Author: thomas.heute(a)jboss.com
Date: 2009-04-20 15:54:45 -0400 (Mon, 20 Apr 2009)
New Revision: 13240
Added:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-agent-config.xml
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-auth.xml
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-config.xml
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-portal-stores.xml
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/login-config.xml
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/context.xml
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/jboss-web.xml
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/login.jsp
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/META-INF/
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/META-INF/jboss-service.xml
Removed:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/etc/josso/
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-agent-config.xml
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-auth.xml
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-config.xml
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-portal-stores.xml
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/login-config.xml
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/context.xml
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/jboss-web.xml
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/login.jsp
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/META-INF/
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/META-INF/jboss-service.xml
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/resources/portal-josso-sso-sar/
Modified:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/build/build-thirdparty.xml
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOIdentityStore.java
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLoginModule.java
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLogoutValve.java
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/EasySSLProtocolSocketFactory.java
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/EasyX509TrustManager.java
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/JOSSOTestCase.java
Log:
JBEPP-33 - no validation for cookie value with SSO
Will not work until repo accept to sync and few adjustements probably
Modified: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/build/build-thirdparty.xml
===================================================================
---
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/build/build-thirdparty.xml 2009-04-20
19:45:59 UTC (rev 13239)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/build/build-thirdparty.xml 2009-04-20
19:54:45 UTC (rev 13240)
@@ -72,7 +72,7 @@
<componentref name="hsqldb"
version="1.8.0.8.patch01-brew"/>
<componentref name="cas" version="3.0.7"/>
- <componentref name="josso" version="1.5_jdk14"/>
+ <componentref name="josso" version="1.6"/>
<componentref name="apache-tomcat" version="5.5.20"/>
<componentref name="spring" version="2.0.3"/>
<componentref name="opensso"
version="20070905-nightly"/>
Copied: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config (from rev
13225, modules/identity/trunk/sso/src/main/config)
Copied: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso (from
rev 13225, modules/identity/trunk/sso/src/main/config/josso)
Copied: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf
(from rev 13225, modules/identity/trunk/sso/src/main/config/josso/conf)
Deleted:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-agent-config.xml
===================================================================
---
modules/identity/trunk/sso/src/main/config/josso/conf/josso-agent-config.xml 2009-04-17
03:25:33 UTC (rev 13225)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-agent-config.xml 2009-04-20
19:54:45 UTC (rev 13240)
@@ -1,119 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-<!--
- ~ JOSSO: Java Open Single Sign-On
- ~
- ~ Copyright 2004-2009, Atricore, Inc.
- ~
- ~ This is free software; you can redistribute it and/or modify it
- ~ under the terms of the GNU Lesser General Public License as
- ~ published by the Free Software Foundation; either version 2.1 of
- ~ the License, or (at your option) any later version.
- ~
- ~ This software is distributed in the hope that it will be useful,
- ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
- ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- ~ Lesser General Public License for more details.
- ~
- ~ You should have received a copy of the GNU Lesser General Public
- ~ License along with this software; if not, write to the Free
- ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- ~ 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
- ~
- -->
-
-<s:beans
xmlns:s="http://www.springframework.org/schema/beans"
- xmlns:jb42="urn:org:josso:agent:jboss42"
- xmlns:agent="urn:org:josso:agent:core"
- xmlns:protocol="urn:org:josso:protocol:client"
-
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
- urn:org:josso:agent:jboss42
http://www.josso.org/schema/josso-jboss42-agent.xsd
- urn:org:josso:agent:core
http://www.josso.org/schema/josso-agent.xsd
- urn:org:josso:protocol:client
http://www.josso.org/schema/josso-protocol-client.xsd">
-
- <jb42:agent name="josso-jboss42-agent"
sessionAccessMinInterval="1000" >
-
- <!-- Gateway LOGIN and LOGOUT URLs -->
-
<gatewayLoginUrl>http://localhost:8080/josso/signon/login.do</gatewayLoginUrl>
-
<gatewayLogoutUrl>http://localhost:8080/josso/signon/logout.do</gatewayLogoutUrl>
-
- <!-- Gateway service locator -->
- <gatewayServiceLocator>
- <!-- Other properties for ws-service-locator :
- username, password, servicesWebContext, transportSecurity
- -->
- <protocol:ws-service-locator endpoint="localhost:8080" />
- </gatewayServiceLocator>
-
- <configuration>
- <agent:agent-configuration>
-
- <!--
============================================================================= -->
- <!--
-->
- <!-- JOSSO Parnter application definicions :
-->
- <!--
-->
- <!-- Configure all web applications that should be a josso partner
application -->
- <!-- within this server.
-->
- <!-- For each partner application you have to define the proper
web-context. -->
- <!--
============================================================================= -->
-
- <agent:partner-apps>
- <agent:partner-app id="jboss_portal"
context="/portal"/>
-
- <!-- Simple definition of a partner application -->
- <!--
- <agent:partner-app id="MySimplePartnerApp"
context="/simple-partnerapp"/>
- -->
-
- <!--
- <agent:partner-app id="MyPartnerApp1"
context="/partnerapp" >
- -->
-
- <!-- The vhost is an ooptional feature:
- Specify the Host/Virtual Host where this application is runnig
- This is useful when configuring multiple security domains.
-->
- <!-- vhost>localhost</vhost--> <!-- You can
configure this as a 'partner-app' element attribute as well -->
-
- <!-- This is an optional feature :
- You can reference any web resource collection that should not be
subject to SSO protection.
- The SSO agent will not provide identity nor demand authentication
to requests matching the
- security constraint associated to this web resource collections.
- In order to work, the security constraint must not contain
auth-constraints declarations.
- See sample web.xml file from josso partnerapp.
- -->
- <!--
-
<ignore-web-resource-collections>public-resources,img-resources</ignore-web-resource-collections>
- -->
-
- <!-- In addition to the standard JEE security, JOSSO can
propagate the security context using
- alternative mechanisms, such as custom http headers, request
attributes and cookies, thus making it available
- to applications which do not rely on JEE security APIs. -->
- <!--
- <security-context-propagation>
- <agent:security-context-propagation-config
- binding="HTTP_HEADERS"
- userPlaceHolder="currentLoginName"
- rolesPlaceHolder="currentUserRoles"/>
- </security-context-propagation>
- -->
- <!--
- </agent:partner-app>
- -->
-
- </agent:partner-apps>
-
- </agent:agent-configuration>
- </configuration>
-
- <!-- Only useful when configuring multiple security domains -->
- <!-- You can configure your own parameter builder to send parameters to your
SecurityDomainMatcher -->
- <!--
- <parametersBuilders>
- <agent:vhost-parameters-builder/>
- <agent:appctx-parameters-builder/>
- </parametersBuilders>
- -->
-
- </jb42:agent>
-
-</s:beans>
Copied:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-agent-config.xml
(from rev 13225,
modules/identity/trunk/sso/src/main/config/josso/conf/josso-agent-config.xml)
===================================================================
---
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-agent-config.xml
(rev 0)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-agent-config.xml 2009-04-20
19:54:45 UTC (rev 13240)
@@ -0,0 +1,119 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<!--
+ ~ JOSSO: Java Open Single Sign-On
+ ~
+ ~ Copyright 2004-2009, Atricore, Inc.
+ ~
+ ~ This is free software; you can redistribute it and/or modify it
+ ~ under the terms of the GNU Lesser General Public License as
+ ~ published by the Free Software Foundation; either version 2.1 of
+ ~ the License, or (at your option) any later version.
+ ~
+ ~ This software is distributed in the hope that it will be useful,
+ ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ ~ Lesser General Public License for more details.
+ ~
+ ~ You should have received a copy of the GNU Lesser General Public
+ ~ License along with this software; if not, write to the Free
+ ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ ~ 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ ~
+ -->
+
+<s:beans
xmlns:s="http://www.springframework.org/schema/beans"
+ xmlns:jb42="urn:org:josso:agent:jboss42"
+ xmlns:agent="urn:org:josso:agent:core"
+ xmlns:protocol="urn:org:josso:protocol:client"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
+ urn:org:josso:agent:jboss42
http://www.josso.org/schema/josso-jboss42-agent.xsd
+ urn:org:josso:agent:core
http://www.josso.org/schema/josso-agent.xsd
+ urn:org:josso:protocol:client
http://www.josso.org/schema/josso-protocol-client.xsd">
+
+ <jb42:agent name="josso-jboss42-agent"
sessionAccessMinInterval="1000" >
+
+ <!-- Gateway LOGIN and LOGOUT URLs -->
+
<gatewayLoginUrl>http://localhost:8080/josso/signon/login.do</gatewayLoginUrl>
+
<gatewayLogoutUrl>http://localhost:8080/josso/signon/logout.do</gatewayLogoutUrl>
+
+ <!-- Gateway service locator -->
+ <gatewayServiceLocator>
+ <!-- Other properties for ws-service-locator :
+ username, password, servicesWebContext, transportSecurity
+ -->
+ <protocol:ws-service-locator endpoint="localhost:8080" />
+ </gatewayServiceLocator>
+
+ <configuration>
+ <agent:agent-configuration>
+
+ <!--
============================================================================= -->
+ <!--
-->
+ <!-- JOSSO Parnter application definicions :
-->
+ <!--
-->
+ <!-- Configure all web applications that should be a josso partner
application -->
+ <!-- within this server.
-->
+ <!-- For each partner application you have to define the proper
web-context. -->
+ <!--
============================================================================= -->
+
+ <agent:partner-apps>
+ <agent:partner-app id="jboss_portal"
context="/portal"/>
+
+ <!-- Simple definition of a partner application -->
+ <!--
+ <agent:partner-app id="MySimplePartnerApp"
context="/simple-partnerapp"/>
+ -->
+
+ <!--
+ <agent:partner-app id="MyPartnerApp1"
context="/partnerapp" >
+ -->
+
+ <!-- The vhost is an ooptional feature:
+ Specify the Host/Virtual Host where this application is runnig
+ This is useful when configuring multiple security domains.
-->
+ <!-- vhost>localhost</vhost--> <!-- You can
configure this as a 'partner-app' element attribute as well -->
+
+ <!-- This is an optional feature :
+ You can reference any web resource collection that should not be
subject to SSO protection.
+ The SSO agent will not provide identity nor demand authentication
to requests matching the
+ security constraint associated to this web resource collections.
+ In order to work, the security constraint must not contain
auth-constraints declarations.
+ See sample web.xml file from josso partnerapp.
