Author: sohil.shah(a)jboss.com Date: 2009-12-05 16:57:24 -0500 (Sat, 05 Dec 2009) New Revision: 941 Added: components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/opensso/ components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/opensso/OpenSSOAgent.java components/sso/trunk/agent/src/main/resources/ components/sso/trunk/gatein-opensso-plugin/src/main/config/plugin/ components/sso/trunk/gatein-opensso-plugin/src/main/config/plugin/config/ components/sso/trunk/gatein-opensso-plugin/src/main/config/plugin/config/auth/ components/sso/trunk/gatein-opensso-plugin/src/main/config/plugin/config/auth/default/ components/sso/trunk/gatein-opensso-plugin/src/main/config/plugin/config/auth/default/AuthenticationPlugin.xml Removed: components/sso/trunk/gatein-opensso-plugin/src/main/config/AuthenticationPlugin.xml components/sso/trunk/gatein-opensso-plugin/target/ Modified: components/sso/trunk/.classpath components/sso/trunk/agent/pom.xml components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/GenericSSOAgent.java components/sso/trunk/gatein-opensso-plugin/pom.xml components/sso/trunk/gatein-opensso-plugin/src/main/java/org/gatein/sso/opensso/plugin/AuthenticationPlugin.java components/sso/trunk/packaging/pom.xml components/sso/trunk/pom.xml Log: opensso integration (code backup for first successful run) Modified: components/sso/trunk/.classpath =================================================================== --- components/sso/trunk/.classpath 2009-12-05 10:22:20 UTC (rev 940) +++ components/sso/trunk/.classpath 2009-12-05 21:57:24 UTC (rev 941) @@ -7,18 +7,17 @@ <classpathentry kind="src" path="gatein-cas-plugin/src/main/java"/> <classpathentry kind="src" path="gatein-cas-plugin/src/test/java"/> <classpathentry kind="src" path="gatein-josso-plugin/src/main/java"/> - <!-- <classpathentry kind="src" path="gatein-opensso-plugin/src/main/java"/> --> + <classpathentry kind="src" path="gatein-opensso-plugin/src/main/java"/> <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/> <classpathentry kind="var" path="M2_REPO/org/jasig/cas/cas-server-core/3.3.4/cas-server-core-3.3.4.jar" sourcepath="M2_REPO/org/jasig/cas/cas-server-core/3.3.4/cas-server-core-3.3.4-sources.jar"/> <classpathentry kind="var" path="M2_REPO/apache-log4j/log4j/1.2.14/log4j-1.2.14.jar" sourcepath="M2_REPO/apache-log4j/log4j/1.2.14/log4j-1.2.14-sources.jar"/> <classpathentry kind="var" path="M2_REPO/javax/ws/rs/jsr311-api/1.0/jsr311-api-1.0.jar" sourcepath="M2_REPO/javax/ws/rs/jsr311-api/1.0/jsr311-api-1.0-sources.jar"/> <classpathentry kind="var" path="M2_REPO/picocontainer/picocontainer/1.1/picocontainer-1.1.jar"/> - <classpathentry kind="var" path="M2_REPO/commons-httpclient/commons-httpclient/3.1/commons-httpclient-3.1.jar"/> - <!-- + <classpathentry kind="var" path="M2_REPO/commons-httpclient/commons-httpclient/3.1/commons-httpclient-3.1.jar"/> <classpathentry kind="var" path="M2_REPO/opensso/amserver/8.0/amserver-8.0.jar"/> <classpathentry kind="var" path="M2_REPO/opensso/opensso/8.0/opensso-8.0.jar"/> - --> + <classpathentry kind="var" path="M2_REPO/opensso/openssoclientsdk/8.0/openssoclientsdk-8.0.jar"/> <classpathentry kind="var" path="M2_REPO/javax/servlet/servlet-api/2.5/servlet-api-2.5.jar" sourcepath="M2_REPO/javax/servlet/servlet-api/2.5/servlet-api-2.5-sources.jar"/> <classpathentry kind="var" path="M2_REPO/org/jasig/cas/cas-client-core/3.1.9/cas-client-core-3.1.9.jar"/> <classpathentry kind="var" path="M2_REPO/org/josso/josso-basic-authscheme/1.8.1/josso-basic-authscheme-1.8.1.jar"/> Modified: components/sso/trunk/agent/pom.xml =================================================================== --- components/sso/trunk/agent/pom.xml 2009-12-05 10:22:20 UTC (rev 940) +++ components/sso/trunk/agent/pom.xml 2009-12-05 21:57:24 UTC (rev 941) @@ -37,6 +37,11 @@ <artifactId>exo.core.component.organization.api</artifactId> </dependency> + <dependency> + <groupId>commons-httpclient</groupId> + <artifactId>commons-httpclient</artifactId> + </dependency> + <dependency> <groupId>org.jasig.cas</groupId> <artifactId>cas-client-core</artifactId> @@ -57,7 +62,7 @@ <dependency> <groupId>org.josso</groupId> <artifactId>josso-protocol-client</artifactId> - </dependency> + </dependency> </dependencies> <build> Modified: components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/GenericSSOAgent.java =================================================================== --- components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/GenericSSOAgent.java 2009-12-05 10:22:20 UTC (rev 940) +++ components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/GenericSSOAgent.java 2009-12-05 21:57:24 UTC (rev 941) @@ -32,6 +32,7 @@ import org.exoplatform.web.login.InitiateLoginServlet; import org.gatein.sso.agent.cas.CASAgent; +import org.gatein.sso.agent.opensso.OpenSSOAgent; /** * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> @@ -87,5 +88,10 @@ { //TODO: fix the JOSSO Agent. This will need to the new client side JOSSO stack that can run on 5.1.0.GA } - } + else + { + //See if an OpenSSO Token was used + OpenSSOAgent.getInstance().validateTicket(httpRequest); + } + } } Added: components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/opensso/OpenSSOAgent.java =================================================================== --- components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/opensso/OpenSSOAgent.java (rev 0) +++ components/sso/trunk/agent/src/main/java/org/gatein/sso/agent/opensso/OpenSSOAgent.java 2009-12-05 21:57:24 UTC (rev 941) @@ -0,0 +1,184 @@ +/* +* JBoss, a division of Red Hat +* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.gatein.sso.agent.opensso; + +import java.util.Properties; + +import org.apache.log4j.Logger; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.Cookie; + +import org.apache.commons.httpclient.HttpClient; +import org.apache.commons.httpclient.methods.GetMethod; +import org.apache.commons.httpclient.methods.PostMethod; +import org.exoplatform.web.security.Credentials; +import org.gatein.sso.agent.GenericSSOAgent; + +/** + * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> + */ +public class OpenSSOAgent +{ + private static Logger log = Logger.getLogger(OpenSSOAgent.class); + private static OpenSSOAgent singleton; + + private String cookieName; + private String openSSOUrl; + + private OpenSSOAgent() + { + //TODO: make this part of externally configured properties + this.cookieName = "iPlanetDirectoryPro"; + this.openSSOUrl = "http://localhost:8888/opensso"; + } + + public static OpenSSOAgent getInstance() + { + if(OpenSSOAgent.singleton == null) + { + synchronized(OpenSSOAgent.class) + { + if(OpenSSOAgent.singleton == null) + { + OpenSSOAgent.singleton = new OpenSSOAgent(); + } + } + } + return OpenSSOAgent.singleton; + } + + public String getCookieName() + { + return cookieName; + } + + public void setCookieName(String cookieName) + { + this.cookieName = cookieName; + } + + public String getOpenSSOUrl() + { + return openSSOUrl; + } + + public void setOpenSSOUrl(String openSSOUrl) + { + this.openSSOUrl = openSSOUrl; + } + + public void validateTicket(HttpServletRequest httpRequest) throws Exception + { + String token = null; + Cookie[] cookies = httpRequest.getCookies(); + for(Cookie cookie: cookies) + { + if(cookie.getName().equals(this.cookieName)) + { + token = cookie.getValue(); + break; + } + } + + if(token != null) + { + boolean isValid = this.isTokenValid(token); + + if(!isValid) + { + throw new IllegalStateException("OpenSSO Token is not valid!!"); + } + + String subject = this.getSubject(token); + if(subject != null) + { + Credentials credentials = new Credentials(subject, ""); + httpRequest.getSession().setAttribute(GenericSSOAgent.CREDENTIALS, credentials); + } + } + } + + private boolean isTokenValid(String token) throws Exception + { + HttpClient client = new HttpClient(); + PostMethod post = null; + try + { + String url = this.openSSOUrl+"/identity/isTokenValid"; + post = new PostMethod(url); + post.addParameter("tokenid", token); + + int status = client.executeMethod(post); + String response = post.getResponseBodyAsString(); + + log.info("-------------------------------------------------------"); + log.info("Status: "+status); + log.info("Response: "+response); + log.info("-------------------------------------------------------"); + + if(response.contains(Boolean.TRUE.toString())) + { + return true; + } + + return false; + } + finally + { + if(post != null) + { + post.releaseConnection(); + } + } + } + + private String getSubject(String token) throws Exception + { + HttpClient client = new HttpClient(); + PostMethod post = null; + try + { + String url = this.openSSOUrl+"/identity/attributes"; + post = new PostMethod(url); + post.addParameter("subjectid", token); + post.addParameter("attributes_names", "uid"); + + int status = client.executeMethod(post); + String response = post.getResponseBodyAsString(); + + log.debug("Must Just Read the uid attribute-------------------------------------------------------"); + log.debug("Status: "+status); + log.debug("Response: "+response); + + + return "demo"; + } + finally + { + if(post != null) + { + post.releaseConnection(); + } + } + } +} Modified: components/sso/trunk/gatein-opensso-plugin/pom.xml =================================================================== --- components/sso/trunk/gatein-opensso-plugin/pom.xml 2009-12-05 10:22:20 UTC (rev 940) +++ components/sso/trunk/gatein-opensso-plugin/pom.xml 2009-12-05 21:57:24 UTC (rev 941) @@ -23,7 +23,11 @@ <dependency> <groupId>opensso</groupId> <artifactId>amserver</artifactId> - </dependency> + </dependency> + <dependency> + <groupId>commons-httpclient</groupId> + <artifactId>commons-httpclient</artifactId> + </dependency> </dependencies> <build> Deleted: components/sso/trunk/gatein-opensso-plugin/src/main/config/AuthenticationPlugin.xml =================================================================== --- components/sso/trunk/gatein-opensso-plugin/src/main/config/AuthenticationPlugin.xml 2009-12-05 10:22:20 UTC (rev 940) +++ components/sso/trunk/gatein-opensso-plugin/src/main/config/AuthenticationPlugin.xml 2009-12-05 21:57:24 UTC (rev 941) @@ -1,20 +0,0 @@ -<?xml version='1.0' encoding="UTF-8"?> - -<!DOCTYPE ModuleProperties PUBLIC "=//iPlanet//Authentication Module Properties XML Interface 1.0 DTD//EN" - "jar://com/sun/identity/authentication/Auth_Module_Properties.dtd"> - -<ModuleProperties moduleName="AuthenticationPlugin" version="1.0" > - <Callbacks length="2" order="1" timeout="60" - header="GateIn OpenSSO Login" > - <NameCallback> - <Prompt> - Username - </Prompt> - </NameCallback> - <PasswordCallback echoPassword="false" > - <Prompt> - Password - </Prompt> - </PasswordCallback> - </Callbacks> -</ModuleProperties> Added: components/sso/trunk/gatein-opensso-plugin/src/main/config/plugin/config/auth/default/AuthenticationPlugin.xml =================================================================== --- components/sso/trunk/gatein-opensso-plugin/src/main/config/plugin/config/auth/default/AuthenticationPlugin.xml (rev 0) +++ components/sso/trunk/gatein-opensso-plugin/src/main/config/plugin/config/auth/default/AuthenticationPlugin.xml 2009-12-05 21:57:24 UTC (rev 941) @@ -0,0 +1,20 @@ +<?xml version='1.0' encoding="UTF-8"?