Author: bdaw
Date: 2008-05-26 03:24:48 -0400 (Mon, 26 May 2008)
New Revision: 10817
Added:
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/aspects/server/IdentityCacheInterceptor.java
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/identity/cache/
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/identity/cache/CachedLDAPRoleModuleWrapper.java
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/identity/cache/CachedLDAPUserModuleWrapper.java
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/identity/cache/CachedUserProfileModuleWrapper.java
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/identity/cache/IdentityCacheService.java
Modified:
branches/JBoss_Portal_Branch_2_7/cms/src/main/org/jboss/portal/cms/security/AuthorizationProviderImpl.java
branches/JBoss_Portal_Branch_2_7/core-identity/src/main/org/jboss/portal/core/identity/ui/common/IdentityUserBean.java
branches/JBoss_Portal_Branch_2_7/core-identity/src/resources/portal-identity-war/WEB-INF/portlet.xml
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/identity/service/IdentityServiceControllerImpl.java
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/model/portal/command/render/RenderPageCommand.java
branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/META-INF/jboss-service.xml
branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/conf/identity/ldap_identity-config.xml
branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/conf/identity/profile-config.xml
branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/conf/identity/standardidentity-config.xml
branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/conf/login-config.xml
Log:
Syncing changes from 2.6 branch
Modified:
branches/JBoss_Portal_Branch_2_7/cms/src/main/org/jboss/portal/cms/security/AuthorizationProviderImpl.java
===================================================================
---
branches/JBoss_Portal_Branch_2_7/cms/src/main/org/jboss/portal/cms/security/AuthorizationProviderImpl.java 2008-05-26
05:42:41 UTC (rev 10816)
+++
branches/JBoss_Portal_Branch_2_7/cms/src/main/org/jboss/portal/cms/security/AuthorizationProviderImpl.java 2008-05-26
07:24:48 UTC (rev 10817)
@@ -30,7 +30,6 @@
import org.jboss.portal.identity.IdentityContext;
import org.jboss.portal.identity.IdentityServiceController;
import org.jboss.portal.identity.IdentityConfiguration;
-import org.jboss.portal.identity.IdentityContext;
import org.jboss.portal.identity.IdentityException;
import org.jboss.portal.identity.MembershipModule;
import org.jboss.portal.identity.Role;
@@ -42,11 +41,16 @@
import org.jboss.portal.security.spi.provider.PermissionFactory;
import org.jboss.portal.security.spi.provider.PermissionRepository;
import org.jboss.portal.security.spi.provider.SecurityConfigurationException;
+import org.jboss.portal.security.impl.jacc.JACCPortalPrincipal;
+import javax.security.auth.Subject;
+import javax.security.jacc.PolicyContext;
+import javax.security.jacc.PolicyContextException;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
+import java.security.Principal;
/**
* Created on : Jan 23, 2007
@@ -61,9 +65,11 @@
private MembershipModule membershipModule = null;
private UserModule userModule = null;
-
+
private String cmsRootUserName = null;
+ private User adminUser = null;
+
/**
*
*/
@@ -110,9 +116,9 @@
{
return this.getClass().getName();
}
-
+
/**
- *
+ *
* @return
*/
public String getCmsRootUserName()
@@ -121,7 +127,7 @@
}
/**
- *
+ *
* @param cmsRootUserName
*/
public void setCmsRootUserName(String cmsRootUserName)
@@ -207,33 +213,40 @@
return permissions;
}
-
+
/**
- *
+ *
*/
public User getRoot()
{
- Session session = Tools.getOpenSession();
- Transaction tx = session.beginTransaction();
- try
+
+ if (adminUser == null)
{
- User cmsRoot = this.userModule.findUserByUserName(this.cmsRootUserName);
- tx.commit();
- return cmsRoot;
+ Session session = Tools.getOpenSession();
+ Transaction tx = session.beginTransaction();
+ try
+ {
+ adminUser = this.userModule.findUserByUserName(this.cmsRootUserName);
+ tx.commit();
+ }
+ catch(Exception e)
+ {
+ tx.rollback();
+ throw new RuntimeException(e);
+ }
+ finally
+ {
+ Tools.closeSession(session);
+ }
}
- catch(Exception e)
- {
- tx.rollback();
- throw new RuntimeException(e);
- }
- finally
- {
- Tools.closeSession(session);
- }
+
+ return adminUser;
+
+
}
-
+
/**
- *
+ *
* @return
*/
public String getDefaultAdminRole()
@@ -241,11 +254,11 @@
try
{
String defaultAdminRole = null;
-
+
IdentityConfiguration configuration =
(IdentityConfiguration)this.identityServiceController.getIdentityContext().
getObject(IdentityContext.TYPE_IDENTITY_CONFIGURATION);
defaultAdminRole =
configuration.getValue(IdentityConfiguration.ROLE_DEFAULT_ADMIN_ROLE);
-
+
return defaultAdminRole;
}
catch(IdentityException ie)
@@ -435,17 +448,21 @@
}
else
{
+
+
// in the case of LDAP use the IdentityModule
// now find permissions for all the roles that this user belongs to
- Set belongedRoles = this.membershipModule.getRoles(this.userModule
- .findUserByUserName(userId));
+ //Set belongedRoles = this.membershipModule.getRoles(this.userModule
+ // .findUserByUserName(userId));
+
+ Set belongedRoles = getCurrentRoles();
+
if (belongedRoles != null)
{
for (Iterator itr = belongedRoles.iterator(); itr.hasNext();)
{
- Role role = (Role)itr.next();
- Collection rolePermissions = this.findPermissionsByRole(role
- .getName());
+ String role = (String)itr.next();
+ Collection rolePermissions = this.findPermissionsByRole(role);
if (rolePermissions != null && !rolePermissions.isEmpty())
{
permissions.addAll(rolePermissions);
@@ -453,7 +470,7 @@
}
}
}
-
+
tx.commit();
return permissions;
@@ -490,7 +507,7 @@
roleQuery.setString(0, roleId);
roleQuery.setCacheable(true);
permissions.addAll(roleQuery.list());
-
+
tx.commit();
}
catch (Exception e)
@@ -528,7 +545,7 @@
criteriaQuery.setString(1, criteria.getValue());
criteriaQuery.setCacheable(true);
permissions.addAll(criteriaQuery.list());
-
+
tx.commit();
}
catch (Exception e)
@@ -543,4 +560,39 @@
return permissions;
}
+
+ private Set getCurrentRoles() throws PolicyContextException
+ {
+ Set<String> roles = new HashSet<String>();
+
+ // Get the current authenticated subject through the JACC contract
+ Subject subject =
(Subject)PolicyContext.getContext("javax.security.auth.Subject.container");
+
+ if (subject != null)
+ {
+ Set tmp = subject.getPrincipals(JACCPortalPrincipal.class);
+ JACCPortalPrincipal pp = null;
