Author: sohil.shah(a)jboss.com
Date: 2010-04-06 14:34:53 -0400 (Tue, 06 Apr 2010)
New Revision: 2501
Added:
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/filter/SPNEGOFilter.java
Removed:
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/filter/SPNEGOTxFilter.java
Modified:
components/sso/trunk/.classpath
components/sso/trunk/agent/pom.xml
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/login/SPNEGORolesModule.java
components/sso/trunk/spnego/pom.xml
Log:
spnego cleanup
Modified: components/sso/trunk/.classpath
===================================================================
--- components/sso/trunk/.classpath 2010-04-06 18:34:38 UTC (rev 2500)
+++ components/sso/trunk/.classpath 2010-04-06 18:34:53 UTC (rev 2501)
@@ -17,7 +17,7 @@
<classpathentry kind="src"
output="josso/gatein-josso-plugin/target/classes"
path="josso/gatein-josso-plugin/src/main/java"/>
<classpathentry kind="src"
output="opensso/gatein-opensso-plugin/target/classes"
path="opensso/gatein-opensso-plugin/src/main/java"/>
<classpathentry excluding="**" kind="src"
output="opensso/gatein-opensso-portal/target/classes"
path="opensso/gatein-opensso-portal/src/main/resources"/>
- <classpathentry kind="src" output="spengo/target/classes"
path="spnego/src/main/java"/>
+ <classpathentry kind="src" output="spnego/target/classes"
path="spnego/src/main/java"/>
<classpathentry excluding="**" kind="src"
output="packaging/target/classes"
path="packaging/src/main/resources"/>
<classpathentry kind="con"
path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/J2SE-1.5"/>
<classpathentry kind="con"
path="org.eclipse.jdt.junit.JUNIT_CONTAINER/3"/>
Modified: components/sso/trunk/agent/pom.xml
===================================================================
--- components/sso/trunk/agent/pom.xml 2010-04-06 18:34:38 UTC (rev 2500)
+++ components/sso/trunk/agent/pom.xml 2010-04-06 18:34:53 UTC (rev 2501)
@@ -14,7 +14,7 @@
<properties>
<!-- ChangeMe to your specific local environment -->
- <gatein.location>/home/soshah/projects/gatein/runtime/jboss/server/default</gatein.location>
+ <gatein.location>/home/soshah/projects/gatein/portal/trunk/packaging/pkg/target/jboss/server/gatein-spnego</gatein.location>
</properties>
<dependencies>
Copied:
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/filter/SPNEGOFilter.java
(from rev 2477,
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/filter/SPNEGOTxFilter.java)
===================================================================
---
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/filter/SPNEGOFilter.java
(rev 0)
+++
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/filter/SPNEGOFilter.java 2010-04-06
18:34:53 UTC (rev 2501)
@@ -0,0 +1,153 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+package org.gatein.sso.agent.filter;
+
+import java.io.IOException;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+
+import javax.transaction.TransactionManager;
+import javax.transaction.Status;
+import javax.naming.InitialContext;
+
+import org.exoplatform.container.web.AbstractFilter;
+import org.exoplatform.services.organization.OrganizationService;
+import org.exoplatform.services.organization.User;
+import org.exoplatform.services.security.Authenticator;
+import org.exoplatform.services.security.IdentityRegistry;
+import org.exoplatform.services.security.Identity;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class SPNEGOFilter extends AbstractFilter
+{
+
+ public void destroy()
+ {
+ }
+
+ public void doFilter(ServletRequest request, ServletResponse response,
+ FilterChain chain) throws IOException, ServletException
+ {
+ HttpServletRequest httpRequest = (HttpServletRequest)request;
+
+ boolean isStartedHere = this.startTx();
+ try
+ {
+ String remoteUser = httpRequest.getRemoteUser();
+
+ //System.out.println("-----------------------------------------------------------------");
+ //System.out.println("SPNEGO TX Filter (TX Started: )"+isStartedHere);
+ //System.out.println("RequestURL: "+httpRequest.getRequestURI());
+ //System.out.println("RemoteUser: "+remoteUser);
+
+ if(remoteUser != null)
+ {
+ //Check and make sure the IdentityRegistry is consistent
+ IdentityRegistry identityRegistry = (IdentityRegistry) getContainer()
+ .getComponentInstanceOfType(IdentityRegistry.class);
+ if(identityRegistry.getIdentity(remoteUser) == null)
+ {
+ Authenticator authenticator = (Authenticator) getContainer()
+ .getComponentInstanceOfType(Authenticator.class);