+ -->
+ <!--
+
<ignore-web-resource-collections>public-resources,img-resources</ignore-web-resource-collections>
+ -->
+
+ <!-- In addition to the standard JEE security, JOSSO can
propagate the security context using
+ alternative mechanisms, such as custom http headers, request
attributes and cookies, thus making it available
+ to applications which do not rely on JEE security APIs. -->
+ <!--
+ <security-context-propagation>
+ <agent:security-context-propagation-config
+ binding="HTTP_HEADERS"
+ userPlaceHolder="currentLoginName"
+ rolesPlaceHolder="currentUserRoles"/>
+ </security-context-propagation>
+ -->
+ <!--
+ </agent:partner-app>
+ -->
+
+ </agent:partner-apps>
+
+ </agent:agent-configuration>
+ </configuration>
+
+ <!-- Only useful when configuring multiple security domains -->
+ <!-- You can configure your own parameter builder to send parameters to your
SecurityDomainMatcher -->
+ <!--
+ <parametersBuilders>
+ <agent:vhost-parameters-builder/>
+ <agent:appctx-parameters-builder/>
+ </parametersBuilders>
+ -->
+
+ </jb42:agent>
+
+</s:beans>
Deleted:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-auth.xml
===================================================================
---
modules/identity/trunk/sso/src/main/config/josso/conf/josso-gateway-auth.xml 2009-04-17
03:25:33 UTC (rev 13225)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-auth.xml 2009-04-20
19:54:45 UTC (rev 13240)
@@ -1,133 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1" ?>
-<!--
- ~ JOSSO: Java Open Single Sign-On
- ~
- ~ Copyright 2004-2009, Atricore, Inc.
- ~
- ~ This is free software; you can redistribute it and/or modify it
- ~ under the terms of the GNU Lesser General Public License as
- ~ published by the Free Software Foundation; either version 2.1 of
- ~ the License, or (at your option) any later version.
- ~
- ~ This software is distributed in the hope that it will be useful,
- ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
- ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- ~ Lesser General Public License for more details.
- ~
- ~ You should have received a copy of the GNU Lesser General Public
- ~ License along with this software; if not, write to the Free
- ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- ~ 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
- ~
- -->
-
-<s:beans
xmlns:s="http://www.springframework.org/schema/beans"
- xmlns:basic-authscheme="urn:org:josso:basic:authscheme"
- xmlns:bind-authscheme="urn:org:josso:bind:authscheme"
- xmlns:ntlm-authscheme="urn:org:josso:ntlm:authscheme"
- xmlns:strong-authscheme="urn:org:josso:strong:authscheme"
- xmlns:rememberme-authscheme="urn:org:josso:rememberme:authscheme"
-
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="
-
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
- urn:org:josso:strong:authscheme
http://www.josso.org/schema/josso-strong-authscheme.xsd
- urn:org:josso:basic:authscheme
http://www.josso.org/schema/josso-basic-authscheme.xsd
- urn:org:josso:bind:authscheme
http://www.josso.org/schema/josso-bind-authscheme.xsd
- urn:org:josso:ntlm:authscheme
http://www.josso.org/schema/josso-ntlm-authscheme.xsd
- urn:org:josso:rememberme:authscheme
http://www.josso.org/schema/josso-rememberme-authscheme.xsd
- ">
-
- <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
- <!-- Basic Authentication Scheme -->
- <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
- <basic-authscheme:basic-auth-scheme
- id="josso-basic-authentication"
- hashAlgorithm="MD5"
- hashEncoding="HEX"
- ignorePasswordCase="false"
- ignoreUserCase="false">
-
- <basic-authscheme:credentialStore>
- <s:ref bean="josso-identity-store"/>
- </basic-authscheme:credentialStore>
-
- <basic-authscheme:credentialStoreKeyAdapter>
- <s:ref bean="josso-simple-key-adapter"/>
- </basic-authscheme:credentialStoreKeyAdapter>
-
- </basic-authscheme:basic-auth-scheme>
-
- <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
- <!-- Strong Authentication Scheme -->
- <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
-
- <strong-authscheme:strong-auth-scheme
- id="josso-strong-authentication">
-
- <strong-authscheme:credentialStore>
- <s:ref bean="josso-identity-store"/>
- </strong-authscheme:credentialStore>
-
- <strong-authscheme:credentialStoreKeyAdapter>
- <s:ref bean="josso-simple-key-adapter"/>
- </strong-authscheme:credentialStoreKeyAdapter>
-
- </strong-authscheme:strong-auth-scheme>
-
- <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
- <!-- Rememberme Authentication Scheme -->
- <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
- <rememberme-authscheme:rememberme-auth-scheme
- id="josso-rememberme-authentication" >
-
- <rememberme-authscheme:credentialStore>
- <s:ref bean="josso-identity-store"/>
- </rememberme-authscheme:credentialStore>
-
- <rememberme-authscheme:credentialStoreKeyAdapter>
- <s:ref bean="josso-simple-key-adapter"/>
- </rememberme-authscheme:credentialStoreKeyAdapter>
-
- </rememberme-authscheme:rememberme-auth-scheme>
-
- <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
- <!-- BIND Authentication Scheme (normally LDAP) -->
- <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
- <!-- Requires a be a bindalble credential store ! -->
- <!-- name attribute is important and must not be changed -->
- <bind-authscheme:bind-auth-scheme
- id="josso-bind-authentication"
- name="basic-authentication"
- hashAlgorithm="MD5"
- hashEncoding="HEX"
- ignorePasswordCase="false"
- ignoreUserCase="false">
-
-
- <bind-authscheme:credentialStore>
- <s:ref bean="josso-identity-store"/>
- </bind-authscheme:credentialStore>
-
- <bind-authscheme:credentialStoreKeyAdapter>
- <s:ref bean="josso-simple-key-adapter"/>
- </bind-authscheme:credentialStoreKeyAdapter>
-
- </bind-authscheme:bind-auth-scheme>
-
- <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
- <!-- NTLM Authentication Scheme -->
- <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
- <ntlm-authscheme:ntlm-auth-scheme
- id="josso-ntlm-authentication">
-
- <ntlm-authscheme:credentialStore>
- <s:ref bean="josso-identity-store"/>
- </ntlm-authscheme:credentialStore>
-
- <ntlm-authscheme:credentialStoreKeyAdapter>
- <s:ref bean="josso-simple-key-adapter"/>
- </ntlm-authscheme:credentialStoreKeyAdapter>
- </ntlm-authscheme:ntlm-auth-scheme>
-
-
-</s:beans>
\ No newline at end of file
Copied:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-auth.xml
(from rev 13225,
modules/identity/trunk/sso/src/main/config/josso/conf/josso-gateway-auth.xml)
===================================================================
---
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-auth.xml
(rev 0)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-auth.xml 2009-04-20
19:54:45 UTC (rev 13240)
@@ -0,0 +1,133 @@
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<!--
+ ~ JOSSO: Java Open Single Sign-On
+ ~
+ ~ Copyright 2004-2009, Atricore, Inc.
+ ~
+ ~ This is free software; you can redistribute it and/or modify it
+ ~ under the terms of the GNU Lesser General Public License as
+ ~ published by the Free Software Foundation; either version 2.1 of
+ ~ the License, or (at your option) any later version.
+ ~
+ ~ This software is distributed in the hope that it will be useful,
+ ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ ~ Lesser General Public License for more details.
+ ~
+ ~ You should have received a copy of the GNU Lesser General Public
+ ~ License along with this software; if not, write to the Free
+ ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ ~ 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ ~
+ -->
+
+<s:beans
xmlns:s="http://www.springframework.org/schema/beans"
+ xmlns:basic-authscheme="urn:org:josso:basic:authscheme"
+ xmlns:bind-authscheme="urn:org:josso:bind:authscheme"
+ xmlns:ntlm-authscheme="urn:org:josso:ntlm:authscheme"
+ xmlns:strong-authscheme="urn:org:josso:strong:authscheme"
+ xmlns:rememberme-authscheme="urn:org:josso:rememberme:authscheme"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="
+
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
+ urn:org:josso:strong:authscheme
http://www.josso.org/schema/josso-strong-authscheme.xsd
+ urn:org:josso:basic:authscheme
http://www.josso.org/schema/josso-basic-authscheme.xsd
+ urn:org:josso:bind:authscheme
http://www.josso.org/schema/josso-bind-authscheme.xsd
+ urn:org:josso:ntlm:authscheme
http://www.josso.org/schema/josso-ntlm-authscheme.xsd
+ urn:org:josso:rememberme:authscheme
http://www.josso.org/schema/josso-rememberme-authscheme.xsd
+ ">
+
+ <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+ <!-- Basic Authentication Scheme -->
+ <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+ <basic-authscheme:basic-auth-scheme
+ id="josso-basic-authentication"
+ hashAlgorithm="MD5"
+ hashEncoding="HEX"
+ ignorePasswordCase="false"
+ ignoreUserCase="false">
+
+ <basic-authscheme:credentialStore>
+ <s:ref bean="josso-identity-store"/>
+ </basic-authscheme:credentialStore>
+
+ <basic-authscheme:credentialStoreKeyAdapter>
+ <s:ref bean="josso-simple-key-adapter"/>
+ </basic-authscheme:credentialStoreKeyAdapter>
+
+ </basic-authscheme:basic-auth-scheme>
+
+ <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+ <!-- Strong Authentication Scheme -->
+ <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+
+ <strong-authscheme:strong-auth-scheme
+ id="josso-strong-authentication">
+
+ <strong-authscheme:credentialStore>
+ <s:ref bean="josso-identity-store"/>
+ </strong-authscheme:credentialStore>
+
+ <strong-authscheme:credentialStoreKeyAdapter>
+ <s:ref bean="josso-simple-key-adapter"/>
+ </strong-authscheme:credentialStoreKeyAdapter>
+
+ </strong-authscheme:strong-auth-scheme>
+
+ <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+ <!-- Rememberme Authentication Scheme -->
+ <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+ <rememberme-authscheme:rememberme-auth-scheme
+ id="josso-rememberme-authentication" >
+
+ <rememberme-authscheme:credentialStore>
+ <s:ref bean="josso-identity-store"/>
+ </rememberme-authscheme:credentialStore>
+
+ <rememberme-authscheme:credentialStoreKeyAdapter>
+ <s:ref bean="josso-simple-key-adapter"/>
+ </rememberme-authscheme:credentialStoreKeyAdapter>
+
+ </rememberme-authscheme:rememberme-auth-scheme>
+
+ <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+ <!-- BIND Authentication Scheme (normally LDAP) -->
+ <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+ <!-- Requires a be a bindalble credential store ! -->
+ <!-- name attribute is important and must not be changed -->
+ <bind-authscheme:bind-auth-scheme
+ id="josso-bind-authentication"
+ name="basic-authentication"
+ hashAlgorithm="MD5"
+ hashEncoding="HEX"
+ ignorePasswordCase="false"
+ ignoreUserCase="false">
+
+
+ <bind-authscheme:credentialStore>
+ <s:ref bean="josso-identity-store"/>
+ </bind-authscheme:credentialStore>
+
+ <bind-authscheme:credentialStoreKeyAdapter>
+ <s:ref bean="josso-simple-key-adapter"/>
+ </bind-authscheme:credentialStoreKeyAdapter>
+
+ </bind-authscheme:bind-auth-scheme>
+
+ <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+ <!-- NTLM Authentication Scheme -->
+ <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -->
+ <ntlm-authscheme:ntlm-auth-scheme
+ id="josso-ntlm-authentication">
+
+ <ntlm-authscheme:credentialStore>
+ <s:ref bean="josso-identity-store"/>
+ </ntlm-authscheme:credentialStore>
+
+ <ntlm-authscheme:credentialStoreKeyAdapter>
+ <s:ref bean="josso-simple-key-adapter"/>
+ </ntlm-authscheme:credentialStoreKeyAdapter>
+ </ntlm-authscheme:ntlm-auth-scheme>
+
+
+</s:beans>
\ No newline at end of file
Deleted:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-config.xml
===================================================================
---
modules/identity/trunk/sso/src/main/config/josso/conf/josso-gateway-config.xml 2009-04-17
03:25:33 UTC (rev 13225)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-config.xml 2009-04-20
19:54:45 UTC (rev 13240)
@@ -1,315 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1" ?>
-<!--
- ~ JOSSO: Java Open Single Sign-On
- ~
- ~ Copyright 2004-2009, Atricore, Inc.