+ for (Iterator i = tmp.iterator(); i.hasNext();)
+ {
+ pp = (JACCPortalPrincipal)i.next();
+ if (pp != null)
+ {
+ break;
+ }
+ }
+ if (pp == null)
+ {
+ pp = new JACCPortalPrincipal(subject);
+ tmp.add(pp);
+
+ // Lazy create all the permission containers for the given role names
+ for (Iterator i = pp.getRoles().iterator(); i.hasNext();)
+ {
+ Principal role = (Principal)i.next();
+ roles.add(role.getName());
+ }
+ }
+ }
+ return roles;
+ }
}
Added:
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/aspects/server/IdentityCacheInterceptor.java
===================================================================
---
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/aspects/server/IdentityCacheInterceptor.java
(rev 0)
+++
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/aspects/server/IdentityCacheInterceptor.java 2008-05-26
07:24:48 UTC (rev 10817)
@@ -0,0 +1,88 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+
+package org.jboss.portal.core.aspects.server;
+
+import org.jboss.portal.core.identity.cache.IdentityCacheService;
+import org.jboss.portal.server.ServerInterceptor;
+import org.jboss.portal.server.ServerInvocation;
+import org.jboss.portal.common.invocation.InvocationException;
+import org.jboss.logging.Logger;
+
+import javax.naming.InitialContext;
+import javax.naming.NamingException;
+
+/**
+ * @author <a href="mailto:boleslaw dot dawidowicz at redhat anotherdot
com">Boleslaw Dawidowicz</a>
+ * @version : 0.1 $
+ */
+public class IdentityCacheInterceptor extends ServerInterceptor
+{
+
+ /** Our logger. */
+ private static final Logger log = Logger.getLogger(IdentityCacheInterceptor.class);
+
+ private IdentityCacheService identityCacheService;
+
+ public IdentityCacheService getIdentityCacheService()
+ {
+ if (identityCacheService == null)
+ {
+ try
+ {
+ identityCacheService = (IdentityCacheService)new
InitialContext().lookup(IdentityCacheService.JNDI_NAME);
+ }
+ catch (NamingException e)
+ {
+ log.debug("Could not obtain IdentityCacheService. Setting empty
wrapper");
+ identityCacheService = new EmptyIdentityCache();
+ }
+ }
+ return identityCacheService;
+ }
+
+ protected void invoke(ServerInvocation invocation) throws Exception,
InvocationException
+ {
+
+ try
+ {
+ invocation.invokeNext();
+ }
+ finally
+ {
+ IdentityCacheService cache = getIdentityCacheService();
+ if (cache != null)
+ {
+ cache.cleanup();
+ }
+ }
+
+ }
+
+ private class EmptyIdentityCache extends IdentityCacheService
+ {
+ public void cleanup()
+ {
+ // Do nothing
+ }
+ }
+}
Added:
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/identity/cache/CachedLDAPRoleModuleWrapper.java
===================================================================
---
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/identity/cache/CachedLDAPRoleModuleWrapper.java
(rev 0)
+++
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/identity/cache/CachedLDAPRoleModuleWrapper.java 2008-05-26
07:24:48 UTC (rev 10817)
@@ -0,0 +1,161 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+
+package org.jboss.portal.core.identity.cache;
+
+import org.jboss.portal.identity.ldap.LDAPRoleModule;
+import org.jboss.portal.identity.ldap.LDAPRoleImpl;
+import org.jboss.portal.identity.RoleModule;
+import org.jboss.portal.identity.Role;
+import org.jboss.portal.identity.IdentityException;
+
+import javax.naming.NamingException;
+import javax.naming.directory.Attributes;
+import java.util.Set;
+import java.util.List;
+import java.util.HashSet;
+
+/**
+ * @author <a href="mailto:boleslaw dot dawidowicz at redhat anotherdot
com">Boleslaw Dawidowicz</a>
+ * @version : 0.1 $
+ */
+public class CachedLDAPRoleModuleWrapper extends LDAPRoleModule implements RoleModule
+{
+ private LDAPRoleModule ldapRoleModule;
+
+ private IdentityCacheService cacheService;
+
+ public CachedLDAPRoleModuleWrapper(LDAPRoleModule ldapRoleModule, IdentityCacheService
cacheService)
+ {
+ this.ldapRoleModule = ldapRoleModule;
+ this.cacheService = cacheService;
+ }
+
+ public Role findRoleByName(String name) throws IdentityException,
IllegalArgumentException
+ {
+ Role role = cacheService.findRoleByName(name);
+
+ if (role != null)
+ {
+ return role;
+ }
+
+ return ldapRoleModule.findRoleByName(name);
+ }
+
+ public Set findRolesByNames(String[] names) throws IdentityException,
IllegalArgumentException
+ {
+
+ //Check if all roles needed are in cache. If not just delegate to the wrapped
module
+ Set roles = new HashSet();
+
+ for (String name : names)
+ {
+ Role role = cacheService.findRoleByName(name);
+ if (role != null)
+ {
+ roles.add(role);
+ }
+ else
+ {
+ roles = ldapRoleModule.findRolesByNames(names);
+ break;
+ }
+ }
+
+ return roles;
+ }
+
+ public Role findRoleById(Object id) throws IdentityException,
IllegalArgumentException
+ {
+ Role role = cacheService.findRoleById(id);
+
+ if (role != null)
+ {
+ return role;
+ }
+
+ return ldapRoleModule.findRoleById(id);
+ }
+
+ public Role findRoleById(String id) throws IdentityException,
IllegalArgumentException
+ {
+ return this.findRoleById((Object)id);
+ }
+
+ public Role createRole(String name, String displayName) throws IdentityException,
IllegalArgumentException
+ {
+ Role role = ldapRoleModule.createRole(name, displayName);
+
+ cacheService.storeRole(role);
+
+ return role;
+ }
+
+ public void removeRole(Object id) throws IdentityException, IllegalArgumentException
+ {
+ ldapRoleModule.removeRole(id);
+
+ // Invalidate this role in cache
+ Role role = cacheService.findRoleById(id);
+ if (role != null)
+ {
+ cacheService.invalidateRole(role);
+ }
+ }
+
+ public int getRolesCount() throws IdentityException
+ {
+ return ldapRoleModule.getRolesCount();
+ }
+
+ public Set findRoles() throws IdentityException
+ {
+ return ldapRoleModule.findRoles();
+ }
+
+ public List searchRoles(String filter, Object[] filterArgs) throws NamingException,
IdentityException
+ {
+ return ldapRoleModule.searchRoles(filter, filterArgs);
+ }
+
+ // Methods of LDAPRoleModule - need to delegate for compatibility
+
+ public void updateDisplayName(LDAPRoleImpl ldapr, String name) throws
IdentityException
+ {
+ ldapRoleModule.updateDisplayName(ldapr, name);
+
+ cacheService.invalidateRole(ldapr);
+ }
+
+ public LDAPRoleImpl createRoleInstance(Attributes attrs, String dn) throws
IdentityException
+ {
+ return ldapRoleModule.createRoleInstance(attrs, dn);
+ }
+
+ public Role findRoleByDN(String dn) throws IdentityException,
