Author: thomas.heute(a)jboss.com Date: 2009-04-20 15:54:45 -0400 (Mon, 20 Apr 2009) New Revision: 13240 Added: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-agent-config.xml modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-auth.xml modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-config.xml modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-portal-stores.xml modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/login-config.xml modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/context.xml modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/jboss-web.xml modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/login.jsp modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/META-INF/ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/META-INF/jboss-service.xml Removed: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/etc/josso/ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-agent-config.xml modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-auth.xml modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-config.xml modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-portal-stores.xml modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/login-config.xml modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/context.xml modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/jboss-web.xml modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/login.jsp modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/META-INF/ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/META-INF/jboss-service.xml modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/resources/portal-josso-sso-sar/ Modified: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/build/build-thirdparty.xml modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOIdentityStore.java modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLoginModule.java modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLogoutValve.java modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/EasySSLProtocolSocketFactory.java modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/EasyX509TrustManager.java modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/JOSSOTestCase.java Log: JBEPP-33 - no validation for cookie value with SSO Will not work until repo accept to sync and few adjustements probably Modified: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/build/build-thirdparty.xml =================================================================== --- modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/build/build-thirdparty.xml 2009-04-20 19:45:59 UTC (rev 13239) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/build/build-thirdparty.xml 2009-04-20 19:54:45 UTC (rev 13240) @@ -72,7 +72,7 @@ <componentref name="hsqldb" version="1.8.0.8.patch01-brew"/> <componentref name="cas" version="3.0.7"/> - <componentref name="josso" version="1.5_jdk14"/> + <componentref name="josso" version="1.6"/> <componentref name="apache-tomcat" version="5.5.20"/> <componentref name="spring" version="2.0.3"/> <componentref name="opensso" version="20070905-nightly"/> Copied: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config (from rev 13225, modules/identity/trunk/sso/src/main/config) Copied: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso (from rev 13225, modules/identity/trunk/sso/src/main/config/josso) Copied: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf (from rev 13225, modules/identity/trunk/sso/src/main/config/josso/conf) Deleted: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-agent-config.xml =================================================================== --- modules/identity/trunk/sso/src/main/config/josso/conf/josso-agent-config.xml 2009-04-17 03:25:33 UTC (rev 13225) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-agent-config.xml 2009-04-20 19:54:45 UTC (rev 13240) @@ -1,119 +0,0 @@ -<?xml version="1.0" encoding="UTF-8" ?> -<!-- - ~ JOSSO: Java Open Single Sign-On - ~ - ~ Copyright 2004-2009, Atricore, Inc. - ~ - ~ This is free software; you can redistribute it and/or modify it - ~ under the terms of the GNU Lesser General Public License as - ~ published by the Free Software Foundation; either version 2.1 of - ~ the License, or (at your option) any later version. - ~ - ~ This software is distributed in the hope that it will be useful, - ~ but WITHOUT ANY WARRANTY; without even the implied warranty of - ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - ~ Lesser General Public License for more details. - ~ - ~ You should have received a copy of the GNU Lesser General Public - ~ License along with this software; if not, write to the Free - ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. - ~ - --> - -<s:beans xmlns:s="http://www.springframework.org/schema/beans" - xmlns:jb42="urn:org:josso:agent:jboss42" - xmlns:agent="urn:org:josso:agent:core" - xmlns:protocol="urn:org:josso:protocol:client" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd - urn:org:josso:agent:jboss42 http://www.josso.org/schema/josso-jboss42-agent.xsd - urn:org:josso:agent:core http://www.josso.org/schema/josso-agent.xsd - urn:org:josso:protocol:client http://www.josso.org/schema/josso-protocol-client.xsd"> - - <jb42:agent name="josso-jboss42-agent" sessionAccessMinInterval="1000" > - - <!-- Gateway LOGIN and LOGOUT URLs --> - <gatewayLoginUrl>http://localhost:8080/josso/signon/login.do</gatewayLoginUrl> - <gatewayLogoutUrl>http://localhost:8080/josso/signon/logout.do</gatewayLogoutUrl> - - <!-- Gateway service locator --> - <gatewayServiceLocator> - <!-- Other properties for ws-service-locator : - username, password, servicesWebContext, transportSecurity - --> - <protocol:ws-service-locator endpoint="localhost:8080" /> - </gatewayServiceLocator> - - <configuration> - <agent:agent-configuration> - - <!-- ============================================================================= --> - <!-- --> - <!-- JOSSO Parnter application definicions : --> - <!-- --> - <!-- Configure all web applications that should be a josso partner application --> - <!-- within this server. --> - <!-- For each partner application you have to define the proper web-context. --> - <!-- ============================================================================= --> - - <agent:partner-apps> - <agent:partner-app id="jboss_portal" context="/portal"/> - - <!-- Simple definition of a partner application --> - <!-- - <agent:partner-app id="MySimplePartnerApp" context="/simple-partnerapp"/> - --> - - <!-- - <agent:partner-app id="MyPartnerApp1" context="/partnerapp" > - --> - - <!-- The vhost is an ooptional feature: - Specify the Host/Virtual Host where this application is runnig - This is useful when configuring multiple security domains. --> - <!-- vhost>localhost</vhost--> <!-- You can configure this as a 'partner-app' element attribute as well --> - - <!-- This is an optional feature : - You can reference any web resource collection that should not be subject to SSO protection. - The SSO agent will not provide identity nor demand authentication to requests matching the - security constraint associated to this web resource collections. - In order to work, the security constraint must not contain auth-constraints declarations. - See sample web.xml file from josso partnerapp. - --> - <!-- - <ignore-web-resource-collections>public-resources,img-resources</ignore-web-resource-collections> - --> - - <!-- In addition to the standard JEE security, JOSSO can propagate the security context using - alternative mechanisms, such as custom http headers, request attributes and cookies, thus making it available - to applications which do not rely on JEE security APIs. --> - <!-- - <security-context-propagation> - <agent:security-context-propagation-config - binding="HTTP_HEADERS" - userPlaceHolder="currentLoginName" - rolesPlaceHolder="currentUserRoles"/> - </security-context-propagation> - --> - <!-- - </agent:partner-app> - --> - - </agent:partner-apps> - - </agent:agent-configuration> - </configuration> - - <!-- Only useful when configuring multiple security domains --> - <!-- You can configure your own parameter builder to send parameters to your SecurityDomainMatcher --> - <!-- - <parametersBuilders> - <agent:vhost-parameters-builder/> - <agent:appctx-parameters-builder/> - </parametersBuilders> - --> - - </jb42:agent> - -</s:beans> Copied: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-agent-config.xml (from rev 13225, modules/identity/trunk/sso/src/main/config/josso/conf/josso-agent-config.xml) =================================================================== --- modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-agent-config.xml (rev 0) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-agent-config.xml 2009-04-20 19:54:45 UTC (rev 13240) @@ -0,0 +1,119 @@ +<?xml version="1.0" encoding="UTF-8" ?> +<!-- + ~ JOSSO: Java Open Single Sign-On + ~ + ~ Copyright 2004-2009, Atricore, Inc. + ~ + ~ This is free software; you can redistribute it and/or modify it + ~ under the terms of the GNU Lesser General Public License as + ~ published by the Free Software Foundation; either version 2.1 of + ~ the License, or (at your option) any later version. + ~ + ~ This software is distributed in the hope that it will be useful, + ~ but WITHOUT ANY WARRANTY; without even the implied warranty of + ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + ~ Lesser General Public License for more details. + ~ + ~ You should have received a copy of the GNU Lesser General Public + ~ License along with this software; if not, write to the Free + ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. + ~ + --> + +<s:beans xmlns:s="http://www.springframework.org/schema/beans" + xmlns:jb42="urn:org:josso:agent:jboss42" + xmlns:agent="urn:org:josso:agent:core" + xmlns:protocol="urn:org:josso:protocol:client" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd + urn:org:josso:agent:jboss42 http://www.josso.org/schema/josso-jboss42-agent.xsd + urn:org:josso:agent:core http://www.josso.org/schema/josso-agent.xsd + urn:org:josso:protocol:client http://www.josso.org/schema/josso-protocol-client.xsd"> + + <jb42:agent name="josso-jboss42-agent" sessionAccessMinInterval="1000" > + + <!-- Gateway LOGIN and LOGOUT URLs --> + <gatewayLoginUrl>http://localhost:8080/josso/signon/login.do</gatewayLoginUrl> + <gatewayLogoutUrl>http://localhost:8080/josso/signon/logout.do</gatewayLogoutUrl> + + <!-- Gateway service locator --> + <gatewayServiceLocator> + <!-- Other properties for ws-service-locator : + username, password, servicesWebContext, transportSecurity + --> + <protocol:ws-service-locator endpoint="localhost:8080" /> + </gatewayServiceLocator> + + <configuration> + <agent:agent-configuration> + + <!-- ============================================================================= --> + <!-- --> + <!-- JOSSO Parnter application definicions : --> + <!-- --> + <!-- Configure all web applications that should be a josso partner application --> + <!-- within this server. --> + <!-- For each partner application you have to define the proper web-context. --> + <!-- ============================================================================= --> + + <agent:partner-apps> + <agent:partner-app id="jboss_portal" context="/portal"/> + + <!-- Simple definition of a partner application --> + <!-- + <agent:partner-app id="MySimplePartnerApp" context="/simple-partnerapp"/> + --> + + <!-- + <agent:partner-app id="MyPartnerApp1" context="/partnerapp" > + --> + + <!-- The vhost is an ooptional feature: + Specify the Host/Virtual Host where this application is runnig + This is useful when configuring multiple security domains. --> + <!-- vhost>localhost</vhost--> <!-- You can configure this as a 'partner-app' element attribute as well --> + + <!-- This is an optional feature : + You can reference any web resource collection that should not be subject to SSO protection. + The SSO agent will not provide identity nor demand authentication to requests matching the + security constraint associated to this web resource collections. + In order to work, the security constraint must not contain auth-constraints declarations. + See sample web.xml file from josso partnerapp. + --> + <!-- + <ignore-web-resource-collections>public-resources,img-resources</ignore-web-resource-collections> + --> + + <!-- In addition to the standard JEE security, JOSSO can propagate the security context using + alternative mechanisms, such as custom http headers, request attributes and cookies, thus making it available + to applications which do not rely on JEE security APIs. --> + <!-- + <security-context-propagation> + <agent:security-context-propagation-config + binding="HTTP_HEADERS" + userPlaceHolder="currentLoginName" + rolesPlaceHolder="currentUserRoles"/> + </security-context-propagation> + --> + <!-- + </agent:partner-app> + --> + + </agent:partner-apps> + + </agent:agent-configuration> + </configuration> + + <!-- Only useful when configuring multiple security domains --> + <!-- You can configure your own parameter builder to send parameters to your SecurityDomainMatcher --> + <!-- + <parametersBuilders> + <agent:vhost-parameters-builder/> + <agent:appctx-parameters-builder/> + </parametersBuilders> + --> + + </jb42:agent> + +</s:beans> Deleted: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-auth.xml =================================================================== --- modules/identity/trunk/sso/src/main/config/josso/conf/josso-gateway-auth.xml 2009-04-17 03:25:33 UTC (rev 13225) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-auth.xml 2009-04-20 19:54:45 UTC (rev 13240) @@ -1,133 +0,0 @@ -<?xml version="1.0" encoding="ISO-8859-1" ?> -<!-- - ~ JOSSO: Java Open Single Sign-On - ~ - ~ Copyright 2004-2009, Atricore, Inc. - ~ - ~ This is free software; you can redistribute it and/or modify it - ~ under the terms of the GNU Lesser General Public License as - ~ published by the Free Software Foundation; either version 2.1 of - ~ the License, or (at your option) any later version. - ~ - ~ This software is distributed in the hope that it will be useful, - ~ but WITHOUT ANY WARRANTY; without even the implied warranty of - ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - ~ Lesser General Public License for more details. - ~ - ~ You should have received a copy of the GNU Lesser General Public - ~ License along with this software; if not, write to the Free - ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. - ~ - --> - -<s:beans xmlns:s="http://www.springframework.org/schema/beans" - xmlns:basic-authscheme="urn:org:josso:basic:authscheme" - xmlns:bind-authscheme="urn:org:josso:bind:authscheme" - xmlns:ntlm-authscheme="urn:org:josso:ntlm:authscheme" - xmlns:strong-authscheme="urn:org:josso:strong:authscheme" - xmlns:rememberme-authscheme="urn:org:josso:rememberme:authscheme" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation=" - http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd - urn:org:josso:strong:authscheme http://www.josso.org/schema/josso-strong-authscheme.xsd - urn:org:josso:basic:authscheme http://www.josso.org/schema/josso-basic-authscheme.xsd - urn:org:josso:bind:authscheme http://www.josso.org/schema/josso-bind-authscheme.xsd - urn:org:josso:ntlm:authscheme http://www.josso.org/schema/josso-ntlm-authscheme.xsd - urn:org:josso:rememberme:authscheme http://www.josso.org/schema/josso-rememberme-authscheme.xsd - "> - - <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> - <!-- Basic Authentication Scheme --> - <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> - <basic-authscheme:basic-auth-scheme - id="josso-basic-authentication" - hashAlgorithm="MD5" - hashEncoding="HEX" - ignorePasswordCase="false" - ignoreUserCase="false"> - - <basic-authscheme:credentialStore> - <s:ref bean="josso-identity-store"/> - </basic-authscheme:credentialStore> - - <basic-authscheme:credentialStoreKeyAdapter> - <s:ref bean="josso-simple-key-adapter"/> - </basic-authscheme:credentialStoreKeyAdapter> - - </basic-authscheme:basic-auth-scheme> - - <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> - <!-- Strong Authentication Scheme --> - <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> - - <strong-authscheme:strong-auth-scheme - id="josso-strong-authentication"> - - <strong-authscheme:credentialStore> - <s:ref bean="josso-identity-store"/> - </strong-authscheme:credentialStore> - - <strong-authscheme:credentialStoreKeyAdapter> - <s:ref bean="josso-simple-key-adapter"/> - </strong-authscheme:credentialStoreKeyAdapter> - - </strong-authscheme:strong-auth-scheme> - - <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> - <!