From do-not-reply at jboss.org Mon Feb 20 11:39:03 2012
Content-Type: multipart/mixed; boundary="===============6335232176280505699=="
MIME-Version: 1.0
From: do-not-reply at jboss.org
To: gatein-commits at lists.jboss.org
Subject: [gatein-commits] gatein SVN: r8437 - in
epp/portal/branches/EPP_5_2_Branch:
component/web/security/src/main/java/org/exoplatform/web/login and 5 other
directories.
Date: Mon, 20 Feb 2012 11:39:03 -0500
Message-ID: <201202201639.q1KGd38d008633@svn01.web.mwc.hst.phx2.redhat.com>
--===============6335232176280505699==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Author: mposolda
Date: 2012-02-20 11:39:02 -0500 (Mon, 20 Feb 2012)
New Revision: 8437
Added:
epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/=
org/exoplatform/web/security/AuthenticationRegistry.java
epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/=
org/exoplatform/web/security/AuthenticationRegistryImpl.java
epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/=
org/exoplatform/web/security/AuthenticationRegistryListener.java
epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-component/=
src/main/java/org/gatein/integration/wsrp/wss/ConversationStateCredentialsA=
ccessor.java
Modified:
epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/=
org/exoplatform/web/login/DoLoginServlet.java
epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/=
org/exoplatform/web/login/GateinWCIController.java
epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/=
org/exoplatform/web/login/RememberMeFilter.java
epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/=
org/exoplatform/web/security/PortalLoginController.java
epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java/=
org/exoplatform/web/security/PortalLoginModule.java
epp/portal/branches/EPP_5_2_Branch/pom.xml
epp/portal/branches/EPP_5_2_Branch/web/portal/src/main/webapp/WEB-INF/co=
nf/common/common-configuration.xml
epp/portal/branches/EPP_5_2_Branch/web/portal/src/main/webapp/WEB-INF/we=
b.xml
epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-component/=
src/main/java/org/gatein/integration/wsrp/wss/JBoss5WSSServiceIntegration.j=
ava
epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-ear-as5/sr=
c/main/application/lib/jboss5integration.jar/conf/configuration.xml
Log:
Bug 793651 ( JBEPP-729 )
- Upgrade WCI and WSRP
- Get rid of credentials from HTTP Session
Modified: epp/portal/branches/EPP_5_2_Branch/component/web/security/src/mai=
n/java/org/exoplatform/web/login/DoLoginServlet.java
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java=
/org/exoplatform/web/login/DoLoginServlet.java 2012-02-20 13:23:45 UTC (rev=
8436)
+++ epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java=
/org/exoplatform/web/login/DoLoginServlet.java 2012-02-20 16:39:02 UTC (rev=
8437)
@@ -19,11 +19,14 @@
=
package org.exoplatform.web.login;
=
+import org.exoplatform.container.web.AbstractHttpServlet;
+import org.exoplatform.services.security.ConversationState;
+import org.exoplatform.web.security.AuthenticationRegistry;
import org.gatein.common.logging.Logger;
import org.gatein.common.logging.LoggerFactory;
+import org.gatein.wci.security.Credentials;
=
import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@@ -33,7 +36,7 @@
/**
* @author Julien Viet
*/
-public class DoLoginServlet extends HttpServlet
+public class DoLoginServlet extends AbstractHttpServlet
{
=
/** . */
@@ -65,7 +68,39 @@
initialURI =3D req.getContextPath();
}
=
+ // Now user is successfuly authenticated, so that we can remove cred=
entials from temporary AuthenticationRegistry
+ // and add them to ConversationState
+ Credentials credentials =3D removeCredentialsFromRegistry(req);
+ setCredentialsToConversationState(credentials);
+
//
resp.sendRedirect(resp.encodeRedirectURL(initialURI));
}
+
+ /**
+ * Remove credentials from temporary AuthenticationRegistry because aut=
hentication of user is now finished.
+ *
+ * @param req
+ * @return credentials,which were removed from AuthenticationRegistry
+ */
+ protected Credentials removeCredentialsFromRegistry(HttpServletRequest =
req)
+ {
+ AuthenticationRegistry authenticationRegistry =3D (AuthenticationReg=
istry)getContainer().getComponentInstanceOfType(AuthenticationRegistry.clas=
s);
+ return authenticationRegistry.removeCredentials(req);
+ }
+ =
+ /**
+ * Add credentials to {@link ConversationState}.