- ~
- ~ This is free software; you can redistribute it and/or modify it
- ~ under the terms of the GNU Lesser General Public License as
- ~ published by the Free Software Foundation; either version 2.1 of
- ~ the License, or (at your option) any later version.
- ~
- ~ This software is distributed in the hope that it will be useful,
- ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
- ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- ~ Lesser General Public License for more details.
- ~
- ~ You should have received a copy of the GNU Lesser General Public
- ~ License along with this software; if not, write to the Free
- ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- ~ 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
- ~
- -->
-
-<s:beans
xmlns:s="http://www.springframework.org/schema/beans"
- xmlns="urn:org:josso:core"
- xmlns:def-sdselector="urn:org:josso:default:secdomainselector"
- xmlns:def-sdregistry="urn:org:josso:default:secdomainregistry"
- xmlns:simple-sdmatcher="urn:org:josso:simple:secdomainmatcher"
- xmlns:vhost-sdmatcher="urn:org:josso:vhost:secdomainmatcher"
- xmlns:appcxt-sdmatcher="urn:org:josso:appctx:secdomainmatcher"
- xmlns:def-auth="urn:org:josso:default:authenticator"
- xmlns:basic-authscheme="urn:org:josso:basic:authscheme"
- xmlns:bind-authscheme="urn:org:josso:bind:authscheme"
- xmlns:ntlm-authscheme="urn:org:josso:ntlm:authscheme"
- xmlns:strong-authscheme="urn:org:josso:strong:authscheme"
- xmlns:memory-istore="urn:org:josso:memory:identitystore"
- xmlns:def-identitymgr="urn:org:josso:default:identitymgr"
- xmlns:def-identityprv="urn:org:josso:default:identityprovider"
- xmlns:def-sessionmgr="urn:org:josso:default:sessionmgr"
- xmlns:memory-sstore="urn:org:josso:memory:sessionstore"
- xmlns:def-sidgen="urn:org:josso:default:sessionidgen"
- xmlns:def-assertionmgr="urn:org:josso:default:assertionmgr"
- xmlns:memory-astore="urn:org:josso:memory:assertionstore"
- xmlns:def-aidgen="urn:org:josso:default:assertionidgen"
- xmlns:def-auditmgr="urn:org:josso:default:auditmgr"
- xmlns:logger-atrailhandler="urn:org:josso:logger:audittrailhandler"
- xmlns:def-eventmgr="urn:org:josso:default:eventmgr"
- xmlns:def-pwdmgr="urn:org:josso:default:passwordmgr"
- xmlns:def-pwdgen="urn:org:josso:default:passwordgenerator"
- xmlns:email-pwddist="urn:org:josso:email:passworddistributor"
- xmlns:simple-lostpwd="urn:org:josso:simple:lostpasswordprocess"
-
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="
-
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
- urn:org:josso:core
http://www.josso.org/schema/josso-core.xsd
- urn:org:josso:default:secdomainselector
http://www.josso.org/schema/josso-default-secdomainselector.xsd
- urn:org:josso:default:secdomainregistry
http://www.josso.org/schema/josso-default-secdomainregistry.xsd
- urn:org:josso:simple:secdomainmatcher
http://www.josso.org/schema/josso-simple-secdomainmatcher.xsd
- urn:org:josso:vhost:secdomainmatcher
http://www.josso.org/schema/josso-vhost-secdomainmatcher.xsd
- urn:org:josso:appctx:secdomainmatcher
http://www.josso.org/schema/josso-appctx-secdomainmatcher.xsd
- urn:org:josso:default:authenticator
http://www.josso.org/schema/josso-default-authenticator.xsd
- urn:org:josso:basic:authscheme
http://www.josso.org/schema/josso-basic-authscheme.xsd
- urn:org:josso:bind:authscheme
http://www.josso.org/schema/josso-bind-authscheme.xsd
- urn:org:josso:ntlm:authscheme
http://www.josso.org/schema/josso-ntlm-authscheme.xsd
- urn:org:josso:strong:authscheme
http://www.josso.org/schema/josso-strong-authscheme.xsd
- urn:org:josso:memory:identitystore
http://www.josso.org/schema/josso-memory-identitystore.xsd
- urn:org:josso:default:identitymgr
http://www.josso.org/schema/josso-default-identitymgr.xsd
- urn:org:josso:default:identityprovider
http://www.josso.org/schema/josso-default-identityprovider.xsd
- urn:org:josso:default:sessionmgr
http://www.josso.org/schema/josso-default-sessionmgr.xsd
- urn:org:josso:memory:sessionstore
http://www.josso.org/schema/josso-memory-sessionstore.xsd
- urn:org:josso:default:sessionidgen
http://www.josso.org/schema/josso-default-sessionidgen.xsd
- urn:org:josso:default:assertionmgr
http://www.josso.org/schema/josso-default-assertionmgr.xsd
- urn:org:josso:memory:assertionstore
http://www.josso.org/schema/josso-memory-assertionstore.xsd
- urn:org:josso:default:assertionidgen
http://www.josso.org/schema/josso-default-assertionidgen.xsd
- urn:org:josso:default:auditmgr
http://www.josso.org/schema/josso-default-auditmgr.xsd
- urn:org:josso:logger:audittrailhandler
http://www.josso.org/schema/josso-logger-audittrailhandler.xsd
- urn:org:josso:default:eventmgr
http://www.josso.org/schema/josso-default-eventmgr.xsd
- urn:org:josso:default:passwordmgr
http://www.josso.org/schema/josso-default-passwordmanager.xsd
- urn:org:josso:default:passwordgenerator
http://www.josso.org/schema/josso-default-passwordgenerator.xsd
- urn:org:josso:email:passworddistributor
http://www.josso.org/schema/josso-email-passworddistributor.xsd
- urn:org:josso:simple:lostpasswordprocess
http://www.josso.org/schema/josso-simple-lostpasswordprocess.xsd">
-
- <!-- ================================================================== -->
- <!-- JOSSO Gateway Configuration using Spring + XBean -->
- <!-- -->
- <!-- since JOSSO 1.8 -->
- <!-- ================================================================== -->
-
- <!-- To keep things organized when using multiple security domains, prepend the
domain name
- to component ids, in our case all componetes use the 'josso' prefix -->
-
- <!-- ================================================================== -->
- <!-- Some components are configured in different files to make -->
- <!-- configuraiton easier -->
- <!-- ================================================================== -->
-
- <!-- Authentication schemes configuration -->
- <s:import resource="josso-gateway-auth.xml"/>
-
- <!-- SSO Self services configuration -->
- <s:import resource="josso-gateway-selfservices.xml"/>
-
- <!-- Identity, Session and Assertion Stores configuration -->
- <s:import resource="josso-gateway-portal-stores.xml" />
- <!--
- <s:import resource="josso-gateway-memory-stores.xml" />
- <s:import resource="josso-gateway-db-stores.xml" />
- <s:import resource="josso-gateway-ldap-stores.xml" />
- -->
-
- <!-- Web configuration (login form, etc) -->
- <s:import resource="josso-gateway-web.xml" />
-
- <!-- JMX, used internally -->
- <s:import resource="josso-gateway-jmx.xml" />
-
- <!-- ================================================================== -->
- <!-- Here we define gateway core structure -->
- <!-- ================================================================== -->
- <gateway>
-
- <sso-domain-selector>
- <def-sdselector:default-domain-selector/>
- </sso-domain-selector>
-
- <sso-domains-registry>
- <def-sdregistry:default-domains-registry/>
- </sso-domains-registry>
-
- <!-- =====================================================================
-->
- <!-- SSO Security Domains, here we have only one domain configured : josso
-->
- <!-- Most components are configured elsewhere and referenced here to make
-->
- <!-- configuration easier.
