Oracle9iAS Single Sign-On Application Developer's Guide Release 3.0.9 Part Number A90343-01 |
|
This chapter provides some sample programs and examples of code to illustrate for developers how to implement partner applications.
This chapter contains the following topics:
Writing a partner application using PL/SQL requires Oracle Web Agent packages for web related functionality and requires that two procedures be implemented. In the following code example, these two public procedures perform all redirection and parsing functionality. The public procedures are as follows:
This procedure constructs the application URL and it requires authentication to access it. This procedure checks to see if the application cookie exists and user information can be retrieved. Otherwise it redirects the user to the SSO server by generating redirect url.
This procedure gets the URLC token from the SSO server, decrypts it, and retrieves user information and the requested url. It sets the application cookie and redirects the browser to the partner application URL ( i.e. SSOAPP URL).
// papp.pks CREATE OR REPLACE PACKAGE sample_sso_papp IS /* Single Sign-On enabled web procedure */ PROCEDURE ssoapp; /* Web procedure for success url of this Partner application */ PROCEDURE sign_on(urlc IN VARCHAR2); END sample_sso_papp; / show errors package sample_sso_papp; //papp.pkb set define on; set verify off; CREATE OR REPLACE PACKAGE BODY sample_sso_papp IS g_listener_token VARCHAR2(1000); g_requested_url VARCHAR2(1000); g_cancel_url VARCHAR2(1000); g_cookie_domain VARCHAR2(1000); p_html_str VARCHAR2(32000); g_cookie_name VARCHAR2(1000) := '&session_cookie_name'; g_cookie_path VARCHAR2(1000) := '/'; g_dad_name VARCHAR2(100) := '&partner_app_dad_name'; g_schema_name VARCHAR2(100) := user; PROCEDURE init_params AS l_host_name VARCHAR2(256); l_server_port VARCHAR2(256); l_protocol VARCHAR2(256); BEGIN begin htp.init; exception when others then null; end; l_host_name := owa_util.get_cgi_env('SERVER_NAME'); l_server_port := owa_util.get_cgi_env('SERVER_PORT'); -- the mod_plsql gateway will pass in the protocol in -- a new environment variable REQUEST_PROTOCOL. -- The SERVER_PROTOCOL, which the Apache Listener sets, -- and currently always sets to HTTP/1.0, will not be -- modified by the gateway. l_protocol := owa_util.get_cgi_env('REQUEST_PROTOCOL'); g_listener_token := l_host_name || ':' || l_server_port; if(l_protocol is null) or (length(l_protocol) = 0) then l_protocol := 'http'; end if; l_protocol := lower(l_protocol); g_requested_url := l_protocol || '://' || g_listener_token || '/pls/' || g_dad_name || '/' ||g_schema_name ||'.sample_sso_ papp.ssoapp'; g_cancel_url := l_protocol || '://' || g_listener_token; g_cookie_domain := l_host_name; EXCEPTION when others then htp.p(SQLERRM);htp.nl; END init_params; /* Get user information */ FUNCTION get_user_info RETURN VARCHAR2 IS l_user_info VARCHAR2(1000); l_app_cookie owa_cookie.cookie; BEGIN l_app_cookie := owa_cookie.get(g_cookie_name); if (l_app_cookie.num_vals > 0) then l_user_info := l_app_cookie.vals(1); else l_user_info := NULL; end if; return l_user_info; EXCEPTION WHEN OTHERS THEN htp.p('get_user_info: '||SQLERRM);htp.nl; END get_user_info; function gen_html_post_str ( l_gen_url IN VARCHAR2 ) RETURN VARCHAR2 IS l_htmlstr varchar2(1000); l_ls_url varchar2(1000); l_tname varchar2(100); l_tvalue varchar2(1000); l_len number; l_qindex number; l_eq_index number; BEGIN l_len := length(l_gen_url); l_qindex := instr(l_gen_url, '?'); l_eq_index := instr(l_gen_url, '='); l_ls_url := substr(l_gen_url, 0, l_qindex-1); l_tname := substr(l_gen_url, l_qindex+1, l_eq_index-l_qindex-1); l_tvalue := substr(l_gen_url, l_eq_index+1); l_htmlstr := '<HTML><BODY onLoad="document.LoginForm.submit();">' || '<FORM ACTION="' || l_ls_url || '" METHOD="POST" NAME="LoginForm">' || '<INPUT TYPE="HIDDEN" NAME="' || l_tname || '" VALUE="' || l_tvalue || '">' || '</FORM></BODY></HTML>'; return l_htmlstr; EXCEPTION WHEN OTHERS THEN htp.p(sqlerrm); END gen_html_post_str; PROCEDURE ssoapp IS l_user_info VARCHAR2(1000); l_gen_redirect_url VARCHAR2(32000); l_html_str VARCHAR2(32000); BEGIN init_params; l_user_info := get_user_info; IF l_user_info is NULL THEN l_gen_redirect_url := wwsec_sso_enabler_private.generate_redirect ( p_lsnr_token => g_listener_token, urlrequested => g_requested_url, urloncancel => g_cancel_url ); htp.p('Redirecting to the Login Server for authentication...'); -- -- The l_gen_redirect_url is usually large url which might -- get truncated by the browser. -- Instead of using owa_util.redirect_url, we will use -- HTTP POST for sending redirect. -- For moblie application etc. it may not be possible to use HTTP -- POST since it may not support html hidden form parameter. -- owa_util.redirect_url(l_gen_redirect_url); -- l_html_str := gen_html_post_str(l_gen_redirect_url); htp.p(l_html_str); ELSE htp.htmlOpen; htp.headOpen; htp.title('PL/SQL based SSO Partner Application'); htp.headCLose; htp.bodyOpen; htp.p('Congratulations! It is working!<br>'); htp.p('User Information:' || l_user_info || '<br>'); htp.bodyClose; htp.htmlClose; END IF; EXCEPTION WHEN no_data_found OR wwsec_sso_enabler_private.enabler_config_not_found THEN htp.p('Error in application: missing application registration information'); htp.p('<br>'); htp.p('Please register this application as described in installation guide'); htp.nl; WHEN others THEN htp.p('Error in application:' || sqlerrm); htp.nl; END ssoapp; PROCEDURE sign_on ( urlc IN VARCHAR2 ) IS l_urlc VARCHAR2(32000); l_sso_user_name VARCHAR2(1000); l_ip_address VARCHAR2(1000); l_sso_time_remaining VARCHAR2(1000); l_site_time_stamp VARCHAR2(1000); l_url_requested VARCHAR2(1000); l_unused_param VARCHAR2(1000); BEGIN init_params; -- Process URLC token wwsec_sso_enabler_private.parse_url_cookie ( p_lsnr_token => g_listener_token, encrypted_urlcookie => urlc, ssousername => l_sso_user_name, ipadd => l_ip_address, ssotimeremaining => l_sso_time_remaining, sitetimestamp => l_site_time_stamp, urlrequested => l_url_requested, newsitekey => l_unused_param ); -- Set application cookie owa_util.mime_header('text/html', FALSE); owa_cookie.send ( name => g_cookie_name, value => l_sso_user_name, expires => null, path => g_cookie_path, domain => g_cookie_domain ); owa_util.redirect_url(l_url_requested); owa_util.http_header_close; -- Redirect user to the requested application url htp.htmlOpen; htp.headOpen; htp.p(''); htp.headClose; htp.htmlClose; EXCEPTION WHEN OTHERS THEN htp.p(sqlerrm); END sign_on; END sample_sso_papp; / show errors package body sample_sso_papp
Initially, the partner application redirects the user to the Login Server for authentication and, after successful authentication, sets its own application session cookie. Any future request first attempts to validate the application session cookie. If the application session cookie is not found, then the partner application redirects the user to the Login Server. To avoid contacting Login Server for authentication verification of every user request, all partner applications should maintain their own application session.
This section contains the following topics
To implement the partner application in Java, we will implement a generic bean which will be used in Servlet as well as JSP based applications.