IllegalArgumentException
+ {
+ return ldapRoleModule.findRoleByDN(dn);
+ }
+
+
+}
Added:
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/identity/cache/CachedLDAPUserModuleWrapper.java
===================================================================
---
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/identity/cache/CachedLDAPUserModuleWrapper.java
(rev 0)
+++
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/identity/cache/CachedLDAPUserModuleWrapper.java 2008-05-26
07:24:48 UTC (rev 10817)
@@ -0,0 +1,168 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+
+package org.jboss.portal.core.identity.cache;
+
+import org.jboss.portal.identity.UserModule;
+import org.jboss.portal.identity.User;
+import org.jboss.portal.identity.IdentityException;
+import org.jboss.portal.identity.NoSuchUserException;
+import org.jboss.portal.identity.IdentityContext;
+import org.jboss.portal.identity.UserProfileModule;
+import org.jboss.portal.identity.Role;
+import org.jboss.portal.identity.ldap.LDAPUserModule;
+import org.jboss.portal.identity.ldap.LDAPUserImpl;
+import org.jboss.portal.identity.ldap.LDAPConnectionContext;
+import org.jboss.portal.identity.service.IdentityModuleService;
+
+import javax.naming.NamingException;
+import javax.naming.directory.Attributes;
+import java.util.Set;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * @author <a href="mailto:boleslaw dot dawidowicz at redhat anotherdot
com">Boleslaw Dawidowicz</a>
+ * @version : 0.1 $
+ */
+public class CachedLDAPUserModuleWrapper extends LDAPUserModule implements UserModule
+{
+ private LDAPUserModule userModule;
+
+ private IdentityCacheService cacheService;
+
+ private static final org.jboss.logging.Logger log =
org.jboss.logging.Logger.getLogger(CachedLDAPUserModuleWrapper.class);
+
+ public CachedLDAPUserModuleWrapper(LDAPUserModule userModule, IdentityCacheService
cacheService)
+ {
+ this.userModule = userModule;
+ this.cacheService = cacheService;
+ }
+
+
+ public User findUserByUserName(String userName) throws IdentityException,
IllegalArgumentException, NoSuchUserException
+ {
+ if (userName == null)
+ {
+ throw new IllegalArgumentException("UserName cannot be null");
+ }
+
+ User user = cacheService.findUserByUserName(userName);
+
+ if (user != null)
+ {
+ return user;
+ }
+
+ user = userModule.findUserByUserName(userName);
+
+ cacheService.storeUser(user);
+
+ return user;
+ }
+
+ public User findUserById(Object id) throws IdentityException,
IllegalArgumentException, NoSuchUserException
+ {
+ if (id == null)
+ {
+ throw new IllegalArgumentException("User id cannot be null");
+ }
+
+ User user = cacheService.findUserById(id);
+
+ if (user != null)
+ {
+ return user;
+ }
+
+ user = userModule.findUserById(id);
+
+ cacheService.storeUser(user);
+
+ return user;
+ }
+
+ public User findUserById(String id) throws IdentityException,
IllegalArgumentException, NoSuchUserException
+ {
+ return findUserById((Object)id);
+ }
+
+ public User createUser(String userName, String password) throws IdentityException,
IllegalArgumentException
+ {
+ return userModule.createUser(userName, password);
+ }
+
+ public void removeUser(Object id) throws IdentityException, IllegalArgumentException
+ {
+ userModule.removeUser(id);
+
+ // Invalidate this user in cache
+ User user = cacheService.findUserById(id);
+ if (user != null)
+ {
+ cacheService.invalidateUser(user);
+ }
+ }
+
+ public Set findUsers(int offset, int limit) throws IdentityException,
IllegalArgumentException
+ {
+ return userModule.findUsers(offset, limit);
+ }
+
+ public Set findUsersFilteredByUserName(String filter, int offset, int limit) throws
IdentityException, IllegalArgumentException
+ {
+ return userModule.findUsersFilteredByUserName(filter, offset, limit);
+ }
+
+ public int getUserCount() throws IdentityException, IllegalArgumentException
+ {
+ return userModule.getUserCount();
+ }
+
+ public List searchUsers(String filter, Object[] filterArgs) throws NamingException,
IdentityException
+ {
+ return userModule.searchUsers(filter, filterArgs);
+ }
+
+ public void updatePassword(LDAPUserImpl ldapu, String password) throws
IdentityException
+ {
+ userModule.updatePassword(ldapu, password);
+ }
+
+ public boolean validatePassword(LDAPUserImpl ldapu, String password) throws
IdentityException
+ {
+ return userModule.validatePassword(ldapu, password);
+ }
+
+ // Methods of LDAPUserModule - need to delegate for compatibility
+ public LDAPUserImpl createUserInstance(Attributes attrs, String dn) throws
IdentityException
+ {
+ return userModule.createUserInstance(attrs, dn);
+ }
+
+ public User findUserByDN(String dn) throws IdentityException,
IllegalArgumentException, NoSuchUserException
+ {
+ return userModule.findUserByDN(dn);
+ }
+
+
+}
Added:
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/identity/cache/CachedUserProfileModuleWrapper.java
===================================================================
---
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/identity/cache/CachedUserProfileModuleWrapper.java
(rev 0)
+++
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/identity/cache/CachedUserProfileModuleWrapper.java 2008-05-26
07:24:48 UTC (rev 10817)
@@ -0,0 +1,95 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+
+package org.jboss.portal.core.identity.cache;
+
+import org.jboss.portal.identity.UserProfileModule;
+import org.jboss.portal.identity.User;
+import org.jboss.portal.identity.IdentityException;
+import org.jboss.portal.identity.info.ProfileInfo;
+import org.jboss.logging.Logger;
+
+import java.util.Map;
+
+/**
+ * @author <a href="mailto:boleslaw dot dawidowicz at redhat anotherdot
com">Boleslaw Dawidowicz</a>
+ * @version : 0.1 $
+ */
+public class CachedUserProfileModuleWrapper implements UserProfileModule
+{
+
+ private static final Logger log =
Logger.getLogger(CachedUserProfileModuleWrapper.class);
+
+ private UserProfileModule userProfileModule;
+
+ private IdentityCacheService cacheService;
+
+ public CachedUserProfileModuleWrapper(UserProfileModule userProfileModule,
IdentityCacheService identityCacheService)
+ {
+ this.userProfileModule = userProfileModule;
+ this.cacheService = identityCacheService;
+ }
+
+ public Object getProperty(User user, String propertyName) throws IdentityException,
IllegalArgumentException
+ {
+ // Just grab the whole profile and check if this property is there
+
+ Map profile = this.getProperties(user);
+
