From do-not-reply at jboss.org Mon Feb 13 09:25:24 2012
Content-Type: multipart/mixed; boundary="===============4184963568429008455=="
MIME-Version: 1.0
From: do-not-reply at jboss.org
To: gatein-commits at lists.jboss.org
Subject: [gatein-commits] gatein SVN: r8421 - in
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent: login and 1
other directories.
Date: Mon, 13 Feb 2012 09:25:23 -0500
Message-ID: <201202131425.q1DEPNJ0015665@svn01.web.mwc.hst.phx2.redhat.com>
--===============4184963568429008455==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Author: mposolda
Date: 2012-02-13 09:25:23 -0500 (Mon, 13 Feb 2012)
New Revision: 8421
Added:
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/tomcat/
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/tomcat/Ser=
vletAccess.java
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/tomcat/Ser=
vletAccessValve.java
Modified:
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/login/SSOL=
oginModule.java
Log:
GTNSSO-5 SSO is now working with GateIn on Tomcat
Modified: components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/log=
in/SSOLoginModule.java
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/login/SSO=
LoginModule.java 2012-02-13 12:10:57 UTC (rev 8420)
+++ components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/login/SSO=
LoginModule.java 2012-02-13 14:25:23 UTC (rev 8421)
@@ -35,14 +35,14 @@
import org.exoplatform.services.security.Identity;
import org.exoplatform.services.security.UsernameCredential;
import org.exoplatform.services.security.jaas.AbstractLoginModule;
+import org.gatein.sso.agent.tomcat.ServletAccess;
=
/**
* @author Sohil Shah
*/
public final class SSOLoginModule extends AbstractLoginModule
{
- private static final Log log =3D ExoLogger.getLogger(SSOLoginModule.class
- .getName());
+ private static final Log log =3D ExoLogger.getLogger(SSOLoginModule.cla=
ss);
=
/** JACC get context method. */
private static Method getContextMethod;
@@ -75,26 +75,22 @@
=
String password =3D new String(((PasswordCallback) callbacks[1])
.getPassword());
- =
- //
- // For clustered config check credentials stored and propagated =
in session. This won't work in tomcat because
- // of lack of JACC PolicyContext so the code must be a bit defens=
ive
+ =
+ // Check credentials stored and propagated in session.
String username =3D null;
- if (getContextMethod !=3D null && password.startsWith("wci-ticket=
"))
- {
- HttpServletRequest request;
- try
- {
- request =3D (HttpServletRequest)getContextMethod.invoke(nul=
l, "javax.servlet.http.HttpServletRequest");
- username =3D (String)request.getSession().getAttribute("use=
rname");
- }
- catch(Throwable e)
- {
- log.error(this,e);
- log.error("LoginModule error. Turn off session credentials =
checking with proper configuration option of " +
- "LoginModule set to false");
- }
- }
+ HttpServletRequest request =3D getCurrentHttpServletRequest();
+ =
+ if (request =3D=3D null)
+ {
+ log.debug("HttpServletRequest is null. SSOLoginModule will be ig=
nored.");
+ return false;
+ }
+
+ if (password.startsWith("wci-ticket"))
+ {
+ username =3D (String)request.getSession().getAttribute("username=
");
+ }
+
=
if (username =3D=3D null)
{
@@ -145,8 +141,40 @@
}
=
@Override
- protected Log getLogger() =
+ protected Log getLogger()
{
return log;
}
+ =
+ protected HttpServletRequest getCurrentHttpServletRequest()
+ {
+ HttpServletRequest request =3D null;
+
+ // JBoss way
+ if (getContextMethod !=3D null)
+ {
+ try
+ {
+ request =3D (HttpServletRequest)getContextMethod.invoke(null, =
"javax.servlet.http.HttpServletRequest");
+ }
+ catch(Throwable e)
+ {
+ log.error("LoginModule error. Turn off session credentials che=
cking with proper configuration option of " +
+ "LoginModule set to false");
+ log.error(this, e);
+ }
+ }
+ // Tomcat way (Assumed that ServletAccessValve has been configured i=
n context.xml)
+ else
+ {
+ request =3D ServletAccess.getRequest();
+ }
+ =
+ if (log.isTraceEnabled())
+ {
+ log.trace("Returning HttpServletRequest " + request);
+ }
+ =
+ return request;
+ }
}
\ No newline at end of file
Added: components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/tomcat=
/ServletAccess.java
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/tomcat/Se=
rvletAccess.java (rev 0)
+++ components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/tomcat/Se=
rvletAccess.java 2012-02-13 14:25:23 UTC (rev 8421)
@@ -0,0 +1,57 @@
+package org.gatein.sso.agent.tomcat;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * @author Marek Posolda
+ */
+public class ServletAccess
+{
+ =
+ private static ThreadLocal holderThreadLocal =3D new ThreadLoca=
l();
+
+ public static void setRequestAndResponse(HttpServletRequest request, Ht=
tpServletResponse response)
+ {
+ holderThreadLocal.set(new Holder(request, response));
+ }
+ =
+ public static void resetRequestAndResponse()
+ {
+ holderThreadLocal.set(null);
+ }
+ =
+ public static HttpServletRequest getRequest()
+ {
+ Holder holder =3D holderThreadLocal.get();
+ if (holder !=3D null)
+ {
+ return holder.servletRequest;
+ }
+
+ return null;
+ }
+
+ public static HttpServletResponse getResponse()
+ {
+ Holder holder =3D holderThreadLocal.get();
+ if (holder !=3D null)
+ {
+ return holder.servletResponse;
+ }
+
+ return null;
+ }
+ =
+ private static class Holder
+ {
+ private final HttpServletRequest servletRequest;
+ private final HttpServletResponse servletResponse;
+ =
+ private Holder(HttpServletRequest servletRequest, HttpServletRespons=
e servletResponse)
+ {
+ this.servletRequest =3D servletRequest;
+ this.servletResponse =3D servletResponse;
+ }
+ }
+}
Added: components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/tomcat=
/ServletAccessValve.java
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/tomcat/Se=
rvletAccessValve.java (rev 0)
+++ components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/tomcat/Se=
rvletAccessValve.java 2012-02-13 14:25:23 UTC (rev 8421)
@@ -0,0 +1,45 @@
+package org.gatein.sso.agent.tomcat;
+
+import org.apache.catalina.connector.Request;
+import org.apache.catalina.connector.Response;
+import org.apache.catalina.valves.ValveBase;
+import org.gatein.common.logging.Logger;
+import org.gatein.common.logging.LoggerFactory;
+
+import javax.servlet.ServletException;
+import java.io.IOException;
+
+/**
+ * Valve for adding HttpServletRequest and HttpServletResponse into thread=
Local so that it can be accessed from
+ * Login Modules during authentication.
+ *
+ * @author Marek Posolda
+ */
+public class ServletAccessValve extends ValveBase
+{
+ private static final Logger log =3D LoggerFactory.getLogger(ServletAcce=
ssValve.class);
+ =
+ @Override
+ public void invoke(Request request, Response response) throws IOExcepti=
on, ServletException
+ {
+ ServletAccess.setRequestAndResponse(request, response);
+ if (log.isTraceEnabled())
+ {
+ log.trace("Current HttpServletRequest and HttpServletResponse add=
ed to ThreadLocal.");
+ }
+
+ try
+ {
+ getNext().invoke(request, response);
+ }
+ finally
+ {
+ ServletAccess.resetRequestAndResponse();
+ if (log.isTraceEnabled())
+ {
+ log.trace("Cleaning ThreadLocal");
+ }
+ }
+ }
+
+}
--===============4184963568429008455==--