[gatein-commits] gatein SVN: r8437 - in epp/portal/branches/EPP_5_2_Branch: component/web/security/src/main/java/org/exoplatform/web/login and 5 other directories.
do-not-reply at jboss.org
do-not-reply at jboss.org
Mon Feb 20 11:39:03 EST 2012
Author: mposolda
Date: 2012-02-20 11:39:02 -0500 (Mon, 20 Feb 2012)
New Revision: 8437
Added:
epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/AuthenticationRegistry.java
epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/AuthenticationRegistryImpl.java
epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/AuthenticationRegistryListener.java
epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-component/src/main/java/org/gatein/integration/wsrp/wss/ConversationStateCredentialsAccessor.java
Modified:
epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/DoLoginServlet.java
epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/GateinWCIController.java
epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/RememberMeFilter.java
epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/PortalLoginController.java
epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/PortalLoginModule.java
epp/portal/branches/EPP_5_2_Branch/pom.xml
epp/portal/branches/EPP_5_2_Branch/web/portal/src/main/webapp/WEB-INF/conf/common/common-configuration.xml
epp/portal/branches/EPP_5_2_Branch/web/portal/src/main/webapp/WEB-INF/web.xml
epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-component/src/main/java/org/gatein/integration/wsrp/wss/JBoss5WSSServiceIntegration.java
epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-ear-as5/src/main/application/lib/jboss5integration.jar/conf/configuration.xml
Log:
Bug 793651 ( JBEPP-729 )
- Upgrade WCI and WSRP
- Get rid of credentials from HTTP Session
Modified: epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/DoLoginServlet.java
===================================================================
--- epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/DoLoginServlet.java 2012-02-20 13:23:45 UTC (rev 8436)
+++ epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/DoLoginServlet.java 2012-02-20 16:39:02 UTC (rev 8437)
@@ -19,11 +19,14 @@
package org.exoplatform.web.login;
+import org.exoplatform.container.web.AbstractHttpServlet;
+import org.exoplatform.services.security.ConversationState;
+import org.exoplatform.web.security.AuthenticationRegistry;
import org.gatein.common.logging.Logger;
import org.gatein.common.logging.LoggerFactory;
+import org.gatein.wci.security.Credentials;
import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@@ -33,7 +36,7 @@
/**
* @author <a href="mailto:julien.viet at exoplatform.com">Julien Viet</a>
*/
-public class DoLoginServlet extends HttpServlet
+public class DoLoginServlet extends AbstractHttpServlet
{
/** . */
@@ -65,7 +68,39 @@
initialURI = req.getContextPath();
}
+ // Now user is successfuly authenticated, so that we can remove credentials from temporary AuthenticationRegistry
+ // and add them to ConversationState
+ Credentials credentials = removeCredentialsFromRegistry(req);
+ setCredentialsToConversationState(credentials);
+
//
resp.sendRedirect(resp.encodeRedirectURL(initialURI));
}
+
+ /**
+ * Remove credentials from temporary AuthenticationRegistry because authentication of user is now finished.
+ *
+ * @param req
+ * @return credentials,which were removed from AuthenticationRegistry
+ */
+ protected Credentials removeCredentialsFromRegistry(HttpServletRequest req)
+ {
+ AuthenticationRegistry authenticationRegistry = (AuthenticationRegistry)getContainer().getComponentInstanceOfType(AuthenticationRegistry.class);
+ return authenticationRegistry.removeCredentials(req);
+ }
+
+ /**
+ * Add credentials to {@link ConversationState}.
