From 7c2358872405ff5fe08267f383baa4449f13701e Mon Sep 17 00:00:00 2001
From: Robin Eklund <robi-ekl@dsv.su.se>
Date: Tue, 26 Jul 2011 10:31:22 +0200
Subject: [PATCH 1/2] Added more scanning for external-auth attributes

---
 .../AdminServerEnvironmentSettingsPage.java   | 40 +++++++++++++++----
 1 file changed, 32 insertions(+), 8 deletions(-)

diff --git a/src/main/java/se/su/dsv/scipro/admin/pages/settings/AdminServerEnvironmentSettingsPage.java b/src/main/java/se/su/dsv/scipro/admin/pages/settings/AdminServerEnvironmentSettingsPage.java
index 8ede9d512a..77675f098f 100644
--- a/src/main/java/se/su/dsv/scipro/admin/pages/settings/AdminServerEnvironmentSettingsPage.java
+++ b/src/main/java/se/su/dsv/scipro/admin/pages/settings/AdminServerEnvironmentSettingsPage.java
@@ -33,17 +33,41 @@ public class AdminServerEnvironmentSettingsPage extends AbstractAdminSettingsPag
 		List<KeyValuePair<String>> list = new ArrayList<KeyValuePair<String>>();
 		list.add(new KeyValuePair<String>("[CALL] getRemoteUser",rawRequest.getRemoteUser()));
 		list.add(new KeyValuePair<String>("[CALL] getAuthType",rawRequest.getAuthType()));
-		@SuppressWarnings("rawtypes") Enumeration attributes = rawRequest.getAttributeNames();
-		while(attributes.hasMoreElements()){
-			final String key = (String)attributes.nextElement();
-			final String value = rawRequest.getAttribute(key).toString();
-			list.add(new KeyValuePair<String>("[ATTR] "+key,value));
+		addManualAttributes(rawRequest,list);
+		{
+			@SuppressWarnings("rawtypes") Enumeration attributes = rawRequest.getAttributeNames();
+			while(attributes.hasMoreElements()){
+				final String key = (String)attributes.nextElement();
+				final String value = rawRequest.getAttribute(key).toString();
+				list.add(new KeyValuePair<String>("[ATTR] "+key,value));
+			}
 		}
-		Map<String,String> envs = System.getenv();
-		for(String key : envs.keySet()){
-			list.add(new KeyValuePair<String>("[ENV] "+key,envs.get(key)));
+		{
+			@SuppressWarnings("rawtypes") Enumeration headers = rawRequest.getHeaderNames();
+			while(headers.hasMoreElements()){
+				final String key = (String)headers.nextElement();
+				final String value = rawRequest.getHeader(key);
+				list.add(new KeyValuePair<String>("[HEAD] "+key,value));
+			}
+		}
+		{
+			Map<String,String> envs = System.getenv();
+			for(String key : envs.keySet()){
+				list.add(new KeyValuePair<String>("[ENV] "+key,envs.get(key)));
+			}
 		}
 		return list; 
 	}
+	private void addManualAttributes(final HttpServletRequest request, final List<KeyValuePair<String>> list){
+		final String[] attrs = {"Shib-Application-ID","Shib-Session-ID","Shib-Identity-Provider",
+				"Shib-Authentication-Instant","Shib-Authentication-Method","Shib-AuthnContext-Class",
+				"Shib-AuthnContext-Decl","Shib-Identity-Provider","mail","cn","eppn","gidNumber","givenName","sn","uid","memberOf"};
+		for(final String attr : attrs){
+			if(request.getAttribute(attr) != null)
+				list.add(new KeyValuePair<String>("[M-ATTR] "+attr,request.getAttribute(attr).toString()));
+			if(request.getHeader(attr) != null)
+				list.add(new KeyValuePair<String>("[M-HEAD] "+attr,request.getHeader(attr)));
+		}
+	}
 }
 

From cf575b43cdd157f7c3eb4a4e3ca4da5317194275 Mon Sep 17 00:00:00 2001
From: Robin Eklund <robi-ekl@dsv.su.se>
Date: Tue, 26 Jul 2011 11:05:40 +0200
Subject: [PATCH 2/2] More scanning for attributes

---
 .../AdminServerEnvironmentSettingsPage.java      | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/src/main/java/se/su/dsv/scipro/admin/pages/settings/AdminServerEnvironmentSettingsPage.java b/src/main/java/se/su/dsv/scipro/admin/pages/settings/AdminServerEnvironmentSettingsPage.java
index 77675f098f..546f039745 100644
--- a/src/main/java/se/su/dsv/scipro/admin/pages/settings/AdminServerEnvironmentSettingsPage.java
+++ b/src/main/java/se/su/dsv/scipro/admin/pages/settings/AdminServerEnvironmentSettingsPage.java
@@ -63,11 +63,19 @@ public class AdminServerEnvironmentSettingsPage extends AbstractAdminSettingsPag
 				"Shib-Authentication-Instant","Shib-Authentication-Method","Shib-AuthnContext-Class",
 				"Shib-AuthnContext-Decl","Shib-Identity-Provider","mail","cn","eppn","gidNumber","givenName","sn","uid","memberOf"};
 		for(final String attr : attrs){
-			if(request.getAttribute(attr) != null)
-				list.add(new KeyValuePair<String>("[M-ATTR] "+attr,request.getAttribute(attr).toString()));
-			if(request.getHeader(attr) != null)
-				list.add(new KeyValuePair<String>("[M-HEAD] "+attr,request.getHeader(attr)));
+			addPrefixedManualAttribute(request,list,"",attr);
+			addPrefixedManualAttribute(request,list,"AJP_",attr);
+			addPrefixedManualAttribute(request,list,"AJP-",attr);
 		}
 	}
+	private void addPrefixedManualAttribute(final HttpServletRequest request, final List<KeyValuePair<String>> list, final String prefix, final String attr){
+		final String scanAttr = prefix+attr;
+		if(request.getAttribute(scanAttr) != null)
+			list.add(new KeyValuePair<String>("[M-ATTR] "+scanAttr,request.getAttribute(scanAttr).toString()));
+		if(request.getHeader(scanAttr) != null)
+			list.add(new KeyValuePair<String>("[M-HEAD] "+scanAttr,request.getHeader(scanAttr)));
+		if(System.getenv(scanAttr) != null)
+			list.add(new KeyValuePair<String>("[M-ENV] "+scanAttr,System.getenv(scanAttr)));
+	}
 }