-- Rememberme Authentication Scheme --> - <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> - <rememberme-authscheme:rememberme-auth-scheme - id="josso-rememberme-authentication" > - - <rememberme-authscheme:credentialStore> - <s:ref bean="josso-identity-store"/> - </rememberme-authscheme:credentialStore> - - <rememberme-authscheme:credentialStoreKeyAdapter> - <s:ref bean="josso-simple-key-adapter"/> - </rememberme-authscheme:credentialStoreKeyAdapter> - - </rememberme-authscheme:rememberme-auth-scheme> - - <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> - <!-- BIND Authentication Scheme (normally LDAP) --> - <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> - <!-- Requires a be a bindalble credential store ! --> - <!-- name attribute is important and must not be changed --> - <bind-authscheme:bind-auth-scheme - id="josso-bind-authentication" - name="basic-authentication" - hashAlgorithm="MD5" - hashEncoding="HEX" - ignorePasswordCase="false" - ignoreUserCase="false"> - - - <bind-authscheme:credentialStore> - <s:ref bean="josso-identity-store"/> - </bind-authscheme:credentialStore> - - <bind-authscheme:credentialStoreKeyAdapter> - <s:ref bean="josso-simple-key-adapter"/> - </bind-authscheme:credentialStoreKeyAdapter> - - </bind-authscheme:bind-auth-scheme> - - <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> - <!-- NTLM Authentication Scheme --> - <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> - <ntlm-authscheme:ntlm-auth-scheme - id="josso-ntlm-authentication"> - - <ntlm-authscheme:credentialStore> - <s:ref bean="josso-identity-store"/> - </ntlm-authscheme:credentialStore> - - <ntlm-authscheme:credentialStoreKeyAdapter> - <s:ref bean="josso-simple-key-adapter"/> - </ntlm-authscheme:credentialStoreKeyAdapter> - </ntlm-authscheme:ntlm-auth-scheme> - - -</s:beans> \ No newline at end of file Copied: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-auth.xml (from rev 13225, modules/identity/trunk/sso/src/main/config/josso/conf/josso-gateway-auth.xml) =================================================================== --- modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-auth.xml (rev 0) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-auth.xml 2009-04-20 19:54:45 UTC (rev 13240) @@ -0,0 +1,133 @@ +<?xml version="1.0" encoding="ISO-8859-1" ?> +<!-- + ~ JOSSO: Java Open Single Sign-On + ~ + ~ Copyright 2004-2009, Atricore, Inc. + ~ + ~ This is free software; you can redistribute it and/or modify it + ~ under the terms of the GNU Lesser General Public License as + ~ published by the Free Software Foundation; either version 2.1 of + ~ the License, or (at your option) any later version. + ~ + ~ This software is distributed in the hope that it will be useful, + ~ but WITHOUT ANY WARRANTY; without even the implied warranty of + ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + ~ Lesser General Public License for more details. + ~ + ~ You should have received a copy of the GNU Lesser General Public + ~ License along with this software; if not, write to the Free + ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. + ~ + --> + +<s:beans xmlns:s="http://www.springframework.org/schema/beans" + xmlns:basic-authscheme="urn:org:josso:basic:authscheme" + xmlns:bind-authscheme="urn:org:josso:bind:authscheme" + xmlns:ntlm-authscheme="urn:org:josso:ntlm:authscheme" + xmlns:strong-authscheme="urn:org:josso:strong:authscheme" + xmlns:rememberme-authscheme="urn:org:josso:rememberme:authscheme" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation=" + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd + urn:org:josso:strong:authscheme http://www.josso.org/schema/josso-strong-authscheme.xsd + urn:org:josso:basic:authscheme http://www.josso.org/schema/josso-basic-authscheme.xsd + urn:org:josso:bind:authscheme http://www.josso.org/schema/josso-bind-authscheme.xsd + urn:org:josso:ntlm:authscheme http://www.josso.org/schema/josso-ntlm-authscheme.xsd + urn:org:josso:rememberme:authscheme http://www.josso.org/schema/josso-rememberme-authscheme.xsd + "> + + <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> + <!-- Basic Authentication Scheme --> + <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> + <basic-authscheme:basic-auth-scheme + id="josso-basic-authentication" + hashAlgorithm="MD5" + hashEncoding="HEX" + ignorePasswordCase="false" + ignoreUserCase="false"> + + <basic-authscheme:credentialStore> + <s:ref bean="josso-identity-store"/> + </basic-authscheme:credentialStore> + + <basic-authscheme:credentialStoreKeyAdapter> + <s:ref bean="josso-simple-key-adapter"/> + </basic-authscheme:credentialStoreKeyAdapter> + + </basic-authscheme:basic-auth-scheme> + + <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> + <!-- Strong Authentication Scheme --> + <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> + + <strong-authscheme:strong-auth-scheme + id="josso-strong-authentication"> + + <strong-authscheme:credentialStore> + <s:ref bean="josso-identity-store"/> + </strong-authscheme:credentialStore> + + <strong-authscheme:credentialStoreKeyAdapter> + <s:ref bean="josso-simple-key-adapter"/> + </strong-authscheme:credentialStoreKeyAdapter> + + </strong-authscheme:strong-auth-scheme> + + <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> + <!-- Rememberme Authentication Scheme --> + <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> + <rememberme-authscheme:rememberme-auth-scheme + id="josso-rememberme-authentication" > + + <rememberme-authscheme:credentialStore> + <s:ref bean="josso-identity-store"/> + </rememberme-authscheme:credentialStore> + + <rememberme-authscheme:credentialStoreKeyAdapter> + <s:ref bean="josso-simple-key-adapter"/> + </rememberme-authscheme:credentialStoreKeyAdapter> + + </rememberme-authscheme:rememberme-auth-scheme> + + <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> + <!-- BIND Authentication Scheme (normally LDAP) --> + <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> + <!-- Requires a be a bindalble credential store ! --> + <!-- name attribute is important and must not be changed --> + <bind-authscheme:bind-auth-scheme + id="josso-bind-authentication" + name="basic-authentication" + hashAlgorithm="MD5" + hashEncoding="HEX" + ignorePasswordCase="false" + ignoreUserCase="false"> + + + <bind-authscheme:credentialStore> + <s:ref bean="josso-identity-store"/> + </bind-authscheme:credentialStore> + + <bind-authscheme:credentialStoreKeyAdapter> + <s:ref bean="josso-simple-key-adapter"/> + </bind-authscheme:credentialStoreKeyAdapter> + + </bind-authscheme:bind-auth-scheme> + + <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> + <!-- NTLM Authentication Scheme --> + <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> + <ntlm-authscheme:ntlm-auth-scheme + id="josso-ntlm-authentication"> + + <ntlm-authscheme:credentialStore> + <s:ref bean="josso-identity-store"/> + </ntlm-authscheme:credentialStore> + + <ntlm-authscheme:credentialStoreKeyAdapter> + <s:ref bean="josso-simple-key-adapter"/> + </ntlm-authscheme:credentialStoreKeyAdapter> + </ntlm-authscheme:ntlm-auth-scheme> + + +</s:beans> \ No newline at end of file Deleted: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-config.xml =================================================================== --- modules/identity/trunk/sso/src/main/config/josso/conf/josso-gateway-config.xml 2009-04-17 03:25:33 UTC (rev 13225) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-config.xml 2009-04-20 19:54:45 UTC (rev 13240) @@ -1,315 +0,0 @@ -<?xml version="1.0" encoding="ISO-8859-1" ?> -<!-- - ~ JOSSO: Java Open Single Sign-On - ~ - ~ Copyright 2004-2009, Atricore, Inc. - ~ - ~ This is free software; you can redistribute it and/or modify it - ~ under the terms of the GNU Lesser General Public License as - ~ published by the Free Software Foundation; either version 2.1 of - ~ the License, or (at your option) any later version. - ~ - ~ This software is distributed in the hope that it will be useful, - ~ but WITHOUT ANY WARRANTY; without even the implied warranty of - ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - ~ Lesser General Public License for more details. - ~ - ~ You should have received a copy of the GNU Lesser General Public - ~ License along with this software; if not, write to the Free - ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. - ~ - --> - -<s:beans xmlns:s="http://www.springframework.org/schema/beans" - xmlns="urn:org:josso:core" - xmlns:def-sdselector="urn:org:josso:default:secdomainselector" - xmlns:def-sdregistry="urn:org:josso:default:secdomainregistry" - xmlns:simple-sdmatcher="urn:org:josso:simple:secdomainmatcher" - xmlns:vhost-sdmatcher="urn:org:josso:vhost:secdomainmatcher" - xmlns:appcxt-sdmatcher="urn:org:josso:appctx:secdomainmatcher" - xmlns:def-auth="urn:org:josso:default:authenticator" - xmlns:basic-authscheme="urn:org:josso:basic:authscheme" - xmlns:bind-authscheme="urn:org:josso:bind:authscheme" - xmlns:ntlm-authscheme="urn:org:josso:ntlm:authscheme" - xmlns:strong-authscheme="urn:org:josso:strong:authscheme" - xmlns:memory-istore="urn:org:josso:memory:identitystore" - xmlns:def-identitymgr="urn:org:josso:default:identitymgr" - xmlns:def-identityprv="urn:org:josso:default:identityprovider" - xmlns:def-sessionmgr="urn:org:josso:default:sessionmgr" - xmlns:memory-sstore="urn:org:josso:memory:sessionstore" - xmlns:def-sidgen="urn:org:josso:default:sessionidgen" - xmlns:def-assertionmgr="urn:org:josso:default:assertionmgr" - xmlns:memory-astore="urn:org:josso:memory:assertionstore" - xmlns:def-aidgen="urn:org:josso:default:assertionidgen" - xmlns:def-auditmgr="urn:org:josso:default:auditmgr" - xmlns:logger-atrailhandler="urn:org:josso:logger:audittrailhandler" - xmlns:def-eventmgr="urn:org:josso:default:eventmgr" - xmlns:def-pwdmgr="urn:org:josso:default:passwordmgr" - xmlns:def-pwdgen="urn:org:josso:default:passwordgenerator" - xmlns:email-pwddist="urn:org:josso:email:passworddistributor" - xmlns:simple-lostpwd="urn:org:josso:simple:lostpasswordprocess" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation=" - http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd - urn:org:josso:core http://www.josso.org/schema/josso-core.xsd - urn:org:josso:default:secdomainselector http://www.josso.org/schema/josso-default-secdomainselector.xsd - urn:org:josso:default:secdomainregistry http://www.josso.org/schema/josso-default-secdomainregistry.xsd - urn:org:josso:simple:secdomainmatcher http://www.josso.org/schema/josso-simple-secdomainmatcher.xsd - urn:org:josso:vhost:secdomainmatcher http://www.josso.org/schema/josso-vhost-secdomainmatcher.xsd - urn:org:josso:appctx:secdomainmatcher http://www.josso.org/schema/josso-appctx-secdomainmatcher.xsd - urn:org:josso:default:authenticator http://www.josso.org/schema/josso-default-authenticator.xsd - urn:org:josso:basic:authscheme http://www.josso.org/schema/josso-basic-authscheme.xsd - urn:org:josso:bind:authscheme http://www.josso.org/schema/josso-bind-authscheme.xsd - urn:org:josso:ntlm:authscheme http://www.josso.org/schema/josso-ntlm-authscheme.xsd - urn:org:josso:strong:authscheme http://www.josso.org/schema/josso-strong-authscheme.xsd - urn:org:josso:memory:identitystore http://www.josso.org/schema/josso-memory-identitystore.xsd - urn:org:josso:default:identitymgr http://www.josso.org/schema/josso-default-identitymgr.xsd - urn:org:josso:default:identityprovider http://www.josso.org/schema/josso-default-identityprovider.xsd - urn:org:josso:default:sessionmgr http://www.josso.org/schema/josso-default-sessionmgr.xsd - urn:org:josso:memory:sessionstore http://www.josso.org/schema/josso-memory-sessionstore.xsd - urn:org:josso:default:sessionidgen http://www.josso.org/schema/josso-default-sessionidgen.xsd - urn:org:josso:default:assertionmgr http://www.josso.org/schema/josso-default-assertionmgr.xsd - urn:org:josso:memory:assertionstore http://www.josso.org/schema/josso-memory-assertionstore.xsd - urn:org:josso:default:assertionidgen http://www.josso.org/schema/josso-default-assertionidgen.xsd - urn:org:josso:default:auditmgr http://www.josso.org/schema/josso-default-auditmgr.xsd - urn:org:josso:logger:audittrailhandler http://www.josso.org/schema/josso-logger-audittrailhandler.xsd - urn:org:josso:default:eventmgr http://www.josso.org/schema/josso-default-eventmgr.xsd - urn:org:josso:default:passwordmgr http://www.josso.org/schema/josso-default-passwordmanager.xsd - urn:org:josso:default:passwordgenerator http://www.josso.org/schema/josso-default-passwordgenerator.xsd - urn:org:josso:email:passworddistributor http://www.josso.org/schema/josso-email-passworddistributor.xsd - urn:org:josso:simple:lostpasswordprocess http://www.josso.org/schema/josso-simple-lostpasswordprocess.xsd"> - - <!-- ================================================================== --> - <!-- JOSSO Gateway Configuration using Spring + XBean --> - <!-- --> - <!-- since JOSSO 1.8 --> - <!-- ================================================================== --> - - <!-- To keep things organized when using multiple security domains, prepend the domain name - to component ids, in our case all componetes use the 'josso' prefix --> - - <!-- ================================================================== --> - <!-- Some components are configured in different files to make --> - <!-- configuraiton easier --> - <!-- ================================================================== --> - - <!-- Authentication schemes configuration --> - <s:import resource="josso-gateway-auth.xml"/> - - <!-- SSO Self services configuration --> - <s:import resource="josso-gateway-selfservices.xml"/> - - <!-- Identity, Session and Assertion Stores configuration --> - <s:import resource="josso-gateway-portal-stores.xml" /> - <!-- - <s:import resource="josso-gateway-memory-stores.xml" /> - <s:import resource="josso-gateway-db-stores.xml" /> - <s:import resource="josso-gateway-ldap-stores.xml" /> - --> - - <!-- Web configuration (login form, etc) --> - <s:import resource="josso-gateway-web.xml" /> - - <!-- JMX, used internally --> - <s:import resource="josso-gateway-jmx.xml" /> - - <!-- ================================================================== --> - <!-- Here we define gateway core structure --> - <!-- ================================================================== --> - <gateway> - - <sso-domain-selector> - <def-sdselector:default-domain-selector/> - </sso-domain-selector> - - <sso-domains-registry> - <def-sdregistry:default-domains-registry/> - </sso-domains-registry> - - <!-- ===================================================================== --> - <!-- SSO Security Domains, here we have only one domain configured : josso --> - <!-- Most components are configured elsewhere and referenced here to make --> - <!-- configuration easier. --> - <!-- --> - <!-- Unless you have multimple security domains, you will not need to --> - <!-- change this part --> - <!-- ===================================================================== --> - <domains> - <s:ref bean="josso"/> - </domains> - - </gateway> - - - <!-- JOSSO Default security domain --> - <domain name="josso" type="web"> - - <sso-web-configuration> - <s:ref bean="josso-web-configuraiton"/> - </sso-web-configuration> - - <matchers> - <simple-sdmatcher:simple-matcher/> - </matchers> - - <authenticator> - <s:ref bean="josso-authenticator"/> - </authenticator> - - <identity-manager> - <s:ref bean="josso-identity-manager"/> - </identity-manager> - - <session-manager> - <s:ref bean="josso-session-manager"/> - </session-manager> - - <assertion-manager> - <s:ref bean="josso-assertion-manager"/> - </assertion-manager> - - <identity-provider> - <s:ref bean="josso-identity-provider"/> - </identity-provider> - - <audit-manager> - <s:ref bean="josso-audit-manager"/> - </audit-manager> - - <event-manager> - <s:ref bean="josso-event-manager"/> - </event-manager> - - <!-- Only needed when using NTLM --> - <protocol-manager> - <s:ref bean="josso-protocol-manager"/> - </protocol-manager> - - <!-- Only neede for self-services (lost password, etc). --> - <password-manager> - <s:ref bean="josso-password-manager"/> - </password-manager> - - </domain> - - - <!-- ===================================================================== --> - <!-- SSO Authenticator, all authentication schemes must be configured here --> - <!-- ===================================================================== --> - <def-auth:authenticator id="josso-authenticator"> - <def-auth:schemes> - <s:ref bean="josso-bind-authentication"/> - <!-- - <s:ref bean="josso-basic-authentication"/> - <s:ref bean="josso-strong-authentication"/> - <s:ref bean="josso-rememberme-authentication"/> - --> - <!-- Others like NTLM and BIND go here --> - <!-- - <s:ref bean="josso-bind-authentication"/> - --> - </def-auth:schemes> - </def-auth:authenticator> - - <!-- ===================================================================== --> - <!-- SSO Identity manager, referencing identity store --> - <!