+ *
+ * @param credentials
+ */
+ protected void setCredentialsToConversationState(Credentials credential=
s)
+ {
+ ConversationState currentConversationState =3D ConversationState.get=
Current();
+ if (currentConversationState !=3D null && credentials !=3D null)
+ {
+ log.debug("Adding credentials to conversationState for user " + c=
redentials.getUsername());
+ currentConversationState.setAttribute(Credentials.CREDENTIALS, cr=
edentials);
+ }
+ }
}
Modified: epp/portal/branches/EPP_5_2_Branch/component/web/security/src/mai=
n/java/org/exoplatform/web/login/GateinWCIController.java
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java=
/org/exoplatform/web/login/GateinWCIController.java 2012-02-20 13:23:45 UTC=
(rev 8436)
+++ epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java=
/org/exoplatform/web/login/GateinWCIController.java 2012-02-20 16:39:02 UTC=
(rev 8437)
@@ -19,6 +19,9 @@
=
package org.exoplatform.web.login;
=
+import org.exoplatform.container.PortalContainer;
+import org.exoplatform.web.security.AuthenticationRegistry;
+import org.exoplatform.web.security.PortalLoginModule;
import org.gatein.wci.security.Credentials;
import org.gatein.wci.security.WCIController;
=
@@ -94,7 +97,17 @@
@Override
public Credentials getCredentials(final HttpServletRequest req, final H=
ttpServletResponse resp)
{
- return (Credentials)req.getSession().getAttribute(Credentials.CREDEN=
TIALS);
+ AuthenticationRegistry credRegistry =3D (AuthenticationRegistry)Port=
alContainer.getCurrentInstance(servletContext).
+ getComponentInstanceOfType(AuthenticationRegistry.class);
+ Credentials credentials =3D credRegistry.getCredentials(req);
+ =
+ // Try to find AuthenticatedCredentials in HTTP session
+ if (credentials =3D=3D null)
+ {
+ credentials =3D (Credentials)req.getSession().getAttribute(Portal=
LoginModule.AUTHENTICATED_CREDENTIALS);
+ }
+
+ return credentials;
}
=
@Override
Modified: epp/portal/branches/EPP_5_2_Branch/component/web/security/src/mai=
n/java/org/exoplatform/web/login/RememberMeFilter.java
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java=
/org/exoplatform/web/login/RememberMeFilter.java 2012-02-20 13:23:45 UTC (r=
ev 8436)
+++ epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java=
/org/exoplatform/web/login/RememberMeFilter.java 2012-02-20 16:39:02 UTC (r=
ev 8437)
@@ -21,6 +21,7 @@
=
import org.exoplatform.container.ExoContainer;
import org.exoplatform.container.web.AbstractFilter;
+import org.exoplatform.web.security.AuthenticationRegistry;
import org.exoplatform.web.security.security.CookieTokenService;
import org.exoplatform.web.controller.router.PercentEncoding;
import org.gatein.common.logging.Logger;
@@ -68,7 +69,9 @@
token, false);
if (o instanceof Credentials)
{
- req.getSession().setAttribute(Credentials.CREDENTIALS, o);
+ AuthenticationRegistry authenticationRegistry =3D (Authenti=
cationRegistry)getContainer().getComponentInstanceOfType(AuthenticationRegi=
stry.class);
+ authenticationRegistry.setCredentials(req, (Credentials)o);
+
resp.sendRedirect(resp.encodeRedirectURL(
loginUrl(
req.getContextPath(),
Added: epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/j=
ava/org/exoplatform/web/security/AuthenticationRegistry.java
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java=
/org/exoplatform/web/security/AuthenticationRegistry.java =
(rev 0)
+++ epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java=
/org/exoplatform/web/security/AuthenticationRegistry.java 2012-02-20 16:39:=
02 UTC (rev 8437)
@@ -0,0 +1,53 @@
+/*
+ * JBoss, a division of Red Hat
+ * Copyright 2012, Red Hat Middleware, LLC, and individual
+ * contributors as indicated by the @authors tag. See the
+ * copyright.txt in the distribution for a full listing of
+ * individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.exoplatform.web.security;
+
+import org.gatein.wci.security.Credentials;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.ConcurrentMap;
+
+/**
+ * Temporary registry for hold credentials (and potentially other attribut=
es) during login process.
