As identified in another post Full login filter testing for local developer environments, the requirement may arise that developer environments need to fully test implicitLoginFilter without deploying code to another environment. This post walks thru the code and setup of a form based TAI.
Create a new class which implements TrustAssociationInterceptor. In this class we will pull 3 properties from the WAS configurations of the interceptor. These three properties and a description of the information each will hold are:
- formid – name of a hidden field in the form utilized for login
- formidvalue – value of the hidden field that will need to match the value passed thru the request
- useridfield – name of the form field containing the ID of the user to be logged in
In my implementation I have set these values to the following values:
- formid = TAI_Form
- formidvalue = SecretKeyValue
- useridfield = userid
Once you have everything configured in WAS you will need to create a login form. I have used
Login.html
<form id=”loginForm” action=”http://localhost:10039/wps/myportal” method=”post”>
User ID: <input type=”text” name=”userid” value=”wpsadmin” /><br/>
<input type=”hidden” name=”TAI_Form” value=”SecretKeyValue” />
<input type=”submit” value=”Submit” />
</form>
CODE:
/**
* @author Charles Mahoney, Perficient Inc
*/
public class FormBasedTAI implements TrustAssociationInterceptor {
private static String formID = null;
private static String formID_Value = null;
private static String userIDfield = null;
private static Logger logger = Logger.getLogger(FormBasedTAI.class.getName());
@Override
public void cleanup() { }
@Override
public String getType() {return String.format("%s version %s", this.getClass().getName(), this.getVersion());}
@Override
public String getVersion() {return "1.0";}
@Override
public int initialize(Properties props) throws WebTrustAssociationFailedException {
logger.entering(this.getClass().getName(), "FormBasedTAI.initialize()");
// read properties from configuration in WAS
this.formID = props.getProperty("formid");
this.formID_Value = props.getProperty("formidvalue");
this.userIDfield = props.getProperty("useridfield");
if(!hasAllConfigurations()){
logger.severe("the required configurations for the FormBasedTAI were not properly set");
return 1;
}
logger.exiting(this.getClass().getName(), "FormBasedTAI.initialize()");
return 0;
}
private boolean hasAllConfigurations(){
if(StringUtils.isNotBlank(this.formID)
&& StringUtils.isNotBlank(this.formID_Value)
&& StringUtils.isNotBlank(this.userIDfield)
)
return true;
return false;
}
@Override
public boolean isTargetInterceptor(HttpServletRequest req) throws WebTrustAssociationException {
if(req.getParameter(formID).equalsIgnoreCase(formID_Value)){
logger.info("Form ID matches desired value");
return true;
}else{
logger.info("The FormID of " + req.getParameter(formID) + " does not match the desired value of " + this.formID_Value);
}
return false;
}
@Override
public TAIResult negotiateValidateandEstablishTrust(HttpServletRequest req, HttpServletResponse res) throws WebTrustAssociationFailedException {
logger.entering(this.getClass().getName(), "FormBasedTAI.negotiate...()");
if(StringUtils.isNotBlank(req.getParameter(this.userIDfield))){
return TAIResult.create(HttpServletResponse.SC_OK, req.getParameter(this.userIDfield));
}
return TAIResult.create(HttpServletResponse.SC_UNAUTHORIZED);
}
}