// SSOEnablerBean.java import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.Cookie; import java.net.URL; import java.net.InetAddress; import java.sql.DriverManager; import java.sql.Connection; import oracle.jdbc.pool.OracleConnectionCacheImpl; import oracle.security.sso.enabler.SSOEnabler; import oracle.security.sso.enabler.SSOUserInfo; import oracle.security.sso.enabler.SSOEnablerUtil; import oracle.security.sso.enabler.SSOEnablerException; public class SSOEnablerBean { private String m_listenerToken = null; private String m_requestedUrl = null; private String m_onCancelUrl = null; private String m_pappCookieName = null; private String m_pappCookieDomain = null; private String m_pappCookieScope = null; private OracleConnectionCacheImpl m_connCache = null; /** * Default constructor */ public SSOEnablerBean() { } /** * Set listener token */ public void setListenerToken(String p_listenerToken) { m_listenerToken = p_listenerToken; } /** * Set requested and cancel url */ public void setUrls(String p_requestedUrl, String p_cancelUrl) { m_requestedUrl = p_requestedUrl; m_onCancelUrl = p_cancelUrl; } /** * Set application cookie information */ public void setAppCookieInfo(String p_name, String p_domain, String p_path) { m_pappCookieName = p_name; m_pappCookieDomain = p_domain; m_pappCookieScope = p_path; } public void setDbConnectionInfo(String p_schema , String p_password, String p_hostname, int p_port, String p_sid, int p_dbPoolSize) { try { m_connCache = new OracleConnectionCacheImpl(); // m_connCache.setURL("jdbc:oracle:oci8:@"); Class.forName("oracle.jdbc.driver.OracleDriver"); m_connCache.setURL("jdbc:oracle:thin:@" + p_hostname + ":" + p_port + ":" + p_sid ); m_connCache.setUser(p_schema); m_connCache.setPassword(p_password); m_connCache.setMaxLimit(p_dbPoolSize); } catch(Exception e) { m_connCache = null; } } /** * This method will return SSO user information. If the user is not authenticated against * SSO server then it will redirect user to the SSO Server for authentication */ public String getSSOUserInfo(HttpServletRequest p_request, HttpServletResponse p_response) throws SSOEnablerException { String l_userName = null; if(p_response == null || p_response == null) { throw new SSOEnablerException("Http objects are null"); } if(m_listenerToken == null) { throw new SSOEnablerException("Listener token is null"); } if(m_requestedUrl == null || m_onCancelUrl == null) { throw new SSOEnablerException("Requested url and cancel url must be set"); } try { // Get database connection Connection l_db_con = m_connCache.getConnection(); // Try to get user information from application cookie l_userName = getUserInfo(p_request); if(l_userName == null) { // Create SSOEnabler object SSOEnabler l_ssoEnabler = new SSOEnabler(l_db_con); // Create redirect url to the SSO server for user authentication String l_redirectUrl = l_ssoEnabler.generateRedirect(m_listenerToken, m_ requestedUrl, m_onCancelUrl); // close database connection l_db_con.close(); // p_response.sendRedirect(l_redirectUrl); // Since the redirect url is usually large so send the redirect url input // parameters using HTTP post method instead of usual GET method of // HttpServletResponse.sendRedirect String htmlPostForm = SSOEnablerUtil.genHtmlPostForm(l_ redirectUrl); p_response.getWriter().println(htmlPostForm); return null; } else { // We got this user information from application cookie SSOEnablerUtil l_ssoAppUtil = new SSOEnablerUtil(l_db_con); return l_ssoAppUtil.unbakeAppCookie(m_listenerToken, l_ userName); } } catch(Exception e) { throw new SSOEnablerException(e.toString()); } } /** * Get user information from application cookie */ private String getUserInfo(HttpServletRequest p_request) throws SSOEnablerException { boolean l_gotPappCookie = false; String l_userInfo = null; if(m_pappCookieName == null) throw new SSOEnablerException("Cookie name is null"); try { Cookie[] l_cookies = p_request.getCookies(); for(int i=0; i < l_cookies.length; i++) { Cookie l_pappCookie = l_cookies[i]; if (l_pappCookie.getName().equals(m_pappCookieName)) { l_gotPappCookie = true; l_userInfo = l_pappCookie.getValue(); break; } } } catch(Exception e) { return null; } if( (l_userInfo != null) && (l_userInfo.length() > 0) ) { return l_userInfo; } else { return null; } } /** * This method will set application cookie from SSO server token and then redirect * user to the application */ public void setPartnerAppCookie(HttpServletRequest p_request, HttpServletResponse p_response) throws SSOEnablerException { if(p_response == null || p_response == null) { throw new SSOEnablerException("Http objects are null"); } if(m_listenerToken == null) { throw new SSOEnablerException("Listener token is null"); } if( m_pappCookieName == null || m_pappCookieDomain == null || m_pappCookieScope == null) { throw new SSOEnablerException("Application cookie information is not available"); } SSOUserInfo l_ssoUserInfo = null; try { String l_urlParam = p_request.getParameterValues("urlc")[0]; if(l_urlParam != null) { // Get database connection Connection l_db_con = m_connCache.getConnection(); // Create SSOEnabler object SSOEnabler l_ssoEnabler = new SSOEnabler(l_db_con); // Get IP address of the client InetAddress l_clientIp = InetAddress.getByName(p_ request.getRemoteAddr()); l_ssoUserInfo = l_ssoEnabler.getSSOUserInfo(m_listenerToken, l_ urlParam, l_clientIp); // Set application cookie SSOEnablerUtil l_ssoAppUtil = new SSOEnablerUtil(l_db_con); String l_bakedAppCookie = l_ssoAppUtil.bakeAppCookie(m_listenerToken, l_ ssoUserInfo.getSSOUserName()); // Close database connection l_db_con.close(); // Create application cookie and set it // ** IMPORTANT ** // Time stamp **must** be added in this cookie and should implement // application cookie time out based on user in-activity etc. Cookie l_AppCookie = new Cookie(m_pappCookieName, l_bakedAppCookie); l_AppCookie.setDomain(m_pappCookieDomain); // In-memory cookie for better security l_AppCookie.setMaxAge(-1); l_AppCookie.setPath(m_pappCookieScope); p_response.addCookie(l_AppCookie); String reqRedirHtmlStr = SSOEnablerUtil.genRedirect(l_ ssoUserInfo.getUrlRequested()); p_response.getWriter().println(reqRedirHtmlStr); } else { throw new SSOEnablerException("SSO server returned null user information"); } } catch(Exception e) { throw new SSOEnablerException(e.toString()); } } /** * Remove application cookie to end user application session */ public void removeAppCookie(HttpServletResponse p_response) throws SSOEnablerException { if(p_response == null) { throw new SSOEnablerException("HttpServletResponse is null"); } if( m_pappCookieName == null || m_pappCookieDomain == null || m_pappCookieScope == null) { throw new SSOEnablerException("Application cookie information is not available"); } Cookie l_AppCookie = new Cookie(m_pappCookieName, "End application sesion"); l_AppCookie.setDomain(m_pappCookieDomain); l_AppCookie.setMaxAge(0); l_AppCookie.setPath(m_pappCookieScope); p_response.addCookie(l_AppCookie); } public void close() { try { m_connCache.close(); } catch(Exception e) { } } }
A sample servlet based partner application could be implemented using one bean and three servlets.
SSOPartnerServlet
application URL. This servlet will get the user information with the help of SSOEnablerServletBean
. If the user information can be found, then it is used inside the application. Otherwise, the browser redirects the user to the Single Sign-On server.
This bean is derived from the SSOEnablerBean
and implements the necessary methods for servlet based application.
This servlet is the main partner application servlet. To access this servlet, the user must authenticate to the SSO server. This servlet redirects the unauthenticated user to the SSO server.
This servlet parses the URLC token received from SSO server, sets the application cookie, and redirects the user to the requested web application URL (i.e. SSOPartnerServlet
)
This servlet removes the application session of the partner application
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import oracle.security.sso.enabler.SSOEnablerException; public class SSOEnablerServletBean.Java { /** Start configuration parameters * For production quality application, you should read these * parameters from database instead of harcoding them here. */ // Listener token for this partner application name private static String m_listenerToken = "www.papp.com:80"; // Partner application session cookie name private static String m_cookieName = "SSO_PAPP_JSP_ID"; // Partner application session domain private static String m_cookieDomain = "www.papp.com"; // Partner application session path scope private static String m_cookiePath = "/"; // Host name of the database private static String m_dbHostName = "www.papp.com"; // Port for database private static int m_dbPort = 1521; // Sehema name private static String m_dbSchemaName = "papp"; // Schema password private static String m_dbSchemaPasswd = "papp"; // Database SID name private static String m_dbSID = "orcl"; // Database connection pool size private static int m_dbPoolSize = 3; // Requested URL (User requested page) private static String m_requestUrl = "http://www.papp.com/servlet/SSOPartnerServlet"; // Cancel URL(Home page for this application which don't require authentication) private static String m_cancelUrl = "http://www.papp.com"; /* End of configuration parameters */ // Enabler object (Don't change) private SSOEnablerBean m_enablerBean = null; /** * Default constructor */ public SSOEnablerServletBean() { m_enablerBean = new SSOEnablerBean(); m_enablerBean.setListenerToken(m_listenerToken); m_enablerBean.setUrls(m_requestUrl, m_cancelUrl); m_enablerBean.setAppCookieInfo(m_cookieName, m_cookieDomain, m_ cookiePath); m_enablerBean.setDbConnectionInfo(m_dbSchemaName, m_dbSchemaPasswd, m_dbHostName , m_dbPort , m_dbSID, m_dbPoolSize); } public String getSSOUserInfo(HttpServletRequest p_request, HttpServletResponse p_response) throws SSOEnablerException { return m_enablerBean.getSSOUserInfo(p_request, p_response); } public void setPartnerAppCookie(HttpServletRequest p_request, HttpServletResponse p_response) throws SSOEnablerException { m_enablerBean.setPartnerAppCookie(p_request, p_response); } public void removeServletAppCookie(HttpServletResponse p_response) throws SSOEnablerException { m_enablerBean.removeAppCookie(p_response); } }
