Package com.caplin.signon
Class KeyMasterServlet
- java.lang.Object
-
- javax.servlet.GenericServlet
-
- javax.servlet.http.HttpServlet
-
- com.caplin.signon.KeyMasterServlet
-
- All Implemented Interfaces:
java.io.Serializable
,javax.servlet.Servlet
,javax.servlet.ServletConfig
public class KeyMasterServlet extends javax.servlet.http.HttpServlet
Generates a KeyMaster token using session data saved by the signon servlet.
The servlet can be configured using the following servlet parameters:
Option Required/Optional Description caplin.keymaster.privatekey.filename Required The location of the PEM PKCS#8 formatted private key file relative to the webapp. caplin.keymaster.hashing.algorithm Optional Hashing algorithm name, see KeyMasterHashingAlgorithm for the possible values, default is SHA256 caplin.keymaster.security.provider.class.name Optional Class name of a security provider to add to those available. caplin.keymaster.security.provider.name Optional Name of security provider to use for the token generation. caplin.keymaster.username.field Optional Name of the SessionData field that contains the username to generate a KeyMaster token for, default is SessionData.getUserName() The keymaster token parameters are loaded from the SessionData object stored under the key "caplin.signon" in the servlet session data.
The following SessionData values are used:
SessionData.getField([caplin.keymaster.username.field]) - or default SessionData.getUserName() - the user name (required) SessionData.getKeyMasterExtraDataToSign() - any extra data to sign (optional) SessionData.getKeyMasterMappingData() - mapping data to include in the token (optional)
- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description protected static java.lang.String
CAPLIN_KEYMASTER_HASHING_ALGORITHM
protected static java.lang.String
CAPLIN_KEYMASTER_PRIVATEKEY_FILENAME
protected static java.lang.String
CAPLIN_KEYMASTER_SECURITY_PROVIDER_CLASS_NAME
protected static java.lang.String
CAPLIN_KEYMASTER_SECURITY_PROVIDER_NAME
protected static java.lang.String
CAPLIN_KEYMASTER_USERNAME_FIELD
protected com.caplin.keymaster.StandardFormatter
formatter
protected com.caplin.keymaster.KeyMasterHashingAlgorithm
hashingAlgorithm
protected com.caplin.keymaster.IKeyMaster
keymaster
protected java.lang.String
privateKeyFilename
protected java.lang.String
securityProviderName
protected java.lang.String
usernameField
-
Constructor Summary
Constructors Constructor Description KeyMasterServlet()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected com.caplin.keymaster.IAuthenticationParameters
createAuthenticationParameters(javax.servlet.http.HttpServletRequest request)
Creates the authentication parameters from the signon servlet session data.protected com.caplin.keymaster.IKeyMasterConfiguration
createKeyMasterConfiguration()
Create the KeyMaster configuration to be used by this servletprotected void
doGet(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
protected void
doPost(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
java.lang.String
getParameterValue(java.lang.String key, java.lang.String defaultValue)
Gets the value of a servlet parameter or uses a default if the value is not presentjava.lang.String
getWebappBaseDirectory()
Gets the base directory for this webapp.void
init()
void
loadPrivateKey()
protected void
loadServletParameters()
Loads the servlet parametersjava.lang.String
logPrefix(javax.servlet.http.HttpServletRequest req)
Gets the session id prefix added to all log messages.protected void
writeResponse(javax.servlet.http.HttpServletResponse response, java.lang.String responseContent)
Writes servlet response as plain text with no cache headers.-
Methods inherited from class javax.servlet.http.HttpServlet
doDelete, doHead, doOptions, doPut, doTrace, getLastModified, service, service
-
-
-
-
Field Detail
-
CAPLIN_KEYMASTER_PRIVATEKEY_FILENAME
protected static final java.lang.String CAPLIN_KEYMASTER_PRIVATEKEY_FILENAME
