Package oracle.stellent.ridc.protocol.http.auth

Class OAM11GWebgateAuthHandler

java.lang.Object
oracle.stellent.ridc.protocol.http.auth.OAM11GWebgateAuthHandler
All Implemented Interfaces:
AuthenticationHandler
public class OAM11GWebgateAuthHandler extends Object implements AuthenticationHandler

  • Field Details

  • Constructor Details

    • OAM11GWebgateAuthHandler

      public OAM11GWebgateAuthHandler(IdcHttpProtocol httpProtocol)
      Constructor
      Parameters:
      httpProtocol -

  • Method Details

    • getHttpProtocol

      public IdcHttpProtocol getHttpProtocol()

    • setLogId

      protected void setLogId(String logId)

    • setServiceLog

      protected void setServiceLog(ServiceLog log)

    • getServiceLog

      protected ServiceLog getServiceLog()

    • getLogId

      protected String getLogId()

    • isAuthSupported

      public boolean isAuthSupported(RIDCHttpClient httpClient, RIDCHttpMethod pingMethod) throws ProtocolException
      Determine if 11g Webgate authentication is in the mix.
      Specified by:
      isAuthSupported in interface AuthenticationHandler
      Parameters:
      httpClient - httpclient instance created by AuthenticationDetector
      pingMethod - ping method invoked by AuthenticationDetector
      Returns:
      true if the handler can support the requests to the given server
      Throws:
      ProtocolException

    • hasOAM11gWebGateCookie

      public static boolean hasOAM11gWebGateCookie(RIDCHttpClient httpClient)

    • getAuthScheme

      public IdcContext.HttpAuthScheme getAuthScheme()
      Specified by:
      getAuthScheme in interface AuthenticationHandler
      Returns:
      the authentication scheme associated with this handler

    • sendAuthenticatedRequest

      public int sendAuthenticatedRequest() throws ProtocolException
      Description copied from interface: AuthenticationHandler
      Send the authenticated request to the Content Server
      Specified by:
      sendAuthenticatedRequest in interface AuthenticationHandler
      Returns:
      the http status
      Throws:
      ProtocolException

    • handleLogin

      protected void handleLogin() throws ProtocolException
      With redirects enabled, HTTP GET the PING_SERVER service fronted by the OHS hosting the 11g Webgate (/cs/idcplg?IdcService=PING_SERVER&IsJava=1) ... we will be redirected to /adfAuthentication?login=true which is an OAM protected resource. ... and redirected again to the OAM server: http://oamserver:port/oam/server/obrareq.cgi?encquery%XXXXX ... a HTML login page will then render containing an important request_id hidden input form parameter. We must then HTTP POST the OAM server /oam/server/auth_cred_submit with post data containing userid, password, request_id (ensuring previous cookies obtained are sent) ... if authentication is successful, we will receive an OAM_ID (oam server session cookie) and be redirected back to the webserver hosting the 11g webgate /obrar.cgi?encreply=YYYY ... an "OAMAuthnCookie_<host>:<port>" is then set (where <host:port> is the name/port of the web server hosting the 11g webgate) and we are then redirected to /adfAuthentication?login=true the redirect to /adfAuthentication?login=true establishes the JSESSIONID and (_WL_AUTHCOOKIE_JSESSIONID if a secure HTTPS connection was leveraged) we are then redirected back to the original PING_SERVER service call which should return a HDA response stating the user is logged in as ZZZ
      Throws:
      ProtocolException

    • getHttpClient

      public RIDCHttpClient getHttpClient() throws ProtocolException
      Throws:
      ProtocolException

    • createHttpClient

      protected RIDCHttpClient createHttpClient() throws ProtocolException
      Throws:
      ProtocolException

    • setHttpClient

      public void setHttpClient(RIDCHttpClient httpClient)

    • throwFailedAuthenticationException

      protected void throwFailedAuthenticationException(RIDCHttpMethod method) throws ProtocolException, URISyntaxException
      Throws:
      ProtocolException
      URISyntaxException