JBoss Portal SVN: r8144 - in trunk: core-cms/src/resources/portal-cms-sar/META-INF and 3 other directories.
by portal-commits@lists.jboss.org
Author: thomas.heute(a)jboss.com
Date: 2007-09-04 07:54:12 -0400 (Tue, 04 Sep 2007)
New Revision: 8144
Modified:
trunk/cms/src/main/org/jboss/portal/cms/management/CMSImpl.java
trunk/core-cms/src/resources/portal-cms-sar/META-INF/jboss-service.xml
trunk/core-management/.classpath
trunk/core-management/src/main/org/jboss/portal/core/management/PortalImpl.java
trunk/core-management/src/resources/portal-management-sar/META-INF/jboss-service.xml
Log:
- Fix Management mbeans (JBoss ON)
- core-management Eclipse classpath
Modified: trunk/cms/src/main/org/jboss/portal/cms/management/CMSImpl.java
===================================================================
--- trunk/cms/src/main/org/jboss/portal/cms/management/CMSImpl.java 2007-09-04 11:49:24 UTC (rev 8143)
+++ trunk/cms/src/main/org/jboss/portal/cms/management/CMSImpl.java 2007-09-04 11:54:12 UTC (rev 8144)
@@ -30,6 +30,9 @@
import org.jboss.portal.jems.as.system.AbstractJBossService;
/**
+ * Unused. With the introduction of CMS security, this can
+ * no longer count CMS files.
+ *
* @author <a href="mailto:theute@jboss.org">Thomas Heute</a>
* @version $Revision$
*/
Modified: trunk/core-cms/src/resources/portal-cms-sar/META-INF/jboss-service.xml
===================================================================
--- trunk/core-cms/src/resources/portal-cms-sar/META-INF/jboss-service.xml 2007-09-04 11:49:24 UTC (rev 8143)
+++ trunk/core-cms/src/resources/portal-cms-sar/META-INF/jboss-service.xml 2007-09-04 11:54:12 UTC (rev 8144)
@@ -24,9 +24,11 @@
<server>
<!-- Management MBean -->
+ <!-- Unused, the bean doesn't bring any interesting value -->
+ <!--
<mbean
code="org.jboss.portal.cms.management.CMSImpl"
- name="portal:service=Management,type=CMS,name=Default"
+ name="portal.management:service=Management,type=CMS,name=Default"
xmbean-dd=""
xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
<depends
@@ -34,7 +36,8 @@
proxy-type="attribute">portal:service=CMS</depends>
<xmbean/>
</mbean>
-
+ -->
+
<mbean
code="org.jboss.portal.jems.hibernate.SessionFactoryBinder"
name="portal:service=Hibernate,type=CMS"
Modified: trunk/core-management/.classpath
===================================================================
--- trunk/core-management/.classpath 2007-09-04 11:49:24 UTC (rev 8143)
+++ trunk/core-management/.classpath 2007-09-04 11:54:12 UTC (rev 8144)
@@ -9,5 +9,6 @@
<classpathentry combineaccessrules="false" kind="src" path="/portlet"/>
<classpathentry kind="lib" path="/thirdparty/jbossas/core-libs/lib/jboss-common.jar"/>
<classpathentry combineaccessrules="false" kind="src" path="/portlet-federation"/>
+ <classpathentry kind="lib" path="/thirdparty/jbossas/core-libs/lib/jboss-j2ee.jar"/>
<classpathentry kind="output" path="bin"/>
</classpath>
Modified: trunk/core-management/src/main/org/jboss/portal/core/management/PortalImpl.java
===================================================================
--- trunk/core-management/src/main/org/jboss/portal/core/management/PortalImpl.java 2007-09-04 11:49:24 UTC (rev 8143)
+++ trunk/core-management/src/main/org/jboss/portal/core/management/PortalImpl.java 2007-09-04 11:54:12 UTC (rev 8144)
@@ -22,8 +22,16 @@
******************************************************************************/
package org.jboss.portal.core.management;
-import org.jboss.portal.core.management.Portal;
-import org.jboss.portal.core.model.instance.InstanceContainer;
+import javax.naming.InitialContext;
+import javax.naming.NamingException;
+import javax.transaction.HeuristicMixedException;
+import javax.transaction.HeuristicRollbackException;
+import javax.transaction.NotSupportedException;
+import javax.transaction.RollbackException;
+import javax.transaction.SystemException;
+import javax.transaction.UserTransaction;
+
+import org.jboss.portal.core.impl.model.instance.InstanceContainerContext;
import org.jboss.portal.jems.as.system.AbstractJBossService;
/**
@@ -32,16 +40,31 @@
*/
public class PortalImpl extends AbstractJBossService implements Portal {
- private InstanceContainer instanceContainer;
+ private InstanceContainerContext containerContext;
public int getNbInstances()
{
- return instanceContainer.getDefinitions().size();
+ int nbInstances = -1;
+ try
+ {
+ InitialContext ctx = new InitialContext();
+ UserTransaction tx;
+ tx = (UserTransaction)ctx.lookup("UserTransaction");
+ tx.begin();
+ nbInstances = containerContext.getInstanceDefinitions().size();
+ tx.commit();
+ }
+ catch (Exception e)
+ {
+ // FIXME
+ e.printStackTrace();
+ }
+ return nbInstances;
}
- public void setInstanceContainer(InstanceContainer instanceContainer)
+ public void setContainerContext(InstanceContainerContext containerContext)
{
- this.instanceContainer = instanceContainer;
+ this.containerContext = containerContext;
}
}
Modified: trunk/core-management/src/resources/portal-management-sar/META-INF/jboss-service.xml
===================================================================
--- trunk/core-management/src/resources/portal-management-sar/META-INF/jboss-service.xml 2007-09-04 11:49:24 UTC (rev 8143)
+++ trunk/core-management/src/resources/portal-management-sar/META-INF/jboss-service.xml 2007-09-04 11:54:12 UTC (rev 8144)
@@ -33,6 +33,7 @@
<attribute name="InitialStartDate">NOW</attribute>
<attribute name="SchedulePeriod">30000</attribute>
<attribute name="InitialRepetitions">-1</attribute>
+ <attribute name="StartAtStartup">true</attribute>
</mbean>
<mbean
@@ -41,8 +42,8 @@
xmbean-dd=""
xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
<depends
- optional-attribute-name="InstanceContainer"
- proxy-type="attribute">portal:container=Instance</depends>
+ optional-attribute-name="ContainerContext"
+ proxy-type="attribute">portal:service=InstanceContainerContext</depends>
<xmbean/>
</mbean>
18 years, 8 months
- 1
- 0
JBoss Portal SVN: r8143 - branches/JBoss_Portal_Branch_2_6/core-management.
by portal-commits@lists.jboss.org
Author: thomas.heute(a)jboss.com
Date: 2007-09-04 07:49:24 -0400 (Tue, 04 Sep 2007)
New Revision: 8143
Modified:
branches/JBoss_Portal_Branch_2_6/core-management/.classpath
Log:
Eclispe classpath
Modified: branches/JBoss_Portal_Branch_2_6/core-management/.classpath
===================================================================
--- branches/JBoss_Portal_Branch_2_6/core-management/.classpath 2007-09-04 11:48:52 UTC (rev 8142)
+++ branches/JBoss_Portal_Branch_2_6/core-management/.classpath 2007-09-04 11:49:24 UTC (rev 8143)
@@ -9,5 +9,6 @@
<classpathentry combineaccessrules="false" kind="src" path="/portlet"/>
<classpathentry kind="lib" path="/thirdparty/jbossas/core-libs/lib/jboss-common.jar"/>
<classpathentry combineaccessrules="false" kind="src" path="/portlet-federation"/>
+ <classpathentry kind="lib" path="/thirdparty/jbossas/core-libs/lib/jboss-j2ee.jar"/>
<classpathentry kind="output" path="bin"/>
</classpath>
18 years, 8 months
- 1
- 0
JBoss Portal SVN: r8142 - in branches/JBoss_Portal_Branch_2_6/core-management/src: resources/portal-management-sar/META-INF and 1 other directory.
by portal-commits@lists.jboss.org
Author: thomas.heute(a)jboss.com
Date: 2007-09-04 07:48:52 -0400 (Tue, 04 Sep 2007)
New Revision: 8142
Modified:
branches/JBoss_Portal_Branch_2_6/core-management/src/main/org/jboss/portal/core/management/PortalImpl.java
branches/JBoss_Portal_Branch_2_6/core-management/src/resources/portal-management-sar/META-INF/jboss-service.xml
Log:
- Fix Management mbeans (JBoss ON) (Nb of instances)
Modified: branches/JBoss_Portal_Branch_2_6/core-management/src/main/org/jboss/portal/core/management/PortalImpl.java
===================================================================
--- branches/JBoss_Portal_Branch_2_6/core-management/src/main/org/jboss/portal/core/management/PortalImpl.java 2007-09-04 10:55:50 UTC (rev 8141)
+++ branches/JBoss_Portal_Branch_2_6/core-management/src/main/org/jboss/portal/core/management/PortalImpl.java 2007-09-04 11:48:52 UTC (rev 8142)
@@ -22,8 +22,16 @@
******************************************************************************/
package org.jboss.portal.core.management;
-import org.jboss.portal.core.management.Portal;
-import org.jboss.portal.core.model.instance.InstanceContainer;
+import javax.naming.InitialContext;
+import javax.naming.NamingException;
+import javax.transaction.HeuristicMixedException;
+import javax.transaction.HeuristicRollbackException;
+import javax.transaction.NotSupportedException;
+import javax.transaction.RollbackException;
+import javax.transaction.SystemException;
+import javax.transaction.UserTransaction;
+
+import org.jboss.portal.core.impl.model.instance.InstanceContainerContext;
import org.jboss.portal.jems.as.system.AbstractJBossService;
/**
@@ -32,16 +40,31 @@
*/
public class PortalImpl extends AbstractJBossService implements Portal {
- private InstanceContainer instanceContainer;
+ private InstanceContainerContext containerContext;
public int getNbInstances()
{
- return instanceContainer.getDefinitions().size();
+ int nbInstances = -1;
+ try
+ {
+ InitialContext ctx = new InitialContext();
+ UserTransaction tx;
+ tx = (UserTransaction)ctx.lookup("UserTransaction");
+ tx.begin();
+ nbInstances = containerContext.getInstanceDefinitions().size();
+ tx.commit();
+ }
+ catch (Exception e)
+ {
+ // FIXME
+ e.printStackTrace();
+ }
+ return nbInstances;
}
- public void setInstanceContainer(InstanceContainer instanceContainer)
+ public void setContainerContext(InstanceContainerContext containerContext)
{
- this.instanceContainer = instanceContainer;
+ this.containerContext = containerContext;
}
}
Modified: branches/JBoss_Portal_Branch_2_6/core-management/src/resources/portal-management-sar/META-INF/jboss-service.xml
===================================================================
--- branches/JBoss_Portal_Branch_2_6/core-management/src/resources/portal-management-sar/META-INF/jboss-service.xml 2007-09-04 10:55:50 UTC (rev 8141)
+++ branches/JBoss_Portal_Branch_2_6/core-management/src/resources/portal-management-sar/META-INF/jboss-service.xml 2007-09-04 11:48:52 UTC (rev 8142)
@@ -42,8 +42,8 @@
xmbean-dd=""
xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
<depends
- optional-attribute-name="InstanceContainer"
- proxy-type="attribute">portal:container=Instance</depends>
+ optional-attribute-name="ContainerContext"
+ proxy-type="attribute">portal:service=InstanceContainerContext</depends>
<xmbean/>
</mbean>
18 years, 8 months
- 1
- 0
JBoss Portal SVN: r8141 - branches/JBoss_Portal_Branch_2_6/core-cms/src/resources/portal-cms-sar/META-INF and 2 other directories.
by portal-commits@lists.jboss.org
Author: thomas.heute(a)jboss.com
Date: 2007-09-04 06:55:50 -0400 (Tue, 04 Sep 2007)
New Revision: 8141
Modified:
branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/management/CMSImpl.java
branches/JBoss_Portal_Branch_2_6/core-cms/src/resources/portal-cms-sar/META-INF/jboss-service.xml
branches/JBoss_Portal_Branch_2_6/core-management/src/resources/portal-management-sar/META-INF/jboss-service.xml
modules/identity/trunk/identity/src/main/org/jboss/portal/identity/management/Identity.java
modules/identity/trunk/identity/src/main/org/jboss/portal/identity/management/IdentityMBean.java
Log:
- Fix Management mbeans (JBoss ON)
Modified: branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/management/CMSImpl.java
===================================================================
--- branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/management/CMSImpl.java 2007-09-04 10:02:26 UTC (rev 8140)
+++ branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/management/CMSImpl.java 2007-09-04 10:55:50 UTC (rev 8141)
@@ -30,6 +30,9 @@
import org.jboss.portal.jems.as.system.AbstractJBossService;
/**
+ * Unused. With the introduction of CMS security, this can
+ * no longer count CMS files.
+ *
* @author <a href="mailto:theute@jboss.org">Thomas Heute</a>
* @version $Revision$
*/
Modified: branches/JBoss_Portal_Branch_2_6/core-cms/src/resources/portal-cms-sar/META-INF/jboss-service.xml
===================================================================
--- branches/JBoss_Portal_Branch_2_6/core-cms/src/resources/portal-cms-sar/META-INF/jboss-service.xml 2007-09-04 10:02:26 UTC (rev 8140)
+++ branches/JBoss_Portal_Branch_2_6/core-cms/src/resources/portal-cms-sar/META-INF/jboss-service.xml 2007-09-04 10:55:50 UTC (rev 8141)
@@ -24,9 +24,11 @@
<server>
<!-- Management MBean -->
+ <!-- Unused, the bean doesn't bring any interesting value -->
+ <!--
<mbean
code="org.jboss.portal.cms.management.CMSImpl"
- name="portal:service=Management,type=CMS,name=Default"
+ name="portal.management:service=Management,type=CMS,name=Default"
xmbean-dd=""
xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
<depends
@@ -34,7 +36,8 @@
proxy-type="attribute">portal:service=CMS</depends>
<xmbean/>
</mbean>
-
+ -->
+
<mbean
code="org.jboss.portal.jems.hibernate.SessionFactoryBinder"
name="portal:service=Hibernate,type=CMS"
Modified: branches/JBoss_Portal_Branch_2_6/core-management/src/resources/portal-management-sar/META-INF/jboss-service.xml
===================================================================
--- branches/JBoss_Portal_Branch_2_6/core-management/src/resources/portal-management-sar/META-INF/jboss-service.xml 2007-09-04 10:02:26 UTC (rev 8140)
+++ branches/JBoss_Portal_Branch_2_6/core-management/src/resources/portal-management-sar/META-INF/jboss-service.xml 2007-09-04 10:55:50 UTC (rev 8141)
@@ -33,6 +33,7 @@
<attribute name="InitialStartDate">NOW</attribute>
<attribute name="SchedulePeriod">30000</attribute>
<attribute name="InitialRepetitions">-1</attribute>
+ <attribute name="StartAtStartup">true</attribute>
</mbean>
<mbean
Modified: modules/identity/trunk/identity/src/main/org/jboss/portal/identity/management/Identity.java
===================================================================
--- modules/identity/trunk/identity/src/main/org/jboss/portal/identity/management/Identity.java 2007-09-04 10:02:26 UTC (rev 8140)
+++ modules/identity/trunk/identity/src/main/org/jboss/portal/identity/management/Identity.java 2007-09-04 10:55:50 UTC (rev 8141)
@@ -23,6 +23,7 @@
package org.jboss.portal.identity.management;
import javax.naming.InitialContext;
+import javax.naming.NamingException;
import javax.transaction.UserTransaction;
import org.jboss.portal.identity.UserModule;
@@ -40,6 +41,20 @@
public int getUserCount() throws Exception
{
+ if (userModule == null)
+ {
+ InitialContext ctx;
+ try
+ {
+ ctx = new InitialContext();
+ userModule = (UserModule)ctx.lookup("java:/portal/UserModule");
+ }
+ catch (NamingException e)
+ {
+ e.printStackTrace();
+ }
+ }
+
int nbUsers = 0;
InitialContext ctx;
ctx = new InitialContext();
@@ -52,6 +67,19 @@
public int getRoleCount() throws Exception
{
+ if (roleModule == null)
+ {
+ InitialContext ctx;
+ try
+ {
+ ctx = new InitialContext();
+ roleModule = (RoleModule)ctx.lookup("java:/portal/RoleModule");
+ }
+ catch (NamingException e)
+ {
+ e.printStackTrace();
+ }
+ }
int nbRoles = 0;
InitialContext ctx;
ctx = new InitialContext();
@@ -61,14 +89,4 @@
tx.commit();
return nbRoles;
}
-
- public void setRoleModule(RoleModule roleModule)
- {
- this.roleModule = roleModule;
- }
-
- public void setUserModule(UserModule userModule)
- {
- this.userModule = userModule;
- }
}
Modified: modules/identity/trunk/identity/src/main/org/jboss/portal/identity/management/IdentityMBean.java
===================================================================
--- modules/identity/trunk/identity/src/main/org/jboss/portal/identity/management/IdentityMBean.java 2007-09-04 10:02:26 UTC (rev 8140)
+++ modules/identity/trunk/identity/src/main/org/jboss/portal/identity/management/IdentityMBean.java 2007-09-04 10:55:50 UTC (rev 8141)
@@ -22,8 +22,6 @@
******************************************************************************/
package org.jboss.portal.identity.management;
-import org.jboss.portal.identity.RoleModule;
-import org.jboss.portal.identity.UserModule;
/**
* @author <a href="mailto:theute@jboss.org">Thomas Heute</a>
@@ -34,9 +32,4 @@
public int getUserCount() throws Exception;
public int getRoleCount() throws Exception;
-
- public void setRoleModule(RoleModule roleModule);
-
- public void setUserModule(UserModule userModule);
-
}
18 years, 8 months
- 1
- 0
JBoss Portal SVN: r8140 - in modules/identity/trunk: build and 28 other directories.
by portal-commits@lists.jboss.org
Author: bdaw
Date: 2007-09-04 06:02:26 -0400 (Tue, 04 Sep 2007)
New Revision: 8140
Added:
modules/identity/trunk/build/ide/intellij/idea60/modules/sso/
modules/identity/trunk/build/ide/intellij/idea60/modules/sso/sso.iml
modules/identity/trunk/sso/
modules/identity/trunk/sso/build.bat
modules/identity/trunk/sso/build.sh
modules/identity/trunk/sso/build.xml
modules/identity/trunk/sso/src/
modules/identity/trunk/sso/src/etc/
modules/identity/trunk/sso/src/etc/cas/
modules/identity/trunk/sso/src/etc/cas/cas_context.xml
modules/identity/trunk/sso/src/etc/cas/cas_deployerConfigContext.xml
modules/identity/trunk/sso/src/etc/josso/
modules/identity/trunk/sso/src/etc/josso/josso_context.xml
modules/identity/trunk/sso/src/etc/josso/josso_error.jsp
modules/identity/trunk/sso/src/etc/josso/josso_josso-agent-config.xml
modules/identity/trunk/sso/src/etc/josso/josso_josso-config.xml
modules/identity/trunk/sso/src/etc/josso/josso_josso-gateway-config.xml
modules/identity/trunk/sso/src/etc/josso/josso_login-config.xml
modules/identity/trunk/sso/src/etc/josso/josso_login.jsp
modules/identity/trunk/sso/src/etc/josso/josso_server.xml
modules/identity/trunk/sso/src/main/
modules/identity/trunk/sso/src/main/org/
modules/identity/trunk/sso/src/main/org/jboss/
modules/identity/trunk/sso/src/main/org/jboss/portal/
modules/identity/trunk/sso/src/main/org/jboss/portal/identity/
modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/
modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/AuthenticationService.java
modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/cas/
modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/cas/CASAuthenticationHandler.java
modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/cas/CASAuthenticationService.java
modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/cas/CASAuthenticationValve.java
modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/josso/
modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOIdentityService.java
modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOIdentityServiceImpl.java
modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOIdentityStore.java
modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLoginModule.java
modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLogoutValve.java
modules/identity/trunk/sso/src/main/org/jboss/portal/test/
modules/identity/trunk/sso/src/main/org/jboss/portal/test/identity/
modules/identity/trunk/sso/src/main/org/jboss/portal/test/identity/sso/
modules/identity/trunk/sso/src/main/org/jboss/portal/test/identity/sso/CASTestCase.java
modules/identity/trunk/sso/src/main/org/jboss/portal/test/identity/sso/EasySSLProtocolSocketFactory.java
modules/identity/trunk/sso/src/main/org/jboss/portal/test/identity/sso/EasyX509TrustManager.java
modules/identity/trunk/sso/src/main/org/jboss/portal/test/identity/sso/JOSSOTestCase.java
modules/identity/trunk/sso/src/resources/
modules/identity/trunk/sso/src/resources/portal-identity-test-jar/
modules/identity/trunk/sso/src/resources/portal-identity-test-jar/org/
modules/identity/trunk/sso/src/resources/portal-identity-test-jar/org/jboss/
modules/identity/trunk/sso/src/resources/portal-identity-test-jar/org/jboss/portal/
modules/identity/trunk/sso/src/resources/portal-identity-test-jar/org/jboss/portal/test/
modules/identity/trunk/sso/src/resources/portal-identity-test-jar/org/jboss/portal/test/identity/
modules/identity/trunk/sso/src/resources/portal-identity-test-jar/org/jboss/portal/test/identity/sso-beans.xml
Removed:
modules/identity/trunk/build/ide/intellij/idea60/identity-module.ipr
Modified:
modules/identity/trunk/build/build-thirdparty.xml
modules/identity/trunk/build/build.xml
modules/identity/trunk/identity/build.xml
modules/identity/trunk/identity/src/main/org/jboss/portal/identity/auth/IdentityLoginModule.java
Log:
initial merge of sso integration
Modified: modules/identity/trunk/build/build-thirdparty.xml
===================================================================
--- modules/identity/trunk/build/build-thirdparty.xml 2007-09-04 09:51:13 UTC (rev 8139)
+++ modules/identity/trunk/build/build-thirdparty.xml 2007-09-04 10:02:26 UTC (rev 8140)
@@ -52,6 +52,7 @@
<componentref name="apache-log4j" version="1.2.8"/>
<componentref name="apache-logging" version="1.0.5.SP1-jboss"/>
<componentref name="apache-xerces" version="2.7.1"/>
+ <componentref name="apache-httpclient" version="3.0.1"/>
<componentref name="junit" version="3.8.1"/>
<componentref name="jboss/microcontainer" version="1.0.2"/>
<componentref name="jboss/backport-concurrent" version="2.1.0.GA"/>
@@ -71,6 +72,11 @@
<componentref name="cglib" version="2.1.3"/>
<componentref name="hsqldb" version="1.8.0.2"/>
+ <componentref name="cas" version="3.0.7"/>
+ <componentref name="josso" version="1.5"/>
+ <componentref name="apache-tomcat" version="5.5.20"/>
+ <componentref name="spring" version="2.0.3"/>
+
</build>
<synchronizeinfo/>
Modified: modules/identity/trunk/build/build.xml
===================================================================
--- modules/identity/trunk/build/build.xml 2007-09-04 09:51:13 UTC (rev 8139)
+++ modules/identity/trunk/build/build.xml 2007-09-04 10:02:26 UTC (rev 8140)
@@ -112,12 +112,13 @@
<!-- Modules -->
<module name="identity"/>
+ <module name="sso"/>
<!-- Module groups -->
<group name="portal">
<include
- modules="identity"/>
+ modules="identity, sso"/>
</group>
<group name="default">
Deleted: modules/identity/trunk/build/ide/intellij/idea60/identity-module.ipr
===================================================================
--- modules/identity/trunk/build/ide/intellij/idea60/identity-module.ipr 2007-09-04 09:51:13 UTC (rev 8139)
+++ modules/identity/trunk/build/ide/intellij/idea60/identity-module.ipr 2007-09-04 10:02:26 UTC (rev 8140)
@@ -1,464 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project version="4" relativePaths="false">
- <component name="AntConfiguration">
- <defaultAnt bundledAnt="true" />
- </component>
- <component name="BuildJarProjectSettings">
- <option name="BUILD_JARS_ON_MAKE" value="false" />
- </component>
- <component name="CodeStyleProjectProfileManger">
- <option name="PROJECT_PROFILE" />
- <option name="USE_PROJECT_LEVEL_SETTINGS" value="false" />
- </component>
- <component name="CodeStyleSettingsManager">
- <option name="PER_PROJECT_SETTINGS" />
- <option name="USE_PER_PROJECT_SETTINGS" value="false" />
- </component>
- <component name="CompilerConfiguration">
- <option name="DEFAULT_COMPILER" value="Javac" />
- <option name="DEPLOY_AFTER_MAKE" value="0" />
- <resourceExtensions>
- <entry name=".+\.(properties|xml|html|dtd|tld)" />
- <entry name=".+\.(gif|png|jpeg|jpg)" />
- </resourceExtensions>
- <wildcardResourcePatterns>
- <entry name="?*.properties" />
- <entry name="?*.xml" />
- <entry name="?*.gif" />
- <entry name="?*.png" />
- <entry name="?*.jpeg" />
- <entry name="?*.jpg" />
- <entry name="?*.html" />
- <entry name="?*.dtd" />
- <entry name="?*.tld" />
- </wildcardResourcePatterns>
- </component>
- <component name="DataSourceManagerImpl" />
- <component name="DependenciesAnalyzeManager">
- <option name="myForwardDirection" value="false" />
- </component>
- <component name="DependencyValidationManager" />
- <component name="EclipseCompilerSettings">
- <option name="DEBUGGING_INFO" value="true" />
- <option name="GENERATE_NO_WARNINGS" value="true" />
- <option name="DEPRECATION" value="false" />
- <option name="ADDITIONAL_OPTIONS_STRING" value="" />
- <option name="MAXIMUM_HEAP_SIZE" value="128" />
- </component>
- <component name="EclipseEmbeddedCompilerSettings">
- <option name="DEBUGGING_INFO" value="true" />
- <option name="GENERATE_NO_WARNINGS" value="true" />
- <option name="DEPRECATION" value="false" />
- <option name="ADDITIONAL_OPTIONS_STRING" value="" />
- <option name="MAXIMUM_HEAP_SIZE" value="128" />
- </component>
- <component name="EntryPointsManager">
- <entry_points />
- </component>
- <component name="ExportToHTMLSettings">
- <option name="PRINT_LINE_NUMBERS" value="false" />
- <option name="OPEN_IN_BROWSER" value="false" />
- <option name="OUTPUT_DIRECTORY" />
- </component>
- <component name="GUI Designer component loader factory" />
- <component name="IdProvider" IDEtalkID="E2A438D8B6AE84F43587A2210E562521" />
- <component name="InspectionProjectProfileManager">
- <option name="PROJECT_PROFILE" value="Project Default" />
- <option name="USE_PROJECT_LEVEL_SETTINGS" value="false" />
- <scopes />
- <profiles>
- <profile version="1.0" is_locked="false">
- <option name="myName" value="Project Default" />
- <option name="myLocal" value="false" />
- <used_levels>
- <error>
- <option name="myName" value="ERROR" />
- <option name="myVal" value="200" />
- </error>
- <warning>
- <option name="myName" value="WARNING" />
- <option name="myVal" value="100" />
- </warning>
- <information>
- <option name="myName" value="INFO" />
- <option name="myVal" value="100" />
- </information>
- <server>
- <option name="myName" value="SERVER PROBLEM" />
