a/java/coldfusion/web/singleLogout.cfm b/java/coldfusion/web/singleLogout.cfm new file mode 100644 index 00000000..f7928250 --- /dev/null +++ b/java/coldfusion/web/singleLogout.cfm @@ -0,0 +1,40 @@ +<html> + <head> + <title>Lasso Single Logout</title> + </head> + <body> + <h1>Lasso Single Logout</h1> + <cfobject action="create" type="Java" class="CFLassoSingleLogout" name="lasso"> + <cfset lasso.init()> + <cfset lasso.configure("/opt/coldfusionmx/wwwroot/lasso/data/metadata.xml", "/opt/coldfusionmx/wwwroot/lasso/data/public-key-la.pem", "/opt/coldfusionmx/wwwroot/lasso/data/private-key-raw-la.pem", "https://idp2/metadata", "/opt/coldfusionmx/wwwroot/lasso/data/metadata-idp.xml", "/opt/coldfusionmx/wwwroot/lasso/data/idp2-la/public-key.pem")> + <!-- TODO: Retrieve identity dump and session dump in your users and sessions databases. --> + <!-- cfset lasso.setIdentityFromDump(#identityDump#) --> + <!-- cfset lasso.setSessionFromDump(#sessionDump#) --> + <cfset lasso.initRequest()> + <cfset lasso.buildRequestMsg()> + <cfset soapUrl=lasso.getMsgUrl()> + <cfset soapBody=lasso.getMsgBody()> +<!-- + <cfdump var="#soapUrl#"> + <cfdump var="#soapBody#"> +--> + <cfhttp method="POST" url="#soapUrl#"> + <cfhttpparam type="XML" name="body" value="#soapBody#"> + </cfhttp> +<!-- + <cfdump var="#cfhttp.statuscode#"> + <cfdump var="#cfhttp.header#"> + <cfdump var="#cfhttp.fileContent#"> +--> + <cfset lasso.processResponseMsg(#cfhttp.fileContent#)> + <cfset nameIdentifier=lasso.getNameIdentifier()> + <cfset identityDump=lasso.getIdentityDump()> + <cfset sessionDump=lasso.getSessionDump()> + <!-- TODO: Store identity dump in your users database and remove session dump from sessions + database. --> + <cfoutput> + <p>User is now unlogged.</p> + </cfoutput> + </body> +</html> + diff --git a/java/coldfusion/web/singleSignOn.cfm b/java/coldfusion/web/singleSignOn.cfm index dbd40644..12a3181f 100644 --- a/java/coldfusion/web/singleSignOn.cfm +++ b/java/coldfusion/web/singleSignOn.cfm @@ -9,11 +9,13 @@ <cfset properties=sys.getProperties()> <cfdump var="#properties#"> --> - <cfobject action="create" type="Java" class="CFLasso" name="lasso"> + <cfobject action="create" type="Java" class="CFLassoSingleSignOn" name="lasso"> <cfset lasso.init()> <cfset lasso.configure("/opt/coldfusionmx/wwwroot/lasso/data/metadata.xml", "/opt/coldfusionmx/wwwroot/lasso/data/public-key-la.pem", "/opt/coldfusionmx/wwwroot/lasso/data/private-key-raw-la.pem", "https://idp2/metadata", "/opt/coldfusionmx/wwwroot/lasso/data/metadata-idp.xml", "/opt/coldfusionmx/wwwroot/lasso/data/idp2-la/public-key.pem")> - <cfset ssoUrl=lasso.login("important")> - <cfoutput>Identity provider single sing-on URL to redirect to = #ssoUrl#</cfoutput> + <cfset lasso.initAuthnRequest("important-string")> + <cfset lasso.buildAuthnRequestMsg()> + <cfset ssoUrl=lasso.getMsgUrl()> + <cfoutput><p>Identity provider single sing-on URL to redirect to = #ssoUrl#</p></cfoutput> <cflocation url=#ssoUrl#> </body> </html> |