MindTouch SSO using HttpClient 4.1 with Java

Most of the MindTouch sample code available in the wild is in PHP or C# so integrating with a Java stack can be painful. Here's a snip of the code we used to support SSO with our Java-based SaaS platform. The HttpClient framework is version 4.1 of Apache's HttpClient

Update: Modified to skip Cookie parsing based upon bjorg's comment

private boolean parseAndSetMindtouchCookie(final HttpServletResponse response,final DefaultHttpClient client,final User user) {        StringBuffer buf = new StringBuffer("http://");        buf.append(this.MINDTOUCH_HOST).append(this.MINDTOUCH_BASEURI).append("users/authenticate?authprovider=1&apikey=").append(MINDTOUCH_APIKEY);        HttpGet get = new HttpGet(buf.toString());        try {            ResponseHandler<String> responseHandler = new BasicResponseHandler();            String responseBody = client.execute(get, responseHandler);            javax.servlet.http.Cookie cookie = new javax.servlet.http.Cookie("authtoken", responseBody);            cookie.setDomain(".example.com");            cookie.setSecure(false);            cookie.setPath("/");            cookie.setMaxAge(3600); // 1 hour            response.addCookie(cookie);                                    log.debug("Successfully set mindtouch auth cookie");            response.sendRedirect("http://"+MINDTOUCH_HOST);            return true;                                                }catch(HttpResponseException hre){            if(hre.getStatusCode() == HttpStatus.SC_UNAUTHORIZED ){                log.debug("User has no Mindtouch account.");            }else{                log.error("Unable to auth user.",hre);            }                    } catch (Exception e) {            log.error("Unable to authenticate user",e);        }                return false;    }

Share Comments