- <option name="myVal" value="100" />
- </server>
- </used_levels>
- </profile>
- </profiles>
- </component>
- <component name="JavacSettings">
- <option name="DEBUGGING_INFO" value="true" />
- <option name="GENERATE_NO_WARNINGS" value="false" />
- <option name="DEPRECATION" value="true" />
- <option name="ADDITIONAL_OPTIONS_STRING" value="" />
- <option name="MAXIMUM_HEAP_SIZE" value="128" />
- </component>
- <component name="JavadocGenerationManager">
- <option name="OUTPUT_DIRECTORY" />
- <option name="OPTION_SCOPE" value="protected" />
- <option name="OPTION_HIERARCHY" value="true" />
- <option name="OPTION_NAVIGATOR" value="true" />
- <option name="OPTION_INDEX" value="true" />
- <option name="OPTION_SEPARATE_INDEX" value="true" />
- <option name="OPTION_DOCUMENT_TAG_USE" value="false" />
- <option name="OPTION_DOCUMENT_TAG_AUTHOR" value="false" />
- <option name="OPTION_DOCUMENT_TAG_VERSION" value="false" />
- <option name="OPTION_DOCUMENT_TAG_DEPRECATED" value="true" />
- <option name="OPTION_DEPRECATED_LIST" value="true" />
- <option name="OTHER_OPTIONS" value="" />
- <option name="HEAP_SIZE" />
- <option name="LOCALE" />
- <option name="OPEN_IN_BROWSER" value="true" />
- </component>
- <component name="JikesSettings">
- <option name="JIKES_PATH" value="" />
- <option name="DEBUGGING_INFO" value="true" />
- <option name="DEPRECATION" value="true" />
- <option name="GENERATE_NO_WARNINGS" value="false" />
- <option name="IS_EMACS_ERRORS_MODE" value="true" />
- <option name="ADDITIONAL_OPTIONS_STRING" value="" />
- </component>
- <component name="LogConsolePreferences">
- <option name="FILTER_ERRORS" value="false" />
- <option name="FILTER_WARNINGS" value="false" />
- <option name="FILTER_INFO" value="true" />
- <option name="CUSTOM_FILTER" />
- </component>
- <component name="Palette2">
- <group name="Swing">
- <item class="com.intellij.uiDesigner.HSpacer" tooltip-text="Horizontal Spacer" icon="/com/intellij/uiDesigner/icons/hspacer.png" removable="false" auto-create-binding="false" can-attach-label="false">
- <default-constraints vsize-policy="1" hsize-policy="6" anchor="0" fill="1" />
- </item>
- <item class="com.intellij.uiDesigner.VSpacer" tooltip-text="Vertical Spacer" icon="/com/intellij/uiDesigner/icons/vspacer.png" removable="false" auto-create-binding="false" can-attach-label="false">
- <default-constraints vsize-policy="6" hsize-policy="1" anchor="0" fill="2" />
- </item>
- <item class="javax.swing.JPanel" icon="/com/intellij/uiDesigner/icons/panel.png" removable="false" auto-create-binding="false" can-attach-label="false">
- <default-constraints vsize-policy="3" hsize-policy="3" anchor="0" fill="3" />
- </item>
- <item class="javax.swing.JScrollPane" icon="/com/intellij/uiDesigner/icons/scrollPane.png" removable="false" auto-create-binding="false" can-attach-label="true">
- <default-constraints vsize-policy="7" hsize-policy="7" anchor="0" fill="3" />
- </item>
- <item class="javax.swing.JButton" icon="/com/intellij/uiDesigner/icons/button.png" removable="false" auto-create-binding="true" can-attach-label="false">
- <default-constraints vsize-policy="0" hsize-policy="3" anchor="0" fill="1" />
- <initial-values>
- <property name="text" value="Button" />
- </initial-values>
- </item>
- <item class="javax.swing.JRadioButton" icon="/com/intellij/uiDesigner/icons/radioButton.png" removable="false" auto-create-binding="true" can-attach-label="false">
- <default-constraints vsize-policy="0" hsize-policy="3" anchor="8" fill="0" />
- <initial-values>
- <property name="text" value="RadioButton" />
- </initial-values>
- </item>
- <item class="javax.swing.JCheckBox" icon="/com/intellij/uiDesigner/icons/checkBox.png" removable="false" auto-create-binding="true" can-attach-label="false">
- <default-constraints vsize-policy="0" hsize-policy="3" anchor="8" fill="0" />
- <initial-values>
- <property name="text" value="CheckBox" />
- </initial-values>
- </item>
- <item class="javax.swing.JLabel" icon="/com/intellij/uiDesigner/icons/label.png" removable="false" auto-create-binding="false" can-attach-label="false">
- <default-constraints vsize-policy="0" hsize-policy="0" anchor="8" fill="0" />
- <initial-values>
- <property name="text" value="Label" />
- </initial-values>
- </item>
- <item class="javax.swing.JTextField" icon="/com/intellij/uiDesigner/icons/textField.png" removable="false" auto-create-binding="true" can-attach-label="true">
- <default-constraints vsize-policy="0" hsize-policy="6" anchor="8" fill="1">
- <preferred-size width="150" height="-1" />
- </default-constraints>
- </item>
- <item class="javax.swing.JPasswordField" icon="/com/intellij/uiDesigner/icons/passwordField.png" removable="false" auto-create-binding="true" can-attach-label="true">
- <default-constraints vsize-policy="0" hsize-policy="6" anchor="8" fill="1">
- <preferred-size width="150" height="-1" />
- </default-constraints>
- </item>
- <item class="javax.swing.JFormattedTextField" icon="/com/intellij/uiDesigner/icons/formattedTextField.png" removable="false" auto-create-binding="true" can-attach-label="true">
- <default-constraints vsize-policy="0" hsize-policy="6" anchor="8" fill="1">
- <preferred-size width="150" height="-1" />
- </default-constraints>
- </item>
- <item class="javax.swing.JTextArea" icon="/com/intellij/uiDesigner/icons/textArea.png" removable="false" auto-create-binding="true" can-attach-label="true">
- <default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3">
- <preferred-size width="150" height="50" />
- </default-constraints>
- </item>
- <item class="javax.swing.JTextPane" icon="/com/intellij/uiDesigner/icons/textPane.png" removable="false" auto-create-binding="true" can-attach-label="true">
- <default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3">
- <preferred-size width="150" height="50" />
- </default-constraints>
- </item>
- <item class="javax.swing.JEditorPane" icon="/com/intellij/uiDesigner/icons/editorPane.png" removable="false" auto-create-binding="true" can-attach-label="true">
- <default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3">
- <preferred-size width="150" height="50" />
- </default-constraints>
- </item>
- <item class="javax.swing.JComboBox" icon="/com/intellij/uiDesigner/icons/comboBox.png" removable="false" auto-create-binding="true" can-attach-label="true">
- <default-constraints vsize-policy="0" hsize-policy="2" anchor="8" fill="1" />
- </item>
- <item class="javax.swing.JTable" icon="/com/intellij/uiDesigner/icons/table.png" removable="false" auto-create-binding="true" can-attach-label="false">
- <default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3">
- <preferred-size width="150" height="50" />
- </default-constraints>
- </item>
- <item class="javax.swing.JList" icon="/com/intellij/uiDesigner/icons/list.png" removable="false" auto-create-binding="true" can-attach-label="false">
- <default-constraints vsize-policy="6" hsize-policy="2" anchor="0" fill="3">
- <preferred-size width="150" height="50" />
- </default-constraints>
- </item>
- <item class="javax.swing.JTree" icon="/com/intellij/uiDesigner/icons/tree.png" removable="false" auto-create-binding="true" can-attach-label="false">
- <default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3">
- <preferred-size width="150" height="50" />
- </default-constraints>
- </item>
- <item class="javax.swing.JTabbedPane" icon="/com/intellij/uiDesigner/icons/tabbedPane.png" removable="false" auto-create-binding="true" can-attach-label="false">
- <default-constraints vsize-policy="3" hsize-policy="3" anchor="0" fill="3">
- <preferred-size width="200" height="200" />
- </default-constraints>
- </item>
- <item class="javax.swing.JSplitPane" icon="/com/intellij/uiDesigner/icons/splitPane.png" removable="false" auto-create-binding="false" can-attach-label="false">
- <default-constraints vsize-policy="3" hsize-policy="3" anchor="0" fill="3">
- <preferred-size width="200" height="200" />
- </default-constraints>
- </item>
- <item class="javax.swing.JSpinner" icon="/com/intellij/uiDesigner/icons/spinner.png" removable="false" auto-create-binding="true" can-attach-label="true">
- <default-constraints vsize-policy="0" hsize-policy="6" anchor="8" fill="1" />
- </item>
- <item class="javax.swing.JSlider" icon="/com/intellij/uiDesigner/icons/slider.png" removable="false" auto-create-binding="true" can-attach-label="false">
- <default-constraints vsize-policy="0" hsize-policy="6" anchor="8" fill="1" />
- </item>
- <item class="javax.swing.JSeparator" icon="/com/intellij/uiDesigner/icons/separator.png" removable="false" auto-create-binding="false" can-attach-label="false">
- <default-constraints vsize-policy="6" hsize-policy="6" anchor="0" fill="3" />
- </item>
- <item class="javax.swing.JProgressBar" icon="/com/intellij/uiDesigner/icons/progressbar.png" removable="false" auto-create-binding="true" can-attach-label="false">
- <default-constraints vsize-policy="0" hsize-policy="6" anchor="0" fill="1" />
- </item>
- <item class="javax.swing.JToolBar" icon="/com/intellij/uiDesigner/icons/toolbar.png" removable="false" auto-create-binding="false" can-attach-label="false">
- <default-constraints vsize-policy="0" hsize-policy="6" anchor="0" fill="1">
- <preferred-size width="-1" height="20" />
- </default-constraints>
- </item>
- <item class="javax.swing.JToolBar$Separator" icon="/com/intellij/uiDesigner/icons/toolbarSeparator.png" removable="false" auto-create-binding="false" can-attach-label="false">
- <default-constraints vsize-policy="0" hsize-policy="0" anchor="0" fill="1" />
- </item>
- <item class="javax.swing.JScrollBar" icon="/com/intellij/uiDesigner/icons/scrollbar.png" removable="false" auto-create-binding="true" can-attach-label="false">
- <default-constraints vsize-policy="6" hsize-policy="0" anchor="0" fill="2" />
- </item>
- </group>
- </component>
- <component name="ProjectModuleManager">
- <modules>
- <module fileurl="file://$PROJECT_DIR$/build/ide/intellij/idea60/modules/identity/identity.iml" filepath="$PROJECT_DIR$/build/ide/intellij/idea60/modules/identity/identity.iml" />
- <module fileurl="file://$PROJECT_DIR$/build/ide/intellij/idea60/modules/testsuite/testsuite.iml" filepath="$PROJECT_DIR$/build/ide/intellij/idea60/modules/testsuite/testsuite.iml" />
- <module fileurl="file://$PROJECT_DIR$/build/ide/intellij/idea60/modules/thirdparty/thirdparty.iml" filepath="$PROJECT_DIR$/build/ide/intellij/idea60/modules/thirdparty/thirdparty.iml" />
- <module fileurl="file://$PROJECT_DIR$/build/ide/intellij/idea60/modules/tools/tools.iml" filepath="$PROJECT_DIR$/build/ide/intellij/idea60/modules/tools/tools.iml" />
- </modules>
- </component>
- <component name="ProjectRootManager" version="2" assert-keyword="true" jdk-15="false" project-jdk-name="1.5" project-jdk-type="JavaSDK">
- <output url="file://$PROJECT_DIR$/output" />
- </component>
- <component name="ProjectRunConfigurationManager" />
- <component name="RmicSettings">
- <option name="IS_EANABLED" value="false" />
- <option name="DEBUGGING_INFO" value="true" />
- <option name="GENERATE_NO_WARNINGS" value="false" />
- <option name="GENERATE_IIOP_STUBS" value="false" />
- <option name="ADDITIONAL_OPTIONS_STRING" value="" />
- </component>
- <component name="StarteamVcsAdapter" />
- <component name="VssVcs">
- <SourceSafePersistencyRemovedFolder>$PROJECT_DIR$/wsrp/src/resources/test</SourceSafePersistencyRemovedFolder>
- </component>
- <component name="com.intellij.jsf.UserDefinedFacesConfigs">
- <option name="USER_DEFINED_CONFIGS">
- <value>
- <list size="0" />
- </value>
- </option>
- </component>
- <component name="copyright">
- <Base>
- <setting name="state" value="1" />
- </Base>
- <LanguageOptions name="$TEMPLATE$">
- <option name="templateOptions">
- <value>
- <option name="block" value="true" />
- <option name="separateBefore" value="true" />
- <option name="separateAfter" value="true" />
- <option name="prefixLines" value="true" />
- <option name="lenBefore" value="80" />
- <option name="lenAfter" value="80" />
- <option name="box" value="true" />
- <option name="filler" value=" " />
- </value>
- </option>
- <option name="notice" value="JBoss, a division of Red Hat Copyright &#36;today.year, Red Hat Middleware, LLC, and individual contributors as indicated by the @authors tag. See the copyright.txt in the distribution for a full listing of individual contributors. This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to the Free Software Foundation, Inc., 51 Fr!
anklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site: http://www.fsf.org." />
- <option name="keyword" value="Copyright" />
- <option name="fileTypeOverride" value="4" />
- <option name="relativeBefore" value="true" />
- <option name="addBlankAfter" value="true" />
- <option name="fileLocation" value="1" />
- <option name="useAlternate" value="false" />
- </LanguageOptions>
- <LanguageOptions name="CSS">
- <option name="templateOptions">
- <value>
- <option name="block" value="true" />
- <option name="separateBefore" value="false" />
- <option name="separateAfter" value="false" />
- <option name="prefixLines" value="true" />
- <option name="lenBefore" value="80" />
- <option name="lenAfter" value="80" />
- <option name="box" value="false" />
- <option name="filler" value=" " />
- </value>
- </option>
- <option name="notice" value="Copyright (c) &#36;today.year, Your Corporation. All Rights Reserved." />
- <option name="keyword" value="Copyright" />
- <option name="fileTypeOverride" value="1" />
- <option name="relativeBefore" value="true" />
- <option name="addBlankAfter" value="true" />
- <option name="fileLocation" value="1" />
- <option name="useAlternate" value="false" />
- </LanguageOptions>
- <LanguageOptions name="HTML">
- <option name="templateOptions">
- <value>
- <option name="block" value="true" />
- <option name="separateBefore" value="false" />
- <option name="separateAfter" value="false" />
- <option name="prefixLines" value="true" />
- <option name="lenBefore" value="80" />
- <option name="lenAfter" value="80" />
- <option name="box" value="false" />
- <option name="filler" value=" " />
- </value>
- </option>
- <option name="notice" value="Copyright (c) &#36;today.year, Your Corporation. All Rights Reserved." />
- <option name="keyword" value="Copyright" />
- <option name="fileTypeOverride" value="1" />
- <option name="relativeBefore" value="true" />
- <option name="addBlankAfter" value="true" />
- <option name="fileLocation" value="1" />
- <option name="useAlternate" value="false" />
- </LanguageOptions>
- <LanguageOptions name="JAVA">
- <option name="templateOptions">
- <value>
- <option name="block" value="true" />
- <option name="separateBefore" value="false" />
- <option name="separateAfter" value="false" />
- <option name="prefixLines" value="true" />
- <option name="lenBefore" value="80" />
- <option name="lenAfter" value="80" />
- <option name="box" value="false" />
- <option name="filler" value=" " />
- </value>
- </option>
- <option name="notice" value="Copyright (c) &#36;today.year, Your Corporation. All Rights Reserved." />
- <option name="keyword" value="Copyright" />
- <option name="fileTypeOverride" value="2" />
- <option name="relativeBefore" value="true" />
- <option name="addBlankAfter" value="true" />
- <option name="fileLocation" value="1" />
- <option name="useAlternate" value="false" />
- </LanguageOptions>
- <LanguageOptions name="JSP">
- <option name="templateOptions">
- <value>
- <option name="block" value="true" />
- <option name="separateBefore" value="false" />
- <option name="separateAfter" value="false" />
- <option name="prefixLines" value="true" />
- <option name="lenBefore" value="80" />
- <option name="lenAfter" value="80" />
- <option name="box" value="false" />
- <option name="filler" value=" " />
- </value>
- </option>
- <option name="notice" value="Copyright (c) &#36;today.year, Your Corporation. All Rights Reserved." />
- <option name="keyword" value="Copyright" />
- <option name="fileTypeOverride" value="1" />
- <option name="relativeBefore" value="true" />
- <option name="addBlankAfter" value="true" />
- <option name="fileLocation" value="1" />
- <option name="useAlternate" value="false" />
- </LanguageOptions>
- <LanguageOptions name="JavaScript">
- <option name="templateOptions">
- <value>
- <option name="block" value="true" />
- <option name="separateBefore" value="false" />
- <option name="separateAfter" value="false" />
- <option name="prefixLines" value="true" />
- <option name="lenBefore" value="80" />
- <option name="lenAfter" value="80" />
- <option name="box" value="false" />
- <option name="filler" value=" " />
- </value>
- </option>
- <option name="notice" value="Copyright (c) &#36;today.year, Your Corporation. All Rights Reserved." />
- <option name="keyword" value="Copyright" />
- <option name="fileTypeOverride" value="1" />
- <option name="relativeBefore" value="true" />
- <option name="addBlankAfter" value="true" />
- <option name="fileLocation" value="1" />
- <option name="useAlternate" value="false" />
- </LanguageOptions>
- <LanguageOptions name="Properties">
- <option name="templateOptions">
- <value>
- <option name="block" value="true" />
- <option name="separateBefore" value="false" />
- <option name="separateAfter" value="false" />
- <option name="prefixLines" value="true" />
- <option name="lenBefore" value="80" />
- <option name="lenAfter" value="80" />
- <option name="box" value="false" />
- <option name="filler" value=" " />
- </value>
- </option>
- <option name="notice" value="Copyright (c) &#36;today.year, Your Corporation. All Rights Reserved." />
- <option name="keyword" value="Copyright" />
- <option name="fileTypeOverride" value="1" />
- <option name="relativeBefore" value="true" />
- <option name="addBlankAfter" value="true" />
- <option name="fileLocation" value="1" />
- <option name="useAlternate" value="false" />
- </LanguageOptions>
- <LanguageOptions name="XML">
- <option name="templateOptions">
- <value>
- <option name="block" value="true" />
- <option name="separateBefore" value="false" />
- <option name="separateAfter" value="false" />
- <option name="prefixLines" value="true" />
- <option name="lenBefore" value="80" />
- <option name="lenAfter" value="80" />
- <option name="box" value="false" />
- <option name="filler" value=" " />
- </value>
- </option>
- <option name="notice" value="Copyright (c) &#36;today.year, Your Corporation. All Rights Reserved." />
- <option name="keyword" value="Copyright" />
- <option name="fileTypeOverride" value="2" />
- <option name="relativeBefore" value="true" />
- <option name="addBlankAfter" value="true" />
- <option name="fileLocation" value="1" />
- <option name="useAlternate" value="false" />
- </LanguageOptions>
- </component>
- <component name="libraryTable" />
- <component name="uidesigner-configuration">
- <option name="INSTRUMENT_CLASSES" value="true" />
- <option name="COPY_FORMS_RUNTIME_TO_OUTPUT" value="true" />
- <option name="DEFAULT_LAYOUT_MANAGER" value="GridLayoutManager" />
- </component>
- <UsedPathMacros />
-</project>
-
Added: modules/identity/trunk/build/ide/intellij/idea60/modules/sso/sso.iml
===================================================================
--- modules/identity/trunk/build/ide/intellij/idea60/modules/sso/sso.iml (rev 0)
+++ modules/identity/trunk/build/ide/intellij/idea60/modules/sso/sso.iml 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,356 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module version="4" relativePaths="true" type="JAVA_MODULE">
+ <component name="ModuleRootManager" />
+ <component name="NewModuleRootManager" inherit-compiler-output="false">
+ <output url="file://$MODULE_DIR$/../../../../../../sso/classes" />
+ <exclude-output />
+ <content url="file://$MODULE_DIR$/../../../../../../sso">
+ <sourceFolder url="file://$MODULE_DIR$/../../../../../../sso/src/main" isTestSource="false" />
+ <excludeFolder url="file://$MODULE_DIR$/../../../../../../sso/output" />
+ </content>
+ <orderEntry type="inheritedJdk" />
+ <orderEntry type="sourceFolder" forTests="false" />
+ <orderEntry type="module" module-name="identity" />
+ <orderEntry type="module-library">
+ <library>
+ <CLASSES>
+ <root url="jar://$MODULE_DIR$/../../../../../../thirdparty/cas/lib/casclient.jar!/" />
+ </CLASSES>
+ <JAVADOC />
+ <SOURCES />
+ </library>
+ </orderEntry>
+ <orderEntry type="module-library">
+ <library>
+ <CLASSES>
+ <root url="jar://$MODULE_DIR$/../../../../../../thirdparty/josso/lib/josso-common-1.5.jar!/" />
+ </CLASSES>
+ <JAVADOC />
+ <SOURCES />
+ </library>
+ </orderEntry>
+ <orderEntry type="module-library">
+ <library>
+ <CLASSES>
+ <root url="jar://$MODULE_DIR$/../../../../../../thirdparty/josso/lib/josso-jboss4-plugin-1.5.jar!/" />
+ </CLASSES>
+ <JAVADOC />
+ <SOURCES />
+ </library>
+ </orderEntry>
+ <orderEntry type="module-library">
+ <library>
+ <CLASSES>
+ <root url="jar://$MODULE_DIR$/../../../../../../thirdparty/josso/lib/josso-tomcat55-plugin-1.5.jar!/" />
+ </CLASSES>
+ <JAVADOC />
+ <SOURCES />
+ </library>
+ </orderEntry>
+ <orderEntry type="module-library">
+ <library>
+ <CLASSES>
+ <root url="jar://$MODULE_DIR$/../../../../../../thirdparty/josso/lib/josso-1.5.jar!/" />
+ </CLASSES>
+ <JAVADOC />
+ <SOURCES />
+ </library>
+ </orderEntry>
+ <orderEntry type="module-library">
+ <library>
+ <CLASSES>
+ <root url="jar://$MODULE_DIR$/../../../../../../thirdparty/cas/lib/cas-server-3.0.7.jar!/" />
+ </CLASSES>
+ <JAVADOC />
+ <SOURCES />
+ </library>
+ </orderEntry>
+ <orderEntry type="module-library">
+ <library>
+ <CLASSES>
+ <root url="jar://$MODULE_DIR$/../../../../../../thirdparty/sun-servlet/lib/servlet-api.jar!/" />
+ </CLASSES>
+ <JAVADOC />
+ <SOURCES />
+ </library>
+ </orderEntry>
+ <orderEntry type="module-library">
+ <library>
+ <CLASSES>
+ <root url="jar://$MODULE_DIR$/../../../../../../thirdparty/apache-tomcat/lib/catalina.jar!/" />
+ </CLASSES>
+ <JAVADOC />
+ <SOURCES />
+ </library>
+ </orderEntry>
+ <orderEntry type="module-library">
+ <library>
+ <CLASSES>
+ <root url="jar://$MODULE_DIR$/../../../../../../thirdparty/spring/lib/spring-2.0.3.jar!/" />
+ </CLASSES>
+ <JAVADOC />
+ <SOURCES />
+ </library>
+ </orderEntry>
+ <orderEntry type="module-library">
+ <library>
+ <CLASSES>
+ <root url="jar://$MODULE_DIR$/../../../../../../thirdparty/jbossas/core-libs/lib/jboss-j2ee.jar!/" />
+ </CLASSES>
+ <JAVADOC />
+ <SOURCES />
+ </library>
+ </orderEntry>
+ <orderEntry type="module-library">
+ <library>
+ <CLASSES>
+ <root url="jar://$MODULE_DIR$/../../../../../../thirdparty/jbossas/core-libs/lib/jboss-jmx.jar!/" />
+ </CLASSES>
+ <JAVADOC />
+ <SOURCES />
+ </library>
+ </orderEntry>
+ <orderEntry type="module-library">
+ <library>
+ <CLASSES>
+ <root url="jar://$MODULE_DIR$/../../../../../../thirdparty/apache-log4j/lib/log4j.jar!/" />
+ </CLASSES>
+ <JAVADOC />
+ <SOURCES />
+ </library>
+ </orderEntry>
+ <orderEntry type="module-library">
+ <library>
+ <CLASSES>
+ <root url="jar://$MODULE_DIR$/../../../../../../thirdparty/hibernate/lib/hibernate3.jar!/" />
+ </CLASSES>
+ <JAVADOC />
+ <SOURCES />
+ </library>
+ </orderEntry>
+ <orderEntry type="module-library">
+ <library>
+ <CLASSES>
+ <root url="jar://$MODULE_DIR$/../../../../../../thirdparty/junit/lib/junit.jar!/" />
+ </CLASSES>
+ <JAVADOC />
+ <SOURCES />
+ </library>
+ </orderEntry>
+ <orderEntry type="module-library">
+ <library>
+ <CLASSES>
+ <root url="jar://$MODULE_DIR$/../../../../../../thirdparty/jboss-portal/modules/test/lib/portal-test-lib.jar!/" />
+ </CLASSES>
+ <JAVADOC />
+ <SOURCES />
+ </library>
+ </orderEntry>
+ <orderEntry type="module-library">
+ <library>
+ <CLASSES>
+ <root url="jar://$MODULE_DIR$/../../../../../../thirdparty/jboss-portal/modules/test/lib/portal-test-generic-lib.jar!/" />
+ </CLASSES>
+ <JAVADOC />
+ <SOURCES />
+ </library>
+ </orderEntry>
+ <orderEntry type="module-library">
+ <library>
+ <CLASSES>
+ <root url="jar://$MODULE_DIR$/../../../../../../thirdparty/jboss-portal/modules/test/lib/portal-test-jboss-lib.jar!/" />
+ </CLASSES>
+ <JAVADOC />
+ <SOURCES />
+ </library>
+ </orderEntry>
+ <orderEntry type="module-library">
+ <library>
+ <CLASSES>
+ <root url="jar://$MODULE_DIR$/../../../../../../thirdparty/apache-httpclient/lib/commons-httpclient.jar!/" />
+ </CLASSES>
+ <JAVADOC />
+ <SOURCES />
+ </library>
+ </orderEntry>
+ <orderEntryProperties />
+ </component>
+ <component name="VcsManagerConfiguration">
+ <option name="ACTIVE_VCS_NAME" value="svn" />
+ <option name="USE_PROJECT_VCS" value="false" />
+ </component>
+ <component name="copyright">
+ <Base>
+ <setting name="state" value="1" />
+ </Base>
+ <LanguageOptions name="$TEMPLATE$">
+ <option name="templateOptions">
+ <value>
+ <option name="block" value="true" />
+ <option name="separateBefore" value="true" />
+ <option name="separateAfter" value="true" />
+ <option name="prefixLines" value="true" />
+ <option name="lenBefore" value="80" />
+ <option name="lenAfter" value="80" />
+ <option name="box" value="true" />
+ <option name="filler" value=" " />
+ </value>
+ </option>
+ <option name="notice" value="JBoss, a division of Red Hat Copyright &#36;today.year, Red Hat Middleware, LLC, and individual contributors as indicated by the @authors tag. See the copyright.txt in the distribution for a full listing of individual contributors. This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this software; if not, write to the Free Software Foundation, Inc., 51 Fr!
anklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site: http://www.fsf.org." />
+ <option name="keyword" value="Copyright" />
+ <option name="fileTypeOverride" value="4" />
+ <option name="relativeBefore" value="true" />
+ <option name="addBlankAfter" value="true" />
+ <option name="fileLocation" value="1" />
+ <option name="useAlternate" value="false" />
+ </LanguageOptions>
+ <LanguageOptions name="CSS">
+ <option name="templateOptions">
+ <value>
+ <option name="block" value="true" />
+ <option name="separateBefore" value="false" />
+ <option name="separateAfter" value="false" />
+ <option name="prefixLines" value="true" />
+ <option name="lenBefore" value="80" />
+ <option name="lenAfter" value="80" />
+ <option name="box" value="false" />
+ <option name="filler" value=" " />
+ </value>
+ </option>
+ <option name="notice" value="Copyright (c) &#36;today.year, Your Corporation. All Rights Reserved." />
+ <option name="keyword" value="Copyright" />
+ <option name="fileTypeOverride" value="2" />
+ <option name="relativeBefore" value="true" />
+ <option name="addBlankAfter" value="true" />
+ <option name="fileLocation" value="1" />
+ <option name="useAlternate" value="false" />
+ </LanguageOptions>
+ <LanguageOptions name="HTML">
+ <option name="templateOptions">
+ <value>
+ <option name="block" value="true" />
+ <option name="separateBefore" value="false" />
+ <option name="separateAfter" value="false" />
+ <option name="prefixLines" value="true" />
+ <option name="lenBefore" value="80" />
+ <option name="lenAfter" value="80" />
+ <option name="box" value="false" />
+ <option name="filler" value=" " />
+ </value>
+ </option>
+ <option name="notice" value="Copyright (c) &#36;today.year, Your Corporation. All Rights Reserved." />
+ <option name="keyword" value="Copyright" />
+ <option name="fileTypeOverride" value="2" />
+ <option name="relativeBefore" value="true" />
+ <option name="addBlankAfter" value="true" />
+ <option name="fileLocation" value="1" />
+ <option name="useAlternate" value="false" />
+ </LanguageOptions>
+ <LanguageOptions name="JAVA">
+ <option name="templateOptions">
+ <value>
+ <option name="block" value="true" />
+ <option name="separateBefore" value="false" />
+ <option name="separateAfter" value="false" />
+ <option name="prefixLines" value="true" />
+ <option name="lenBefore" value="80" />
+ <option name="lenAfter" value="80" />
+ <option name="box" value="false" />
+ <option name="filler" value=" " />
+ </value>
+ </option>
+ <option name="notice" value="Copyright (c) &#36;today.year, Your Corporation. All Rights Reserved." />
+ <option name="keyword" value="Copyright" />
+ <option name="fileTypeOverride" value="2" />
+ <option name="relativeBefore" value="true" />
+ <option name="addBlankAfter" value="true" />
+ <option name="fileLocation" value="1" />
+ <option name="useAlternate" value="false" />
+ </LanguageOptions>
+ <LanguageOptions name="JSP">
+ <option name="templateOptions">
+ <value>
+ <option name="block" value="true" />
+ <option name="separateBefore" value="false" />
+ <option name="separateAfter" value="false" />
+ <option name="prefixLines" value="true" />
+ <option name="lenBefore" value="80" />
+ <option name="lenAfter" value="80" />
+ <option name="box" value="false" />
+ <option name="filler" value=" " />
+ </value>
+ </option>
+ <option name="notice" value="Copyright (c) &#36;today.year, Your Corporation. All Rights Reserved." />
+ <option name="keyword" value="Copyright" />
+ <option name="fileTypeOverride" value="2" />
+ <option name="relativeBefore" value="true" />
+ <option name="addBlankAfter" value="true" />
+ <option name="fileLocation" value="1" />
+ <option name="useAlternate" value="false" />
+ </LanguageOptions>
+ <LanguageOptions name="JavaScript">
+ <option name="templateOptions">
+ <value>
+ <option name="block" value="true" />
+ <option name="separateBefore" value="false" />
+ <option name="separateAfter" value="false" />
+ <option name="prefixLines" value="true" />
+ <option name="lenBefore" value="80" />
+ <option name="lenAfter" value="80" />
+ <option name="box" value="false" />
+ <option name="filler" value=" " />
+ </value>
+ </option>
+ <option name="notice" value="Copyright (c) &#36;today.year, Your Corporation. All Rights Reserved." />
+ <option name="keyword" value="Copyright" />
+ <option name="fileTypeOverride" value="2" />
+ <option name="relativeBefore" value="true" />
+ <option name="addBlankAfter" value="true" />
+ <option name="fileLocation" value="1" />
+ <option name="useAlternate" value="false" />
+ </LanguageOptions>
+ <LanguageOptions name="Properties">
+ <option name="templateOptions">
+ <value>
+ <option name="block" value="true" />
+ <option name="separateBefore" value="false" />
+ <option name="separateAfter" value="false" />
+ <option name="prefixLines" value="true" />
+ <option name="lenBefore" value="80" />
+ <option name="lenAfter" value="80" />
+ <option name="box" value="false" />
+ <option name="filler" value=" " />
+ </value>
+ </option>
+ <option name="notice" value="Copyright (c) &#36;today.year, Your Corporation. All Rights Reserved." />
+ <option name="keyword" value="Copyright" />
+ <option name="fileTypeOverride" value="2" />
+ <option name="relativeBefore" value="true" />
+ <option name="addBlankAfter" value="true" />
+ <option name="fileLocation" value="1" />
+ <option name="useAlternate" value="false" />
+ </LanguageOptions>
+ <LanguageOptions name="XML">
+ <option name="templateOptions">
+ <value>
+ <option name="block" value="true" />
+ <option name="separateBefore" value="false" />
+ <option name="separateAfter" value="false" />
+ <option name="prefixLines" value="true" />
+ <option name="lenBefore" value="80" />
+ <option name="lenAfter" value="80" />
+ <option name="box" value="false" />
+ <option name="filler" value=" " />
+ </value>
+ </option>
+ <option name="notice" value="Copyright (c) &#36;today.year, Your Corporation. All Rights Reserved." />
+ <option name="keyword" value="Copyright" />
+ <option name="fileTypeOverride" value="2" />
+ <option name="relativeBefore" value="true" />
+ <option name="addBlankAfter" value="true" />
+ <option name="fileLocation" value="1" />
+ <option name="useAlternate" value="false" />
+ </LanguageOptions>
+ </component>
+</module>
+
Modified: modules/identity/trunk/identity/build.xml
===================================================================
--- modules/identity/trunk/identity/build.xml 2007-09-04 09:51:13 UTC (rev 8139)
+++ modules/identity/trunk/identity/build.xml 2007-09-04 10:02:26 UTC (rev 8140)
@@ -476,11 +476,11 @@
<x-test>
- <test todir="${test.reports}" name="org.jboss.portal.test.identity.db.DBIdentityTestCase"/>
- <test todir="${test.reports}" name="org.jboss.portal.test.identity.ldap.LDAPIdentityTestCase"/>
+ <!--<test todir="${test.reports}" name="org.jboss.portal.test.identity.db.DBIdentityTestCase"/>
+ <test todir="${test.reports}" name="org.jboss.portal.test.identity.ldap.LDAPIdentityTestCase"/>-->
<!--<test todir="${test.reports}" name="org.jboss.portal.test.identity.ldap.LDAPSimpleUserModuleTestCase"/>-->
- <!--<test todir="${test.reports}" name="org.jboss.portal.test.identity.ldap.LDAPSimpleRoleModuleTestCase"/>
- <test todir="${test.reports}" name="org.jboss.portal.test.identity.ldap.LDAPStaticGroupMembershipModuleTestCase"/>-->
+ <!--<test todir="${test.reports}" name="org.jboss.portal.test.identity.ldap.LDAPSimpleRoleModuleTestCase"/>-->
+ <test todir="${test.reports}" name="org.jboss.portal.test.identity.ldap.LDAPStaticGroupMembershipModuleTestCase"/>
<!--<test todir="${test.reports}" name="org.jboss.portal.test.identity.ldap.LDAPStaticRoleMembershipModuleTestCase"/>-->
<!--<test todir="${test.reports}" name="org.jboss.portal.test.identity.ldap.LDAPUserProfileModuleTestCase"/>
<test todir="${test.reports}" name="org.jboss.portal.test.identity.ldap.LDAPExtUserModuleTestCase"/>
Modified: modules/identity/trunk/identity/src/main/org/jboss/portal/identity/auth/IdentityLoginModule.java
===================================================================
--- modules/identity/trunk/identity/src/main/org/jboss/portal/identity/auth/IdentityLoginModule.java 2007-09-04 09:51:13 UTC (rev 8139)
+++ modules/identity/trunk/identity/src/main/org/jboss/portal/identity/auth/IdentityLoginModule.java 2007-09-04 10:02:26 UTC (rev 8140)
@@ -53,6 +53,8 @@
*
* @author <a href="mailto:julien@jboss.org">Julien Viet</a>
* @author <a href="mailto:theute@jboss.org">Thomas Heute</a>
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ * @author <a href="mailto:boleslaw dot dawidowicz at jboss.org">Boleslaw Dawidowicz</a>
* @version $Revision: 6803 $
*/
public class IdentityLoginModule extends UsernamePasswordLoginModule
@@ -147,13 +149,30 @@
protected boolean validatePassword(final String inputPassword, String expectedPassword)
{
+
+ HttpServletRequest request = null;
+ try
+ {
+ request = (HttpServletRequest) PolicyContext.getContext("javax.servlet.http.HttpServletRequest");
+ }
+ catch(Exception e)
+ {
+ log.error(this,e);
+ throw new RuntimeException(e);
+ }
+
+ Object ssoSuccess = request.getAttribute("ssoSuccess");
+ if(ssoSuccess != null)
+ {
+ return true;
+ }
+
if (inputPassword != null)
{
try
{
try
{
- HttpServletRequest request = (HttpServletRequest) PolicyContext.getContext("javax.servlet.http.HttpServletRequest");
UserStatus userStatus = getUserStatus(inputPassword);
Added: modules/identity/trunk/sso/build.bat
===================================================================
--- modules/identity/trunk/sso/build.bat (rev 0)
+++ modules/identity/trunk/sso/build.bat 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,54 @@
+@echo off
+rem
+rem Invokes a script of the same name in the 'tools' module.
+rem
+rem The 'tools' module is expected to be a peer directory of the directory
+rem in which this script lives.
+rem
+rem @author Jason Dillon <jason(a)planet57.com>
+rem
+
+rem $Id: build.bat 2001 2006-03-17 18:54:44Z julien $
+
+setlocal
+
+set PROGNAME=%~nx0
+set DIRNAME=%~dp0
+
+rem Legacy shell support
+if x%PROGNAME%==x set PROGNAME=build.bat
+if x%DIRNAME%==x set DIRNAME=.\
+
+set MODULE_ROOT=%DIRNAME%
+if x%TOOLS_ROOT%==x set TOOLS_ROOT=%DIRNAME%..\tools
+set TARGET=%TOOLS_ROOT%\bin\build.bat
+set ARGS=%*
+
+rem Start'er up yo
+goto main
+
+:debug
+if not x%DEBUG%==x echo %PROGNAME%: %*
+goto :EOF
+
+:main
+call :debug PROGNAME=%PROGNAME%
+call :debug DIRNAME=%DIRNAME%
+call :debug TOOLS_ROOT=%TOOLS_ROOT%
+call :debug TARGET=%TARGET%
+
+if exist %TARGET% call :call-script & goto :EOF
+rem else fail, we can not go on
+
+echo %PROGNAME%: *ERROR* The target executable does not exist:
+echo %PROGNAME%:
+echo %PROGNAME%: %TARGET%
+echo %PROGNAME%:
+echo %PROGNAME%: Please make sure you have checked out the 'tools' module
+echo %PROGNAME%: and make sure it is up to date.
+goto :EOF
+
+:call-script
+call :debug Executing %TARGET% %ARGS%
+call %TARGET% %ARGS%
+goto :EOF
Property changes on: modules/identity/trunk/sso/build.bat
___________________________________________________________________
Name: svn:executable
+ *
Added: modules/identity/trunk/sso/build.sh
===================================================================
--- modules/identity/trunk/sso/build.sh (rev 0)
+++ modules/identity/trunk/sso/build.sh 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,49 @@
+#!/bin/sh
+##
+## Invokes a script of the same name in the 'tools' module.
+##
+## The 'tools' module is expected to be a peer directory of the directory
+## in which this script lives.
+##
+## @author Jason Dillon <jason(a)planet57.com>
+##
+
+# $Id: build.sh 2001 2006-03-17 18:54:44Z julien $
+
+PROGNAME=`basename $0`
+DIRNAME=`dirname $0`
+
+# Buss it yo
+main() {
+ if [ "x$TOOLS_ROOT" = "x" ]; then
+ TOOLS_ROOT=`cd $DIRNAME/../tools && pwd`
+ fi
+
+ MODULE_ROOT=`cd $DIRNAME; pwd`
+ export TOOLS_ROOT MODULE_ROOT DEBUG TRACE
+
+ # Where is the target script?
+ target="$TOOLS_ROOT/bin/$PROGNAME"
+ if [ ! -f "$target" ]; then
+ echo "${PROGNAME}: *ERROR* The target executable does not exist:"
+ echo "${PROGNAME}:"
+ echo "${PROGNAME}: $target"
+ echo "${PROGNAME}:"
+ echo "${PROGNAME}: Please make sure you have checked out the 'tools' module"
+ echo "${PROGNAME}: and make sure it is up to date."
+ exit 2
+ fi
+
+ # Get busy yo!
+ if [ "x$DEBUG" != "x" ]; then
+ echo "${PROGNAME}: Executing: /bin/sh $target $@"
+ fi
+ if [ "x$TRACE" = "x" ]; then
+ exec /bin/sh $target "$@"
+ else
+ exec /bin/sh -x $target "$@"
+ fi
+}
+
+# Lets get ready to rumble!
+main "$@"
Property changes on: modules/identity/trunk/sso/build.sh
___________________________________________________________________
Name: svn:executable
+ *
Added: modules/identity/trunk/sso/build.xml
===================================================================
--- modules/identity/trunk/sso/build.xml (rev 0)
+++ modules/identity/trunk/sso/build.xml 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,243 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ ~ JBoss, a division of Red Hat ~
+ ~ Copyright 2006, Red Hat Middleware, LLC, and individual ~
+ ~ contributors as indicated by the @authors tag. See the ~
+ ~ copyright.txt in the distribution for a full listing of ~
+ ~ individual contributors. ~
+ ~ ~
+ ~ This is free software; you can redistribute it and/or modify it ~
+ ~ under the terms of the GNU Lesser General Public License as ~
+ ~ published by the Free Software Foundation; either version 2.1 of ~
+ ~ the License, or (at your option) any later version. ~
+ ~ ~
+ ~ This software is distributed in the hope that it will be useful, ~
+ ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~
+ ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ~
+ ~ Lesser General Public License for more details. ~
+ ~ ~
+ ~ You should have received a copy of the GNU Lesser General Public ~
+ ~ License along with this software; if not, write to the Free ~
+ ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA ~
+ ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. ~
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~-->
+
+<!DOCTYPE project [
+ <!ENTITY libraries SYSTEM "../thirdparty/libraries.ent">
+ <!ENTITY buildmagic SYSTEM "../tools/etc/buildfragments/buildmagic.ent">
+ <!ENTITY tools SYSTEM "../tools/etc/buildfragments/tools.ent">
+ <!ENTITY modules SYSTEM "../tools/etc/buildfragments/modules.ent">
+ <!ENTITY defaults SYSTEM "../tools/etc/buildfragments/defaults.ent">
+ <!ENTITY targets SYSTEM "../tools/etc/buildfragments/targets.ent">
+ ]>
+
+<!-- $Id: build.xml 8043 2007-08-23 00:13:18Z bdaw $ -->
+
+<!--+======================================================================+-->
+<!--| JBoss Portal (The OpenSource Portal) Build File |-->
+<!--| |-->
+<!--| Distributable under LGPL license. |-->
+<!--| See terms of license at http://www.gnu.org. |-->
+<!--| |-->
+<!--| This file has been designed to work with the 'tools' module and |-->
+<!--| Buildmagic extentions. |-->
+<!--+======================================================================+-->
+
+<project default="main" name="JBoss Portal">
+
+ <!--+====================================================================+-->
+ <!--| Setup |-->
+ <!--| |-->
+ <!--| Include the common build elements. |-->
+ <!--| |-->
+ <!--| This defines several different targets, properties and paths. |-->
+ <!--| It also sets up the basic extention tasks amoung other things. |-->
+ <!--+====================================================================+-->
+
+ &buildmagic;
+ &modules;
+ &defaults;
+ &tools;
+ &targets;
+
+
+ <!-- ================================================================== -->
+ <!-- Initialization -->
+ <!-- ================================================================== -->
+
+ <!--
+ | Initialize the build system. Must depend on '_buildmagic:init'.
+ | Other targets should depend on 'init' or things will mysteriously fail.
+ -->
+
+ <target name="init" unless="init.disable" depends="_buildmagic:init">
+ </target>
+
+ <!--+====================================================================+-->
+ <!--| Configuration |-->
+ <!--| |-->
+ <!--| This target is invoked by the Buildmagic initialization logic |-->
+ <!--| and should contain module specific configuration elements. |-->
+ <!--+====================================================================+-->
+
+ <target name="configure" unless="configure.disable">
+
+ <!-- Configure some properties -->
+ <property name="jboss-junit-configuration" value=""/>
+ <property name="junit.formatter.usefile" value="true"/>
+
+ <!-- Configure thirdparty libraries -->
+ &libraries;
+ <path id="library.classpath">
+ <path refid="jboss.portal/modules/common.classpath"/>
+ <path refid="jboss.portal/modules/test.classpath"/>
+ <path refid="sun.servlet.classpath"/>
+ <path refid="jboss.microcontainer.classpath"/>
+ <path refid="jboss.jbossxb.classpath"/>
+ <path refid="apache.xerces.classpath"/>
+ <path refid="jbossas/core.libs.classpath"/>
+ <path refid="oswego.concurrent.classpath"/>
+ <path refid="hibernate.hibernate.classpath"/>
+ <path refid="apache.log4j.classpath"/>
+ <path refid="apache.httpclient.classpath"/>
+ <path refid="junit.junit.classpath"/>
+ <path refid="apache.tomcat.classpath"/>
+ <path refid="josso.josso.classpath"/>
+ <path refid="cas.cas.classpath"/>
+ <path refid="spring.spring.classpath"/>
+
+ <pathelement location="${project.tools}/lib/ant.jar"/>
+ <!--<path refid="sun.opends.classpath"/>-->
+ </path>
+
+ <path id="javac.classpath">
+ <pathelement location="${build.classes}"/>
+ </path>
+
+ <!-- Configure modules -->
+ <call target="configure-modules"/>
+ <path id="dependentmodule.classpath">
+ <path refid="jboss.portal-identity.classpath"/>
+ </path>
+
+ <!--+=======================================+-->
+ <!--| Override any default properties here. |-->
+ <!--+=======================================+-->
+
+ <!-- Configure defaults & build tools -->
+ <call target="configure-defaults"/>
+ <call target="configure-tools"/>
+
+ <!--+=======================================+-->
+ <!--| Define module specific elements here. |-->
+ <!--+=======================================+-->
+ <property name="javadoc.private" value="true"/>
+ <property name="javadoc.protected" value="false"/>
+
+ </target>
+
+ <!--+====================================================================+-->
+ <!--| Compile |-->
+ <!--| |-->
+ <!--| This target should depend on other compile-* targets for each |-->
+ <!--| different type of compile that needs to be performed, short of |-->
+ <!--| documentation compiles. |-->
+ <!--+====================================================================+-->
+
+ <target name="compile"
+ description="Compile all source files."
+ depends="generate-parsers,
+ compile-classes,
+ _default:compile-etc,
+ _default:compile-resources">
+ <!-- Add module specific elements here. -->
+ </target>
+
+
+ <target name="compile-classes" depends="_buildmagic:init">
+ <mkdir dir="${build.classes}"/>
+
+ <!-- Hack, required to avoid duplicate javac targets -->
+ <mkdir dir="${build.gen.classes}"/>
+
+ <!-- Remove classes which depend on changed files, so they will rebuild. -->
+ <depend srcdir="${source.java}:${build.gen.classes}"
+ destdir="${build.classes}"
+ dump="${javac.depend.dump}"
+ closure="${javac.depend.closure}">
+ <include name="${javac.includes}"/>
+ <exclude name="${javac.excludes}"/>
+ </depend>
+
+ <javac destdir="${build.classes}"
+ optimize="${javac.optimize}"
+ target="${javac.target}"
+ debug="${javac.debug}"
+ source="${javac.source}"
+ depend="${javac.depend}"
+ verbose="${javac.verbose}"
+ deprecation="${javac.deprecation}"
+ includeAntRuntime="${javac.include.ant.runtime}"
+ includeJavaRuntime="${javac.include.java.runtime}"
+ failonerror="${javac.fail.onerror}">
+ <src path="${source.java}:${build.gen.classes}"/>
+ <classpath refid="javac.classpath"/>
+
+
+ <include name="${javac.includes}"/>
+ <exclude name="${javac.excludes}"/>
+ </javac>
+ </target>
+
+
+ <target name="generate-parsers" depends="init">
+ </target>
+
+ <!--+====================================================================+-->
+ <!--| Generate Output |-->
+ <!--| |-->
+ <!--| Generates the target output for this module. Target output is |-->
+ <!--| the output which is ment to be released or used by external |-->
+ <!--| modules. |-->
+ <!--+====================================================================+-->
+
+ <target name="output"
+ description="Generate all target output."
+ depends="compile">
+ <mkdir dir="${build.lib}"/>
+ <jar jarfile="${build.lib}/portal-identity-sso-lib.jar">
+ <fileset dir="${build.classes}" excludes="org/jboss/portal/test/**"/>
+ </jar>
+ </target>
+
+
+ <!-- ================================================================== -->
+ <!-- Cleaning -->
+ <!-- ================================================================== -->
+
+ <!-- Clean up all build output -->
+ <target name="clean" depends="_default:clean">
+ <!-- Add module specific elements here. -->
+ </target>
+
+ <!--+====================================================================+-->
+ <!--| Documents |-->
+ <!--| |-->
+ <!--| Generate all documentation for this module. |-->
+ <!--+====================================================================+-->
+
+ <target name="docs" depends="_default:docs">
+ <!-- Add module specific elements here. -->
+ </target>
+
+ <!-- ================================================================== -->
+ <!-- Misc. -->
+ <!-- ================================================================== -->
+
+ <target name="main" depends="most"/>
+ <target name="all" depends="_default:all"/>
+ <target name="most" depends="_default:most"/>
+ <target name="help" depends="_default:help"/>
+
+
+</project>
Property changes on: modules/identity/trunk/sso/build.xml
___________________________________________________________________
Name: svn:executable
+ *
Added: modules/identity/trunk/sso/src/etc/cas/cas_context.xml
===================================================================
--- modules/identity/trunk/sso/src/etc/cas/cas_context.xml (rev 0)
+++ modules/identity/trunk/sso/src/etc/cas/cas_context.xml 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,9 @@
+<?xml version="1.0"?>
+<Context>
+ <Valve className="org.jboss.portal.identity.auth.CASAuthenticationValve"
+ casLogin="https://localhost:8080/cas/login"
+ casValidate="https://localhost:8080/cas/serviceValidate"
+ casServerName="localhost"
+ authType="FORM"
+ />
+</Context>
Added: modules/identity/trunk/sso/src/etc/cas/cas_deployerConfigContext.xml
===================================================================
--- modules/identity/trunk/sso/src/etc/cas/cas_deployerConfigContext.xml (rev 0)
+++ modules/identity/trunk/sso/src/etc/cas/cas_deployerConfigContext.xml 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,98 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+ | deployerConfigContext.xml centralizes into one file some of the declarative configuration that
+ | all CAS deployers will need to modify.
+ |
+ | This file declares some of the Spring-managed JavaBeans that make up a CAS deployment.
+ | The beans declared in this file are instantiated at context initialization time by the Spring
+ | ContextLoaderListener declared in web.xml. It finds this file because this
+ | file is among those declared in the context parameter "contextConfigLocation".
+ |
+ | By far the most common change you will need to make in this file is to change the last bean
+ | declaration to replace the default SimpleTestUsernamePasswordAuthenticationHandler with
+ | one implementing your approach for authenticating usernames and passwords.
+ +-->
+<beans>
+ <!--
+ | This bean declares our AuthenticationManager. The CentralAuthenticationService service bean
+ | declared in applicationContext.xml picks up this AuthenticationManager by reference to its id,
+ | "authenticationManager". Most deployers will be able to use the default AuthenticationManager
+ | implementation and so do not need to change the class of this bean. We include the whole
+ | AuthenticationManager here in the userConfigContext.xml so that you can see the things you will
+ | need to change in context.
+ +-->
+ <bean id="authenticationManager"
+ class="org.jasig.cas.authentication.AuthenticationManagerImpl">
+ <!--
+ | This is the List of CredentialToPrincipalResolvers that identify what Principal is trying to authenticate.
+ | The AuthenticationManagerImpl considers them in order, finding a CredentialToPrincipalResolver which
+ | supports the presented credentials.
+ |
+ | AuthenticationManagerImpl uses these resolvers for two purposes. First, it uses them to identify the Principal
+ | attempting to authenticate to CAS /login . In the default configuration, it is the DefaultCredentialsToPrincipalResolver
+ | that fills this role. If you are using some other kind of credentials than UsernamePasswordCredentials, you will need to replace
+ | DefaultCredentialsToPrincipalResolver with a CredentialsToPrincipalResolver that supports the credentials you are
+ | using.
+ |
+ | Second, AuthenticationManagerImpl uses these resolvers to identify a service requesting a proxy granting ticket.
+ | In the default configuration, it is the HttpBasedServiceCredentialsToPrincipalResolver that serves this purpose.
+ | You will need to change this list if you are identifying services by something more or other than their callback URL.
+ +-->
+ <property name="credentialsToPrincipalResolvers">
+ <list>
+ <!--
+ | UsernamePasswordCredentialsToPrincipalResolver supports the UsernamePasswordCredentials that we use for /login
+ | by default and produces SimplePrincipal instances conveying the username from the credentials.
+ |
+ | If you've changed your LoginFormAction to use credentials other than UsernamePasswordCredentials then you will also
+ | need to change this bean declaration (or add additional declarations) to declare a CredentialsToPrincipalResolver that supports the
+ | Credentials you are using.
+ +-->
+ <bean
+ class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" />
+ <!--
+ | HttpBasedServiceCredentialsToPrincipalResolver supports HttpBasedCredentials. It supports the CAS 2.0 approach of
+ | authenticating services by SSL callback, extracting the callback URL from the Credentials and representing it as a
+ | SimpleService identified by that callback URL.
+ |
+ | If you are representing services by something more or other than an HTTPS URL whereat they are able to
+ | receive a proxy callback, you will need to change this bean declaration (or add additional declarations).
+ +-->
+ <bean
+ class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" />
+ </list>
+ </property>
+
+ <!--
+ | Whereas CredentialsToPrincipalResolvers identify who it is some Credentials might authenticate,
+ | AuthenticationHandlers actually authenticate credentials. Here we declare the AuthenticationHandlers that
+ | authenticate the Principals that the CredentialsToPrincipalResolvers identified. CAS will try these handlers in turn
+ | until it finds one that both supports the Credentials presented and succeeds in authenticating.
+ +-->
+ <property name="authenticationHandlers">
+ <list>
+ <!--
+ | This is the authentication handler that authenticates services by means of callback via SSL, thereby validating
+ | a server side SSL certificate.
+ +-->
+ <bean
+ class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler">
+ <property
+ name="httpClient"
+ ref="httpClient" />
+ </bean>
+
+ <!--
+ | This is the authentication handler declaration that every CAS deployer will need to change before deploying CAS
+ | into production. The default SimpleTestUsernamePasswordAuthenticationHandler authenticates UsernamePasswordCredentials
+ | where the username equals the password. You will need to replace this with an AuthenticationHandler that implements your
+ | local authentication strategy. You might accomplish this by coding a new such handler and declaring
+ | edu.someschool.its.cas.MySpecialHandler here, or you might use one of the handlers provided in the adaptors modules.