-- ===================================================================== --> - <def-identitymgr:identity-manager id="josso-identity-manager"> - - <def-identitymgr:identityStore> - <s:ref bean="josso-identity-store"/> - </def-identitymgr:identityStore> - - <def-identitymgr:identityStoreKeyAdapter> - <s:ref bean="josso-simple-key-adapter"/> - </def-identitymgr:identityStoreKeyAdapter> - - </def-identitymgr:identity-manager> - - <!-- ===================================================================== --> - <!-- SSO Identity provider --> - <!-- ===================================================================== --> - <def-identityprv:identity-provider id="josso-identity-provider"/> - - <!-- ===================================================================== --> - <!-- SSO Session manager, referencing session store --> - <!-- ===================================================================== --> - <def-sessionmgr:session-manager id="josso-session-manager" - maxInactiveInterval="30" - maxSessionsPerUser="-1" - invalidateExceedingSessions="false" - sessionMonitorInterval="10000"> - - <def-sessionmgr:session-id-generator> - <def-sidgen:id-generator algorithm="MD5"/> - </def-sessionmgr:session-id-generator> - - <def-sessionmgr:session-store> - <s:ref bean="josso-session-store"/> - </def-sessionmgr:session-store> - - </def-sessionmgr:session-manager> - - <!-- ===================================================================== --> - <!-- SSO Assertion anager, referencing assertion store --> - <!-- ===================================================================== --> - <def-assertionmgr:assertion-manager id="josso-assertion-manager"> - - <def-assertionmgr:assertion-id-generator> - <def-aidgen:id-generator/> - </def-assertionmgr:assertion-id-generator> - - <def-assertionmgr:assertion-store> - <s:ref bean="josso-assertion-store"/> - </def-assertionmgr:assertion-store> - - </def-assertionmgr:assertion-manager> - - <!-- ===================================================================== --> - <!-- SSO Audit Manager with audit trail handlers --> - <!-- ===================================================================== --> - <def-auditmgr:audit-manager id="josso-audit-manager"> - - <!-- Audit Trail Handlers list --> - <def-auditmgr:handlers> - <logger-atrailhandler:audittrail-logger category="org.josso.AUDIT"/> - </def-auditmgr:handlers> - - </def-auditmgr:audit-manager> - - <!-- ===================================================================== --> - <!-- SSO Protocol Manager with handlers --> - <!-- ===================================================================== --> - <default-protocol-manager id="josso-protocol-manager"> - <!-- To enable NTLM, uncomment this : - <handlers> - <ntlm-authscheme:ntlm-protocol-handler/> - </handlers> - --> - </default-protocol-manager> - - <!-- ===================================================================== --> - <!-- SSO Event manager, based on spring jmx --> - <!-- ===================================================================== --> - <def-eventmgr:springjmx-event-manager id="josso-event-manager"> - <def-eventmgr:listeners> - <s:ref bean="josso-audit-manager"/> - </def-eventmgr:listeners> - </def-eventmgr:springjmx-event-manager> - - <!-- ===================================================================== --> - <!-- SSO Simple key addapter used in several components --> - <!-- ===================================================================== --> - <simple-key-adapter id="josso-simple-key-adapter"/> - - <!-- ===================================================================== --> - <!-- Spring Mail Sender bean. Configure mail delivery settings here --> - <!-- ===================================================================== --> - <s:bean id="josso-spring-mailsender" class="org.springframework.mail.javamail.JavaMailSenderImpl"> - <!-- Spring JavaMaileSender properties : - protocol, host, port, username, password --> - <s:property name="host" value="mail.mycompany.com"/> - </s:bean> - -</s:beans> Copied: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-config.xml (from rev 13225, modules/identity/trunk/sso/src/main/config/josso/conf/josso-gateway-config.xml) =================================================================== --- modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-config.xml (rev 0) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-config.xml 2009-04-20 19:54:45 UTC (rev 13240) @@ -0,0 +1,315 @@ +<?xml version="1.0" encoding="ISO-8859-1" ?> +<!-- + ~ JOSSO: Java Open Single Sign-On + ~ + ~ Copyright 2004-2009, Atricore, Inc. + ~ + ~ This is free software; you can redistribute it and/or modify it + ~ under the terms of the GNU Lesser General Public License as + ~ published by the Free Software Foundation; either version 2.1 of + ~ the License, or (at your option) any later version. + ~ + ~ This software is distributed in the hope that it will be useful, + ~ but WITHOUT ANY WARRANTY; without even the implied warranty of + ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + ~ Lesser General Public License for more details. + ~ + ~ You should have received a copy of the GNU Lesser General Public + ~ License along with this software; if not, write to the Free + ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. + ~ + --> + +<s:beans xmlns:s="http://www.springframework.org/schema/beans" + xmlns="urn:org:josso:core" + xmlns:def-sdselector="urn:org:josso:default:secdomainselector" + xmlns:def-sdregistry="urn:org:josso:default:secdomainregistry" + xmlns:simple-sdmatcher="urn:org:josso:simple:secdomainmatcher" + xmlns:vhost-sdmatcher="urn:org:josso:vhost:secdomainmatcher" + xmlns:appcxt-sdmatcher="urn:org:josso:appctx:secdomainmatcher" + xmlns:def-auth="urn:org:josso:default:authenticator" + xmlns:basic-authscheme="urn:org:josso:basic:authscheme" + xmlns:bind-authscheme="urn:org:josso:bind:authscheme" + xmlns:ntlm-authscheme="urn:org:josso:ntlm:authscheme" + xmlns:strong-authscheme="urn:org:josso:strong:authscheme" + xmlns:memory-istore="urn:org:josso:memory:identitystore" + xmlns:def-identitymgr="urn:org:josso:default:identitymgr" + xmlns:def-identityprv="urn:org:josso:default:identityprovider" + xmlns:def-sessionmgr="urn:org:josso:default:sessionmgr" + xmlns:memory-sstore="urn:org:josso:memory:sessionstore" + xmlns:def-sidgen="urn:org:josso:default:sessionidgen" + xmlns:def-assertionmgr="urn:org:josso:default:assertionmgr" + xmlns:memory-astore="urn:org:josso:memory:assertionstore" + xmlns:def-aidgen="urn:org:josso:default:assertionidgen" + xmlns:def-auditmgr="urn:org:josso:default:auditmgr" + xmlns:logger-atrailhandler="urn:org:josso:logger:audittrailhandler" + xmlns:def-eventmgr="urn:org:josso:default:eventmgr" + xmlns:def-pwdmgr="urn:org:josso:default:passwordmgr" + xmlns:def-pwdgen="urn:org:josso:default:passwordgenerator" + xmlns:email-pwddist="urn:org:josso:email:passworddistributor" + xmlns:simple-lostpwd="urn:org:josso:simple:lostpasswordprocess" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation=" + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd + urn:org:josso:core http://www.josso.org/schema/josso-core.xsd + urn:org:josso:default:secdomainselector http://www.josso.org/schema/josso-default-secdomainselector.xsd + urn:org:josso:default:secdomainregistry http://www.josso.org/schema/josso-default-secdomainregistry.xsd + urn:org:josso:simple:secdomainmatcher http://www.josso.org/schema/josso-simple-secdomainmatcher.xsd + urn:org:josso:vhost:secdomainmatcher http://www.josso.org/schema/josso-vhost-secdomainmatcher.xsd + urn:org:josso:appctx:secdomainmatcher http://www.josso.org/schema/josso-appctx-secdomainmatcher.xsd + urn:org:josso:default:authenticator http://www.josso.org/schema/josso-default-authenticator.xsd + urn:org:josso:basic:authscheme http://www.josso.org/schema/josso-basic-authscheme.xsd + urn:org:josso:bind:authscheme http://www.josso.org/schema/josso-bind-authscheme.xsd + urn:org:josso:ntlm:authscheme http://www.josso.org/schema/josso-ntlm-authscheme.xsd + urn:org:josso:strong:authscheme http://www.josso.org/schema/josso-strong-authscheme.xsd + urn:org:josso:memory:identitystore http://www.josso.org/schema/josso-memory-identitystore.xsd + urn:org:josso:default:identitymgr http://www.josso.org/schema/josso-default-identitymgr.xsd + urn:org:josso:default:identityprovider http://www.josso.org/schema/josso-default-identityprovider.xsd + urn:org:josso:default:sessionmgr http://www.josso.org/schema/josso-default-sessionmgr.xsd + urn:org:josso:memory:sessionstore http://www.josso.org/schema/josso-memory-sessionstore.xsd + urn:org:josso:default:sessionidgen http://www.josso.org/schema/josso-default-sessionidgen.xsd + urn:org:josso:default:assertionmgr http://www.josso.org/schema/josso-default-assertionmgr.xsd + urn:org:josso:memory:assertionstore http://www.josso.org/schema/josso-memory-assertionstore.xsd + urn:org:josso:default:assertionidgen http://www.josso.org/schema/josso-default-assertionidgen.xsd + urn:org:josso:default:auditmgr http://www.josso.org/schema/josso-default-auditmgr.xsd + urn:org:josso:logger:audittrailhandler http://www.josso.org/schema/josso-logger-audittrailhandler.xsd + urn:org:josso:default:eventmgr http://www.josso.org/schema/josso-default-eventmgr.xsd + urn:org:josso:default:passwordmgr http://www.josso.org/schema/josso-default-passwordmanager.xsd + urn:org:josso:default:passwordgenerator http://www.josso.org/schema/josso-default-passwordgenerator.xsd + urn:org:josso:email:passworddistributor http://www.josso.org/schema/josso-email-passworddistributor.xsd + urn:org:josso:simple:lostpasswordprocess http://www.josso.org/schema/josso-simple-lostpasswordprocess.xsd"> + + <!-- ================================================================== --> + <!-- JOSSO Gateway Configuration using Spring + XBean --> + <!-- --> + <!-- since JOSSO 1.8 --> + <!-- ================================================================== --> + + <!-- To keep things organized when using multiple security domains, prepend the domain name + to component ids, in our case all componetes use the 'josso' prefix --> + + <!-- ================================================================== --> + <!-- Some components are configured in different files to make --> + <!-- configuraiton easier --> + <!-- ================================================================== --> + + <!-- Authentication schemes configuration --> + <s:import resource="josso-gateway-auth.xml"/> + + <!-- SSO Self services configuration --> + <s:import resource="josso-gateway-selfservices.xml"/> + + <!-- Identity, Session and Assertion Stores configuration --> + <s:import resource="josso-gateway-portal-stores.xml" /> + <!-- + <s:import resource="josso-gateway-memory-stores.xml" /> + <s:import resource="josso-gateway-db-stores.xml" /> + <s:import resource="josso-gateway-ldap-stores.xml" /> + --> + + <!-- Web configuration (login form, etc) --> + <s:import resource="josso-gateway-web.xml" /> + + <!-- JMX, used internally --> + <s:import resource="josso-gateway-jmx.xml" /> + + <!-- ================================================================== --> + <!-- Here we define gateway core structure --> + <!-- ================================================================== --> + <gateway> + + <sso-domain-selector> + <def-sdselector:default-domain-selector/> + </sso-domain-selector> + + <sso-domains-registry> + <def-sdregistry:default-domains-registry/> + </sso-domains-registry> + + <!-- ===================================================================== --> + <!-- SSO Security Domains, here we have only one domain configured : josso --> + <!-- Most components are configured elsewhere and referenced here to make --> + <!-- configuration easier. --> + <!-- --> + <!-- Unless you have multimple security domains, you will not need to --> + <!-- change this part --> + <!-- ===================================================================== --> + <domains> + <s:ref bean="josso"/> + </domains> + + </gateway> + + + <!-- JOSSO Default security domain --> + <domain name="josso" type="web"> + + <sso-web-configuration> + <s:ref bean="josso-web-configuraiton"/> + </sso-web-configuration> + + <matchers> + <simple-sdmatcher:simple-matcher/> + </matchers> + + <authenticator> + <s:ref bean="josso-authenticator"/> + </authenticator> + + <identity-manager> + <s:ref bean="josso-identity-manager"/> + </identity-manager> + + <session-manager> + <s:ref bean="josso-session-manager"/> + </session-manager> + + <assertion-manager> + <s:ref bean="josso-assertion-manager"/> + </assertion-manager> + + <identity-provider> + <s:ref bean="josso-identity-provider"/> + </identity-provider> + + <audit-manager> + <s:ref bean="josso-audit-manager"/> + </audit-manager> + + <event-manager> + <s:ref bean="josso-event-manager"/> + </event-manager> + + <!-- Only needed when using NTLM --> + <protocol-manager> + <s:ref bean="josso-protocol-manager"/> + </protocol-manager> + + <!-- Only neede for self-services (lost password, etc). --> + <password-manager> + <s:ref bean="josso-password-manager"/> + </password-manager> + + </domain> + + + <!-- ===================================================================== --> + <!-- SSO Authenticator, all authentication schemes must be configured here --> + <!-- ===================================================================== --> + <def-auth:authenticator id="josso-authenticator"> + <def-auth:schemes> + <s:ref bean="josso-bind-authentication"/> + <!-- + <s:ref bean="josso-basic-authentication"/> + <s:ref bean="josso-strong-authentication"/> + <s:ref bean="josso-rememberme-authentication"/> + --> + <!-- Others like NTLM and BIND go here --> + <!-- + <s:ref bean="josso-bind-authentication"/> + --> + </def-auth:schemes> + </def-auth:authenticator> + + <!-- ===================================================================== --> + <!-- SSO Identity manager, referencing identity store --> + <!-- ===================================================================== --> + <def-identitymgr:identity-manager id="josso-identity-manager"> + + <def-identitymgr:identityStore> + <s:ref bean="josso-identity-store"/> + </def-identitymgr:identityStore> + + <def-identitymgr:identityStoreKeyAdapter> + <s:ref bean="josso-simple-key-adapter"/> + </def-identitymgr:identityStoreKeyAdapter> + + </def-identitymgr:identity-manager> + + <!-- ===================================================================== --> + <!-- SSO Identity provider --> + <!-- ===================================================================== --> + <def-identityprv:identity-provider id="josso-identity-provider"/> + + <!-- ===================================================================== --> + <!-- SSO Session manager, referencing session store --> + <!-- ===================================================================== --> + <def-sessionmgr:session-manager id="josso-session-manager" + maxInactiveInterval="30" + maxSessionsPerUser="-1" + invalidateExceedingSessions="false" + sessionMonitorInterval="10000"> + + <def-sessionmgr:session-id-generator> + <def-sidgen:id-generator algorithm="MD5"/> + </def-sessionmgr:session-id-generator> + + <def-sessionmgr:session-store> + <s:ref bean="josso-session-store"/> + </def-sessionmgr:session-store> + + </def-sessionmgr:session-manager> + + <!-- ===================================================================== --> + <!-- SSO Assertion anager, referencing assertion store --> + <!-- ===================================================================== --> + <def-assertionmgr:assertion-manager id="josso-assertion-manager"> + + <def-assertionmgr:assertion-id-generator> + <def-aidgen:id-generator/> + </def-assertionmgr:assertion-id-generator> + + <def-assertionmgr:assertion-store> + <s:ref bean="josso-assertion-store"/> + </def-assertionmgr:assertion-store> + + </def-assertionmgr:assertion-manager> + + <!-- ===================================================================== --> + <!-- SSO Audit Manager with audit trail handlers --> + <!-- ===================================================================== --> + <def-auditmgr:audit-manager id="josso-audit-manager"> + + <!-- Audit Trail Handlers list --> + <def-auditmgr:handlers> + <logger-atrailhandler:audittrail-logger category="org.josso.AUDIT"/> + </def-auditmgr:handlers> + + </def-auditmgr:audit-manager> + + <!-- ===================================================================== --> + <!-- SSO Protocol Manager with handlers --> + <!-- ===================================================================== --> + <default-protocol-manager id="josso-protocol-manager"> + <!-- To enable NTLM, uncomment this : + <handlers> + <ntlm-authscheme:ntlm-protocol-handler/> + </handlers> + --> + </default-protocol-manager> + + <!-- ===================================================================== --> + <!-- SSO Event manager, based on spring jmx --> + <!-- ===================================================================== --> + <def-eventmgr:springjmx-event-manager id="josso-event-manager"> + <def-eventmgr:listeners> + <s:ref bean="josso-audit-manager"/> + </def-eventmgr:listeners> + </def-eventmgr:springjmx-event-manager> + + <!