+ if (profile != null && profile.containsKey(propertyName))
+ {
+
+ return profile.get(propertyName);
+ }
+
+ // else delegate to the wrapped implementation
+
+ return userProfileModule.getProperty(user, propertyName);
+
+ }
+
+ public void setProperty(User user, String name, Object property) throws
IdentityException, IllegalArgumentException
+ {
+ userProfileModule.setProperty(user, name, property);
+ cacheService.invalidateProfile(user);
+
+ }
+
+ public Map getProperties(User user) throws IdentityException,
IllegalArgumentException
+ {
+ Map profile = cacheService.findUserProfileById(user.getId());
+
+ if (profile != null)
+ {
+ return profile;
+ }
+
+ profile = userProfileModule.getProperties(user);
+ cacheService.storeProfile(user, profile);
+ return profile;
+ }
+
+ public ProfileInfo getProfileInfo() throws IdentityException
+ {
+ return userProfileModule.getProfileInfo();
+ }
+}
Added:
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/identity/cache/IdentityCacheService.java
===================================================================
---
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/identity/cache/IdentityCacheService.java
(rev 0)
+++
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/identity/cache/IdentityCacheService.java 2008-05-26
07:24:48 UTC (rev 10817)
@@ -0,0 +1,258 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+*/
+
+package org.jboss.portal.core.identity.cache;
+
+import org.jboss.portal.identity.User;
+import org.jboss.portal.identity.Role;
+
+import java.util.Map;
+import java.util.HashMap;
+
+/**
+ * @author <a href="mailto:boleslaw dot dawidowicz at redhat anotherdot
com">Boleslaw Dawidowicz</a>
+ * @version : 0.1 $
+ */
+public class IdentityCacheService
+{
+ private static final org.jboss.logging.Logger log =
org.jboss.logging.Logger.getLogger(IdentityCacheService.class);
+
+ public final static String JNDI_NAME = "java:portal/IdentityCacheService";
+
+ protected ThreadLocal<Map<String, User>> userNameCache = new
ThreadLocal<Map<String, User>>();
+
+ protected ThreadLocal<Map<Object, User>> userIdCache = new
ThreadLocal<Map<Object, User>>();
+
+ protected ThreadLocal<Map<Object, Map>> profileCache = new
ThreadLocal<Map<Object, Map>>();
+
+ protected ThreadLocal<Map<String, Role>> roleNameCache = new
ThreadLocal<Map<String, Role>>();
+
+ protected ThreadLocal<Map<Object, Role>> roleIdCache = new
ThreadLocal<Map<Object, Role>>();
+
+
+ public void cleanup()
+ {
+ userNameCache.set(null);
+ userIdCache.set(null);
+ profileCache.set(null);
+ roleNameCache.set(null);
+ roleIdCache.set(null);
+
+ log.debug("Identity cache invalidated");
+ }
+
+ private Map<String, User> getUserNameCache()
+ {
+ if (userNameCache.get() == null)
+ {
+ userNameCache.set(new HashMap<String, User>());
+ }
+ return userNameCache.get();
+ }
+
+ private Map<Object, User> getUserIdCache()
+ {
+ if (userIdCache.get() == null)
+ {
+ userIdCache.set(new HashMap<Object, User>());
+ }
+ return userIdCache.get();
+ }
+
+ private Map<Object, Map> getProfileCache()
+ {
+ if (profileCache.get() == null)
+ {
+ profileCache.set(new HashMap<Object, Map>());
+ }
+ return profileCache.get();
+ }
+
+ private Map<String, Role> getRoleNameCache()
+ {
+ if (roleNameCache.get() == null)
+ {
+ roleNameCache.set(new HashMap<String, Role>());
+ }
+ return roleNameCache.get();
+ }
+
+ private Map<Object, Role> getRoleIdCache()
+ {
+ if (roleIdCache.get() == null)
+ {
+ roleIdCache.set(new HashMap<Object, Role>());
+ }
+ return roleIdCache.get();
+ }
+
+ public void storeUser(User user)
+ {
+ // We want to be transparent so just ignore null argument
+ if (user != null)
+ {
+ getUserIdCache().put(user.getId(), user);
+ getUserNameCache().put(user.getUserName(), user);
+
+ if (log.isDebugEnabled())
+ {
+ log.debug("User cached for id=" + user.getId() + ";
username=" + user.getUserName());
+ }
+ }
+ }
+
+ public void invalidateUser(User user)
+ {
+ // We want to be transparent so just ignore null argument
+ if (user != null)
+ {
+ getUserIdCache().put(user.getId(), null);
+ getUserNameCache().put(user.getUserName(), null);
+
+ if (log.isDebugEnabled())
+ {
+ log.debug("User invalidated in cache for id=" + user.getId() +
"; username=" + user.getUserName());
+ }
+ }
+ }
+
+ public void storeProfile(User user, Map profile)
+ {
+ // We want to be transparent so just ignore null argument
+ if (user != null && profile != null)
+ {
+ getProfileCache().put(user.getId(), profile);
+
+ if (log.isDebugEnabled())
+ {
+ log.debug("User profile cached for id=" + user.getId());
+ }
+ }
+ }
+
+
+ public void invalidateProfile(User user)
+ {
+ // We want to be transparent so just ignore null argument
+ if (user != null)
+ {
+ getProfileCache().put(user.getId(), null);
+
+ if (log.isDebugEnabled())
+ {
+ log.debug("User profile invalidated in cache for id=" +
user.getId());
+ }
+ }
+ }
+
+ public void storeRole(Role role)
+ {
+ // We want to be transparent so just ignore null argument
+ if (role != null)
+ {
+ getRoleIdCache().put(role.getId(), role);
+ getRoleNameCache().put(role.getName(), role);
+
+ if (log.isDebugEnabled())
+ {
+ log.debug("Role cached for id=" + role.getId() + ";
name=" + role.getName());
+ }
+ }
+ }
+
+ public void invalidateRole(Role role)
+ {
+ // We want to be transparent so just ignore null argument
+ if (role != null)
+ {
+ getRoleIdCache().put(role.getId(), null);
+ getRoleNameCache().put(role.getName(), null);
+
+ if (log.isDebugEnabled())
+ {
+ log.debug("Role invalidated in cache for id=" + role.getId() +
"; name=" + role.getName());
+ }
+ }
+ }
+
+ public User findUserByUserName(String userName)
+ {
+ User user = getUserNameCache().get(userName);
+
+ if (user != null && log.isDebugEnabled())
+ {
+ log.debug("User retreived from cache for username=" +
user.getUserName());
+ }
+
+ return user;
+ }
+
+ public User findUserById(Object id)
+ {
+ User user = getUserIdCache().get(id);
+
+ if (user != null && log.isDebugEnabled())
+ {
+ log.debug("User retreived from cache for id=" + user.getId());
+ }
+
+ return user;
+ }
+
+ public Map findUserProfileById(Object id)
+ {
+ Map profile = getProfileCache().get(id);
+
+ if (profile != null && log.isDebugEnabled())
+ {
+ log.debug("User profile retreived from cache for user id=" + id);
+ }
+
+ return profile;
+ }
+
+ public Role findRoleByName(String roleName)
+ {
+ Role role = getRoleNameCache().get(roleName);
+
+ if (role != null && log.isDebugEnabled())
