Author: hfnukal Date: 2011-06-22 22:24:17 -0400 (Wed, 22 Jun 2011) New Revision: 6720 Removed: epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/PortalLoginController.java epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/PortalLoginController.java Modified: epp/portal/branches/EPP_5_2_Branch/component/ epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/ErrorLoginServlet.java epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/InitiateLoginServlet.java Log: Merge Revisions 5822 6031 Property changes on: epp/portal/branches/EPP_5_2_Branch/component ___________________________________________________________________ Modified: svn:mergeinfo - /epp/portal/branches/EPP_5_1_0_GA_JBEPP-795/component:5868 /portal/branches/branch-GTNPORTAL-1592/component:4894 /portal/branches/branch-GTNPORTAL-1643/component:5002,5063,5167 /portal/branches/branch-GTNPORTAL-1700/component:5348,5402,5445 /portal/branches/branch-GTNPORTAL-1731/component:5668 /portal/branches/branch-GTNPORTAL-1745/component:5765 /portal/branches/branch-GTNPORTAL-1822/component:5943 /portal/branches/branch-GTNPORTAL-1832/component:6030,6063 /portal/trunk/component:4891,5744,5822,5943,6033,6168,6196,6201-6203,6205-6206 + /epp/portal/branches/EPP_5_1_0_GA_JBEPP-795/component:5868 /portal/branches/branch-GTNPORTAL-1592/component:4894 /portal/branches/branch-GTNPORTAL-1643/component:5002,5063,5167 /portal/branches/branch-GTNPORTAL-1700/component:5348,5402,5445 /portal/branches/branch-GTNPORTAL-1731/component:5668 /portal/branches/branch-GTNPORTAL-1745/component:5765 /portal/branches/branch-GTNPORTAL-1822/component:5943 /portal/branches/branch-GTNPORTAL-1832/component:6030,6063 /portal/trunk/component:4891,5744,5822,5943,6031,6033,6168,6196,6201-6203,6205-6206 Modified: epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/ErrorLoginServlet.java =================================================================== --- epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/ErrorLoginServlet.java 2011-06-23 00:06:57 UTC (rev 6719) +++ epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/ErrorLoginServlet.java 2011-06-23 02:24:17 UTC (rev 6720) @@ -25,6 +25,7 @@ import org.exoplatform.services.log.Log; import org.exoplatform.web.security.security.AbstractTokenService; import org.exoplatform.web.security.security.CookieTokenService; +import org.gatein.wci.security.WCIController; import java.io.IOException; import java.util.Enumeration; @@ -59,6 +60,8 @@ @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { + WCIController wciController = new GateinWCIController(getServletContext()); + PortalContainer pContainer = PortalContainer.getInstance(); ServletContext context = pContainer.getPortalContext(); // Unregister the token cookie @@ -66,7 +69,7 @@ // Clear the token cookie clearTokenCookie(req, resp); // This allows the customer to define another login page without changing the portal - context.getRequestDispatcher("/login/jsp/login.jsp").include(req, resp); + wciController.showLoginForm(req, resp); } protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException Modified: epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/InitiateLoginServlet.java =================================================================== --- epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/InitiateLoginServlet.java 2011-06-23 00:06:57 UTC (rev 6719) +++ epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/InitiateLoginServlet.java 2011-06-23 02:24:17 UTC (rev 6720) @@ -25,11 +25,10 @@ import org.exoplatform.web.security.security.TicketConfiguration; import org.gatein.common.logging.Logger; import org.gatein.common.logging.LoggerFactory; -import org.gatein.wci.authentication.AuthenticationResult; -import org.gatein.wci.authentication.GenericAuthenticationResult; -import org.gatein.wci.authentication.ProgrammaticAuthenticationResult; +import org.gatein.wci.ServletContainer; import org.gatein.wci.security.Credentials; import org.gatein.wci.impl.DefaultServletContainerFactory; +import org.gatein.wci.security.WCIController; import java.io.IOException; @@ -37,7 +36,6 @@ import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; /** * Initiate the login dance. @@ -58,14 +56,18 @@ public static final long LOGIN_VALIDITY = 1000 * TicketConfiguration.getInstance(TicketConfiguration.class).getValidityTime(); + /** . */ + private WCIController wciController; + + /** . */ + private ServletContainer servletContainer = DefaultServletContainerFactory.getInstance().getServletContainer(); + @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { resp.setContentType("text/html; charset=UTF-8"); - HttpSession session = req.getSession(); - // Looking for credentials stored in the session - Credentials credentials = (Credentials)session.getAttribute(Credentials.CREDENTIALS); + Credentials credentials = getWCIController().getCredentials(req, resp); // if (credentials == null) @@ -89,15 +91,14 @@ // This allows the customer to define another login page without // changing the portal - showLoginForm(req, resp); + getWCIController().showLoginForm(req, resp); } else { // Send authentication request log.debug("Login initiated