JBoss Portal SVN: r13837 - in jbossexo/modules/sso/trunk: agent/src/main/config/cas/portal.war/groovy/portal/webui and 11 other directories.
5:25 p.m.
Author: sohil.shah(a)jboss.com
Date: 2009-11-17 11:25:18 -0500 (Tue, 17 Nov 2009)
New Revision: 13837
Modified:
jbossexo/modules/sso/trunk/agent/src/main/config/cas/portal.war/WEB-INF/web.xml
jbossexo/modules/sso/trunk/agent/src/main/config/cas/portal.war/groovy/portal/webui/UILoginForm.gtmpl
jbossexo/modules/sso/trunk/agent/src/main/config/cas/portal.war/login/jsp/login.jsp
jbossexo/modules/sso/trunk/agent/src/main/config/jboss/server/default/conf/login-config.xml
jbossexo/modules/sso/trunk/agent/src/main/config/josso/portal.war/WEB-INF/web.xml
jbossexo/modules/sso/trunk/agent/src/main/config/josso/portal.war/groovy/portal/webui/UILoginForm.gtmpl
jbossexo/modules/sso/trunk/agent/src/main/config/josso/portal.war/login/jsp/login.jsp
jbossexo/modules/sso/trunk/agent/src/main/java/org/gatein/sso/agent/GenericSSOAgent.java
jbossexo/modules/sso/trunk/agent/src/main/java/org/gatein/sso/agent/cas/CASAgent.java
jbossexo/modules/sso/trunk/agent/src/main/java/org/gatein/sso/agent/josso/JOSSOAgent.java
jbossexo/modules/sso/trunk/agent/src/main/java/org/gatein/sso/agent/login/SSOLoginModule.java
jbossexo/modules/sso/trunk/auth-callback/src/main/java/org/gatein/sso/authentication/callback/AuthenticationHandler.java
jbossexo/modules/sso/trunk/gatein-cas-plugin/src/main/java/org/gatein/sso/cas/plugin/AuthenticationPlugin.java
Log:
CAS end-to-end
Modified: jbossexo/modules/sso/trunk/agent/src/main/config/cas/portal.war/WEB-INF/web.xml
===================================================================
---
jbossexo/modules/sso/trunk/agent/src/main/config/cas/portal.war/WEB-INF/web.xml 2009-11-17
14:32:16 UTC (rev 13836)
+++
jbossexo/modules/sso/trunk/agent/src/main/config/cas/portal.war/WEB-INF/web.xml 2009-11-17
16:25:18 UTC (rev 13837)
@@ -181,6 +181,10 @@
<servlet>
<servlet-name>InitiateLoginServlet</servlet-name>
<servlet-class>org.gatein.sso.agent.GenericSSOAgent</servlet-class>
+ <init-param>
+ <param-name>casServerUrl</param-name>
+ <param-value>http://localhost:8888/cas</param-value>
+ </init-param>
</servlet>
<servlet>
Modified:
jbossexo/modules/sso/trunk/agent/src/main/config/cas/portal.war/groovy/portal/webui/UILoginForm.gtmpl
===================================================================
---
jbossexo/modules/sso/trunk/agent/src/main/config/cas/portal.war/groovy/portal/webui/UILoginForm.gtmpl 2009-11-17
14:32:16 UTC (rev 13836)
+++
jbossexo/modules/sso/trunk/agent/src/main/config/cas/portal.war/groovy/portal/webui/UILoginForm.gtmpl 2009-11-17
16:25:18 UTC (rev 13837)
@@ -83,5 +83,5 @@
</div>
<script>
<%=uicomponent.event("Close");%>
- window.location =
'http://localhost:8888/cas/login?service=http://localhost:8080/portal/private/classic';
+ window.location =
'http://localhost:8888/cas/login?service=http://localhost:8080/portal/private';
</script>
Modified:
jbossexo/modules/sso/trunk/agent/src/main/config/cas/portal.war/login/jsp/login.jsp
===================================================================
---
jbossexo/modules/sso/trunk/agent/src/main/config/cas/portal.war/login/jsp/login.jsp 2009-11-17
14:32:16 UTC (rev 13836)
+++
jbossexo/modules/sso/trunk/agent/src/main/config/cas/portal.war/login/jsp/login.jsp 2009-11-17
16:25:18 UTC (rev 13837)
@@ -31,7 +31,7 @@
<html>
<head>
<script type="text/javascript">
- window.location =
'http://localhost:8888/cas/login?service=http://localhost:8080/portal/private/classic';
+ window.location =
'http://localhost:8888/cas/login?service=http://localhost:8080/portal/private';
</script>
</head>
<body>
Modified:
jbossexo/modules/sso/trunk/agent/src/main/config/jboss/server/default/conf/login-config.xml
===================================================================
---
jbossexo/modules/sso/trunk/agent/src/main/config/jboss/server/default/conf/login-config.xml 2009-11-17
14:32:16 UTC (rev 13836)
+++
