//@Override
        protected override string constructKey(HttpRequest request)
        {
            string username = request.getParameter(this.getUsernameParameter());

            if (username == null)
            {
                return request.getRemoteAddr();
            }

            return request.getRemoteAddr() + ";" + username.ToLower();
        }
Example #2
0
        /**
     * @return ModelAndView containing a view name of either
     * <code>casProxyFailureView</code> or <code>casProxySuccessView</code>
     */
        protected ModelAndView handleRequestInternal(
            HttpRequest request,  HttpResponse response)
        {
            string ticket = request.getParameter("pgt");
            Service targetService = this.getTargetService(request);

            if (!StringUtils.hasText(ticket) || targetService == null) {
                return this.generateErrorView("INVALID_REQUEST",
                                         "INVALID_REQUEST_PROXY", null);
            }

            try {
                return new ModelAndView(CONST_PROXY_SUCCESS, MODEL_SERVICE_TICKET,
                                        this.centralAuthenticationService.grantServiceTicket(ticket,
                                                                                             targetService));
            } catch (TicketException e) {
                return this.generateErrorView(e.getCode(), e.getCode(),
                                         new Object[] {ticket});
            } catch ( UnauthorizedServiceException e) {
                return this.generateErrorView("UNAUTHORIZED_SERVICE",
                                         "UNAUTHORIZED_SERVICE_PROXY", new Object[] {targetService});
            }
        }
        //@Override
        public bool preHandle(HttpRequest request, HttpResponse response, Object o)
        {
            // we only care about post because that's the only instance where we can get anything useful besides IP address.
            if (!"POST".Equals(request.HttpMethod))
            {
                return true;
            }

            if (this.exceedsThreshold(request))
            {
                this.recordThrottle(request);
                response.StatusCode = 403;//

                response.StatusDescription = ("Access Denied for user [" + request.getParameter(this.usernameParameter) + " from IP Address [" + ".." + "]");
                response.Flush();
                return false;
            }

            return true;
        }
        /**
     * Overrideable method to determine which credentials to use to grant a
     * proxy granting ticket. Default is to use the pgtUrl.
     * 
     * @param request the HttpRequest object.
     * @return the credentials or null if there was an error or no credentials
     * provided.
     */
        protected Credentials getServiceCredentialsFromRequest(HttpRequest request)
        {
            string pgtUrl = request.getParameter("pgtUrl");
            if (StringUtils.hasText(pgtUrl))
            {
                try
                {
                    return new HttpBasedServiceCredentials(new Uri(pgtUrl));
                }
                catch (Exception e)
                {
                    //logger.error("Error constructing pgtUrl", e);
                }
            }

            return null;
        }