+ +-->
+ <bean
+ class="org.jboss.portal.identity.auth.CASAuthenticationHandler" />
+ </list>
+ </property>
+ </bean>
+</beans>
Added: modules/identity/trunk/sso/src/etc/josso/josso_context.xml
===================================================================
--- modules/identity/trunk/sso/src/etc/josso/josso_context.xml (rev 0)
+++ modules/identity/trunk/sso/src/etc/josso/josso_context.xml 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,4 @@
+<?xml version="1.0"?>
+<Context>
+ <Valve className="org.jboss.portal.identity.auth.JOSSOLogoutValve"/>
+</Context>
Added: modules/identity/trunk/sso/src/etc/josso/josso_error.jsp
===================================================================
--- modules/identity/trunk/sso/src/etc/josso/josso_error.jsp (rev 0)
+++ modules/identity/trunk/sso/src/etc/josso/josso_error.jsp 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,41 @@
+<%--
+ ~ Copyright (c) 2004-2006, Novascope S.A. and the JOSSO team
+ ~ All rights reserved.
+ ~ Redistribution and use in source and binary forms, with or
+ ~ without modification, are permitted provided that the following
+ ~ conditions are met:
+ ~
+ ~ * Redistributions of source code must retain the above copyright
+ ~ notice, this list of conditions and the following disclaimer.
+ ~
+ ~ * Redistributions in binary form must reproduce the above copyright
+ ~ notice, this list of conditions and the following disclaimer in
+ ~ the documentation and/or other materials provided with the
+ ~ distribution.
+ ~
+ ~ * Neither the name of the JOSSO team nor the names of its
+ ~ contributors may be used to endorse or promote products derived
+ ~ from this software without specific prior written permission.
+ ~
+ ~ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
+ ~ CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ ~ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+ ~ MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ ~ DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
+ ~ BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ ~ EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ ~ TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ ~ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ ~ ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ ~ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ ~ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ ~ POSSIBILITY OF SUCH DAMAGE.
+ --%>
+
+<%@page contentType="text/html; charset=iso-8859-1" language="java" session="true" %>
+<!--
+Redirects the user to the propper login page. Configured as the login url the web.xml for this application.
+-->
+<%
+ response.sendRedirect(request.getContextPath() + "/josso_login/");
+%>
Added: modules/identity/trunk/sso/src/etc/josso/josso_josso-agent-config.xml
===================================================================
--- modules/identity/trunk/sso/src/etc/josso/josso_josso-agent-config.xml (rev 0)
+++ modules/identity/trunk/sso/src/etc/josso/josso_josso-agent-config.xml 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<agent>
+ <class>org.josso.jb4.agent.JBossCatalinaSSOAgent</class>
+ <gatewayLoginUrl>http://localhost:8080/josso/signon/login.do</gatewayLoginUrl>
+ <gatewayLogoutUrl>http://localhost:8080/josso/signon/logout.do</gatewayLogoutUrl>
+ <service-locator>
+ <class>org.josso.gateway.WebserviceGatewayServiceLocator</class>
+ <endpoint>localhost:8080</endpoint>
+ </service-locator>
+ <partner-apps>
+ <partner-app>
+ <context>/portal</context>
+ </partner-app>
+ <!-- used for testing purposes -->
+ <partner-app>
+ <context>/portal2</context>
+ </partner-app>
+ </partner-apps>
+</agent>
Added: modules/identity/trunk/sso/src/etc/josso/josso_josso-config.xml
===================================================================
--- modules/identity/trunk/sso/src/etc/josso/josso_josso-config.xml (rev 0)
+++ modules/identity/trunk/sso/src/etc/josso/josso_josso-config.xml 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<configuration>
+ <hierarchicalXml fileName="josso-agent-config.xml"/>
+</configuration>
Added: modules/identity/trunk/sso/src/etc/josso/josso_josso-gateway-config.xml
===================================================================
--- modules/identity/trunk/sso/src/etc/josso/josso_josso-gateway-config.xml (rev 0)
+++ modules/identity/trunk/sso/src/etc/josso/josso_josso-gateway-config.xml 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,569 @@
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<!--
+ ~ Copyright (c) 2004-2006, Novascope S.A. and the JOSSO team
+ ~ All rights reserved.
+ ~ Redistribution and use in source and binary forms, with or
+ ~ without modification, are permitted provided that the following
+ ~ conditions are met:
+ ~
+ ~ * Redistributions of source code must retain the above copyright
+ ~ notice, this list of conditions and the following disclaimer.
+ ~
+ ~ * Redistributions in binary form must reproduce the above copyright
+ ~ notice, this list of conditions and the following disclaimer in
+ ~ the documentation and/or other materials provided with the
+ ~ distribution.
+ ~
+ ~ * Neither the name of the JOSSO team nor the names of its
+ ~ contributors may be used to endorse or promote products derived
+ ~ from this software without specific prior written permission.
+ ~
+ ~ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
+ ~ CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ ~ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+ ~ MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ ~ DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
+ ~ BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ ~ EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ ~ TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ ~ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ ~ ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ ~ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ ~ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ ~ POSSIBILITY OF SUCH DAMAGE.
+ -->
+
+<domain>
+ <name>JOSSO</name>
+ <type>web</type>
+
+ <!--sso-web-config-->
+
+ <!-- Optional : The URL where the user will be redirected after a successfull login only if josso_back_to request parameter
+ is not present when accessing the login url
+ <loginBackToURL>http://localhost:8080/partnerapp/protected/</loginBackToURL>
+ -->
+
+ <!-- Optional : The URL where the user will be redirected after a logout only if josso_back_to is not present
+ when accessing the logout url
+ <logoutBackToURL>http://localhost:8080/partnerapp/protected/</logoutBackToURL>
+ -->
+
+ <!-- Session token properties -->
+ <!--session-token-->
+
+ <!-- Optional : Use a secure session token, a secure channel like SSL must be available for this to work
+ <secure>false</secure>
+ -->
+
+
+ <!--/session-token-->
+
+ <!--/sso-web-config-->
+
+ <authenticator>
+ <class>org.josso.auth.AuthenticatorImpl</class>
+ <authentication-schemes>
+ <!-- Basic Authentication Scheme -->
+ <authentication-scheme>
+ <name>basic-authentication</name>
+ <class>org.josso.auth.scheme.BindUsernamePasswordAuthScheme</class>
+
+ <!--
+ The message digest algorithm to be used when hashing passwords.
+ This must be an algorithm supported by the java.security.MessageDigest class
+ on your platform.
+
+ In J2SE 1.4.2 you can check :
+ Java Cryptography Architecture API Specification & Reference - Apendix B : Algorithms
+ Values are : MD2, MD5, SHA-1, SHA-256, SHA-384, SHA-512,etc.
+
+ To provide LDAP support, also CRYPT is available.
+ -->
+ <!--
+ <hashAlgorithm>MD5</hashAlgorithm>
+ -->
+
+ <!-- Supported values are HEX, BASE64. Mandatory if hashAlgorithm was specified -->
+ <!--
+ <hashEncoding>HEX</hashEncoding>
+ -->
+
+ <!-- Some hash algorithms, like CRYPT, use this property. The default value is 2.
+ <saltLength>2</saltLength>
+ -->
+
+ <!--
+ <ignorePasswordCase>false</ignorePasswordCase>
+ <ignoreUserCase>false</ignoreUserCase>
+ -->
+ <!-- ========================================================= -->
+ <!-- JDBC Credential Store -->
+ <!-- -->
+ <!-- Always scape comma chars [,] in queries because -->
+ <!-- jakarta commons-configuration uses them to define arrays. -->
+ <!-- ========================================================= -->
+ <!--
+ <credential-store>
+ <class>org.josso.gateway.identity.service.store.db.JDBCIdentityStore</class>
+
+ <credentialsQueryString>
+
+ SELECT login AS username , password AS password FROM josso_user WHERE login = ?
+
+ </credentialsQueryString>
+ <connectionName>josso</connectionName>
+ <connectionPassword>josso</connectionPassword>
+ <connectionURL>jdbc:oracle:thin:@localhost:1521:josso_db</connectionURL>
+ <driverName>oracle.jdbc.driver.OracleDriver</driverName>
+ </credential-store>
+ <credential-store>
+ <class>org.josso.gateway.identity.service.store.db.DataSourceIdentityStore</class>
+
+ <credentialsQueryString>SELECT login AS username , password AS password FROM josso_user WHERE login = ?</credentialsQueryString>
+ <dsJndiName>java:jdbc/JossoSamplesDB</dsJndiName>
+ </credential-store>
+ -->
+
+ <!-- =============================================================== -->
+ <!-- LDAP Credential Store -->
+ <!-- -->
+ <!-- Chcek javadoc for configuration details : -->
+ <!-- org.josso.gateway.identity.service.store.ldap.LDAPIdentityStore -->
+ <!-- =============================================================== -->
+ <!--
+ <credential-store>
+ <class>org.josso.gateway.identity.service.store.ldap.LDAPIdentityStore</class>
+ <initialContextFactory>com.sun.jndi.ldap.LdapCtxFactory</initialContextFactory>
+ <providerUrl>ldap://ldaphost</providerUrl>
+ <securityPrincipal>cn=Manager,dc=my-domain,dc=com</securityPrincipal>
+ <securityCredential>secret</securityCredential>
+ <securityAuthentication>simple</securityAuthentication>
+ <ldapSearchScope>SUBTREE</ldapSearchScope>
+ <usersCtxDN>ou=People,dc=my-domain,dc=com</usersCtxDN>
+ <principalUidAttributeID>uid</principalUidAttributeID>
+ <rolesCtxDN>ou=Roles,dc=my-domain,dc=com</rolesCtxDN>
+ <uidAttributeID>uniquemember</uidAttributeID>
+ <roleAttributeID>cn</roleAttributeID>
+ <credentialQueryString>uid=username,userPassword=password</credentialQueryString>
+ <userPropertiesQueryString>mail=mail,cn=description</userPropertiesQueryString>
+ </credential-store>
+ -->
+
+ <!-- ================================================= -->
+ <!-- Memory Credential Store -->
+ <!-- ================================================= -->
+ <!--
+ <credential-store>
+ <class>org.josso.gateway.identity.service.store.MemoryIdentityStore</class>
+ <credentialsFileName>josso-credentials.xml</credentialsFileName>
+ </credential-store>
+ -->
+
+ <!-- ================================================= -->
+ <!-- JBoss Portal Credential Store -->
+ <!-- ================================================= -->
+ <credential-store>
+ <class>org.jboss.portal.identity.auth.JOSSOIdentityStore</class>
+ </credential-store>
+
+
+
+ <!-- ================================================= -->
+ <!-- Credential Store Key adapter -->
+ <!-- ================================================= -->
+ <credential-store-key-adapter>
+ <class>org.josso.gateway.identity.service.store.SimpleIdentityStoreKeyAdapter</class>
+ </credential-store-key-adapter>
+
+ </authentication-scheme>
+
+ <!-- Strong Authentication Scheme -->
+ <authentication-scheme>
+ <name>strong-authentication</name>
+ <class>org.josso.auth.scheme.X509CertificateAuthScheme</class>
+
+ <!-- ========================================================= -->
+ <!-- JDBC Credential Store -->
+ <!-- -->
+ <!-- Always scape comma chars [,] in queries because -->
+ <!-- jakarta commons-configuration uses them to define arrays. -->
+ <!-- ========================================================= -->
+ <!--
+ <credential-store>
+ <class>org.josso.gateway.identity.service.store.db.JDBCIdentityStore</class>
+
+ <credentialsQueryString>
+
+ SELECT login AS username , password AS password FROM josso_user WHERE login = ?
+
+ </credentialsQueryString>
+ <connectionName>josso</connectionName>
+ <connectionPassword>josso</connectionPassword>
+ <connectionURL>jdbc:oracle:thin:@localhost:1521:josso_db</connectionURL>
+ <driverName>oracle.jdbc.driver.OracleDriver</driverName>
+ </credential-store>
+ -->
+
+ <!-- =============================================================== -->
+ <!-- LDAP Credential Store -->
+ <!-- -->
+ <!-- Chcek javadoc for configuration details : -->
+ <!-- org.josso.gateway.identity.service.store.ldap.LDAPIdentityStore -->
+ <!-- =============================================================== -->
+ <!--
+ <credential-store>
+ <class>org.josso.gateway.identity.service.store.ldap.LDAPIdentityStore</class>
+ <initialContextFactory>com.sun.jndi.ldap.LdapCtxFactory</initialContextFactory>
+ <providerUrl>ldap://ldaphost</providerUrl>
+ <securityPrincipal>cn=Manager,dc=my-domain,dc=com</securityPrincipal>
+ <securityCredential>secret</securityCredential>
+ <securityAuthentication>simple</securityAuthentication>
+ <ldapSearchScope>SUBTREE</ldapSearchScope>
+ <usersCtxDN>ou=People,dc=my-domain,dc=com</usersCtxDN>
+ <principalUidAttributeID>uid</principalUidAttributeID>
+ <rolesCtxDN>ou=Roles,dc=my-domain,dc=com</rolesCtxDN>
+ <uidAttributeID>uniquemember</uidAttributeID>
+ <roleAttributeID>cn</roleAttributeID>
+ <credentialQueryString>uid=username,userCertificate;binary=userCertificate</credentialQueryString>
+ <userPropertiesQueryString>mail=mail,cn=description</userPropertiesQueryString>
+ </credential-store>
+ -->
+
+ <!-- ================================================= -->
+ <!-- Memory Credential Store -->
+ <!-- ================================================= -->
+ <credential-store>
+ <class>org.josso.gateway.identity.service.store.MemoryIdentityStore</class>
+ <credentialsFileName>josso-credentials.xml</credentialsFileName>
+ </credential-store>
+
+ <!-- ================================================= -->
+ <!-- Credential Store Key adapter -->
+ <!-- ================================================= -->
+ <credential-store-key-adapter>
+ <class>org.josso.gateway.identity.service.store.SimpleIdentityStoreKeyAdapter</class>
+ </credential-store-key-adapter>
+
+ </authentication-scheme>
+ </authentication-schemes>
+ </authenticator>
+
+ <sso-identity-manager>
+
+ <class>org.josso.gateway.identity.service.SSOIdentityManagerImpl</class>
+
+ <!-- ========================================================= -->
+ <!-- DataSource Identity Store -->
+ <!-- -->
+ <!-- Always scape comma chars [,] in queries because -->
+ <!-- jakarta commons-configuration uses them to define arrays. -->
+ <!-- ========================================================= -->
+ <!--
+ <sso-identity-store>
+ <class>org.josso.gateway.identity.service.store.db.DataSourceIdentityStore</class>
+
+ <userQueryString>
+ SELECT login FROM josso_user WHERE login = ?
+ </userQueryString>
+
+ <userPropertiesQueryString>
+ SELECT 'user.description' AS name , description AS value FROM josso_user WHERE login = ?
+ UNION
+ SELECT name AS name , value AS value FROM josso_user_property WHERE login = ?
+ </userPropertiesQueryString>
+
+ <rolesQueryString>
+ SELECT josso_role.name FROM josso_role , josso_user_role , josso_user WHERE josso_user.login = ? AND josso_user.login = josso_user_role.login AND josso_role.name = josso_user_role.name
+ </rolesQueryString>
+
+ <dsJndiName>java:jdbc/JossoSamplesDB</dsJndiName>
+ </sso-identity-store>
+ -->
+ <!-- ========================================================= -->
+ <!-- JDBC Identity Store -->
+ <!-- -->
+ <!-- Always scape comma chars [,] in queries because -->
+ <!-- jakarta commons-configuration uses them to define arrays. -->
+ <!-- ========================================================= -->
+
+ <!--sso-identity-store>
+ <class>org.josso.gateway.identity.service.store.db.JDBCIdentityStore</class>
+
+ <userQueryString>
+ SELECT login FROM josso_user WHERE login = ?
+ </userQueryString>
+
+ You could use a UNION to select properties from different tables/columns :
+ SELECT 'user.lastName' AS name , lastName AS value FROM josso_user WHERE login = ?
+ UNION
+ SELECT 'user.name' AS name , name AS value FROM josso_user WHERE login = ?
+ UNION
+ SELECT name AS name , value AS value FROM josso_user_properties WHERE login = ?
+
+ <userPropertiesQueryString>
+ SELECT 'user.description' AS name , description AS value FROM josso_user WHERE login = ?
+ UNION
+ SELECT name AS name , value AS value FROM josso_user_property WHERE login = ?
+ </userPropertiesQueryString>
+ <rolesQueryString>
+ SELECT josso_role.name FROM josso_role , josso_user_role , josso_user WHERE josso_user.login = ? AND josso_user.login = josso_user_role.login AND josso_role.name = josso_user_role.name
+ </rolesQueryString>
+ <connectionName>josso</connectionName>
+ <connectionPassword>josso</connectionPassword>
+ <connectionURL>jdbc:oracle:thin:@localhost:1521:josso_db</connectionURL>
+ <driverName>oracle.jdbc.driver.OracleDriver</driverName>
+ </sso-identity-store-->
+
+ <!-- =============================================================== -->
+ <!-- LDAP Identity Store -->
+ <!-- -->
+ <!-- Chcek javadoc for configuration details : -->
+ <!-- org.josso.gateway.identity.service.store.ldap.LDAPIdentityStore -->
+ <!-- ================================================= -->
+ <!--
+ <sso-identity-store>
+ <class>org.josso.gateway.identity.service.store.ldap.LDAPIdentityStore</class>
+ <initialContextFactory>com.sun.jndi.ldap.LdapCtxFactory</initialContextFactory>
+ <providerUrl>ldap://ldaphost</providerUrl>
+ <securityPrincipal>cn=Manager,dc=my-domain,dc=com</securityPrincipal>
+ <securityCredential>secret</securityCredential>
+ <securityAuthentication>simple</securityAuthentication>
+ <ldapSearchScope>SUBTREE</ldapSearchScope>
+ <usersCtxDN>ou=People,dc=my-domain,dc=com</usersCtxDN>
+ <principalUidAttributeID>uid</principalUidAttributeID>
+ <rolesCtxDN>ou=Roles,dc=my-domain,dc=com</rolesCtxDN>
+ <uidAttributeID>uniquemember</uidAttributeID>
+ <roleAttributeID>cn</roleAttributeID>
+ <credentialQueryString>uid=username,userPassword=password</credentialQueryString>
+ <userPropertiesQueryString>mail=mail,cn=description</userPropertiesQueryString>
+ </sso-identity-store>
+ -->
+
+ <!-- ================================================= -->
+ <!-- Memory Identity Store -->
+ <!-- ================================================= -->
+ <!--
+ <sso-identity-store>
+ <class>org.josso.gateway.identity.service.store.MemoryIdentityStore</class>
+ <usersFileName>josso-users.xml</usersFileName>
+ </sso-identity-store>
+ -->
+
+ <!-- ================================================= -->
+ <!-- JBoss Portal Credential Store -->
+ <!-- ================================================= -->
+ <sso-identity-store>
+ <class>org.jboss.portal.identity.auth.JOSSOIdentityStore</class>
+ </sso-identity-store>
+
+ <!-- ================================================= -->
+ <!-- Identity Store Key adapter -->
+ <!-- ================================================= -->
+ <sso-identity-store-key-adapter>
+ <class>org.josso.gateway.identity.service.store.SimpleIdentityStoreKeyAdapter</class>
+ </sso-identity-store-key-adapter>
+
+ </sso-identity-manager>
+
+ <sso-session-manager>
+
+ <class>org.josso.gateway.session.service.SSOSessionManagerImpl</class>
+
+ <!--
+ Set the maximum time interval, in minutes, between client requests before the SSO Service will invalidate
+ the session. A negative time indicates that the session should never time out.
+ -->
+ <maxInactiveInterval>30</maxInactiveInterval>
+
+ <!-- Max number of sessions per user, default 1
+ A negative value indicates that an unlimited number of sessions per user is allowed.
+ -->
+ <maxSessionsPerUser>-1</maxSessionsPerUser>
+ <!--
+ If true, when the max number of sessions per user is exceeded,
+ an already existing session will be invalidated to create a new one.
+ If false, when the max number of sessions per user is exceeded,
+ an exception is thrown and the new session is not created.
+ -->
+ <invalidateExceedingSessions>false</invalidateExceedingSessions>
+
+
+ <!--
+ Time interval, in milliseconds, between exired sessions cleanup.
+ -->
+ <sessionMonitorInterval>10000</sessionMonitorInterval>
+
+ <!-- =================================================================== -->
+ <!-- Serialized Session Store -->
+ <!-- -->
+ <!-- Session Store implementation which uses Java Serialization to -->
+ <!-- persist Single Sign-On user sessions. -->
+ <!-- It allows to reconstruct the session state after a system shutdown. -->
+ <!-- =================================================================== -->
+ <!--
+ <sso-session-store>
+ <class>org.josso.gateway.session.service.store.SerializedSessionStore</class>
+ file where serialized sessions will be stored (optional)
+ <serializedFile>/tmp/josso_sessions.ser</serializedFile>
+ </sso-session-store>
+ -->
+
+
+ <!-- =============================================================== -->
+ <!-- DataSource Session Store -->
+ <!-- -->
+ <!-- This store persists SSO sessions in a RDBMS, it's usefull for -->
+ <!-- example when multiple SSO servers must share session information-->
+ <!-- like in a cluster. -->
+ <!-- -->
+ <!-- NOTE :Remember to escape spetial chars like < with < , etc -->
+ <!-- -->
+ <!-- -->
+ <!-- Chcek javadoc for configuration details : -->
+ <!-- org.josso.gateway.session.service.store.db.DataSourceSessionStore -->
+ <!-- =============================================================== -->
+ <!--
+ <sso-session-store>
+
+ <class>org.josso.gateway.session.service.store.db.DataSourceSessionStore</class>
+
+ <dsJndiName>java:jdbc/JossoSamplesDB</dsJndiName>
+
+ <sizeQuery>SELECT COUNT(*) FROM JOSSO_SESSION</sizeQuery>
+ <keysQuery>SELECT session_id FROM JOSSO_SESSION</keysQuery>
+ <loadAllQuery>SELECT session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid FROM JOSSO_SESSION</loadAllQuery>
+ <loadQuery>SELECT session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid FROM JOSSO_SESSION WHERE session_id = ?</loadQuery>
+ <loadByUserNameQuery>SELECT session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid FROM JOSSO_SESSION WHERE username = ?</loadByUserNameQuery>
+
+ <loadByLastAccessTimeQuery>SELECT session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid FROM JOSSO_SESSION WHERE last_access_time < ?</loadByLastAccessTimeQuery>
+ <loadByValidQuery>SELECT session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid FROM JOSSO_SESSION WHERE valid = ?</loadByValidQuery>
+ <deleteDml>DELETE FROM JOSSO_SESSION WHERE session_id = ?</deleteDml>
+ <deleteAllDml>DELETE FROM JOSSO_SESSION</deleteAllDml>
+ <insertDml>INSERT INTO JOSSO_SESSION (session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid) VALUES (?, ?, ?, ?, ?, ?, ?) </insertDml>
+
+ <dsJndiName>java:jdbc/JossoSamplesDB</dsJndiName>
+
+ </sso-session-store>
+ -->
+
+ <!-- =============================================================== -->
+ <!-- Jdbc Session Store -->
+ <!-- -->
+ <!-- This store persists SSO sessions in a RDBMS, it's usefull for -->
+ <!-- example when multiple SSO servers must share session information-->
+ <!-- like in a cluster. -->
+ <!-- -->
+ <!-- NOTE :Remember to escape spetial chars like < with < , etc -->
+ <!-- -->
+ <!-- Chcek javadoc for configuration details : -->
+ <!-- org.josso.gateway.session.service.store.db.JdbcSessionStore -->
+ <!-- =============================================================== -->
+ <!--
+ <sso-session-store>
+
+ <class>org.josso.gateway.session.service.store.db.JdbcSessionStore</class>
+
+ <connectionName>josso</connectionName>
+ <connectionPassword>josso</connectionPassword>
+ <connectionURL>jdbc:oracle:thin:@localhost:1521:josso_db</connectionURL>
+ <driverName>oracle.jdbc.driver.OracleDriver</driverName>
+
+ <sizeQuery>SELECT COUNT(*) FROM JOSSO_SESSION</sizeQuery>
+ <keysQuery>SELECT session_id FROM JOSSO_SESSION</keysQuery>
+ <loadAllQuery>SELECT session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid FROM JOSSO_SESSION</loadAllQuery>
+ <loadQuery>SELECT session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid FROM JOSSO_SESSION WHERE session_id = ?</loadQuery>
+ <loadByUserNameQuery>SELECT session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid FROM JOSSO_SESSION WHERE username = ?</loadByUserNameQuery>
+
+ <loadByLastAccessTimeQuery>SELECT session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid FROM JOSSO_SESSION WHERE last_access_time < ?</loadByLastAccessTimeQuery>
+ <loadByValidQuery>SELECT session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid FROM JOSSO_SESSION WHERE valid = ?</loadByValidQuery>
+ <deleteDml>DELETE FROM JOSSO_SESSION WHERE session_id = ?</deleteDml>
+ <deleteAllDml>DELETE FROM JOSSO_SESSION</deleteAllDml>
+ <insertDml>INSERT INTO JOSSO_SESSION (session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid) VALUES (?, ?, ?, ?, ?, ?, ?) </insertDml>
+
+ </sso-session-store>
+ -->
+
+
+ <!-- =============================================================== -->
+ <!-- Memory Session Store -->
+ <!-- =============================================================== -->
+ <sso-session-store>
+ <class>org.josso.gateway.session.service.store.MemorySessionStore</class>
+ </sso-session-store>
+
+ <sso-session-id-generator>
+
+ <class>org.josso.gateway.session.service.SessionIdGeneratorImpl</class>
+ <!--
+ The message digest algorithm to be used when generating session
+ identifiers. This must be an algorithm supported by the
+ java.security.MessageDigest class on your platform.
+
+ In J2SE 1.4.2 you can check :
+ Java Cryptography Architecture API Specification & Reference - Apendix A : Standard Names
+ Values are : MD2, MD5, SHA-1, SHA-256, SHA-384, SHA-512
+ -->
+ <algorithm>MD5</algorithm>
+
+ </sso-session-id-generator>
+
+ </sso-session-manager>
+
+ <!-- SSO Audit Manager compoment -->
+ <sso-audit-manager>
+ <class>org.josso.gateway.audit.service.SSOAuditManagerImpl</class>
+
+ <!--
+ List of handlers that will process this request
+ Every handler must have its own unique name.
+ -->
+ <handlers>
+
+ <!-- This handler logs all audit trails using Log4J, under the given category -->
+ <handler>
+ <class>org.josso.gateway.audit.service.handler.LoggerAuditTrailHandler</class>
+ <name>LoggerAuditTrailHandler</name>
+ <category>org.josso.gateway.audit.SSO_AUDIT</category>
+ </handler>
+
+ <!--
+ <handler>
+ <class>MyOtherHandler</class>
+ <name>MyOhterHandlerName</name>
+ <myProperty>value</myProperty>
+ </handler>
+ -->
+
+ </handlers>
+ </sso-audit-manager>
+
+ <!-- SSO Event Manager component -->
+ <sso-event-manager>
+ <class>org.josso.gateway.event.security.JMXSSOEventManagerImpl</class>
+ <!--
+ JMX Name of the EventManager MBean that will send SSO Events as JMX Notifications
+ The MBean will be registered by the MBeanComponentKeeper.
