From f9d6bbd410d6d18a917a1e70ad27b5d91287c446 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Thu, 22 Mar 2018 15:13:40 +0100 Subject: Clear cookies before every authentication request Solves problems with repeated auth tries --- src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticator.java | 10 +++++++--- .../java/edu/kit/scc/dei/ecplean/ECPAuthenticatorBase.java | 2 +- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticator.java b/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticator.java index ce41f62..b727fea 100644 --- a/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticator.java +++ b/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticator.java @@ -12,7 +12,9 @@ import org.apache.http.HttpResponse; import org.apache.http.ParseException; import org.apache.http.client.methods.HttpGet; import org.apache.http.client.methods.HttpPost; +import org.apache.http.client.protocol.HttpClientContext; import org.apache.http.entity.StringEntity; +import org.apache.http.impl.client.BasicCookieStore; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.util.EntityUtils; import org.w3c.dom.Document; @@ -47,11 +49,13 @@ public class ECPAuthenticator extends ECPAuthenticatorBase { HttpGet httpGet = new HttpGet(authInfo.getSpUrl().toString()); httpGet.setHeader("Accept", "text/html, application/vnd.paos+xml"); httpGet.setHeader("PAOS", "ver=\"urn:liberty:paos:2003-08\";\"urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp\""); + HttpClientContext ctx = HttpClientContext.create(); + ctx.setCookieStore(new BasicCookieStore()); HttpResponse httpResponse; String responseBody; try { - httpResponse = client.execute(httpGet); + httpResponse = client.execute(httpGet, ctx); responseBody = EntityUtils.toString(httpResponse.getEntity()); httpGet.reset(); } catch (IOException | ParseException e) { @@ -117,7 +121,7 @@ public class ECPAuthenticator extends ECPAuthenticatorBase { //httpPost.setHeader("PAOS", "ver=\"urn:liberty:paos:2003-08\";\"urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp\""); try { httpPost.setEntity(new StringEntity(documentToString(idpResponse))); - httpResponse = client.execute(httpPost); + httpResponse = client.execute(httpPost, ctx); logger.info("Asserting resulted in " + httpResponse.getStatusLine()); httpPost.reset(); } catch (TransformerException | IOException e) { @@ -128,7 +132,7 @@ public class ECPAuthenticator extends ECPAuthenticatorBase { logger.info("Requesting original URL"); httpGet = new HttpGet(authInfo.getSpUrl().toString()); try { - httpResponse = client.execute(httpGet); + httpResponse = client.execute(httpGet, ctx); } catch (IOException e) { logger.debug("Could not request original URL"); throw new ECPAuthenticationException(e); diff --git a/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticatorBase.java b/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticatorBase.java index 84122bb..a0dec7e 100644 --- a/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticatorBase.java +++ b/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticatorBase.java @@ -52,7 +52,7 @@ public abstract class ECPAuthenticatorBase extends Observable { public ECPAuthenticatorBase(CloseableHttpClient client) { this.client = client == null ? HttpClients.createSystem() : client; - + documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); -- cgit v1.2.3-55-g7522