Package uk.ac.warwick.sso.client

Class ShireServlet

  • All Implemented Interfaces:
    java.io.Serializable, javax.servlet.Servlet, javax.servlet.ServletConfig
    public class ShireServlet
extends javax.servlet.http.HttpServlet

    What on earth is a shire?

    The shire, which is only used for new-mode SSO apps, is where Websignon sends its security assertion to say that a particular user has just successfully signed in.

    After the user has signed in via Websignon, an auto-submitting form containing the security assertion is posted here, to the shire. The shire will do a few things:

    1. Check that the assertion is valid (not expired, properly signed)
    2. Extract a token out of the assertion
    3. Use the token to request the user's details from the Websignon Attribute Authority URL
    4. Set a Service Specific Cookie (SSC) to say this service is signed in
    The last step is why it's important that this is done by the user's browser - otherwise it wouldn't be able to save this cookie. It then redirects the browser to the originally requested URL.

    After this is done, SSOClientFilter will see the SSC and set up the current user in the request.

    ShireServlet should be defined in web.xml, and must be served over HTTPS. When your application is registered with SSO, the URL to your shire will be one of the pieces of information it knows about.

    See Also:
    Serialized Form

    • Constructor Summary

      Constructors 
      Constructor Description
      ShireServlet()  

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      uk.ac.warwick.sso.client.ShireCommand createShireCommand​(java.lang.String remoteAddress)  
      protected void doGet​(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res)  
      protected void doPost​(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse res)  
      uk.ac.warwick.sso.client.cache.UserCache getCache()  
      uk.ac.warwick.sso.client.SSOConfiguration getConfig()  
      java.lang.String getConfigSuffix()  
      uk.ac.warwick.util.cache.Cache<java.lang.String,​uk.ac.warwick.userlookup.User> getUserIdCache()  
      void init​(javax.servlet.ServletConfig ctx)  
      void setCache​(uk.ac.warwick.sso.client.cache.UserCache cache)  
      void setConfig​(uk.ac.warwick.sso.client.SSOConfiguration config)  
      void setConfigSuffix​(java.lang.String configSuffix)  
      void setUserIdCache​(uk.ac.warwick.util.cache.Cache<java.lang.String,​uk.ac.warwick.userlookup.User> userIdCache)  

      • Methods inherited from class javax.servlet.http.HttpServlet

        doDelete, doHead, doOptions, doPut, doTrace, getLastModified, service, service

      • Methods inherited from class javax.servlet.GenericServlet

        destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, log, log

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • ShireServlet

        public ShireServlet()

    • Method Detail

      • doGet

        protected final void doGet​(javax.servlet.http.HttpServletRequest req,
                           javax.servlet.http.HttpServletResponse res)
                    throws javax.servlet.ServletException,
                           java.io.IOException
        Overrides:
        doGet in class javax.servlet.http.HttpServlet
        Throws:
        javax.servlet.ServletException
        java.io.IOException

      • doPost

        protected final void doPost​(javax.servlet.http.HttpServletRequest req,
                            javax.servlet.http.HttpServletResponse res)
                     throws javax.servlet.ServletException,
                            java.io.IOException
        Overrides:
        doPost in class javax.servlet.http.HttpServlet
        Throws:
        javax.servlet.ServletException
        java.io.IOException

      • createShireCommand

        public uk.ac.warwick.sso.client.ShireCommand createShireCommand​(java.lang.String remoteAddress)

      • init

        public final void init​(javax.servlet.ServletConfig ctx)
                throws javax.servlet.ServletException
        Specified by:
        init in interface javax.servlet.Servlet
        Overrides:
        init in class javax.servlet.GenericServlet
        Throws:
        javax.servlet.ServletException

      • getCache

        public final uk.ac.warwick.sso.client.cache.UserCache getCache()

      • setCache

        public final void setCache​(uk.ac.warwick.sso.client.cache.UserCache cache)

      • getConfig

        public final uk.ac.warwick.sso.client.SSOConfiguration getConfig()

      • setConfig

        public final void setConfig​(uk.ac.warwick.sso.client.SSOConfiguration config)

      • getConfigSuffix

        public final java.lang.String getConfigSuffix()

      • setConfigSuffix

        public final void setConfigSuffix​(java.lang.String configSuffix)

      • getUserIdCache

        public final uk.ac.warwick.util.cache.Cache<java.lang.String,​uk.ac.warwick.userlookup.User> getUserIdCache()

      • setUserIdCache

        public final void setUserIdCache​(uk.ac.warwick.util.cache.Cache<java.lang.String,​uk.ac.warwick.userlookup.User> userIdCache)