-->
- <!--
-->
- <!-- Unless you have multimple security domains, you will not need to
-->
- <!-- change this part
-->
- <!-- =====================================================================
-->
- <domains>
- <s:ref bean="josso"/>
- </domains>
-
- </gateway>
-
-
- <!-- JOSSO Default security domain -->
- <domain name="josso" type="web">
-
- <sso-web-configuration>
- <s:ref bean="josso-web-configuraiton"/>
- </sso-web-configuration>
-
- <matchers>
- <simple-sdmatcher:simple-matcher/>
- </matchers>
-
- <authenticator>
- <s:ref bean="josso-authenticator"/>
- </authenticator>
-
- <identity-manager>
- <s:ref bean="josso-identity-manager"/>
- </identity-manager>
-
- <session-manager>
- <s:ref bean="josso-session-manager"/>
- </session-manager>
-
- <assertion-manager>
- <s:ref bean="josso-assertion-manager"/>
- </assertion-manager>
-
- <identity-provider>
- <s:ref bean="josso-identity-provider"/>
- </identity-provider>
-
- <audit-manager>
- <s:ref bean="josso-audit-manager"/>
- </audit-manager>
-
- <event-manager>
- <s:ref bean="josso-event-manager"/>
- </event-manager>
-
- <!-- Only needed when using NTLM -->
- <protocol-manager>
- <s:ref bean="josso-protocol-manager"/>
- </protocol-manager>
-
- <!-- Only neede for self-services (lost password, etc). -->
- <password-manager>
- <s:ref bean="josso-password-manager"/>
- </password-manager>
-
- </domain>
-
-
- <!-- ===================================================================== -->
- <!-- SSO Authenticator, all authentication schemes must be configured here -->
- <!-- ===================================================================== -->
- <def-auth:authenticator id="josso-authenticator">
- <def-auth:schemes>
- <s:ref bean="josso-bind-authentication"/>
- <!--
- <s:ref bean="josso-basic-authentication"/>
- <s:ref bean="josso-strong-authentication"/>
- <s:ref bean="josso-rememberme-authentication"/>
- -->
- <!-- Others like NTLM and BIND go here -->
- <!--
- <s:ref bean="josso-bind-authentication"/>
- -->
- </def-auth:schemes>
- </def-auth:authenticator>
-
- <!-- ===================================================================== -->
- <!-- SSO Identity manager, referencing identity store -->
- <!-- ===================================================================== -->
- <def-identitymgr:identity-manager id="josso-identity-manager">
-
- <def-identitymgr:identityStore>
- <s:ref bean="josso-identity-store"/>
- </def-identitymgr:identityStore>
-
- <def-identitymgr:identityStoreKeyAdapter>
- <s:ref bean="josso-simple-key-adapter"/>
- </def-identitymgr:identityStoreKeyAdapter>
-
- </def-identitymgr:identity-manager>
-
- <!-- ===================================================================== -->
- <!-- SSO Identity provider -->
- <!-- ===================================================================== -->
- <def-identityprv:identity-provider id="josso-identity-provider"/>
-
- <!-- ===================================================================== -->
- <!-- SSO Session manager, referencing session store -->
- <!-- ===================================================================== -->
- <def-sessionmgr:session-manager id="josso-session-manager"
- maxInactiveInterval="30"
- maxSessionsPerUser="-1"
- invalidateExceedingSessions="false"
- sessionMonitorInterval="10000">
-
- <def-sessionmgr:session-id-generator>
- <def-sidgen:id-generator algorithm="MD5"/>
- </def-sessionmgr:session-id-generator>
-
- <def-sessionmgr:session-store>
- <s:ref bean="josso-session-store"/>
- </def-sessionmgr:session-store>
-
- </def-sessionmgr:session-manager>
-
- <!-- ===================================================================== -->
- <!-- SSO Assertion anager, referencing assertion store -->
- <!-- ===================================================================== -->
- <def-assertionmgr:assertion-manager id="josso-assertion-manager">
-
- <def-assertionmgr:assertion-id-generator>
- <def-aidgen:id-generator/>
- </def-assertionmgr:assertion-id-generator>
-
- <def-assertionmgr:assertion-store>
- <s:ref bean="josso-assertion-store"/>
- </def-assertionmgr:assertion-store>
-
- </def-assertionmgr:assertion-manager>
-
- <!-- ===================================================================== -->
- <!-- SSO Audit Manager with audit trail handlers -->
- <!-- ===================================================================== -->
- <def-auditmgr:audit-manager id="josso-audit-manager">
-
- <!-- Audit Trail Handlers list -->
- <def-auditmgr:handlers>
- <logger-atrailhandler:audittrail-logger
category="org.josso.AUDIT"/>
- </def-auditmgr:handlers>
-
- </def-auditmgr:audit-manager>
-
- <!-- ===================================================================== -->
- <!-- SSO Protocol Manager with handlers -->
- <!-- ===================================================================== -->
- <default-protocol-manager id="josso-protocol-manager">
- <!-- To enable NTLM, uncomment this :
- <handlers>
- <ntlm-authscheme:ntlm-protocol-handler/>
- </handlers>
- -->
- </default-protocol-manager>
-
- <!-- ===================================================================== -->
- <!-- SSO Event manager, based on spring jmx -->
- <!-- ===================================================================== -->
- <def-eventmgr:springjmx-event-manager id="josso-event-manager">
- <def-eventmgr:listeners>
- <s:ref bean="josso-audit-manager"/>
- </def-eventmgr:listeners>
- </def-eventmgr:springjmx-event-manager>
-
- <!-- ===================================================================== -->
- <!-- SSO Simple key addapter used in several components -->
- <!-- ===================================================================== -->
- <simple-key-adapter id="josso-simple-key-adapter"/>
-
- <!-- ===================================================================== -->
- <!-- Spring Mail Sender bean. Configure mail delivery settings here -->
- <!-- ===================================================================== -->
- <s:bean id="josso-spring-mailsender"
class="org.springframework.mail.javamail.JavaMailSenderImpl">
- <!-- Spring JavaMaileSender properties :
- protocol, host, port, username, password -->
- <s:property name="host" value="mail.mycompany.com"/>
- </s:bean>
-
-</s:beans>
Copied:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-config.xml
(from rev 13225,
modules/identity/trunk/sso/src/main/config/josso/conf/josso-gateway-config.xml)
===================================================================
---
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-config.xml
(rev 0)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-config.xml 2009-04-20
19:54:45 UTC (rev 13240)
@@ -0,0 +1,315 @@
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<!--
+ ~ JOSSO: Java Open Single Sign-On
+ ~
+ ~ Copyright 2004-2009, Atricore, Inc.
+ ~
+ ~ This is free software; you can redistribute it and/or modify it
+ ~ under the terms of the GNU Lesser General Public License as
+ ~ published by the Free Software Foundation; either version 2.1 of
+ ~ the License, or (at your option) any later version.
+ ~
+ ~ This software is distributed in the hope that it will be useful,
+ ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ ~ Lesser General Public License for more details.
+ ~
+ ~ You should have received a copy of the GNU Lesser General Public
+ ~ License along with this software; if not, write to the Free
+ ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ ~ 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ ~
+ -->
+
+<s:beans
xmlns:s="http://www.springframework.org/schema/beans"
+ xmlns="urn:org:josso:core"
+ xmlns:def-sdselector="urn:org:josso:default:secdomainselector"
+ xmlns:def-sdregistry="urn:org:josso:default:secdomainregistry"
+ xmlns:simple-sdmatcher="urn:org:josso:simple:secdomainmatcher"
+ xmlns:vhost-sdmatcher="urn:org:josso:vhost:secdomainmatcher"
+ xmlns:appcxt-sdmatcher="urn:org:josso:appctx:secdomainmatcher"
+ xmlns:def-auth="urn:org:josso:default:authenticator"
+ xmlns:basic-authscheme="urn:org:josso:basic:authscheme"
+ xmlns:bind-authscheme="urn:org:josso:bind:authscheme"
+ xmlns:ntlm-authscheme="urn:org:josso:ntlm:authscheme"
+ xmlns:strong-authscheme="urn:org:josso:strong:authscheme"
+ xmlns:memory-istore="urn:org:josso:memory:identitystore"
+ xmlns:def-identitymgr="urn:org:josso:default:identitymgr"
+ xmlns:def-identityprv="urn:org:josso:default:identityprovider"
+ xmlns:def-sessionmgr="urn:org:josso:default:sessionmgr"
+ xmlns:memory-sstore="urn:org:josso:memory:sessionstore"
+ xmlns:def-sidgen="urn:org:josso:default:sessionidgen"
+ xmlns:def-assertionmgr="urn:org:josso:default:assertionmgr"
+ xmlns:memory-astore="urn:org:josso:memory:assertionstore"
+ xmlns:def-aidgen="urn:org:josso:default:assertionidgen"
+ xmlns:def-auditmgr="urn:org:josso:default:auditmgr"
+ xmlns:logger-atrailhandler="urn:org:josso:logger:audittrailhandler"
+ xmlns:def-eventmgr="urn:org:josso:default:eventmgr"
+ xmlns:def-pwdmgr="urn:org:josso:default:passwordmgr"
+ xmlns:def-pwdgen="urn:org:josso:default:passwordgenerator"
+ xmlns:email-pwddist="urn:org:josso:email:passworddistributor"
+ xmlns:simple-lostpwd="urn:org:josso:simple:lostpasswordprocess"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="
+
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
+ urn:org:josso:core
http://www.josso.org/schema/josso-core.xsd
+ urn:org:josso:default:secdomainselector
http://www.josso.org/schema/josso-default-secdomainselector.xsd
+ urn:org:josso:default:secdomainregistry
http://www.josso.org/schema/josso-default-secdomainregistry.xsd
+ urn:org:josso:simple:secdomainmatcher
http://www.josso.org/schema/josso-simple-secdomainmatcher.xsd
+ urn:org:josso:vhost:secdomainmatcher
http://www.josso.org/schema/josso-vhost-secdomainmatcher.xsd
+ urn:org:josso:appctx:secdomainmatcher
http://www.josso.org/schema/josso-appctx-secdomainmatcher.xsd
+ urn:org:josso:default:authenticator
http://www.josso.org/schema/josso-default-authenticator.xsd
+ urn:org:josso:basic:authscheme
http://www.josso.org/schema/josso-basic-authscheme.xsd
+ urn:org:josso:bind:authscheme
http://www.josso.org/schema/josso-bind-authscheme.xsd
+ urn:org:josso:ntlm:authscheme
http://www.josso.org/schema/josso-ntlm-authscheme.xsd
+ urn:org:josso:strong:authscheme
http://www.josso.org/schema/josso-strong-authscheme.xsd
+ urn:org:josso:memory:identitystore
http://www.josso.org/schema/josso-memory-identitystore.xsd
+ urn:org:josso:default:identitymgr
http://www.josso.org/schema/josso-default-identitymgr.xsd
+ urn:org:josso:default:identityprovider
http://www.josso.org/schema/josso-default-identityprovider.xsd
+ urn:org:josso:default:sessionmgr
http://www.josso.org/schema/josso-default-sessionmgr.xsd
+ urn:org:josso:memory:sessionstore
http://www.josso.org/schema/josso-memory-sessionstore.xsd
+ urn:org:josso:default:sessionidgen
http://www.josso.org/schema/josso-default-sessionidgen.xsd
+ urn:org:josso:default:assertionmgr
http://www.josso.org/schema/josso-default-assertionmgr.xsd
+ urn:org:josso:memory:assertionstore
http://www.josso.org/schema/josso-memory-assertionstore.xsd
+ urn:org:josso:default:assertionidgen
http://www.josso.org/schema/josso-default-assertionidgen.xsd
+ urn:org:josso:default:auditmgr
http://www.josso.org/schema/josso-default-auditmgr.xsd
+ urn:org:josso:logger:audittrailhandler
http://www.josso.org/schema/josso-logger-audittrailhandler.xsd
+ urn:org:josso:default:eventmgr
http://www.josso.org/schema/josso-default-eventmgr.xsd
+ urn:org:josso:default:passwordmgr
http://www.josso.org/schema/josso-default-passwordmanager.xsd
+ urn:org:josso:default:passwordgenerator
http://www.josso.org/schema/josso-default-passwordgenerator.xsd
+ urn:org:josso:email:passworddistributor
http://www.josso.org/schema/josso-email-passworddistributor.xsd
+ urn:org:josso:simple:lostpasswordprocess
http://www.josso.org/schema/josso-simple-lostpasswordprocess.xsd">
+
+ <!-- ================================================================== -->
+ <!-- JOSSO Gateway Configuration using Spring + XBean -->
+ <!-- -->
+ <!-- since JOSSO 1.8 -->
+ <!-- ================================================================== -->
+
+ <!-- To keep things organized when using multiple security domains, prepend the
domain name
+ to component ids, in our case all componetes use the 'josso' prefix -->
+
+ <!-- ================================================================== -->
+ <!-- Some components are configured in different files to make -->
+ <!-- configuraiton easier -->
+ <!-- ================================================================== -->
+
+ <!-- Authentication schemes configuration -->
+ <s:import resource="josso-gateway-auth.xml"/>
+
+ <!-- SSO Self services configuration -->
+ <s:import resource="josso-gateway-selfservices.xml"/>
+
+ <!-- Identity, Session and Assertion Stores configuration -->
+ <s:import resource="josso-gateway-portal-stores.xml" />
+ <!--
+ <s:import resource="josso-gateway-memory-stores.xml" />
+ <s:import resource="josso-gateway-db-stores.xml" />
+ <s:import resource="josso-gateway-ldap-stores.xml" />
+ -->
+
+ <!-- Web configuration (login form, etc) -->
+ <s:import resource="josso-gateway-web.xml" />
+
+ <!-- JMX, used internally -->
+ <s:import resource="josso-gateway-jmx.xml" />
+
+ <!-- ================================================================== -->
+ <!-- Here we define gateway core structure -->
+ <!-- ================================================================== -->
+ <gateway>
+
+ <sso-domain-selector>
+ <def-sdselector:default-domain-selector/>
+ </sso-domain-selector>
+
+ <sso-domains-registry>
+ <def-sdregistry:default-domains-registry/>
+ </sso-domains-registry>
+
+ <!-- =====================================================================
-->
+ <!-- SSO Security Domains, here we have only one domain configured : josso
-->
+ <!-- Most components are configured elsewhere and referenced here to make
-->
+ <!-- configuration easier.