+
+ Identity identity = authenticator.createIdentity(remoteUser);
+ identityRegistry.register(identity);
+ }
+
+ OrganizationService orgService =
+
(OrganizationService)getContainer().getComponentInstanceOfType(OrganizationService.class);
+ User user = orgService.getUserHandler().findUserByName(remoteUser);
+
+ //System.out.println("Exo User : "+user);
+ }
+ //System.out.println("-----------------------------------------------------------------");
+
+ chain.doFilter(request, response);
+
+ if(isStartedHere)
+ {
+ this.commit();
+ }
+ }
+ catch(Throwable t)
+ {
+ if(isStartedHere)
+ {
+ this.rollback();
+ }
+
+ throw new RuntimeException(t);
+ }
+ }
+
+ private boolean startTx()
+ {
+ try
+ {
+ TransactionManager tm = (TransactionManager)new
InitialContext().lookup("java:/TransactionManager");
+
+ if(tm.getStatus() == Status.STATUS_NO_TRANSACTION)
+ {
+ tm.begin();
+ return true;
+ }
+
+ return false;
+ }
+ catch(Throwable t)
+ {
+ return false;
+ }
+ }
+
+ private void commit()
+ {
+ try
+ {
+ TransactionManager tm = (TransactionManager)new
InitialContext().lookup("java:/TransactionManager");
+ tm.commit();
+ }
+ catch(Throwable t)
+ {
+ throw new RuntimeException(t);
+ }
+ }
+
+ private void rollback()
+ {
+ try
+ {
+ TransactionManager tm = (TransactionManager)new
InitialContext().lookup("java:/TransactionManager");
+ tm.rollback();
+ }
+ catch(Throwable t)
+ {
+ throw new RuntimeException(t);
+ }
+ }
+}
Deleted:
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/filter/SPNEGOTxFilter.java
===================================================================
---
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/filter/SPNEGOTxFilter.java 2010-04-06
18:34:38 UTC (rev 2500)
+++
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/filter/SPNEGOTxFilter.java 2010-04-06
18:34:53 UTC (rev 2501)
@@ -1,145 +0,0 @@
-/*
-* JBoss, a division of Red Hat
-* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
-* by the @authors tag. See the copyright.txt in the distribution for a
-* full listing of individual contributors.
-*
-* This is free software; you can redistribute it and/or modify it
-* under the terms of the GNU Lesser General Public License as
-* published by the Free Software Foundation; either version 2.1 of
-* the License, or (at your option) any later version.
-*
-* This software is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-* Lesser General Public License for more details.
-*
-* You should have received a copy of the GNU Lesser General Public
-* License along with this software; if not, write to the Free
-* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
-* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
-*/
-package org.gatein.sso.agent.filter;
-
-import java.io.IOException;
-
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletRequest;
-
-import javax.transaction.TransactionManager;
-import javax.transaction.Status;
-import javax.naming.InitialContext;
-
-import org.exoplatform.container.web.AbstractFilter;
-import org.exoplatform.services.organization.OrganizationService;
-import org.exoplatform.services.organization.User;
-
-/**
- * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
- */
-public class SPNEGOTxFilter extends AbstractFilter
-{
-
- public void destroy()
- {
- }
-
- public void doFilter(ServletRequest request, ServletResponse response,
- FilterChain chain) throws IOException, ServletException
- {
- HttpServletRequest httpRequest = (HttpServletRequest)request;
-
- boolean isStartedHere = this.startTx();
- try
- {
- String remoteUser = httpRequest.getRemoteUser();
-
- System.out.println("-----------------------------------------------------------------");
- System.out.println("SPNEGO TX Filter invoked...(TX Started:
)"+isStartedHere);
- System.out.println("RequestURL: "+httpRequest.getRequestURI());
- System.out.println("RemoteUser: "+remoteUser);
-
- if(remoteUser != null)
- {
- OrganizationService orgService =
-
(OrganizationService)getContainer().getComponentInstanceOfType(OrganizationService.class);
- User user = orgService.getUserHandler().findUserByName(remoteUser);
-
- System.out.println("Exo User: "+user);
- }
- System.out.println("-----------------------------------------------------------------");
-
- chain.doFilter(request, response);
-
- if(isStartedHere)
- {
- this.commit();
- }
- }
- catch(Throwable t)
- {
- t.printStackTrace();
-
- if(isStartedHere)
- {
- this.rollback();
- }
-
- throw new RuntimeException(t);