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServlet; import javax.servlet.ServletException; import java.io.PrintWriter; public class SSOPartnerServlet extends HttpServlet { /** * The HTTP GET request will show the application content of the user if he/she is already * authenticated, otherwise he/she will be redirected to the Single Sign-On server */ public void doGet(HttpServletRequest p_request, HttpServletResponse p_ response) throws ServletException { p_response.setContentType("text/html"); if(p_request == null || p_response == null) { throw new ServletException("Http objects are null"); } try { PrintWriter l_out = p_response.getWriter(); SSOEnablerServletBean l_ssobean = new SSOEnablerServletBean(); String l_userInfo = l_ssobean.getSSOUserInfo(p_request, p_ response); if(l_userInfo != null) { // Display some application content for the SSO user l_out.println("<HTML><HEAD><TITLE>Servlet based SSO Partner Application</TITLE></HEAD><BODY>"); l_out.println("<H3><center>Servlet based SSO Partner Application</center></H3>"); l_out.println("<P><center>User Information: " + l_userInfo + "<center><BR>"); l_out.println("<P><center><A HREF=\"/servlet/SSOPartnerLogoutServlet\">Logout</A><center></P>"); l_out.println("</BODY></HTML>"); } else { // Display redirection to SSO server message l_out.println("<HTML><HEAD><TITLE>Servlet based SSO Partner Application</TITLE></HEAD><BODY>"); l_out.println("<center>Please wait while redirecting to the Login Server...</center>"); l_out.println("</BODY></HTML>"); } } catch(Exception e) { try { p_response.getWriter().println("Error " + e.toString()); } catch(Exception e1) { throw new ServletException(e1.toString()); } } } }
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServlet; import javax.servlet.ServletException; import java.io.PrintWriter; public class SSOSignOnServlet extends HttpServlet { /** * The HTTP Post will set application cookie from SSO server token and then redirect * user to the Servlet based partner application */ public void doPost(HttpServletRequest p_request, HttpServletResponse p_ response) throws ServletException { p_response.setContentType("text/html"); if(p_request == null || p_response == null) { throw new ServletException("Http objects are null"); } try { SSOEnablerServletBean l_ssobean = new SSOEnablerServletBean(); l_ssobean.setPartnerAppCookie(p_request, p_response); } catch(Exception e) { try { p_response.getWriter().println("Error " + e.toString()); } catch(Exception e1) { throw new ServletException(e1.toString()); } } } } SSOPartnerLogoutServlet.java import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServlet; import javax.servlet.ServletException; import java.io.PrintWriter; public class SSOPartnerLogoutServlet extends HttpServlet { public void doGet(HttpServletRequest p_request, HttpServletResponse p_response) throws ServletException { p_response.setContentType("text/html"); if(p_request == null || p_response == null) { throw new ServletException("Http objects are null"); } try { SSOEnablerServletBean l_ssobean = new SSOEnablerServletBean(); l_ssobean.removeServletAppCookie(p_response); PrintWriter l_out = p_response.getWriter(); l_out.println("<HTML><HEAD><TITLE>" + "Servlet based SSO Partner Application</TITLE></HEAD><BODY>"); l_out.println("<center><H3>Servlet based SSO Partner" + " Application</H3><center>"); l_out.println("<P><center>You are logged off from application" + " session<center><BR>"); l_out.println("<P><center>" +"<A HREF='/servlet/SSOPartnerServlet'>Login</A><center></P>"); l_out.println("</BODY></HTML>"); } catch(Exception e) { try { p_response.getWriter().println("Error " + e.toString()); } catch(Exception e1) { throw new ServletException(e1.toString()); } } } }
The JSP based partner application can be implemented using a Java bean for generating a redirection URL and processing the redirected URL parameter from the SSO server. A JSP page should embed this bean, which can be included in all JSP based applications that require SSO functionality.
papp.js
p page.
ssoinclude.jsp
page. If the user information can be found, then it is used by the application. Otherwise, the browser redirects the user to the Single Sign-On server using SSOEnablerJspBean
.
ssosignon.jsp
page. This page sets the application cookie and redirects the user to the requested application URL using SSOEnablerJspBean
.