+ -->
+ <oname>josso:type=SSOEventManager</oname>
+ <!-- You can add your own listeners here : -->
+ <!-- Every listener should have a unique name -->
+
+ <!--
+ <listeners>
+ <listener>
+ <class>com.myCompany.MyEventListener</class>
+ <name>MyEventListener</name>
+ <property1>MyListenerProperty1Value</property1>
+ </listener>
+ <listener>
+ <class>com.myCompany.MyOtherEventListener</class>
+ <name>MyOtherEventListener</name>
+ <propertyA>MyOtherListenerPropertyAValue</propertyA>
+ </listener>
+ </listeners>
+ -->
+
+ </sso-event-manager>
+
+</domain>
Added: modules/identity/trunk/sso/src/etc/josso/josso_login-config.xml
===================================================================
--- modules/identity/trunk/sso/src/etc/josso/josso_login-config.xml (rev 0)
+++ modules/identity/trunk/sso/src/etc/josso/josso_login-config.xml 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,165 @@
+<?xml version='1.0'?>
+<!DOCTYPE policy PUBLIC
+ "-//JBoss//DTD JBOSS Security Config 3.0//EN"
+ "http://www.jboss.org/j2ee/dtd/security_config.dtd">
+
+<!-- The XML based JAAS login configuration read by the
+org.jboss.security.auth.login.XMLLoginConfig mbean. Add
+an application-policy element for each security domain.
+
+The outline of the application-policy is:
+<application-policy name="security-domain-name">
+ <authentication>
+ <login-module code="login.module1.class.name" flag="control_flag">
+ <module-option name = "option1-name">option1-value</module-option>
+ <module-option name = "option2-name">option2-value</module-option>
+ ...
+ </login-module>
+
+ <login-module code="login.module2.class.name" flag="control_flag">
+ ...
+ </login-module>
+ ...
+ </authentication>
+</application-policy>
+
+-->
+
+<policy>
+ <!-- Used by clients within the application server VM such as
+ mbeans and servlets that access EJBs.
+ -->
+ <application-policy name = "client-login">
+ <authentication>
+ <login-module code = "org.jboss.security.ClientLoginModule"
+ flag = "required">
+ <!-- Any existing security context will be restored on logout -->
+ <module-option name="restore-login-identity">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- Security domain for JBossMQ -->
+ <application-policy name = "jbossmq">
+ <authentication>
+ <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
+ flag = "required">
+ <module-option name = "unauthenticatedIdentity">guest</module-option>
+ <module-option name = "dsJndiName">java:/DefaultDS</module-option>
+ <module-option name = "principalsQuery">SELECT PASSWD FROM JMS_USERS WHERE USERID=?</module-option>
+ <module-option name = "rolesQuery">SELECT ROLEID, 'Roles' FROM JMS_ROLES WHERE USERID=?</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- Security domain for JBossMQ when using file-state-service.xml
+ <application-policy name = "jbossmq">
+ <authentication>
+ <login-module code = "org.jboss.mq.sm.file.DynamicLoginModule"
+ flag = "required">
+ <module-option name = "unauthenticatedIdentity">guest</module-option>
+ <module-option name = "sm.objectname">jboss.mq:service=StateManager</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+ -->
+
+ <!-- Security domains for testing new jca framework -->
+ <application-policy name = "HsqlDbRealm">
+ <authentication>
+ <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
+ flag = "required">
+ <module-option name = "principal">sa</module-option>
+ <module-option name = "userName">sa</module-option>
+ <module-option name = "password"></module-option>
+ <module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name = "JmsXARealm">
+ <authentication>
+ <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
+ flag = "required">
+ <module-option name = "principal">guest</module-option>
+ <module-option name = "userName">guest</module-option>
+ <module-option name = "password">guest</module-option>
+ <module-option name = "managedConnectionFactoryName">jboss.jca:service=TxCM,name=JmsXA</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- A template configuration for the jmx-console web application. This
+ defaults to the UsersRolesLoginModule the same as other and should be
+ changed to a stronger authentication mechanism as required.
+ -->
+ <application-policy name = "jmx-console">
+ <authentication>
+ <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag = "required">
+ <module-option name="usersProperties">props/jmx-console-users.properties</module-option>
+ <module-option name="rolesProperties">props/jmx-console-roles.properties</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- A template configuration for the web-console web application. This
+ defaults to the UsersRolesLoginModule the same as other and should be
+ changed to a stronger authentication mechanism as required.
+ -->
+ <application-policy name = "$webConsoleDomain">
+ <authentication>
+ <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag = "required">
+ <module-option name="usersProperties">web-console-users.properties</module-option>
+ <module-option name="rolesProperties">web-console-roles.properties</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- A template configuration for the JBossWS web application (and transport layer!).
+ This defaults to the UsersRolesLoginModule the same as other and should be
+ changed to a stronger authentication mechanism as required.
+ -->
+ <application-policy name="JBossWS">
+ <authentication>
+ <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag="required">
+ <module-option name="usersProperties">props/jbossws-users.properties</module-option>
+ <module-option name="rolesProperties">props/jbossws-roles.properties</module-option>
+ <module-option name="unauthenticatedIdentity">anonymous</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- The default login configuration used by any security domain that
+ does not have a application-policy entry with a matching name
+ -->
+ <application-policy name = "other">
+ <!-- A simple server login module, which can be used when the number
+ of users is relatively small. It uses two properties files:
+ users.properties, which holds users (key) and their password (value).
+ roles.properties, which holds users (key) and a comma-separated list of
+ their roles (value).
+ The unauthenticatedIdentity property defines the name of the principal
+ that will be used when a null username and password are presented as is
+ the case for an unuathenticated web client or MDB. If you want to
+ allow such users to be authenticated add the property, e.g.,
+ unauthenticatedIdentity="nobody"
+ -->
+ <authentication>
+ <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
+ flag = "required" />
+ </authentication>
+ </application-policy>
+
+ <!-- JOSSO JAAS Module configuration -->
+ <application-policy name = "josso">
+ <authentication>
+ <login-module code = "org.jboss.portal.identity.auth.JOSSOLoginModule"
+ flag = "required">
+ <module-option name="debug">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+</policy>
Added: modules/identity/trunk/sso/src/etc/josso/josso_login.jsp
===================================================================
--- modules/identity/trunk/sso/src/etc/josso/josso_login.jsp (rev 0)
+++ modules/identity/trunk/sso/src/etc/josso/josso_login.jsp 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,41 @@
+<%--
+ ~ Copyright (c) 2004-2006, Novascope S.A. and the JOSSO team
+ ~ All rights reserved.
+ ~ Redistribution and use in source and binary forms, with or
+ ~ without modification, are permitted provided that the following
+ ~ conditions are met:
+ ~
+ ~ * Redistributions of source code must retain the above copyright
+ ~ notice, this list of conditions and the following disclaimer.
+ ~
+ ~ * Redistributions in binary form must reproduce the above copyright
+ ~ notice, this list of conditions and the following disclaimer in
+ ~ the documentation and/or other materials provided with the
+ ~ distribution.
+ ~
+ ~ * Neither the name of the JOSSO team nor the names of its
+ ~ contributors may be used to endorse or promote products derived
+ ~ from this software without specific prior written permission.
+ ~
+ ~ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
+ ~ CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ ~ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+ ~ MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ ~ DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
+ ~ BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ ~ EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ ~ TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ ~ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ ~ ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ ~ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ ~ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ ~ POSSIBILITY OF SUCH DAMAGE.
+ --%>
+
+<%@page contentType="text/html; charset=iso-8859-1" language="java" session="true" %>
+<!--
+Redirects the user to the propper login page. Configured as the login url the web.xml for this application.
+-->
+<%
+ response.sendRedirect(request.getContextPath() + "/josso_login/");
+%>
Added: modules/identity/trunk/sso/src/etc/josso/josso_server.xml
===================================================================
--- modules/identity/trunk/sso/src/etc/josso/josso_server.xml (rev 0)
+++ modules/identity/trunk/sso/src/etc/josso/josso_server.xml 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,178 @@
+<Server>
+
+ <!-- Use a custom version of StandardService that allows the
+ connectors to be started independent of the normal lifecycle
+ start to allow web apps to be deployed before starting the
+ connectors.
+ -->
+ <Service name="jboss.web"
+ className="org.jboss.web.tomcat.tc5.StandardService">
+
+ <!-- A HTTP/1.1 Connector on port 8080 -->
+ <Connector port="8080" address="${jboss.bind.address}"
+ maxThreads="250" strategy="ms" maxHttpHeaderSize="8192"
+ emptySessionPath="true"
+ enableLookups="false" redirectPort="8443" acceptCount="100"
+ connectionTimeout="20000" disableUploadTimeout="true"/>
+
+ <!-- Add this option to the connector to avoid problems with
+ .NET clients that don't implement HTTP/1.1 correctly
+ restrictedUserAgents="^.*MS Web Services Client Protocol 1.1.4322.*$"
+ -->
+
+ <!-- A AJP 1.3 Connector on port 8009 -->
+ <Connector port="8009" address="${jboss.bind.address}"
+ emptySessionPath="true" enableLookups="false" redirectPort="8443"
+ protocol="AJP/1.3"/>
+
+ <!-- SSL/TLS Connector configuration using the admin devl guide keystore
+ <Connector port="8443" address="${jboss.bind.address}"
+ maxThreads="100" strategy="ms" maxHttpHeaderSize="8192"
+ emptySessionPath="true"
+ scheme="https" secure="true" clientAuth="false"
+ keystoreFile="${jboss.server.home.dir}/conf/chap8.keystore"
+ keystorePass="rmi+ssl" sslProtocol = "TLS" />
+ -->
+
+ <Engine name="jboss.web" defaultHost="localhost">
+
+ <!-- The JAAS based authentication and authorization realm implementation
+ that is compatible with the jboss 3.2.x realm implementation.
+ - certificatePrincipal : the class name of the
+ org.jboss.security.auth.certs.CertificatePrincipal impl
+ used for mapping X509[] cert chains to a Princpal.
+ - allRolesMode : how to handle an auth-constraint with a role-name=*,
+ one of strict, authOnly, strictAuthOnly
+ + strict = Use the strict servlet spec interpretation which requires
+ that the user have one of the web-app/security-role/role-name
+ + authOnly = Allow any authenticated user
+ + strictAuthOnly = Allow any authenticated user only if there are no
+ web-app/security-roles
+ -->
+ <!--
+ <Realm className="org.jboss.web.tomcat.security.JBossSecurityMgrRealm"
+ certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"
+ allRolesMode="authOnly"
+ />
+ -->
+
+ <!-- A subclass of JBossSecurityMgrRealm that uses the authentication
+ behavior of JBossSecurityMgrRealm, but overrides the authorization
+ checks to use JACC permissions with the current java.security.Policy
+ to determine authorized access.
+ - allRolesMode : how to handle an auth-constraint with a role-name=*,
+ one of strict, authOnly, strictAuthOnly
+ + strict = Use the strict servlet spec interpretation which requires
+ that the user have one of the web-app/security-role/role-name
+ + authOnly = Allow any authenticated user
+ + strictAuthOnly = Allow any authenticated user only if there are no
+ web-app/security-roles
+ <Realm className="org.jboss.web.tomcat.security.JaccAuthorizationRealm"
+ certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"
+ allRolesMode="authOnly"
+ />
+ -->
+
+ <!-- Integrating the JOSSO realm -->
+ <Realm className="org.josso.jb4.agent.JBossCatalinaRealm"
+ appName="josso"
+ userClassNames="org.josso.gateway.identity.service.BaseUserImpl"
+ roleClassNames="org.josso.gateway.identity.service.BaseRoleImpl"
+ debug="1" />
+
+ <Host name="localhost"
+ autoDeploy="false" deployOnStartup="false" deployXML="false">
+
+ <!-- UNCOMMENT TO ENABLE CUSTOMIZATION OF TOMCAT AUTHENTICATORS
+ <Host name="localhost"
+ autoDeploy="false" deployOnStartup="false" deployXML="false"
+ configClass="org.jboss.web.tomcat.security.config.JBossContextConfig">
+ -->
+
+
+ <!-- Uncomment to enable request dumper. This Valve "logs interesting
+ contents from the specified Request (before processing) and the
+ corresponding Response (after processing). It is especially useful
+ in debugging problems related to headers and cookies."
+ -->
+ <!--
+ <Valve className="org.apache.catalina.valves.RequestDumperValve" />
+ -->
+
+ <!-- Access logger -->
+ <!--
+ <Valve className="org.apache.catalina.valves.FastCommonAccessLogValve"
+ prefix="localhost_access_log." suffix=".log"
+ pattern="common" directory="${jboss.server.home.dir}/log"
+ resolveHosts="false" />
+ -->
+
+ <!-- Uncomment to enable single sign-on across web apps
+ deployed to this host. Does not provide SSO across a cluster.
+
+ If this valve is used, do not use the JBoss ClusteredSingleSignOn
+ valve shown below.
+
+ A new configuration attribute is available beginning with
+ release 4.0.4:
+
+ cookieDomain configures the domain to which the SSO cookie
+ will be scoped (i.e. the set of hosts to
+ which the cookie will be presented). By default
+ the cookie is scoped to "/", meaning the host
+ that presented it. Set cookieDomain to a
+ wider domain (e.g. "xyz.com") to allow an SSO
+ to span more than one hostname.
+ -->
+ <!--
+ <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
+ -->
+
+ <!-- Uncomment to enable single sign-on across web apps
+ deployed to this host AND to all other hosts in the cluster.
+
+ If this valve is used, do not use the standard Tomcat SingleSignOn
+ valve shown above.
+
+ Valve uses a JBossCache instance to support SSO credential
+ caching and replication across the cluster. The JBossCache
+ instance must be configured separately. By default, the valve
+ shares a JBossCache with the service that supports HttpSession
+ replication. See the "tc5-cluster-service.xml" file in the
+ server/all/deploy directory for cache configuration details.
+
+ Besides the attributes supported by the standard Tomcat
+ SingleSignOn valve (see the Tomcat docs), this version also
+ supports the following attributes:
+
+ cookieDomain see above
+
+ treeCacheName JMX ObjectName of the JBossCache MBean used to
+ support credential caching and replication across
+ the cluster. If not set, the default value is
+ "jboss.cache:service=TomcatClusteringCache", the
+ standard ObjectName of the JBossCache MBean used
+ to support session replication.
+ -->
+ <!--
+ <Valve className="org.jboss.web.tomcat.tc5.sso.ClusteredSingleSignOn" />
+ -->
+
+
+ <!-- Uncomment to check for unclosed connections and transaction terminated checks
+ in servlets/jsps.
+ Important: You need to uncomment the dependency on the CachedConnectionManager
+ in META-INF/jboss-service.xml
+ <Valve className="org.jboss.web.tomcat.tc5.jca.CachedConnectionValve"
+ cachedConnectionManagerObjectName="jboss.jca:service=CachedConnectionManager"
+ transactionManagerObjectName="jboss:service=TransactionManager" />
+ -->
+
+ <!-- JOSSO Agent Valve -->
+ <Valve className="org.josso.tc55.agent.SSOAgentValve" debug="1"/>
+ </Host>
+ </Engine>
+
+ </Service>
+
+</Server>
Added: modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/AuthenticationService.java
===================================================================
--- modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/AuthenticationService.java (rev 0)
+++ modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/AuthenticationService.java 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,33 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.portal.identity.sso;
+
+/*
+ * Created on May 24, 2007
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public interface AuthenticationService
+{
+ public boolean authenticate(String username,String password);
+}
Added: modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/cas/CASAuthenticationHandler.java
===================================================================
--- modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/cas/CASAuthenticationHandler.java (rev 0)
+++ modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/cas/CASAuthenticationHandler.java 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,74 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.portal.identity.sso.cas;
+
+
+//jmx related
+import javax.management.MBeanServer;
+import javax.management.ObjectName;
+import org.jboss.mx.util.MBeanProxy;
+import org.jboss.mx.util.MBeanServerLocator;
+
+
+import org.jasig.cas.authentication.handler.AuthenticationException;
+import org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler;
+import org.jasig.cas.authentication.principal.UsernamePasswordCredentials;
+
+
+import org.jboss.portal.identity.sso.AuthenticationService;
+
+/*
+ * Created on May 23, 2007
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class CASAuthenticationHandler extends AbstractUsernamePasswordAuthenticationHandler
+{
+ /**
+ *
+ */
+ protected boolean authenticateUsernamePasswordInternal(UsernamePasswordCredentials credentials) throws AuthenticationException
+ {
+ try
+ {
+ boolean status = false;
+
+ String username = credentials.getUsername();
+ String password = credentials.getPassword();
+
+ MBeanServer mbeanServer = MBeanServerLocator.locateJBoss();
+ AuthenticationService authService = (AuthenticationService)
+ MBeanProxy.get(AuthenticationService.class,new ObjectName("portal:service=Module,type=CASAuthenticationService"),mbeanServer);
+
+ //Perform this operation in the context of a UserTransaction
+ status = authService.authenticate(username, password);
+
+ return status;
+ }
+ catch(Exception e)
+ {
+ e.printStackTrace();
+ return false;
+ }
+ }
+}
Added: modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/cas/CASAuthenticationService.java
===================================================================
--- modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/cas/CASAuthenticationService.java (rev 0)
+++ modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/cas/CASAuthenticationService.java 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,169 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.portal.identity.sso.cas;
+
+import java.util.Iterator;
+import java.util.Set;
+
+import javax.naming.InitialContext;
+
+import org.apache.log4j.Logger;
+
+import org.hibernate.SessionFactory;
+import org.hibernate.Session;
+import org.hibernate.Transaction;
+
+import org.jboss.portal.identity.Role;
+import org.jboss.portal.identity.UserModule;
+import org.jboss.portal.identity.UserProfileModule;
+import org.jboss.portal.identity.MembershipModule;
+import org.jboss.portal.identity.User;
+import org.jboss.portal.identity.sso.AuthenticationService;
+
+/*
+ * Created on May 24, 2007
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class CASAuthenticationService implements AuthenticationService
+{
+ private static Logger log = Logger.getLogger(CASAuthenticationService.class);
+
+ private UserModule userModule = null;
+ private UserProfileModule profileModule = null;
+ private MembershipModule membershipModule = null;
+ private String havingRole = null;
+
+ /**
+ *
+ *
+ */
+ public void start()
+ {
+ try
+ {
+ InitialContext initialContext = new InitialContext();
+
+ this.userModule = (UserModule)initialContext.lookup("java:/portal/UserModule");
+ this.profileModule = (UserProfileModule)initialContext.lookup("java:/portal/UserProfileModule");
+ this.membershipModule = (MembershipModule)initialContext.lookup("java:/portal/MembershipModule");
+ }
+ catch(Exception e)
+ {
+ log.error(this, e);
+ this.stop();
+ }
+ }
+
+ /**
+ *
+ *
+ */
+ public void stop()
+ {
+ this.userModule = null;
+ this.profileModule = null;
+ this.membershipModule = null;
+ this.havingRole = null;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String getHavingRole()
+ {
+ return havingRole;
+ }
+
+ /**
+ *
+ * @param havingRole
+ */
+ public void setHavingRole(String havingRole)
+ {
+ this.havingRole = havingRole;
+ }
+
+ /**
+ *
+ */
+ public boolean authenticate(String username, String password)
+ {
+ Session session = null;
+ Transaction tx = null;
+ try
+ {
+ boolean status = false;
+
+ InitialContext initialContext = new InitialContext();
+ SessionFactory sessionFactory = (SessionFactory)initialContext.lookup("java:/portal/IdentitySessionFactory");
+ session = sessionFactory.openSession();
+ tx = session.beginTransaction();
+
+ User user = this.userModule.findUserByUserName(username);
+ if(user != null)
+ {
+ //Check and make sure the user account is enabled
+ Boolean enabled = (Boolean)this.profileModule.getProperty(user, User.INFO_USER_ENABLED);
+ if(enabled != null || enabled.booleanValue())
+ {
+ //Check and make sure user has proper role setup
+ if(this.havingRole != null && this.havingRole.trim().length()>0)
+ {
+ boolean hasTheRole = false;
+ Set roles = this.membershipModule.getRoles(user);
+ for (Iterator i = roles.iterator(); i.hasNext();)
+ {
+ Role role = (Role)i.next();
+ if (this.havingRole.equals(role.getName()))
+ {
+ hasTheRole = true;
+ break;
+ }
+ }
+ if (!hasTheRole)
+ {
+ return false;
+ }
+ }
+
+ //Now perform validation
+ status = user.validatePassword(password);
+ }
+ }
+
+ return status;
+ }
+ catch(Exception e)
+ {
+ log.error(this, e);
+ return false;
+ }
+ finally
+ {
+ tx.commit();
+ session.close();
+ }
+ }
+}
Added: modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/cas/CASAuthenticationValve.java
===================================================================
--- modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/cas/CASAuthenticationValve.java (rev 0)
+++ modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/cas/CASAuthenticationValve.java 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,477 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.portal.identity.sso.cas;
+
+import java.util.List;
+import java.util.ArrayList;
+import java.io.IOException;
+import java.net.URLEncoder;
+import java.security.Principal;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpSession;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.catalina.Context;
+import org.apache.catalina.Session;
+import org.apache.catalina.authenticator.Constants;
+import org.apache.catalina.connector.Request;
+import org.apache.catalina.connector.Response;
+import org.apache.catalina.valves.ValveBase;
+
+import edu.yale.its.tp.cas.client.*;
+
+/*
+ * Created on May 23, 2007
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class CASAuthenticationValve extends ValveBase
+{
+ /**
+ * The name of the filter initialization parameter the value of which should
+ * be the https: address of the CAS Login servlet. Optional parameter, but
+ * required for successful redirection of unauthenticated requests to
+ * authentication.
+ */
+ public final static String LOGIN_INIT_PARAM = "edu.yale.its.tp.cas.client.filter.loginUrl";
+
+ /**
+ * The name of the filter initialization parameter the value of which must be
+ * the https: address of the CAS Validate servlet. Must be a CAS 2.0 validate
+ * servlet (CAS 1.0 non-XML won't suffice). Required parameter.
+ */
+ public final static String VALIDATE_INIT_PARAM = "edu.yale.its.tp.cas.client.filter.validateUrl";
+
+ /**
+ * The name of the filter initialization parameter the value of which must be
+ * the address of the service this filter is filtering. The filter will use
+ * this as the service parameter for CAS login and validation. Either this
+ * parameter or SERVERNAME_INIT_PARAM must be set.
+ */
+ public final static String SERVICE_INIT_PARAM = "edu.yale.its.tp.cas.client.filter.serviceUrl";
+
+ /**
+ * The name of the filter initialization parameter the vlaue of which must be
+ * the server name, e.g. www.yale.edu , of the service this filter is
+ * filtering. The filter will construct from this name and the request the
+ * full service parameter for CAS login and validation.
+ */
+ public final static String SERVERNAME_INIT_PARAM = "edu.yale.its.tp.cas.client.filter.serverName";
+
+ /**
+ * The name of the filter initialization parameter the value of which must be
+ * the String that should be sent as the "renew" parameter on the request for
+ * login and validation. This should either be "true" or not be set. It is
+ * mutually exclusive with GATEWAY.
+ */
+ public final static String RENEW_INIT_PARAM = "edu.yale.its.tp.cas.client.filter.renew";
+
+ /**
+ * The name of the filter initialization parameter the value of which must be
+ * a whitespace delimited list of services (ProxyTicketReceptors) authorized
+ * to proxy authentication to the service filtered by this Filter. These must
+ * be https: URLs. This parameter is optional - not setting it results in no
+ * proxy tickets being acceptable.
+ */
+ public final static String AUTHORIZED_PROXY_INIT_PARAM = "edu.yale.its.tp.cas.client.filter.authorizedProxy";
+
+ /**
+ * The name of the filter initialization parameter the value of which must be
+ * the https: URL to which CAS should send Proxy Granting Tickets when this
+ * filter validates tickets.
+ */
+ public final static String PROXY_CALLBACK_INIT_PARAM = "edu.yale.its.tp.cas.client.filter.proxyCallbackUrl";
+
+ /**
+ * The name of the filter initialization parameter the value of which
+ * indicates whether this filter should wrap requests to expose the
+ * authenticated username.
+ */
+ public final static String WRAP_REQUESTS_INIT_PARAM = "edu.yale.its.tp.cas.client.filter.wrapRequest";
+
+ /**
+ * The name of the filter initialization parameter the value of which is the
+ * value the Filter should send for the gateway parameter on the CAS login
+ * request.
+ */
+ public final static String GATEWAY_INIT_PARAM = "edu.yale.its.tp.cas.client.filter.gateway";
+
+ // Session attributes used by this filter
+
+ /**
+ * <p>
+ * Session attribute in which the username is stored.
+ * </p>
+ */
+ public final static String CAS_FILTER_USER = "edu.yale.its.tp.cas.client.filter.user";
+
+ /**
+ * Session attribute in which the CASReceipt is stored.
+ */
+ public final static String CAS_FILTER_RECEIPT = "edu.yale.its.tp.cas.client.filter.receipt";
+
+ // *********************************************************************
+ // Configuration state
+ /** Secure URL whereat CAS offers its login service. */
+ private String casLogin;
+
+ /** Secure URL whereat CAS offers its CAS 2.0 validate service */
+ private String casValidate;
+
+ /** Filtered service URL for use as service parameter to login and validate */
+ private String casServiceUrl;
+
+ /**
+ * Name of server, for use in assembling service URL for use as service
+ * parameter to login and validate.
+ */
+ private String casServerName;
+
+ /**
+ * Secure URL whereto this filter should ask CAS to send Proxy Granting
+ * Tickets.
+ */
+ private String casProxyCallbackUrl;
+
+ /** True if renew parameter should be set on login and validate */
+ private boolean casRenew;
+
+ /** True if this filter should set gateway=true on login redirect */
+ private boolean casGateway = false;
+
+ /**
+ * List of ProxyTicketReceptor URLs of services authorized to proxy to the
+ * path behind this filter.
+ */
+ private List authorizedProxies = new ArrayList();
+
+ /**
+ *
+ */
+ private String authType = null;
+
+ /**
+ *
+ * @return
+ */
+ public String getCasLogin()
+ {
+ return casLogin;
+ }
+
+ /**
+ *
+ * @param casLogin
+ */
+ public void setCasLogin(String casLogin)
+ {
+ this.casLogin = casLogin;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String getCasServerName()
+ {
+ return casServerName;
+ }
+
+ /**
+ *
+ * @param casServerName
+ */
+ public void setCasServerName(String casServerName)
+ {
+ this.casServerName = casServerName;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String getCasValidate()
+ {
+ return casValidate;
+ }
+
+ /**
+ *
+ * @param casValidate
+ */
+ public void setCasValidate(String casValidate)
+ {
+ this.casValidate = casValidate;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String getAuthType()
+ {
+ return authType;
+ }
+
+ /**
+ *
+ * @param authType
+ */
+ public void setAuthType(String authType)
+ {
+ this.authType = authType;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String getCasServiceUrl()
+ {
+ return this.casServiceUrl;
+ }
+
+ /**
+ *
+ * @param casServiceUrl
+ */
+ public void setCasServiceUrl(String casServiceUrl)
+ {
+ this.casServiceUrl = casServiceUrl;
+ }
+
+ /**
+ *
+ */
+ public void invoke(Request request, Response response) throws IOException,
+ ServletException
+ {
+ HttpServletRequest httpRequest = (HttpServletRequest) request;
+ HttpSession session = httpRequest.getSession();
+
+ String requestURI = request.getRequestURI();
+ if ((requestURI.indexOf("/auth/") != -1
+ || requestURI.indexOf("/authsec/") != -1 || requestURI
+ .indexOf("/sec/") != -1)
+ && request.getParameter("ticket") == null
+ && session.getAttribute(CAS_FILTER_USER) == null)
+ {
+ // perform CAS login by going to the CAS authentication server
+ redirectToCAS((HttpServletRequest) request,
+ (HttpServletResponse) response);
+ return;
+ }
+
+
+ if (request.getParameter("ticket") != null
+ && session.getAttribute(CAS_FILTER_USER) == null)
+ {
+ CASReceipt receipt = null;
+ try
+ {
+ receipt = getAuthenticatedUser(httpRequest);
+ }
+ catch (CASAuthenticationException e)
+ {
+ throw new ServletException(e);
+ }
+
+ if (!isReceiptAcceptable(receipt))
+ {
+ throw new ServletException(
+ "Authentication was technically successful but rejected as a matter of policy. ["
+ + receipt + "]");
+ }
+
+ session.setAttribute(CAS_FILTER_USER, receipt.getUserName());
+ session.setAttribute(CAS_FILTER_RECEIPT, receipt);
+
+ // perform the portal JAAS authentication
+ String user = receipt.getUserName();
+ request.setAttribute("ssoSuccess", new Boolean(true));
+ Principal principal = ((Context) this.container).getRealm()
+ .authenticate(user, (String) null);
+ if (principal != null)
+ {
+ this.register(request, response, principal, this.authType, user,
+ (String) null);
+ }
+ }
+
+ // continue processing the request
+ this.getNext().invoke(request, response);
+ }
+
+ /**
+ * Register an authenticated Principal and authentication type in our
+ * request, in the current session (if there is one), and with our
+ * SingleSignOn valve, if there is one. Set the appropriate cookie to be
+ * returned.