+ *
+ * @param credentials
+ */
+ protected void setCredentialsToConversationState(Credentials credentials)
+ {
+ ConversationState currentConversationState = ConversationState.getCurrent();
+ if (currentConversationState != null && credentials != null)
+ {
+ log.debug("Adding credentials to conversationState for user " + credentials.getUsername());
+ currentConversationState.setAttribute(Credentials.CREDENTIALS, credentials);
+ }
+ }
}
Modified: epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/GateinWCIController.java
===================================================================
--- epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/GateinWCIController.java 2012-02-20 13:23:45 UTC (rev 8436)
+++ epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/GateinWCIController.java 2012-02-20 16:39:02 UTC (rev 8437)
@@ -19,6 +19,9 @@
package org.exoplatform.web.login;
+import org.exoplatform.container.PortalContainer;
+import org.exoplatform.web.security.AuthenticationRegistry;
+import org.exoplatform.web.security.PortalLoginModule;
import org.gatein.wci.security.Credentials;
import org.gatein.wci.security.WCIController;
@@ -94,7 +97,17 @@
@Override
public Credentials getCredentials(final HttpServletRequest req, final HttpServletResponse resp)
{
- return (Credentials)req.getSession().getAttribute(Credentials.CREDENTIALS);
+ AuthenticationRegistry credRegistry = (AuthenticationRegistry)PortalContainer.getCurrentInstance(servletContext).
+ getComponentInstanceOfType(AuthenticationRegistry.class);
+ Credentials credentials = credRegistry.getCredentials(req);
+
+ // Try to find AuthenticatedCredentials in HTTP session
+ if (credentials == null)
+ {
+ credentials = (Credentials)req.getSession().getAttribute(PortalLoginModule.AUTHENTICATED_CREDENTIALS);
+ }
+
+ return credentials;
}
@Override
Modified: epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/RememberMeFilter.java
===================================================================
--- epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/RememberMeFilter.java 2012-02-20 13:23:45 UTC (rev 8436)
+++ epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/RememberMeFilter.java 2012-02-20 16:39:02 UTC (rev 8437)
@@ -21,6 +21,7 @@
import org.exoplatform.container.ExoContainer;
import org.exoplatform.container.web.AbstractFilter;
+import org.exoplatform.web.security.AuthenticationRegistry;
import org.exoplatform.web.security.security.CookieTokenService;
import org.exoplatform.web.controller.router.PercentEncoding;
import org.gatein.common.logging.Logger;
@@ -68,7 +69,9 @@
token, false);
if (o instanceof Credentials)
{
- req.getSession().setAttribute(Credentials.CREDENTIALS, o);
+ AuthenticationRegistry authenticationRegistry = (AuthenticationRegistry)getContainer().getComponentInstanceOfType(AuthenticationRegistry.class);
+ authenticationRegistry.setCredentials(req, (Credentials)o);
+
resp.sendRedirect(resp.encodeRedirectURL(
loginUrl(
req.getContextPath(),
Added: epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/AuthenticationRegistry.java
===================================================================
--- epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/AuthenticationRegistry.java (rev 0)
+++ epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/AuthenticationRegistry.java 2012-02-20 16:39:02 UTC (rev 8437)
@@ -0,0 +1,53 @@
+/*
+ * JBoss, a division of Red Hat
+ * Copyright 2012, Red Hat Middleware, LLC, and individual
+ * contributors as indicated by the @authors tag. See the
+ * copyright.txt in the distribution for a full listing of
+ * individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.exoplatform.web.security;
+
+import org.gatein.wci.security.Credentials;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.ConcurrentMap;
+
+/**
+ * Temporary registry for hold credentials (and potentially other attributes) during login process.
+ *
+ *
+ * @author <a href="mailto:mposolda at redhat.com">Marek Posolda</a>
+ */
+public interface AuthenticationRegistry
+{
+
+ public Credentials getCredentials(HttpServletRequest request);
+
+
+ public void setCredentials(HttpServletRequest request, Credentials credentials);
+
+
+ public Credentials removeCredentials(HttpServletRequest request);
+
+
+ public void removeClient(String sessionId);
+
+}
Added: epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/AuthenticationRegistryImpl.java
===================================================================
--- epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/AuthenticationRegistryImpl.java (rev 0)
+++ epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/AuthenticationRegistryImpl.java 2012-02-20 16:39:02 UTC (rev 8437)
@@ -0,0 +1,125 @@
+/*
+ * JBoss, a division of Red Hat
+ * Copyright 2012, Red Hat Middleware, LLC, and individual
+ * contributors as indicated by the @authors tag. See the
+ * copyright.txt in the distribution for a full listing of
+ * individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.exoplatform.web.security;
+
+import org.gatein.common.logging.Logger;
+import org.gatein.common.logging.LoggerFactory;
+import org.gatein.wci.security.Credentials;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.ConcurrentMap;
+
+/**
+ * Temporary registry for hold credentials (and potentially other attributes) during login process to avoid store them in session.
