[gatein-commits] gatein SVN: r4511 - in components/wci/branches/adf: test/servers/tomcat7 and 6 other directories.
do-not-reply at jboss.org
do-not-reply at jboss.org
Tue Oct 5 11:59:19 EDT 2010
Author: alain_defrance
Date: 2010-10-05 11:59:17 -0400 (Tue, 05 Oct 2010)
New Revision: 4511
Added:
components/wci/branches/adf/wci/src/main/java/org/gatein/wci/security/
components/wci/branches/adf/wci/src/main/java/org/gatein/wci/security/WCILoginController.java
components/wci/branches/adf/wci/src/main/java/org/gatein/wci/security/WCILoginModule.java
Modified:
components/wci/branches/adf/test/servers/tomcat6/pom.xml
components/wci/branches/adf/test/servers/tomcat7/pom.xml
components/wci/branches/adf/tomcat7/src/main/java/org/gatein/wci/tomcat/TC7ServletContainerContext.java
components/wci/branches/adf/wci/src/main/java/org/gatein/wci/ServletContainer.java
components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/GenericAuthentication.java
components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/GenericAuthenticationResult.java
components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/WCICredentials.java
components/wci/branches/adf/wci/src/main/java/org/gatein/wci/impl/DefaultServletContainer.java
components/wci/branches/adf/wci/src/main/java/org/gatein/wci/spi/ServletContainerContext.java
Log:
WCILoginModule & WCILoginController added
Modified: components/wci/branches/adf/test/servers/tomcat6/pom.xml
===================================================================
--- components/wci/branches/adf/test/servers/tomcat6/pom.xml 2010-10-05 14:08:41 UTC (rev 4510)
+++ components/wci/branches/adf/test/servers/tomcat6/pom.xml 2010-10-05 15:59:17 UTC (rev 4511)
@@ -377,10 +377,10 @@
<activeByDefault>true</activeByDefault>
</activation>
<properties>
- <test.generic>false</test.generic>
+ <test.generic>true</test.generic>
<test.native>true</test.native>
- <test.exo>false</test.exo>
- <test.endpoint>false</test.endpoint>
+ <test.exo>true</test.exo>
+ <test.endpoint>true</test.endpoint>
</properties>
</profile>
<profile>
Modified: components/wci/branches/adf/test/servers/tomcat7/pom.xml
===================================================================
--- components/wci/branches/adf/test/servers/tomcat7/pom.xml 2010-10-05 14:08:41 UTC (rev 4510)
+++ components/wci/branches/adf/test/servers/tomcat7/pom.xml 2010-10-05 15:59:17 UTC (rev 4511)
@@ -377,10 +377,10 @@
<activeByDefault>true</activeByDefault>
</activation>
<properties>
- <test.generic>false</test.generic>
+ <test.generic>true</test.generic>
<test.native>true</test.native>
- <test.exo>false</test.exo>
- <test.endpoint>false</test.endpoint>
+ <test.exo>true</test.exo>
+ <test.endpoint>true</test.endpoint>
</properties>
</profile>
<profile>
Modified: components/wci/branches/adf/tomcat7/src/main/java/org/gatein/wci/tomcat/TC7ServletContainerContext.java
===================================================================
--- components/wci/branches/adf/tomcat7/src/main/java/org/gatein/wci/tomcat/TC7ServletContainerContext.java 2010-10-05 14:08:41 UTC (rev 4510)
+++ components/wci/branches/adf/tomcat7/src/main/java/org/gatein/wci/tomcat/TC7ServletContainerContext.java 2010-10-05 15:59:17 UTC (rev 4511)
@@ -100,29 +100,15 @@
this.registration = null;
}
- public AuthenticationResult login(HttpServletRequest request, HttpServletResponse response, String userName, String password)
+ public AuthenticationResult login(HttpServletRequest request, HttpServletResponse response, String userName, String password) throws ServletException
{
- try
- {
- request.login(userName, password);
- }
- catch (ServletException e)
- {
- e.printStackTrace(); // TODO : manage correctly this exception.
- }
- return new ProgrammaticAuthenticationResult();
+ request.login(userName, password);
+ return new ProgrammaticAuthenticationResult();
}
- public void logout(HttpServletRequest request, HttpServletResponse response)
+ public void logout(HttpServletRequest request, HttpServletResponse response) throws ServletException
{
- try
- {
- request.logout();
- }
- catch (ServletException e)
- {
- e.printStackTrace(); // TODO : manage correctly this exception.
- }
+ request.logout();
}
public synchronized void containerEvent(ContainerEvent event)
Modified: components/wci/branches/adf/wci/src/main/java/org/gatein/wci/ServletContainer.java
===================================================================
--- components/wci/branches/adf/wci/src/main/java/org/gatein/wci/ServletContainer.java 2010-10-05 14:08:41 UTC (rev 4510)
+++ components/wci/branches/adf/wci/src/main/java/org/gatein/wci/ServletContainer.java 2010-10-05 15:59:17 UTC (rev 4511)
@@ -102,7 +102,7 @@
* @param userName the username which try to login
* @param password the password of the username
*/
- AuthenticationResult login(HttpServletRequest request, HttpServletResponse response, String userName, String password);
+ AuthenticationResult login(HttpServletRequest request, HttpServletResponse response, String userName, String password) throws ServletException;
/**
* Authentication support.