+ *
+ * @param request
+ * The servlet request we are processing
+ * @param response
+ * The servlet response we are generating
+ * @param principal
+ * The authenticated Principal to be registered
+ * @param authType
+ * The authentication type to be registered
+ * @param username
+ * Username used to authenticate (if any)
+ * @param password
+ * Password used to authenticate (if any)
+ */
+ private void register(Request request, Response response,
+ Principal principal, String authType, String username, String password)
+ {
+ // Cache the authentication information in our request
+ request.setAuthType(authType);
+ request.setUserPrincipal(principal);
+
+ Session session = request.getSessionInternal(false);
+ // Cache the authentication information in our session, if any
+ if (session != null)
+ {
+ session.setAuthType(authType);
+ session.setPrincipal(principal);
+ if (username != null)
+ {
+ session.setNote(Constants.SESS_USERNAME_NOTE, username);
+ }
+ else
+ {
+ session.removeNote(Constants.SESS_USERNAME_NOTE);
+ }
+ if (password != null)
+ {
+ session.setNote(Constants.SESS_PASSWORD_NOTE, password);
+ }
+ else
+ {
+ session.removeNote(Constants.SESS_PASSWORD_NOTE);
+ }
+ }
+ }
+
+ // CAS related utility
+ // methods---------------------------------------------------------------------------------------------------------
+ /**
+ * Is this receipt acceptable as evidence of authentication by credentials
+ * that would have been acceptable to this path? Current implementation
+ * checks whether from renew and whether proxy was authorized.
+ *
+ * @param receipt
+ * @return true if acceptable, false otherwise
+ */
+ private boolean isReceiptAcceptable(CASReceipt receipt)
+ {
+ if (receipt == null) throw new IllegalArgumentException(
+ "Cannot evaluate a null receipt.");
+ if (this.casRenew && !receipt.isPrimaryAuthentication())
+ {
+ return false;
+ }
+ if (receipt.isProxied())
+ {
+ if (!this.authorizedProxies.contains(receipt.getProxyingService()))
+ {
+ return false;
+ }
+ }
+ return true;
+ }
+
+ /**
+ * Converts a ticket parameter to a CASReceipt, taking into account an
+ * optionally configured trusted proxy in the tier immediately in front of
+ * us.
+ *
+ * @throws ServletException -
+ * when unable to get service for request
+ * @throws CASAuthenticationException -
+ * on authentication failure
+ */
+ private CASReceipt getAuthenticatedUser(HttpServletRequest request)
+ throws ServletException, CASAuthenticationException
+ {
+ ProxyTicketValidator pv = null;
+
+ pv = new ProxyTicketValidator();
+ pv.setCasValidateUrl(casValidate);
+ pv.setServiceTicket(request.getParameter("ticket"));
+ pv.setService(getService(request));
+ pv.setRenew(Boolean.valueOf(casRenew).booleanValue());
+ if (casProxyCallbackUrl != null)
+ {
+ pv.setProxyCallbackUrl(casProxyCallbackUrl);
+ }
+
+ return CASReceipt.getReceipt(pv);
+ }
+
+
+ /**
+ * Redirects the user to CAS, determining the service from the request.
+ */
+ private void redirectToCAS(HttpServletRequest request,
+ HttpServletResponse response) throws IOException, ServletException
+ {
+ String casLoginString = casLogin + "?service="
+ + getService((HttpServletRequest) request)
+ + ((casRenew) ? "&renew=true" : "")
+ + (casGateway ? "&gateway=true" : "");
+
+ ((HttpServletResponse) response).sendRedirect(casLoginString);
+ }
+
+ /**
+ * Returns either the configured service or figures it out for the current
+ * request. The returned service is URL-encoded.
+ */
+ private String getService(HttpServletRequest request)
+ throws ServletException
+ {
+ String serviceString;
+
+ // ensure we have a server name or service name
+ if (casServerName == null && casServiceUrl == null) throw new ServletException(
+ "need one of the following configuration "
+ + "parameters: edu.yale.its.tp.cas.client.filter.serviceUrl or "
+ + "edu.yale.its.tp.cas.client.filter.serverName");
+
+ // use the given string if it's provided
+ if (casServiceUrl != null)
+ {
+ serviceString = URLEncoder.encode(casServiceUrl);
+ }
+ else
+ {
+ // otherwise, return our best guess at the service
+ serviceString = Util.getService(request, casServerName);
+ }
+
+ return serviceString;
+ }
+}
Added: modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOIdentityService.java
===================================================================
--- modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOIdentityService.java (rev 0)
+++ modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOIdentityService.java 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,47 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.portal.identity.sso.josso;
+
+import org.jboss.portal.identity.sso.AuthenticationService;
+
+/*
+ * Created on May 24, 2007
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public interface JOSSOIdentityService extends AuthenticationService
+{
+ /**
+ *
+ * @param username
+ * @return
+ */
+ public String[] getUserRoles(String username);
+
+ /**
+ *
+ * @param username
+ * @return
+ */
+ public boolean exists(String username);
+}
Added: modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOIdentityServiceImpl.java
===================================================================
--- modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOIdentityServiceImpl.java (rev 0)
+++ modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOIdentityServiceImpl.java 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,213 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.portal.identity.sso.josso;
+
+import java.util.Iterator;
+import java.util.Set;
+
+import javax.naming.InitialContext;
+
+import org.apache.log4j.Logger;
+
+import org.hibernate.SessionFactory;
+import org.hibernate.Session;
+import org.hibernate.Transaction;
+
+import org.jboss.portal.identity.Role;
+import org.jboss.portal.identity.UserModule;
+import org.jboss.portal.identity.UserProfileModule;
+import org.jboss.portal.identity.MembershipModule;
+import org.jboss.portal.identity.User;
+import org.jboss.portal.identity.sso.josso.JOSSOIdentityService;
+
+/*
+ * Created on May 24, 2007
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class JOSSOIdentityServiceImpl implements JOSSOIdentityService
+{
+ private static Logger log = Logger.getLogger(JOSSOIdentityServiceImpl.class);
+
+ private UserModule userModule = null;
+ private UserProfileModule profileModule = null;
+ private MembershipModule membershipModule = null;
+
+ /**
+ *
+ *
+ */
+ public void start()
+ {
+ try
+ {
+ InitialContext initialContext = new InitialContext();
+
+ this.userModule = (UserModule)initialContext.lookup("java:/portal/UserModule");
+ this.profileModule = (UserProfileModule)initialContext.lookup("java:/portal/UserProfileModule");
+ this.membershipModule = (MembershipModule)initialContext.lookup("java:/portal/MembershipModule");
+ }
+ catch(Exception e)
+ {
+ log.error(this, e);
+ this.stop();
+ }
+ }
+
+ /**
+ *
+ *
+ */
+ public void stop()
+ {
+ this.userModule = null;
+ this.profileModule = null;
+ this.membershipModule = null;
+ }
+
+ /**
+ *
+ * @param username
+ * @return
+ */
+ public String[] getUserRoles(String username)
+ {
+ Session session = null;
+ Transaction tx = null;
+ try
+ {
+ String[] userRoles = null;
+
+ InitialContext initialContext = new InitialContext();
+ SessionFactory sessionFactory = (SessionFactory)initialContext.lookup("java:/portal/IdentitySessionFactory");
+ session = sessionFactory.openSession();
+ tx = session.beginTransaction();
+
+ User user = this.userModule.findUserByUserName(username);
+ if(user != null && user.getUserName().trim().equals(username.trim()))
+ {
+ Set roles = this.membershipModule.getRoles(user);
+ userRoles = new String[roles.size()+1];
+ userRoles[0] = "Authenticated";
+ int index = 1;
+ for(Iterator itr=roles.iterator();itr.hasNext();)
+ {
+ Role role = (Role)itr.next();
+ userRoles[index++] = role.getName();
+ }
+ }
+
+ return userRoles;
+ }
+ catch(Exception e)
+ {
+ log.error(this, e);
+ throw new RuntimeException(e);
+ }
+ finally
+ {
+ tx.commit();
+ session.close();
+ }
+ }
+
+ /**
+ *
+ * @param username
+ * @return
+ */
+ public boolean exists(String username)
+ {
+ Session session = null;
+ Transaction tx = null;
+ try
+ {
+ boolean exists = false;
+
+ InitialContext initialContext = new InitialContext();
+ SessionFactory sessionFactory = (SessionFactory)initialContext.lookup("java:/portal/IdentitySessionFactory");
+ session = sessionFactory.openSession();
+ tx = session.beginTransaction();
+
+ User user = this.userModule.findUserByUserName(username);
+ if(user != null && user.getUserName().trim().equals(username.trim()))
+ {
+ exists = true;
+ }
+
+ return exists;
+ }
+ catch(Exception e)
+ {
+ log.error(this, e);
+ throw new RuntimeException(e);
+ }
+ finally
+ {
+ tx.commit();
+ session.close();
+ }
+ }
+
+ /**
+ *
+ */
+ public boolean authenticate(String username, String password)
+ {
+ Session session = null;
+ Transaction tx = null;
+ try
+ {
+ boolean status = false;
+
+ InitialContext initialContext = new InitialContext();
+ SessionFactory sessionFactory = (SessionFactory)initialContext.lookup("java:/portal/IdentitySessionFactory");
+ session = sessionFactory.openSession();
+ tx = session.beginTransaction();
+
+ User user = this.userModule.findUserByUserName(username);
+ if(user != null)
+ {
+ //Check and make sure the user account is enabled
+ Boolean enabled = (Boolean)this.profileModule.getProperty(user, User.INFO_USER_ENABLED);
+ if(enabled != null || enabled.booleanValue())
+ {
+ //Now perform validation
+ status = user.validatePassword(password);
+ }
+ }
+
+ return status;
+ }
+ catch(Exception e)
+ {
+ log.error(this, e);
+ return false;
+ }
+ finally
+ {
+ tx.commit();
+ session.close();
+ }
+ }
+}
Added: modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOIdentityStore.java
===================================================================
--- modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOIdentityStore.java (rev 0)
+++ modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOIdentityStore.java 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,191 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.portal.identity.sso.josso;
+
+import javax.management.MBeanServer;
+import javax.management.ObjectName;
+
+import org.apache.log4j.Logger;
+
+import org.jboss.mx.util.MBeanProxy;
+import org.jboss.mx.util.MBeanServerLocator;
+import org.jboss.portal.identity.sso.josso.JOSSOIdentityService;
+import org.josso.gateway.SSONameValuePair;
+import org.josso.gateway.identity.exceptions.NoSuchUserException;
+import org.josso.gateway.identity.exceptions.SSOIdentityException;
+import org.josso.gateway.identity.service.BaseRole;
+import org.josso.gateway.identity.service.BaseRoleImpl;
+import org.josso.gateway.identity.service.BaseUser;
+import org.josso.gateway.identity.service.BaseUserImpl;
+import org.josso.gateway.identity.service.store.IdentityStore;
+import org.josso.gateway.identity.service.store.UserKey;
+import org.josso.gateway.identity.service.store.SimpleUserKey;
+import org.josso.auth.Credential;
+import org.josso.auth.CredentialKey;
+import org.josso.auth.BindableCredentialStore;
+import org.josso.auth.exceptions.SSOAuthenticationException;
+import org.josso.auth.scheme.AuthenticationScheme;
+import org.josso.auth.scheme.UsernameCredential;
+import org.josso.auth.scheme.PasswordCredential;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class JOSSOIdentityStore implements IdentityStore, BindableCredentialStore
+{
+ /**
+ *
+ */
+ private static Logger log = Logger.getLogger(JOSSOIdentityStore.class);
+
+ /**
+ *
+ */
+ private AuthenticationScheme authenticationScheme = null;
+
+ /**
+ *
+ */
+ private JOSSOIdentityService portalIdentityService = null;
+
+
+ /**
+ *
+ *
+ */
+ public JOSSOIdentityStore()
+ {
+ try
+ {
+ MBeanServer mbeanServer = MBeanServerLocator.locateJBoss();
+ this.portalIdentityService = (JOSSOIdentityService)
+ MBeanProxy.get(JOSSOIdentityService.class,new ObjectName("portal:service=Module,type=JOSSOIdentityService"),mbeanServer);
+ }
+ catch(Exception e)
+ {
+ this.authenticationScheme = null;
+ this.portalIdentityService = null;
+
+ log.error(this, e);
+ throw new RuntimeException("JOSSOIdentityStore registration failed....");
+ }
+ }
+ //-----IdentityStore implementation--------------------------------------------------------------------------------------------------
+ /**
+ *
+ */
+ public BaseRole[] findRolesByUserKey(UserKey userKey)
+ throws SSOIdentityException
+ {
+ if(this.portalIdentityService == null)
+ {
+ throw new IllegalStateException("JOSSOIdentityStore not properly registered with the JOSSO system..");
+ }
+
+ //Get the role information from the Portal Identity System
+ String[] userRoles = this.portalIdentityService.getUserRoles(userKey.toString());
+
+ //Map the Portal Identity information to JOSSO Identity information
+ BaseRole[] roles = new BaseRole[userRoles.length];
+ for(int i=0; i<userRoles.length; i++)
+ {
+ roles[i] = new BaseRoleImpl(userRoles[i]);
+ }
+
+
+ return roles;
+ }
+
+ /**
+ *
+ */
+ public BaseUser loadUser(UserKey userKey) throws NoSuchUserException,
+ SSOIdentityException
+ {
+ if(this.portalIdentityService == null)
+ {
+ throw new IllegalStateException("JOSSOIdentityStore not properly registered with the JOSSO system..");
+ }
+
+ //Map the Portal Identity to JOSSO Identity
+ BaseUser user = new BaseUserImpl();
+ user.setName(userKey.toString());
+ user.addProperty("password", "");
+
+ return user;
+ }
+
+ /**
+ *
+ */
+ public boolean userExists(UserKey userKey) throws SSOIdentityException
+ {
+ if(this.portalIdentityService == null)
+ {
+ throw new IllegalStateException("JOSSOIdentityStore not properly registered with the JOSSO system..");
+ }
+
+ return this.portalIdentityService.exists(userKey.toString());
+ }
+ //---------BindableCredentialStore implementation---------------------------------------------------------------------------------------------
+ /**
+ *
+ */
+ public Credential[] loadCredentials(CredentialKey credentialKey) throws SSOIdentityException
+ {
+ if(this.portalIdentityService == null)
+ {
+ throw new IllegalStateException("JOSSOIdentityStore not properly registered with the JOSSO system..");
+ }
+
+ //Get the User corresponding to this credentialKey
+ BaseUser user = this.loadUser((SimpleUserKey)credentialKey);
+ SSONameValuePair[] properties = user.getProperties();
+ String password = properties[0].getValue();
+
+ return new Credential[]{new UsernameCredential(user.getName()), new PasswordCredential(password)};
+ }
+
+ /**
+ *
+ */
+ public boolean bind(String username, String password) throws SSOAuthenticationException
+ {
+ return this.portalIdentityService.authenticate(username, password);
+ }
+
+
+ /**
+ *
+ */
+ public void setAuthenticationScheme(AuthenticationScheme authenticationScheme)
+ {
+ if(this.portalIdentityService == null)
+ {
+ throw new IllegalStateException("JOSSOIdentityStore not properly registered with the JOSSO system..");
+ }
+
+ this.authenticationScheme = authenticationScheme;
+ }
+}
Added: modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLoginModule.java
===================================================================
--- modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLoginModule.java (rev 0)
+++ modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLoginModule.java 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,213 @@
+/*
+ * Copyright (c) 2004-2006, Novascope S.A. and the JOSSO team
+ * All rights reserved.
+ * Redistribution and use in source and binary forms, with or
+ * without modification, are permitted provided that the following
+ * conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * * Neither the name of the JOSSO team nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
+ * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+package org.jboss.portal.identity.sso.josso;
+
+import org.apache.log4j.Logger;
+import org.josso.gateway.identity.SSORole;
+import org.josso.gateway.identity.SSOUser;
+import org.josso.gateway.identity.service.BaseRoleImpl;
+import org.josso.gateway.identity.service.BaseUserImpl;
+import org.josso.tc55.agent.jaas.SSOGatewayLoginModule;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.login.LoginException;
+import java.security.Principal;
+import java.security.acl.Group;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.Set;
+
+/**
+ * SSOGatewayLogin Module for JBoss.
+ * <p>
+ * It specialized the SSOGatewayLoginModule by associating an additional
+ * group called ("Roles") which contains user roles.
+ * The original SSOGatewayLoginModule associates the user and its roles directly
+ * as Subject's Principals. This won't work in JBoss since it obtains user roles
+ * from a special Group that must be called "Roles".
+ * This LoginModule adds this special group, adds the roles as members of it and
+ * associates such group to the Subject as built by the SSOGatewayLoginModule.
+ * <p>
+ * To configure this JAAS Login Module module, add to the
+ * $JBOSS_HOME/server/default/conf/login-config.xml file the following entry :
+ * <p>
+<pre>
+<policy>
+ <!-- Used by JOSSO Agents for authenticating users against the Gateway -->
+ <application-policy name = "josso">
+ <authentication>
+ <login-module code = "org.josso.jb32.agent.JBossSSOGatewayLoginModule"
+ flag = "required">
+ <module-option name="debug">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+ ...
+ </policy>
+</pre>
+ *
+ * @author <a href="mailto:gbrigand@josso.org">Gianluca Brigandi</a>
+ * @version CVS $Id: JBossSSOGatewayLoginModule.java 338 2006-02-09 16:53:07Z sgonzalez $
+ */
+
+public class JOSSOLoginModule extends SSOGatewayLoginModule {
+
+ private static final Logger logger = Logger.getLogger(JOSSOLoginModule .class);
+
+ private Subject _savedSubject;
+
+ /** the principal to use when user is not authenticated **/
+ protected SSOUser _unauthenticatedIdentity;
+
+
+ /**
+ * Initialize this LoginModule .
+ * Save the received Subject to change it when commit() gets invoked.
+ *
+ * @param subject the Subject to be authenticated.
+ *
+ * @param callbackHandler a CallbackHandler for communicating
+ * with the end user (prompting for user names and
+ * passwords, for example).
+ *
+ * @param sharedState shared LoginModule state.
+ *
+ * @param options options specified in the login Configuration
+ * for this particular LoginModule.
+ */
+ public void initialize(Subject subject, CallbackHandler callbackHandler,
+ Map sharedState, Map options) {
+
+ _savedSubject = subject;
+ super.initialize(subject, callbackHandler, sharedState, options);
+ // Check for unauthenticatedIdentity option.
+ String name = (String) options.get("unauthenticatedIdentity");
+ if( name != null )
+ {
+ try
+ {
+ _unauthenticatedIdentity = createIdentity(name);
+ logger.debug("Saw unauthenticatedIdentity="+name);
+ }
+ catch(Exception e)
+ {
+ logger.warn("Failed to create custom unauthenticatedIdentity", e);
+ }
+ }
+ }
+
+ /**
+ * This method supports the unauthenticatedIdentity property used by JBoss.
+ */
+ public boolean login() throws LoginException {
+
+ if (!super.login()) {
+ // We have an unauthenticated user, use configured Principal
+ if (_unauthenticatedIdentity != null) {
+ logger.debug("Authenticated as unauthenticatedIdentity : " + _unauthenticatedIdentity);
+ _ssoUserPrincipal = _unauthenticatedIdentity;
+ _succeeded = true;
+ return true;
+ }
+ }
+
+ return true;
+ }
+
+ /*
+ * This method is called if the LoginContext's overall authentication succeeded.
+ *
+ * The Subject saved in the previously executed initialize() method, is modified
+ * by adding a new special Group called "Roles" whose members are the SSO user roles.
+ * JBoss will fetch user roles by examining such group.
+ *
+ * @exception LoginException if the commit fails.
+ *
+ * @return true if this LoginModule's own login and commit
+ * attempts succeeded, or false otherwise.
+ */
+ public boolean commit() throws LoginException {
+ boolean rc = false;
+ // HashMap setsMap = new HashMap();
+
+ rc = super.commit();
+
+ Set ssoRolePrincipals = _savedSubject.getPrincipals(SSORole.class);
+ Group targetGrp = new BaseRoleImpl("Roles");
+ Iterator i = ssoRolePrincipals.iterator();
+ Set cour = new java.util.HashSet();
+ while (i.hasNext()) {
+ Principal p = (Principal)i.next();
+
+ targetGrp.addMember(p); // Add user role to "Roles" group
+
+ //super hack to make the Subject work properly with the Portal Authorization Engine
+ ((BaseRoleImpl)p).addMember(this.createIdentity(p.getName()));
+ }
+ // Add the "Roles" group to the Subject so that JBoss can fetch user roles.
+ _savedSubject.getPrincipals().removeAll(ssoRolePrincipals);
+ _savedSubject.getPrincipals().add(targetGrp);
+
+ /*Set ssoUserPrincipals = _savedSubject.getPrincipals(SSOUser.class);
+ Group callerPrincipal = new BaseRoleImpl("CallerPrincipal");
+ Iterator j = ssoUserPrincipals.iterator();
+ if (j.hasNext()) {
+ Principal user = (Principal) j.next();
+ callerPrincipal.addMember(user);
+ }
+
+ // Add the "CallerPrincipal" group to the Subject so that JBoss can fetch user.
+ _savedSubject.getPrincipals().add(callerPrincipal);*/
+
+ return rc;
+ }
+
+ protected SSOUser createIdentity(String username) {
+ return new BaseUserImpl(username);
+ }
+
+ protected SSORole[] getRoleSets() throws LoginException {
+ if (_ssoUserPrincipal == _unauthenticatedIdentity) {
+ // Using unauthenticatedIdentity ..