+ {
+ log.debug("Role retreived from cache for name=" + role.getName());
+ }
+
+ return role;
+ }
+
+ public Role findRoleById(Object id)
+ {
+ Role role = getRoleIdCache().get(id);
+
+ if (role != null && log.isDebugEnabled())
+ {
+ log.debug("Role retreived from cache for id=" + role.getId());
+ }
+
+ return role;
+ }
+
+
+}
Modified:
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/identity/service/IdentityServiceControllerImpl.java
===================================================================
---
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/identity/service/IdentityServiceControllerImpl.java 2008-05-26
05:42:41 UTC (rev 10816)
+++
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/identity/service/IdentityServiceControllerImpl.java 2008-05-26
07:24:48 UTC (rev 10817)
@@ -30,16 +30,31 @@
import org.jboss.portal.identity.IdentityException;
import org.jboss.portal.identity.IdentityServiceController;
import org.jboss.portal.identity.ServiceJNDIBinder;
+import org.jboss.portal.identity.UserModule;
+import org.jboss.portal.identity.UserProfileModule;
+import org.jboss.portal.identity.DelegatingUserProfileModuleImpl;
+import org.jboss.portal.identity.RoleModule;
+import org.jboss.portal.identity.ldap.LDAPUserModule;
+import org.jboss.portal.identity.ldap.LDAPUserProfileModule;
+import org.jboss.portal.identity.ldap.LDAPRoleModule;
import org.jboss.portal.identity.boot.IdentityServiceLoader;
import org.jboss.portal.identity.event.IdentityEvent;
import org.jboss.portal.identity.event.IdentityEventBroadcaster;
import org.jboss.portal.identity.metadata.service.IdentityServicesMetaData;
+import org.jboss.portal.identity.metadata.service.ModuleServiceMetaData;
+import org.jboss.portal.identity.metadata.config.ModuleMetaData;
import org.jboss.portal.identity.service.IdentityConfigurationService;
+import org.jboss.portal.identity.service.UserProfileModuleService;
import org.jboss.portal.jems.as.JNDI;
import org.jboss.portal.jems.as.system.AbstractJBossService;
import org.jboss.portal.jems.as.system.JBossServiceModelMBean;
+import org.jboss.portal.core.identity.cache.CachedLDAPUserModuleWrapper;
+import org.jboss.portal.core.identity.cache.IdentityCacheService;
+import org.jboss.portal.core.identity.cache.CachedUserProfileModuleWrapper;
+import org.jboss.portal.core.identity.cache.CachedLDAPRoleModuleWrapper;
import javax.management.ObjectName;
+import java.util.List;
/**
* @author <a href="mailto:boleslaw dot dawidowicz at jboss.org">Boleslaw
Dawidowicz</a>
@@ -64,6 +79,8 @@
private IdentityEventBroadcaster identityEventBroadcaster;
+ private boolean ldapIdentityCache = true;
+
/** . */
protected Kernel kernel;
@@ -154,6 +171,209 @@
serviceLoader.bootstrapModules(servicesMetaData.getModuleServices().getModulesList());
+ UserModule userModule =
(UserModule)identityContext.getObject(IdentityContext.TYPE_USER_MODULE);
+
+ RoleModule roleModule =
(RoleModule)identityContext.getObject(IdentityContext.TYPE_ROLE_MODULE);
+
+ UserProfileModule userProfileModule =
(UserProfileModule)identityContext.getObject(IdentityContext.TYPE_USER_PROFILE_MODULE);
+
+
+ // For performance reasons we inject a wrapper around some identity modules to
cache the calls. This is optional
+ // and apply only to LDAP implementation of modules. Cache is request scoped and
invalidated in server interceptor
+ // IdentityCacheInterceptor
+
+ if (isLdapIdentityCache())
+ {
+ ServiceJNDIBinder binder = new SimpleServiceJNDIBinder();
+
+ IdentityCacheService cacheService = new IdentityCacheService();
+
+ binder.bind(IdentityCacheService.JNDI_NAME, cacheService);
+
+ List modules = servicesMetaData.getModuleServices().getModulesList();
+
+ if (userModule instanceof LDAPUserModule)
+ {
+ LDAPUserModule ldapUserModule = (LDAPUserModule)userModule;
+
+ // Unregister in IdentityContext
+
+ identityContext.unregister(IdentityContext.TYPE_USER_MODULE);
+
+ // Unregister in JNDI
+
+ binder.unbind(ldapUserModule.getJNDIName());
+
+ // Un/egister mbean
+
+ String serviceName = null;
+
+ // Discover serviceName for this module type
+
+ for (Object moduleData : modules)
+ {
+ ModuleServiceMetaData moduleService =
(ModuleServiceMetaData)moduleData;
+ ModuleMetaData module = moduleService.getModuleData();
+
+ if (module.getType().equals(ldapUserModule.getModuleType()))
+ {
+ serviceName = module.getServiceName();
+ break;
+ }
+ }
+
+ // If we have the service name then follow with registration
+
+ if (serviceName != null)
+ {
+ // Unregister
+
+ ObjectName on = new ObjectName(serviceName);
+ if (getServer().isRegistered(on))
+ {
+ getServer().unregisterMBean(on);
+ }
+ }
+
+
+ CachedLDAPUserModuleWrapper userModuleWrapper = new
CachedLDAPUserModuleWrapper((LDAPUserModule)userModule, cacheService);
+
+ // Register wrapper
+ identityContext.register(userModuleWrapper,
ldapUserModule.getModuleType());
+ binder.bind(ldapUserModule.getJNDIName(), userModuleWrapper);
+
+ if (serviceName != null)
+ {
+ // Register
+
+ JBossServiceModelMBean mbean = new
JBossServiceModelMBean(userModuleWrapper);
+ getServer().registerMBean(mbean, new ObjectName(serviceName));
+ }
+
+ }
+
+ if (roleModule instanceof LDAPRoleModule)
+ {
+ LDAPRoleModule ldapRoleModule = (LDAPRoleModule)roleModule;
+
+ // Unregister in IdentityContext
+
+ identityContext.unregister(IdentityContext.TYPE_ROLE_MODULE);
+
+ // Unregister in JNDI
+
+ binder.unbind(ldapRoleModule.getJNDIName());
+
+ // Un/egister mbean
+
+ String serviceName = null;
+
+ // Discover serviceName for this module type
+
+ for (Object moduleData : modules)
+ {
+ ModuleServiceMetaData moduleService =
(ModuleServiceMetaData)moduleData;
+ ModuleMetaData module = moduleService.getModuleData();
+
+ if (module.getType().equals(ldapRoleModule.getModuleType()))
+ {
+ serviceName = module.getServiceName();
+ break;
+ }
+ }
+
+ // If we have the service name then follow with registration
+
+ if (serviceName != null)
+ {
+ // Unregister
+
+ ObjectName on = new ObjectName(serviceName);
+ if (getServer().isRegistered(on))
+ {
+ getServer().unregisterMBean(on);
+ }
+ }
+
+
+ CachedLDAPRoleModuleWrapper roleModuleWrapper = new
CachedLDAPRoleModuleWrapper((LDAPRoleModule)roleModule, cacheService);
+
+ // Register wrapper
+ identityContext.register(roleModuleWrapper,
ldapRoleModule.getModuleType());
+ binder.bind(ldapRoleModule.getJNDIName(), roleModuleWrapper);
+
+ if (serviceName != null)
+ {
+ // Register
+
+ JBossServiceModelMBean mbean = new
