X-Git-Url: https://code.grnet.gr/git/pithos/blobdiff_plain/503040ef62b1b91cbbd4e69adc513c560cff04b5..65e0a745ade2a723d51bf94a5034d2cd44c3ad0e:/src/gr/ebs/gss/server/Login.java diff --git a/src/gr/ebs/gss/server/Login.java b/src/gr/ebs/gss/server/Login.java index c49ca67..73c924e 100644 --- a/src/gr/ebs/gss/server/Login.java +++ b/src/gr/ebs/gss/server/Login.java @@ -29,7 +29,8 @@ import gr.ebs.gss.server.ejb.ExternalAPI; import java.io.IOException; import java.io.PrintWriter; import java.io.UnsupportedEncodingException; -import java.net.URL; +import java.net.URI; +import java.net.URISyntaxException; import java.net.URLEncoder; import java.util.Formatter; @@ -143,6 +144,9 @@ public class Login extends HttpServlet { Object snAttr = request.getAttribute("HTTP_SHIB_PERSON_SURNAME"); // Multi-valued Object mailAttr = request.getAttribute("HTTP_SHIB_INETORGPERSON_MAIL"); // Multi-valued Object userclassAttr = request.getAttribute("HTTP_SHIB_EP_UNSCOPEDAFFILIATION"); // Multi-valued + // Use a configured test username if found, as a shortcut for development deployments. + if (getConfiguration().getString("testUsername") != null) + usernameAttr = getConfiguration().getString("testUsername"); if (usernameAttr == null) { String authErrorUrl = "authenticationError.jsp"; authErrorUrl += "?name=" + (nameAttr==null? "-": nameAttr.toString()); @@ -234,8 +238,14 @@ public class Login extends HttpServlet { String userEncoded = URLEncoder.encode(user.getUsername(), "US-ASCII"); if (logger.isDebugEnabled()) logger.debug("user: "+userEncoded+" token: "+tokenEncoded); - if (nextUrl != null) { - URL next = new URL(nextUrl); + if (nextUrl != null && !nextUrl.isEmpty()) { + URI next; + try { + next = new URI(nextUrl); + } catch (URISyntaxException e) { + response.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage()); + return; + } String domain = next.getHost(); String path = next.getPath(); Cookie cookie = new Cookie(AUTH_COOKIE, userEncoded + COOKIE_SEPARATOR +