+ *
+ *
+ * @author Marek Posolda
+ */
+public interface AuthenticationRegistry
+{
+
+ public Credentials getCredentials(HttpServletRequest request);
+
+
+ public void setCredentials(HttpServletRequest request, Credentials cred=
entials);
+
+
+ public Credentials removeCredentials(HttpServletRequest request);
+
+
+ public void removeClient(String sessionId);
+
+}
Added: epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/j=
ava/org/exoplatform/web/security/AuthenticationRegistryImpl.java
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java=
/org/exoplatform/web/security/AuthenticationRegistryImpl.java =
(rev 0)
+++ epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java=
/org/exoplatform/web/security/AuthenticationRegistryImpl.java 2012-02-20 16=
:39:02 UTC (rev 8437)
@@ -0,0 +1,125 @@
+/*
+ * JBoss, a division of Red Hat
+ * Copyright 2012, Red Hat Middleware, LLC, and individual
+ * contributors as indicated by the @authors tag. See the
+ * copyright.txt in the distribution for a full listing of
+ * individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.exoplatform.web.security;
+
+import org.gatein.common.logging.Logger;
+import org.gatein.common.logging.LoggerFactory;
+import org.gatein.wci.security.Credentials;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.ConcurrentMap;
+
+/**
+ * Temporary registry for hold credentials (and potentially other attribut=
es) during login process to avoid store them in session.
+ * Registry is used only during authentication process and attributes of t=
arget client are cleared after successful authentication,
+ * =
+ * @author Marek Posolda
+ */
+public class AuthenticationRegistryImpl implements AuthenticationRegistry
+{
+ private static final Logger log =3D LoggerFactory.getLogger(Authenticat=
ionRegistryImpl.class);
+ =
+ // Key is ID of HTTP Session. Value is map with various attributes of s=
ingle client (session),
+ // which will be used during authentication process.
+ private final ConcurrentMap> registry =3D n=
ew ConcurrentHashMap>();
+
+
+ public Credentials getCredentials(HttpServletRequest request)
+ {
+ String sessionId =3D getSessionId(request);
+ Map attributesOfClient =3D registry.get(sessionId);
+
+ if (attributesOfClient =3D=3D null)
+ {
+ return null;
+ }
+
+ return (Credentials)attributesOfClient.get(Credentials.CREDENTIALS);
+ }
+
+
+ public void setCredentials(HttpServletRequest request, Credentials cred=
entials)
+ {
+ String sessionId =3D getSessionId(request);
+
+ Map attributesOfClient =3D getAttributesOfClient(ses=
sionId);
+ attributesOfClient.put(Credentials.CREDENTIALS, credentials);
+ }
+
+
+ public Credentials removeCredentials(HttpServletRequest request)
+ {
+ String sessionId =3D getSessionId(request);
+
+ Map attributesOfClient =3D getAttributesOfClient(ses=
sionId);
+
+ Credentials credentials =3D (Credentials)attributesOfClient.remove(C=
redentials.CREDENTIALS);
+
+ // Clear map if no more attributes are here.