jbossexo/modules/sso/trunk/agent/src/main/config/jboss/server/default/conf/login-config.xml 2009-11-17
16:25:18 UTC (rev 13837)
@@ -176,6 +176,7 @@
</authentication>
</application-policy>
+ <!-- SSO Integration -->
<application-policy name="exo-domain">
<authentication>
<login-module code="org.gatein.sso.agent.login.SSOLoginModule"
flag="required"></login-module>
@@ -196,5 +197,31 @@
</authentication>
</application-policy>
+ <!--
+ <application-policy name="exo-domain">
+ <authentication>
+ <login-module code="org.exoplatform.web.security.PortalLoginModule"
flag="required"></login-module>
+ <login-module
code="org.exoplatform.services.security.jaas.SharedStateLoginModule"
flag="required"></login-module>
+ <login-module
code="org.exoplatform.services.security.j2ee.JbossLoginModule"
flag="required"></login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name="exo-domain-sample-portal">
+ <authentication>
+ <login-module code="org.exoplatform.web.security.PortalLoginModule"
flag="required">
+ <module-option
name="portalContainerName">sample-portal</module-option>
+ <module-option
name="realmName">exo-domain-sample-portal</module-option>
+ </login-module>
+ <login-module
code="org.exoplatform.services.security.jaas.SharedStateLoginModule"
flag="required">
+ <module-option
name="portalContainerName">sample-portal</module-option>
+ <module-option
name="realmName">exo-domain-sample-portal</module-option>
+ </login-module>
+ <login-module
code="org.exoplatform.services.security.j2ee.JbossLoginModule"
flag="required">
+ <module-option
name="portalContainerName">sample-portal</module-option>
+ <module-option
name="realmName">exo-domain-sample-portal</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+ -->
</policy>
Modified:
jbossexo/modules/sso/trunk/agent/src/main/config/josso/portal.war/WEB-INF/web.xml
===================================================================
---
jbossexo/modules/sso/trunk/agent/src/main/config/josso/portal.war/WEB-INF/web.xml 2009-11-17
14:32:16 UTC (rev 13836)
+++
jbossexo/modules/sso/trunk/agent/src/main/config/josso/portal.war/WEB-INF/web.xml 2009-11-17
16:25:18 UTC (rev 13837)
@@ -181,6 +181,10 @@
<servlet>
<servlet-name>InitiateLoginServlet</servlet-name>
<servlet-class>org.gatein.sso.agent.GenericSSOAgent</servlet-class>
+ <init-param>
+ <param-name>casServerUrl</param-name>
+ <param-value>http://localhost:8888/cas</param-value>
+ </init-param>
</servlet>
<servlet>
Modified:
jbossexo/modules/sso/trunk/agent/src/main/config/josso/portal.war/groovy/portal/webui/UILoginForm.gtmpl
===================================================================
---
jbossexo/modules/sso/trunk/agent/src/main/config/josso/portal.war/groovy/portal/webui/UILoginForm.gtmpl 2009-11-17
14:32:16 UTC (rev 13836)
+++
jbossexo/modules/sso/trunk/agent/src/main/config/josso/portal.war/groovy/portal/webui/UILoginForm.gtmpl 2009-11-17
16:25:18 UTC (rev 13837)
@@ -83,5 +83,5 @@
</div>
<script>
<%=uicomponent.event("Close");%>
- window.location =
'http://localhost:8888/josso/signon/login.do?josso_back_to=http://localhost:8080/portal/private/classic';
+ window.location =
'http://localhost:8888/josso/signon/login.do?josso_back_to=http://localhost:8080/portal/private';
</script>
Modified:
jbossexo/modules/sso/trunk/agent/src/main/config/josso/portal.war/login/jsp/login.jsp
===================================================================
---
jbossexo/modules/sso/trunk/agent/src/main/config/josso/portal.war/login/jsp/login.jsp 2009-11-17
14:32:16 UTC (rev 13836)
+++
jbossexo/modules/sso/trunk/agent/src/main/config/josso/portal.war/login/jsp/login.jsp 2009-11-17
16:25:18 UTC (rev 13837)
@@ -31,7 +31,7 @@
<html>
<head>
<script type="text/javascript">
- window.location =
'http://localhost:8888/josso/signon/login.do?josso_back_to=http://localhost:8080/portal/private/classic';
+ window.location =
'http://localhost:8888/josso/signon/login.do?josso_back_to=http://localhost:8080/portal/private';
</script>
</head>
<body>
Modified:
jbossexo/modules/sso/trunk/agent/src/main/java/org/gatein/sso/agent/GenericSSOAgent.java