+ * Registry is used only during authentication process and attributes of target client are cleared after successful authentication,
+ *
+ * @author <a href="mailto:mposolda at redhat.com">Marek Posolda</a>
+ */
+public class AuthenticationRegistryImpl implements AuthenticationRegistry
+{
+ private static final Logger log = LoggerFactory.getLogger(AuthenticationRegistryImpl.class);
+
+ // Key is ID of HTTP Session. Value is map with various attributes of single client (session),
+ // which will be used during authentication process.
+ private final ConcurrentMap<String, Map<String, Object>> registry = new ConcurrentHashMap<String, Map<String, Object>>();
+
+
+ public Credentials getCredentials(HttpServletRequest request)
+ {
+ String sessionId = getSessionId(request);
+ Map<String, Object> attributesOfClient = registry.get(sessionId);
+
+ if (attributesOfClient == null)
+ {
+ return null;
+ }
+
+ return (Credentials)attributesOfClient.get(Credentials.CREDENTIALS);
+ }
+
+
+ public void setCredentials(HttpServletRequest request, Credentials credentials)
+ {
+ String sessionId = getSessionId(request);
+
+ Map<String, Object> attributesOfClient = getAttributesOfClient(sessionId);
+ attributesOfClient.put(Credentials.CREDENTIALS, credentials);
+ }
+
+
+ public Credentials removeCredentials(HttpServletRequest request)
+ {
+ String sessionId = getSessionId(request);
+
+ Map<String, Object> attributesOfClient = getAttributesOfClient(sessionId);
+
+ Credentials credentials = (Credentials)attributesOfClient.remove(Credentials.CREDENTIALS);
+
+ // Clear map if no more attributes are here.
+ if (attributesOfClient.size() == 0)
+ {
+ removeClient(sessionId);
+ }
+
+ return credentials;
+ }
+
+
+ public void removeClient(String sessionId)
+ {
+ registry.remove(sessionId);
+
+ if (log.isTraceEnabled())
+ {
+ log.trace("Entry cleared for session " + sessionId);
+ }
+ }
+
+
+ private Map<String, Object> getAttributesOfClient(String sessionId)
+ {
+ Map<String, Object> attributes = registry.get(sessionId);
+
+ if (attributes == null)
+ {
+ attributes = new ConcurrentHashMap<String, Object>();
+ registry.putIfAbsent(sessionId, attributes);
+
+ if (log.isTraceEnabled())
+ {
+ log.trace("New entry created in AuthenticationRegistry for session " + sessionId);
+ }
+ }
+
+ return registry.get(sessionId);
+ }
+
+
+ private String getSessionId(HttpServletRequest req)
+ {
+ return req.getSession().getId();
+ }
+}
Added: epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/AuthenticationRegistryListener.java
===================================================================
--- epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/AuthenticationRegistryListener.java (rev 0)
+++ epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/AuthenticationRegistryListener.java 2012-02-20 16:39:02 UTC (rev 8437)
@@ -0,0 +1,56 @@
+/*
+ * JBoss, a division of Red Hat
+ * Copyright 2012, Red Hat Middleware, LLC, and individual
+ * contributors as indicated by the @authors tag. See the
+ * copyright.txt in the distribution for a full listing of
+ * individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.exoplatform.web.security;
+
+import org.exoplatform.container.ExoContainer;
+import org.exoplatform.container.web.AbstractHttpSessionListener;
+
+import javax.servlet.http.HttpSessionEvent;
+
+/**
+ * @author <a href="mailto:mposolda at redhat.com">Marek Posolda</a>
+ */
+public class AuthenticationRegistryListener extends AbstractHttpSessionListener
+{
+
+ @Override
+ protected boolean requirePortalEnvironment()
+ {
+ return true;
+ }
+
+
+ @Override
