[gatein-commits] gatein SVN: r4654 - in portal/branches/wci: component/web/security/src/main/java/org/exoplatform/web/security/security and 1 other directories.

Wednesday, 13 October 2010


Author: alain_defrance
Date: 2010-10-13 09:49:59 -0400 (Wed, 13 Oct 2010)
New Revision: 4654

Added:
  
portal/branches/wci/component/web/security/src/main/java/org/exoplatform/web/security/security/TicketConfiguration.java
Modified:
  
portal/branches/wci/component/web/security/src/main/java/org/exoplatform/web/login/InitiateLoginServlet.java
  
portal/branches/wci/component/web/security/src/main/java/org/exoplatform/web/login/RememberMeFilter.java
  
portal/branches/wci/web/portal/src/main/webapp/WEB-INF/conf/common/autologin-configuration.xml
Log:
Some bugs fixed

Modified:
portal/branches/wci/component/web/security/src/main/java/org/exoplatform/web/login/InitiateLoginServlet.java
===================================================================
---
portal/branches/wci/component/web/security/src/main/java/org/exoplatform/web/login/InitiateLoginServlet.java	2010-10-13
13:46:15 UTC (rev 4653)
+++
portal/branches/wci/component/web/security/src/main/java/org/exoplatform/web/login/InitiateLoginServlet.java	2010-10-13
13:49:59 UTC (rev 4654)
@@ -22,6 +22,7 @@
 import org.exoplatform.container.web.AbstractHttpServlet;
 import org.exoplatform.web.security.security.AbstractTokenService;
 import org.exoplatform.web.security.security.CookieTokenService;
+import org.exoplatform.web.security.security.TicketConfiguration;
 import org.gatein.common.logging.Logger;
 import org.gatein.common.logging.LoggerFactory;
 import org.gatein.wci.authentication.AuthenticationResult;
@@ -53,6 +54,10 @@
    /** . */
    public static final String COOKIE_NAME = "rememberme";
 
+   /** . */
+   public static final long LOGIN_VALIDITY =
+           1000 *
TicketConfiguration.getInstance(TicketConfiguration.class).getValidityTime();
+
    @Override
    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws
ServletException, IOException
    {
@@ -106,7 +111,7 @@
       {
          // WCI authentication
          AuthenticationResult result =
DefaultServletContainerFactory.getInstance().getServletContainer()
-            .login(req, resp, credentials.getUsername(), credentials.getPassword());
+            .login(req, resp, credentials.getUsername(), credentials.getPassword(),
LOGIN_VALIDITY);
 
          log.debug("Login initiated with credentials in session, performing
authentication");
          if (result instanceof GenericAuthenticationResult)

Modified:
portal/branches/wci/component/web/security/src/main/java/org/exoplatform/web/login/RememberMeFilter.java
===================================================================
---
portal/branches/wci/component/web/security/src/main/java/org/exoplatform/web/login/RememberMeFilter.java	2010-10-13
13:46:15 UTC (rev 4653)
+++
portal/branches/wci/component/web/security/src/main/java/org/exoplatform/web/login/RememberMeFilter.java	2010-10-13
13:49:59 UTC (rev 4654)
@@ -25,10 +25,6 @@
 import org.gatein.common.logging.Logger;
 import org.gatein.common.logging.LoggerFactory;
 import org.gatein.common.text.FastURLEncoder;
-import org.gatein.wci.authentication.AuthenticationResult;
-import org.gatein.wci.authentication.GenericAuthenticationResult;
-import org.gatein.wci.authentication.ProgrammaticAuthenticationResult;
-import org.gatein.wci.impl.DefaultServletContainerFactory;
 import org.gatein.wci.security.Credentials;
 
 import javax.servlet.*;
@@ -64,7 +60,6 @@
          String token = InitiateLoginServlet.getRememberMeTokenCookie(req);
          if (token != null)
          {
-            String s = privateUri(req);
             
             ExoContainer container = getContainer();
             Object o =
@@ -72,25 +67,23 @@
                token, false);
             if (o instanceof Credentials)
             {
-               Credentials credentials = (Credentials) o;
-               AuthenticationResult result =
DefaultServletContainerFactory.getInstance().getServletContainer()
-                  .login(req, resp, credentials.getUsername(),
credentials.getPassword());
-               if (result instanceof GenericAuthenticationResult)
-               {
-                  ((GenericAuthenticationResult) result).perform(req, resp);
-                  resp.sendRedirect(s);
-               }
-               else if (result instanceof ProgrammaticAuthenticationResult)
-               {
-                  resp.sendRedirect(s);
-               }
-               return;
+               req.getSession().setAttribute(Credentials.CREDENTIALS, o);
+               resp.sendRedirect(resp.encodeRedirectURL(
+                     loginUrl(
+                           req.getContextPath(),
+                           privateUri(req)
+                     )
+               ));
+               resp.flushBuffer();
             }
          }
       }
 
