[Yanel-commits] rev 30834 -
public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/security/impl
michi at wyona.com
michi at wyona.com
Sun Jan 27 22:51:17 CET 2008
Author: michi
Date: 2008-01-27 22:51:16 +0100 (Sun, 27 Jan 2008)
New Revision: 30834
Modified:
public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/security/impl/DefaultWebAuthenticatorImpl.java
Log:
receiving URL fixed such that OpenID also works behind a reverse proxy
Modified: public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/security/impl/DefaultWebAuthenticatorImpl.java
===================================================================
--- public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/security/impl/DefaultWebAuthenticatorImpl.java 2008-01-27 20:45:49 UTC (rev 30833)
+++ public/yanel/trunk/src/webapp/src/java/org/wyona/yanel/servlet/security/impl/DefaultWebAuthenticatorImpl.java 2008-01-27 21:51:16 UTC (rev 30834)
@@ -129,7 +129,7 @@
return response;
} else if (openIDSignature != null) {
log.debug("Verify OpenID provider response ...");
- if (verifyOpenIDProviderResponse(request)) {
+ if (verifyOpenIDProviderResponse(request, map)) {
UserManager uManager = realm.getIdentityManager().getUserManager();
String openIdentity = request.getParameter("openid.identity");
if (openIdentity != null) {
@@ -517,16 +517,15 @@
/**
* Verify OpenID provider response
*/
- private boolean verifyOpenIDProviderResponse (HttpServletRequest request) throws Exception {
+ private boolean verifyOpenIDProviderResponse (HttpServletRequest request, Map map) throws Exception {
ParameterList responseParas = new ParameterList(request.getParameterMap());
DiscoveryInformation discovered = (DiscoveryInformation) request.getSession().getAttribute(OPENID_DISCOVERED_KEY);
- StringBuffer receivingURL = request.getRequestURL();
- String queryString = request.getQueryString();
- if (queryString != null && queryString.length() > 0) {
- receivingURL.append("?").append(request.getQueryString());
- VerificationResult verification = manager.verify(receivingURL.toString(), responseParas, discovered);
- Identifier verified = verification.getVerifiedId();
- if (verified != null) {
+
+ String receivingURL = getRequestURLQS(request, null, false, map);
+ log.debug("Receiving URL: " + receivingURL);
+ VerificationResult verification = manager.verify(receivingURL.toString(), responseParas, discovered);
+ Identifier verified = verification.getVerifiedId();
+ if (verified != null) {
/*
AuthSuccess authSuccess = (AuthSuccess) verification.getAuthResponse();
if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) {
@@ -536,7 +535,6 @@
}
*/
return true;
- }
}
return false;
}
More information about the Yanel-commits
mailing list