===================================================================
---
jbossexo/modules/sso/trunk/agent/src/main/java/org/gatein/sso/agent/GenericSSOAgent.java 2009-11-17
14:32:16 UTC (rev 13836)
+++
jbossexo/modules/sso/trunk/agent/src/main/java/org/gatein/sso/agent/GenericSSOAgent.java 2009-11-17
16:25:18 UTC (rev 13837)
@@ -39,18 +39,25 @@
public class GenericSSOAgent extends InitiateLoginServlet
{
private static Logger log = Logger.getLogger(GenericSSOAgent.class);
+
+ private String casServerUrl;
+
+
+ @Override
+ public void init() throws ServletException
+ {
+ super.init();
+
+ this.casServerUrl =
this.getServletConfig().getInitParameter("casServerUrl");
+ }
- public static final String COOKIE_NAME = "rememberme";
- public static final String CREDENTIALS = "credentials";
-
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException
{
try
{
- this.processSSOToken(req);
-
+ this.processSSOToken(req);
super.doGet(req, resp);
}
catch(Exception e)
@@ -74,7 +81,7 @@
if (ticket != null && ticket.trim().length() > 0)
{
- CASAgent.validateTicket(httpRequest, ticket);
+ CASAgent.getInstance(this.casServerUrl).validateTicket(httpRequest, ticket);
}
else if (jossoAssertion != null && jossoAssertion.trim().length() > 0)
{
Modified:
jbossexo/modules/sso/trunk/agent/src/main/java/org/gatein/sso/agent/cas/CASAgent.java
===================================================================
---
jbossexo/modules/sso/trunk/agent/src/main/java/org/gatein/sso/agent/cas/CASAgent.java 2009-11-17
14:32:16 UTC (rev 13836)
+++
jbossexo/modules/sso/trunk/agent/src/main/java/org/gatein/sso/agent/cas/CASAgent.java 2009-11-17
16:25:18 UTC (rev 13837)
@@ -38,17 +38,43 @@
public class CASAgent
{
private static Logger log = Logger.getLogger(CASAgent.class);
+ private static CASAgent singleton;
- public static void validateTicket(HttpServletRequest httpRequest, String ticket) throws
Exception
+ private String casServerUrl;
+
+ private CASAgent(String casServerUrl)
+ {
+ this.casServerUrl = casServerUrl;
+ }
+
+ public static CASAgent getInstance(String casServerUrl)
+ {
+ if(CASAgent.singleton == null)
+ {
+ synchronized(CASAgent.class)
+ {
+ if(CASAgent.singleton == null)
+ {
+ CASAgent.singleton = new CASAgent(casServerUrl);
+ }
+ }
+ }
+ return CASAgent.singleton;
+ }
+
+ public void validateTicket(HttpServletRequest httpRequest, String ticket) throws
Exception
{
- Cas20ProxyTicketValidator ticketValidator = new
Cas20ProxyTicketValidator("http://localhost:8888/cas");
+ Cas20ProxyTicketValidator ticketValidator = new
Cas20ProxyTicketValidator(casServerUrl);
ticketValidator.setRenew(true);
- Assertion assertion = ticketValidator.validate(ticket,
"http://localhost:8080/portal/private/classic");
-
log.info("------------------------------------------------------------------------------------");
- log.info("Principal: "+assertion.getPrincipal().getName());
-
log.info("------------------------------------------------------------------------------------");
+ String serviceUrl = "http://"+ httpRequest.getServerName() +":" +
httpRequest.getServerPort() + httpRequest.getContextPath() +"/private";
+ Assertion assertion = ticketValidator.validate(ticket, serviceUrl);
+
log.debug("------------------------------------------------------------------------------------");
+ log.debug("Service: "+serviceUrl);
+ log.debug("Principal: "+assertion.getPrincipal().getName());
+
log.debug("------------------------------------------------------------------------------------");
+
//Use empty password....it shouldn't be needed...this is a SSO login. The
password has
//already been presented with the SSO server. It should not be passed around for
Modified:
jbossexo/modules/sso/trunk/agent/src/main/java/org/gatein/sso/agent/josso/JOSSOAgent.java
===================================================================
---
jbossexo/modules/sso/trunk/agent/src/main/java/org/gatein/sso/agent/josso/JOSSOAgent.java 2009-11-17
14:32:16 UTC (rev 13836)
+++
