Author: alain_defrance Date: 2010-10-05 11:59:17 -0400 (Tue, 05 Oct 2010) New Revision: 4511 Added: components/wci/branches/adf/wci/src/main/java/org/gatein/wci/security/ components/wci/branches/adf/wci/src/main/java/org/gatein/wci/security/WCILoginController.java components/wci/branches/adf/wci/src/main/java/org/gatein/wci/security/WCILoginModule.java Modified: components/wci/branches/adf/test/servers/tomcat6/pom.xml components/wci/branches/adf/test/servers/tomcat7/pom.xml components/wci/branches/adf/tomcat7/src/main/java/org/gatein/wci/tomcat/TC7ServletContainerContext.java components/wci/branches/adf/wci/src/main/java/org/gatein/wci/ServletContainer.java components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/GenericAuthentication.java components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/GenericAuthenticationResult.java components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/WCICredentials.java components/wci/branches/adf/wci/src/main/java/org/gatein/wci/impl/DefaultServletContainer.java components/wci/branches/adf/wci/src/main/java/org/gatein/wci/spi/ServletContainerContext.java Log: WCILoginModule & WCILoginController added Modified: components/wci/branches/adf/test/servers/tomcat6/pom.xml =================================================================== --- components/wci/branches/adf/test/servers/tomcat6/pom.xml 2010-10-05 14:08:41 UTC (rev 4510) +++ components/wci/branches/adf/test/servers/tomcat6/pom.xml 2010-10-05 15:59:17 UTC (rev 4511) @@ -377,10 +377,10 @@ <activeByDefault>true</activeByDefault> </activation> <properties> - <test.generic>false</test.generic> + <test.generic>true</test.generic> <test.native>true</test.native> - <test.exo>false</test.exo> - <test.endpoint>false</test.endpoint> + <test.exo>true</test.exo> + <test.endpoint>true</test.endpoint> </properties> </profile> <profile> Modified: components/wci/branches/adf/test/servers/tomcat7/pom.xml =================================================================== --- components/wci/branches/adf/test/servers/tomcat7/pom.xml 2010-10-05 14:08:41 UTC (rev 4510) +++ components/wci/branches/adf/test/servers/tomcat7/pom.xml 2010-10-05 15:59:17 UTC (rev 4511) @@ -377,10 +377,10 @@ <activeByDefault>true</activeByDefault> </activation> <properties> - <test.generic>false</test.generic> + <test.generic>true</test.generic> <test.native>true</test.native> - <test.exo>false</test.exo> - <test.endpoint>false</test.endpoint> + <test.exo>true</test.exo> + <test.endpoint>true</test.endpoint> </properties> </profile> <profile> Modified: components/wci/branches/adf/tomcat7/src/main/java/org/gatein/wci/tomcat/TC7ServletContainerContext.java =================================================================== --- components/wci/branches/adf/tomcat7/src/main/java/org/gatein/wci/tomcat/TC7ServletContainerContext.java 2010-10-05 14:08:41 UTC (rev 4510) +++ components/wci/branches/adf/tomcat7/src/main/java/org/gatein/wci/tomcat/TC7ServletContainerContext.java 2010-10-05 15:59:17 UTC (rev 4511) @@ -100,29 +100,15 @@ this.registration = null; } - public AuthenticationResult login(HttpServletRequest request, HttpServletResponse response, String userName, String password) + public AuthenticationResult login(HttpServletRequest request, HttpServletResponse response, String userName, String password) throws ServletException { - try - { - request.login(userName, password); - } - catch (ServletException e) - { - e.printStackTrace(); // TODO : manage correctly this exception. - } - return new ProgrammaticAuthenticationResult(); + request.login(userName, password); + return new ProgrammaticAuthenticationResult(); } - public void logout(HttpServletRequest request, HttpServletResponse response) + public void logout(HttpServletRequest request, HttpServletResponse response) throws ServletException { - try - { - request.logout(); - } - catch (ServletException e) - { - e.printStackTrace(); // TODO : manage correctly this exception. - } + request.logout(); } public synchronized void containerEvent(ContainerEvent event) Modified: components/wci/branches/adf/wci/src/main/java/org/gatein/wci/ServletContainer.java =================================================================== --- components/wci/branches/adf/wci/src/main/java/org/gatein/wci/ServletContainer.java 2010-10-05 14:08:41 UTC (rev 4510) +++ components/wci/branches/adf/wci/src/main/java/org/gatein/wci/ServletContainer.java 2010-10-05 15:59:17 UTC (rev 4511) @@ -102,7 +102,7 @@ * @param userName the username which try to login * @param password the password of the username */ - AuthenticationResult login(HttpServletRequest request, HttpServletResponse response, String userName, String password); + AuthenticationResult login(HttpServletRequest request, HttpServletResponse response, String userName, String password) throws ServletException; /** * Authentication support. @@ -110,7 +110,7 @@ * @param request the request valid in the current servlet context * @param response the response valid in the current servlet context */ - void logout(HttpServletRequest request, HttpServletResponse response); + void logout(HttpServletRequest request, HttpServletResponse response) throws ServletException; /** * Add