+ protected void onSessionCreated(ExoContainer container, HttpSessionEvent event)
+ {
+ }
+
+
+ @Override
+ protected void onSessionDestroyed(ExoContainer container, HttpSessionEvent event)
+ {
+ AuthenticationRegistry authenticationRegistry = (AuthenticationRegistry)container.getComponentInstanceOfType(AuthenticationRegistry.class);
+ authenticationRegistry.removeClient(event.getSession().getId());
+ }
+}
Modified: epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/PortalLoginController.java
===================================================================
--- epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/PortalLoginController.java 2012-02-20 13:23:45 UTC (rev 8436)
+++ epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/PortalLoginController.java 2012-02-20 16:39:02 UTC (rev 8437)
@@ -19,6 +19,7 @@
package org.exoplatform.web.security;
+import org.exoplatform.container.ExoContainerContext;
import org.exoplatform.web.login.InitiateLoginServlet;
import org.exoplatform.web.security.security.AbstractTokenService;
import org.exoplatform.web.security.security.CookieTokenService;
@@ -28,6 +29,7 @@
import org.gatein.wci.security.WCILoginController;
import java.io.IOException;
+import java.net.URLEncoder;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
@@ -63,7 +65,7 @@
{
//Create token
AbstractTokenService tokenService = AbstractTokenService.getInstance(CookieTokenService.class);
- Credentials credentials = (Credentials)req.getSession().getAttribute(Credentials.CREDENTIALS);
+ Credentials credentials = getCredentials(req);
String cookieToken = tokenService.createToken(credentials);
log.debug("Found a remember me request parameter, created a persistent token " + cookieToken + " for it and set it up " +
@@ -94,4 +96,34 @@
String redirectURI = req.getContextPath() + "/dologin?initialURI=" + uri;
resp.sendRedirect(resp.encodeRedirectURL(redirectURI));
}
+
+ /**
+ * Read credentials from ConversationState instead of HTTP session.
+ *
+ * @param req
+ * @return credentials
+ */
+ @Override
+ protected Credentials getCredentials(HttpServletRequest req)
+ {
+ return getAuthenticationRegistry(req).getCredentials(req);
+ }
+
+ /**
+ * Set credentials to ConversationState instead of HTTP session
+ *
+ * @param req
+ * @param credentials
+ */
+ @Override
+ protected void setCredentials(HttpServletRequest req, Credentials credentials)
+ {
+ getAuthenticationRegistry(req).setCredentials(req, credentials);
+ }
+
+ private AuthenticationRegistry getAuthenticationRegistry(HttpServletRequest req)
+ {
+ return (AuthenticationRegistry) ExoContainerContext.getCurrentContainer().
+ getComponentInstanceOfType(AuthenticationRegistry.class);
+ }
}
Modified: epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/PortalLoginModule.java
===================================================================
--- epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/PortalLoginModule.java 2012-02-20 13:23:45 UTC (rev 8436)
+++ epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/PortalLoginModule.java 2012-02-20 16:39:02 UTC (rev 8437)
@@ -169,7 +169,6 @@
else
{
request.getSession().setAttribute(AUTHENTICATED_CREDENTIALS, wc);
- handleCredentialsRemoving(request);
}
}
catch(Exception e)
@@ -187,6 +186,13 @@
*/
public boolean abort() throws LoginException
{
+ HttpServletRequest request = getCurrentHttpServletRequest();
+
+ if (request != null)
+ {
+ handleCredentialsRemoving(request);
+ }
+
return true;
}
@@ -210,14 +216,24 @@
}
/**
- * Remove credentials of authenticated user from HTTP session.
+ * Remove credentials of authenticated user from AuthenticationRegistry.