- }
- }
-
- private boolean startTx()
- {
- try
- {
- TransactionManager tm = (TransactionManager)new
InitialContext().lookup("java:/TransactionManager");
-
- if(tm.getStatus() == Status.STATUS_NO_TRANSACTION)
- {
- tm.begin();
- return true;
- }
-
- return false;
- }
- catch(Throwable t)
- {
- t.printStackTrace();
- return false;
- }
- }
-
- private void commit()
- {
- try
- {
- TransactionManager tm = (TransactionManager)new
InitialContext().lookup("java:/TransactionManager");
- tm.commit();
- }
- catch(Throwable t)
- {
- t.printStackTrace();
- throw new RuntimeException(t);
- }
- }
-
- private void rollback()
- {
- try
- {
- TransactionManager tm = (TransactionManager)new
InitialContext().lookup("java:/TransactionManager");
- tm.rollback();
- }
- catch(Throwable t)
- {
- t.printStackTrace();
- throw new RuntimeException(t);
- }
- }
-}
Modified:
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/login/SPNEGORolesModule.java
===================================================================
---
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/login/SPNEGORolesModule.java 2010-04-06
18:34:38 UTC (rev 2500)
+++
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/login/SPNEGORolesModule.java 2010-04-06
18:34:53 UTC (rev 2501)
@@ -50,7 +50,8 @@
import org.exoplatform.services.security.jaas.UserPrincipal;
/**
- * The LoginModule that is responsible for setting up the proper GateIn roles
corresponding to the SPNEGO principal that was authenticated
+ * The LoginModule that is responsible for setting up the proper GateIn roles
+ * corresponding to the SPNEGO principal that was authenticated
*
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
*/
@@ -63,7 +64,7 @@
private static final String OPTION_REALM_NAME = "realmName";
private String portalContainerName;
private String realmName;
-
+
private String getPortalContainerName(Map options)
{
if (options != null)
@@ -178,9 +179,9 @@
.getComponentInstanceOfType(IdentityRegistry.class);
// Check for single check
- if(identityRegistry.getIdentity(this.identity.getUserId()) != null)
+ if (identityRegistry.getIdentity(this.identity.getUserId()) != null)
{
- //already logged in
+ // already logged in
return true;
}
@@ -199,87 +200,96 @@
throw new LoginException(e.getMessage());
}
}
-
+
@Override
- public boolean logout() throws LoginException
- {
- org.exoplatform.container.monitor.jvm.J2EEServerInfo info = new J2EEServerInfo();
- MBeanServer jbossServer = info.getMBeanServer();
+ public boolean logout() throws LoginException
+ {
+ org.exoplatform.container.monitor.jvm.J2EEServerInfo info = new J2EEServerInfo();
+ MBeanServer jbossServer = info.getMBeanServer();
- //
- if (jbossServer != null)
- {
- try
- {
+ //
+ if (jbossServer != null)
+ {
+ try
+ {
- log.debug("Performing JBoss security manager cache eviction");
+ log.debug("Performing JBoss security manager cache eviction");
- ObjectName securityManagerName = new
ObjectName("jboss.security:service=JaasSecurityManager");
+ ObjectName securityManagerName = new ObjectName(
+ "jboss.security:service=JaasSecurityManager");
- // Obtain user name
- String userName = null;
- Set<UserPrincipal> userPrincipals =
subject.getPrincipals(UserPrincipal.class);
- if (!userPrincipals.isEmpty())
- {
- // There should be one
- userName = userPrincipals.iterator().next().getName();
- }
+ // Obtain user name
+ String userName = null;
+ Set<UserPrincipal> userPrincipals = subject
+ .getPrincipals(UserPrincipal.class);
+ if (!userPrincipals.isEmpty())
+ {
+ // There should be one
+ userName = userPrincipals.iterator().next().getName();
+ }
- //
- if (userName != null)
- {
- log.debug("Going to perform JBoss security manager cache eviction for
user " + userName);
+ //
+ if (userName != null)
+ {
+ log
+ .debug("Going to perform JBoss security manager cache eviction for user
"
+ + userName);
- //
- List allPrincipals =
- (List)jbossServer.invoke(securityManagerName,
"getAuthenticationCachePrincipals",
- new Object[]{realmName}, new String[]{String.class.getName()});
+ //
+ List allPrincipals = (List) jbossServer.invoke(securityManagerName,
+ "getAuthenticationCachePrincipals", new Object[] { realmName },
+ new String[] { String.class.getName() });
- // Make a copy to avoid some concurrent mods
- allPrincipals = new ArrayList(allPrincipals);
+ // Make a copy to avoid some concurrent mods
+ allPrincipals = new ArrayList(allPrincipals);
- // Lookup for invalidation key, it must be the same principal!
