Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.sakaiproject.hybrid.util
Class TrustedLoginFilter

java.lang.Object
  extended by org.sakaiproject.hybrid.util.TrustedLoginFilter
All Implemented Interfaces:
javax.servlet.Filter
public class TrustedLoginFilter
extends Object
implements javax.servlet.Filter

  A filter to come after the standard sakai request filter to allow services
  to encode a token containing the user id accessing the service. 
  
  The filter must be configured with a shared secret and requests contain a 
  header "x-sakai-token". This token is used to validate the Request and
  associate a user with the request.
  
  The token contains:
  hash;user
  
  hash is a Base64 encoded HMAC hash, user is the username to associate with the request.
  
  The shared secret must be known by both ends of the conversation, and must not be distributed outside a trusted zone.
  
  To use this filter add it AFTER the Sakai Request Filter in you web.xml like
  
  
        <!-- 
        The Sakai Request Hander 
        -->
        <filter>
                <filter-name>sakai.request</filter-name>
                <filter-class>org.sakaiproject.util.RequestFilter</filter-class>
        </filter>
        <filter>
                <filter-name>sakai.trusted</filter-name>
                <filter-class>org.sakaiproject.hybrid.util.TrustedLoginFilter</filter-class>
       <init-param>
        <param-name>shared.secret</param-name>
           <param-value>The Snow on the Volga falls only under the bridges</param-value>
       </init-param>
        </filter>
        
        <!--
        Mapped onto Handler
        -->
        <filter-mapping>
                <filter-name>sakai.request</filter-name>
                <servlet-name>sakai.mytoolservlet</servlet-name>
                <dispatcher>REQUEST</dispatcher>
                <dispatcher>FORWARD</dispatcher>
                <dispatcher>INCLUDE</dispatcher>
        </filter-mapping> 
 
        <filter-mapping>
                <filter-name>sakai.trusted</filter-name>
                <servlet-name>sakai.mytoolservlet</servlet-name>
                <dispatcher>REQUEST</dispatcher>
                <dispatcher>FORWARD</dispatcher>
                <dispatcher>INCLUDE</dispatcher>
        </filter-mapping>

Field Summary
protected  org.sakaiproject.component.api.ComponentManager componentManager
           
protected  boolean enabled
          True if server tokens are enabled.
static String ORG_SAKAIPROJECT_UTIL_TRUSTED_LOGIN_FILTER_ENABLED
          sakai.properties
static String ORG_SAKAIPROJECT_UTIL_TRUSTED_LOGIN_FILTER_SAFE_HOSTS
          sakai.properties
static String ORG_SAKAIPROJECT_UTIL_TRUSTED_LOGIN_FILTER_SHARED_SECRET
          sakai.properties
protected  String safeHosts
          A list of all the known safe hosts to trust as servers.
protected  org.sakaiproject.component.api.ServerConfigurationService serverConfigurationService
           
protected  org.sakaiproject.tool.api.SessionManager sessionManager
           
protected  String sharedSecret
          Property to contain the shared secret used by all trusted servers.
protected  Signature signature
           
protected  org.sakaiproject.user.api.UserDirectoryService userDirectoryService
           
protected  XSakaiToken xSakaiToken
           
 
Constructor Summary
TrustedLoginFilter()
           
 
Method Summary
 void destroy()
           
 void doFilter(javax.servlet.ServletRequest req, javax.servlet.ServletResponse resp, javax.servlet.FilterChain chain)
           
 void init(javax.servlet.FilterConfig config)
           
protected  void setupTestCase(org.sakaiproject.component.api.ComponentManager componentManager)
          Only used for unit testing setup.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ORG_SAKAIPROJECT_UTIL_TRUSTED_LOGIN_FILTER_SHARED_SECRET

public static final String ORG_SAKAIPROJECT_UTIL_TRUSTED_LOGIN_FILTER_SHARED_SECRET
sakai.properties

See Also:
Constant Field Values

ORG_SAKAIPROJECT_UTIL_TRUSTED_LOGIN_FILTER_ENABLED

public static final String ORG_SAKAIPROJECT_UTIL_TRUSTED_LOGIN_FILTER_ENABLED
sakai.properties

See Also:
Constant Field Values

ORG_SAKAIPROJECT_UTIL_TRUSTED_LOGIN_FILTER_SAFE_HOSTS

public static final String ORG_SAKAIPROJECT_UTIL_TRUSTED_LOGIN_FILTER_SAFE_HOSTS
sakai.properties

See Also:
Constant Field Values

signature

protected transient Signature signature

xSakaiToken

protected transient XSakaiToken xSakaiToken

componentManager

protected transient org.sakaiproject.component.api.ComponentManager componentManager

serverConfigurationService

protected transient org.sakaiproject.component.api.ServerConfigurationService serverConfigurationService

sessionManager

protected transient org.sakaiproject.tool.api.SessionManager sessionManager

userDirectoryService

protected transient org.sakaiproject.user.api.UserDirectoryService userDirectoryService

sharedSecret

protected transient String sharedSecret
Property to contain the shared secret used by all trusted servers. The shared secret used for server to server trusted tokens.

enabled

protected transient boolean enabled
True if server tokens are enabled. If true, trusted tokens from servers are accepted considered.

safeHosts

protected transient String safeHosts
A list of all the known safe hosts to trust as servers. A ; separated list of hosts that this instance trusts to make server connections.

Constructor Detail

TrustedLoginFilter

public TrustedLoginFilter()
Method Detail

doFilter

public void doFilter(javax.servlet.ServletRequest req,
                     javax.servlet.ServletResponse resp,
                     javax.servlet.FilterChain chain)
              throws IOException,
                     javax.servlet.ServletException
Specified by:
doFilter in interface javax.servlet.Filter
Throws:
IOException
javax.servlet.ServletException
See Also:
Filter.doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)

init

public void init(javax.servlet.FilterConfig config)
          throws javax.servlet.ServletException
Specified by:
init in interface javax.servlet.Filter
Throws:
javax.servlet.ServletException
See Also:
Filter.init(javax.servlet.FilterConfig)

destroy

public void destroy()
Specified by:
destroy in interface javax.servlet.Filter
See Also:
Filter.destroy()

setupTestCase

protected void setupTestCase(org.sakaiproject.component.api.ComponentManager componentManager)
Only used for unit testing setup.

Parameters:
componentManager -
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2009-2012 The Sakai Foundation. All Rights Reserved.