Author: mposolda
Date: 2012-01-09 10:29:23 -0500 (Mon, 09 Jan 2012)
New Revision: 8286
Added:
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/GenericAgent.java
Modified:
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/cas/CASAgent.java
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/josso/JOSSOAgent.java
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/opensso/OpenSSOAgent.java
Log:
GTNSSO-3 Port some common functionality into generic agent superclass
Added: components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/GenericAgent.java
===================================================================
--- components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/GenericAgent.java
(rev 0)
+++
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/GenericAgent.java 2012-01-09
15:29:23 UTC (rev 8286)
@@ -0,0 +1,54 @@
+/*
+ * JBoss, a division of Red Hat
+ * Copyright 2012, Red Hat Middleware, LLC, and individual
+ * contributors as indicated by the @authors tag. See the
+ * copyright.txt in the distribution for a full listing of
+ * individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+
+package org.gatein.sso.agent;
+
+import org.apache.log4j.Logger;
+import org.gatein.wci.security.Credentials;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+public abstract class GenericAgent
+{
+ private static Logger log = Logger.getLogger(GenericAgent.class);
+
+ protected void saveSSOCredentials(String username, HttpServletRequest httpRequest)
+ {
+ //Use empty password....it shouldn't be needed...this is a SSO login. The
password has
+ //already been presented with the SSO server. It should not be passed around for
+ //better security
+ Credentials credentials = new Credentials(username, "");
+
+ httpRequest.getSession().setAttribute(Credentials.CREDENTIALS, credentials);
+ httpRequest.getSession().setAttribute("username", username);
+
+ // This is needed for using default login module stack instead of SSOLoginModule.
In this case, GateIn authentication is done thanks to PortalLoginModule.
+ httpRequest.getSession().setAttribute("authenticatedCredentials",
credentials);
+
+ log.debug("Credentials of user " + username + " saved into HTTP
session.");
+ }
+
+}
Modified: components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/cas/CASAgent.java
===================================================================
---
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/cas/CASAgent.java 2012-01-09
14:52:42 UTC (rev 8285)
+++
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/cas/CASAgent.java 2012-01-09
15:29:23 UTC (rev 8286)
@@ -25,6 +25,7 @@
import javax.servlet.http.HttpServletRequest;
+import org.gatein.sso.agent.GenericAgent;
import org.gatein.wci.security.Credentials;
import org.jasig.cas.client.validation.Cas20ProxyTicketValidator;
import org.jasig.cas.client.validation.Assertion;
@@ -32,7 +33,7 @@
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
*/
-public class CASAgent
+public class CASAgent extends GenericAgent
{
private static Logger log = Logger.getLogger(CASAgent.class);
private static CASAgent singleton;
@@ -86,14 +87,8 @@
log.debug("Service: "+this.casServiceUrl);
log.debug("Principal: "+assertion.getPrincipal().getName());
log.debug("------------------------------------------------------------------------------------");
-
-
- //Use empty password....it shouldn't be needed...this is a SSO login. The
password has
- //already been presented with the SSO server. It should not be passed around for
- //better security
+
String principal = assertion.getPrincipal().getName();
- Credentials credentials = new Credentials(principal, "");
- httpRequest.getSession().setAttribute(Credentials.CREDENTIALS, credentials);
- httpRequest.getSession().setAttribute("username", principal);
+ this.saveSSOCredentials(principal, httpRequest);
}
}
Modified:
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/josso/JOSSOAgent.java
===================================================================
---
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/josso/JOSSOAgent.java 2012-01-09
14:52:42 UTC (rev 8285)
+++
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/josso/JOSSOAgent.java 2012-01-09
15:29:23 UTC (rev 8286)
@@ -26,6 +26,7 @@
import org.gatein.common.logging.Logger;
import org.gatein.common.logging.LoggerFactory;
+import org.gatein.sso.agent.GenericAgent;
import org.gatein.wci.security.Credentials;
import org.josso.agent.Lookup;
@@ -36,7 +37,7 @@
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
*/
-public class JOSSOAgent
+public class JOSSOAgent extends GenericAgent
{
private static Logger log = LoggerFactory.getLogger(JOSSOAgent.class);
private static JOSSOAgent singleton;
@@ -101,12 +102,7 @@
log.debug("Principal: " + principal);
log.debug("-----------------------------------------------------------");
- Credentials credentials = new Credentials(principal, "");
- httpRequest.getSession().setAttribute(Credentials.CREDENTIALS, credentials);
- httpRequest.getSession().setAttribute("username", principal);
-
- // TODO: this is needed for using default login module stack instead of
SSOLoginModule. Should be moved to some abstract superclass instead.
- httpRequest.getSession().setAttribute("authenticatedCredentials",
credentials);
+ this.saveSSOCredentials(principal, httpRequest);
}
}
Modified:
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/opensso/OpenSSOAgent.java
===================================================================
---
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/opensso/OpenSSOAgent.java 2012-01-09
14:52:42 UTC (rev 8285)
+++
components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/opensso/OpenSSOAgent.java 2012-01-09
15:29:23 UTC (rev 8286)
@@ -32,12 +32,13 @@
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.methods.PostMethod;
+import org.gatein.sso.agent.GenericAgent;
import org.gatein.wci.security.Credentials;
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
*/
-public class OpenSSOAgent
+public class OpenSSOAgent extends GenericAgent
{
private static Logger log = Logger.getLogger(OpenSSOAgent.class);
private static OpenSSOAgent singleton;
@@ -101,9 +102,7 @@
String subject = this.getSubject(token);
if(subject != null)
{
- Credentials credentials = new Credentials(subject, "");
- httpRequest.getSession().setAttribute(Credentials.CREDENTIALS, credentials);
- httpRequest.getSession().setAttribute("username", subject);
+ this.saveSSOCredentials(subject, httpRequest);
}
}
}