+

Search Tips   |   Advanced Search

Example: An HTTP cookie retrieval

The following example shows how to retrieve a cookie from an HTTP request, decode the cookie so that it is back to your original bytes, and create our custom SingleSignonToken object from the bytes. This example shows how to complete these steps from a login module. However, you also can complete these steps using a servlet.

For information on what to do during initialization, login and commit, see Developing custom login modules for a system login configuration for JAAS.

public customLoginModule() 
{
	public void initialize(Subject subject, CallbackHandler callbackHandler, 
     Map sharedState, Map options) 
	{
		_sharedState = sharedState;
	}

	public boolean login() throws LoginException 
	{
     // Handles the WSTokenHolderCallback to see if this is an 
     // initial or propagation login.
		Callback callbacks[] = new Callback[2];
		callbacks[0] = new WSTokenHolderCallback("Authz Token List: ");
		callbacks[1] = new WSServletRequestCallback("HttpServletRequest: ");
	        
		try
		{
			callbackHandler.handle(callbacks);
		} 
		catch (Exception e)
		{
			// Handles the exception
		} 
            
		// receive the ArrayList of TokenHolder objects (the serialized tokens)
		List authzTokenList = ((WSTokenHolderCallback) callbacks[0]).getTokenHolderList();
		javax.servlet.http.HttpServletRequest request = 
         ((WSServletRequestCallback) callbacks[1]).getHttpServletRequest();
        
		if (request != null)
		{

			// Checks if the cookie is present
			javax.servlet.http.Cookie[] cookies = request.getCookies();
			String[] cookieStrings = getCookieValues (cookies, "myCookeName1");

			if (cookieStrings != null)
			{
				String cookieVal = null;
				for (int n=0;n<cookieStrings.length;n++)
				{
					cookieVal = cookieStrings[n];
					if (cookieVal.length()>0) 
					{
               // Removes the cookie encoding from the cookie to get 
               // our custom bytes
						byte[] cookieBytes = 
							com.ibm.websphere.security.WSSecurityHelper.
                     convertCookieStringToBytes(cookieVal); 
						customSSOToken = 
							new com.ibm.websphere.security.token.
                     CustomSingleSignonTokenImpl(cookieBytes);

               // Now that we have your cookie from the request,
               // we can do something with it here, or add it
               // to the Subject in the commit() method for use later.
						if (debug || tc.isDebugEnabled())
						{
							System.out.println("*** GOT MY CUSTOM SSO TOKEN FROM 
                     THE REQUEST ***");
						}
					}
				}
			}
		}

	}

	public boolean commit() throws LoginException 
	{
		if (customSSOToken != null)
		{
			// Sets the customSSOToken token into the Subject
			try
			{
				public final SingleSignonToken customSSOTokenPriv = customSSOToken;
          // Do this in a doPrivileged code block so that application code does not 
          // need to add additional permissions
				java.security.AccessController.doPrivileged(new java.security.PrivilegedAction() 
				{
					public Object run() 
					{
						try
						{
                 // Add the custom SSO token if it is not null and not
                 // already in the Subject
                          						if ((customSSOTokenPriv != null) && 			
									(!subject.getPrivateCredentials().
                        contains(customSSOTokenPriv)))
							{
								subject.getPrivateCredentials().add(customSSOTokenPriv);
							}
						} 
						catch (Exception e)
						{
							throw new WSLoginFailedException (e.getMessage(), e);
						}

						return null;
					}
				});
			}
			catch (Exception e)
			{
				throw new WSLoginFailedException (e.getMessage(), e);
			}
		}
	}

	// Private method to get the specific cookie from the request
	private String[] getCookieValues (Cookie[] cookies, String hdrName)
	{
		Vector retValues = new Vector();
		int numMatches=0;
		if (cookies != null)
		{
			for (int i = 0; i < cookies.length; ++i)
			{
				if (hdrName.equals(cookies[i].getName()))
				{
					retValues.add(cookies[i].getValue());
					numMatches++;
					System.out.println(cookies[i].getValue());
				}
			}
		}

		if (retValues.size()>0)
			return (String[]) retValues.toArray(new String[numMatches]);
		else
			return null;
	}
	
	// Defines your login module variables
	com.ibm.wsspi.security.token.SingleSignonToken customSSOToken = null;
	com.ibm.wsspi.security.token.AuthenticationToken defaultAuthToken = null;
	java.util.Map _sharedState = null;
}

  • Implement a custom single sign-on token for security attribute propagation
  • Developing custom login modules for a system login configuration for JAAS