[Yanel-commits] rev 30834 - public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/security/impl

michi at wyona.com michi at wyona.com
Sun Jan 27 22:51:17 CET 2008


Author: michi
Date: 2008-01-27 22:51:16 +0100 (Sun, 27 Jan 2008)
New Revision: 30834

Modified:
   public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/security/impl/DefaultWebAuthenticatorImpl.java
Log:
receiving URL fixed such that OpenID also works behind a reverse proxy

Modified: public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/security/impl/DefaultWebAuthenticatorImpl.java
===================================================================
--- public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/security/impl/DefaultWebAuthenticatorImpl.java	2008-01-27 20:45:49 UTC (rev 30833)
+++ public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/security/impl/DefaultWebAuthenticatorImpl.java	2008-01-27 21:51:16 UTC (rev 30834)
@@ -129,7 +129,7 @@
                 return response;
             } else if (openIDSignature != null) {
                 log.debug("Verify OpenID provider response ...");
-                if (verifyOpenIDProviderResponse(request)) {
+                if (verifyOpenIDProviderResponse(request, map)) {
                     UserManager uManager = realm.getIdentityManager().getUserManager();
                     String openIdentity = request.getParameter("openid.identity");
                     if (openIdentity != null) {
@@ -517,16 +517,15 @@
     /**
      * Verify OpenID provider response
      */
-    private boolean verifyOpenIDProviderResponse (HttpServletRequest request) throws Exception {
+    private boolean verifyOpenIDProviderResponse (HttpServletRequest request, Map map) throws Exception {
         ParameterList responseParas = new ParameterList(request.getParameterMap());
         DiscoveryInformation discovered = (DiscoveryInformation) request.getSession().getAttribute(OPENID_DISCOVERED_KEY);
-        StringBuffer receivingURL = request.getRequestURL();
-        String queryString = request.getQueryString();
-        if (queryString != null && queryString.length() > 0) {
-            receivingURL.append("?").append(request.getQueryString());
-            VerificationResult verification = manager.verify(receivingURL.toString(), responseParas, discovered);
-            Identifier verified = verification.getVerifiedId();
-            if (verified != null) {
+
+        String receivingURL = getRequestURLQS(request, null, false, map);
+        log.debug("Receiving URL: " + receivingURL);
+        VerificationResult verification = manager.verify(receivingURL.toString(), responseParas, discovered);
+        Identifier verified = verification.getVerifiedId();
+        if (verified != null) {
 /*
                 AuthSuccess authSuccess = (AuthSuccess) verification.getAuthResponse();
                 if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) {
@@ -536,7 +535,6 @@
                 }
 */
                 return true;
-            }
         }
         return false;
     }



More information about the Yanel-commits mailing list