[gatein-commits] gatein SVN: r6031 - in portal/trunk: component/web/security/src/main/java/org/exoplatform/web/login and 1 other directories.
do-not-reply at jboss.org
do-not-reply at jboss.org
Tue Mar 15 06:46:42 EDT 2011
Author: alain_defrance
Date: 2011-03-15 06:46:42 -0400 (Tue, 15 Mar 2011)
New Revision: 6031
Added:
portal/trunk/component/web/security/src/main/java/org/exoplatform/web/login/GateinWCIController.java
Modified:
portal/trunk/component/web/security/src/main/java/org/exoplatform/web/login/ErrorLoginServlet.java
portal/trunk/component/web/security/src/main/java/org/exoplatform/web/login/InitiateLoginServlet.java
portal/trunk/component/web/security/src/main/java/org/exoplatform/web/security/PortalLoginController.java
portal/trunk/pom.xml
Log:
GTNPORTAL-1808 : Move some code from gatein authentication (InitialeLoginServlet & ErrorLoginServlet) to wci authentication (Create WCIController)
Modified: portal/trunk/component/web/security/src/main/java/org/exoplatform/web/login/ErrorLoginServlet.java
===================================================================
--- portal/trunk/component/web/security/src/main/java/org/exoplatform/web/login/ErrorLoginServlet.java 2011-03-15 03:56:03 UTC (rev 6030)
+++ portal/trunk/component/web/security/src/main/java/org/exoplatform/web/login/ErrorLoginServlet.java 2011-03-15 10:46:42 UTC (rev 6031)
@@ -25,6 +25,7 @@
import org.exoplatform.services.log.Log;
import org.exoplatform.web.security.security.AbstractTokenService;
import org.exoplatform.web.security.security.CookieTokenService;
+import org.gatein.wci.security.WCIController;
import java.io.IOException;
import java.util.Enumeration;
@@ -59,6 +60,8 @@
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException
{
+ WCIController wciController = new GateinWCIController(getServletContext());
+
PortalContainer pContainer = PortalContainer.getInstance();
ServletContext context = pContainer.getPortalContext();
// Unregister the token cookie
@@ -71,33 +74,9 @@
resp.setContentType("text/html; charset=UTF-8");
// This allows the customer to define another login page without changing the portal
- showLoginForm(req, resp);
+ wciController.showLoginForm(req, resp);
}
- private void showLoginForm(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException
- {
- String initialURI = (String)req.getAttribute("javax.servlet.forward.request_uri");
- if (initialURI == null)
- {
- throw new IllegalStateException("request attribute javax.servlet.forward.request_uri should not be null here");
- }
- int jsecurityIndex = initialURI.lastIndexOf("/j_security_check");
- if (jsecurityIndex != -1)
- {
- initialURI = initialURI.substring(0, jsecurityIndex);
- }
-
- try
- {
- req.setAttribute("org.gatein.portal.login.initial_uri", initialURI);
- getServletContext().getRequestDispatcher("/login/jsp/login.jsp").include(req, resp);
- }
- finally
- {
- req.removeAttribute("org.gatein.portal.login.initial_uri");
- }
- }
-
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException
{
doGet(req, resp);
Added: portal/trunk/component/web/security/src/main/java/org/exoplatform/web/login/GateinWCIController.java
===================================================================
--- portal/trunk/component/web/security/src/main/java/org/exoplatform/web/login/GateinWCIController.java (rev 0)
+++ portal/trunk/component/web/security/src/main/java/org/exoplatform/web/login/GateinWCIController.java 2011-03-15 10:46:42 UTC (rev 6031)
@@ -0,0 +1,99 @@
+/*
+* Copyright (C) 2003-2009 eXo Platform SAS.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+
+package org.exoplatform.web.login;
+
+import org.gatein.wci.security.Credentials;
+import org.gatein.wci.security.WCIController;
+
+import javax.servlet.ServletContext;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * @author <a href="mailto:alain.defrance at exoplatform.com">Alain Defrance</a>
+ * @version $Revision$
+ */
+public class GateinWCIController extends WCIController
+{
+ private ServletContext servletContext;
+
+ public GateinWCIController(final ServletContext servletContext)
+ {
+ if (servletContext == null)
+ {
+ throw new IllegalArgumentException("servletContext is null");
+ }
+ this.servletContext = servletContext;
+ }
+
+ public void showLoginForm(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException
+ {
+ String initialURI = getInitialURI(req);
+ try
+ {
+ String queryString = (String)req.getAttribute("javax.servlet.forward.query_string");
+ if (req.getAttribute("javax.servlet.forward.query_string") != null)
+ {
+ initialURI = initialURI + "?" + queryString;
+ }
+ req.setAttribute("org.gatein.portal.login.initial_uri", initialURI);