@@ -110,7 +110,7 @@
* @param request the request valid in the current servlet context
* @param response the response valid in the current servlet context
*/
- void logout(HttpServletRequest request, HttpServletResponse response);
+ void logout(HttpServletRequest request, HttpServletResponse response) throws ServletException;
/**
* Add the authentication listener.
Modified: components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/GenericAuthentication.java
===================================================================
--- components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/GenericAuthentication.java 2010-10-05 14:08:41 UTC (rev 4510)
+++ components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/GenericAuthentication.java 2010-10-05 15:59:17 UTC (rev 4511)
@@ -36,15 +36,13 @@
public AuthenticationResult login(String login, String password, HttpServletRequest request, HttpServletResponse response)
{
String ticket = TICKET_SERVICE.createTicket(new WCICredentials(login, password));
-
- //fireEvent(EventType.LOGIN, new AuthenticationEvent(EventType.LOGIN, request, response, login, password));
- return new GenericAuthenticationResult(ticket);
+
+ return new GenericAuthenticationResult(login, ticket);
}
public void logout(HttpServletRequest request, HttpServletResponse response)
{
request.getSession().invalidate();
- //fireEvent(EventType.LOGOUT, new AuthenticationEvent(EventType.LOGIN, request, response));
}
public static GenericAuthentication getInstance() {
Modified: components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/GenericAuthenticationResult.java
===================================================================
--- components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/GenericAuthenticationResult.java 2010-10-05 14:08:41 UTC (rev 4510)
+++ components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/GenericAuthenticationResult.java 2010-10-05 15:59:17 UTC (rev 4511)
@@ -19,18 +19,32 @@
package org.gatein.wci.authentication;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
/**
* @author <a href="mailto:alain.defrance at exoplatform.com">Alain Defrance</a>
* @version $Revision$
*/
public class GenericAuthenticationResult extends AuthenticationResult {
+ private String username;
private String ticket;
- public GenericAuthenticationResult(String ticket) {
- this.ticket = ticket;
+ public GenericAuthenticationResult(String username, String ticket) {
+ this.username = username;
+ this.ticket = ticket;
}
public String getTicket() {
return ticket;
}
+
+ public void perform(HttpServletRequest req, HttpServletResponse resp) throws IOException
+ {
+ req.getSession().removeAttribute(WCICredentials.CREDENTIALS);
+ String url = "j_security_check?j_username=" + username + "&j_password=" + ticket;
+ url = resp.encodeRedirectURL(url);
+ resp.sendRedirect(url);
+ }
}
Modified: components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/WCICredentials.java
===================================================================
--- components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/WCICredentials.java 2010-10-05 14:08:41 UTC (rev 4510)
+++ components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/WCICredentials.java 2010-10-05 15:59:17 UTC (rev 4511)
@@ -33,6 +33,9 @@
/** . */
private final String password;
+ /** . */
+ public static final String CREDENTIALS = "credentials";
+
/**
* Construct a new instance.
*
Modified: components/wci/branches/adf/wci/src/main/java/org/gatein/wci/impl/DefaultServletContainer.java
===================================================================
--- components/wci/branches/adf/wci/src/main/java/org/gatein/wci/impl/DefaultServletContainer.java 2010-10-05 14:08:41 UTC (rev 4510)
+++ components/wci/branches/adf/wci/src/main/java/org/gatein/wci/impl/DefaultServletContainer.java 2010-10-05 15:59:17 UTC (rev 4511)
@@ -97,7 +97,7 @@
}
/** . */
- public AuthenticationResult login(HttpServletRequest request, HttpServletResponse response, String userName, String password)
+ public AuthenticationResult login(HttpServletRequest request, HttpServletResponse response, String userName, String password) throws ServletException
{
AuthenticationResult result = registration.context.login(request, response, userName, password);
@@ -107,7 +107,8 @@
return result;
}
- public void logout(HttpServletRequest request, HttpServletResponse response) {
+ public void logout(HttpServletRequest request, HttpServletResponse response) throws ServletException
+ {
registration.context.logout(request, response);
//
Added: components/wci/branches/adf/wci/src/main/java/org/gatein/wci/security/WCILoginController.java
===================================================================
--- components/wci/branches/adf/wci/src/main/java/org/gatein/wci/security/WCILoginController.java (rev 0)
+++ components/wci/branches/adf/wci/src/main/java/org/gatein/wci/security/WCILoginController.java 2010-10-05 15:59:17 UTC (rev 4511)
@@ -0,0 +1,87 @@
+/*
+* Copyright (C) 2003-2009 eXo Platform SAS.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+
+package org.gatein.wci.security;
+
+import org.gatein.common.logging.Logger;
+import org.gatein.common.logging.LoggerFactory;