+ if(logger.isDebugEnabled())
+ logger.debug("Using unauthenticatedIdentity " + _ssoUserPrincipal + ", returning no roles.");
+
+ return new SSORole[0];
+ }
+ return super.getRoleSets();
+ }
+
+}
Added: modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLogoutValve.java
===================================================================
--- modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLogoutValve.java (rev 0)
+++ modules/identity/trunk/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLogoutValve.java 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,122 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.portal.identity.sso.josso;
+
+import java.io.IOException;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.Cookie;
+
+import org.apache.catalina.connector.Request;
+import org.apache.catalina.connector.Response;
+import org.apache.catalina.valves.ValveBase;
+
+/*
+ * Created on May 23, 2007
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class JOSSOLogoutValve extends ValveBase
+{
+ /**
+ *
+ */
+ public void invoke(Request request, Response response) throws IOException,
+ ServletException
+ {
+ HttpServletRequest httpRequest = (HttpServletRequest) request;
+
+ Cookie jossoPortalCookie = this.findJOSSOPortalLogoutCookie(httpRequest);
+ if(jossoPortalCookie != null)
+ {
+ String referer = jossoPortalCookie.getValue();
+
+ if(referer != null && referer.trim().length() > 0)
+ {
+ //Delete this cookie
+ jossoPortalCookie = new Cookie("JOSSO_PORTAL_LOGOUT", "");
+ jossoPortalCookie.setMaxAge(0); //setting the value to 0 should delete this cookie from the browser
+ response.addCookie(jossoPortalCookie);
+
+ //This form of redirect is needed instead of sendRedirect
+ //otherwise the JBOSS_PORTAL_LOGOUT cookie cleanup does not happen
+ StringBuffer buffer = new StringBuffer();
+ buffer.append("<html>"+"\n");
+ buffer.append("<head>"+"\n");
+ buffer.append("</head>"+"\n");
+ buffer.append("<body onload=\"setTimeout('document.form1.submit()',1000);\">"+"\n");
+ buffer.append("<form name=\"form1\" action=\""+referer+"\" method=\"post\">"+"\n");
+ buffer.append("</form>"+"\n");
+ buffer.append("</body>"+"\n");
+ buffer.append("</html>"+"\n");
+
+ response.getOutputStream().write(buffer.toString().getBytes());
+ response.getOutputStream().flush();
+
+ return;
+ }
+ }
+
+ // continue processing the request
+ this.getNext().invoke(request, response);
+
+ if(httpRequest.getRequestURI().endsWith("/signout"))
+ {
+ String jossoLogout = httpRequest.getContextPath() + org.josso.agent.Constants.JOSSO_LOGOUT_URI;
+
+ Cookie cookie = new Cookie("JOSSO_PORTAL_LOGOUT",httpRequest.getHeader("Referer"));
+ cookie.setMaxAge(-1); //setting the value so that cookie expires when broser is closed
+ response.addCookie(cookie);
+
+ response.sendRedirect(jossoLogout);
+ }
+ }
+
+ /**
+ *
+ * @param request
+ * @return
+ */
+ private Cookie findJOSSOPortalLogoutCookie(HttpServletRequest request)
+ {
+ Cookie cookie = null;
+
+ Cookie[] cookies = request.getCookies();
+ if(cookies != null)
+ {
+ for(int i=0; i<cookies.length; i++)
+ {
+ Cookie cour = cookies[i];
+
+ if(cour.getName().equals("JOSSO_PORTAL_LOGOUT"))
+ {
+ cookie = cour;
+ break;
+ }
+ }
+ }
+
+ return cookie;
+ }
+}
Added: modules/identity/trunk/sso/src/main/org/jboss/portal/test/identity/sso/CASTestCase.java
===================================================================
--- modules/identity/trunk/sso/src/main/org/jboss/portal/test/identity/sso/CASTestCase.java (rev 0)
+++ modules/identity/trunk/sso/src/main/org/jboss/portal/test/identity/sso/CASTestCase.java 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,606 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.portal.test.identity.sso;
+
+import java.util.Map;
+import java.util.Set;
+import java.util.Iterator;
+import java.util.HashMap;
+
+import org.jboss.portal.test.framework.mc.TestRuntimeContext;
+
+import org.apache.commons.httpclient.HttpClient;
+import org.apache.commons.httpclient.Cookie;
+import org.apache.commons.httpclient.NameValuePair;
+import org.apache.commons.httpclient.methods.GetMethod;
+import org.apache.commons.httpclient.methods.PostMethod;
+import org.apache.commons.httpclient.protocol.Protocol;
+
+import junit.framework.TestCase;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class CASTestCase extends TestCase
+{
+ /**
+ *
+ */
+ private String portalServer = null;
+ private String firstPortalContext = null;
+ private String secondPortalContext = null;
+ private String userLoggedInIndicator = null;
+ private String username = null;
+ private String password = null;
+
+ /**
+ *
+ */
+ protected TestRuntimeContext runtimeContext = null;
+
+ /**
+ *
+ */
+ protected void setUp() throws Exception
+ {
+ super.setUp();
+
+ this.runtimeContext = new TestRuntimeContext("org/jboss/portal/test/identity/sso-beans.xml");
+
+ this.runtimeContext.addBean("CASConfig", this);
+ this.runtimeContext.addBean("JOSSOConfig", new JOSSOTestCase());
+
+ this.runtimeContext.start();
+
+ //SSL setup
+ Protocol.registerProtocol("https",new Protocol("https", new EasySSLProtocolSocketFactory(), 443));
+ }
+
+ /**
+ *
+ */
+ protected void tearDown() throws Exception
+ {
+ super.tearDown();
+
+ //Service stoppage
+ this.runtimeContext.stop();
+
+ //Data cleanup
+ this.runtimeContext = null;
+ this.portalServer = null;
+ this.firstPortalContext = null;
+ this.secondPortalContext = null;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String getFirstPortalContext()
+ {
+ return firstPortalContext;
+ }
+
+ /**
+ *
+ * @param firstPortalContext
+ */
+ public void setFirstPortalContext(String firstPortalContext)
+ {
+ this.firstPortalContext = firstPortalContext;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String getPortalServer()
+ {
+ return portalServer;
+ }
+
+ /**
+ *
+ * @param portalServer
+ */
+ public void setPortalServer(String portalServer)
+ {
+ this.portalServer = portalServer;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String getSecondPortalContext()
+ {
+ return secondPortalContext;
+ }
+
+ /**
+ *
+ * @param secondPortalContext
+ */
+ public void setSecondPortalContext(String secondPortalContext)
+ {
+ this.secondPortalContext = secondPortalContext;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String getUserLoggedInIndicator()
+ {
+ return userLoggedInIndicator;
+ }
+
+ /**
+ *
+ * @param userLoggedInIndicator
+ */
+ public void setUserLoggedInIndicator(String userLoggedInIndicator)
+ {
+ this.userLoggedInIndicator = userLoggedInIndicator;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String getPassword()
+ {
+ return password;
+ }
+
+ /**
+ *
+ * @param password
+ */
+ public void setPassword(String password)
+ {
+ this.password = password;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String getUsername()
+ {
+ return username;
+ }
+
+ /**
+ *
+ * @param username
+ */
+ public void setUsername(String username)
+ {
+ this.username = username;
+ }
+
+ /**
+ *
+ * @throws Exception
+ */
+ public void test() throws Exception
+ {
+ Cookie casCookie = null;
+ String firstPortalFinalResponse = null;
+ String secondPortalFinalResponse = null;
+
+ //Load the main portal page on firstPortalContext
+ String firstContextPortalUrl = "http://"+this.portalServer+"/"+this.firstPortalContext;
+ WebConversation portalConversation = this.startConversation(firstContextPortalUrl);
+ TestCase.assertFalse(this.isUserLoggedIn(portalConversation.getResponse()));
+
+ //Click the Login link on the firstPortalContext
+ String firstContextLoginUrl = firstContextPortalUrl + "/auth/portal/default/default";
+ this.sendGet(firstContextLoginUrl, portalConversation);
+
+ //Perform redirect to the CAS Server
+ TestCase.assertNotNull(portalConversation.getRedirectLocation());
+ TestCase.assertEquals(portalConversation.getStatusCode(), 302);
+ String casLocation = portalConversation.getRedirectLocation();
+ WebConversation casConversation = this.startConversation(casLocation);
+ String response = casConversation.getResponse();
+ //Extract the conversionId from the response
+ int searchIndex = response.indexOf("value=\"_c")+7;
+ int endIndex = response.indexOf('"', searchIndex);
+ String lt = response.substring(searchIndex,endIndex);
+
+ //Perform HTTP Post based authentication with the CAS Server
+ Map postParams = new HashMap();
+ postParams.put("username", this.username);
+ postParams.put("password", this.password);
+ postParams.put("_eventId", "submit");
+ postParams.put("lt",lt);
+ this.sendPost(casLocation,postParams, casConversation);
+
+ //The Portal Session should now be autenticated
+ TestCase.assertNotNull(casConversation.getRedirectLocation());
+ TestCase.assertEquals(casConversation.getStatusCode(), 302);
+ TestCase.assertTrue(casConversation.getRedirectLocation().indexOf(firstContextLoginUrl) != -1);
+ TestCase.assertNotNull(casConversation.getCasCookie());
+ String goBack = casConversation.getRedirectLocation();
+ casCookie = casConversation.getCasCookie();
+ portalConversation = this.startConversation(goBack);
+ firstPortalFinalResponse = portalConversation.getResponse();
+ TestCase.assertTrue(this.isUserLoggedIn(firstPortalFinalResponse));
+
+ //Load the main portal page on secondPortalContext
+ String secondContextPortalUrl = "http://"+this.portalServer+"/"+this.secondPortalContext;
+ portalConversation = this.startConversation(secondContextPortalUrl);
+
+ //Click the Login Link on the secondPortalContext
+ String secondContextLoginUrl = secondContextPortalUrl + "/auth/portal/default/default";
+ this.sendGet(secondContextLoginUrl, portalConversation);
+
+ //Perform re-direct to the CAS Server but this time sending in the CAS cookie
+ TestCase.assertNotNull(portalConversation.getRedirectLocation());
+ TestCase.assertEquals(portalConversation.getStatusCode(), 302);
+ casLocation = portalConversation.getRedirectLocation();
+ casConversation = this.startConversation(casLocation,casCookie);
+
+
+ //Assert the redirect and it should be to the CAS Server, but this time
+ //It should end up with an Authenticated session back to the secondPortalContext
+ secondPortalFinalResponse = casConversation.getResponse();
+ TestCase.assertTrue(this.isUserLoggedIn(secondPortalFinalResponse));
+
+ //Assert and make sure its the same user logged into both Portals
+ String firstPortalUser = this.extractLoggedInUser(firstPortalFinalResponse);
+ String secondPortalUser = this.extractLoggedInUser(secondPortalFinalResponse);
+ TestCase.assertEquals(firstPortalUser, this.username);
+ TestCase.assertEquals(secondPortalUser, this.username);
+ TestCase.assertEquals(firstPortalUser, secondPortalUser);
+ }
+
+ /**
+ *
+ * @param portalUrl
+ * @return
+ * @throws Exception
+ */
+ private WebConversation startConversation(String portalUrl) throws Exception
+ {
+ WebConversation conversation = null;
+
+ HttpClient httpClient = new HttpClient();
+ GetMethod getMethod = new GetMethod(portalUrl);
+ try
+ {
+ conversation = new WebConversation();
+
+ int statusCode = httpClient.executeMethod(getMethod);
+ String response = getMethod.getResponseBodyAsString();
+
+ Cookie[] cookies = httpClient.getState().getCookies();
+ for(int i=0;i<cookies.length;i++)
+ {
+ if(cookies[i].getName().equals("JSESSIONID"))
+ {
+ conversation.setSessionId(cookies[i].getValue());
+ }
+ }
+
+ conversation.setClient(httpClient);
+ conversation.setStatusCode(statusCode);
+ conversation.setResponse(response);
+ }
+ finally
+ {
+ if(getMethod != null)
+ {
+ getMethod.releaseConnection();
+ }
+ }
+
+ return conversation;
+ }
+
+ /**
+ *
+ * @param portalUrl
+ * @return
+ * @throws Exception
+ */
+ private WebConversation startConversation(String portalUrl, Cookie casCookie) throws Exception
+ {
+ WebConversation conversation = null;
+
+ HttpClient httpClient = new HttpClient();
+ GetMethod getMethod = new GetMethod(portalUrl);
+
+ //Set casCookie to be sent in
+ getMethod.setRequestHeader("Cookie",casCookie.getName()+"="+casCookie.getValue());
+
+ try
+ {
+ conversation = new WebConversation();
+
+ int statusCode = httpClient.executeMethod(getMethod);
+ String response = getMethod.getResponseBodyAsString();
+
+ Cookie[] cookies = httpClient.getState().getCookies();
+ for(int i=0;i<cookies.length;i++)
+ {
+ if(cookies[i].getName().equals("JSESSIONID"))
+ {
+ conversation.setSessionId(cookies[i].getValue());
+ }
+ }
+
+ conversation.setClient(httpClient);
+ conversation.setStatusCode(statusCode);
+ conversation.setResponse(response);
+ }
+ finally
+ {
+ if(getMethod != null)
+ {
+ getMethod.releaseConnection();
+ }
+ }
+
+ return conversation;
+ }
+
+ /**
+ *
+ * @param portalUrl
+ * @param conversation
+ * @throws Exception
+ */
+ private void sendGet(String portalUrl,WebConversation conversation) throws Exception
+ {
+ HttpClient httpClient = conversation.getClient();
+
+ GetMethod getMethod = new GetMethod(portalUrl);
+ getMethod.setFollowRedirects(false);
+ try
+ {
+ int statusCode = httpClient.executeMethod(getMethod);
+
+ String response = getMethod.getResponseBodyAsString();
+
+ Cookie[] cookies = httpClient.getState().getCookies();
+ for(int i=0;i<cookies.length;i++)
+ {
+ if(cookies[i].getName().equals("JSESSIONID"))
+ {
+ conversation.setSessionId(cookies[i].getValue());
+ }
+ }
+
+ conversation.setStatusCode(statusCode);
+ conversation.setResponse(response);
+
+ if(statusCode == 302)
+ {
+ //Store the redirect location
+ String location = getMethod.getResponseHeader("Location").getValue();
+ conversation.setRedirectLocation(location);
+ }
+ }
+ finally
+ {
+ if(getMethod != null)
+ {
+ getMethod.releaseConnection();
+ }
+ }
+ }
+
+
+ /**
+ *
+ * @param url
+ * @param parameters
+ * @param conversation
+ * @throws Exception
+ */
+ private void sendPost(String url,Map parameters,WebConversation conversation) throws Exception
+ {
+ HttpClient httpClient = conversation.getClient();
+
+ PostMethod postMethod = new PostMethod(url);
+
+ //Add post parameters
+ Set keySet = parameters.keySet();
+ NameValuePair[] postdata = new NameValuePair[keySet.size()];
+ int index = 0;
+ for(Iterator itr=keySet.iterator();itr.hasNext();)
+ {
+ String name = (String)itr.next();
+ String value = (String)parameters.get(name);
+ postdata[index++] = new NameValuePair(name,value);
+ }
+ postMethod.setRequestBody(postdata);
+ try
+ {
+ int statusCode = httpClient.executeMethod(postMethod);
+
+ String response = postMethod.getResponseBodyAsString();
+
+ Cookie[] cookies = httpClient.getState().getCookies();
+ for(int i=0;i<cookies.length;i++)
+ {
+ if(cookies[i].getName().equals("JSESSIONID"))
+ {
+ conversation.setSessionId(cookies[i].getValue());
+ }
+ if(cookies[i].getName().equals("CASTGC"))
+ {
+ conversation.setCasCookie(cookies[i]);
+ }
+ }
+
+ conversation.setStatusCode(statusCode);
+ conversation.setResponse(response);
+
+ if(statusCode == 302)
+ {
+ //Store the redirect location
+ String location = postMethod.getResponseHeader("Location").getValue();
+ conversation.setRedirectLocation(location);
+ }
+ }
+ finally
+ {
+ if(postMethod != null)
+ {
+ postMethod.releaseConnection();
+ }
+ }
+ }
+
+ /**
+ *
+ * @param response
+ * @return
+ */
+ private boolean isUserLoggedIn(String response)
+ {
+ boolean isUserLoggedIn = false;
+
+ isUserLoggedIn = (response.indexOf(this.userLoggedInIndicator) != -1);
+
+ return isUserLoggedIn;
+ }
+
+ /**
+ *
+ * @param response
+ * @return
+ */
+ private String extractLoggedInUser(String response)
+ {
+ String loggedInUser = null;
+
+ int startIndex = response.indexOf(this.userLoggedInIndicator) + this.userLoggedInIndicator.length();
+ int endIndex = response.indexOf("<",startIndex);
+
+ loggedInUser = response.substring(startIndex,endIndex).trim();
+
+ return loggedInUser;
+ }
+
+ /**
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+ private static class WebConversation
+ {
+ /**
+ *
+ */
+ private HttpClient client = null;
+ private String sessionId = null;
+ private int statusCode = 0;
+ private String response = null;
+ private String redirectLocation = null;
+ private Cookie casCookie = null;
+
+ /**
+ *
+ *
+ */
+ public WebConversation()
+ {
+
+ }
+
+ /**
+ *
+ * @return
+ */
+ public HttpClient getClient()
+ {
+ return this.client;
+ }
+
+ /**
+ *
+ * @param client
+ */
+ public void setClient(HttpClient client)
+ {
+ this.client = client;
+ }
+
+ public String getResponse()
+ {
+ return response;
+ }
+
+ public void setResponse(String response)
+ {
+ this.response = response;
+ }
+
+ public int getStatusCode()
+ {
+ return statusCode;
+ }
+
+ public void setStatusCode(int statusCode)
+ {
+ this.statusCode = statusCode;
+ }
+
+ public String getSessionId()
+ {
+ return sessionId;
+ }
+
+ public void setSessionId(String sessionId)
+ {
+ this.sessionId = sessionId;
+ }
+
+ public String getRedirectLocation()
+ {
+ return redirectLocation;
+ }
+
+ public void setRedirectLocation(String redirectLocation)
+ {
+ this.redirectLocation = redirectLocation;
+ }
+
+ public Cookie getCasCookie()
+ {
+ return casCookie;
+ }
+
+ public void setCasCookie(Cookie casCookie)
+ {
+ this.casCookie = casCookie;
+ }
+ }
+}
Added: modules/identity/trunk/sso/src/main/org/jboss/portal/test/identity/sso/EasySSLProtocolSocketFactory.java
===================================================================
--- modules/identity/trunk/sso/src/main/org/jboss/portal/test/identity/sso/EasySSLProtocolSocketFactory.java (rev 0)
+++ modules/identity/trunk/sso/src/main/org/jboss/portal/test/identity/sso/EasySSLProtocolSocketFactory.java 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,233 @@
+/*
+ * $Header: /home/jerenkrantz/tmp/commons/commons-convert/cvs/home/cvs/jakarta-commons//httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/EasySSLProtocolSocketFactory.java,v 1.7 2004/06/11 19:26:27 olegk Exp $
+ * $Revision$
+ * $Date$
+ *
+ * ====================================================================
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ====================================================================
+ *
+ * This software consists of voluntary contributions made by many
+ * individuals on behalf of the Apache Software Foundation. For more
+ * information on the Apache Software Foundation, please see
+ * <http://www.apache.org/>.
+ *
+ */
+
+package org.jboss.portal.test.identity.sso;
+
+import java.io.IOException;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.Socket;
+import java.net.SocketAddress;
+import java.net.UnknownHostException;
+
+import org.apache.commons.httpclient.ConnectTimeoutException;
+import org.apache.commons.httpclient.HttpClientError;
+import org.apache.commons.httpclient.params.HttpConnectionParams;
+import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;
+
+import javax.net.SocketFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+
+/**
+ * <p>
+ * EasySSLProtocolSocketFactory can be used to creats SSL {@link Socket}s that
+ * accept self-signed certificates.
+ * </p>
+ * <p>
+ * This socket factory SHOULD NOT be used for productive systems due to security
+ * reasons, unless it is a concious decision and you are perfectly aware of
+ * security implications of accepting self-signed certificates
+ * </p>
+ *
+ * <p>
+ * Example of using custom protocol socket factory for a specific host:
+ *
+ * <pre>
+ * Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(),
+ * 443);
+ * HttpClient client = new HttpClient();
+ * client.getHostConfiguration().setHost("localhost", 443, easyhttps);
+ * // use relative url only
+ * GetMethod httpget = new GetMethod("/");
+ * client.executeMethod(httpget);
+ * </pre>
+ *
+ * </p>
+ * <p>
+ * Example of using custom protocol socket factory per default instead of the
+ * standard one:
+ *
+ * <pre>
+ * Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(),
+ * 443);
+ * Protocol.registerProtocol("https", easyhttps);
+ * HttpClient client = new HttpClient();
+ * GetMethod httpget = new GetMethod("https://localhost/");
+ * client.executeMethod(httpget);
+ * </pre>
+ *
+ * </p>
+ *
+ * @author <a href="mailto:oleg -at- ural.ru">Oleg Kalnichevski</a>
+ *
+ * <p>
+ * DISCLAIMER: HttpClient developers DO NOT actively support this component. The
+ * component is provided as a reference material, which may be inappropriate for
+ * use without additional customization.
+ * </p>
+ */
+
+public class EasySSLProtocolSocketFactory implements
+ SecureProtocolSocketFactory
+{
+
+ private SSLContext sslcontext = null;
+
+ /**
+ * Constructor for EasySSLProtocolSocketFactory.
+ */
+ public EasySSLProtocolSocketFactory()
+ {
+ super();
+ }
+
+ private static SSLContext createEasySSLContext()
+ {
+ try
+ {
+ SSLContext context = SSLContext.getInstance("SSL");
+ context.init(null, new TrustManager[]
+ { new EasyX509TrustManager(null) }, null);
+ return context;
+ }
+ catch (Exception e)
+ {
+ throw new HttpClientError(e.toString());
+ }
+ }
+
+ private SSLContext getSSLContext()
+ {
+ if (this.sslcontext == null)
+ {
+ this.sslcontext = createEasySSLContext();
+ }
+ return this.sslcontext;
+ }
+
+ /**
+ * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int,java.net.InetAddress,int)
+ */
+ public Socket createSocket(String host, int port, InetAddress clientHost,
+ int clientPort) throws IOException, UnknownHostException
+ {
+
+ return getSSLContext().getSocketFactory().createSocket(host, port,
+ clientHost, clientPort);
+ }
+
+ /**
+ * Attempts to get a new socket connection to the given host within the given
+ * time limit.
+ * <p>
+ * To circumvent the limitations of older JREs that do not support connect
+ * timeout a controller thread is executed. The controller thread attempts to
+ * create a new socket within the given limit of time. If socket constructor
+ * does not return until the timeout expires, the controller terminates and
+ * throws an {@link ConnectTimeoutException}
+ * </p>
+ *
+ * @param host
+ * the host name/IP
+ * @param port
+ * the port on the host
+ * @param clientHost
+ * the local host name/IP to bind the socket to
+ * @param clientPort
+ * the port on the local machine
+ * @param params
+ * {@link HttpConnectionParams Http connection parameters}
+ *
+ * @return Socket a new socket
+ *
+ * @throws IOException
+ * if an I/O error occurs while creating the socket
+ * @throws UnknownHostException
+ * if the IP address of the host cannot be determined
+ */
+ public Socket createSocket(final String host, final int port,
+ final InetAddress localAddress, final int localPort,
+ final HttpConnectionParams params) throws IOException,
+ UnknownHostException, ConnectTimeoutException
+ {
+ if (params == null)
+ {
+ throw new IllegalArgumentException("Parameters may not be null");
+ }
+ int timeout = params.getConnectionTimeout();
+ SocketFactory socketfactory = getSSLContext().getSocketFactory();
+ if (timeout == 0)
+ {
+ return socketfactory.createSocket(host, port, localAddress, localPort);
+ }
+ else
+ {
+ Socket socket = socketfactory.createSocket();
+ SocketAddress localaddr = new InetSocketAddress(localAddress,
+ localPort);
+ SocketAddress remoteaddr = new InetSocketAddress(host, port);
+ socket.bind(localaddr);
+ socket.connect(remoteaddr, timeout);
+ return socket;
+ }
+ }
+
+ /**
+ * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int)
+ */
+ public Socket createSocket(String host, int port) throws IOException,
+ UnknownHostException
+ {
+ return getSSLContext().getSocketFactory().createSocket(host, port);
+ }
+
+ /**
+ * @see SecureProtocolSocketFactory#createSocket(java.net.Socket,java.lang.String,int,boolean)
+ */
+ public Socket createSocket(Socket socket, String host, int port,
+ boolean autoClose) throws IOException, UnknownHostException
+ {
+ return getSSLContext().getSocketFactory().createSocket(socket, host,
+ port, autoClose);
+ }
+
+ public boolean equals(Object obj)
+ {
+ return ((obj != null) && obj.getClass().equals(
+ EasySSLProtocolSocketFactory.class));
+ }
+
+ public int hashCode()
+ {
+ return EasySSLProtocolSocketFactory.class.hashCode();
+ }
+
+}
Added: modules/identity/trunk/sso/src/main/org/jboss/portal/test/identity/sso/EasyX509TrustManager.java
===================================================================
--- modules/identity/trunk/sso/src/main/org/jboss/portal/test/identity/sso/EasyX509TrustManager.java (rev 0)
+++ modules/identity/trunk/sso/src/main/org/jboss/portal/test/identity/sso/EasyX509TrustManager.java 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,109 @@
+/*
+* ====================================================================
+*
+* Licensed to the Apache Software Foundation (ASF) under one or more
+* contributor license agreements. See the NOTICE file distributed with
+* this work for additional information regarding copyright ownership.
+* The ASF licenses this file to You under the Apache License, Version 2.0
+* (the "License"); you may not use this file except in compliance with
+* the License. You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+* ====================================================================
+*
+* This software consists of voluntary contributions made by many
+* individuals on behalf of the Apache Software Foundation. For more
+* information on the Apache Software Foundation, please see
+* <http://www.apache.org/>.
+*
+*/
+
+package org.jboss.portal.test.identity.sso;
+
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+import javax.net.ssl.TrustManagerFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+
+/**
+* <p>
+* EasyX509TrustManager unlike default {@link X509TrustManager} accepts
+* self-signed certificates.
+* </p>
+* <p>
+* This trust manager SHOULD NOT be used for productive systems
+* due to security reasons, unless it is a concious decision and
+* you are perfectly aware of security implications of accepting
+* self-signed certificates
+* </p>
+*
+* @author <a href="mailto:adrian.sutton@ephox.com">Adrian Sutton</a>
+* @author <a href="mailto:oleg@ural.ru">Oleg Kalnichevski</a>
+*
+* <p>
+* DISCLAIMER: HttpClient developers DO NOT actively support this component.
+* The component is provided as a reference material, which may be inappropriate
+* for use without additional customization.
+* </p>
+*/
+
+public class EasyX509TrustManager implements X509TrustManager
+{
+ private X509TrustManager standardTrustManager = null;
+
+ /**
+ * Constructor for EasyX509TrustManager.