with no credentials in session but found token " + token + " with existing credentials, " + "performing authentication"); - //sendAuth(resp, credentials.getUsername(), token); - sendAuth(req, resp, credentials.getUsername(), token); + getWCIController().sendAuth(req, resp, credentials.getUsername(), token); } } else @@ -105,75 +106,21 @@ // This allows the customer to define another login page without // changing the portal log.debug("Login initiated with no credentials in session and no token cookie, redirecting to login page"); - showLoginForm(req, resp); + getWCIController().showLoginForm(req, resp); } } else { // WCI authentication - AuthenticationResult result = DefaultServletContainerFactory.getInstance().getServletContainer() - .login(req, resp, credentials.getUsername(), credentials.getPassword(), LOGIN_VALIDITY); - - log.debug("Login initiated with credentials in session, performing authentication"); - if (result instanceof GenericAuthenticationResult) - { - ((GenericAuthenticationResult) result).perform(req, resp); - } - else if (result instanceof ProgrammaticAuthenticationResult) - { - resp.sendRedirect(resp.encodeRedirectURL((String)req.getAttribute("javax.servlet.forward.request_uri"))); - } + servletContainer.login(req, resp, credentials, LOGIN_VALIDITY, wciController.getInitialURI(req)); } } - private void showLoginForm(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException - { - /*String initialURI = (String)req.getAttribute("javax.servlet.forward.request_uri"); - if (initialURI == null) - { - throw new IllegalStateException("request attribute javax.servlet.forward.request_uri should not be null here"); - }*/ - String initialURI = getInitialURI(req); - try - { - String queryString = (String)req.getAttribute("javax.servlet.forward.query_string"); - if ((String)req.getAttribute("javax.servlet.forward.query_string") != null) - { - initialURI = initialURI + "?" + queryString; - } - //req.setAttribute("org.gatein.portal.login.initial_uri", initialURI); - //req.getSession(true).setAttribute("org.gatein.portal.login.initial_uri", initialURI); - req.setAttribute("org.gatein.portal.login.initial_uri", initialURI); - getServletContext().getRequestDispatcher("/login/jsp/login.jsp").include(req, resp); - } - finally - { - //req.removeAttribute("org.gatein.portal.login.initial_uri"); - //req.getSession(true).removeAttribute("org.gatein.portal.login.initial_uri"); - req.removeAttribute("org.gatein.portal.login.initial_uri"); - } - } - - protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { doGet(req, resp); } - //private void sendAuth(HttpServletResponse resp, String jUsername, String jPassword) throws IOException - private void sendAuth(HttpServletRequest req, HttpServletResponse resp, String jUsername, String jPassword) throws IOException - { - //String url = "j_security_check?j_username=" + jUsername + "&j_password=" + jPassword; - String initialURI = getInitialURI(req); - if (!initialURI.endsWith("/")) - { - initialURI += "/"; - } - String url = initialURI + "j_security_check?j_username=" + jUsername + "&j_password=" + jPassword; - url = resp.encodeRedirectURL(url); - resp.sendRedirect(url); - } - /** * Extract the remember me token from the request or returns null. * @@ -204,4 +151,11 @@ { return true; } + + private WCIController getWCIController() { + if (wciController == null) { + wciController = new GateinWCIController(getServletContext()); + } + return wciController; + } } Deleted: epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/PortalLoginController.java =================================================================== --- epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/PortalLoginController.java 2011-06-23 00:06:57 UTC (rev 6719) +++ epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/login/PortalLoginController.java 2011-06-23 02:24:17 UTC (rev 6720) @@ -1,118 +0,0 @@ -/** - * Copyright (C) 2009 eXo Platform SAS. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ - -package org.exoplatform.web.login; - -import org.exoplatform.container.web.AbstractHttpServlet; -import org.exoplatform.web.security.Credentials; -import org.exoplatform.web.security.security.AbstractTokenService; -import org.exoplatform.web.security.security.CookieTokenService; -import org.gatein.common.logging.Logger; -import org.gatein.common.logging.LoggerFactory; - -import java.io.IOException; - -import javax.servlet.ServletException; -import javax.servlet.http.Cookie; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -/** - * @author <a href="mailto:trong.tran@exoplatform.com">Tran The Trong</a> - * @version $Revision$ - */ -public class PortalLoginController extends AbstractHttpServlet -{ - - /** . */ - private static final Logger log = LoggerFactory.getLogger(PortalLoginController.class); - - protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException - { - String username = req.getParameter("username"); - String password = req.getParameter("password"); - - // - if (username == null) - { - log.error("Tried to access the portal login controller without username provided"); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "No username