我被要求修复一个位于两个应用程序之间的Servlet。它的目的是将SAML授权请求转换为SAML v2.0 / SAML 1.1并相互转换。因此,它:
- 从一个应用程序接收HTTP SAML v2.0授权请求
- 将请求转换为SAML v1.1
- 将请求发送到第二个应用程序
- 从第二个应用程序接收SAML v1.1响应
- 将响应转换为SAML v2.0
- 将响应发送回第一个应用程序
- 同时有15个请求命中servlet
- servlet生成15个线程来服务请求
- 所有15个线程都检索其各自的请求数据
- 所有15个线程都将其各自的数据从SAML v2.0转换为SAML v1.1
- 线程1调用HTTPClient.execute()
- 线程1将请求发送到第二个应用程序
- 线程1从第二个应用程序接收响应
- 线程1解码响应并将其从SAML v1.1转换为SAML v2.0
- 线程1将响应发送回第一个应用程序
- 线程2调用HTTPClient.execute()
- ...等等...
public class MappingServlet extends HttpServlet {
private HttpClient client;
private String pdp_url;
public void init() throws ServletException {
org.opensaml.Configuration.init();
pdp_url = getInitParameter("pdp_url");
ThreadSafeClientConnManager cm = new ThreadSafeClientConnManager();
HttpRoute route = new HttpRoute(new HttpHost(pdp_url));
cm.setDefaultMaxPerRoute(100);
cm.setMaxForRoute(route, 100);
cm.setMaxTotal(100);
client = new DefaultHttpClient(cm);
}
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
long threadId = Thread.currentThread().getId();
log.debug("[THREAD " + threadId + "] client request received");
// Get the input entity (SAML2)
InputStream in = null;
byte[] query11 = null;
try {
in = request.getInputStream();
query11 = Saml2Requester.convert(in);
log.debug("[THREAD " + threadId + "] client request SAML11:\n" + query11);
} catch (IOException ex) {
log.error("[THREAD " + threadId + "]\n", ex);
return;
} finally {
if (in != null) {
try {
in.close();
} catch (IOException ioe) {
log.error("[THREAD " + threadId + "]\n", ioe);
}
}
}
// Proxy the request to the PDP
HttpPost httpPost = new HttpPost(pdp_url);
ByteArrayEntity entity = new ByteArrayEntity(query11);
httpPost.setEntity(entity);
HttpResponse httpResponse = null;
try {
httpResponse = client.execute(httpPost);
} catch (IOException ioe) {
log.error("[THREAD " + threadId + "]\n", ioe);
httpPost.abort();
return;
}
int sc = httpResponse.getStatusLine().getStatusCode();
if (sc != HttpStatus.SC_OK) {
log.error("[THREAD " + threadId + "] Bad response from PDP: " + sc);
httpPost.abort();
return;
}
// Get the response back from the PDP
InputStream in2 = null;
byte[] resp = null;
try {
HttpEntity entity2 = httpResponse.getEntity();
in2 = entity2.getContent();
resp = Saml2Requester.consumeStream(in2);
EntityUtils.consumeStream(in2);
log.debug("[THREAD " + threadId + "] client response received, SAML11: " + resp);
} catch (IOException ex) {
log.error("[THREAD " + threadId + "]", ex);
httpPost.abort();
return;
} finally {
if (in2 != null) {
try {
in2.close();
} catch (IOException ioe) {
log.error("[THREAD " + threadId + "]", ioe);
}
}
}
// Convert the response from SAML1.1 to SAML2 and send back
ByteArrayInputStream respStream = null;
byte[] resp2 = null;
try {
respStream = new ByteArrayInputStream(resp);
resp2 = Saml2Responder.convert(respStream);
} finally {
if (respStream != null) {
try {
respStream.close();
} catch (IOException ioe) {
log.error("[THREAD " + threadId + "]", ioe);
}
}
}
log.debug("[THREAD " + threadId + "] client response SAML2: " + resp2);
OutputStream os2 = null;
try {
os2 = response.getOutputStream();
os2.write(resp2.getBytes());
log.debug("[THREAD " + threadId + "] client response forwarded");
} catch (IOException ex) {
log.error("[THREAD " + threadId + "]\n", ex);
return;
} finally {
if (os2 != null) {
try {
os2.close();
} catch (IOException ioe) {
log.error("[THREAD " + threadId + "]\n", ioe);
}
}
}
}
public void destroy() {
client.getConnectionManager().shutdown();
super.destroy();
}
}
提前感谢您!