+ */
+ public EasyX509TrustManager(KeyStore keystore) throws NoSuchAlgorithmException, KeyStoreException {
+ super();
+ TrustManagerFactory factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+ factory.init(keystore);
+ TrustManager[] trustmanagers = factory.getTrustManagers();
+ if (trustmanagers.length == 0) {
+ throw new NoSuchAlgorithmException("no trust manager found");
+ }
+ this.standardTrustManager = (X509TrustManager)trustmanagers[0];
+ }
+
+ /**
+ * @see javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[],String authType)
+ */
+ public void checkClientTrusted(X509Certificate[] certificates,String authType) throws CertificateException {
+ standardTrustManager.checkClientTrusted(certificates,authType);
+ }
+
+ /**
+ * @see javax.net.ssl.X509TrustManager#checkServerTrusted(X509Certificate[],String authType)
+ */
+ public void checkServerTrusted(X509Certificate[] certificates,String authType) throws CertificateException {
+ /*if ((certificates != null) && LOG.isDebugEnabled()) {
+ LOG.debug("Server certificate chain:");
+ for (int i = 0; i < certificates.length; i++) {
+ LOG.debug("X509Certificate[" + i + "]=" + certificates[i]);
+ }
+ }*/
+ if ((certificates != null) && (certificates.length == 1)) {
+ certificates[0].checkValidity();
+ } else {
+ standardTrustManager.checkServerTrusted(certificates,authType);
+ }
+ }
+
+ /**
+ * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers()
+ */
+ public X509Certificate[] getAcceptedIssuers() {
+ return this.standardTrustManager.getAcceptedIssuers();
+ }
+}
\ No newline at end of file
Added: modules/identity/trunk/sso/src/main/org/jboss/portal/test/identity/sso/JOSSOTestCase.java
===================================================================
--- modules/identity/trunk/sso/src/main/org/jboss/portal/test/identity/sso/JOSSOTestCase.java (rev 0)
+++ modules/identity/trunk/sso/src/main/org/jboss/portal/test/identity/sso/JOSSOTestCase.java 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,620 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.portal.test.identity.sso;
+
+import java.util.Map;
+import java.util.Set;
+import java.util.Iterator;
+import java.util.HashMap;
+
+import org.jboss.portal.test.framework.mc.TestRuntimeContext;
+
+import org.apache.commons.httpclient.HttpClient;
+import org.apache.commons.httpclient.Cookie;
+import org.apache.commons.httpclient.NameValuePair;
+import org.apache.commons.httpclient.methods.GetMethod;
+import org.apache.commons.httpclient.methods.PostMethod;
+import org.apache.commons.httpclient.protocol.Protocol;
+
+import junit.framework.TestCase;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+public class JOSSOTestCase extends TestCase
+{
+ /**
+ *
+ */
+ private String portalServer = null;
+ private String firstPortalContext = null;
+ private String secondPortalContext = null;
+ private String userLoggedInIndicator = null;
+ private String username = null;
+ private String password = null;
+
+ /**
+ *
+ */
+ protected TestRuntimeContext runtimeContext = null;
+
+ /**
+ *
+ */
+ protected void setUp() throws Exception
+ {
+ super.setUp();
+
+ this.runtimeContext = new TestRuntimeContext("org/jboss/portal/test/identity/sso-beans.xml");
+
+ this.runtimeContext.addBean("JOSSOConfig", this);
+ this.runtimeContext.addBean("CASConfig", new CASTestCase());
+
+ this.runtimeContext.start();
+
+ //SSL setup
+ Protocol.registerProtocol("https",new Protocol("https", new EasySSLProtocolSocketFactory(), 443));
+ }
+
+ /**
+ *
+ */
+ protected void tearDown() throws Exception
+ {
+ super.tearDown();
+
+ //Service stoppage
+ this.runtimeContext.stop();
+
+ //Data cleanup
+ this.runtimeContext = null;
+ this.portalServer = null;
+ this.firstPortalContext = null;
+ this.secondPortalContext = null;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String getFirstPortalContext()
+ {
+ return firstPortalContext;
+ }
+
+ /**
+ *
+ * @param firstPortalContext
+ */
+ public void setFirstPortalContext(String firstPortalContext)
+ {
+ this.firstPortalContext = firstPortalContext;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String getPortalServer()
+ {
+ return portalServer;
+ }
+
+ /**
+ *
+ * @param portalServer
+ */
+ public void setPortalServer(String portalServer)
+ {
+ this.portalServer = portalServer;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String getSecondPortalContext()
+ {
+ return secondPortalContext;
+ }
+
+ /**
+ *
+ * @param secondPortalContext
+ */
+ public void setSecondPortalContext(String secondPortalContext)
+ {
+ this.secondPortalContext = secondPortalContext;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String getUserLoggedInIndicator()
+ {
+ return userLoggedInIndicator;
+ }
+
+ /**
+ *
+ * @param userLoggedInIndicator
+ */
+ public void setUserLoggedInIndicator(String userLoggedInIndicator)
+ {
+ this.userLoggedInIndicator = userLoggedInIndicator;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String getPassword()
+ {
+ return password;
+ }
+
+ /**
+ *
+ * @param password
+ */
+ public void setPassword(String password)
+ {
+ this.password = password;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String getUsername()
+ {
+ return username;
+ }
+
+ /**
+ *
+ * @param username
+ */
+ public void setUsername(String username)
+ {
+ this.username = username;
+ }
+
+ /**
+ *
+ * @throws Exception
+ */
+ public void test() throws Exception
+ {
+ Cookie ssoCookie = null;
+ String firstPortalFinalResponse = null;
+ String secondPortalFinalResponse = null;
+
+ //Load the main portal page on firstPortalContext
+ String firstContextPortalUrl = "http://"+this.portalServer+"/"+this.firstPortalContext;
+ WebConversation portalConversation = this.startConversation(firstContextPortalUrl);
+ TestCase.assertFalse(this.isUserLoggedIn(portalConversation.getResponse()));
+
+ //Click the Login link on the firstPortalContext
+ String firstContextLoginUrl = firstContextPortalUrl + "/auth/portal/default/default";
+ this.sendGet(firstContextLoginUrl, portalConversation);
+
+ //Navigate to a secured resource on the portal
+ TestCase.assertNotNull(portalConversation.getRedirectLocation());
+ TestCase.assertEquals(portalConversation.getStatusCode(), 302);
+ String portalToJOSSO = portalConversation.getRedirectLocation();
+ this.sendGet(portalToJOSSO, portalConversation);
+
+ //When authentication is triggered, move over to the JOSSO server establishing an SSO session with JOSSO
+ String jossoLocation = portalConversation.getRedirectLocation();
+ WebConversation ssoConversation = this.startConversation(jossoLocation);
+ String response = ssoConversation.getResponse();
+
+ //Extract the josso post action value
+ int searchIndex = response.indexOf("action=\"")+9;
+ int endIndex = response.indexOf('"', searchIndex);
+ String action = response.substring(searchIndex,endIndex);
+
+ //Perform HTTP Post based authentication with the JOSSO Server
+ Map postParams = new HashMap();
+ postParams.put("josso_username", this.username);
+ postParams.put("josso_password", this.password);
+ postParams.put("josso_cmd", "login");
+ this.sendPost("http://"+this.portalServer+"/"+action,postParams, ssoConversation);
+
+ //Go back to the Portal since login has succeeded, starting with assertion on the JOSSO Agent installed on the Portal
+ String assertUrl = ssoConversation.getRedirectLocation();
+ this.sendGet(assertUrl, portalConversation);
+
+ //Now go back to the original Portal resource requested. This time user should have an authenticated session established
+ TestCase.assertNotNull(portalConversation.getRedirectLocation());
+ TestCase.assertEquals(portalConversation.getStatusCode(), 302);
+ TestCase.assertTrue(portalConversation.getRedirectLocation().indexOf(firstContextLoginUrl) != -1);
+ TestCase.assertNotNull(portalConversation.getSSOCookie());
+ String goBack = portalConversation.getRedirectLocation();
+ ssoCookie = ssoConversation.getSSOCookie();
+ this.sendGet(goBack, portalConversation);
+ firstPortalFinalResponse = portalConversation.getResponse();
+ TestCase.assertTrue(this.isUserLoggedIn(firstPortalFinalResponse));
+
+ //Load the main portal page on secondPortalContext
+ String secondContextPortalUrl = "http://"+this.portalServer+"/"+this.secondPortalContext;
+ portalConversation = this.startConversation(secondContextPortalUrl);
+
+ //Click the Login Link on the secondPortalContext
+ String secondContextLoginUrl = secondContextPortalUrl + "/auth/portal/default/default";
+ this.sendGet(secondContextLoginUrl, portalConversation);
+
+ //Perform re-direct to the JOSSO Server but this time sending in the JOSSO cookie
+ TestCase.assertNotNull(portalConversation.getRedirectLocation());
+ TestCase.assertEquals(portalConversation.getStatusCode(), 302);
+ portalToJOSSO = portalConversation.getRedirectLocation();
+ this.sendGet(portalToJOSSO, portalConversation);
+
+
+ //Assert the redirect and it should be to the JOSSO Server, but this time
+ //It should end up with an Authenticated session back to the secondPortalContext
+ jossoLocation = portalConversation.getRedirectLocation();
+ ssoConversation = this.startConversation(jossoLocation,ssoCookie);
+ secondPortalFinalResponse = ssoConversation.getResponse();
+ TestCase.assertTrue(this.isUserLoggedIn(secondPortalFinalResponse));
+
+ //Assert and make sure its the same user logged into both Portals
+ String firstPortalUser = this.extractLoggedInUser(firstPortalFinalResponse);
+ String secondPortalUser = this.extractLoggedInUser(secondPortalFinalResponse);
+ TestCase.assertEquals(firstPortalUser, this.username);
+ TestCase.assertEquals(secondPortalUser, this.username);
+ TestCase.assertEquals(firstPortalUser, secondPortalUser);
+ }
+
+ /**
+ *
+ * @param portalUrl
+ * @return
+ * @throws Exception
+ */
+ private WebConversation startConversation(String portalUrl) throws Exception
+ {
+ WebConversation conversation = null;
+
+ HttpClient httpClient = new HttpClient();
+ GetMethod getMethod = new GetMethod(portalUrl);
+ try
+ {
+ conversation = new WebConversation();
+
+ int statusCode = httpClient.executeMethod(getMethod);
+ String response = getMethod.getResponseBodyAsString();
+
+ Cookie[] cookies = httpClient.getState().getCookies();
+ for(int i=0;i<cookies.length;i++)
+ {
+ if(cookies[i].getName().equals("JSESSIONID"))
+ {
+ conversation.setSessionId(cookies[i].getValue());
+ }
+ }
+
+ conversation.setClient(httpClient);
+ conversation.setStatusCode(statusCode);
+ conversation.setResponse(response);
+ }
+ finally
+ {
+ if(getMethod != null)
+ {
+ getMethod.releaseConnection();
+ }
+ }
+
+ return conversation;
+ }
+
+ /**
+ *
+ * @param portalUrl
+ * @return
+ * @throws Exception
+ */
+ private WebConversation startConversation(String portalUrl, Cookie ssoCookie) throws Exception
+ {
+ WebConversation conversation = null;
+
+ HttpClient httpClient = new HttpClient();
+ GetMethod getMethod = new GetMethod(portalUrl);
+
+ //Set ssoCookie to be sent in
+ getMethod.setRequestHeader("Cookie",ssoCookie.getName()+"="+ssoCookie.getValue());
+
+ try
+ {
+ conversation = new WebConversation();
+
+ int statusCode = httpClient.executeMethod(getMethod);
+ String response = getMethod.getResponseBodyAsString();
+
+ Cookie[] cookies = httpClient.getState().getCookies();
+ for(int i=0;i<cookies.length;i++)
+ {
+ if(cookies[i].getName().equals("JSESSIONID"))
+ {
+ conversation.setSessionId(cookies[i].getValue());
+ }
+ }
+
+ conversation.setClient(httpClient);
+ conversation.setStatusCode(statusCode);
+ conversation.setResponse(response);
+ }
+ finally
+ {
+ if(getMethod != null)
+ {
+ getMethod.releaseConnection();
+ }
+ }
+
+ return conversation;
+ }
+
+ /**
+ *
+ * @param portalUrl
+ * @param conversation
+ * @throws Exception
+ */
+ private void sendGet(String portalUrl,WebConversation conversation) throws Exception
+ {
+ HttpClient httpClient = conversation.getClient();
+
+ GetMethod getMethod = new GetMethod(portalUrl);
+ getMethod.setFollowRedirects(false);
+ try
+ {
+ int statusCode = httpClient.executeMethod(getMethod);
+
+ String response = getMethod.getResponseBodyAsString();
+
+ Cookie[] cookies = httpClient.getState().getCookies();
+ for(int i=0;i<cookies.length;i++)
+ {
+ if(cookies[i].getName().equals("JSESSIONID"))
+ {
+ conversation.setSessionId(cookies[i].getValue());
+ }
+ if(cookies[i].getName().equals("JOSSO_SESSIONID"))
+ {
+ conversation.setSSOCookie(cookies[i]);
+ }
+ }
+
+ conversation.setStatusCode(statusCode);
+ conversation.setResponse(response);
+
+ if(statusCode == 302)
+ {
+ //Store the redirect location
+ String location = getMethod.getResponseHeader("Location").getValue();
+ conversation.setRedirectLocation(location);
+ }
+ }
+ finally
+ {
+ if(getMethod != null)
+ {
+ getMethod.releaseConnection();
+ }
+ }
+ }
+
+
+ /**
+ *
+ * @param url
+ * @param parameters
+ * @param conversation
+ * @throws Exception
+ */
+ private void sendPost(String url,Map parameters,WebConversation conversation) throws Exception
+ {
+ HttpClient httpClient = conversation.getClient();
+
+ PostMethod postMethod = new PostMethod(url);
+
+ //Add post parameters
+ Set keySet = parameters.keySet();
+ NameValuePair[] postdata = new NameValuePair[keySet.size()];
+ int index = 0;
+ for(Iterator itr=keySet.iterator();itr.hasNext();)
+ {
+ String name = (String)itr.next();
+ String value = (String)parameters.get(name);
+ postdata[index++] = new NameValuePair(name,value);
+ }
+ postMethod.setRequestBody(postdata);
+ try
+ {
+ int statusCode = httpClient.executeMethod(postMethod);
+
+ String response = postMethod.getResponseBodyAsString();
+
+ Cookie[] cookies = httpClient.getState().getCookies();
+ for(int i=0;i<cookies.length;i++)
+ {
+ if(cookies[i].getName().equals("JSESSIONID"))
+ {
+ conversation.setSessionId(cookies[i].getValue());
+ }
+ if(cookies[i].getName().equals("JOSSO_SESSIONID"))
+ {
+ conversation.setSSOCookie(cookies[i]);
+ }
+ }
+
+ conversation.setStatusCode(statusCode);
+ conversation.setResponse(response);
+
+ if(statusCode == 302)
+ {
+ //Store the redirect location
+ String location = postMethod.getResponseHeader("Location").getValue();
+ conversation.setRedirectLocation(location);
+ }
+ }
+ finally
+ {
+ if(postMethod != null)
+ {
+ postMethod.releaseConnection();
+ }
+ }
+ }
+
+ /**
+ *
+ * @param response
+ * @return
+ */
+ private boolean isUserLoggedIn(String response)
+ {
+ boolean isUserLoggedIn = false;
+
+ isUserLoggedIn = (response.indexOf(this.userLoggedInIndicator) != -1);
+
+ return isUserLoggedIn;
+ }
+
+ /**
+ *
+ * @param response
+ * @return
+ */
+ private String extractLoggedInUser(String response)
+ {
+ String loggedInUser = null;
+
+ int startIndex = response.indexOf(this.userLoggedInIndicator) + this.userLoggedInIndicator.length();
+ int endIndex = response.indexOf("<",startIndex);
+
+ loggedInUser = response.substring(startIndex,endIndex).trim();
+
+ return loggedInUser;
+ }
+
+ /**
+ *
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ *
+ */
+ private static class WebConversation
+ {
+ /**
+ *
+ */
+ private HttpClient client = null;
+ private String sessionId = null;
+ private int statusCode = 0;
+ private String response = null;
+ private String redirectLocation = null;
+ private Cookie ssoCookie = null;
+
+ /**
+ *
+ *
+ */
+ public WebConversation()
+ {
+
+ }
+
+ /**
+ *
+ * @return
+ */
+ public HttpClient getClient()
+ {
+ return this.client;
+ }
+
+ /**
+ *
+ * @param client
+ */
+ public void setClient(HttpClient client)
+ {
+ this.client = client;
+ }
+
+ public String getResponse()
+ {
+ return response;
+ }
+
+ public void setResponse(String response)
+ {
+ this.response = response;
+ }
+
+ public int getStatusCode()
+ {
+ return statusCode;
+ }
+
+ public void setStatusCode(int statusCode)
+ {
+ this.statusCode = statusCode;
+ }
+
+ public String getSessionId()
+ {
+ return sessionId;
+ }
+
+ public void setSessionId(String sessionId)
+ {
+ this.sessionId = sessionId;
+ }
+
+ public String getRedirectLocation()
+ {
+ return redirectLocation;
+ }
+
+ public void setRedirectLocation(String redirectLocation)
+ {
+ this.redirectLocation = redirectLocation;
+ }
+
+ public Cookie getSSOCookie()
+ {
+ return ssoCookie;
+ }
+
+ public void setSSOCookie(Cookie ssoCookie)
+ {
+ this.ssoCookie = ssoCookie;
+ }
+ }
+}
Added: modules/identity/trunk/sso/src/resources/portal-identity-test-jar/org/jboss/portal/test/identity/sso-beans.xml
===================================================================
--- modules/identity/trunk/sso/src/resources/portal-identity-test-jar/org/jboss/portal/test/identity/sso-beans.xml (rev 0)
+++ modules/identity/trunk/sso/src/resources/portal-identity-test-jar/org/jboss/portal/test/identity/sso-beans.xml 2007-09-04 10:02:26 UTC (rev 8140)
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ ~ JBoss, a division of Red Hat ~
+ ~ Copyright 2006, Red Hat Middleware, LLC, and individual ~
+ ~ contributors as indicated by the @authors tag. See the ~
+ ~ copyright.txt in the distribution for a full listing of ~
+ ~ individual contributors. ~
+ ~ ~
+ ~ This is free software; you can redistribute it and/or modify it ~
+ ~ under the terms of the GNU Lesser General Public License as ~
+ ~ published by the Free Software Foundation; either version 2.1 of ~
+ ~ the License, or (at your option) any later version. ~
+ ~ ~
+ ~ This software is distributed in the hope that it will be useful, ~
+ ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~
+ ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ~
+ ~ Lesser General Public License for more details. ~
+ ~ ~
+ ~ You should have received a copy of the GNU Lesser General Public ~
+ ~ License along with this software; if not, write to the Free ~
+ ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA ~
+ ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. ~
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~-->
+
+<deployment xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:jboss:bean-deployer bean-deployer_1_0.xsd"
+ xmlns="urn:jboss:bean-deployer">
+ <bean name="CASConfig" class="org.jboss.portal.test.identity.sso.CASTestCase">
+ <constructor factoryMethod="getBean">
+ <factory bean="BeanFactory"/>
+ <parameter>CASConfig</parameter>
+ </constructor>
+ <property name="portalServer">localhost</property>
+ <property name="firstPortalContext">portal</property>
+ <property name="secondPortalContext">portal2</property>
+ <property name="userLoggedInIndicator">Logged in as:</property>
+ <property name="username">user</property>
+ <property name="password">user</property>
+ </bean>
+
+ <bean name="JOSSOConfig" class="org.jboss.portal.test.identity.sso.JOSSOTestCase">
+ <constructor factoryMethod="getBean">
+ <factory bean="BeanFactory"/>
+ <parameter>JOSSOConfig</parameter>
+ </constructor>
+ <property name="portalServer">localhost</property>
+ <property name="firstPortalContext">portal</property>
+ <property name="secondPortalContext">portal2</property>
+ <property name="userLoggedInIndicator">Logged in as:</property>
+ <property name="username">user</property>
+ <property name="password">user</property>
+ </bean>
+</deployment>
18 years, 8 months
- 1
- 0
JBoss Portal SVN: r8139 - in trunk: cms/src/main/org/jboss/portal/cms/hibernate/state and 2 other directories.
by portal-commits@lists.jboss.org
Author: thomas.heute(a)jboss.com
Date: 2007-09-04 05:51:13 -0400 (Tue, 04 Sep 2007)
New Revision: 8139
Modified:
trunk/build/etc/resources/jboss-log4j.xml.diff
trunk/cms/src/main/org/jboss/portal/cms/hibernate/state/PortalCMSCacheLoader.java
trunk/cms/src/main/org/jboss/portal/cms/impl/interceptors/ACLInterceptor.java
trunk/cms/src/main/org/jboss/portal/cms/impl/jcr/command/FileGetCommand.java
Log:
- JBPORTAL-1598: Properly support JBoss Cache 1.3.x when running on JBAS 4.2
- Better logging when access is denied on a resource
- By aligning with JBoss Cache 1.3 API we don't need to limit the logging anymore
Modified: trunk/build/etc/resources/jboss-log4j.xml.diff
===================================================================
--- trunk/build/etc/resources/jboss-log4j.xml.diff 2007-09-04 07:44:43 UTC (rev 8138)
+++ trunk/build/etc/resources/jboss-log4j.xml.diff 2007-09-04 09:51:13 UTC (rev 8139)
@@ -10,11 +10,6 @@
+ <priority value="ERROR"/>
+ </category>
+
-+ <!-- JBoss Cache likes to talk a lot -->
-+ <category name="org.jboss.cache.interceptors.CacheLoaderInterceptor">
-+ <priority value="ERROR"/>
-+ </category>
-+
<!-- Limit the org.jboss.serial (jboss-serialization) to INFO as its DEBUG is verbose -->
<category name="org.jboss.serial">
<priority value="INFO"/>
Modified: trunk/cms/src/main/org/jboss/portal/cms/hibernate/state/PortalCMSCacheLoader.java
===================================================================
--- trunk/cms/src/main/org/jboss/portal/cms/hibernate/state/PortalCMSCacheLoader.java 2007-09-04 07:44:43 UTC (rev 8138)
+++ trunk/cms/src/main/org/jboss/portal/cms/hibernate/state/PortalCMSCacheLoader.java 2007-09-04 09:51:13 UTC (rev 8139)
@@ -233,7 +233,7 @@
*/
public Map get(Fqn fqn) throws Exception
{
- Map map = null;
+ Map map = new HashMap();
//node calculation
String node = fqn.toString();
@@ -278,12 +278,10 @@
Object nodeValue = this.loadNode(query, id);
if (nodeValue != null)
{
- map = new HashMap();
map.put(id, nodeValue);
}
}
}
-
return map;
}
Modified: trunk/cms/src/main/org/jboss/portal/cms/impl/interceptors/ACLInterceptor.java
===================================================================
--- trunk/cms/src/main/org/jboss/portal/cms/impl/interceptors/ACLInterceptor.java 2007-09-04 07:44:43 UTC (rev 8138)
+++ trunk/cms/src/main/org/jboss/portal/cms/impl/interceptors/ACLInterceptor.java 2007-09-04 09:51:13 UTC (rev 8139)
@@ -79,35 +79,22 @@
*/
private String defaultPolicy = null;
- /**
- *
- */
+ /** . */
private RoleModule roleModule = null;
- /**
- *
- */
+ /** . */
private String jndiName = null;
- /**
- *
- */
+ /** . */
private JNDI.Binding jndiBinding = null;
- /**
- *
- */
+ /** . */
private AuthorizationManager authorizationManager = null;
- /**
- *
- */
+ /** . */
private String cmsSessionFactory = null;
-
- /**
- *
- */
+ /** . */
private String identitySessionFactory = null;
@@ -254,7 +241,18 @@
}
else
{
- throw new CMSException("Access to this resource is denied");
+ String username = null;
+ if (user == null)
+ {
+ username = "Anonymous";
+ }
+ else
+ {
+ username = user.getUserName();
+ }
+ log.debug("Unauthorized command (" + invocation + ") for user: " + username);
+// throw new CMSException("Access to this resource is denied");
+ return null;
}
}
else
Modified: trunk/cms/src/main/org/jboss/portal/cms/impl/jcr/command/FileGetCommand.java
===================================================================
--- trunk/cms/src/main/org/jboss/portal/cms/impl/jcr/command/FileGetCommand.java 2007-09-04 07:44:43 UTC (rev 8138)
+++ trunk/cms/src/main/org/jboss/portal/cms/impl/jcr/command/FileGetCommand.java 2007-09-04 09:51:13 UTC (rev 8139)
@@ -126,4 +126,9 @@
}
return null;
}
+
+ public String toString()
+ {
+ return "FileGetCommand[path=" + path + ", versionNumber=" + versionNumber + ", locale=" + locale + "]";
+ }
}
18 years, 8 months
- 1
- 0
JBoss Portal SVN: r8138 - branches/JBoss_Portal_Branch_2_6/build/etc/resources.
by portal-commits@lists.jboss.org
Author: thomas.heute(a)jboss.com
Date: 2007-09-04 03:44:43 -0400 (Tue, 04 Sep 2007)
New Revision: 8138
Modified:
branches/JBoss_Portal_Branch_2_6/build/etc/resources/jboss-log4j.xml.diff
Log:
By aligning with JBoss Cache 1.3 API we don't need to limit the logging anymore
Modified: branches/JBoss_Portal_Branch_2_6/build/etc/resources/jboss-log4j.xml.diff
===================================================================
--- branches/JBoss_Portal_Branch_2_6/build/etc/resources/jboss-log4j.xml.diff 2007-09-04 07:42:10 UTC (rev 8137)
+++ branches/JBoss_Portal_Branch_2_6/build/etc/resources/jboss-log4j.xml.diff 2007-09-04 07:44:43 UTC (rev 8138)
@@ -10,11 +10,6 @@
+ <priority value="ERROR"/>
+ </category>
+
-+ <!-- JBoss Cache likes to talk a lot -->
-+ <category name="org.jboss.cache.interceptors.CacheLoaderInterceptor">
-+ <priority value="ERROR"/>
-+ </category>
-+
<!-- Limit the org.jboss.serial (jboss-serialization) to INFO as its DEBUG is verbose -->
<category name="org.jboss.serial">
<priority value="INFO"/>
18 years, 8 months
- 1
- 0
JBoss Portal SVN: r8137 - in branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms: impl/interceptors and 1 other directories.
by portal-commits@lists.jboss.org
Author: thomas.heute(a)jboss.com
Date: 2007-09-04 03:42:10 -0400 (Tue, 04 Sep 2007)
New Revision: 8137
Modified:
branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/hibernate/state/PortalCMSCacheLoader.java
branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/impl/interceptors/ACLInterceptor.java
branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/impl/jcr/command/FileGetCommand.java
Log:
- JBPORTAL-1598: Properly support JBoss Cache 1.3.x when running on JBAS 4.2
- Better logging when access is denied on a resource
Modified: branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/hibernate/state/PortalCMSCacheLoader.java
===================================================================
--- branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/hibernate/state/PortalCMSCacheLoader.java 2007-09-03 11:14:41 UTC (rev 8136)
+++ branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/hibernate/state/PortalCMSCacheLoader.java 2007-09-04 07:42:10 UTC (rev 8137)
@@ -233,7 +233,7 @@
*/
public Map get(Fqn fqn) throws Exception
{
- Map map = null;
+ Map map = new HashMap();
//node calculation
String node = fqn.toString();
@@ -278,12 +278,10 @@
Object nodeValue = this.loadNode(query, id);
if (nodeValue != null)
{
- map = new HashMap();
map.put(id, nodeValue);
}
}
}
-
return map;
}
Modified: branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/impl/interceptors/ACLInterceptor.java
===================================================================
--- branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/impl/interceptors/ACLInterceptor.java 2007-09-03 11:14:41 UTC (rev 8136)
+++ branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/impl/interceptors/ACLInterceptor.java 2007-09-04 07:42:10 UTC (rev 8137)
@@ -79,35 +79,22 @@
*/
private String defaultPolicy = null;
- /**
- *
- */
+ /** . */
private RoleModule roleModule = null;
- /**
- *
- */
+ /** . */
private String jndiName = null;
- /**
- *
- */
+ /** . */
private JNDI.Binding jndiBinding = null;
- /**
- *
- */
+ /** . */
private AuthorizationManager authorizationManager = null;
- /**
- *
- */
+ /** . */
private String cmsSessionFactory = null;
-
- /**
- *
- */
+ /** . */
private String identitySessionFactory = null;
@@ -254,7 +241,18 @@
}
else
{
- throw new CMSException("Access to this resource is denied");
+ String username = null;
+ if (user == null)
+ {
+ username = "Anonymous";
+ }
+ else
+ {
+ username = user.getUserName();
+ }
+ log.debug("Unauthorized command (" + invocation + ") for user: " + username);
+// throw new CMSException("Access to this resource is denied");
+ return null;
}
}
else
Modified: branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/impl/jcr/command/FileGetCommand.java
===================================================================
--- branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/impl/jcr/command/FileGetCommand.java 2007-09-03 11:14:41 UTC (rev 8136)
+++ branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/impl/jcr/command/FileGetCommand.java 2007-09-04 07:42:10 UTC (rev 8137)
@@ -126,4 +126,9 @@
}
return null;
}
+
+ public String toString()
+ {
+ return "FileGetCommand[path=" + path + ", versionNumber=" + versionNumber + ", locale=" + locale + "]";
+ }
}
18 years, 8 months
- 1
- 0
JBoss Portal SVN: r8136 - trunk/core/src/main/org/jboss/portal/core/aspects/controller.
by portal-commits@lists.jboss.org
Author: thomas.heute(a)jboss.com
Date: 2007-09-03 07:14:41 -0400 (Mon, 03 Sep 2007)
New Revision: 8136
Modified:
trunk/core/src/main/org/jboss/portal/core/aspects/controller/PageCustomizerInterceptor.java
Log:
Link to default page, wasn't displayed on "Configure Dashboard"
Modified: trunk/core/src/main/org/jboss/portal/core/aspects/controller/PageCustomizerInterceptor.java
===================================================================
--- trunk/core/src/main/org/jboss/portal/core/aspects/controller/PageCustomizerInterceptor.java 2007-09-03 11:08:23 UTC (rev 8135)
+++ trunk/core/src/main/org/jboss/portal/core/aspects/controller/PageCustomizerInterceptor.java 2007-09-03 11:14:41 UTC (rev 8136)
@@ -39,6 +39,7 @@
import org.jboss.portal.core.controller.command.SignOutCommand;
import org.jboss.portal.core.model.CustomizationManager;
import org.jboss.portal.core.model.instance.command.action.InvokePortletInstanceRenderCommand;
+import org.jboss.portal.core.model.instance.command.render.RenderPortletInstanceCommand;
import org.jboss.portal.core.model.portal.Page;
import org.jboss.portal.core.model.portal.Portal;
import org.jboss.portal.core.model.portal.PortalObject;
@@ -278,7 +279,7 @@
}
//
- if (admin || isDashboard)
+ if (admin || isDashboard || cc instanceof RenderPortletInstanceCommand)
{
// Link to default page of default portal
ViewPageCommand vpc = new ViewPageCommand(defaultPortalId);
18 years, 8 months
- 1
- 0
JBoss Portal SVN: r8135 - branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/aspects/controller.
by portal-commits@lists.jboss.org
Author: thomas.heute(a)jboss.com
Date: 2007-09-03 07:08:23 -0400 (Mon, 03 Sep 2007)
New Revision: 8135
Modified:
branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/aspects/controller/PageCustomizerInterceptor.java
Log:
Link to default page, wasn't displayed on "Configure Dashboard"
Modified: branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/aspects/controller/PageCustomizerInterceptor.java
===================================================================
--- branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/aspects/controller/PageCustomizerInterceptor.java 2007-09-03 07:55:13 UTC (rev 8134)
+++ branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/aspects/controller/PageCustomizerInterceptor.java 2007-09-03 11:08:23 UTC (rev 8135)
@@ -39,6 +39,7 @@
import org.jboss.portal.core.controller.command.SignOutCommand;
import org.jboss.portal.core.model.CustomizationManager;
import org.jboss.portal.core.model.instance.command.action.InvokePortletInstanceRenderCommand;
+import org.jboss.portal.core.model.instance.command.render.RenderPortletInstanceCommand;
import org.jboss.portal.core.model.portal.Page;
import org.jboss.portal.core.model.portal.Portal;
import org.jboss.portal.core.model.portal.PortalObject;
@@ -291,7 +292,7 @@
}
//
- if (admin || isDashboard)
+ if (admin || isDashboard || cc instanceof RenderPortletInstanceCommand)
{
// Link to default page of default portal
// Cannot use defaultPortalId in 2.6.x because the default context doesn't have the view right.
18 years, 8 months
- 1
- 0