+ if (attributesOfClient.size() =3D=3D 0)
+ {
+ removeClient(sessionId);
+ }
+
+ return credentials;
+ }
+
+
+ public void removeClient(String sessionId)
+ {
+ registry.remove(sessionId);
+
+ if (log.isTraceEnabled())
+ {
+ log.trace("Entry cleared for session " + sessionId);
+ }
+ }
+
+
+ private Map getAttributesOfClient(String sessionId)
+ {
+ Map attributes =3D registry.get(sessionId);
+
+ if (attributes =3D=3D null)
+ {
+ attributes =3D new ConcurrentHashMap();
+ registry.putIfAbsent(sessionId, attributes);
+ =
+ if (log.isTraceEnabled())
+ {
+ log.trace("New entry created in AuthenticationRegistry for ses=
sion " + sessionId);
+ }
+ }
+
+ return registry.get(sessionId);
+ }
+
+
+ private String getSessionId(HttpServletRequest req)
+ {
+ return req.getSession().getId(); =
+ }
+}
Added: epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/j=
ava/org/exoplatform/web/security/AuthenticationRegistryListener.java
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java=
/org/exoplatform/web/security/AuthenticationRegistryListener.java =
(rev 0)
+++ epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java=
/org/exoplatform/web/security/AuthenticationRegistryListener.java 2012-02-2=
0 16:39:02 UTC (rev 8437)
@@ -0,0 +1,56 @@
+/*
+ * JBoss, a division of Red Hat
+ * Copyright 2012, Red Hat Middleware, LLC, and individual
+ * contributors as indicated by the @authors tag. See the
+ * copyright.txt in the distribution for a full listing of
+ * individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.exoplatform.web.security;
+
+import org.exoplatform.container.ExoContainer;
+import org.exoplatform.container.web.AbstractHttpSessionListener;
+
+import javax.servlet.http.HttpSessionEvent;
+
+/**
+ * @author Marek Posolda
+ */
+public class AuthenticationRegistryListener extends AbstractHttpSessionLis=
tener
+{
+
+ @Override
+ protected boolean requirePortalEnvironment()
+ {
+ return true;
+ }
+
+
+ @Override
+ protected void onSessionCreated(ExoContainer container, HttpSessionEven=
t event)
+ {
+ }
+
+
+ @Override
+ protected void onSessionDestroyed(ExoContainer container, HttpSessionEv=
ent event)
+ {
+ AuthenticationRegistry authenticationRegistry =3D (AuthenticationReg=
istry)container.getComponentInstanceOfType(AuthenticationRegistry.class);
+ authenticationRegistry.removeClient(event.getSession().getId());
+ }
+}
Modified: epp/portal/branches/EPP_5_2_Branch/component/web/security/src/mai=
n/java/org/exoplatform/web/security/PortalLoginController.java
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java=
/org/exoplatform/web/security/PortalLoginController.java 2012-02-20 13:23:4=
5 UTC (rev 8436)
+++ epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java=
/org/exoplatform/web/security/PortalLoginController.java 2012-02-20 16:39:0=
2 UTC (rev 8437)
@@ -19,6 +19,7 @@
=
package org.exoplatform.web.security;
=
+import org.exoplatform.container.ExoContainerContext;
import org.exoplatform.web.login.InitiateLoginServlet;
import org.exoplatform.web.security.security.AbstractTokenService;
import org.exoplatform.web.security.security.CookieTokenService;
@@ -28,6 +29,7 @@
import org.gatein.wci.security.WCILoginController;
=
import java.io.IOException;
+import java.net.URLEncoder;
=
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
@@ -63,7 +65,7 @@
{
//Create token
AbstractTokenService tokenService =3D AbstractTokenService.=
getInstance(CookieTokenService.class);
- Credentials credentials =3D (Credentials)req.getSession().g=
etAttribute(Credentials.CREDENTIALS);
+ Credentials credentials =3D getCredentials(req);
String cookieToken =3D tokenService.createToken(credentials=
);
=
log.debug("Found a remember me request parameter, created a=
persistent token " + cookieToken + " for it and set it up " +
@@ -94,4 +96,34 @@
String redirectURI =3D req.getContextPath() + "/dologin?initialURI=
=3D" + uri;
resp.sendRedirect(resp.encodeRedirectURL(redirectURI));
}
+
+ /**
+ * Read credentials from ConversationState instead of HTTP session.
+ *
+ * @param req
+ * @return credentials
+ */
+ @Override
+ protected Credentials getCredentials(HttpServletRequest req)
+ {
+ return getAuthenticationRegistry(req).getCredentials(req);
+ }
+
+ /**
+ * Set credentials to ConversationState instead of HTTP session
+ *
+ * @param req
+ * @param credentials
+ */
+ @Override
+ protected void setCredentials(HttpServletRequest req, Credentials crede=
ntials)
+ {
+ getAuthenticationRegistry(req).setCredentials(req, credentials);
+ }
+
+ private AuthenticationRegistry getAuthenticationRegistry(HttpServletReq=
uest req)
+ {
+ return (AuthenticationRegistry) ExoContainerContext.getCurrentContai=
ner().