JBossServiceModelMBean(roleModuleWrapper);
+ getServer().registerMBean(mbean, new ObjectName(serviceName));
+ }
+
+ }
+
+ if (userProfileModule instanceof LDAPUserProfileModule ||
+ userProfileModule instanceof DelegatingUserProfileModuleImpl)
+ {
+ UserProfileModuleService profileModuleService =
(UserProfileModuleService)userProfileModule;
+
+ // Unregister in IdentityContext
+
+ identityContext.unregister(IdentityContext.TYPE_USER_PROFILE_MODULE);
+
+ // Unregister in JNDI
+
+ binder.unbind(profileModuleService.getJNDIName());
+
+ // Un/egister mbean
+
+ String serviceName = null;
+
+ // Discover serviceName for this module type
+
+ for (Object moduleData : modules)
+ {
+ ModuleServiceMetaData moduleService =
(ModuleServiceMetaData)moduleData;
+ ModuleMetaData module = moduleService.getModuleData();
+
+ if (module.getType().equals(profileModuleService.getModuleType()))
+ {
+ serviceName = module.getServiceName();
+ break;
+ }
+ }
+
+ // If we have the service name then follow with registration
+
+ if (serviceName != null)
+ {
+ // Unregister
+
+ ObjectName on = new ObjectName(serviceName);
+ if (getServer().isRegistered(on))
+ {
+ getServer().unregisterMBean(on);
+ }
+ }
+
+ CachedUserProfileModuleWrapper userProfileModuleWrapper = new
CachedUserProfileModuleWrapper(userProfileModule, cacheService);
+
+ // Register wrapper
+
+ identityContext.register(userProfileModuleWrapper,
profileModuleService.getModuleType());
+ binder.bind(profileModuleService.getJNDIName(),
userProfileModuleWrapper);
+
+ if (serviceName != null)
+ {
+ // Register
+
+ JBossServiceModelMBean mbean = new
JBossServiceModelMBean(userProfileModuleWrapper);
+ getServer().registerMBean(mbean, new ObjectName(serviceName));
+ }
+
+ }
+ }
+
}
catch (Throwable e)
{
@@ -257,4 +477,14 @@
{
this.identityEventBroadcaster = identityEventBroadcaster;
}
+
+ public boolean isLdapIdentityCache()
+ {
+ return ldapIdentityCache;
+ }
+
+ public void setLdapIdentityCache(boolean ldapIdentityCache)
+ {
+ this.ldapIdentityCache = ldapIdentityCache;
+ }
}
Modified:
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/model/portal/command/render/RenderPageCommand.java
===================================================================
---
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/model/portal/command/render/RenderPageCommand.java 2008-05-26
05:42:41 UTC (rev 10816)
+++
branches/JBoss_Portal_Branch_2_7/core/src/main/org/jboss/portal/core/model/portal/command/render/RenderPageCommand.java 2008-05-26
07:24:48 UTC (rev 10817)
@@ -42,6 +42,7 @@
import org.jboss.portal.core.model.portal.content.WindowRendition;
import org.jboss.portal.core.theme.PageRendition;
import org.jboss.portal.core.theme.WindowContextFactory;
+import org.jboss.portal.core.aspects.server.UserInterceptor;
import org.jboss.portal.identity.User;
import org.jboss.portal.identity.UserProfileModule;
import org.jboss.portal.security.spi.auth.PortalAuthorizationManager;
@@ -54,12 +55,14 @@
import org.jboss.portal.theme.page.PageResult;
import org.jboss.portal.portlet.controller.PortletControllerContext;
import org.jboss.portal.portlet.controller.state.PageNavigationalState;
+import org.jboss.portal.server.ServerInvocation;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
+import java.util.Map;
/**
* Render a full page.
@@ -170,8 +173,21 @@
}
//
- String themeId = (String)userProfileModule.getProperty(user,
User.INFO_USER_THEME);
+ // If its possible use cachec user profile to obtain theme
+ Map profile =
(Map)getContext().getAttribute(ServerInvocation.PRINCIPAL_SCOPE,
UserInterceptor.PROFILE_KEY);
+
+ String themeId = null;
+
+ if (profile == null)
+ {
+ themeId = (String)userProfileModule.getProperty(user,
User.INFO_USER_THEME);
+ }
+ else
+ {
+ themeId = (String)profile.get(User.INFO_USER_THEME);
+ }
+
if (themeId != null)
{
theme = themeService.getThemeById(themeId);
@@ -211,7 +227,7 @@
// We ignore null result objects
if (rendition != null)
{
- // Get the controller response
+ // Get the controller response
ControllerResponse response = rendition.getControllerResponse();
// Null means we skip the window
Modified:
branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/META-INF/jboss-service.xml
===================================================================
---
branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/META-INF/jboss-service.xml 2008-05-26
05:42:41 UTC (rev 10816)
+++
branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/META-INF/jboss-service.xml 2008-05-26
07:24:48 UTC (rev 10817)
@@ -123,6 +123,13 @@
xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
<xmbean/>
</mbean>
+ <mbean
+ code="org.jboss.portal.core.aspects.server.IdentityCacheInterceptor"
+ name="portal:service=Interceptor,type=Server,name=IdentityCache"
+ xmbean-dd=""
+ xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
+ <xmbean/>
+ </mbean>
<mbean
code="org.jboss.portal.server.impl.invocation.JBossInterceptorStackFactory"
name="portal:service=InterceptorStackFactory,type=Server"
xmbean-dd=""
xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
@@ -130,6 +137,7 @@
<depends-list optional-attribute-name="InterceptorNames">
<depends-list-element>portal:service=Interceptor,type=Server,name=SessionLock</depends-list-element>
<depends-list-element>portal:service=Interceptor,type=Server,name=Transaction</depends-list-element>
+
<depends-list-element>portal:service=Interceptor,type=Server,name=IdentityCache</depends-list-element>
<depends-list-element>portal:service=Interceptor,type=Server,name=UserEvent</depends-list-element>
<depends-list-element>portal:service=Interceptor,type=Server,name=SessionInvalidator</depends-list-element>
<depends-list-element>portal:service=Interceptor,type=Server,name=User</depends-list-element>
Modified:
branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/conf/identity/ldap_identity-config.xml
===================================================================
---
branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/conf/identity/ldap_identity-config.xml 2008-05-26
05:42:41 UTC (rev 10816)
+++
branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/conf/identity/ldap_identity-config.xml 2008-05-26
07:24:48 UTC (rev 10817)
@@ -26,6 +26,10 @@
"-//JBoss Portal//DTD JBoss Identity Configuration 1.0//EN"
"http://www.jboss.org/portal/dtd/identity-config_1_0.dtd">-->
+
+<!-- This file overrides settings from standardidentity-config.xml.