-->
+ <!--
-->
+ <!-- Unless you have multimple security domains, you will not need to
-->
+ <!-- change this part
-->
+ <!-- =====================================================================
-->
+ <domains>
+ <s:ref bean="josso"/>
+ </domains>
+
+ </gateway>
+
+
+ <!-- JOSSO Default security domain -->
+ <domain name="josso" type="web">
+
+ <sso-web-configuration>
+ <s:ref bean="josso-web-configuraiton"/>
+ </sso-web-configuration>
+
+ <matchers>
+ <simple-sdmatcher:simple-matcher/>
+ </matchers>
+
+ <authenticator>
+ <s:ref bean="josso-authenticator"/>
+ </authenticator>
+
+ <identity-manager>
+ <s:ref bean="josso-identity-manager"/>
+ </identity-manager>
+
+ <session-manager>
+ <s:ref bean="josso-session-manager"/>
+ </session-manager>
+
+ <assertion-manager>
+ <s:ref bean="josso-assertion-manager"/>
+ </assertion-manager>
+
+ <identity-provider>
+ <s:ref bean="josso-identity-provider"/>
+ </identity-provider>
+
+ <audit-manager>
+ <s:ref bean="josso-audit-manager"/>
+ </audit-manager>
+
+ <event-manager>
+ <s:ref bean="josso-event-manager"/>
+ </event-manager>
+
+ <!-- Only needed when using NTLM -->
+ <protocol-manager>
+ <s:ref bean="josso-protocol-manager"/>
+ </protocol-manager>
+
+ <!-- Only neede for self-services (lost password, etc). -->
+ <password-manager>
+ <s:ref bean="josso-password-manager"/>
+ </password-manager>
+
+ </domain>
+
+
+ <!-- ===================================================================== -->
+ <!-- SSO Authenticator, all authentication schemes must be configured here -->
+ <!-- ===================================================================== -->
+ <def-auth:authenticator id="josso-authenticator">
+ <def-auth:schemes>
+ <s:ref bean="josso-bind-authentication"/>
+ <!--
+ <s:ref bean="josso-basic-authentication"/>
+ <s:ref bean="josso-strong-authentication"/>
+ <s:ref bean="josso-rememberme-authentication"/>
+ -->
+ <!-- Others like NTLM and BIND go here -->
+ <!--
+ <s:ref bean="josso-bind-authentication"/>
+ -->
+ </def-auth:schemes>
+ </def-auth:authenticator>
+
+ <!-- ===================================================================== -->
+ <!-- SSO Identity manager, referencing identity store -->
+ <!-- ===================================================================== -->
+ <def-identitymgr:identity-manager id="josso-identity-manager">
+
+ <def-identitymgr:identityStore>
+ <s:ref bean="josso-identity-store"/>
+ </def-identitymgr:identityStore>
+
+ <def-identitymgr:identityStoreKeyAdapter>
+ <s:ref bean="josso-simple-key-adapter"/>
+ </def-identitymgr:identityStoreKeyAdapter>
+
+ </def-identitymgr:identity-manager>
+
+ <!-- ===================================================================== -->
+ <!-- SSO Identity provider -->
+ <!-- ===================================================================== -->
+ <def-identityprv:identity-provider id="josso-identity-provider"/>
+
+ <!-- ===================================================================== -->
+ <!-- SSO Session manager, referencing session store -->
+ <!-- ===================================================================== -->
+ <def-sessionmgr:session-manager id="josso-session-manager"
+ maxInactiveInterval="30"
+ maxSessionsPerUser="-1"
+ invalidateExceedingSessions="false"
+ sessionMonitorInterval="10000">
+
+ <def-sessionmgr:session-id-generator>
+ <def-sidgen:id-generator algorithm="MD5"/>
+ </def-sessionmgr:session-id-generator>
+
+ <def-sessionmgr:session-store>
+ <s:ref bean="josso-session-store"/>
+ </def-sessionmgr:session-store>
+
+ </def-sessionmgr:session-manager>
+
+ <!-- ===================================================================== -->
+ <!-- SSO Assertion anager, referencing assertion store -->
+ <!-- ===================================================================== -->
+ <def-assertionmgr:assertion-manager id="josso-assertion-manager">
+
+ <def-assertionmgr:assertion-id-generator>
+ <def-aidgen:id-generator/>
+ </def-assertionmgr:assertion-id-generator>
+
+ <def-assertionmgr:assertion-store>
+ <s:ref bean="josso-assertion-store"/>
+ </def-assertionmgr:assertion-store>
+
+ </def-assertionmgr:assertion-manager>
+
+ <!-- ===================================================================== -->
+ <!-- SSO Audit Manager with audit trail handlers -->
+ <!-- ===================================================================== -->
+ <def-auditmgr:audit-manager id="josso-audit-manager">
+
+ <!-- Audit Trail Handlers list -->
+ <def-auditmgr:handlers>
+ <logger-atrailhandler:audittrail-logger
category="org.josso.AUDIT"/>
+ </def-auditmgr:handlers>
+
+ </def-auditmgr:audit-manager>
+
+ <!-- ===================================================================== -->
+ <!-- SSO Protocol Manager with handlers -->
+ <!-- ===================================================================== -->
+ <default-protocol-manager id="josso-protocol-manager">
+ <!-- To enable NTLM, uncomment this :
+ <handlers>
+ <ntlm-authscheme:ntlm-protocol-handler/>
+ </handlers>
+ -->
+ </default-protocol-manager>
+
+ <!-- ===================================================================== -->
+ <!-- SSO Event manager, based on spring jmx -->
+ <!-- ===================================================================== -->
+ <def-eventmgr:springjmx-event-manager id="josso-event-manager">
+ <def-eventmgr:listeners>
+ <s:ref bean="josso-audit-manager"/>
+ </def-eventmgr:listeners>
+ </def-eventmgr:springjmx-event-manager>
+
+ <!-- ===================================================================== -->
+ <!-- SSO Simple key addapter used in several components -->
+ <!-- ===================================================================== -->
+ <simple-key-adapter id="josso-simple-key-adapter"/>
+
+ <!-- ===================================================================== -->
+ <!-- Spring Mail Sender bean. Configure mail delivery settings here -->
+ <!-- ===================================================================== -->
+ <s:bean id="josso-spring-mailsender"
class="org.springframework.mail.javamail.JavaMailSenderImpl">
+ <!-- Spring JavaMaileSender properties :
+ protocol, host, port, username, password -->
+ <s:property name="host" value="mail.mycompany.com"/>
+ </s:bean>
+
+</s:beans>
Deleted:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-portal-stores.xml
===================================================================
---
modules/identity/trunk/sso/src/main/config/josso/conf/josso-gateway-portal-stores.xml 2009-04-17
03:25:33 UTC (rev 13225)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-portal-stores.xml 2009-04-20
19:54:45 UTC (rev 13240)
@@ -1,52 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1" ?>
-<!--
- ~ JOSSO: Java Open Single Sign-On
- ~
- ~ Copyright 2004-2009, Atricore, Inc.
- ~
- ~ This is free software; you can redistribute it and/or modify it
- ~ under the terms of the GNU Lesser General Public License as
- ~ published by the Free Software Foundation; either version 2.1 of
- ~ the License, or (at your option) any later version.
- ~
- ~ This software is distributed in the hope that it will be useful,
- ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
- ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- ~ Lesser General Public License for more details.
- ~
- ~ You should have received a copy of the GNU Lesser General Public
- ~ License along with this software; if not, write to the Free
- ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- ~ 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
- ~
- -->
-
-<s:beans
xmlns:s="http://www.springframework.org/schema/beans"
- xmlns:portal-istore="urn:org:jboss:portal:josso:identitystore"
- xmlns:memory-sstore="urn:org:josso:memory:sessionstore"
- xmlns:memory-astore="urn:org:josso:memory:assertionstore"
-
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="
-
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
- urn:org:josso:memory:sessionstore
http://www.josso.org/schema/josso-memory-sessionstore.xsd
- urn:org:josso:memory:assertionstore
http://www.josso.org/schema/josso-memory-assertionstore.xsd
- ">
- <!-- ===================================================================== -->
- <!-- JOSSO Identity Store, the id is very important because it is -->
- <!-- referenced by the identity manager, auth schemes and who knows where -->
- <!-- else. -->
- <!-- ===================================================================== -->
- <portal-istore:portal-store id="josso-identity-store"
s:scope="singleton"/>
-
- <!-- ===================================================================== -->
- <!-- JOSSO Session Store, the id is very important because it is -->
- <!-- referenced by the session manager and who knows where else -->
- <!-- ===================================================================== -->
- <memory-sstore:memory-store id="josso-session-store"/>
-
- <!-- ===================================================================== -->
- <!-- JOSSO Assertion Store, the id is very important because it is -->
- <!-- referenced by the assertion manager and who knows where elese -->
- <!-- ===================================================================== -->
- <memory-astore:memory-store id="josso-assertion-store"/>
-</s:beans>
Copied:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-portal-stores.xml
(from rev 13225,
modules/identity/trunk/sso/src/main/config/josso/conf/josso-gateway-portal-stores.xml)
===================================================================
---
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-portal-stores.xml
(rev 0)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/josso-gateway-portal-stores.xml 2009-04-20
19:54:45 UTC (rev 13240)
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<!--
+ ~ JOSSO: Java Open Single Sign-On
+ ~
+ ~ Copyright 2004-2009, Atricore, Inc.