+ getComponentInstanceOfType(AuthenticationRegistry.class);
+ }
}
Modified: epp/portal/branches/EPP_5_2_Branch/component/web/security/src/mai=
n/java/org/exoplatform/web/security/PortalLoginModule.java
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java=
/org/exoplatform/web/security/PortalLoginModule.java 2012-02-20 13:23:45 UT=
C (rev 8436)
+++ epp/portal/branches/EPP_5_2_Branch/component/web/security/src/main/java=
/org/exoplatform/web/security/PortalLoginModule.java 2012-02-20 16:39:02 UT=
C (rev 8437)
@@ -169,7 +169,6 @@
else
{
request.getSession().setAttribute(AUTHENTICATED_CREDENTIALS=
, wc);
- handleCredentialsRemoving(request);
}
}
catch(Exception e)
@@ -187,6 +186,13 @@
*/
public boolean abort() throws LoginException
{
+ HttpServletRequest request =3D getCurrentHttpServletRequest();
+
+ if (request !=3D null)
+ {
+ handleCredentialsRemoving(request);
+ }
+
return true;
}
=
@@ -210,14 +216,24 @@
}
=
/**
- * Remove credentials of authenticated user from HTTP session.
+ * Remove credentials of authenticated user from AuthenticationRegistry.
*
* @param request httpRequest
*/
protected void handleCredentialsRemoving(HttpServletRequest request)
{
- // TODO: We can't remove credentials from HTTP session right now bec=
ause WSRP-Security relies on it. See method WSSecurityCredentialHelper.hand=
leRequest
- // request.getSession().removeAttribute(Credentials.CREDENTIALS);
+ try
+ {
+ AuthenticationRegistry authenticationRegistry =3D (Authentication=
Registry)getContainer().getComponentInstanceOfType(AuthenticationRegistry.c=
lass);
+ if (request !=3D null)
+ {
+ authenticationRegistry.removeCredentials(request);
+ }
+ }
+ catch (Exception e)
+ {
+ log.debug("Unable to remove credentials from credentialsRegistry.=
", e);
+ }
}
=
private HttpServletRequest getCurrentHttpServletRequest()
Modified: epp/portal/branches/EPP_5_2_Branch/pom.xml
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- epp/portal/branches/EPP_5_2_Branch/pom.xml 2012-02-20 13:23:45 UTC (rev=
8436)
+++ epp/portal/branches/EPP_5_2_Branch/pom.xml 2012-02-20 16:39:02 UTC (rev=
8437)
@@ -50,10 +50,10 @@
1.1.0-GA
2.0.4-GA
1.1.0-GA
- 2.1.0-GA
+ 2.1.1-Beta03
2.3.0-GA
1.3.1.CR01
- 2.1.0-EPP520-GA
+ 2.1.1-CR01
1.1.0-GA
1.0.1-GA
1.5.8
Modified: epp/portal/branches/EPP_5_2_Branch/web/portal/src/main/webapp/WEB=
-INF/conf/common/common-configuration.xml
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- epp/portal/branches/EPP_5_2_Branch/web/portal/src/main/webapp/WEB-INF/c=
onf/common/common-configuration.xml 2012-02-20 13:23:45 UTC (rev 8436)
+++ epp/portal/branches/EPP_5_2_Branch/web/portal/src/main/webapp/WEB-INF/c=
onf/common/common-configuration.xml 2012-02-20 16:39:02 UTC (rev 8437)
@@ -184,6 +184,11 @@
=
+
+ org.exoplatform.web.security.AuthenticationRegistry
+ org.exoplatform.web.security.AuthenticationRegistryImpl
+
+
org.exoplatform.services.cache.ExoCacheFactory
Modified: epp/portal/branches/EPP_5_2_Branch/web/portal/src/main/webapp/WEB=
-INF/web.xml
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- epp/portal/branches/EPP_5_2_Branch/web/portal/src/main/webapp/WEB-INF/w=
eb.xml 2012-02-20 13:23:45 UTC (rev 8436)
+++ epp/portal/branches/EPP_5_2_Branch/web/portal/src/main/webapp/WEB-INF/w=
eb.xml 2012-02-20 16:39:02 UTC (rev 8437)
@@ -200,6 +200,9 @@
org.exoplatform.services.security.web.JAASConversation=
StateListener
+
+ org.exoplatform.web.security.AuthenticationRegistryList=
ener
+
Added: epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-compon=
ent/src/main/java/org/gatein/integration/wsrp/wss/ConversationStateCredenti=
alsAccessor.java
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-component=
/src/main/java/org/gatein/integration/wsrp/wss/ConversationStateCredentials=
Accessor.java (rev 0)
+++ epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-component=
/src/main/java/org/gatein/integration/wsrp/wss/ConversationStateCredentials=
Accessor.java 2012-02-20 16:39:02 UTC (rev 8437)
@@ -0,0 +1,55 @@
+/*
+ * JBoss, a division of Red Hat
+ * Copyright 2012, Red Hat Middleware, LLC, and individual
+ * contributors as indicated by the @authors tag. See the
+ * copyright.txt in the distribution for a full listing of
+ * individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.gatein.integration.wsrp.wss;
+
+import org.exoplatform.services.security.ConversationState;
+import org.gatein.common.logging.Logger;
+import org.gatein.common.logging.LoggerFactory;
+import org.gatein.wci.security.Credentials;
+import org.gatein.wsrp.wss.credentials.CredentialsAccessor;
+
+/**
+ * @author Marek Posolda
+ */
+public class ConversationStateCredentialsAccessor implements CredentialsAc=
cessor
+{
+
+ private static final Logger log =3D LoggerFactory.getLogger(Conversatio=
nStateCredentialsAccessor.class);
+
+ /**
+ * Reading credentials from @{link ConversationState} of current user.
