General Scripts

General scripts are usually bound to a specific class name. If the system recognizes the existence of such a class, it is called depending on its purpose.

Examples

The following script extends the user authentication to accept forwarded user credentials from an identity provider such as Shiboleth. The script must be named “UserAuthentication” and Container-Based Authentication (CBA) must be enabled in the Server Configuration, LDAP / SSO tab.

import java.util.Enumeration;
import java.util.List;
import java.util.Locale;

import javax.servlet.http.HttpServletRequest;

System.out.println("Starting to examine request header...");

HttpServletRequest request = binding.getProperty("request");
Enumeration<String> headerNames = request.getHeaderNames();
        String userName = null;
        String referer = null;
        while (headerNames.hasMoreElements()) {
            String key = (String) headerNames.nextElement();
            String value = request.getHeader(key);
            System.out.println(key + ": " + value);
            if (key.equals("authorization")) {
                String decodedString = null;
                value = value.replaceAll("Basic ", "");
                decodedString = new String(Base64.decodeBase64(value), StandardCharsets.UTF_8);
                if (decodedString != null && decodedString.split(":").length > 0) {
                    String[] userPassArr = decodedString.split(":");
                    userName = userPassArr[0];
                }
            }
            if (key.equals("referer")) {
                referer = value;
            }
            if (key.equals("X-Forwarded-User")) {
                return value;
            }
        }

System.out.println("Finished examining request header...");
return "";