+ ~
+ ~ This is free software; you can redistribute it and/or modify it
+ ~ under the terms of the GNU Lesser General Public License as
+ ~ published by the Free Software Foundation; either version 2.1 of
+ ~ the License, or (at your option) any later version.
+ ~
+ ~ This software is distributed in the hope that it will be useful,
+ ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ ~ Lesser General Public License for more details.
+ ~
+ ~ You should have received a copy of the GNU Lesser General Public
+ ~ License along with this software; if not, write to the Free
+ ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ ~ 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ ~
+ -->
+
+<s:beans
xmlns:s="http://www.springframework.org/schema/beans"
+ xmlns:portal-istore="urn:org:jboss:portal:josso:identitystore"
+ xmlns:memory-sstore="urn:org:josso:memory:sessionstore"
+ xmlns:memory-astore="urn:org:josso:memory:assertionstore"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="
+
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
+ urn:org:josso:memory:sessionstore
http://www.josso.org/schema/josso-memory-sessionstore.xsd
+ urn:org:josso:memory:assertionstore
http://www.josso.org/schema/josso-memory-assertionstore.xsd
+ ">
+ <!-- ===================================================================== -->
+ <!-- JOSSO Identity Store, the id is very important because it is -->
+ <!-- referenced by the identity manager, auth schemes and who knows where -->
+ <!-- else. -->
+ <!-- ===================================================================== -->
+ <portal-istore:portal-store id="josso-identity-store"
s:scope="singleton"/>
+
+ <!-- ===================================================================== -->
+ <!-- JOSSO Session Store, the id is very important because it is -->
+ <!-- referenced by the session manager and who knows where else -->
+ <!-- ===================================================================== -->
+ <memory-sstore:memory-store id="josso-session-store"/>
+
+ <!-- ===================================================================== -->
+ <!-- JOSSO Assertion Store, the id is very important because it is -->
+ <!-- referenced by the assertion manager and who knows where elese -->
+ <!-- ===================================================================== -->
+ <memory-astore:memory-store id="josso-assertion-store"/>
+</s:beans>
Deleted:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/login-config.xml
===================================================================
--- modules/identity/trunk/sso/src/main/config/josso/conf/login-config.xml 2009-04-17
03:25:33 UTC (rev 13225)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/login-config.xml 2009-04-20
19:54:45 UTC (rev 13240)
@@ -1,152 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?><!-- The XML based
JAAS login configuration read by the
-org.jboss.security.auth.login.XMLLoginConfig mbean. Add
-an application-policy element for each security domain.
-
-The outline of the application-policy is:
-<application-policy name="security-domain-name">
- <authentication>
- <login-module code="login.module1.class.name"
flag="control_flag">
- <module-option name =
"option1-name">option1-value</module-option>
- <module-option name =
"option2-name">option2-value</module-option>
- ...
- </login-module>
-
- <login-module code="login.module2.class.name"
flag="control_flag">
- ...
- </login-module>
- ...
- </authentication>
-</application-policy>
-
-$Revision: 64598 $
---><policy>
- <!-- Used by clients within the application server VM such as
- mbeans and servlets that access EJBs.
- -->
- <application-policy name="client-login">
- <authentication>
- <login-module code="org.jboss.security.ClientLoginModule"
flag="required">
- <!-- Any existing security context will be restored on logout -->
- <module-option
name="restore-login-identity">true</module-option>
- </login-module>
- </authentication>
- </application-policy>
-
- <!-- Security domain for JBossMQ -->
- <application-policy name="jbossmq">
- <authentication>
- <login-module
code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag="required">
- <module-option
name="unauthenticatedIdentity">guest</module-option>
- <module-option
name="dsJndiName">java:/DefaultDS</module-option>
- <module-option name="principalsQuery">SELECT PASSWD FROM
JMS_USERS WHERE USERID=?</module-option>
- <module-option name="rolesQuery">SELECT ROLEID,
'Roles' FROM JMS_ROLES WHERE USERID=?</module-option>
- </login-module>
- </authentication>
- </application-policy>
-
- <!-- Security domain for JBossMQ when using file-state-service.xml
- <application-policy name = "jbossmq">
- <authentication>
- <login-module code = "org.jboss.mq.sm.file.DynamicLoginModule"
- flag = "required">
- <module-option name =
"unauthenticatedIdentity">guest</module-option>
- <module-option name =
"sm.objectname">jboss.mq:service=StateManager</module-option>
- </login-module>
- </authentication>
- </application-policy>
- -->
-
- <!-- Security domains for testing new jca framework -->
- <application-policy name="HsqlDbRealm">
- <authentication>
- <login-module
code="org.jboss.resource.security.ConfiguredIdentityLoginModule"
flag="required">
- <module-option name="principal">sa</module-option>
- <module-option name="userName">sa</module-option>
- <module-option name="password"/>
- <module-option
name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
- </login-module>
- </authentication>
- </application-policy>
-
- <application-policy name="JmsXARealm">
- <authentication>
- <login-module
code="org.jboss.resource.security.ConfiguredIdentityLoginModule"
flag="required">
- <module-option name="principal">guest</module-option>
- <module-option name="userName">guest</module-option>
- <module-option name="password">guest</module-option>
- <module-option
name="managedConnectionFactoryName">jboss.jca:service=TxCM,name=JmsXA</module-option>
- </login-module>
- </authentication>
- </application-policy>
-
- <!-- A template configuration for the jmx-console web application. This
- defaults to the UsersRolesLoginModule the same as other and should be
- changed to a stronger authentication mechanism as required.
- -->
- <application-policy name="jmx-console">
- <authentication>
- <login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required">
- <module-option
name="usersProperties">props/jmx-console-users.properties</module-option>
- <module-option
name="rolesProperties">props/jmx-console-roles.properties</module-option>
- </login-module>
- </authentication>
- </application-policy>
-
- <!-- A template configuration for the web-console web application. This
- defaults to the UsersRolesLoginModule the same as other and should be
- changed to a stronger authentication mechanism as required.
- -->
- <application-policy name="web-console">
- <authentication>
- <login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required">
- <module-option
name="usersProperties">web-console-users.properties</module-option>
- <module-option
name="rolesProperties">web-console-roles.properties</module-option>
- </login-module>
- </authentication>
- </application-policy>
-
- <!--
- A template configuration for the JBossWS security domain.
- This defaults to the UsersRolesLoginModule the same as other and should be
- changed to a stronger authentication mechanism as required.
- -->
- <application-policy name="JBossWS">
- <authentication>
- <login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required">
- <module-option
name="usersProperties">props/jbossws-users.properties</module-option>
- <module-option
name="rolesProperties">props/jbossws-roles.properties</module-option>
- <module-option
name="unauthenticatedIdentity">anonymous</module-option>
- </login-module>
- </authentication>
- </application-policy>
-
- <!-- The default login configuration used by any security domain that
- does not have a application-policy entry with a matching name
- -->
- <application-policy name="other">
- <!-- A simple server login module, which can be used when the number
- of users is relatively small. It uses two properties files:
- users.properties, which holds users (key) and their password (value).
- roles.properties, which holds users (key) and a comma-separated list of
- their roles (value).
- The unauthenticatedIdentity property defines the name of the principal
- that will be used when a null username and password are presented as is
- the case for an unuathenticated web client or MDB. If you want to
- allow such users to be authenticated add the property, e.g.,
- unauthenticatedIdentity="nobody"
- -->
- <authentication>
- <login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required"/>
- </authentication>
- </application-policy>
-
-<!-- ================================================== -->
- <!-- JOSSO JAAS Login Configuration, automatially generated by JOSSO
Installer-->
- <application-policy name="josso"> <authentication>
- <login-module
code="org.jboss.portal.identity.sso.josso.JOSSOLoginModule"
flag="required">
- <module-option name="debug">true</module-option>
- </login-module>
- </authentication>
- </application-policy>
- <!-- ================================================== -->
-</policy>
\ No newline at end of file
Copied:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/login-config.xml
(from rev 13225, modules/identity/trunk/sso/src/main/config/josso/conf/login-config.xml)
===================================================================
---
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/login-config.xml
(rev 0)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/conf/login-config.xml 2009-04-20
19:54:45 UTC (rev 13240)
@@ -0,0 +1,152 @@
+<?xml version="1.0" encoding="UTF-8"?><!-- The XML based
JAAS login configuration read by the
+org.jboss.security.auth.login.XMLLoginConfig mbean. Add
+an application-policy element for each security domain.
+
+The outline of the application-policy is:
+<application-policy name="security-domain-name">
+ <authentication>
+ <login-module code="login.module1.class.name"
flag="control_flag">
+ <module-option name =
"option1-name">option1-value</module-option>
+ <module-option name =
"option2-name">option2-value</module-option>
+ ...
+ </login-module>
+
+ <login-module code="login.module2.class.name"
flag="control_flag">
+ ...
+ </login-module>
+ ...
+ </authentication>
+</application-policy>
+
+$Revision: 64598 $
+--><policy>
+ <!-- Used by clients within the application server VM such as
+ mbeans and servlets that access EJBs.