-- ===================================================================== --> + <!-- SSO Simple key addapter used in several components --> + <!-- ===================================================================== --> + <simple-key-adapter id="josso-simple-key-adapter"/> + + <!-- ===================================================================== --> + <!-- Spring Mail Sender bean. Configure mail delivery settings here --> + <!-- ===================================================================== --> + <s:bean id="josso-spring-mailsender" class="org.springframework.mail.javamail.JavaMailSenderImpl"> + <!-- Spring JavaMaileSender properties : + protocol, host, port, username, password --> + <s:property name="host" value="mail.mycompany.com"/> + </s:bean> + +</s:beans> Deleted: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-portal-stores.xml =================================================================== --- modules/identity/trunk/sso/src/main/config/josso/conf/josso-gateway-portal-stores.xml 2009-04-17 03:25:33 UTC (rev 13225) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-portal-stores.xml 2009-04-20 19:54:45 UTC (rev 13240) @@ -1,52 +0,0 @@ -<?xml version="1.0" encoding="ISO-8859-1" ?> -<!-- - ~ JOSSO: Java Open Single Sign-On - ~ - ~ Copyright 2004-2009, Atricore, Inc. - ~ - ~ This is free software; you can redistribute it and/or modify it - ~ under the terms of the GNU Lesser General Public License as - ~ published by the Free Software Foundation; either version 2.1 of - ~ the License, or (at your option) any later version. - ~ - ~ This software is distributed in the hope that it will be useful, - ~ but WITHOUT ANY WARRANTY; without even the implied warranty of - ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - ~ Lesser General Public License for more details. - ~ - ~ You should have received a copy of the GNU Lesser General Public - ~ License along with this software; if not, write to the Free - ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. - ~ - --> - -<s:beans xmlns:s="http://www.springframework.org/schema/beans" - xmlns:portal-istore="urn:org:jboss:portal:josso:identitystore" - xmlns:memory-sstore="urn:org:josso:memory:sessionstore" - xmlns:memory-astore="urn:org:josso:memory:assertionstore" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation=" - http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd - urn:org:josso:memory:sessionstore http://www.josso.org/schema/josso-memory-sessionstore.xsd - urn:org:josso:memory:assertionstore http://www.josso.org/schema/josso-memory-assertionstore.xsd - "> - <!-- ===================================================================== --> - <!-- JOSSO Identity Store, the id is very important because it is --> - <!-- referenced by the identity manager, auth schemes and who knows where --> - <!-- else. --> - <!-- ===================================================================== --> - <portal-istore:portal-store id="josso-identity-store" s:scope="singleton"/> - - <!-- ===================================================================== --> - <!-- JOSSO Session Store, the id is very important because it is --> - <!-- referenced by the session manager and who knows where else --> - <!-- ===================================================================== --> - <memory-sstore:memory-store id="josso-session-store"/> - - <!-- ===================================================================== --> - <!-- JOSSO Assertion Store, the id is very important because it is --> - <!-- referenced by the assertion manager and who knows where elese --> - <!-- ===================================================================== --> - <memory-astore:memory-store id="josso-assertion-store"/> -</s:beans> Copied: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-portal-stores.xml (from rev 13225, modules/identity/trunk/sso/src/main/config/josso/conf/josso-gateway-portal-stores.xml) =================================================================== --- modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-portal-stores.xml (rev 0) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-portal-stores.xml 2009-04-20 19:54:45 UTC (rev 13240) @@ -0,0 +1,52 @@ +<?xml version="1.0" encoding="ISO-8859-1" ?> +<!-- + ~ JOSSO: Java Open Single Sign-On + ~ + ~ Copyright 2004-2009, Atricore, Inc. + ~ + ~ This is free software; you can redistribute it and/or modify it + ~ under the terms of the GNU Lesser General Public License as + ~ published by the Free Software Foundation; either version 2.1 of + ~ the License, or (at your option) any later version. + ~ + ~ This software is distributed in the hope that it will be useful, + ~ but WITHOUT ANY WARRANTY; without even the implied warranty of + ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + ~ Lesser General Public License for more details. + ~ + ~ You should have received a copy of the GNU Lesser General Public + ~ License along with this software; if not, write to the Free + ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. + ~ + --> + +<s:beans xmlns:s="http://www.springframework.org/schema/beans" + xmlns:portal-istore="urn:org:jboss:portal:josso:identitystore" + xmlns:memory-sstore="urn:org:josso:memory:sessionstore" + xmlns:memory-astore="urn:org:josso:memory:assertionstore" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation=" + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd + urn:org:josso:memory:sessionstore http://www.josso.org/schema/josso-memory-sessionstore.xsd + urn:org:josso:memory:assertionstore http://www.josso.org/schema/josso-memory-assertionstore.xsd + "> + <!-- ===================================================================== --> + <!-- JOSSO Identity Store, the id is very important because it is --> + <!-- referenced by the identity manager, auth schemes and who knows where --> + <!-- else. --> + <!-- ===================================================================== --> + <portal-istore:portal-store id="josso-identity-store" s:scope="singleton"/> + + <!-- ===================================================================== --> + <!-- JOSSO Session Store, the id is very important because it is --> + <!-- referenced by the session manager and who knows where else --> + <!-- ===================================================================== --> + <memory-sstore:memory-store id="josso-session-store"/> + + <!-- ===================================================================== --> + <!-- JOSSO Assertion Store, the id is very important because it is --> + <!-- referenced by the assertion manager and who knows where elese --> + <!-- ===================================================================== --> + <memory-astore:memory-store id="josso-assertion-store"/> +</s:beans> Deleted: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/login-config.xml =================================================================== --- modules/identity/trunk/sso/src/main/config/josso/conf/login-config.xml 2009-04-17 03:25:33 UTC (rev 13225) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/login-config.xml 2009-04-20 19:54:45 UTC (rev 13240) @@ -1,152 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?><!-- The XML based JAAS login configuration read by the -org.jboss.security.auth.login.XMLLoginConfig mbean. Add -an application-policy element for each security domain. - -The outline of the application-policy is: -<application-policy name="security-domain-name"> - <authentication> - <login-module code="login.module1.class.name" flag="control_flag"> - <module-option name = "option1-name">option1-value</module-option> - <module-option name = "option2-name">option2-value</module-option> - ... - </login-module> - - <login-module code="login.module2.class.name" flag="control_flag"> - ... - </login-module> - ... - </authentication> -</application-policy> - -$Revision: 64598 $ ---><policy> - <!-- Used by clients within the application server VM such as - mbeans and servlets that access EJBs. - --> - <application-policy name="client-login"> - <authentication> - <login-module code="org.jboss.security.ClientLoginModule" flag="required"> - <!-- Any existing security context will be restored on logout --> - <module-option name="restore-login-identity">true</module-option> - </login-module> - </authentication> - </application-policy> - - <!-- Security domain for JBossMQ --> - <application-policy name="jbossmq"> - <authentication> - <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required"> - <module-option name="unauthenticatedIdentity">guest</module-option> - <module-option name="dsJndiName">java:/DefaultDS</module-option> - <module-option name="principalsQuery">SELECT PASSWD FROM JMS_USERS WHERE USERID=?</module-option> - <module-option name="rolesQuery">SELECT ROLEID, 'Roles' FROM JMS_ROLES WHERE USERID=?</module-option> - </login-module> - </authentication> - </application-policy> - - <!-- Security domain for JBossMQ when using file-state-service.xml - <application-policy name = "jbossmq"> - <authentication> - <login-module code = "org.jboss.mq.sm.file.DynamicLoginModule" - flag = "required"> - <module-option name = "unauthenticatedIdentity">guest</module-option> - <module-option name = "sm.objectname">jboss.mq:service=StateManager</module-option> - </login-module> - </authentication> - </application-policy> - --> - - <!-- Security domains for testing new jca framework --> - <application-policy name="HsqlDbRealm"> - <authentication> - <login-module code="org.jboss.resource.security.ConfiguredIdentityLoginModule" flag="required"> - <module-option name="principal">sa</module-option> - <module-option name="userName">sa</module-option> - <module-option name="password"/> - <module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option> - </login-module> - </authentication> - </application-policy> - - <application-policy name="JmsXARealm"> - <authentication> - <login-module code="org.jboss.resource.security.ConfiguredIdentityLoginModule" flag="required"> - <module-option name="principal">guest</module-option> - <module-option name="userName">guest</module-option> - <module-option name="password">guest</module-option> - <module-option name="managedConnectionFactoryName">jboss.jca:service=TxCM,name=JmsXA</module-option> - </login-module> - </authentication> - </application-policy> - - <!-- A template configuration for the jmx-console web application. This - defaults to the UsersRolesLoginModule the same as other and should be - changed to a stronger authentication mechanism as required. - --> - <application-policy name="jmx-console"> - <authentication> - <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"> - <module-option name="usersProperties">props/jmx-console-users.properties</module-option> - <module-option name="rolesProperties">props/jmx-console-roles.properties</module-option> - </login-module> - </authentication> - </application-policy> - - <!-- A template configuration for the web-console web application. This - defaults to the UsersRolesLoginModule the same as other and should be - changed to a stronger authentication mechanism as required. - --> - <application-policy name="web-console"> - <authentication> - <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"> - <module-option name="usersProperties">web-console-users.properties</module-option> - <module-option name="rolesProperties">web-console-roles.properties</module-option> - </login-module> - </authentication> - </application-policy> - - <!-- - A template configuration for the JBossWS security domain. - This defaults to the UsersRolesLoginModule the same as other and should be - changed to a stronger authentication mechanism as required. - --> - <application-policy name="JBossWS"> - <authentication> - <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"> - <module-option name="usersProperties">props/jbossws-users.properties</module-option> - <module-option name="rolesProperties">props/jbossws-roles.properties</module-option> - <module-option name="unauthenticatedIdentity">anonymous</module-option> - </login-module> - </authentication> - </application-policy> - - <!-- The default login configuration used by any security domain that - does not have a application-policy entry with a matching name - --> - <application-policy name="other"> - <!-- A simple server login module, which can be used when the number - of users is relatively small. It uses two properties files: - users.properties, which holds users (key) and their password (value). - roles.properties, which holds users (key) and a comma-separated list of - their roles (value). - The unauthenticatedIdentity property defines the name of the principal - that will be used when a null username and password are presented as is - the case for an unuathenticated web client or MDB. If you want to - allow such users to be authenticated add the property, e.g., - unauthenticatedIdentity="nobody" - --> - <authentication> - <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"/> - </authentication> - </application-policy> - -<!-- ================================================== --> - <!-- JOSSO JAAS Login Configuration, automatially generated by JOSSO Installer--> - <application-policy name="josso"> <authentication> - <login-module code="org.jboss.portal.identity.sso.josso.JOSSOLoginModule" flag="required"> - <module-option name="debug">true</module-option> - </login-module> - </authentication> - </application-policy> - <!-- ================================================== --> -</policy> \ No newline at end of file Copied: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/login-config.xml (from rev 13225, modules/identity/trunk/sso/src/main/config/josso/conf/login-config.xml) =================================================================== --- modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/login-config.xml (rev 0) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/login-config.xml 2009-04-20 19:54:45 UTC (rev 13240) @@ -0,0 +1,152 @@ +<?xml version="1.0" encoding="UTF-8"?><!-- The XML based JAAS login configuration read by the +org.jboss.security.auth.login.XMLLoginConfig mbean. Add +an application-policy element for each security domain. + +The outline of the application-policy is: +<application-policy name="security-domain-name"> + <authentication> + <login-module code="login.module1.class.name" flag="control_flag"> + <module-option name = "option1-name">option1-value</module-option> + <module-option name = "option2-name">option2-value</module-option> + ... + </login-module> + + <login-module code="login.module2.class.name" flag="control_flag"> + ... + </login-module> + ... + </authentication> +</application-policy> + +$Revision: 64598 $ +--><policy> + <!-- Used by clients within the application server VM such as + mbeans and servlets that access EJBs. + --> + <application-policy name="client-login"> + <authentication> + <login-module code="org.jboss.security.ClientLoginModule" flag="required"> + <!-- Any existing security context will be restored on logout --> + <module-option name="restore-login-identity">true</module-option> + </login-module> + </authentication> + </application-policy> + + <!-- Security domain for JBossMQ --> + <application-policy name="jbossmq"> + <authentication> + <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required"> + <module-option name="unauthenticatedIdentity">guest</module-option> + <module-option name="dsJndiName">java:/DefaultDS</module-option> + <module-option name="principalsQuery">SELECT PASSWD FROM JMS_USERS WHERE USERID=?</module-option> + <module-option name="rolesQuery">SELECT ROLEID, 'Roles' FROM JMS_ROLES WHERE USERID=?</module-option> + </login-module> + </authentication> + </application-policy> + + <!-- Security domain for JBossMQ when using file-state-service.xml + <application-policy name = "jbossmq"> + <authentication> + <login-module code = "org.jboss.mq.sm.file.DynamicLoginModule" + flag = "required"> + <module-option name = "unauthenticatedIdentity">guest</module-option> + <module-option name = "sm.objectname">jboss.mq:service=StateManager</module-option> + </login-module> + </authentication> + </application-policy> + --> + + <!-- Security domains for testing new jca framework --> + <application-policy name="HsqlDbRealm"> + <authentication> + <login-module code="org.jboss.resource.security.ConfiguredIdentityLoginModule" flag="required"> + <module-option name="principal">sa</module-option> + <module-option name="userName">sa</module-option> + <module-option name="password"/> + <module-option name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option> + </login-module> + </authentication> + </application-policy> + + <application-policy name="JmsXARealm"> + <authentication> + <login-module code="org.jboss.resource.security.ConfiguredIdentityLoginModule" flag="required"> + <module-option name="principal">guest</module-option> + <module-option name="userName">guest</module-option> + <module-option name="password">guest</module-option> + <module-option name="managedConnectionFactoryName">jboss.jca:service=TxCM,name=JmsXA</module-option> + </login-module> + </authentication> + </application-policy> + + <!