added JSPs

src/main/webapp/WEB-INF/web.xml

@@ -5,25 +5,26 @@
   version="3.1">
   
   <display-name>IdP Cookie Clearing Servlet</display-name>
+
   <servlet>
-    <servlet-name>clearIdpCookieServlet</servlet-name>
-    <servlet-class>edu.stanford.itlab.shibboleth.ClearIdpCookieServlet</servlet-class>
-    <load-on-startup>1</load-on-startup>
+    <servlet-name>idp_cookie</servlet-name>
+    <jsp-file>/idp.jsp</jsp-file>
   </servlet>
   
   <servlet-mapping>
-    <servlet-name>clearIdpCookieServlet</servlet-name>
+    <servlet-name>idp_cookie</servlet-name>
     <url-pattern>/idp</url-pattern>
   </servlet-mapping>
 
+  <!-- manage x509passthrough cookie -->
   <servlet>
-    <servlet-name>setX509CookieServlet</servlet-name>
-    <servlet-class>edu.stanford.itlab.shibboleth.SetX509CookieServlet</servlet-class>
-    <load-on-startup>1</load-on-startup>
+    <servlet-name>x509_cookie</servlet-name>
+    <jsp-file>/x509.jsp</jsp-file>
   </servlet>
-  
+
   <servlet-mapping>
-    <servlet-name>setX509CookieServlet</servlet-name>
+    <servlet-name>x509_cookie</servlet-name>
     <url-pattern>/x509</url-pattern>
   </servlet-mapping>
+
 </web-app>

src/main/webapp/idp.jsp

+<%@ page import="javax.servlet.http.Cookie" %>
+<%
+/**
+ * Simplified IdP Cookie Clearer
+ */
+
+final Cookie c1 = new Cookie("shib_idp_session", "1");
+final Cookie c2 = new Cookie("shib_idp_session", "1");
+
+c1.setPath("/");
+c1.setSecure(true);
+c1.setMaxAge(0);
+c2.setPath("/idp");
+c2.setSecure(true);
+c2.setMaxAge(0);
+
+response.addCookie(c1);
+response.addCookie(c2);
+
+%>
+<!DOCTYPE html>
+<html lang="en">
+
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <title>IdP Session</title>
+    <link href="/css/certificate.css" rel="stylesheet">
+  </head>
+
+  <body>
+    <div class="box box-warning">
+      <h2>Session Cleared</h2>
+      <p>Your session with this IdP has been terminated.</p>
+    </div>
+  </body>
+</html>

src/main/webapp/x509.jsp

+<%@ page import="javax.servlet.http.Cookie" %>
+<%
+/**
+ * Simplified X509 Cookie Setter
+ */
+
+final String   action       = request.getParameter("action");
+      String   location     = "/cookie/x509";
+      boolean  x509_enabled = false;
+      Cookie   c_x509       = new Cookie("x509passthrough", "1");
+      String   error        = null;
+      int      max_age      = -1;
+
+c_x509.setPath("/");
+c_x509.setSecure(true);
+
+if (action == null || action.equals("enable")) {
+  max_age = 5 * 365 * 86400; // enable for 5 years
+} else if (action.equals("disable")) {
+  max_age = 0; // disable
+} else {
+  error = "Invalid action: " + action;
+}
+
+if (max_age >= 0) {
+  c_x509.setMaxAge(max_age);
+  response.addCookie(c_x509);
+}
+
+%>
+<!DOCTYPE html>
+<html lang="en">
+
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <title>Client Certificate</title>
+    <link href="/css/certificate.css" rel="stylesheet">
+  </head>
+
+  <body>
+  <% if (error != null) { %>
+    <div class="box box-error">
+      <h2>Error!</h2>
+      <p><%= error %></p>
+    </div>
+  <% } else if (max_age > 0) { %>
+    <div class="box box-success">
+      <h2>Cookie Enabled</h2>
+      <p>Client certificate authentication should now be enabled for this browser.</p>
+      <div class="action">
+        <p><a href="?action=disable" class="btn btn-warning">Disable Certificate Authentication</a></p>
+      </div>
+    </div>
+  <% } else if (max_age == 0) { %>
+    <div class="box box-warning">
+      <h2>Cookie Disabled</h2>
+      <p>Client certificate authentication should now be disabled for this browser.</p>
+      <div class="action">
+        <p><a href="?action=enable" class="btn btn-success">Enable Certificate Authentication</a></p>
+      </div>
+    </div>
+  <% } %>
+  </body>
+</html>