hazza/DSpace
1
0
Fork 0
mirror of https://github.com/DSpace/DSpace.git synced 2025-10-12 20:43:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

applying patch from DS-1410, merging with changes from DS-1503/PR-196

Browse Source
This commit is contained in:
Hardy Pottinger
2013-05-17 15:06:41 -05:00
parent 6c391256cc
commit 0e8df4e7ab
1 changed files with 19 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
dspace-api/src/main/java/org/dspace/authenticate/ShibAuthentication.java
View File

@@ -187,9 +187,11 @@ public class ShibAuthentication implements AuthenticationMethod
log.debug("Starting Shibboleth Authentication"); log.debug("Starting Shibboleth Authentication");
String message = "Received the following headers:\n"; String message = "Received the following headers:\n";
@SuppressWarnings("unchecked")
Enumeration<String> headerNames = request.getHeaderNames(); Enumeration<String> headerNames = request.getHeaderNames();
while (headerNames.hasMoreElements()) { while (headerNames.hasMoreElements()) {
String headerName = headerNames.nextElement(); String headerName = headerNames.nextElement();
@SuppressWarnings("unchecked")
Enumeration<String> headerValues = request.getHeaders(headerName); Enumeration<String> headerValues = request.getHeaders(headerName);
while (headerValues.hasMoreElements()) { while (headerValues.hasMoreElements()) {
String headerValue = headerValues.nextElement(); String headerValue = headerValues.nextElement();
@@ -483,7 +485,7 @@ public class ShibAuthentication implements AuthenticationMethod
// Shibboleth authentication initiator // Shibboleth authentication initiator
if (shibURL == null || shibURL.length() == 0) if (shibURL == null || shibURL.length() == 0)
shibURL = "/Shibboleth.sso/Login"; shibURL = "/Shibboleth.sso/Login";
shibURL.trim(); shibURL = shibURL.trim();
// Determine the return URL, where shib will send the user after authenticating. We need it to go back // Determine the return URL, where shib will send the user after authenticating. We need it to go back
// to DSpace's shibboleth-login url so the we will extract the user's information and locally // to DSpace's shibboleth-login url so the we will extract the user's information and locally
@@ -619,7 +621,7 @@ public class ShibAuthentication implements AuthenticationMethod
if (email != null) { if (email != null) {
foundRemoteUser = true; foundRemoteUser = true;
email.toLowerCase(); email = email.toLowerCase();
eperson = EPerson.findByEmail(context, email); eperson = EPerson.findByEmail(context, email);
if (eperson == null) if (eperson == null)
@@ -676,7 +678,7 @@ public class ShibAuthentication implements AuthenticationMethod
String fname = findSingleAttribute(request,fnameHeader); String fname = findSingleAttribute(request,fnameHeader);
String lname = findSingleAttribute(request,lnameHeader); String lname = findSingleAttribute(request,lnameHeader);
if ( email == null || fname == null || lname == null) { if ( email == null || (fnameHeader != null && fname == null) || (lnameHeader != null && lname == null)) {
// We require that there be an email, first name, and last name. If we // We require that there be an email, first name, and last name. If we
// don't have at least these three pieces of information then we fail. // don't have at least these three pieces of information then we fail.
String message = "Unable to register new eperson because we are unable to find an email address along with first and last name for the user.\n"; String message = "Unable to register new eperson because we are unable to find an email address along with first and last name for the user.\n";
@@ -690,11 +692,11 @@ public class ShibAuthentication implements AuthenticationMethod
} }
// Truncate values of parameters that are too big. // Truncate values of parameters that are too big.
if (fname.length() > NAME_MAX_SIZE) { if (fname != null && fname.length() > NAME_MAX_SIZE) {
log.warn("Truncating eperson's first name because it is longer than "+NAME_MAX_SIZE+": '"+fname+"'"); log.warn("Truncating eperson's first name because it is longer than "+NAME_MAX_SIZE+": '"+fname+"'");
fname = fname.substring(0,NAME_MAX_SIZE); fname = fname.substring(0,NAME_MAX_SIZE);
} }
if (lname.length() > NAME_MAX_SIZE) { if (lname != null && lname.length() > NAME_MAX_SIZE) {
log.warn("Truncating eperson's last name because it is longer than "+NAME_MAX_SIZE+": '"+lname+"'"); log.warn("Truncating eperson's last name because it is longer than "+NAME_MAX_SIZE+": '"+lname+"'");
lname = lname.substring(0,NAME_MAX_SIZE); lname = lname.substring(0,NAME_MAX_SIZE);
} }
@@ -707,7 +709,9 @@ public class ShibAuthentication implements AuthenticationMethod
if (netid != null) if (netid != null)
eperson.setNetid(netid); eperson.setNetid(netid);
eperson.setEmail(email.toLowerCase()); eperson.setEmail(email.toLowerCase());
if ( fname != null )
eperson.setFirstName(fname); eperson.setFirstName(fname);
if ( lname != null )
eperson.setLastName(lname); eperson.setLastName(lname);
eperson.setCanLogIn(true); eperson.setCanLogIn(true);
@@ -763,11 +767,11 @@ public class ShibAuthentication implements AuthenticationMethod
String lname = findSingleAttribute(request,lnameHeader); String lname = findSingleAttribute(request,lnameHeader);
// Truncate values of parameters that are too big. // Truncate values of parameters that are too big.
if (fname.length() > NAME_MAX_SIZE) { if (fname != null && fname.length() > NAME_MAX_SIZE) {
log.warn("Truncating eperson's first name because it is longer than "+NAME_MAX_SIZE+": '"+fname+"'"); log.warn("Truncating eperson's first name because it is longer than "+NAME_MAX_SIZE+": '"+fname+"'");
fname = fname.substring(0,NAME_MAX_SIZE); fname = fname.substring(0,NAME_MAX_SIZE);
} }
if (lname.length() > NAME_MAX_SIZE) { if (lname != null && lname.length() > NAME_MAX_SIZE) {
log.warn("Truncating eperson's last name because it is longer than "+NAME_MAX_SIZE+": '"+lname+"'"); log.warn("Truncating eperson's last name because it is longer than "+NAME_MAX_SIZE+": '"+lname+"'");
lname = lname.substring(0,NAME_MAX_SIZE); lname = lname.substring(0,NAME_MAX_SIZE);
} }
@@ -1073,6 +1077,9 @@ public class ShibAuthentication implements AuthenticationMethod
* @return The value of the attribute or header requested, or null if none found. * @return The value of the attribute or header requested, or null if none found.
*/ */
private String findAttribute(HttpServletRequest request, String name) { private String findAttribute(HttpServletRequest request, String name) {
if ( name == null ) {
return null;
}
// First try to get the value from the attribute // First try to get the value from the attribute
String value = (String) request.getAttribute(name); String value = (String) request.getAttribute(name);
if (StringUtils.isEmpty(value)) if (StringUtils.isEmpty(value))
@@ -1108,6 +1115,9 @@ public class ShibAuthentication implements AuthenticationMethod
* @return The value of the header requested, or null if none found. * @return The value of the header requested, or null if none found.
*/ */
private String findSingleAttribute(HttpServletRequest request, String name) { private String findSingleAttribute(HttpServletRequest request, String name) {
if ( name == null) {
return null;
}
String value = findAttribute(request, name); String value = findAttribute(request, name);