-- A template configuration for the jmx-console web application. This + defaults to the UsersRolesLoginModule the same as other and should be + changed to a stronger authentication mechanism as required. + --> + <application-policy name="jmx-console"> + <authentication> + <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"> + <module-option name="usersProperties">props/jmx-console-users.properties</module-option> + <module-option name="rolesProperties">props/jmx-console-roles.properties</module-option> + </login-module> + </authentication> + </application-policy> + + <!-- A template configuration for the web-console web application. This + defaults to the UsersRolesLoginModule the same as other and should be + changed to a stronger authentication mechanism as required. + --> + <application-policy name="web-console"> + <authentication> + <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"> + <module-option name="usersProperties">web-console-users.properties</module-option> + <module-option name="rolesProperties">web-console-roles.properties</module-option> + </login-module> + </authentication> + </application-policy> + + <!-- + A template configuration for the JBossWS security domain. + This defaults to the UsersRolesLoginModule the same as other and should be + changed to a stronger authentication mechanism as required. + --> + <application-policy name="JBossWS"> + <authentication> + <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"> + <module-option name="usersProperties">props/jbossws-users.properties</module-option> + <module-option name="rolesProperties">props/jbossws-roles.properties</module-option> + <module-option name="unauthenticatedIdentity">anonymous</module-option> + </login-module> + </authentication> + </application-policy> + + <!-- The default login configuration used by any security domain that + does not have a application-policy entry with a matching name + --> + <application-policy name="other"> + <!-- A simple server login module, which can be used when the number + of users is relatively small. It uses two properties files: + users.properties, which holds users (key) and their password (value). + roles.properties, which holds users (key) and a comma-separated list of + their roles (value). + The unauthenticatedIdentity property defines the name of the principal + that will be used when a null username and password are presented as is + the case for an unuathenticated web client or MDB. If you want to + allow such users to be authenticated add the property, e.g., + unauthenticatedIdentity="nobody" + --> + <authentication> + <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required"/> + </authentication> + </application-policy> + +<!-- ================================================== --> + <!-- JOSSO JAAS Login Configuration, automatially generated by JOSSO Installer--> + <application-policy name="josso"> <authentication> + <login-module code="org.jboss.portal.identity.sso.josso.JOSSOLoginModule" flag="required"> + <module-option name="debug">true</module-option> + </login-module> + </authentication> + </application-policy> + <!-- ================================================== --> +</policy> \ No newline at end of file Copied: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal (from rev 13225, modules/identity/trunk/sso/src/main/config/josso/jboss-portal) Deleted: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/context.xml =================================================================== --- modules/identity/trunk/sso/src/main/config/josso/jboss-portal/context.xml 2009-04-17 03:25:33 UTC (rev 13225) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/context.xml 2009-04-20 19:54:45 UTC (rev 13240) @@ -1,4 +0,0 @@ -<?xml version="1.0"?> -<Context> - <Valve className="org.jboss.portal.identity.sso.josso.JOSSOLogoutValve"/> -</Context> Copied: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/context.xml (from rev 13225, modules/identity/trunk/sso/src/main/config/josso/jboss-portal/context.xml) =================================================================== --- modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/context.xml (rev 0) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/context.xml 2009-04-20 19:54:45 UTC (rev 13240) @@ -0,0 +1,4 @@ +<?xml version="1.0"?> +<Context> + <Valve className="org.jboss.portal.identity.sso.josso.JOSSOLogoutValve"/> +</Context> Deleted: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/jboss-web.xml =================================================================== --- modules/identity/trunk/sso/src/main/config/josso/jboss-portal/jboss-web.xml 2009-04-17 03:25:33 UTC (rev 13225) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/jboss-web.xml 2009-04-20 19:54:45 UTC (rev 13240) @@ -1,35 +0,0 @@ -<?xml version="1.0"?> -<!--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - ~ JBoss, a division of Red Hat ~ - ~ Copyright 2006, Red Hat Middleware, LLC, and individual ~ - ~ contributors as indicated by the @authors tag. See the ~ - ~ copyright.txt in the distribution for a full listing of ~ - ~ individual contributors. ~ - ~ ~ - ~ This is free software; you can redistribute it and/or modify it ~ - ~ under the terms of the GNU Lesser General Public License as ~ - ~ published by the Free Software Foundation; either version 2.1 of ~ - ~ the License, or (at your option) any later version. ~ - ~ ~ - ~ This software is distributed in the hope that it will be useful, ~ - ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~ - ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ~ - ~ Lesser General Public License for more details. ~ - ~ ~ - ~ You should have received a copy of the GNU Lesser General Public ~ - ~ License along with this software; if not, write to the Free ~ - ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA ~ - ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. ~ - ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~--> - -<jboss-web> - <security-domain>java:jaas/josso</security-domain> - <context-root>/portal</context-root> - <replication-config> - <replication-trigger>SET</replication-trigger> - </replication-config> - <resource-ref> - <res-ref-name>jdbc/PortalDS</res-ref-name> - <jndi-name>java:PortalDS</jndi-name> - </resource-ref> -</jboss-web> Copied: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/jboss-web.xml (from rev 13225, modules/identity/trunk/sso/src/main/config/josso/jboss-portal/jboss-web.xml) =================================================================== --- modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/jboss-web.xml (rev 0) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/jboss-web.xml 2009-04-20 19:54:45 UTC (rev 13240) @@ -0,0 +1,35 @@ +<?xml version="1.0"?> +<!--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + ~ JBoss, a division of Red Hat ~ + ~ Copyright 2006, Red Hat Middleware, LLC, and individual ~ + ~ contributors as indicated by the @authors tag. See the ~ + ~ copyright.txt in the distribution for a full listing of ~ + ~ individual contributors. ~ + ~ ~ + ~ This is free software; you can redistribute it and/or modify it ~ + ~ under the terms of the GNU Lesser General Public License as ~ + ~ published by the Free Software Foundation; either version 2.1 of ~ + ~ the License, or (at your option) any later version. ~ + ~ ~ + ~ This software is distributed in the hope that it will be useful, ~ + ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~ + ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ~ + ~ Lesser General Public License for more details. ~ + ~ ~ + ~ You should have received a copy of the GNU Lesser General Public ~ + ~ License along with this software; if not, write to the Free ~ + ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA ~ + ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. ~ + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~--> + +<jboss-web> + <security-domain>java:jaas/josso</security-domain> + <context-root>/portal</context-root> + <replication-config> + <replication-trigger>SET</replication-trigger> + </replication-config> + <resource-ref> + <res-ref-name>jdbc/PortalDS</res-ref-name> + <jndi-name>java:PortalDS</jndi-name> + </resource-ref> +</jboss-web> Deleted: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/login.jsp =================================================================== --- modules/identity/trunk/sso/src/main/config/josso/jboss-portal/login.jsp 2009-04-17 03:25:33 UTC (rev 13225) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/login.jsp 2009-04-20 19:54:45 UTC (rev 13240) @@ -1,168 +0,0 @@ -<%-- - ~ Copyright (c) 2004-2006, Novascope S.A. and the JOSSO team - ~ All rights reserved. - ~ Redistribution and use in source and binary forms, with or - ~ without modification, are permitted provided that the following - ~ conditions are met: - ~ - ~ * Redistributions of source code must retain the above copyright - ~ notice, this list of conditions and the following disclaimer. - ~ - ~ * Redistributions in binary form must reproduce the above copyright - ~ notice, this list of conditions and the following disclaimer in - ~ the documentation and/or other materials provided with the - ~ distribution. - ~ - ~ * Neither the name of the JOSSO team nor the names of its - ~ contributors may be used to endorse or promote products derived - ~ from this software without specific prior written permission. - ~ - ~ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - ~ CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - ~ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - ~ MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - ~ DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS - ~ BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - ~ EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - ~ TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - ~ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - ~ ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - ~ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - ~ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - ~ POSSIBILITY OF SUCH DAMAGE. - --%> -<%@page contentType="text/html; charset=iso-8859-1" language="java" session="true" %> -<% - response.sendRedirect(request.getContextPath() + "/josso_login/"); -%> - -<%--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - ~ JBoss, a division of Red Hat ~ - ~ Copyright 2006, Red Hat Middleware, LLC, and individual ~ - ~ contributors as indicated by the @authors tag. See the ~ - ~ copyright.txt in the distribution for a full listing of ~ - ~ individual contributors. ~ - ~ ~ - ~ This is free software; you can redistribute it and/or modify it ~ - ~ under the terms of the GNU Lesser General Public License as ~ - ~ published by the Free Software Foundation; either version 2.1 of ~ - ~ the License, or (at your option) any later version. ~ - ~ ~ - ~ This software is distributed in the hope that it will be useful, ~ - ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~ - ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ~ - ~ Lesser General Public License for more details. ~ - ~ ~ - ~ You should have received a copy of the GNU Lesser General Public ~ - ~ License along with this software; if not, write to the Free ~ - ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA ~ - ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. ~ - ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~--%> -<%-- - -<%@ page pageEncoding="utf-8" %> -<%@page import="org.jboss.portal.identity.UserStatus" %> -<%@page import="org.jboss.portal.server.ParameterSanitizer" %> -<%@page import="java.util.ResourceBundle" %> - -<% - ResourceBundle rb = ResourceBundle.getBundle("Resource", request.getLocale()); - // todo: use ParameterValidation.sanitize after 2.7.1 - String loginheight = request.getParameter("loginheight"); - boolean paramPresent = loginheight != null; - loginheight = ParameterSanitizer.sanitizeFromPattern(loginheight, ParameterSanitizer.CSS_DISTANCE, "300px"); -%> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" -"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> - -<html xmlns="http://www.w3.org/1999/xhtml"> -<head> - <title><%= rb.getString("LOGIN_TITLE") %> - </title> - <style type="text/css"> - /* <![CDATA[ */ - body { - margin: 0; - padding: 0; - border: 0; - padding-top: <%=loginheight%>; - } - - /* ]]> */ - </style> - - <script> - function setFocusOnLoginForm() - { - try - { - document.loginform.j_username.focus(); - } - catch (e) - { - } - } - </script> - - <link rel="stylesheet" href="/portal-core/css/login.css" type="text/css"/> -</head> -<body onload="setFocusOnLoginForm();"> - -<div class="login-container"> - - - <div class="login-header"> - <h2><%= rb.getString("LOGIN_TITLE") %> - </h2> - </div> - <div class="login-content"> - - <div class="error-message" - style="<%=(request.getAttribute(!UserStatus.OK.equals("org.jboss.portal.userStatus") ? "" : "display:none"))%>;"> - <% - - if (UserStatus.DISABLE.equals(request.getAttribute("org.jboss.portal.userStatus"))) - { - out.println(rb.getString("ACCOUNT_DISABLED")); - } - else if (UserStatus.WRONGPASSWORD.equals(request.getAttribute("org.jboss.portal.userStatus")) || UserStatus.UNEXISTING.equals(request.getAttribute("org.jboss.portal.userStatus"))) - { - out.println(rb.getString("ACCOUNT_INEXISTING_OR_WRONG_PASSWORD")); - } - else if (UserStatus.NOTASSIGNEDTOROLE.equals(request.getAttribute("org.jboss.portal.userStatus"))) - { - out.println(rb.getString("ACCOUNT_NOTASSIGNEDTOROLE")); - } - %> - </div> - <form method="post" action="<%= response.encodeURL("j_security_check") %>" name="loginform" id="loginForm" - target="_parent"> - <div class="form-field"> - <label for="j_username"><%= rb.getString("LOGIN_USERNAME") %> - </label> - <input type="text" name="j_username" id="j_username" value=""/> - </div> - <div class="form-field"> - <label for="j_password"><%= rb.getString("LOGIN_PASSWORD") %> - </label> - <input type="password" name="j_password" id="j_password" value=""/> - </div> - <br class="clear"/> - - <div class="button-container"> - <br class="clear"/> - <input style="<%=paramPresent ? "" : "display:none"%>;" type="button" name="cancel" - value="<%= rb.getString("LOGIN_CANCEL") %>" class="cancel-button" - onclick="window.parent.hideContentModal('login-modal');"/> - <br class="clear"/> - <input style="<%=paramPresent ? "" : "right:10px"%>;" type="submit" name="login" - value="<%= rb.getString("LOGIN_SUBMIT") %>" class="login-button"/> - </div> - <br class="clear"/> - </form> - - </div> -</div> -</body> -</html> ---%> Copied: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/login.jsp (from rev 13225, modules/identity/trunk/sso/src/main/config/josso/jboss-portal/login.jsp) =================================================================== --- modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/login.jsp (rev 0) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/login.jsp 2009-04-20 19:54:45 UTC (rev 13240) @@ -0,0 +1,168 @@ +<%-- + ~ Copyright (c) 2004-2006, Novascope S.A. and the JOSSO team + ~ All rights reserved. + ~ Redistribution and use in source and binary forms, with or + ~ without modification, are permitted provided that the following + ~ conditions are met: + ~ + ~ * Redistributions of source code must retain the above copyright + ~ notice, this list of conditions and the following disclaimer. + ~ + ~ * Redistributions in binary form must reproduce the above copyright + ~ notice, this list of conditions and the following disclaimer in + ~ the documentation and/or other materials provided with the + ~ distribution. + ~ + ~ * Neither the name of the JOSSO team nor the names of its + ~ contributors may be used to endorse or promote products derived + ~ from this software without specific prior written permission. + ~ + ~ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + ~ CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + ~ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + ~ MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + ~ DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS + ~ BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + ~ EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + ~ TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + ~ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + ~ ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + ~ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + ~ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + ~ POSSIBILITY OF SUCH DAMAGE. + --%> +<%@page