+ Check default option values that are used there -->
+
<identity-configuration>
<datasources>
<datasource>
@@ -59,17 +63,19 @@
<!--type used to correctly map in IdentityContext registry-->
<type>User</type>
<implementation>LDAP</implementation>
- <class>
+ <!--Use this implementation for more flexible user retrieval-->
+ <!--<class>
org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl
- </class>
+ </class>-->
<config/>
</module>
<module>
<type>Role</type>
<implementation>LDAP</implementation>
- <class>
+ <!--Use this implementation for more flexible user retrieval-->
+ <!--<class>
org.jboss.portal.identity.ldap.LDAPExtRoleModuleImpl
- </class>
+ </class>-->
<config/>
</module>
<module>
@@ -111,19 +117,21 @@
<name>userCtxDN</name>
<value>ou=People,o=test,dc=portal,dc=example,dc=com</value>
</option>
- <option>
+ <!--Uncomment to use with LDAPExtUserModuleImpl-->
+ <!--<option>
<name>userSearchFilter</name>
<value><![CDATA[(&((uid={0})(objectClass=person)))]]></value>
- </option>
+ </option>-->
<option>
<name>roleCtxDN</name>
<value>ou=Roles,o=test,dc=portal,dc=example,dc=com</value>
</option>
- <option>
+ <!--Uncomment to use with LDAPExtRoleModuleImpl-->
+ <!--<option>
<name>roleSearchFilter</name>
<value><![CDATA[(&((cn={0})(objectClass=groupOfNames)))]]></value>
- </option>
+ </option>-->
</option-group>
+ </options>
- </options>
</identity-configuration>
\ No newline at end of file
Modified:
branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/conf/identity/profile-config.xml
===================================================================
---
branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/conf/identity/profile-config.xml 2008-05-26
05:42:41 UTC (rev 10816)
+++
branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/conf/identity/profile-config.xml 2008-05-26
07:24:48 UTC (rev 10817)
@@ -334,9 +334,9 @@
<type>dynamic</type>
<value>portal.user.homepage</value>
</database>
- <ldap>
- <value>seeAlso</value>
- </ldap>
+ <!--<ldap>-->
+ <!--<value>seeAlso</value>-->
+ <!--</ldap>-->
</mapping>
</property>
<property>
Modified:
branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/conf/identity/standardidentity-config.xml
===================================================================
---
branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/conf/identity/standardidentity-config.xml 2008-05-26
05:42:41 UTC (rev 10816)
+++
branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/conf/identity/standardidentity-config.xml 2008-05-26
07:24:48 UTC (rev 10817)
@@ -25,7 +25,7 @@
<!--
<!DOCTYPE identity-configuration PUBLIC
- "-//JBoss Portal//DTD JBoss Identity Configuration 1.0//EN"
+ "-//JBoss Portal//DTD JBoss Identity Configuration 1.0//EN"
"http://www.jboss.org/portal/dtd/identity-config_1_0.dtd">
-->
@@ -213,7 +213,7 @@
<name>connectionJNDIName</name>
<value>java:/portal/LDAPConnectionContext</value>
</option>
- </config>
+ </config>
</module>
<module>
@@ -324,22 +324,23 @@
<option>
<name>defaultAdminRole</name>
<value>Admin</value>
- </option>
+ </option>
</option-group>
<option-group>
<group-name>userCreateAttibutes</group-name>
<option>
<name>objectClass</name>
<value>top</value>
- <value>uidObject</value>
<value>person</value>
- <value>inetUser</value>
+ <value>inetOrgPerson</value>
+ <!--<value>inetUser</value>-->
+ <!--<value>uidObject</value>-->
</option>
<!--Schema requires those to have initial value-->
- <!--<option>
+ <option>
<name>cn</name>
<value>none</value>
- </option>-->
+ </option>
<option>
<name>sn</name>
<value>none</value>
Modified:
branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/conf/login-config.xml
===================================================================
---
branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/conf/login-config.xml 2008-05-26
05:42:41 UTC (rev 10816)
+++
branches/JBoss_Portal_Branch_2_7/core/src/resources/portal-core-sar/conf/login-config.xml 2008-05-26
07:24:48 UTC (rev 10817)
@@ -44,8 +44,8 @@
<module-option
name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
<module-option
name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option>
<module-option
name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option>
+ <module-option
name="validateUserNameCase">true</module-option>
<module-option
name="additionalRole">Authenticated</module-option>
- <module-option
name="password-stacking">useFirstPass</module-option>
</login-module>
<!--Use can use this module instead of IdentityLoginModule to bind to LDAP.