+ *
+ * @return credentials
+ */
+ @Override
+ public Credentials getCredentials()
+ {
+ if (ConversationState.getCurrent() =3D=3D null)
+ {
+ log.warn("Cannot find Credentials because ConversationState not s=
et.");
+ return null;
+ }
+ return (Credentials)ConversationState.getCurrent().getAttribute(Cred=
entials.CREDENTIALS);
+ }
+}
Modified: epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-com=
ponent/src/main/java/org/gatein/integration/wsrp/wss/JBoss5WSSServiceIntegr=
ation.java
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-component=
/src/main/java/org/gatein/integration/wsrp/wss/JBoss5WSSServiceIntegration.=
java 2012-02-20 13:23:45 UTC (rev 8436)
+++ epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-component=
/src/main/java/org/gatein/integration/wsrp/wss/JBoss5WSSServiceIntegration.=
java 2012-02-20 16:39:02 UTC (rev 8437)
@@ -23,6 +23,7 @@
package org.gatein.integration.wsrp.wss;
=
import org.gatein.wsrp.wss.WebServiceSecurityFactory;
+import org.gatein.wsrp.wss.credentials.CredentialsAccessor;
import org.picocontainer.Startable;
import org.wsrp.wss.jboss5.handlers.consumer.JBWSSecurityHandlerWrapper;
import org.wsrp.wss.jboss5.handlers.consumer.WSSecurityCredentialHandler;
@@ -35,12 +36,13 @@
{
private final WebServiceSecurityFactory wssFactory;
=
- private final WSSecurityCredentialHandler WS_CREDENTIAL_HANDLER =3D new=
WSSecurityCredentialHandler();
+ private final WSSecurityCredentialHandler WS_CREDENTIAL_HANDLER;
private final JBWSSecurityHandlerWrapper JBWS_SECURITY_WRAPPER =3D new =
JBWSSecurityHandlerWrapper();
=
- public JBoss5WSSServiceIntegration()
+ public JBoss5WSSServiceIntegration(CredentialsAccessor credentialsAcces=
sor)
{
wssFactory =3D WebServiceSecurityFactory.getInstance();
+ WS_CREDENTIAL_HANDLER =3D new WSSecurityCredentialHandler(credential=
sAccessor);
}
=
public void start()
Modified: epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-ear=
-as5/src/main/application/lib/jboss5integration.jar/conf/configuration.xml
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-ear-as5/s=
rc/main/application/lib/jboss5integration.jar/conf/configuration.xml 2012-0=
2-20 13:23:45 UTC (rev 8436)
+++ epp/portal/branches/EPP_5_2_Branch/wsrp-integration/extension-ear-as5/s=
rc/main/application/lib/jboss5integration.jar/conf/configuration.xml 2012-0=
2-20 16:39:02 UTC (rev 8437)
@@ -28,6 +28,16 @@
xmlns=3D"http://www.exoplaform.org/xml/ns/kernel_1_1.xsd">
=
+ org.gatein.wsrp.wss.credentials.CredentialsAccessor
+
+
+
+
+
+ org.gatein.integration.wsrp.wss.ConversationStateCredentialsAc=
cessor
+
+
+
org.gatein.integration.wsrp.wss.JBoss5WSSServiceIntegration
=
--===============6335232176280505699==--