- Principal key = null;
- for (Iterator i = allPrincipals.iterator(); i.hasNext();)
- {
- Principal principal = (Principal)i.next();
- if (principal.getName().equals(userName))
- {
- key = principal;
- break;
- }
- }
+ // Lookup for invalidation key, it must be the same principal!
+ Principal key = null;
+ for (Iterator i = allPrincipals.iterator(); i.hasNext();)
+ {
+ Principal principal = (Principal) i.next();
+ if (principal.getName().equals(userName))
+ {
+ key = principal;
+ break;
+ }
+ }
- // Perform invalidation
- if (key != null)
- {
- jbossServer.invoke(securityManagerName,
"flushAuthenticationCache", new Object[]{realmName, key},
- new String[]{String.class.getName(), Principal.class.getName()});
- log.debug("Performed JBoss security manager cache eviction for
user " + userName + " with principal "
- + key);
- }
- else
- {
- log.warn("No principal found when performing JBoss security
manager cache eviction for user "
- + userName);
- }
- }
- else
- {
- log.warn("No user name found when performing JBoss security manager
cache eviction");
- }
- }
- catch (Exception e)
- {
- log.error("Could not perform JBoss security manager cache
eviction", e);
- }
- }
- else
- {
- log.debug("Could not find mbean server for performing JBoss security
manager cache eviction");
- }
+ // Perform invalidation
+ if (key != null)
+ {
+ jbossServer.invoke(securityManagerName, "flushAuthenticationCache",
+ new Object[] { realmName, key }, new String[] {
+ String.class.getName(), Principal.class.getName() });
+ log
+ .debug("Performed JBoss security manager cache eviction for user "
+ + userName + " with principal " + key);
+ }
+ else
+ {
+ log
+ .warn("No principal found when performing JBoss security manager cache
eviction for user "
+ + userName);
+ }
+ }
+ else
+ {
+ log
+ .warn("No user name found when performing JBoss security manager cache
eviction");
+ }
+ }
+ catch (Exception e)
+ {
+ log.error("Could not perform JBoss security manager cache eviction", e);
+ }
+ }
+ else
+ {
+ log
+ .debug("Could not find mbean server for performing JBoss security manager cache
eviction");
+ }
- //
- return true;
- }
+ //
+ return true;
+ }
}
Modified: components/sso/trunk/spnego/pom.xml
===================================================================
--- components/sso/trunk/spnego/pom.xml 2010-04-06 18:34:38 UTC (rev 2500)
+++ components/sso/trunk/spnego/pom.xml 2010-04-06 18:34:53 UTC (rev 2501)
@@ -14,7 +14,7 @@
<properties>
<!-- ChangeMe to your specific local environment -->
- <gatein.location>/home/soshah/projects/gatein/runtime/jboss/server/default</gatein.location>
+ <gatein.location>/home/soshah/projects/gatein/portal/trunk/packaging/pkg/target/jboss/server/gatein-spnego</gatein.location>
</properties>
<dependencies>