It simply extends JBossSX LdapExtLoginModule so
Modified:
branches/JBoss_Portal_Branch_2_7/core-identity/src/main/org/jboss/portal/core/identity/ui/common/IdentityUserBean.java
===================================================================
---
branches/JBoss_Portal_Branch_2_7/core-identity/src/main/org/jboss/portal/core/identity/ui/common/IdentityUserBean.java 2008-05-26
05:42:41 UTC (rev 10816)
+++
branches/JBoss_Portal_Branch_2_7/core-identity/src/main/org/jboss/portal/core/identity/ui/common/IdentityUserBean.java 2008-05-26
07:24:48 UTC (rev 10817)
@@ -25,6 +25,7 @@
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
+import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.ResourceBundle;
@@ -36,11 +37,16 @@
import org.jboss.portal.core.identity.services.IdentityConstants;
import org.jboss.portal.core.identity.services.metadata.UIComponentConfiguration;
import org.jboss.portal.core.identity.ui.IdentityUIUser;
+import org.jboss.portal.core.aspects.server.UserInterceptor;
+import org.jboss.portal.core.controller.ControllerContext;
import org.jboss.portal.identity.IdentityException;
import org.jboss.portal.identity.NoSuchUserException;
import org.jboss.portal.identity.User;
import org.jboss.portal.identity.UserModule;
import org.jboss.portal.identity.UserProfileModule;
+import org.jboss.portal.server.ServerInvocation;
+import org.jboss.portlet.JBossRenderRequest;
+import org.jboss.portlet.JBossActionRequest;
/**
* @author <a href="mailto:emuckenh@redhat.com">Emanuel
Muckenhuber</a>
@@ -91,18 +97,18 @@
this.metaDataService = metaDataService;
}
- /**
- * converts the dynamic attribute Map to a map for the identity service -
UserProfileModule
+ /*
+ * converts the dynamic attribute Map to a map concerning the identity service -
UserProfileModule
*/
public Map<String, Object> getProfileMap(Map<String, Object>
attributeMap)
{
Map<String, Object> profileMap = new HashMap<String, Object>();
-
+
for(String key : attributeMap.keySet())
{
Object value = attributeMap.get(key);
UIComponentConfiguration uiComponent = (UIComponentConfiguration)
this.metaDataService.getValue(key).getObject();
-
+
if ( uiComponent != null)
{
profileMap.put(uiComponent.getPropertyRef(), value);
@@ -110,11 +116,11 @@
}
return profileMap;
}
-
+
public void updateProfile(User user, Map<String, Object> attributeMap)
{
Map<String, Object> profileMap = this.getProfileMap(attributeMap);
-
+
for(String key : profileMap.keySet())
{
Object value = profileMap.get(key);
@@ -161,14 +167,14 @@
public Object getLocalizedValue(String propertyName, Object value)
{
UIComponentConfiguration uiComponent = (UIComponentConfiguration)
this.metaDataService.getValue(propertyName).getObject();
- if( uiComponent.getValues() != null
+ if( uiComponent.getValues() != null
&& value instanceof String
&& uiComponent.getValues().size() > 0)
{
try
{
ResourceBundle bundle =
ResourceBundle.getBundle("conf.bundles.Identity",
FacesContext.getCurrentInstance().getViewRoot().getLocale());
- return bundle.getString(IdentityConstants.DYNAMIC_VALUE_PREFIX +
((String)value).toUpperCase());
+ return bundle.getString(IdentityConstants.DYNAMIC_VALUE_PREFIX +
((String)value).toUpperCase());
}
catch (Exception e)
{
@@ -177,17 +183,98 @@
}
return value;
}
-
- public Class getPropertyType(String propertyName) throws IdentityException,
ClassNotFoundException
+
+ public Class getPropertyType(String propertyName) throws IdentityException,
ClassNotFoundException
{
UIComponentConfiguration uiComponent = (UIComponentConfiguration)
this.metaDataService.getValue(propertyName).getObject();
return uiComponent.getPropertyClass();
}
-
+
public Object getUserProperty(String username, String propertyName) throws
IllegalArgumentException, NoSuchUserException, IdentityException
{
- User user = this.findUserByUserName(username);
+
UIComponentConfiguration uiComponent = (UIComponentConfiguration)
this.metaDataService.getValue(propertyName).getObject();
- return this.userProfileModule.getProperty(user, uiComponent.getPropertyRef());
+
+ Map profile = null;
+
+ // Uncomment this to use the cached profile (for now its not invalidated on write)
+ //profile = getCachedUserProfile();
+
+ if (profile == null)
+ {
+
+ // This is to intercept calls to display current user profile and decrease
number of calls to identity modules
+ // Needs to be done in better way
+ User user = getCurrentUser();
+ if (user == null || !user.getUserName().equals(username))
+ {
+ user = this.findUserByUserName(username);
+ }
+
+ return this.userProfileModule.getProperty(user, uiComponent.getPropertyRef());
+ }
+
+ return profile.get(uiComponent.getPropertyRef());
+
}
+
+ public User getCurrentUser()
+ {
+ Object request =
FacesContext.getCurrentInstance().getExternalContext().getRequest();
+
+ ControllerContext context = null;
+
+ if (request instanceof JBossRenderRequest)
+ {
+ JBossRenderRequest renderRequest = (JBossRenderRequest)request;
+ context = renderRequest.getControllerContext();
+ }
+ else if (request instanceof JBossActionRequest)
+ {
+ JBossActionRequest actionRequest = (JBossActionRequest)request;
+ context = actionRequest.getControllerContext();
+ }
+
+ if (context != null)
+ {
+ Object user = context.getAttribute(ServerInvocation.PRINCIPAL_SCOPE,
UserInterceptor.USER_KEY);
+ if (user instanceof User)
+ {
+ return (User)user;
+ }
+ }
+
+ return null;
+
+ }
+
+ public Map getCachedUserProfile()
+ {
+ Object request =
FacesContext.getCurrentInstance().getExternalContext().getRequest();
+
+ ControllerContext context = null;
+
+ if (request instanceof JBossRenderRequest)
+ {
+ JBossRenderRequest renderRequest = (JBossRenderRequest)request;
+ context = renderRequest.getControllerContext();
+ }
+ else if (request instanceof JBossActionRequest)
+ {
+ JBossActionRequest actionRequest = (JBossActionRequest)request;
+ context = actionRequest.getControllerContext();
+ }
+
+ if (context != null)
+ {
+ Object profile = context.getAttribute(ServerInvocation.PRINCIPAL_SCOPE,
UserInterceptor.PROFILE_KEY);
+ if (profile instanceof Map)
+ {
+ return (Map)profile;
+ }
+ }
+
+ return null;
+
+ }
}
Modified:
branches/JBoss_Portal_Branch_2_7/core-identity/src/resources/portal-identity-war/WEB-INF/portlet.xml
===================================================================
---
branches/JBoss_Portal_Branch_2_7/core-identity/src/resources/portal-identity-war/WEB-INF/portlet.xml 2008-05-26
05:42:41 UTC (rev 10816)
+++
branches/JBoss_Portal_Branch_2_7/core-identity/src/resources/portal-identity-war/WEB-INF/portlet.xml 2008-05-26
07:24:48 UTC (rev 10817)
@@ -51,7 +51,7 @@
<name>default-view</name>
<value>/WEB-INF/jsf/index.xhtml</value>
</init-param>
- <expiration-cache>0</expiration-cache>
+ <expiration-cache>-1</expiration-cache>
<supports>
<mime-type>text/html</mime-type>
<portlet-mode>VIEW</portlet-mode>