+ servletContext.getRequestDispatcher("/login/jsp/login.jsp").include(req, resp);
+ }
+ finally
+ {
+ req.removeAttribute("org.gatein.portal.login.initial_uri");
+ }
+ }
+
+ public void showErrorLoginForm(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException
+ {
+ String initialURI = getInitialURI(req);
+
+ int jsecurityIndex = initialURI.lastIndexOf("/j_security_check");
+ if (jsecurityIndex != -1)
+ {
+ initialURI = initialURI.substring(0, jsecurityIndex);
+ }
+
+ try
+ {
+ req.setAttribute("org.gatein.portal.login.initial_uri", initialURI);
+ servletContext.getRequestDispatcher("/login/jsp/login.jsp").include(req, resp);
+ }
+ finally
+ {
+ req.removeAttribute("org.gatein.portal.login.initial_uri");
+ }
+ }
+
+ @Override
+ public Credentials getCredentials(final HttpServletRequest req, final HttpServletResponse resp)
+ {
+ return (Credentials)req.getSession().getAttribute(Credentials.CREDENTIALS);
+ }
+
+ @Override
+ public String getHomeURI(final HttpServletRequest req)
+ {
+ return "/portal/private/classic";
+ }
+}
Modified: portal/trunk/component/web/security/src/main/java/org/exoplatform/web/login/InitiateLoginServlet.java
===================================================================
--- portal/trunk/component/web/security/src/main/java/org/exoplatform/web/login/InitiateLoginServlet.java 2011-03-15 03:56:03 UTC (rev 6030)
+++ portal/trunk/component/web/security/src/main/java/org/exoplatform/web/login/InitiateLoginServlet.java 2011-03-15 10:46:42 UTC (rev 6031)
@@ -25,11 +25,10 @@
import org.exoplatform.web.security.security.TicketConfiguration;
import org.gatein.common.logging.Logger;
import org.gatein.common.logging.LoggerFactory;
-import org.gatein.wci.authentication.AuthenticationResult;
-import org.gatein.wci.authentication.GenericAuthenticationResult;
-import org.gatein.wci.authentication.ProgrammaticAuthenticationResult;
+import org.gatein.wci.ServletContainer;
import org.gatein.wci.security.Credentials;
import org.gatein.wci.impl.DefaultServletContainerFactory;
+import org.gatein.wci.security.WCIController;
import java.io.IOException;
@@ -37,7 +36,6 @@
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
/**
* Initiate the login dance.
@@ -58,14 +56,18 @@
public static final long LOGIN_VALIDITY =
1000 * TicketConfiguration.getInstance(TicketConfiguration.class).getValidityTime();
+ /** . */
+ private WCIController wciController;
+
+ /** . */
+ private ServletContainer servletContainer = DefaultServletContainerFactory.getInstance().getServletContainer();
+
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException
{
resp.setContentType("text/html; charset=UTF-8");
- HttpSession session = req.getSession();
- // Looking for credentials stored in the session
- Credentials credentials = (Credentials)session.getAttribute(Credentials.CREDENTIALS);
+ Credentials credentials = getWCIController().getCredentials(req, resp);
//
if (credentials == null)
@@ -89,15 +91,14 @@
// This allows the customer to define another login page without
// changing the portal
- showLoginForm(req, resp);
+ getWCIController().showLoginForm(req, resp);
}
else
{
// Send authentication request
log.debug("Login initiated with no credentials in session but found token " + token + " with existing credentials, " +
"performing authentication");
- //sendAuth(resp, credentials.getUsername(), token);
- sendAuth(req, resp, credentials.getUsername(), token);
+ getWCIController().sendAuth(req, resp, credentials.getUsername(), token);
}
}
else
@@ -105,85 +106,21 @@
// This allows the customer to define another login page without
// changing the portal
log.debug("Login initiated with no credentials in session and no token cookie, redirecting to login page");
- showLoginForm(req, resp);
+ getWCIController().showLoginForm(req, resp);
}
}
else
{
// WCI authentication
- AuthenticationResult result = DefaultServletContainerFactory.getInstance().getServletContainer()
- .login(req, resp, credentials.getUsername(), credentials.getPassword(), LOGIN_VALIDITY);
-
- log.debug("Login initiated with credentials in session, performing authentication");
- if (result instanceof GenericAuthenticationResult)
- {
- ((GenericAuthenticationResult) result).perform(req, resp);
- }
- else if (result instanceof ProgrammaticAuthenticationResult)
- {
- resp.sendRedirect(resp.encodeRedirectURL((String)req.getAttribute("javax.servlet.forward.request_uri")));
- }
+ servletContainer.login(req, resp, credentials, LOGIN_VALIDITY, wciController.getInitialURI(req));
}
}
- private void showLoginForm(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException
- {
- /*String initialURI = (String)req.getAttribute("javax.servlet.forward.request_uri");
- if (initialURI == null)