       //
-      chain.doFilter(req, resp);
+      if (!resp.isCommitted())
+      {
+         chain.doFilter(req, resp);
+      }
    }
 
    public void destroy()
@@ -122,4 +115,12 @@
       }
       return builder.toString();
    }
+
+   private String loginUrl(String context, String initUrl)
+   {
+      return String.format(
+            "%s/login?initialURI=%s",
+            context, initUrl
+      );
+   }
 }

Added:
portal/branches/wci/component/web/security/src/main/java/org/exoplatform/web/security/security/TicketConfiguration.java
===================================================================
---
portal/branches/wci/component/web/security/src/main/java/org/exoplatform/web/security/security/TicketConfiguration.java	
                       (rev 0)
+++
portal/branches/wci/component/web/security/src/main/java/org/exoplatform/web/security/security/TicketConfiguration.java	2010-10-13
13:49:59 UTC (rev 4654)
@@ -0,0 +1,76 @@
+/*
+* Copyright (C) 2003-2009 eXo Platform SAS.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+
+package org.exoplatform.web.security.security;
+
+import org.exoplatform.container.xml.InitParams;
+import org.exoplatform.management.annotations.Managed;
+import org.exoplatform.web.security.GateInToken;
+import org.gatein.wci.security.Credentials;
+import sun.reflect.generics.reflectiveObjects.NotImplementedException;
+
+/**
+ * This class is only used to get validity form configuration.
+ * 
+ * @author <a href="mailto:alain.defrance@exoplatform.com">Alain
Defrance</a>
+ * @version $Revision$
+ */
+public class TicketConfiguration extends AbstractTokenService<GateInToken, String>
+{
+
+   public TicketConfiguration(InitParams initParams)
+   {
+      super(initParams);
+   }
+
+   @Override
+   public GateInToken getToken(String id)
+   {
+      throw new NotImplementedException();
+   }
+
+   @Override
+   public GateInToken deleteToken(String id)
+   {
+      throw new NotImplementedException();
+   }
+
+   @Override
+   public String[] getAllTokens()
+   {
+      throw new NotImplementedException();
+   }
+
+   @Override
+   protected String decodeKey(String stringKey)
+   {
+      throw new NotImplementedException();
+   }
+
+   @Override
+   public long size() throws Exception
+   {
+      throw new NotImplementedException();
+   }
+
+   public String createToken(Credentials credentials) throws IllegalArgumentException,
NullPointerException
+   {
+      throw new NotImplementedException();
+   }
+}

Modified:
portal/branches/wci/web/portal/src/main/webapp/WEB-INF/conf/common/autologin-configuration.xml
===================================================================
---
portal/branches/wci/web/portal/src/main/webapp/WEB-INF/conf/common/autologin-configuration.xml	2010-10-13
13:46:15 UTC (rev 4653)
+++
portal/branches/wci/web/portal/src/main/webapp/WEB-INF/conf/common/autologin-configuration.xml	2010-10-13
13:49:59 UTC (rev 4654)
@@ -39,18 +39,18 @@
     </init-params>
   </component>
 
-  <!--<component>
-    <key>org.exoplatform.web.security.security.TransientTokenService</key>
-    <type>org.exoplatform.web.security.security.TransientTokenService</type>
+  <component>
+    <key>org.exoplatform.web.security.security.TicketConfiguration</key>
+    <type>org.exoplatform.web.security.security.TicketConfiguration</type>
     <init-params>
     		<values-param>
           <name>service.configuration</name>
-          <value>memory-token</value>
+          <value>wci-ticket</value>
           <value>1</value>
         	<value>MINUTE</value>
         </values-param>
     </init-params>
-  </component>-->
+  </component>
 
   <external-component-plugins>
    
<target-component>org.exoplatform.commons.chromattic.ChromatticManager</target-component>


    

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

[gatein-commits] gatein SVN: r4654 - in portal/branches/wci: component/web/security/src/main/java/org/exoplatform/web/security/security and 1 other directories.