A sample JSP based application can be implemented by implementing the following bean and JSP pages:
This bean has the getSSOUserInfo
method which returns the user information when the application cookie is already set. Otherwise, it redirects the user to the SSO server for authentication.
This page embeds the SSOEnablerJsp
bean and should be included all application JSP pages where SSO functionality is necessary.
This page embeds the SSOEnablerJspBean
for generating redirection URL and processing the redirected URL parameter received from the SSO server.
This page is the main application page and requires SSO functionality. This page must include the ssoinclude.jsp
page to get the user information.
This JSP page removes the application session
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import oracle.security.sso.enabler.SSOEnablerException; public class SSOEnablerJspBean { /** Start configuration parameters * For production quality application, you should read these * parameters from database instead of harcoding them here. */ // Listener token for this partner application name private static String m_listenerToken = "www.papp.com:80"; // Partner application session cookie name private static String m_cookieName = "SSO_PAPP_JSP_ID"; // Partner application session domain private static String m_cookieDomain = "www.papp.com"; // Partner application session path scope private static String m_cookiePath = "/"; // Host name of the database private static String m_dbHostName = "www.papp.com"; // Port for database private static int m_dbPort = 1521; // Sehema name private static String m_dbSchemaName = "papp"; // Schema password private static String m_dbSchemaPasswd = "papp"; // Database SID name private static String m_dbSID = "orcl"; // Database connection pool size private static int m_dbPoolSize = 5; // Requested URL (User requested page) private static String m_requestUrl = "http://www.papp.com/papp/plsql/jsp/papp.jsp"; // Cancel URL(Home page for this application which don't require authentication) private static String m_cancelUrl = "http://www.papp.com"; /* End of configuration parameters */ // Enabler object (Don't change) private SSOEnablerBean m_enablerBean = null; /** * Default constructor */ public SSOEnablerJspBean() { m_enablerBean = new SSOEnablerBean(); m_enablerBean.setListenerToken(m_listenerToken); m_enablerBean.setUrls(m_requestUrl, m_cancelUrl); m_enablerBean.setAppCookieInfo(m_cookieName, m_cookieDomain, m_ cookiePath); m_enablerBean.setDbConnectionInfo(m_dbSchemaName, m_dbSchemaPasswd, m_dbHostName , m_dbPort , m_dbSID, m_dbPoolSize); } public String getSSOUserInfo(HttpServletRequest p_request, HttpServletResponse p_response) throws SSOEnablerException { return m_enablerBean.getSSOUserInfo(p_request, p_response); } public void setPartnerAppCookie(HttpServletRequest p_request, HttpServletResponse p_response) throws SSOEnablerException { m_enablerBean.setPartnerAppCookie(p_request, p_response); } public void removeJspAppCookie(HttpServletResponse p_response) throws SSOEnablerException { m_enablerBean.removeAppCookie(p_response); } }
<%@ page language="java" import="oracle.security.sso.enabler.*" %> <jsp:useBean id="ssoObj" scope="application" class="SSOEnablerJspBean" /> <% String usrInfo = ssoObj.getSSOUserInfo(request, response); if(usrInfo == null) { %> <center>Please wait while redirecting to the SSO Server...</center> <% } %>
<%@ page language="java" import="oracle.security.sso.enabler.*" %> <jsp:useBean id="ssoObj" scope="application" class="SSOEnablerJspBean" /> <% ssoObj.setPartnerAppCookie(request, response); %>
<%@ page buffer="5" autoFlush="true" %> <%@ include file="ssoinclude.jsp" %> <% if(usrInfo != null) { response.getWriter().println("<center><h2>Sample JSP Partner Application</FONT></h2></center>"); response.getWriter().println("<center>User information :" + usrInfo +"</center>"); response.getWriter().println("<center><a href=\"papplogoff.jsp\">Logoff</a></center>"); } else { response.getWriter().println("<center>User information not found</center>"); } %>
<%@ page language="java" import="oracle.security.sso.enabler.*" %> <jsp:useBean id="ssoObj" scope="application" class="SSOEnablerJspBean" /> <% try { ssoObj.removeJspAppCookie(response); } catch(Exception e) { %> <center> Error in ending JSP application session. Please quit your all browser windows. </center> <% return; } %> <center> You are logged off from JSP application session <br> <a href="papp.jsp">Login</a> </center>
|
Copyright © 2001 Oracle Corporation. All Rights Reserved. |
|