jbossexo/modules/sso/trunk/agent/src/main/java/org/gatein/sso/agent/josso/JOSSOAgent.java 2009-11-17
16:25:18 UTC (rev 13837)
@@ -32,11 +32,13 @@
import org.josso.servlet.agent.GenericServletLocalSession;
/**
+ * TODO: This is broken. This will need a JBoss 5.1.0.GA based JOSSO client stack
+ *
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
*/
public class JOSSOAgent
{
- public static void test(HttpServletRequest httpRequest, String assertionId) throws
Exception
+ /*public static void test(HttpServletRequest httpRequest, String assertionId) throws
Exception
{
System.out.println("Starting simple josso assertion test
case..........................");
@@ -55,5 +57,5 @@
SingleSignOnEntry result = agent.processRequest(request);
System.out.println("SSOEntry: "+result);
- }
+ }*/
}
Modified:
jbossexo/modules/sso/trunk/agent/src/main/java/org/gatein/sso/agent/login/SSOLoginModule.java
===================================================================
---
jbossexo/modules/sso/trunk/agent/src/main/java/org/gatein/sso/agent/login/SSOLoginModule.java 2009-11-17
14:32:16 UTC (rev 13836)
+++
jbossexo/modules/sso/trunk/agent/src/main/java/org/gatein/sso/agent/login/SSOLoginModule.java 2009-11-17
16:25:18 UTC (rev 13837)
@@ -81,6 +81,9 @@
if (username == null)
{
//SSO token could not be validated...hence a user id cannot be found
+ LOG.error("---------------------------------------------------------");
+ LOG.error("SSOLogin Failed. Credential Not Found!!");
+ LOG.error("---------------------------------------------------------");
return false;
}
@@ -89,14 +92,15 @@
.getComponentInstanceOfType(Authenticator.class);
if (authenticator == null)
- throw new LoginException(
+ {
+ throw new LoginException(
"No Authenticator component found, check your configuration");
+ }
Identity identity = authenticator.createIdentity(username);
sharedState.put("exo.security.identity", identity);
sharedState.put("javax.security.auth.login.name", username);
-
subject.getPublicCredentials().add(new UsernameCredential(username));
return true;
Modified:
jbossexo/modules/sso/trunk/auth-callback/src/main/java/org/gatein/sso/authentication/callback/AuthenticationHandler.java
===================================================================
---
jbossexo/modules/sso/trunk/auth-callback/src/main/java/org/gatein/sso/authentication/callback/AuthenticationHandler.java 2009-11-17
14:32:16 UTC (rev 13836)
+++
jbossexo/modules/sso/trunk/auth-callback/src/main/java/org/gatein/sso/authentication/callback/AuthenticationHandler.java 2009-11-17
16:25:18 UTC (rev 13837)
@@ -37,7 +37,6 @@
import org.exoplatform.services.security.Authenticator;
import org.exoplatform.services.security.Credential;
-import org.exoplatform.services.security.Identity;
import org.exoplatform.services.security.PasswordCredential;
import org.exoplatform.services.security.UsernameCredential;
@@ -71,9 +70,7 @@
Authenticator authenticator = (Authenticator)
getContainer().getComponentInstanceOfType(Authenticator.class);
Credential[] credentials = new Credential[] { new UsernameCredential(username),
- new PasswordCredential(password) };
-
- log.info("Authenticator Class-----------"+authenticator);
+ new PasswordCredential(password) };
try
{
Modified:
jbossexo/modules/sso/trunk/gatein-cas-plugin/src/main/java/org/gatein/sso/cas/plugin/AuthenticationPlugin.java
===================================================================
---
jbossexo/modules/sso/trunk/gatein-cas-plugin/src/main/java/org/gatein/sso/cas/plugin/AuthenticationPlugin.java 2009-11-17
14:32:16 UTC (rev 13836)
+++
jbossexo/modules/sso/trunk/gatein-cas-plugin/src/main/java/org/gatein/sso/cas/plugin/AuthenticationPlugin.java 2009-11-17
16:25:18 UTC (rev 13837)
@@ -101,8 +101,9 @@
}
catch(Exception e)
{
+ log.error("Remote Authentication Failed--------------------------");
log.error(this, e);
- throw new RuntimeException(e);
+ return false;
}
}
5334
days inactive
5334
days old
portal-commits@lists.jboss.org
0 comments
1 participants
participants (1)
-
portal-commits@lists.jboss.org