> + +<!DOCTYPE ModuleProperties PUBLIC "=//iPlanet//Authentication Module Properties XML Interface 1.0 DTD//EN" + "jar://com/sun/identity/authentication/Auth_Module_Properties.dtd"> + +<ModuleProperties moduleName="AuthenticationPlugin" version="1.0" > + <Callbacks length="2" order="1" timeout="60" + header="GateIn OpenSSO Login" > + <NameCallback> + <Prompt> + Username + </Prompt> + </NameCallback> + <PasswordCallback echoPassword="false" > + <Prompt> + Password + </Prompt> + </PasswordCallback> + </Callbacks> +</ModuleProperties> Modified: components/sso/trunk/gatein-opensso-plugin/src/main/java/org/gatein/sso/opensso/plugin/AuthenticationPlugin.java =================================================================== --- components/sso/trunk/gatein-opensso-plugin/src/main/java/org/gatein/sso/opensso/plugin/AuthenticationPlugin.java 2009-12-05 10:22:20 UTC (rev 940) +++ components/sso/trunk/gatein-opensso-plugin/src/main/java/org/gatein/sso/opensso/plugin/AuthenticationPlugin.java 2009-12-05 21:57:24 UTC (rev 941) @@ -1,24 +1,24 @@ /* -* JBoss, a division of Red Hat -* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated -* by the @authors tag. See the copyright.txt in the distribution for a -* full listing of individual contributors. -* -* This is free software; you can redistribute it and/or modify it -* under the terms of the GNU Lesser General Public License as -* published by the Free Software Foundation; either version 2.1 of -* the License, or (at your option) any later version. -* -* This software is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -* Lesser General Public License for more details. -* -* You should have received a copy of the GNU Lesser General Public -* License along with this software; if not, write to the Free -* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA -* 02110-1301 USA, or see the FSF site: http://www.fsf.org. -*/ + * JBoss, a division of Red Hat + * Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ package org.gatein.sso.opensso.plugin; import java.util.Map; @@ -28,7 +28,8 @@ import javax.security.auth.callback.NameCallback; import javax.security.auth.callback.PasswordCallback; -import org.apache.log4j.Logger; +import org.apache.commons.httpclient.HttpClient; +import org.apache.commons.httpclient.methods.GetMethod; import com.sun.identity.authentication.spi.AMLoginModule; import com.sun.identity.authentication.spi.AuthLoginException; @@ -39,43 +40,140 @@ */ public class AuthenticationPlugin extends AMLoginModule { - private static Logger log = Logger.getLogger(AuthenticationPlugin.class); - + private String gateInHost; + private String gateInPort; + private String gateInContext; + + public String getGateInHost() + { + return gateInHost; + } + + public void setGateInHost(String gateInHost) + { + this.gateInHost = gateInHost; + } + + public String getGateInPort() + { + return gateInPort; + } + + public void setGateInPort(String gateInPort) + { + this.gateInPort = gateInPort; + } + + public String getGateInContext() + { + return gateInContext; + } + + public void setGateInContext(String gateInContext) + { + this.gateInContext = gateInContext; + } + public AuthenticationPlugin() { - + } - - public void init(Subject subject, Map sharedState, Map options) + + public void init(Subject subject, Map sharedState, Map options) { - + //TODO: make this configurable + this.gateInHost = "localhost"; + this.gateInPort = "8080"; + this.gateInContext = "portal"; } + + public int process(Callback[] callbacks, int state) throws AuthLoginException + { + try + { + System.out.println("---------------------------------------------------------------------"); + System.out.println("Performing GateIn Login.............................................."); + System.out.println("---------------------------------------------------------------------"); - public int process(Callback[] callbacks, int state) throws AuthLoginException - { - System.out.println("---------------------------------------------------------------------"); - System.out.println("Performing