- {
- throw new IllegalStateException("request attribute javax.servlet.forward.request_uri should not be null here");
- }*/
- String initialURI = getInitialURI(req);
- try
- {
- String queryString = (String)req.getAttribute("javax.servlet.forward.query_string");
- if ((String)req.getAttribute("javax.servlet.forward.query_string") != null)
- {
- initialURI = initialURI + "?" + queryString;
- }
- //req.setAttribute("org.gatein.portal.login.initial_uri", initialURI);
- //req.getSession(true).setAttribute("org.gatein.portal.login.initial_uri", initialURI);
- req.setAttribute("org.gatein.portal.login.initial_uri", initialURI);
- getServletContext().getRequestDispatcher("/login/jsp/login.jsp").include(req, resp);
- }
- finally
- {
- //req.removeAttribute("org.gatein.portal.login.initial_uri");
- //req.getSession(true).removeAttribute("org.gatein.portal.login.initial_uri");
- req.removeAttribute("org.gatein.portal.login.initial_uri");
- }
- }
-
- private String getInitialURI(HttpServletRequest req)
- {
- String initialURI = (String)req.getAttribute("javax.servlet.forward.request_uri");
- if (initialURI == null)
- {
- throw new IllegalStateException("request attribute javax.servlet.forward.request_uri should not be null here");
- }
- return initialURI;
- }
-
-
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException
{
doGet(req, resp);
}
- //private void sendAuth(HttpServletResponse resp, String jUsername, String jPassword) throws IOException
- private void sendAuth(HttpServletRequest req, HttpServletResponse resp, String jUsername, String jPassword) throws IOException
- {
- //String url = "j_security_check?j_username=" + jUsername + "&j_password=" + jPassword;
- String initialURI = getInitialURI(req);
- if (!initialURI.endsWith("/"))
- {
- initialURI += "/";
- }
- String url = initialURI + "j_security_check?j_username=" + jUsername + "&j_password=" + jPassword;
- url = resp.encodeRedirectURL(url);
- resp.sendRedirect(url);
- }
-
/**
* Extract the remember me token from the request or returns null.
*
@@ -214,4 +151,11 @@
{
return true;
}
+
+ private WCIController getWCIController() {
+ if (wciController == null) {
+ wciController = new GateinWCIController(getServletContext());
+ }
+ return wciController;
+ }
}
Modified: portal/trunk/component/web/security/src/main/java/org/exoplatform/web/security/PortalLoginController.java
===================================================================
--- portal/trunk/component/web/security/src/main/java/org/exoplatform/web/security/PortalLoginController.java 2011-03-15 03:56:03 UTC (rev 6030)
+++ portal/trunk/component/web/security/src/main/java/org/exoplatform/web/security/PortalLoginController.java 2011-03-15 10:46:42 UTC (rev 6031)
@@ -51,14 +51,12 @@
// otherwise compute one
if (uri == null || uri.length() == 0)
{
- //uri = req.getContextPath() + "/private/classic";
uri = req.getContextPath();
log.debug("No initial URI found, will use default " + uri + " instead ");
}
else
{
log.debug("Found initial URI " + uri);
- //req.getSession(true).setAttribute("org.gatein.portal.login.initial_uri", uri);
}
// if we do have a remember me
@@ -76,7 +74,6 @@
"in the next response");
Cookie cookie = new Cookie(InitiateLoginServlet.COOKIE_NAME, cookieToken);
cookie.setPath(req.getContextPath());
- //cookie.setMaxAge((int)tokenService.getValidityTime() / 1000);
cookie.setMaxAge((int)tokenService.getValidityTime());
resp.addCookie(cookie);
}
Modified: portal/trunk/pom.xml
===================================================================
--- portal/trunk/pom.xml 2011-03-15 03:56:03 UTC (rev 6030)
+++ portal/trunk/pom.xml 2011-03-15 10:46:42 UTC (rev 6031)
@@ -10,9 +10,9 @@
This software is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
+ Lesser General Public License for more detail
- You should have received a copy of the GNU Lesser General Public
+ You should have received a copy of the GNU Lesser General Public/
License along with this software; if not, write to the Free
Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
02110-1301 USA, or see the FSF site: http://www.fsf.org.
@@ -45,7 +45,7 @@
<org.shindig.version>1.0-r790473-Patch05</org.shindig.version>
<nl.captcha.simplecaptcha.version>1.1.1-GA-Patch01</nl.captcha.simplecaptcha.version>
<org.gatein.common.version>2.0.3-GA</org.gatein.common.version>
- <org.gatein.wci.version>2.1.0-Alpha02</org.gatein.wci.version>
+ <org.gatein.wci.version>2.1.0-Beta01</org.gatein.wci.version>
<org.gatein.pc.version>2.3.0-Alpha01</org.gatein.pc.version>
<org.picketlink.idm>1.1.8.CR01</org.picketlink.idm>
<org.gatein.wsrp.version>2.0.0-GA</org.gatein.wsrp.version>
More information about the gatein-commits
mailing list