如何在OpenIG中发出名称请求?
如何在OpenIG中发出名称请求?
提问于 2013-01-15 07:06:36
我一直在尝试这个来自ForgeRock的OpenIG身份网关,以集成一些遗留系统,特别是在这种情况下,我将它与来自Ars Digita和不同机构的OpenACS+.LRN a项目一起使用。
这就是问题所在:使用在OpenIG文档中找到的配方来提取隐藏值并回复请求的cookie以避免安全问题,我收到了一个成功的POST请求以登录到系统,但是在请求之后,OpenACS日志告诉我最初的请求请求类似于http://10.10.10.10/register而不是真正的客户端请求http://openacs-domain.com/register,并中断到302重定向到IP方向进行新的登录。
我已经修改了/etc/hosts,以检查它是否执行名称解析没有成功。
奇怪的是,如果我在发出初始请求时返回到域,我就有了一个有效的启动会话,一切都很好。
我希望我已经足够描述了,并且有人对此有解决方案。我将附加config.json
{
"heap": {
"objects": [
{
"name": "HandlerServlet",
"comment": "Entry point that transforms Servlet request to handler request.",
"type": "HandlerServlet",
"config": {
"handler": "DispatchHandler",
"baseURI":"http://10.10.10.10"
}
},
{
"name": "DispatchHandler",
"type": "DispatchHandler",
"config": {
"bindings": [
{
"condition": "${exchange.request.uri.path == '/register/'}",
"handler": "LoginChain"
},
{
"handler": "OutgoingChain",
},
]
}
},
{
"name": "LoginChain",
"type": "Chain",
"config": {
"filters": ["SwitchFilter", "HiddenValueExtract"],
"handler": "OutgoingChain"
}
},
{
"name": "HiddenValueExtract",
"type": "EntityExtractFilter",
"config": {
"messageType": "response",
"target": "${exchange.hiddenValue}",
"bindings": [
{
"key": "time",
"pattern": "time\"\s.*value=\"(.{10})\"",
"template": "$1"
},
{
"key": "tokenId",
"pattern": "token_id\"\s.*value=\"(.{3})\"",
"template": "$1"
},
{
"key": "hash",
"pattern": "hash\"\s.*value=\"(.*)\"",
"template": "$1"
}
]
}
},
{
"name": "SwitchFilter",
"type": "SwitchFilter",
"config": {
"onResponse": [
{
"condition": "${exchange.response.status == 200}",
"handler": "LoginRequestHandler"
}
]
}
},
{
"name": "LoginRequestHandler",
"type": "Chain",
"config": {
"filters": ["LoginRequest"],
"handler": "OutgoingChain"
}
},
{
"name": "LoginRequest",
"type": "StaticRequestFilter",
"config": {
"method": "POST",
"uri": "http://10.10.10.10/register/",
"form": {
"form:mode": ["edit"],
"form:id": ["login"],
"__confirmed_p": ["0"],
"__refreshing_p": ["0"],
"return_url": ["/dotlrn/control-panel"],
"time": ["${exchange.hiddenValue.time}"],
"token_id": ["${exchange.hiddenValue.tokenId}"],
"hash": ["${exchange.hiddenValue.hash}"]
"email": ["user.example@gmail.com"],
"password": ["password"]
}
"headers": {
"cookie": ["${exchange.response.headers['Set-Cookie'][0]}"],
}
}
},
{
"name": "OutgoingChain",
"type": "Chain",
"config": {
"filters": ["CaptureFilter"],
"handler": "ClientHandler"
}
},
{
"name": "CaptureFilter",
"type": "CaptureFilter",
"config": {
"captureEntity": false,
"file": "/tmp/gateway.log",
}
},
{
"name": "ClientHandler",
"comment": "Responsible for sending all requests to remote servers.",
"type": "ClientHandler",
"config": {
}
}
]
},
"servletObject": "HandlerServlet",
}回答 1
Stack Overflow用户
回答已采纳
发布于 2013-02-12 00:46:45
这是最终版本:
{
"heap": {
"objects": [
{
"name": "LogSink",
"comment": "Default sink for logging information.",
"type": "ConsoleLogSink",
"config": {
"level": "DEBUG",
}
},
{
"name": "DispatchServlet",
"type": "DispatchServlet",
"config": {
"bindings": [
{
"pattern":"^/saml",