*
* @param request httpRequest
*/
protected void handleCredentialsRemoving(HttpServletRequest request)
{
- // TODO: We can't remove credentials from HTTP session right now because WSRP-Security relies on it. See method WSSecurityCredentialHelper.handleRequest
- // request.getSession().removeAttribute(Credentials.CREDENTIALS);
+ try
+ {
+ AuthenticationRegistry authenticationRegistry = (AuthenticationRegistry)getContainer().getComponentInstanceOfType(AuthenticationRegistry.class);
+ if (request != null)
+ {
+ authenticationRegistry.removeCredentials(request);
+ }
+ }
+ catch (Exception e)
+ {
+ log.debug("Unable to remove credentials from credentialsRegistry.", e);
+ }
}
private HttpServletRequest getCurrentHttpServletRequest()
Modified: epp/portal/branches/EPP_5_2_Branch/pom.xml
===================================================================
--- epp/portal/branches/EPP_5_2_Branch/pom.xml 2012-02-20 13:23:45 UTC (rev 8436)
+++ epp/portal/branches/EPP_5_2_Branch/pom.xml 2012-02-20 16:39:02 UTC (rev 8437)
@@ -50,10 +50,10 @@
<org.gatein.parent.version>1.1.0-GA</org.gatein.parent.version>
<org.gatein.common.version>2.0.4-GA</org.gatein.common.version>
<org.gatein.dep.version>1.1.0-GA</org.gatein.dep.version>
- <org.gatein.wci.version>2.1.0-GA</org.gatein.wci.version>
+ <org.gatein.wci.version>2.1.1-Beta03</org.gatein.wci.version>
<org.gatein.pc.version>2.3.0-GA</org.gatein.pc.version>
<org.picketlink.idm>1.3.1.CR01</org.picketlink.idm>
- <org.gatein.wsrp.version>2.1.0-EPP520-GA</org.gatein.wsrp.version>
+ <org.gatein.wsrp.version>2.1.1-CR01</org.gatein.wsrp.version>
<org.gatein.mop.version>1.1.0-GA</org.gatein.mop.version>
<org.gatein.mgmt.version>1.0.1-GA</org.gatein.mgmt.version>
<org.slf4j.version>1.5.8</org.slf4j.version>
Modified: epp/portal/branches/EPP_5_2_Branch/web/portal/src/main/webapp/WEB-INF/conf/common/common-configuration.xml
===================================================================
--- epp/portal/branches/EPP_5_2_Branch/web/portal/src/main/webapp/WEB-INF/conf/common/common-configuration.xml 2012-02-20 13:23:45 UTC (rev 8436)
+++ epp/portal/branches/EPP_5_2_Branch/web/portal/src/main/webapp/WEB-INF/conf/common/common-configuration.xml 2012-02-20 16:39:02 UTC (rev 8437)
@@ -184,6 +184,11 @@
</init-params>
</component>
+ <component>
+ <key>org.exoplatform.web.security.AuthenticationRegistry</key>
+ <type>org.exoplatform.web.security.AuthenticationRegistryImpl</type>
+ </component>
+
<external-component-plugins>
<target-component>org.exoplatform.services.cache.ExoCacheFactory</target-component>
<component-plugin>
Modified: epp/portal/branches/EPP_5_2_Branch/web/portal/src/main/webapp/WEB-INF/web.xml
===================================================================
--- epp/portal/branches/EPP_5_2_Branch/web/portal/src/main/webapp/WEB-INF/web.xml 2012-02-20 13:23:45 UTC (rev 8436)
+++ epp/portal/branches/EPP_5_2_Branch/web/portal/src/main/webapp/WEB-INF/web.xml 2012-02-20 16:39:02 UTC (rev 8437)
@@ -200,6 +200,9 @@
<listener>
<listener-class>org.exoplatform.services.security.web.JAASConversationStateListener</listener-class>
</listener>
+ <listener>
+ <listener-class>org.exoplatform.web.security.AuthenticationRegistryListener</listener-class>
+ </listener>
<!-- ================================================================== -->
<!-- SERVLET -->
<!-- ================================================================== -->
Added: epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-component/src/main/java/org/gatein/integration/wsrp/wss/ConversationStateCredentialsAccessor.java
===================================================================
--- epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-component/src/main/java/org/gatein/integration/wsrp/wss/ConversationStateCredentialsAccessor.java (rev 0)
+++ epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-component/src/main/java/org/gatein/integration/wsrp/wss/ConversationStateCredentialsAccessor.java 2012-02-20 16:39:02 UTC (rev 8437)
@@ -0,0 +1,55 @@
+/*
+ * JBoss, a division of Red Hat
+ * Copyright 2012, Red Hat Middleware, LLC, and individual
+ * contributors as indicated by the @authors tag. See the
+ * copyright.txt in the distribution for a full listing of
+ * individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.gatein.integration.wsrp.wss;
+
+import org.exoplatform.services.security.ConversationState;
+import org.gatein.common.logging.Logger;
+import org.gatein.common.logging.LoggerFactory;
+import org.gatein.wci.security.Credentials;
+import org.gatein.wsrp.wss.credentials.CredentialsAccessor;
+
+/**
+ * @author <a href="mailto:mposolda at redhat.com">Marek Posolda</a>
+ */
+public class ConversationStateCredentialsAccessor implements CredentialsAccessor
+{
+
+ private static final Logger log = LoggerFactory.getLogger(ConversationStateCredentialsAccessor.class);
+
+ /**
+ * Reading credentials from @{link ConversationState} of current user.