- See Also:
- Constant Field Values
-
CAPLIN_KEYMASTER_HASHING_ALGORITHM
protected static final java.lang.String CAPLIN_KEYMASTER_HASHING_ALGORITHM
- See Also:
- Constant Field Values
-
CAPLIN_KEYMASTER_SECURITY_PROVIDER_CLASS_NAME
protected static final java.lang.String CAPLIN_KEYMASTER_SECURITY_PROVIDER_CLASS_NAME
- See Also:
- Constant Field Values
-
CAPLIN_KEYMASTER_SECURITY_PROVIDER_NAME
protected static final java.lang.String CAPLIN_KEYMASTER_SECURITY_PROVIDER_NAME
- See Also:
- Constant Field Values
-
CAPLIN_KEYMASTER_USERNAME_FIELD
protected static final java.lang.String CAPLIN_KEYMASTER_USERNAME_FIELD
- See Also:
- Constant Field Values
-
keymaster
protected com.caplin.keymaster.IKeyMaster keymaster
-
formatter
protected com.caplin.keymaster.StandardFormatter formatter
-
hashingAlgorithm
protected com.caplin.keymaster.KeyMasterHashingAlgorithm hashingAlgorithm
-
securityProviderName
protected java.lang.String securityProviderName
-
privateKeyFilename
protected java.lang.String privateKeyFilename
-
usernameField
protected java.lang.String usernameField
-
-
Method Detail
-
init
public void init() throws javax.servlet.ServletException
- Overrides:
init
in classjavax.servlet.GenericServlet
- Throws:
javax.servlet.ServletException
-
createKeyMasterConfiguration
protected com.caplin.keymaster.IKeyMasterConfiguration createKeyMasterConfiguration() throws java.lang.Exception
Create the KeyMaster configuration to be used by this servlet- Returns:
- the KeyMaster configuration to use.
- Throws:
java.lang.Exception
- thrown if creation fails.
-
createAuthenticationParameters
protected com.caplin.keymaster.IAuthenticationParameters createAuthenticationParameters(javax.servlet.http.HttpServletRequest request) throws javax.servlet.ServletException
Creates the authentication parameters from the signon servlet session data.- Parameters:
request
- the servlet request to create authentication parameters from.- Returns:
- Authentication parameters for the given request.
- Throws:
javax.servlet.ServletException
- if an error occurs
-
loadServletParameters
protected void loadServletParameters() throws javax.servlet.ServletException
Loads the servlet parameters- Throws:
javax.servlet.ServletException
- if there is a problem loading
-
loadPrivateKey
public void loadPrivateKey() throws javax.servlet.ServletException
- Throws:
javax.servlet.ServletException
-
doPost
protected void doPost(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws java.io.IOException, javax.servlet.ServletException
- Overrides:
doPost
in classjavax.servlet.http.HttpServlet
- Throws:
java.io.IOException
javax.servlet.ServletException
-
doGet
protected void doGet(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws java.io.IOException, javax.servlet.ServletException
- Overrides:
doGet
in classjavax.servlet.http.HttpServlet
- Throws:
java.io.IOException
javax.servlet.ServletException
-
writeResponse
protected void writeResponse(javax.servlet.http.HttpServletResponse response, java.lang.String responseContent) throws java.io.IOException
Writes servlet response as plain text with no cache headers.- Parameters:
response
- the servlet responseresponseContent
- the text to send- Throws:
java.io.IOException
- if an error occurs
-
getWebappBaseDirectory
public java.lang.String getWebappBaseDirectory()
Gets the base directory for this webapp.- Returns:
- the base directory.
-
getParameterValue
public java.lang.String getParameterValue(java.lang.String key, java.lang.String defaultValue)
Gets the value of a servlet parameter or uses a default if the value is not present- Parameters:
key
- the name of the servlet parameterdefaultValue
- the default value to use if no value is found- Returns:
- the retrieved value
-
logPrefix
public java.lang.String logPrefix(javax.servlet.http.HttpServletRequest req)
Gets the session id prefix added to all log messages.- Parameters:
req
- the servlet request object- Returns:
- the prefix to add to all log messages
-
-