contentType="text/html; charset=iso-8859-1" language="java" session="true" %> +<% + response.sendRedirect(request.getContextPath() + "/josso_login/"); +%> + +<%--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + ~ JBoss, a division of Red Hat ~ + ~ Copyright 2006, Red Hat Middleware, LLC, and individual ~ + ~ contributors as indicated by the @authors tag. See the ~ + ~ copyright.txt in the distribution for a full listing of ~ + ~ individual contributors. ~ + ~ ~ + ~ This is free software; you can redistribute it and/or modify it ~ + ~ under the terms of the GNU Lesser General Public License as ~ + ~ published by the Free Software Foundation; either version 2.1 of ~ + ~ the License, or (at your option) any later version. ~ + ~ ~ + ~ This software is distributed in the hope that it will be useful, ~ + ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~ + ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ~ + ~ Lesser General Public License for more details. ~ + ~ ~ + ~ You should have received a copy of the GNU Lesser General Public ~ + ~ License along with this software; if not, write to the Free ~ + ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA ~ + ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. ~ + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~--%> +<%-- + +<%@ page pageEncoding="utf-8" %> +<%@page import="org.jboss.portal.identity.UserStatus" %> +<%@page import="org.jboss.portal.server.ParameterSanitizer" %> +<%@page import="java.util.ResourceBundle" %> + +<% + ResourceBundle rb = ResourceBundle.getBundle("Resource", request.getLocale()); + // todo: use ParameterValidation.sanitize after 2.7.1 + String loginheight = request.getParameter("loginheight"); + boolean paramPresent = loginheight != null; + loginheight = ParameterSanitizer.sanitizeFromPattern(loginheight, ParameterSanitizer.CSS_DISTANCE, "300px"); +%> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" +"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> + +<html xmlns="http://www.w3.org/1999/xhtml"> +<head> + <title><%= rb.getString("LOGIN_TITLE") %> + </title> + <style type="text/css"> + /* <![CDATA[ */ + body { + margin: 0; + padding: 0; + border: 0; + padding-top: <%=loginheight%>; + } + + /* ]]> */ + </style> + + <script> + function setFocusOnLoginForm() + { + try + { + document.loginform.j_username.focus(); + } + catch (e) + { + } + } + </script> + + <link rel="stylesheet" href="/portal-core/css/login.css" type="text/css"/> +</head> +<body onload="setFocusOnLoginForm();"> + +<div class="login-container"> + + + <div class="login-header"> + <h2><%= rb.getString("LOGIN_TITLE") %> + </h2> + </div> + <div class="login-content"> + + <div class="error-message" + style="<%=(request.getAttribute(!UserStatus.OK.equals("org.jboss.portal.userStatus") ? "" : "display:none"))%>;"> + <% + + if (UserStatus.DISABLE.equals(request.getAttribute("org.jboss.portal.userStatus"))) + { + out.println(rb.getString("ACCOUNT_DISABLED")); + } + else if (UserStatus.WRONGPASSWORD.equals(request.getAttribute("org.jboss.portal.userStatus")) || UserStatus.UNEXISTING.equals(request.getAttribute("org.jboss.portal.userStatus"))) + { + out.println(rb.getString("ACCOUNT_INEXISTING_OR_WRONG_PASSWORD")); + } + else if (UserStatus.NOTASSIGNEDTOROLE.equals(request.getAttribute("org.jboss.portal.userStatus"))) + { + out.println(rb.getString("ACCOUNT_NOTASSIGNEDTOROLE")); + } + %> + </div> + <form method="post" action="<%= response.encodeURL("j_security_check") %>" name="loginform" id="loginForm" + target="_parent"> + <div class="form-field"> + <label for="j_username"><%= rb.getString("LOGIN_USERNAME") %> + </label> + <input type="text" name="j_username" id="j_username" value=""/> + </div> + <div class="form-field"> + <label for="j_password"><%= rb.getString("LOGIN_PASSWORD") %> + </label> + <input type="password" name="j_password" id="j_password" value=""/> + </div> + <br class="clear"/> + + <div class="button-container"> + <br class="clear"/> + <input style="<%=paramPresent ? "" : "display:none"%>;" type="button" name="cancel" + value="<%= rb.getString("LOGIN_CANCEL") %>" class="cancel-button" + onclick="window.parent.hideContentModal('login-modal');"/> + <br class="clear"/> + <input style="<%=paramPresent ? "" : "right:10px"%>;" type="submit" name="login" + value="<%= rb.getString("LOGIN_SUBMIT") %>" class="login-button"/> + </div> + <br class="clear"/> + </form> + + </div> +</div> +</body> +</html> +--%> Copied: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar (from rev 13225, modules/identity/trunk/sso/src/main/config/josso/sar) Copied: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/META-INF (from rev 13225, modules/identity/trunk/sso/src/main/config/josso/sar/META-INF) Deleted: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/META-INF/jboss-service.xml =================================================================== --- modules/identity/trunk/sso/src/main/config/josso/sar/META-INF/jboss-service.xml 2009-04-17 03:25:33 UTC (rev 13225) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/META-INF/jboss-service.xml 2009-04-20 19:54:45 UTC (rev 13240) @@ -1,34 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - ~ JBoss, a division of Red Hat ~ - ~ Copyright 2006, Red Hat Middleware, LLC, and individual ~ - ~ contributors as indicated by the @authors tag. See the ~ - ~ copyright.txt in the distribution for a full listing of ~ - ~ individual contributors. ~ - ~ ~ - ~ This is free software; you can redistribute it and/or modify it ~ - ~ under the terms of the GNU Lesser General Public License as ~ - ~ published by the Free Software Foundation; either version 2.1 of ~ - ~ the License, or (at your option) any later version. ~ - ~ ~ - ~ This software is distributed in the hope that it will be useful, ~ - ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~ - ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ~ - ~ Lesser General Public License for more details. ~ - ~ ~ - ~ You should have received a copy of the GNU Lesser General Public ~ - ~ License along with this software; if not, write to the Free ~ - ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA ~ - ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. ~ - ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~--> - -<server> - <mbean - code="org.jboss.portal.identity.sso.josso.JOSSOIdentityServiceImpl" - name="portal:service=Module,type=JOSSOIdentityService" - xmbean-dd="" - xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean"> - <xmbean/> - <depends>portal:service=Module,type=IdentityServiceController</depends> - </mbean> -</server> \ No newline at end of file Copied: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/META-INF/jboss-service.xml (from rev 13225, modules/identity/trunk/sso/src/main/config/josso/sar/META-INF/jboss-service.xml) =================================================================== --- modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/META-INF/jboss-service.xml (rev 0) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/META-INF/jboss-service.xml 2009-04-20 19:54:45 UTC (rev 13240) @@ -0,0 +1,34 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + ~ JBoss, a division of Red Hat ~ + ~ Copyright 2006, Red Hat Middleware, LLC, and individual ~ + ~ contributors as indicated by the @authors tag. See the ~ + ~ copyright.txt in the distribution for a full listing of ~ + ~ individual contributors. ~ + ~ ~ + ~ This is free software; you can redistribute it and/or modify it ~ + ~ under the terms of the GNU Lesser General Public License as ~ + ~ published by the Free Software Foundation; either version 2.1 of ~ + ~ the License, or (at your option) any later version. ~ + ~ ~ + ~ This software is distributed in the hope that it will be useful, ~ + ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~ + ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ~ + ~ Lesser General Public License for more details. ~ + ~ ~ + ~ You should have received a copy of the GNU Lesser General Public ~ + ~ License along with this software; if not, write to the Free ~ + ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA ~ + ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. ~ + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~--> + +<server> + <mbean + code="org.jboss.portal.identity.sso.josso.JOSSOIdentityServiceImpl" + name="portal:service=Module,type=JOSSOIdentityService" + xmbean-dd="" + xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean"> + <xmbean/> + <depends>portal:service=Module,type=IdentityServiceController</depends> + </mbean> +</server> \ No newline at end of file Modified: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOIdentityStore.java =================================================================== --- modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOIdentityStore.java 2009-04-20 19:45:59 UTC (rev 13239) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOIdentityStore.java 2009-04-20 19:54:45 UTC (rev 13240) @@ -30,6 +30,7 @@ import org.jboss.mx.util.MBeanProxy; import org.jboss.mx.util.MBeanServerLocator; import org.jboss.portal.identity.sso.josso.JOSSOIdentityService; + import org.josso.gateway.SSONameValuePair; import org.josso.gateway.identity.exceptions.NoSuchUserException; import org.josso.gateway.identity.exceptions.SSOIdentityException; @@ -37,22 +38,27 @@ import org.josso.gateway.identity.service.BaseRoleImpl; import org.josso.gateway.identity.service.BaseUser; import org.josso.gateway.identity.service.BaseUserImpl; -import org.josso.gateway.identity.service.store.IdentityStore; import org.josso.gateway.identity.service.store.UserKey; import org.josso.gateway.identity.service.store.SimpleUserKey; +import org.josso.gateway.identity.service.store.IdentityStore; + import org.josso.auth.Credential; import org.josso.auth.CredentialKey; -import org.josso.auth.BindableCredentialStore; -import org.josso.auth.exceptions.SSOAuthenticationException; +import org.josso.auth.CredentialProvider; import org.josso.auth.scheme.AuthenticationScheme; import org.josso.auth.scheme.UsernameCredential; import org.josso.auth.scheme.PasswordCredential; +import org.josso.auth.BindableCredentialStore; +import org.josso.auth.exceptions.SSOAuthenticationException; + /** + * @org.apache.xbean.XBean element="portal-store" + * * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> * */ -public class JOSSOIdentityStore implements IdentityStore, BindableCredentialStore +public class JOSSOIdentityStore implements IdentityStore,BindableCredentialStore { /** * @@ -81,6 +87,9 @@ MBeanServer mbeanServer = MBeanServerLocator.locateJBoss(); this.portalIdentityService = (JOSSOIdentityService) MBeanProxy.get(JOSSOIdentityService.class,new ObjectName("portal:service=Module,type=JOSSOIdentityService"),mbeanServer); + log.info("-------------------------------------------------------------------"); + log.info("JBoss Portal JOSSO Identity Store successfully started............."); + log.info("-------------------------------------------------------------------"); } catch(Exception e) { @@ -91,18 +100,34 @@ throw new RuntimeException("JOSSOIdentityStore registration failed...."); } } - //-----IdentityStore implementation-------------------------------------------------------------------------------------------------- - /** - * - */ - public BaseRole[] findRolesByUserKey(UserKey userKey) - throws SSOIdentityException - { + + public void setAuthenticationScheme(AuthenticationScheme authenticationScheme) + { if(this.portalIdentityService == null) { throw new IllegalStateException("JOSSOIdentityStore not properly registered with the JOSSO system.."); } + this.authenticationScheme = authenticationScheme; + } + //----------------IdentityStore implementation------------------------------------------------------------------------------------------------------------------------ + public boolean userExists(UserKey userKey) throws SSOIdentityException + { + if(this.portalIdentityService == null) + { + throw new IllegalStateException("JOSSOIdentityStore not properly registered with the JOSSO system.."); + } + + return this.portalIdentityService.exists(userKey.toString()); + } + + public BaseRole[] findRolesByUserKey(UserKey userKey) throws SSOIdentityException + { + if(this.portalIdentityService == null) + { + throw new IllegalStateException("JOSSOIdentityStore not properly registered with the JOSSO system.."); + } + //Get the role information from the Portal Identity System String[] userRoles = this.portalIdentityService.getUserRoles(userKey.toString()); @@ -113,17 +138,12 @@ roles[i] = new BaseRoleImpl(userRoles[i]); } - return roles; } - /** - * - */ - public BaseUser loadUser(UserKey userKey) throws NoSuchUserException, - SSOIdentityException - { - if(this.portalIdentityService == null) + public BaseUser loadUser(UserKey userKey) throws NoSuchUserException, SSOIdentityException + { + if(this.portalIdentityService == null) { throw new IllegalStateException("JOSSOIdentityStore not properly registered with the JOSSO system.."); } @@ -134,58 +154,25 @@ user.addProperty("password", ""); return user; - } - - /** - * - */ - public boolean userExists(UserKey userKey) throws SSOIdentityException - { - if(this.portalIdentityService == null) + } + //---------------CredentialStore implementation---------------------------------------------------------------------------------------------------------------------- + public Credential[] loadCredentials(CredentialKey credentialKey, CredentialProvider credentialProvider) throws SSOIdentityException + { + if(this.portalIdentityService == null) { throw new IllegalStateException("JOSSOIdentityStore not properly registered with the JOSSO system.."); } - return this.portalIdentityService.exists(userKey.toString()); - } - //---------BindableCredentialStore implementation--------------------------------------------------------------------------------------------- - /** - * - */ - public Credential[] loadCredentials(CredentialKey credentialKey) throws SSOIdentityException - { - if(this.portalIdentityService == null) - { - throw new IllegalStateException("JOSSOIdentityStore not properly registered with the JOSSO system.."); - } - //Get the User corresponding to this credentialKey BaseUser user = this.loadUser((SimpleUserKey)credentialKey); SSONameValuePair[] properties = user.getProperties(); String password = properties[0].getValue(); return new Credential[]{new UsernameCredential(user.getName()), new PasswordCredential(password)}; - } + } - /** - * - */ public boolean bind(String username, String password) throws SSOAuthenticationException { return this.portalIdentityService.authenticate(username, password); } - - - /** - * - */ - public void setAuthenticationScheme(AuthenticationScheme authenticationScheme) - { - if(this.portalIdentityService == null) - { - throw new IllegalStateException("JOSSOIdentityStore not properly registered with the JOSSO system.."); - } - - this.authenticationScheme = authenticationScheme; - } } Modified: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLoginModule.java =================================================================== --- modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLoginModule.java 2009-04-20 19:45:59 UTC (rev 13239) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLoginModule.java 2009-04-20 19:54:45 UTC (rev 13240) @@ -36,10 +36,7 @@ import org.apache.log4j.Logger; import org.josso.gateway.identity.SSORole; -import org.josso.gateway.identity.SSOUser; import org.josso.gateway.identity.service.BaseRoleImpl; -import org.josso.gateway.identity.service.BaseUserImpl; -import org.josso.tc55.agent.jaas.SSOGatewayLoginModule; import javax.security.auth.Subject; import javax.security.auth.callback.CallbackHandler; @@ -50,6 +47,8 @@ import java.util.Map; import java.util.Set; +import org.josso.jb42.agent.JBossSSOGatewayLoginModule; + /** * SSOGatewayLogin Module for JBoss. * <p> @@ -83,70 +82,20 @@ * @version CVS $Id: JBossSSOGatewayLoginModule.java 338 2006-02-09 16:53:07Z sgonzalez $ */ -public class JOSSOLoginModule extends SSOGatewayLoginModule { +public class JOSSOLoginModule extends JBossSSOGatewayLoginModule +{ private static final Logger logger = Logger.getLogger(JOSSOLoginModule .class); - + private Subject _savedSubject; - - /** the principal to use when user is not authenticated **/ - protected SSOUser _unauthenticatedIdentity; - - - /** - * Initialize this LoginModule . - * Save the received Subject to change it when commit() gets invoked. - * - * @param subject the Subject to be authenticated. - * - * @param callbackHandler a CallbackHandler for communicating - * with the end user (prompting for user names and - * passwords, for example). - * - * @param sharedState shared LoginModule state. - * - * @param options options specified in the login Configuration - * for this particular LoginModule. - */ + public void initialize(Subject