+import org.gatein.wci.authentication.WCICredentials;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * @author <a href="mailto:alain.defrance at exoplatform.com">Alain Defrance</a>
+ * @version $Revision$
+ */
+public class WCILoginController extends HttpServlet
+{
+ /** . */
+ private static final Logger log = LoggerFactory.getLogger(WCILoginController.class);
+
+ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException
+ {
+ String username = req.getParameter("username");
+ String password = req.getParameter("password");
+
+ //
+ if (username == null)
+ {
+ log.error("Tried to access the portal login controller without username provided");
+ resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "No username provided");
+ return;
+ }
+ if (password == null)
+ {
+ log.error("Tried to access the portal login controller without password provided");
+ resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "No password provided");
+ return;
+ }
+
+ //
+ log.debug("Found username and password and set credentials in http session");
+ WCICredentials credentials = new WCICredentials(username, password);
+ req.getSession().setAttribute(WCICredentials.CREDENTIALS, credentials);
+
+ // Obtain initial URI
+ String uri = req.getParameter("initialURI");
+
+ // otherwise compute one
+ if (uri == null || uri.length() == 0)
+ {
+ uri = req.getContextPath() + "/private/classic";
+ log.debug("No initial URI found, will use default " + uri + " instead ");
+ }
+ else
+ {
+ log.debug("Found initial URI " + uri);
+ }
+
+ //
+ resp.sendRedirect(uri);
+ }
+
+ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException
+ {
+ doGet(req, resp);
+ }
+}
Added: components/wci/branches/adf/wci/src/main/java/org/gatein/wci/security/WCILoginModule.java
===================================================================
--- components/wci/branches/adf/wci/src/main/java/org/gatein/wci/security/WCILoginModule.java (rev 0)
+++ components/wci/branches/adf/wci/src/main/java/org/gatein/wci/security/WCILoginModule.java 2010-10-05 15:59:17 UTC (rev 4511)
@@ -0,0 +1,90 @@
+/*
+* Copyright (C) 2003-2009 eXo Platform SAS.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+
+package org.gatein.wci.security;
+
+import org.gatein.wci.authentication.GenericAuthentication;
+import org.gatein.wci.authentication.WCICredentials;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+import java.util.Map;
+
+/**
+ * @author <a href="mailto:alain.defrance at exoplatform.com">Alain Defrance</a>
+ * @version $Revision$
+ */
+
+public class WCILoginModule implements LoginModule {
+ private Subject subject;
+ private CallbackHandler callbackHandler;
+ private Map sharedState;
+ private Map options;
+
+ public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
+ this.subject = subject;
+ this.callbackHandler = callbackHandler;
+ this.sharedState = sharedState;
+ this.options = options;
+ }
+
+ /**
+ * @see javax.security.auth.spi.LoginModule#login()
+ */
+ @SuppressWarnings("unchecked")
+ public boolean login() throws LoginException {
+ Callback[] callbacks = new Callback[2];
+ callbacks[0] = new NameCallback("Username");
+ callbacks[1] = new PasswordCallback("Password", false);
+
+ try
+ {
+ callbackHandler.handle(callbacks);
+ String password = new String(((PasswordCallback)callbacks[1]).getPassword());
+
+ WCICredentials credentials = GenericAuthentication.TICKET_SERVICE.validateToken(password, true);
+ sharedState.put("javax.security.auth.login.name", credentials.getUsername());
+ sharedState.put("javax.security.auth.login.password", credentials.getPassword());
+ }
+ catch (Exception e)
+ {
+ LoginException le = new LoginException();
+ le.initCause(e);
+ throw le;
+ }
+ return true;
+ }
+
+ public boolean commit() throws LoginException {
+ return true;
+ }
+
+ public boolean abort() throws LoginException {
+ return true;
+ }
+
+ public boolean logout() throws LoginException {
+ return true;
+ }
+}
Modified: components/wci/branches/adf/wci/src/main/java/org/gatein/wci/spi/ServletContainerContext.java
===================================================================
--- components/wci/branches/adf/wci/src/main/java/org/gatein/wci/spi/ServletContainerContext.java 2010-10-05 14:08:41 UTC (rev 4510)
+++ components/wci/branches/adf/wci/src/main/java/org/gatein/wci/spi/ServletContainerContext.java 2010-10-05 15:59:17 UTC (rev 4511)
@@ -82,7 +82,7 @@
* @param userName the username which try to login
* @param password the password of the username
*/
- AuthenticationResult login(HttpServletRequest request, HttpServletResponse response, String userName, String password);
+ AuthenticationResult login(HttpServletRequest request, HttpServletResponse response, String userName, String password) throws ServletException;
/**
* Authentication support.
@@ -90,7 +90,7 @@
* @param request the request valid in the current servlet context
* @param response the response valid in the current servlet context
*/
- void logout(HttpServletRequest request, HttpServletResponse response);
+ void logout(HttpServletRequest request, HttpServletResponse response) throws ServletException;
/**
* The callback interface that a servlet container context can obtain from its registration against
More information about the gatein-commits
mailing list