the authentication listener. Modified: components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/GenericAuthentication.java =================================================================== --- components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/GenericAuthentication.java 2010-10-05 14:08:41 UTC (rev 4510) +++ components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/GenericAuthentication.java 2010-10-05 15:59:17 UTC (rev 4511) @@ -36,15 +36,13 @@ public AuthenticationResult login(String login, String password, HttpServletRequest request, HttpServletResponse response) { String ticket = TICKET_SERVICE.createTicket(new WCICredentials(login, password)); - - //fireEvent(EventType.LOGIN, new AuthenticationEvent(EventType.LOGIN, request, response, login, password)); - return new GenericAuthenticationResult(ticket); + + return new GenericAuthenticationResult(login, ticket); } public void logout(HttpServletRequest request, HttpServletResponse response) { request.getSession().invalidate(); - //fireEvent(EventType.LOGOUT, new AuthenticationEvent(EventType.LOGIN, request, response)); } public static GenericAuthentication getInstance() { Modified: components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/GenericAuthenticationResult.java =================================================================== --- components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/GenericAuthenticationResult.java 2010-10-05 14:08:41 UTC (rev 4510) +++ components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/GenericAuthenticationResult.java 2010-10-05 15:59:17 UTC (rev 4511) @@ -19,18 +19,32 @@ package org.gatein.wci.authentication; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + /** * @author <a href="mailto:alain.defrance@exoplatform.com">Alain Defrance</a> * @version $Revision$ */ public class GenericAuthenticationResult extends AuthenticationResult { + private String username; private String ticket; - public GenericAuthenticationResult(String ticket) { - this.ticket = ticket; + public GenericAuthenticationResult(String username, String ticket) { + this.username = username; + this.ticket = ticket; } public String getTicket() { return ticket; } + + public void perform(HttpServletRequest req, HttpServletResponse resp) throws IOException + { + req.getSession().removeAttribute(WCICredentials.CREDENTIALS); + String url = "j_security_check?j_username=" + username + "&j_password=" + ticket; + url = resp.encodeRedirectURL(url); + resp.sendRedirect(url); + } } Modified: components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/WCICredentials.java =================================================================== --- components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/WCICredentials.java 2010-10-05 14:08:41 UTC (rev 4510) +++ components/wci/branches/adf/wci/src/main/java/org/gatein/wci/authentication/WCICredentials.java 2010-10-05 15:59:17 UTC (rev 4511) @@ -33,6 +33,9 @@ /** . */ private final String password; + /** . */ + public static final String CREDENTIALS = "credentials"; + /** * Construct a new instance. * Modified: components/wci/branches/adf/wci/src/main/java/org/gatein/wci/impl/DefaultServletContainer.java =================================================================== --- components/wci/branches/adf/wci/src/main/java/org/gatein/wci/impl/DefaultServletContainer.java 2010-10-05 14:08:41 UTC (rev 4510) +++ components/wci/branches/adf/wci/src/main/java/org/gatein/wci/impl/DefaultServletContainer.java 2010-10-05 15:59:17 UTC (rev 4511) @@ -97,7 +97,7 @@ } /** . */ - public AuthenticationResult login(HttpServletRequest request, HttpServletResponse response, String userName, String password) + public AuthenticationResult login(HttpServletRequest request, HttpServletResponse response, String userName, String password) throws ServletException { AuthenticationResult result = registration.context.login(request, response, userName, password); @@ -107,7 +107,8 @@ return result; } - public void logout(HttpServletRequest request, HttpServletResponse response) { + public void logout(HttpServletRequest request, HttpServletResponse response) throws ServletException + { registration.context.logout(request, response); // Added: components/wci/branches/adf/wci/src/main/java/org/gatein/wci/security/WCILoginController.java =================================================================== --- components/wci/branches/adf/wci/src/main/java/org/gatein/wci/security/WCILoginController.java (rev 0) +++ components/wci/branches/adf/wci/src/main/java/org/gatein/wci/security/WCILoginController.java 2010-10-05 15:59:17 UTC (rev 4511) @@ -0,0 +1,87 @@ +/* +* Copyright (C) 2003-2009 eXo Platform SAS. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ + +package org.gatein.wci.security; + +import org.gatein.common.logging.Logger; +import org.gatein.common.logging.LoggerFactory; +import org.gatein.wci.authentication.WCICredentials; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + +/** + * @author <a href="mailto:alain.defrance@exoplatform.com">Alain Defrance</a> + * @version $Revision$ + */ +public class WCILoginController extends HttpServlet +{ + /** . */ + private static final Logger log = LoggerFactory.getLogger(WCILoginController.class); + + protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException + { + String username = req.getParameter("username"); + String password = req.getParameter("password"); + + // + if (username == null) + { + log.error("Tried to access the portal login controller without username provided"); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "No username provided"); + return; + } + if (password == null) + { + log.error("Tried to access the portal login controller without password provided"); + resp.sendError(HttpServletResponse.SC_BAD_REQUEST, "No password provided"); + return; + } + + // + log.debug("Found username and password and set credentials in http session"); + WCICredentials credentials = new WCICredentials(username, password); + req.getSession().setAttribute(WCICredentials.CREDENTIALS, credentials); + + // Obtain initial URI + String uri = req.getParameter("initialURI"); + + // otherwise compute one + if (uri == null || uri.length() == 0) + { + uri = req.getContextPath() + "/private/classic"; + log.debug("No initial URI found, will use default " + uri + " instead "); + } + else + { + log.debug("Found initial URI " + uri); + } + + // + resp.sendRedirect(uri); + } + + protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException + { + doGet(req, resp); + } +} Added: components/wci/branches/adf/wci/src/main/java/org/gatein/wci/security/WCILoginModule.java =================================================================== --- components/wci/branches/adf/wci/src/main/java/org/gatein/wci/security/WCILoginModule.java (rev 0) +++ components/wci/branches/adf/wci/src/main/java/org/gatein/wci/security/WCILoginModule.java 2010-10-05 15:59:17 UTC (rev 4511) @@ -0,0 +1,90 @@ +/* +* Copyright (C) 2003-2009 eXo Platform SAS. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ + +package org.gatein.wci.security; + +import org.gatein.wci.authentication.GenericAuthentication; +import org.gatein.wci.authentication.WCICredentials; + +import javax.security.auth.Subject; +import javax.security.auth.callback.Callback; +import javax.security.auth.callback.CallbackHandler; +import javax.security.auth.callback.NameCallback; +import javax.security.auth.callback.PasswordCallback; +import javax.security.auth.login.LoginException; +import javax.security.auth.spi.LoginModule; +import java.util.Map; + +/** + * @author <a href="mailto:alain.defrance@exoplatform.com">Alain Defrance</a> + * @version $Revision$ + */ + +public class WCILoginModule implements LoginModule { + private Subject subject; + private CallbackHandler callbackHandler; + private Map sharedState; + private Map options; + + public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) { + this.subject = subject; + this.callbackHandler = callbackHandler; + this.sharedState = sharedState; + this.options = options; + } + + /** + * @see javax.security.auth.spi.LoginModule#login() + */ + @SuppressWarnings("unchecked") + public boolean login() throws LoginException { + Callback[] callbacks = new Callback[2]; + callbacks[0] = new NameCallback("Username"); + callbacks[1] = new PasswordCallback("Password", false); + + try + { + callbackHandler.handle(callbacks); + String password = new String(((PasswordCallback)callbacks[1]).getPassword()); + + WCICredentials credentials = GenericAuthentication.TICKET_SERVICE.validateToken(password, true); + sharedState.put("javax.security.auth.login.name", credentials.getUsername()); + sharedState.put("javax.security.auth.login.password", credentials.getPassword()); + } + catch (Exception e) + { + LoginException le = new LoginException(); + le.initCause(e); + throw le; + } + return true; + } + + public boolean commit() throws LoginException { + return true; + } + + public boolean abort() throws LoginException { + return true; + } + + public boolean logout() throws LoginException { + return true; + } +} Modified: components/wci/branches/adf/wci/src/main/java/org/gatein/wci/spi/ServletContainerContext.java =================================================================== --- components/wci/branches/adf/wci/src/main/java/org/gatein/wci/spi/ServletContainerContext.java 2010-10-05 14:08:41 UTC (rev 4510) +++ components/wci/branches/adf/wci/src/main/java/org/gatein/wci/spi/ServletContainerContext.java 2010-10-05 15:59:17 UTC (rev 4511) @@ -82,7 +82,7 @@ * @param userName the username which try to login * @param password the password of the username */ - AuthenticationResult login(HttpServletRequest request, HttpServletResponse response, String userName, String password); + AuthenticationResult login(HttpServletRequest request, HttpServletResponse response, String userName, String password) throws ServletException; /** * Authentication support. @@ -90,7 +90,7 @@ * @param request the request valid in the current servlet context * @param response the response valid in the current servlet context */ - void logout(HttpServletRequest request, HttpServletResponse response); + void logout(HttpServletRequest request, HttpServletResponse response) throws ServletException; /** * The callback interface that a servlet container context can obtain from its registration against