+ -->
+ <application-policy name="client-login">
+ <authentication>
+ <login-module code="org.jboss.security.ClientLoginModule"
flag="required">
+ <!-- Any existing security context will be restored on logout -->
+ <module-option
name="restore-login-identity">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- Security domain for JBossMQ -->
+ <application-policy name="jbossmq">
+ <authentication>
+ <login-module
code="org.jboss.security.auth.spi.DatabaseServerLoginModule"
flag="required">
+ <module-option
name="unauthenticatedIdentity">guest</module-option>
+ <module-option
name="dsJndiName">java:/DefaultDS</module-option>
+ <module-option name="principalsQuery">SELECT PASSWD FROM
JMS_USERS WHERE USERID=?</module-option>
+ <module-option name="rolesQuery">SELECT ROLEID,
'Roles' FROM JMS_ROLES WHERE USERID=?</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- Security domain for JBossMQ when using file-state-service.xml
+ <application-policy name = "jbossmq">
+ <authentication>
+ <login-module code = "org.jboss.mq.sm.file.DynamicLoginModule"
+ flag = "required">
+ <module-option name =
"unauthenticatedIdentity">guest</module-option>
+ <module-option name =
"sm.objectname">jboss.mq:service=StateManager</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+ -->
+
+ <!-- Security domains for testing new jca framework -->
+ <application-policy name="HsqlDbRealm">
+ <authentication>
+ <login-module
code="org.jboss.resource.security.ConfiguredIdentityLoginModule"
flag="required">
+ <module-option name="principal">sa</module-option>
+ <module-option name="userName">sa</module-option>
+ <module-option name="password"/>
+ <module-option
name="managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name="JmsXARealm">
+ <authentication>
+ <login-module
code="org.jboss.resource.security.ConfiguredIdentityLoginModule"
flag="required">
+ <module-option name="principal">guest</module-option>
+ <module-option name="userName">guest</module-option>
+ <module-option name="password">guest</module-option>
+ <module-option
name="managedConnectionFactoryName">jboss.jca:service=TxCM,name=JmsXA</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- A template configuration for the jmx-console web application. This
+ defaults to the UsersRolesLoginModule the same as other and should be
+ changed to a stronger authentication mechanism as required.
+ -->
+ <application-policy name="jmx-console">
+ <authentication>
+ <login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required">
+ <module-option
name="usersProperties">props/jmx-console-users.properties</module-option>
+ <module-option
name="rolesProperties">props/jmx-console-roles.properties</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- A template configuration for the web-console web application. This
+ defaults to the UsersRolesLoginModule the same as other and should be
+ changed to a stronger authentication mechanism as required.
+ -->
+ <application-policy name="web-console">
+ <authentication>
+ <login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required">
+ <module-option
name="usersProperties">web-console-users.properties</module-option>
+ <module-option
name="rolesProperties">web-console-roles.properties</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!--
+ A template configuration for the JBossWS security domain.
+ This defaults to the UsersRolesLoginModule the same as other and should be
+ changed to a stronger authentication mechanism as required.
+ -->
+ <application-policy name="JBossWS">
+ <authentication>
+ <login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required">
+ <module-option
name="usersProperties">props/jbossws-users.properties</module-option>
+ <module-option
name="rolesProperties">props/jbossws-roles.properties</module-option>
+ <module-option
name="unauthenticatedIdentity">anonymous</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <!-- The default login configuration used by any security domain that
+ does not have a application-policy entry with a matching name
+ -->
+ <application-policy name="other">
+ <!-- A simple server login module, which can be used when the number
+ of users is relatively small. It uses two properties files:
+ users.properties, which holds users (key) and their password (value).
+ roles.properties, which holds users (key) and a comma-separated list of
+ their roles (value).
+ The unauthenticatedIdentity property defines the name of the principal
+ that will be used when a null username and password are presented as is
+ the case for an unuathenticated web client or MDB. If you want to
+ allow such users to be authenticated add the property, e.g.,
+ unauthenticatedIdentity="nobody"
+ -->
+ <authentication>
+ <login-module
code="org.jboss.security.auth.spi.UsersRolesLoginModule"
flag="required"/>
+ </authentication>
+ </application-policy>
+
+<!-- ================================================== -->
+ <!-- JOSSO JAAS Login Configuration, automatially generated by JOSSO
Installer-->
+ <application-policy name="josso"> <authentication>
+ <login-module
code="org.jboss.portal.identity.sso.josso.JOSSOLoginModule"
flag="required">
+ <module-option name="debug">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+ <!-- ================================================== -->
+</policy>
\ No newline at end of file
Copied:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal
(from rev 13225, modules/identity/trunk/sso/src/main/config/josso/jboss-portal)
Deleted:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/context.xml
===================================================================
--- modules/identity/trunk/sso/src/main/config/josso/jboss-portal/context.xml 2009-04-17
03:25:33 UTC (rev 13225)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/context.xml 2009-04-20
19:54:45 UTC (rev 13240)
@@ -1,4 +0,0 @@
-<?xml version="1.0"?>
-<Context>
- <Valve
className="org.jboss.portal.identity.sso.josso.JOSSOLogoutValve"/>
-</Context>
Copied:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/context.xml
(from rev 13225,
modules/identity/trunk/sso/src/main/config/josso/jboss-portal/context.xml)
===================================================================
---
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/context.xml
(rev 0)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/context.xml 2009-04-20
19:54:45 UTC (rev 13240)
@@ -0,0 +1,4 @@
+<?xml version="1.0"?>
+<Context>
+ <Valve
className="org.jboss.portal.identity.sso.josso.JOSSOLogoutValve"/>
+</Context>
Deleted:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/jboss-web.xml
===================================================================
--- modules/identity/trunk/sso/src/main/config/josso/jboss-portal/jboss-web.xml 2009-04-17
03:25:33 UTC (rev 13225)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/jboss-web.xml 2009-04-20
19:54:45 UTC (rev 13240)
@@ -1,35 +0,0 @@
-<?xml version="1.0"?>
-<!--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- ~ JBoss, a division of Red Hat ~
- ~ Copyright 2006, Red Hat Middleware, LLC, and individual ~
- ~ contributors as indicated by the @authors tag. See the ~
- ~ copyright.txt in the distribution for a full listing of ~
- ~ individual contributors. ~
- ~ ~
- ~ This is free software; you can redistribute it and/or modify it ~
- ~ under the terms of the GNU Lesser General Public License as ~
- ~ published by the Free Software Foundation; either version 2.1 of ~
- ~ the License, or (at your option) any later version. ~
- ~ ~
- ~ This software is distributed in the hope that it will be useful, ~
- ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~
- ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ~
- ~ Lesser General Public License for more details. ~
- ~ ~
- ~ You should have received a copy of the GNU Lesser General Public ~
- ~ License along with this software; if not, write to the Free ~
- ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA ~
- ~ 02110-1301 USA, or see the FSF site:
http://www.fsf.org. ~
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~-->
-
-<jboss-web>
- <security-domain>java:jaas/josso</security-domain>
- <context-root>/portal</context-root>
- <replication-config>
- <replication-trigger>SET</replication-trigger>
- </replication-config>
- <resource-ref>
- <res-ref-name>jdbc/PortalDS</res-ref-name>
- <jndi-name>java:PortalDS</jndi-name>
- </resource-ref>
-</jboss-web>
Copied:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/jboss-web.xml
(from rev 13225,
modules/identity/trunk/sso/src/main/config/josso/jboss-portal/jboss-web.xml)
===================================================================
---
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/jboss-web.xml
(rev 0)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/jboss-web.xml 2009-04-20
19:54:45 UTC (rev 13240)
@@ -0,0 +1,35 @@
+<?xml version="1.0"?>
+<!--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ ~ JBoss, a division of Red Hat ~
+ ~ Copyright 2006, Red Hat Middleware, LLC, and individual ~
+ ~ contributors as indicated by the @authors tag. See the ~
+ ~ copyright.txt in the distribution for a full listing of ~
+ ~ individual contributors. ~
+ ~ ~
+ ~ This is free software; you can redistribute it and/or modify it ~
+ ~ under the terms of the GNU Lesser General Public License as ~
+ ~ published by the Free Software Foundation; either version 2.1 of ~
+ ~ the License, or (at your option) any later version. ~
+ ~ ~
+ ~ This software is distributed in the hope that it will be useful, ~
+ ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~
+ ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ~
+ ~ Lesser General Public License for more details. ~
+ ~ ~
+ ~ You should have received a copy of the GNU Lesser General Public ~
+ ~ License along with this software; if not, write to the Free ~
+ ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA ~
+ ~ 02110-1301 USA, or see the FSF site:
http://www.fsf.org. ~
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~-->
+
+<jboss-web>
+ <security-domain>java:jaas/josso</security-domain>
+ <context-root>/portal</context-root>
+ <replication-config>
+ <replication-trigger>SET</replication-trigger>
+ </replication-config>
+ <resource-ref>
+ <res-ref-name>jdbc/PortalDS</res-ref-name>
+ <jndi-name>java:PortalDS</jndi-name>
+ </resource-ref>
+</jboss-web>
Deleted:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/login.jsp
===================================================================
--- modules/identity/trunk/sso/src/main/config/josso/jboss-portal/login.jsp 2009-04-17
03:25:33 UTC (rev 13225)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/login.jsp 2009-04-20
19:54:45 UTC (rev 13240)
@@ -1,168 +0,0 @@
-<%--
- ~ Copyright (c) 2004-2006, Novascope S.A. and the JOSSO team
- ~ All rights reserved.
- ~ Redistribution and use in source and binary forms, with or
- ~ without modification, are permitted provided that the following
- ~ conditions are met:
- ~
- ~ * Redistributions of source code must retain the above copyright
- ~ notice, this list of conditions and the following disclaimer.
- ~
- ~ * Redistributions in binary form must reproduce the above copyright
- ~ notice, this list of conditions and the following disclaimer in
- ~ the documentation and/or other materials provided with the
- ~ distribution.
- ~
- ~ * Neither the name of the JOSSO team nor the names of its
- ~ contributors may be used to endorse or promote products derived
- ~ from this software without specific prior written permission.
- ~
- ~ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
- ~ CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
- ~ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- ~ MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- ~ DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
- ~ BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- ~ EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
- ~ TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- ~ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
- ~ ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- ~ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- ~ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- ~ POSSIBILITY OF SUCH DAMAGE.
