Missed Team ’24? Catch up on announcements here.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Seraph sso

Firas hammami
Firas hammami July 7, 2021

Hi all 

I'm trying to build a custom authenticator using seraph, in /atlassian-jira/WEB-INF/classes I puted this class :

package com.mycompany.seraph;

import javax.servlet.http.HttpServletRequest;
package com.mycompany.seraph;

import org.apache.log4j.Category;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.atlassian.seraph.auth.DefaultAuthenticator;

import java.security.Principal;

public class SSOnCookie
{
public static SSOnCookie getSSOCookie(HttpServletRequest request)
{
// ...
}

public boolean isExpired()
{
// ...
}

/** Return the username implied by the cookie in the request. */
public String getLoginId()
{
// ...
}
}
/**
* Extension of DefaultAuthenticator that uses third-party code to determine if a user is logged in,
* given a HTTPRequest object.
* Third-party code will typically check for the existence of a special cookie.
*
* In SSO scenarios where this authenticator is used, one typically configures Seraph to use an external login page
* as well:
*
* <init-param>
* <param-name>login.url</param-name>
* <param-value>http://mycompany.com/globallogin?target=${originalurl}</param-value>
* </init-param>
*

*
*/
public class SSOAuthenticator extends DefaultAuthenticator
{

private static final Category log = Category.getInstance(SSOAuthenticator.class);

public Principal getUser(HttpServletRequest request, HttpServletResponse response)
{
Principal user = null;

try
{
if(request.getSession() != null && request.getSession().getAttribute(DefaultAuthenticator.LOGGED_IN_KEY) != null)
{
log.info("Session found; user already logged in");
user = (Principal) request.getSession().getAttribute(DefaultAuthenticator.LOGGED_IN_KEY);
}
else
{
SSOnCookie ssoCookie = SSOnCookie.getSSOCookie(request);
log.info("Got SSOnCookie "+ssoCookie);

if (ssoCookie != null && !ssoCookie.isExpired())
{ // Seamless login from intranet
log.info("Trying seamless Single Sign-on...");
String username = ssoCookie.getLoginId();
System.out.println("Got username = " + username);
if (username != null)
{
user = getUser(username);
log.info("Logged in via SSO, with User "+user);
request.getSession().setAttribute(DefaultAuthenticator.LOGGED_IN_KEY, user);
request.getSession().setAttribute(DefaultAuthenticator.LOGGED_OUT_KEY, null);
}
}
else
{
log.info("SSOCookie is null; redirecting");
//user was not found, or not currently valid
return null;
}
}
}
catch (Exception e) // catch class cast exceptions
{
log.warn("Exception: " + e, e);
}
return user;
}

}

 

after that I edited seraph file like that  <authenticator class="SSOAuthenticator" />  SSOAuthenticator is the name of my class 

 

I got this error  org.apache.catalina.startup.ContextConfig.processAnnotationsWebResource Unable to process web resource [/WEB-INF/classes/SSOAuthenticator.class] for annotations 

 

have you any idea please?

 

Regards

Answer
Watch
Like Be the first to like this
316 views

0 answers

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events