import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.LoginException;
+import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.opensaml.util.URLBuilder;
import org.opensaml.xml.util.DatatypeHelper;
import org.opensaml.xml.util.Pair;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine;
-import edu.internet2.middleware.shibboleth.idp.authn.UsernamePrincipal;
import edu.internet2.middleware.shibboleth.idp.authn.LoginHandler;
+import edu.internet2.middleware.shibboleth.idp.authn.UsernamePrincipal;
/**
- * This servlet should be protected by a filter which populates REMOTE_USER. The serlvet will then set the remote user
+ * This Servlet should be protected by a filter which populates REMOTE_USER. The Servlet will then set the remote user
* field in a LoginContext.
*/
public class UsernamePasswordLoginServlet extends HttpServlet {
private final String passwordAttribute = "j_password";
/** {@inheritDoc} */
- public void init() {
+ public void init(ServletConfig config) throws ServletException {
+ super.init(config);
+
if (getInitParameter(jaasInitParam) != null) {
jaasConfigName = getInitParameter(jaasInitParam);
}
+
if (getInitParameter(loginPageInitParam) != null) {
loginPage = getInitParameter(loginPageInitParam);
}
+ if(!loginPage.startsWith("/")){
+ loginPage = "/" + loginPage;
+ }
}
/** {@inheritDoc} */
*/
protected void redirectToLoginPage(HttpServletRequest request, HttpServletResponse response,
List<Pair<String, String>> queryParams) {
- try {
- StringBuilder pathBuilder = new StringBuilder();
- pathBuilder.append(request.getContextPath());
- pathBuilder.append("/");
- pathBuilder.append(loginPage);
-
- URLBuilder urlBuilder = new URLBuilder();
- urlBuilder.setScheme(request.getScheme());
- urlBuilder.setHost(request.getServerName());
- urlBuilder.setPort(request.getServerPort());
- urlBuilder.setPath(pathBuilder.toString());
-
- if (queryParams == null) {
- queryParams = new ArrayList<Pair<String, String>>();
- }
-
- queryParams.add(new Pair<String, String>("actionUrl", request.getContextPath() + request.getServletPath()));
- urlBuilder.getQueryParams().addAll(queryParams);
+
+ String requestContext = DatatypeHelper.safeTrimOrNullString(request.getContextPath());
+ if(request == null){
+ requestContext = "/";
+ }
+ request.setAttribute("actionUrl", requestContext + request.getServletPath());
- log.debug("Redirecting to login page {}", urlBuilder.buildURL());
- response.sendRedirect(urlBuilder.buildURL());
- return;
+ if(queryParams != null){
+ for(Pair<String, String> param : queryParams){
+ request.setAttribute(param.getFirst(), param.getSecond());
+ }
+ }
+
+ try {
+ request.getRequestDispatcher(loginPage).forward(request, response);
+ log.debug("Redirecting to login page {}", loginPage);
} catch (IOException ex) {
log.error("Unable to redirect to login page.", ex);
+ }catch (ServletException ex){
+ log.error("Unable to redirect to login page.", ex);
}
}
<img src="<%= request.getContextPath() %>/images/logo.jpg" />
<h2>Shibboleth Identity Provider Login</h2>
- <% if ("true".equals(request.getParameter("loginFailed"))) { %>
- <p>Authentication Failed</p>
+ <% if ("true".equals(request.getAttribute("loginFailed"))) { %>
+ <p><font color="red"Authentication Failed</font></p>
<% } %>
- <% if(request.getParameter("actionUrl") != null){ %>
- <form action="<%=request.getParameter("actionUrl")%>" method="post">
+ <% if(request.getAttribute("actionUrl") != null){ %>
+ <form action="<%=request.getAttribute("actionUrl")%>" method="post">
<% }else{ %>
<form action="j_security_check" method="post">
<% } %>