GateIn Login.............................................."); - System.out.println("---------------------------------------------------------------------"); - - for(int i=0; i<callbacks.length; i++) + String username = null; + String password = null; + for (int i = 0; i < callbacks.length; i++) + { + Callback callback = callbacks[i]; + + if (callback instanceof NameCallback) + { + username = ((NameCallback) callback).getName(); + System.out.println("Username: " + username); + } + else if (callback instanceof PasswordCallback) + { + password = new String(((PasswordCallback) callback).getPassword()); + System.out.println("Password: " + password); + } + } + + StringBuilder urlBuffer = new StringBuilder(); + urlBuffer.append("http://" + this.gateInHost + ":" + this.gateInPort + "/" + + this.gateInContext + "/rest/sso/authcallback/auth/" + username + "/" + + password); + + System.out.println("-------------------------------------------------------------------"); + System.out.println("REST Request=" + urlBuffer.toString()); + System.out.println("-------------------------------------------------------------------"); + + System.out.println("About to execute REST call........"); + boolean success = this.executeRemoteCall(urlBuffer.toString()); + + System.out.println("REST Call was a success....("+success+")"); + + return ISAuthConstants.LOGIN_SUCCEED; + } + catch(Throwable e) { - Callback callback = callbacks[i]; - - if(callback instanceof NameCallback) + System.out.println("------------------------------------------------------"); + System.out.println("Exception :"+e.toString()); + System.out.println("Message :"+e.getMessage()); + System.out.println("------------------------------------------------------"); + e.printStackTrace(); + throw new AuthLoginException(e); + } + } + + public Principal getPrincipal() + { + return new GateInPrincipal("demo"); + } + + private boolean executeRemoteCall(String authUrl) throws Exception + { + HttpClient client = new HttpClient(); + GetMethod method = null; + try + { + method = new GetMethod(authUrl); + + int status = client.executeMethod(method); + String response = method.getResponseBodyAsString(); + + switch (status) { - System.out.println("Username: "+((NameCallback)callback).getName()); + case 200: + if (response.equals(Boolean.TRUE.toString())) + { + return true; + } + break; } - else if(callback instanceof PasswordCallback) + + return false; + } + finally + { + if (method != null) { - System.out.println("Password: "+new String(((PasswordCallback)callback).getPassword())); + method.releaseConnection(); } } - - return ISAuthConstants.LOGIN_SUCCEED; - } - - public Principal getPrincipal() - { - return new GateInPrincipal("user"); - } + } } Modified: components/sso/trunk/packaging/pom.xml =================================================================== --- components/sso/trunk/packaging/pom.xml 2009-12-05 10:22:20 UTC (rev 940) +++ components/sso/trunk/packaging/pom.xml 2009-12-05 21:57:24 UTC (rev 941) @@ -14,6 +14,7 @@ <modules> <module>cas</module> + <module>opensso</module> </modules> </project> Modified: components/sso/trunk/pom.xml =================================================================== --- components/sso/trunk/pom.xml 2009-12-05 10:22:20 UTC (rev 940) +++ components/sso/trunk/pom.xml 2009-12-05 21:57:24 UTC (rev 941) @@ -31,7 +31,7 @@ <module>auth-callback</module> <module>gatein-cas-plugin</module> <module>gatein-josso-plugin</module> - <!-- <module>gatein-opensso-plugin</module> --> + <module>gatein-opensso-plugin</module> <module>packaging</module> </modules> @@ -102,7 +102,7 @@ <groupId>opensso</groupId> <artifactId>amserver</artifactId> <version>${version.opensso}</version> - </dependency> + </dependency> <!-- josso --> <dependency>