package org.esupportail.portal.channels.portlet; import java.util.Enumeration; import java.util.Map; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.jasig.portal.ChannelStaticData; import org.jasig.portal.channels.portlet.CPortletAdapter; import org.jasig.portal.container.om.portlet.UserAttributeListImpl; import org.jasig.portal.security.IPerson; import org.jasig.portal.security.ISecurityContext; import org.jasig.portal.security.provider.cas.CasProxyTicketAcquisitionException; import org.jasig.portal.security.provider.cas.CasSecurityContext; import org.jasig.portal.security.provider.cas.ICasSecurityContext; import org.springframework.util.StringUtils; /** * A JSR 168 Portlet adapter that passes a CAS proxy ticket * to portlets. */ public class CCasProxyPortletAdapter extends CPortletAdapter { /** * A logger for the class. */ protected final Log log = LogFactory.getLog(getClass()); /** * The portlet parameter that contains the name of the * preferences attribute used to pass the PT to portlets. */ public static final String CAS_PROXY_TICKET_PREF_PARAM = "casProxyTicketPref"; /** * The default name of the preferences attribute used to pass the * PT to the portlet. */ public static final String DEFAULT_CAS_PROXY_TICKET_PREF = "casProxyTicket"; /** * The portlet parameter that contains the target service * of the PTs that will be passed to the portlet. */ public static final String CAS_TARGET_SERVICE_PARAM = "casTargetService"; /** * Bean constructor. */ public CCasProxyPortletAdapter() { super(); } /** * @return the name of the preferences attribute used to pass a PT to the portlet. */ protected String getCasProxyTicketPref(ChannelStaticData staticData) { String pref = (String) staticData.get(CAS_PROXY_TICKET_PREF_PARAM); if (!StringUtils.hasText(pref)) { pref = DEFAULT_CAS_PROXY_TICKET_PREF; } return pref; } /** * @return the CAS target service of the portlet. */ protected String getCasTargetService(ChannelStaticData staticData) { return (String) staticData.get(CAS_TARGET_SERVICE_PARAM); } /** * Looks for a security context * @param rootContext the principal security context * @return the CAS security contex, or null if not found. */ @SuppressWarnings("unchecked") private static ISecurityContext getCasContext(ISecurityContext context) { if (context instanceof CasSecurityContext) { return context; } Enumeration contextEnum = context.getSubContexts(); while (contextEnum.hasMoreElements()) { ISecurityContext subContext = (ISecurityContext) contextEnum.nextElement(); if (subContext instanceof ICasSecurityContext) { return subContext; } } return null; } /** * @see org.jasig.portal.channels.portlet.CPortletAdapter#getUserInfo( * java.lang.String, org.jasig.portal.ChannelStaticData, org.jasig.portal.container.om.portlet.UserAttributeListImpl) */ @SuppressWarnings("unchecked") @Override protected Map getUserInfo(String uid, ChannelStaticData staticData, UserAttributeListImpl userAttributes) { Map userInfo = super.getUserInfo(uid, staticData, userAttributes); String targetService = getCasTargetService(staticData); if (targetService == null) { log.debug("parameter [" + CAS_TARGET_SERVICE_PARAM + "] is null, no proxy ticket passed to the portlet"); return userInfo; } IPerson person = staticData.getPerson(); if (person == null) { log.error("no person, no proxy ticket passed to the portlet"); return userInfo; } ISecurityContext context = person.getSecurityContext(); if (context == null) { log.error("no security context, no proxy ticket passed to the portlet"); return userInfo; } ISecurityContext casContext = getCasContext(context); if (casContext == null) { log.debug("no CAS security context, no proxy ticket passed to the portlet"); return userInfo; } if (!casContext.isAuthenticated()) { log.debug("no CAS authentication, no proxy ticket passed to the portlet"); return userInfo; } try { String proxyTicket = ((ICasSecurityContext) casContext).getCasServiceToken(targetService); userInfo.put(getCasProxyTicketPref(staticData), proxyTicket); } catch (CasProxyTicketAcquisitionException e) { log.error("no proxy ticket passed to the portlet: " + e); } return userInfo; } }