"object":"FederationServlet"
},
{
"pattern":"",
"object":"HandlerServlet"
}
]
}
},
{
"name": "FederationServlet",
"type": "org.forgerock.openig.saml.FederationServlet",
"config": {
"assertionMapping": {
"userName":"mail",
"password":"employeenumber"
},
"subjectMapping":"subjectName",
"redirectURI":"/register",
"logoutURI":"/register/logout"
}
},
{
"name": "HandlerServlet",
"comment": "Entry point that transforms Servlet request to handler request.",
"type": "HandlerServlet",
"config": {
"handler": "DispatchHandler",
"baseURI":"http://www.plataformaciapem.org.mx"
}
},
{
"name": "DispatchHandler",
"type": "DispatchHandler",
"config": {
"bindings": [
{
"condition": "${exchange.request.uri.path != '/register/'}",
"handler": "ClientHandler"
},
{
"condition": "${empty exchange.session.userName}",
"handler": "SPInitiatedSSORedirectHandler",
},
{
"handler": "LoginChain",
},
]
}
},
{
"name": "SPInitiatedSSORedirectHandler",
"type": "StaticResponseHandler",
"config": {
"status": 302,
"reason": "Found",
"headers": {
"Location": ["http://www.plataformaciapem.org.mx/saml/SPInitiatedSSO"]
}
}
},
{
"name": "LoginChain",
"type": "Chain",
"config": {
"filters": ["SwitchFilter", "HiddenValueExtract"],
"handler": "OutgoingChain"
}
},
{
"name": "HiddenValueExtract",
"type": "EntityExtractFilter",
"config": {
"messageType": "response",
"target": "${exchange.hiddenValue}",
"bindings": [
{
"key": "time",
"pattern": "time\"\s.*value=\"(.{10})\"",
"template": "$1"
},
{
"key": "tokenId",
"pattern": "token_id\"\s.*value=\"(.{3})\"",
"template": "$1"
},
{
"key": "hash",
"pattern": "hash\"\s.*value=\"(.*)\"",
"template": "$1"
}
]
}
},
{
"name": "SwitchFilter",
"type": "SwitchFilter",
"config": {
"onResponse": [
{
"condition": "${exchange.response.status == 200}",
"handler": "LoginRequestHandler"
}
]
}
},
{
"name": "LoginRequestHandler",
"type": "Chain",
"config": {
"filters": ["LoginRequest"],
"handler": "OutgoingChain"
}
},
{
"name": "LoginRequest",
"type": "StaticRequestFilter",
"config": {
"method": "POST",
"uri": "http://www.plataformaciapem.org.mx/register/",
"form": {
"form:mode": ["edit"],
"form:id": ["login"],
"__confirmed_p": ["0"],
"__refreshing_p": ["0"],
"return_url": ["/dotlrn/control-panel"],
"time": ["${exchange.hiddenValue.time}"],
"token_id": ["${exchange.hiddenValue.tokenId}"],
"hash": ["${exchange.hiddenValue.hash}"]
"email": ["${exchange.session.userName}"],
"password": ["${exchange.session.password}"],
}
"headers": {
"cookie": ["${exchange.response.headers['Set-Cookie'][0]}"],
}
}
},
{
"name": "OutgoingChain",
"type": "Chain",
"config": {
"filters": ["CaptureFilter"],
"handler": "ClientHandler"
}
},
{
"name": "CaptureFilter",
"type": "CaptureFilter",
"config": {
"captureEntity": false,
"file": "/tmp/gateway.log",
}
},
{
"name": "ClientHandler",
"comment": "Responsible for sending all requests to remote servers.",
"type": "ClientHandler",
"config": {
}
}
]
},
"servletObject": "DispatchServlet",
}页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/14328468
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号