subject, CallbackHandler callbackHandler, - Map sharedState, Map options) { - - _savedSubject = subject; - super.initialize(subject, callbackHandler, sharedState, options); - // Check for unauthenticatedIdentity option. - String name = (String) options.get("unauthenticatedIdentity"); - if( name != null ) - { - try - { - _unauthenticatedIdentity = createIdentity(name); - logger.debug("Saw unauthenticatedIdentity="+name); - } - catch(Exception e) - { - logger.warn("Failed to create custom unauthenticatedIdentity", e); - } - } + Map sharedState, Map options) + { + super.initialize(subject, callbackHandler, sharedState, options); + this._savedSubject = subject; } - /** - * This method supports the unauthenticatedIdentity property used by JBoss. - */ - public boolean login() throws LoginException { - - if (!super.login()) { - // We have an unauthenticated user, use configured Principal - if (_unauthenticatedIdentity != null) { - logger.debug("Authenticated as unauthenticatedIdentity : " + _unauthenticatedIdentity); - _ssoUserPrincipal = _unauthenticatedIdentity; - _succeeded = true; - return true; - } - } - - return true; - } - /* * This method is called if the LoginContext's overall authentication succeeded. * @@ -159,55 +108,22 @@ * @return true if this LoginModule's own login and commit * attempts succeeded, or false otherwise. */ - public boolean commit() throws LoginException { - boolean rc = false; - // HashMap setsMap = new HashMap(); - - rc = super.commit(); - + public boolean commit() throws LoginException + { + boolean rc = super.commit(); + + Set ssoRolePrincipals = _savedSubject.getPrincipals(SSORole.class); Group targetGrp = new BaseRoleImpl("Roles"); Iterator i = ssoRolePrincipals.iterator(); Set cour = new java.util.HashSet(); - while (i.hasNext()) { - Principal p = (Principal)i.next(); - - targetGrp.addMember(p); // Add user role to "Roles" group - + while (i.hasNext()) + { + Principal p = (Principal)i.next(); //super hack to make the Subject work properly with the Portal Authorization Engine ((BaseRoleImpl)p).addMember(this.createIdentity(p.getName())); } - // Add the "Roles" group to the Subject so that JBoss can fetch user roles. - _savedSubject.getPrincipals().removeAll(ssoRolePrincipals); - _savedSubject.getPrincipals().add(targetGrp); - - /*Set ssoUserPrincipals = _savedSubject.getPrincipals(SSOUser.class); - Group callerPrincipal = new BaseRoleImpl("CallerPrincipal"); - Iterator j = ssoUserPrincipals.iterator(); - if (j.hasNext()) { - Principal user = (Principal) j.next(); - callerPrincipal.addMember(user); - } - - // Add the "CallerPrincipal" group to the Subject so that JBoss can fetch user. - _savedSubject.getPrincipals().add(callerPrincipal);*/ - - return rc; + + return rc; } - - protected SSOUser createIdentity(String username) { - return new BaseUserImpl(username); - } - - protected SSORole[] getRoleSets() throws LoginException { - if (_ssoUserPrincipal == _unauthenticatedIdentity) { - // Using unauthenticatedIdentity .. - if(logger.isDebugEnabled()) - logger.debug("Using unauthenticatedIdentity " + _ssoUserPrincipal + ", returning no roles."); - - return new SSORole[0]; - } - return super.getRoleSets(); - } - } Modified: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLogoutValve.java =================================================================== --- modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLogoutValve.java 2009-04-20 19:45:59 UTC (rev 13239) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLogoutValve.java 2009-04-20 19:54:45 UTC (rev 13240) @@ -26,7 +26,6 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.Cookie; import org.apache.catalina.connector.Request; import org.apache.catalina.connector.Response; @@ -47,77 +46,15 @@ { HttpServletRequest httpRequest = (HttpServletRequest) request; request.setAttribute("ssoEnabled", "true"); - - Cookie jossoPortalCookie = this.findJOSSOPortalLogoutCookie(httpRequest); - if(jossoPortalCookie != null) - { - String referer = jossoPortalCookie.getValue(); - - if(referer != null && referer.trim().length() > 0) - { - //Delete this cookie - jossoPortalCookie = new Cookie("JOSSO_PORTAL_LOGOUT", ""); - jossoPortalCookie.setMaxAge(0); //setting the value to 0 should delete this cookie from the browser - response.addCookie(jossoPortalCookie); - - //This form of redirect is needed instead of sendRedirect - //otherwise the JBOSS_PORTAL_LOGOUT cookie cleanup does not happen - StringBuffer buffer = new StringBuffer(); - buffer.append("<html>"+"\n"); - buffer.append("<head>"+"\n"); - buffer.append("</head>"+"\n"); - buffer.append("<body onload=\"setTimeout('document.form1.submit()',1000);\">"+"\n"); - buffer.append("<form name=\"form1\" action=\""+referer+"\" method=\"post\">"+"\n"); - buffer.append("</form>"+"\n"); - buffer.append("</body>"+"\n"); - buffer.append("</html>"+"\n"); - - response.getOutputStream().write(buffer.toString().getBytes()); - response.getOutputStream().flush(); - - return; - } - } - - // continue processing the request + + //Logout not activated, Continue processing the request through the system this.getNext().invoke(request, response); + //Check if Logout was activated...If so, perform a JOSSO logout if(request.getAttribute("org.jboss.portal.logout") != null) - { - String jossoLogout = httpRequest.getContextPath() + org.josso.agent.Constants.JOSSO_LOGOUT_URI; - - Cookie cookie = new Cookie("JOSSO_PORTAL_LOGOUT",httpRequest.getHeader("Referer")); - cookie.setMaxAge(-1); //setting the value so that cookie expires when broser is closed - response.addCookie(cookie); - + { + String jossoLogout = httpRequest.getContextPath() + "/josso_logout/"; response.sendRedirect(jossoLogout); } - } - - /** - * - * @param request - * @return - */ - private Cookie findJOSSOPortalLogoutCookie(HttpServletRequest request) - { - Cookie cookie = null; - - Cookie[] cookies = request.getCookies(); - if(cookies != null) - { - for(int i=0; i<cookies.length; i++) - { - Cookie cour = cookies[i]; - - if(cour.getName().equals("JOSSO_PORTAL_LOGOUT")) - { - cookie = cour; - break; - } - } - } - - return cookie; - } + } } Modified: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/EasySSLProtocolSocketFactory.java =================================================================== --- modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/EasySSLProtocolSocketFactory.java 2009-04-20 19:45:59 UTC (rev 13239) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/EasySSLProtocolSocketFactory.java 2009-04-20 19:54:45 UTC (rev 13240) @@ -1,8 +1,8 @@ /* - * $Header: /home/jerenkrantz/tmp/commons/commons-convert/cvs/home/cvs/jakarta-commons//httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/EasySSLProtocolSocketFactory.java,v 1.7 2004/06/11 19:26:27 olegk Exp $ + * $Header: /home/jerenkrantz/tmp/commons/commons-convert/cvs/home/cvs/jakarta-commonshttpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/EasySSLProtocolSocketFactory.java,v 1.7 2004/06/11 19:26:27 olegk Exp $ * $Revision$ * $Date$ - * + * * ==================================================================== * * Licensed to the Apache Software Foundation (ASF) under one or more @@ -12,7 +12,7 @@ * (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http:www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -24,7 +24,7 @@ * This software consists of voluntary contributions made by many * individuals on behalf of the Apache Software Foundation. For more * information on the Apache Software Foundation, please see - * <http://www.apache.org/>;. + * <http:www.apache.org/>. * */ @@ -56,38 +56,38 @@ * reasons, unless it is a concious decision and you are perfectly aware of * security implications of accepting self-signed certificates * </p> - * + * * <p> * Example of using custom protocol socket factory for a specific host: - * + * * <pre> * Protocol easyhttps = new Protocol(&quot;https&quot;, new EasySSLProtocolSocketFactory(), * 443); * HttpClient client = new HttpClient(); * client.getHostConfiguration().setHost(&quot;localhost&quot;, 443, easyhttps); - * // use relative url only + * use relative url only * GetMethod httpget = new GetMethod(&quot;/&quot;); * client.executeMethod(httpget); * </pre> - * + * * </p> * <p> * Example of using custom protocol socket factory per default instead of the * standard one: - * + * * <pre> * Protocol easyhttps = new Protocol(&quot;https&quot;, new EasySSLProtocolSocketFactory(), * 443); * Protocol.registerProtocol(&quot;https&quot;, easyhttps); * HttpClient client = new HttpClient(); - * GetMethod httpget = new GetMethod(&quot;https://localhost/&quot;); + * GetMethod httpget = new GetMethod(&quot;https:localhost/&quot;); * client.executeMethod(httpget); * </pre> - * + * * </p> - * + * * @author <a href="mailto:oleg -at- ural.ru">Oleg Kalnichevski</a> - * + * * <p> * DISCLAIMER: HttpClient developers DO NOT actively support this component. The * component is provided as a reference material, which may be inappropriate for @@ -154,7 +154,7 @@ * does not return until the timeout expires, the controller terminates and * throws an {@link ConnectTimeoutException} * </p> - * + * * @param host * the host name/IP * @param port @@ -165,9 +165,9 @@ * the port on the local machine * @param params * {@link HttpConnectionParams Http connection parameters} - * + * * @return Socket a new socket - * + * * @throws IOException * if an I/O error occurs while creating the socket * @throws UnknownHostException Modified: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/EasyX509TrustManager.java =================================================================== --- modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/EasyX509TrustManager.java 2009-04-20 19:45:59 UTC (rev 13239) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/EasyX509TrustManager.java 2009-04-20 19:54:45 UTC (rev 13240) @@ -8,7 +8,7 @@ * (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * -* http://www.apache.org/licenses/LICENSE-2.0 +* http:www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -20,7 +20,7 @@ * This software consists of voluntary contributions made by many * individuals on behalf of the Apache Software Foundation. For more * information on the Apache Software Foundation, please see -* <http://www.apache.org/>;. +* <http:www.apache.org/>. * */ @@ -38,19 +38,19 @@ /** * <p> -* EasyX509TrustManager unlike default {@link X509TrustManager} accepts -* self-signed certificates. +* EasyX509TrustManager unlike default {@link X509TrustManager} accepts +* self-signed certificates. * </p> * <p> -* This trust manager SHOULD NOT be used for productive systems -* due to security reasons, unless it is a concious decision and -* you are perfectly aware of security implications of accepting +* This trust manager SHOULD NOT be used for productive systems +* due to security reasons, unless it is a concious decision and +* you are perfectly aware of security implications of accepting * self-signed certificates * </p> -* +* * @author <a href="mailto:adrian.sutton@ephox.com">Adrian Sutton</a> * @author <a href="mailto:oleg@ural.ru">Oleg Kalnichevski</a> -* +* * <p> * DISCLAIMER: HttpClient developers DO NOT actively support this component. * The component is provided as a reference material, which may be inappropriate @@ -106,4 +106,4 @@ public X509Certificate[] getAcceptedIssuers() { return this.standardTrustManager.getAcceptedIssuers(); } -} \ No newline at end of file +} Modified: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/JOSSOTestCase.java =================================================================== --- modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/JOSSOTestCase.java 2009-04-20 19:45:59 UTC (rev 13239) +++ modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/JOSSOTestCase.java 2009-04-20 19:54:45 UTC (rev 13240) @@ -18,7 +18,7 @@ * You should have received a copy of the GNU Lesser General Public * * License along with this software; if not, write to the Free * * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. * + * 02110-1301 USA, or see the FSF site: http:www.fsf.org. * ******************************************************************************/ package org.jboss.portal.test.identity.sso; @@ -27,25 +27,22 @@ import java.util.Iterator; import java.util.HashMap; -import org.jboss.portal.test.framework.mc.TestRuntimeContext; - import org.apache.commons.httpclient.HttpClient; import org.apache.commons.httpclient.Cookie; import org.apache.commons.httpclient.NameValuePair; import org.apache.commons.httpclient.methods.GetMethod; import org.apache.commons.httpclient.methods.PostMethod; -import org.apache.commons.httpclient.protocol.Protocol; import junit.framework.TestCase; /** * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> - * + * */ public class JOSSOTestCase extends TestCase { /** - * + * */ private String firstPortal = null; private String secondPortal = null; @@ -54,64 +51,49 @@ private String userLoggedInIndicator = null; private String username = null; private String password = null; - + + /** - * + * */ - protected TestRuntimeContext runtimeContext = null; - - /** - * - */ protected void setUp() throws Exception - { - super.setUp(); - - this.runtimeContext = new TestRuntimeContext("org/jboss/portal/test/identity/sso-beans.xml"); - - this.runtimeContext.addBean("JOSSOConfig", this); - this.runtimeContext.addBean("CASConfig", new CASTestCase()); - - this.runtimeContext.start(); - - //SSL setup - Protocol.registerProtocol("https",new Protocol("https", new EasySSLProtocolSocketFactory(), 443)); + { + this.firstPortal = "http://josso-01:8080/portal"; + this.secondPortal = "http://josso-02:8080/portal"; + this.sameHostSecondPortal = "http://josso-01:8080/portal2"; + this.jossoServer = "josso-01"; + this.userLoggedInIndicator = "Logged in as:"; + this.username = "user"; + this.password = "user"; } /** - * + * */ protected void tearDown() throws Exception - { - super.tearDown(); - - //Service stoppage - this.runtimeContext.stop(); - - //Data cleanup - this.runtimeContext = null; + { } - + /** - * + * * @return - */ + */ public String getUserLoggedInIndicator() { return userLoggedInIndicator; } /** - * + * * @param userLoggedInIndicator */ public void setUserLoggedInIndicator(String userLoggedInIndicator) { this.userLoggedInIndicator = userLoggedInIndicator; } - + /** - * + * * @return */ public String getPassword() @@ -120,7 +102,7 @@ } /** - * + * * @param password */ public void setPassword(String password) @@ -129,7 +111,7 @@ } /** - * + * * @return */ public String getUsername() @@ -138,16 +120,16 @@ } /** - * + * * @param username */ public void setUsername(String username) { this.username = username; } - + /** - * + * * @return */ public String getFirstPortal() @@ -156,7 +138,7 @@ } /** - * + * * @param firstPortal */ public void setFirstPortal(String firstPortal) @@ -165,7 +147,7 @@ } /** - * + * * @return */ public String getSecondPortal() @@ -174,16 +156,16 @@ } /** - * + * * @param secondPortal */ public void setSecondPortal(String secondPortal) { this.secondPortal = secondPortal; } - + /** - * + * * @return */ public String getJossoServer() @@ -192,16 +174,16 @@ } /** - * + * * @param jossoServer */ public void setJossoServer(String jossoServer) { this.jossoServer = jossoServer; } - + /** - * + * * @return */ public String getSameHostSecondPortal() @@ -210,150 +192,152 @@ } /** - * + * * @param sameHostSecondPortal */ public void setSameHostSecondPortal(String sameHostSecondPortal) { this.sameHostSecondPortal = sameHostSecondPortal; } - + //----------------------------------------------------------------------------------------------------------------------------------------------------------------------- /** * This tests the scenario when the two portals are deployed on separate hosts/servers - * + * * @throws Exception */ public void testMultiHostDeployment() throws Exception - { - Cookie ssoCookie = null; + { String firstPortalFinalResponse = null; String secondPortalFinalResponse = null; - + //Load the main portal page on firstPortalContext String firstContextPortalUrl = this.firstPortal; - WebConversation portalConversation = this.startConversation(firstContextPortalUrl); - TestCase.assertFalse(this.isUserLoggedIn(portalConversation.getResponse())); - + WebConversation firstPortalConversation = this.startConversation(firstContextPortalUrl); + TestCase.assertFalse(this.isUserLoggedIn(firstPortalConversation.getResponse())); + //Click the Login link on the firstPortalContext String firstContextLoginUrl = firstContextPortalUrl + "/auth/portal/default/default"; - this.sendGet(firstContextLoginUrl, portalConversation); - + this.sendGet(firstContextLoginUrl, firstPortalConversation, false); + //Navigate to a secured resource on the portal - TestCase.assertNotNull(portalConversation.getRedirectLocation()); - TestCase.assertEquals(portalConversation.getStatusCode(), 302); - String portalToJOSSO = portalConversation.getRedirectLocation(); - this.sendGet(portalToJOSSO, portalConversation); - + TestCase.assertNotNull(firstPortalConversation.getRedirectLocation()); + TestCase.assertEquals(firstPortalConversation.getStatusCode(), 302); + String portalToJOSSO = firstPortalConversation.getRedirectLocation(); + this.sendGet(portalToJOSSO, firstPortalConversation, false); + //When authentication is triggered, move over to the JOSSO server establishing an SSO session with JOSSO - String jossoLocation = portalConversation.getRedirectLocation(); - WebConversation ssoConversation = this.startConversation(jossoLocation); - String response = ssoConversation.getResponse(); - + String jossoLocation = firstPortalConversation.getRedirectLocation(); + WebConversation gatewayConversation = this.startConversation(jossoLocation); + String response = gatewayConversation.getResponse(); + //Extract the josso post action value int searchIndex = response.indexOf("action=\"")+9; int endIndex = response.indexOf('"', searchIndex); String action = response.substring(searchIndex,endIndex); - + //Perform HTTP Post based authentication with the JOSSO Server Map postParams = new HashMap(); postParams.put("josso_username", this.username); postParams.put("josso_password", this.password); postParams.put("josso_cmd", "login"); - this.sendPost("http://"+ this.jossoServer +"/"+action,postParams, ssoConversation); + this.sendPost("http://"+ this.jossoServer +":8080/"+action,postParams, gatewayConversation); + String assertUrl = gatewayConversation.getRedirectLocation(); + this.sendGet(assertUrl, firstPortalConversation, false); - //Go back to the Portal since login has succeeded, starting with assertion on the JOSSO Agent installed on the Portal - String assertUrl = ssoConversation.getRedirectLocation(); - this.sendGet(assertUrl, portalConversation); - //Now go back to the original Portal resource requested. This time user should have an authenticated session established - TestCase.assertNotNull(portalConversation.getRedirectLocation()); - TestCase.assertEquals(portalConversation.getStatusCode(), 302); - TestCase.assertTrue(portalConversation.getRedirectLocation().indexOf(firstContextLoginUrl) != -1); - TestCase.assertNotNull(portalConversation.getSSOCookie()); - String goBack = portalConversation.getRedirectLocation(); - ssoCookie = ssoConversation.getSSOCookie(); - this.sendGet(goBack, portalConversation); - firstPortalFinalResponse = portalConversation.getResponse(); + TestCase.assertNotNull(firstPortalConversation.getRedirectLocation()); + TestCase.assertEquals(firstPortalConversation.getStatusCode(), 302); + TestCase.assertTrue(firstPortalConversation.getRedirectLocation().indexOf(firstContextLoginUrl) != -1); + TestCase.assertNotNull(firstPortalConversation.getSSOCookie()); + String goBack = firstPortalConversation.getRedirectLocation(); + this.sendGet(goBack, firstPortalConversation, false); + firstPortalFinalResponse = firstPortalConversation.getResponse(); TestCase.assertTrue(this.isUserLoggedIn(firstPortalFinalResponse)); - + + //Load the main portal page on secondPortalContext String secondContextPortalUrl = this.secondPortal; - portalConversation = this.startConversation(secondContextPortalUrl); - + WebConversation secondPortalConversation = this.startConversation(secondContextPortalUrl); + //Click the Login Link on the secondPortalContext String secondContextLoginUrl = secondContextPortalUrl + "/auth/portal/default/default"; - this.sendGet(secondContextLoginUrl, portalConversation); - + this.sendGet(secondContextLoginUrl, secondPortalConversation, false); + //Perform re-direct to the JOSSO Server but this time sending in the JOSSO cookie - TestCase.assertNotNull(portalConversation.getRedirectLocation()); - TestCase.assertEquals(portalConversation.getStatusCode(), 302); - portalToJOSSO = portalConversation.getRedirectLocation(); - this.sendGet(portalToJOSSO, portalConversation); - - + TestCase.assertNotNull(secondPortalConversation.getRedirectLocation()); + TestCase.assertEquals(secondPortalConversation.getStatusCode(), 302); + portalToJOSSO = secondPortalConversation.getRedirectLocation(); + this.sendGet(portalToJOSSO, secondPortalConversation, false); + + //Assert the redirect and it should be to the JOSSO Server, but this time //It should end up with an Authenticated session back to the secondPortalContext - jossoLocation = portalConversation.getRedirectLocation(); - ssoConversation = this.startConversation(jossoLocation,ssoCookie); - secondPortalFinalResponse = ssoConversation.getResponse(); - TestCase.assertTrue(this.isUserLoggedIn(secondPortalFinalResponse)); + jossoLocation = secondPortalConversation.getRedirectLocation(); + this.sendGet(jossoLocation, gatewayConversation, false); + assertUrl = gatewayConversation.getRedirectLocation(); + this.sendGet(assertUrl, secondPortalConversation, true); - //Assert and make sure its the same user logged into both Portals + + //Assert that automatic login occurred + secondPortalFinalResponse = secondPortalConversation.getResponse(); + TestCase.assertTrue(this.isUserLoggedIn(secondPortalFinalResponse)); + + //Assert and make sure its the same user logged into both Portals String firstPortalUser = this.extractLoggedInUser(firstPortalFinalResponse); - String secondPortalUser = this.extractLoggedInUser(secondPortalFinalResponse); + String secondPortalUser = this.extractLoggedInUser(secondPortalFinalResponse); TestCase.assertEquals(firstPortalUser, this.username); TestCase.assertEquals(secondPortalUser, this.username); - TestCase.assertEquals(firstPortalUser, secondPortalUser); + TestCase.assertEquals(firstPortalUser, secondPortalUser); } - + /** * This tests the scenario where the two portals are deployed within the same host/server but under * different web contexts - * + * * @throws Exception */ - public void testSameHostDeployment() throws Exception - { + /*public void testSameHostDeployment() throws Exception + { Cookie ssoCookie = null; String firstPortalFinalResponse = null; String secondPortalFinalResponse = null; - + //Load the main portal page on firstPortalContext String firstContextPortalUrl = this.firstPortal; - WebConversation portalConversation = this.startConversation(firstContextPortalUrl); + WebConversation portalConversation = this.startConversation(firstContextPortalUrl); TestCase.assertFalse(this.isUserLoggedIn(portalConversation.getResponse())); - + //Click the Login link on the firstPortalContext String firstContextLoginUrl = firstContextPortalUrl + "/auth/portal/default/default"; - this.sendGet(firstContextLoginUrl, portalConversation); - + this.sendGet(firstContextLoginUrl, portalConversation); + //Navigate to a secured resource on the portal TestCase.assertNotNull(portalConversation.getRedirectLocation()); TestCase.assertEquals(portalConversation.getStatusCode(), 302); String portalToJOSSO = portalConversation.getRedirectLocation(); - this.sendGet(portalToJOSSO, portalConversation); - + this.sendGet(portalToJOSSO, portalConversation); + //When authentication is triggered, move over to the JOSSO server establishing an SSO session with JOSSO String jossoLocation = portalConversation.getRedirectLocation(); WebConversation ssoConversation = this.startConversation(jossoLocation); String response = ssoConversation.getResponse(); - + //Extract the josso post action value int searchIndex = response.indexOf("action=\"")+9; int endIndex = response.indexOf('"', searchIndex); String action = response.substring(searchIndex,endIndex); - + //Perform HTTP Post based authentication with the JOSSO Server Map postParams = new HashMap(); postParams.put("josso_username", this.username); postParams.put("josso_password", this.password); postParams.put("josso_cmd", "login"); - this.sendPost("http://"+ this.jossoServer +"/"+action,postParams, ssoConversation); - + this.sendPost("http:"+ this.jossoServer +"/"+action,postParams, ssoConversation); + //Go back to the Portal since login has succeeded, starting with assertion on the JOSSO Agent installed on the Portal String assertUrl = ssoConversation.getRedirectLocation(); this.sendGet(assertUrl, portalConversation); - + //Now go back to the original Portal resource requested. This time user should have an authenticated session established TestCase.assertNotNull(portalConversation.getRedirectLocation()); TestCase.assertEquals(portalConversation.getStatusCode(), 302); @@ -361,68 +345,62 @@ TestCase.assertNotNull(portalConversation.getSSOCookie()); String goBack = portalConversation.getRedirectLocation(); ssoCookie = ssoConversation.getSSOCookie(); - this.sendGet(goBack, portalConversation); + this.sendGet(goBack, portalConversation); firstPortalFinalResponse = portalConversation.getResponse(); TestCase.assertTrue(this.isUserLoggedIn(firstPortalFinalResponse)); - + //Load the main portal page on secondPortalContext String secondContextPortalUrl = this.sameHostSecondPortal; portalConversation = this.startConversation(secondContextPortalUrl); - + //Click the Login Link on the secondPortalContext String secondContextLoginUrl = secondContextPortalUrl + "/auth/portal/default/default"; this.sendGet(secondContextLoginUrl, portalConversation); - + //Perform re-direct to the JOSSO Server but this time sending in the JOSSO cookie TestCase.assertNotNull(portalConversation.getRedirectLocation()); TestCase.assertEquals(portalConversation.getStatusCode(), 302); portalToJOSSO = portalConversation.getRedirectLocation(); this.sendGet(portalToJOSSO, portalConversation); - - + + //Assert the redirect and it should be to the JOSSO Server, but this time //It should end up with an Authenticated session back to the secondPortalContext jossoLocation = portalConversation.getRedirectLocation(); ssoConversation = this.startConversation(jossoLocation,ssoCookie); secondPortalFinalResponse = ssoConversation.getResponse(); TestCase.assertTrue(this.isUserLoggedIn(secondPortalFinalResponse)); - - //Assert and make sure its the same user logged into both Portals + + //Assert and make sure its the same user logged into both Portals String firstPortalUser = this.extractLoggedInUser(firstPortalFinalResponse); - String secondPortalUser = this.extractLoggedInUser(secondPortalFinalResponse); + String secondPortalUser = this.extractLoggedInUser(secondPortalFinalResponse); TestCase.assertEquals(firstPortalUser, this.username); TestCase.assertEquals(secondPortalUser, this.username); - TestCase.assertEquals(firstPortalUser, secondPortalUser); - } - - /** - * - * @param portalUrl - * @return - * @throws Exception - */ + TestCase.assertEquals(firstPortalUser, secondPortalUser); + }*/ + //----------------------------------------------------------------------------------------------------------------------------------------------------------------------- private WebConversation startConversation(String portalUrl) throws Exception { WebConversation conversation = null; - + HttpClient httpClient = new HttpClient(); GetMethod getMethod = new GetMethod(portalUrl); try { conversation = new WebConversation(); - + int statusCode = httpClient.executeMethod(getMethod); String response = getMethod.getResponseBodyAsString(); - - Cookie[] cookies = httpClient.getState().getCookies(); + + Cookie[] cookies = httpClient.getState().getCookies(); for(int i=0;i<cookies.length;i++) { if(cookies[i].getName().equals("JSESSIONID")) { - conversation.setSessionId(cookies[i].getValue()); + conversation.setSessionCookie(cookies[i]); } } - + conversation.setClient(httpClient); conversation.setStatusCode(statusCode); conversation.setResponse(response); @@ -434,91 +412,38 @@ getMethod.releaseConnection(); } } - + return conversation; - } + } - /** - * - * @param portalUrl - * @return - * @throws Exception - */ - private WebConversation startConversation(String portalUrl, Cookie ssoCookie) throws Exception + private void sendGet(String portalUrl,WebConversation conversation, boolean followRedirects) throws Exception { - WebConversation conversation = null; - - HttpClient httpClient = new HttpClient(); + HttpClient httpClient = conversation.getClient(); + GetMethod getMethod = new GetMethod(portalUrl); - - //Set ssoCookie to be sent in - getMethod.setRequestHeader("Cookie",ssoCookie.getName()+"="+ssoCookie.getValue()); - + getMethod.setFollowRedirects(followRedirects); try { - conversation = new WebConversation(); - int statusCode = httpClient.executeMethod(getMethod); + String response = getMethod.getResponseBodyAsString(); - - Cookie[] cookies = httpClient.getState().getCookies(); + + Cookie[] cookies = httpClient.getState().getCookies(); for(int i=0;i<cookies.length;i++) { if(cookies[i].getName().equals("JSESSIONID")) { - conversation.setSessionId(cookies[i].getValue()); + conversation.setSessionCookie(cookies[i]); } - } - - conversation.setClient(httpClient); - conversation.setStatusCode(statusCode); - conversation.setResponse(response); - } - finally - { - if(getMethod != null) - { - getMethod.releaseConnection(); - } - } - - return conversation; - } - - /** - * - * @param portalUrl - * @param conversation - * @throws Exception - */ - private void sendGet(String portalUrl,WebConversation conversation) throws Exception - { - HttpClient httpClient = conversation.getClient(); - - GetMethod getMethod = new GetMethod(portalUrl); - getMethod.setFollowRedirects(false); - try - { - int statusCode = httpClient.executeMethod(getMethod); - - String response = getMethod.getResponseBodyAsString(); - - Cookie[] cookies = httpClient.getState().getCookies(); - for(int i=0;i<cookies.length;i++) - { - if(cookies[i].getName().equals("JSESSIONID")) - { - conversation.setSessionId(cookies[i].getValue()); - } if(cookies[i].getName().equals("JOSSO_SESSIONID")) { conversation.setSSOCookie(cookies[i]); } } - + conversation.setStatusCode(statusCode); conversation.setResponse(response); - + if(statusCode == 302) { //Store the redirect location @@ -535,21 +460,13 @@ } } - - /** - * - * @param url - * @param parameters - * @param conversation - * @throws Exception - */ private void sendPost(String url,Map parameters,WebConversation conversation) throws Exception { HttpClient httpClient = conversation.getClient(); - + PostMethod postMethod = new PostMethod(url); - - //Add post parameters + + //Add post parameters Set keySet = parameters.keySet(); NameValuePair[] postdata = new NameValuePair[keySet.size()]; int index = 0; @@ -561,27 +478,27 @@ } postMethod.setRequestBody(postdata); try - { + { int statusCode = httpClient.executeMethod(postMethod); - + String response = postMethod.getResponseBodyAsString(); - - Cookie[] cookies = httpClient.getState().getCookies(); + + Cookie[] cookies = httpClient.getState().getCookies(); for(int i=0;i<cookies.length;i++) { if(cookies[i].getName().equals("JSESSIONID")) { - conversation.setSessionId(cookies[i].getValue()); + conversation.setSessionCookie(cookies[i]); } if(cookies[i].getName().equals("JOSSO_SESSIONID")) { conversation.setSSOCookie(cookies[i]); } } - + conversation.setStatusCode(statusCode); conversation.setResponse(response); - + if(statusCode == 302) { //Store the redirect location @@ -598,74 +515,59 @@ } } - /** - * - * @param response - * @return - */ private boolean isUserLoggedIn(String response) { boolean isUserLoggedIn = false; - + isUserLoggedIn = (response.indexOf(this.userLoggedInIndicator) != -1); - + return isUserLoggedIn; } - /** - * - * @param response - * @return - */ private String extractLoggedInUser(String response) { String loggedInUser = null; - + int startIndex = response.indexOf(this.userLoggedInIndicator) + this.userLoggedInIndicator.length(); int endIndex = response.indexOf("<",startIndex); - + loggedInUser = response.substring(startIndex,endIndex).trim(); - + return loggedInUser; } - /** - * - * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> - * - */ private static class WebConversation { /** - * + * */ - private HttpClient client = null; - private String sessionId = null; + private HttpClient client = null; private int statusCode = 0; private String response = null; private String redirectLocation = null; private Cookie ssoCookie = null; - + private Cookie sessionCookie = null; + /** - * * + * */ public WebConversation() { - + } - + /** - * + * * @return */ public HttpClient getClient() { return this.client; } - + /** - * + * * @param client */ public void setClient(HttpClient client) @@ -693,16 +595,6 @@ this.statusCode = statusCode; } - public String getSessionId() - { - return sessionId; - } - - public void setSessionId(String sessionId) - { - this.sessionId = sessionId; - } - public String getRedirectLocation() { return redirectLocation; @@ -721,6 +613,21 @@ public void setSSOCookie(Cookie ssoCookie) { this.ssoCookie = ssoCookie; - } + } + + public String getSessionId() + { + return this.sessionCookie.getValue(); + } + + public void setSessionCookie(Cookie sessionCookie) + { + this.sessionCookie = sessionCookie; + } + + public Cookie getSessionCookie() + { + return this.sessionCookie; + } } }