+ *
+ * @return credentials
+ */
+ @Override
+ public Credentials getCredentials()
+ {
+ if (ConversationState.getCurrent() == null)
+ {
+ log.warn("Cannot find Credentials because ConversationState not set.");
+ return null;
+ }
+ return (Credentials)ConversationState.getCurrent().getAttribute(Credentials.CREDENTIALS);
+ }
+}
Modified: epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-component/src/main/java/org/gatein/integration/wsrp/wss/JBoss5WSSServiceIntegration.java
===================================================================
--- epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-component/src/main/java/org/gatein/integration/wsrp/wss/JBoss5WSSServiceIntegration.java 2012-02-20 13:23:45 UTC (rev 8436)
+++ epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-component/src/main/java/org/gatein/integration/wsrp/wss/JBoss5WSSServiceIntegration.java 2012-02-20 16:39:02 UTC (rev 8437)
@@ -23,6 +23,7 @@
package org.gatein.integration.wsrp.wss;
import org.gatein.wsrp.wss.WebServiceSecurityFactory;
+import org.gatein.wsrp.wss.credentials.CredentialsAccessor;
import org.picocontainer.Startable;
import org.wsrp.wss.jboss5.handlers.consumer.JBWSSecurityHandlerWrapper;
import org.wsrp.wss.jboss5.handlers.consumer.WSSecurityCredentialHandler;
@@ -35,12 +36,13 @@
{
private final WebServiceSecurityFactory wssFactory;
- private final WSSecurityCredentialHandler WS_CREDENTIAL_HANDLER = new WSSecurityCredentialHandler();
+ private final WSSecurityCredentialHandler WS_CREDENTIAL_HANDLER;
private final JBWSSecurityHandlerWrapper JBWS_SECURITY_WRAPPER = new JBWSSecurityHandlerWrapper();
- public JBoss5WSSServiceIntegration()
+ public JBoss5WSSServiceIntegration(CredentialsAccessor credentialsAccessor)
{
wssFactory = WebServiceSecurityFactory.getInstance();
+ WS_CREDENTIAL_HANDLER = new WSSecurityCredentialHandler(credentialsAccessor);
}
public void start()
Modified: epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-ear-as5/src/main/application/lib/jboss5integration.jar/conf/configuration.xml
===================================================================
--- epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-ear-as5/src/main/application/lib/jboss5integration.jar/conf/configuration.xml 2012-02-20 13:23:45 UTC (rev 8436)
+++ epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-ear-as5/src/main/application/lib/jboss5integration.jar/conf/configuration.xml 2012-02-20 16:39:02 UTC (rev 8437)
@@ -28,6 +28,16 @@
xmlns="http://www.exoplaform.org/xml/ns/kernel_1_1.xsd">
<component>
+ <key>org.gatein.wsrp.wss.credentials.CredentialsAccessor</key>
+
+ <!-- Reading credentials from HTTP session -->
+ <!--<type>org.gatein.wsrp.wss.credentials.HTTPSessionCredentialsAccessor</type>-->
+
+ <!-- Reading credentials from ConversationState -->
+ <type>org.gatein.integration.wsrp.wss.ConversationStateCredentialsAccessor</type>
+ </component>
+
+ <component>
<type>org.gatein.integration.wsrp.wss.JBoss5WSSServiceIntegration</type>
</component>
More information about the gatein-commits
mailing list