provided"); - return; - } - if (password == null) - { - log.error("Tried to access the portal login controller without password provided"); - resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "No password provided"); - return; - } - - // - log.debug("Found username and password and set credentials in http session"); - Credentials credentials = new Credentials(username, password); - req.getSession().setAttribute(InitiateLoginServlet.CREDENTIALS, credentials); - - // Obtain initial URI - String uri = req.getParameter("initialURI"); - - // otherwise compute one - if (uri == null || uri.length() == 0) - { - uri = req.getContextPath() + "/private/classic"; - log.debug("No initial URI found, will use default " + uri + " instead "); - } - else - { - log.debug("Found initial URI " + uri); - } - - // if we do have a remember me - String rememberme = req.getParameter("rememberme"); - if ("true".equals(rememberme)) - { - boolean isRemember = "true".equals(req.getParameter(InitiateLoginServlet.COOKIE_NAME)); - if (isRemember) - { - //Create token - AbstractTokenService tokenService = AbstractTokenService.getInstance(CookieTokenService.class); - String cookieToken = tokenService.createToken(credentials); - - log.debug("Found a remember me request parameter, created a persistent token " + cookieToken + " for it and set it up " + - "in the next response"); - Cookie cookie = new Cookie(InitiateLoginServlet.COOKIE_NAME, cookieToken); - cookie.setPath(req.getContextPath()); - cookie.setMaxAge((int)tokenService.getValidityTime()); - resp.addCookie(cookie); - } - } - - // - resp.sendRedirect(uri); - } - - protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException - { - doGet(req, resp); - } - - @Override - protected boolean requirePortalEnvironment() - { - return true; - } -} Deleted: epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/PortalLoginController.java =================================================================== --- epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/PortalLoginController.java 2011-06-23 00:06:57 UTC (rev 6719) +++ epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/org/exoplatform/web/security/PortalLoginController.java 2011-06-23 02:24:17 UTC (rev 6720) @@ -1,88 +0,0 @@ -/* -* Copyright (C) 2003-2009 eXo Platform SAS. -* -* This is free software; you can redistribute it and/or modify it -* under the terms of the GNU Lesser General Public License as -* published by the Free Software Foundation; either version 2.1 of -* the License, or (at your option) any later version. -* -* This software is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -* Lesser General Public License for more details. -* -* You should have received a copy of the GNU Lesser General Public -* License along with this software; if not, write to the Free -* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA -* 02110-1301 USA, or see the FSF site: http://www.fsf.org. -*/ - -package org.exoplatform.web.security; - -import org.exoplatform.web.login.InitiateLoginServlet; -import org.exoplatform.web.security.security.AbstractTokenService; -import org.exoplatform.web.security.security.CookieTokenService; -import org.gatein.common.logging.Logger; -import org.gatein.common.logging.LoggerFactory; -import org.gatein.wci.security.WCILoginController; - -import javax.servlet.ServletException; -import javax.servlet.http.Cookie; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; - -/** - * @author <a href="mailto:alain.defrance@exoplatform.com">Alain Defrance</a> - * @version $Revision$ - */ -public class PortalLoginController extends WCILoginController { - - /** . */ - private static final Logger log = LoggerFactory.getLogger(PortalLoginController.class); - - @Override - protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { - super.doGet(req, resp); - - // Obtain initial URI - String uri = req.getParameter("initialURI"); - - // otherwise compute one - if (uri == null || uri.length() == 0) - { - //uri = req.getContextPath() + "/private/classic"; - uri = req.getContextPath(); - log.debug("No initial URI found, will use default " + uri + " instead "); - } - else - { - log.debug("Found initial URI " + uri); - //req.getSession(true).setAttribute("org.gatein.portal.login.initial_uri", uri); - } - - // if we do have a remember me - String rememberme = req.getParameter("rememberme"); - if ("true".equals(rememberme)) - { - boolean isRemember = "true".equals(req.getParameter(InitiateLoginServlet.COOKIE_NAME)); - if (isRemember) - { - //Create token - AbstractTokenService tokenService = AbstractTokenService.getInstance(CookieTokenService.class); - String cookieToken = tokenService.createToken(credentials); - - log.debug("Found a remember me request parameter, created a persistent token " + cookieToken + " for it and set it up " + - "in the next response"); - Cookie cookie = new Cookie(InitiateLoginServlet.COOKIE_NAME, cookieToken); - cookie.setPath(req.getContextPath()); - //cookie.setMaxAge((int)tokenService.getValidityTime() / 1000); - cookie.setMaxAge((int)tokenService.getValidityTime()); - resp.addCookie(cookie); - } - } - - // - resp.sendRedirect(uri); - } -}