General Scripts

General scripts are usually bound to a specific class name. If the system detects the presence of such a class, it will invoke it based on its purpose.

Examples

The following script extends user authentication to accept forwarded user credentials from an identity provider like Shibboleth. The script must be named “UserAuthentication” and container-based authentication (CBA) must be enabled in the server configuration, LDAP/SSO tab.

import java.util.Enumeration;
import java.util.List;
import java.util.Locale;

import javax.servlet.http.HttpServletRequest;

System.out.println("Starting to examine request header...");

HttpServletRequest request = binding.getProperty("request");
Enumeration<String> headerNames = request.getHeaderNames();
        String userName = null;
        String referer = null;
        while (headerNames.hasMoreElements()) {
            String key = (String) headerNames.nextElement();
            String value = request.getHeader(key);
            System.out.println(key + ": " + value);
            if (key.equals("authorization")) {
                String decodedString = null;
                value = value.replaceAll("Basic ", "");
                decodedString = new String(Base64.decodeBase64(value), StandardCharsets.UTF_8);
                if (decodedString != null && decodedString.split(":").length > 0) {
                    String[] userPassArr = decodedString.split(":");
                    userName = userPassArr[0];
                }
            }
            if (key.equals("referer")) {
                referer = value;
            }
            if (key.equals("X-Forwarded-User")) {
                return value;
            }
        }

System.out.println("Finished examining request header...");
return "";