- --%>
-<%@page contentType="text/html; charset=iso-8859-1"
language="java" session="true" %>
-<%
- response.sendRedirect(request.getContextPath() + "/josso_login/");
-%>
-
-<%--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- ~ JBoss, a division of Red Hat ~
- ~ Copyright 2006, Red Hat Middleware, LLC, and individual ~
- ~ contributors as indicated by the @authors tag. See the ~
- ~ copyright.txt in the distribution for a full listing of ~
- ~ individual contributors. ~
- ~ ~
- ~ This is free software; you can redistribute it and/or modify it ~
- ~ under the terms of the GNU Lesser General Public License as ~
- ~ published by the Free Software Foundation; either version 2.1 of ~
- ~ the License, or (at your option) any later version. ~
- ~ ~
- ~ This software is distributed in the hope that it will be useful, ~
- ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~
- ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ~
- ~ Lesser General Public License for more details. ~
- ~ ~
- ~ You should have received a copy of the GNU Lesser General Public ~
- ~ License along with this software; if not, write to the Free ~
- ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA ~
- ~ 02110-1301 USA, or see the FSF site:
http://www.fsf.org. ~
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~--%>
-<%--
-
-<%@ page pageEncoding="utf-8" %>
-<%@page import="org.jboss.portal.identity.UserStatus" %>
-<%@page import="org.jboss.portal.server.ParameterSanitizer" %>
-<%@page import="java.util.ResourceBundle" %>
-
-<%
- ResourceBundle rb = ResourceBundle.getBundle("Resource",
request.getLocale());
- // todo: use ParameterValidation.sanitize after 2.7.1
- String loginheight = request.getParameter("loginheight");
- boolean paramPresent = loginheight != null;
- loginheight = ParameterSanitizer.sanitizeFromPattern(loginheight,
ParameterSanitizer.CSS_DISTANCE, "300px");
-%>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-
-<html
xmlns="http://www.w3.org/1999/xhtml">
-<head>
- <title><%= rb.getString("LOGIN_TITLE") %>
- </title>
- <style type="text/css">
- /* <![CDATA[ */
- body {
- margin: 0;
- padding: 0;
- border: 0;
- padding-top: <%=loginheight%>;
- }
-
- /* ]]> */
- </style>
-
- <script>
- function setFocusOnLoginForm()
- {
- try
- {
- document.loginform.j_username.focus();
- }
- catch (e)
- {
- }
- }
- </script>
-
- <link rel="stylesheet" href="/portal-core/css/login.css"
type="text/css"/>
-</head>
-<body onload="setFocusOnLoginForm();">
-
-<div class="login-container">
-
-
- <div class="login-header">
- <h2><%= rb.getString("LOGIN_TITLE") %>
- </h2>
- </div>
- <div class="login-content">
-
- <div class="error-message"
-
style="<%=(request.getAttribute(!UserStatus.OK.equals("org.jboss.portal.userStatus")
? "" : "display:none"))%>;">
- <%
-
- if
(UserStatus.DISABLE.equals(request.getAttribute("org.jboss.portal.userStatus")))
- {
- out.println(rb.getString("ACCOUNT_DISABLED"));
- }
- else if
(UserStatus.WRONGPASSWORD.equals(request.getAttribute("org.jboss.portal.userStatus"))
||
UserStatus.UNEXISTING.equals(request.getAttribute("org.jboss.portal.userStatus")))
- {
-
out.println(rb.getString("ACCOUNT_INEXISTING_OR_WRONG_PASSWORD"));
- }
- else if
(UserStatus.NOTASSIGNEDTOROLE.equals(request.getAttribute("org.jboss.portal.userStatus")))
- {
- out.println(rb.getString("ACCOUNT_NOTASSIGNEDTOROLE"));
- }
- %>
- </div>
- <form method="post" action="<%=
response.encodeURL("j_security_check") %>" name="loginform"
id="loginForm"
- target="_parent">
- <div class="form-field">
- <label for="j_username"><%=
rb.getString("LOGIN_USERNAME") %>
- </label>
- <input type="text" name="j_username"
id="j_username" value=""/>
- </div>
- <div class="form-field">
- <label for="j_password"><%=
rb.getString("LOGIN_PASSWORD") %>
- </label>
- <input type="password" name="j_password"
id="j_password" value=""/>
- </div>
- <br class="clear"/>
-
- <div class="button-container">
- <br class="clear"/>
- <input style="<%=paramPresent ? "" :
"display:none"%>;" type="button" name="cancel"
- value="<%= rb.getString("LOGIN_CANCEL") %>"
class="cancel-button"
-
onclick="window.parent.hideContentModal('login-modal');"/>
- <br class="clear"/>
- <input style="<%=paramPresent ? "" :
"right:10px"%>;" type="submit" name="login"
- value="<%= rb.getString("LOGIN_SUBMIT") %>"
class="login-button"/>
- </div>
- <br class="clear"/>
- </form>
-
- </div>
-</div>
-</body>
-</html>
---%>
Copied:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/login.jsp
(from rev 13225, modules/identity/trunk/sso/src/main/config/josso/jboss-portal/login.jsp)
===================================================================
---
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/login.jsp
(rev 0)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/jboss-portal/login.jsp 2009-04-20
19:54:45 UTC (rev 13240)
@@ -0,0 +1,168 @@
+<%--
+ ~ Copyright (c) 2004-2006, Novascope S.A. and the JOSSO team
+ ~ All rights reserved.
+ ~ Redistribution and use in source and binary forms, with or
+ ~ without modification, are permitted provided that the following
+ ~ conditions are met:
+ ~
+ ~ * Redistributions of source code must retain the above copyright
+ ~ notice, this list of conditions and the following disclaimer.
+ ~
+ ~ * Redistributions in binary form must reproduce the above copyright
+ ~ notice, this list of conditions and the following disclaimer in
+ ~ the documentation and/or other materials provided with the
+ ~ distribution.
+ ~
+ ~ * Neither the name of the JOSSO team nor the names of its
+ ~ contributors may be used to endorse or promote products derived
+ ~ from this software without specific prior written permission.
+ ~
+ ~ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
+ ~ CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ ~ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+ ~ MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ ~ DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
+ ~ BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ ~ EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+ ~ TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ ~ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ ~ ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ ~ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ ~ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ ~ POSSIBILITY OF SUCH DAMAGE.
+ --%>
+<%@page contentType="text/html; charset=iso-8859-1"
language="java" session="true" %>
+<%
+ response.sendRedirect(request.getContextPath() + "/josso_login/");
+%>
+
+<%--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ ~ JBoss, a division of Red Hat ~
+ ~ Copyright 2006, Red Hat Middleware, LLC, and individual ~
+ ~ contributors as indicated by the @authors tag. See the ~
+ ~ copyright.txt in the distribution for a full listing of ~
+ ~ individual contributors. ~
+ ~ ~
+ ~ This is free software; you can redistribute it and/or modify it ~
+ ~ under the terms of the GNU Lesser General Public License as ~
+ ~ published by the Free Software Foundation; either version 2.1 of ~
+ ~ the License, or (at your option) any later version. ~
+ ~ ~
+ ~ This software is distributed in the hope that it will be useful, ~
+ ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~
+ ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ~
+ ~ Lesser General Public License for more details. ~
+ ~ ~
+ ~ You should have received a copy of the GNU Lesser General Public ~
+ ~ License along with this software; if not, write to the Free ~
+ ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA ~
+ ~ 02110-1301 USA, or see the FSF site:
http://www.fsf.org. ~
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~--%>
+<%--
+
+<%@ page pageEncoding="utf-8" %>
+<%@page import="org.jboss.portal.identity.UserStatus" %>
+<%@page import="org.jboss.portal.server.ParameterSanitizer" %>
+<%@page import="java.util.ResourceBundle" %>
+
+<%
+ ResourceBundle rb = ResourceBundle.getBundle("Resource",
request.getLocale());
+ // todo: use ParameterValidation.sanitize after 2.7.1
+ String loginheight = request.getParameter("loginheight");
+ boolean paramPresent = loginheight != null;
+ loginheight = ParameterSanitizer.sanitizeFromPattern(loginheight,
ParameterSanitizer.CSS_DISTANCE, "300px");
+%>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
+<html
xmlns="http://www.w3.org/1999/xhtml">
+<head>
+ <title><%= rb.getString("LOGIN_TITLE") %>
+ </title>
+ <style type="text/css">
+ /* <![CDATA[ */
+ body {
+ margin: 0;
+ padding: 0;
+ border: 0;
+ padding-top: <%=loginheight%>;
+ }
+
+ /* ]]> */
+ </style>
+
+ <script>
+ function setFocusOnLoginForm()
+ {
+ try
+ {
+ document.loginform.j_username.focus();
+ }
+ catch (e)
+ {
+ }
+ }
+ </script>
+
+ <link rel="stylesheet" href="/portal-core/css/login.css"
type="text/css"/>
+</head>
+<body onload="setFocusOnLoginForm();">
+
+<div class="login-container">
+
+
+ <div class="login-header">
+ <h2><%= rb.getString("LOGIN_TITLE") %>
+ </h2>
+ </div>
+ <div class="login-content">
+
+ <div class="error-message"
+
style="<%=(request.getAttribute(!UserStatus.OK.equals("org.jboss.portal.userStatus")
? "" : "display:none"))%>;">
+ <%
+
+ if
(UserStatus.DISABLE.equals(request.getAttribute("org.jboss.portal.userStatus")))
+ {
+ out.println(rb.getString("ACCOUNT_DISABLED"));
+ }
+ else if
(UserStatus.WRONGPASSWORD.equals(request.getAttribute("org.jboss.portal.userStatus"))
||
UserStatus.UNEXISTING.equals(request.getAttribute("org.jboss.portal.userStatus")))
+ {
+
out.println(rb.getString("ACCOUNT_INEXISTING_OR_WRONG_PASSWORD"));
+ }
+ else if
(UserStatus.NOTASSIGNEDTOROLE.equals(request.getAttribute("org.jboss.portal.userStatus")))
+ {
+ out.println(rb.getString("ACCOUNT_NOTASSIGNEDTOROLE"));
+ }
+ %>
+ </div>
+ <form method="post" action="<%=
response.encodeURL("j_security_check") %>" name="loginform"
id="loginForm"
+ target="_parent">
+ <div class="form-field">
+ <label for="j_username"><%=
rb.getString("LOGIN_USERNAME") %>
+ </label>
+ <input type="text" name="j_username"
id="j_username" value=""/>
+ </div>
+ <div class="form-field">
+ <label for="j_password"><%=
rb.getString("LOGIN_PASSWORD") %>
+ </label>
+ <input type="password" name="j_password"
id="j_password" value=""/>
+ </div>
+ <br class="clear"/>
+
+ <div class="button-container">
+ <br class="clear"/>
+ <input style="<%=paramPresent ? "" :
"display:none"%>;" type="button" name="cancel"
+ value="<%= rb.getString("LOGIN_CANCEL") %>"
class="cancel-button"
+
onclick="window.parent.hideContentModal('login-modal');"/>
+ <br class="clear"/>
+ <input style="<%=paramPresent ? "" :
"right:10px"%>;" type="submit" name="login"
+ value="<%= rb.getString("LOGIN_SUBMIT") %>"
class="login-button"/>
+ </div>
+ <br class="clear"/>
+ </form>
+
+ </div>
+</div>
+</body>
+</html>
+--%>
Copied: modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar
(from rev 13225, modules/identity/trunk/sso/src/main/config/josso/sar)
Copied:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/META-INF
(from rev 13225, modules/identity/trunk/sso/src/main/config/josso/sar/META-INF)
Deleted:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/META-INF/jboss-service.xml
===================================================================
---
modules/identity/trunk/sso/src/main/config/josso/sar/META-INF/jboss-service.xml 2009-04-17
03:25:33 UTC (rev 13225)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/META-INF/jboss-service.xml 2009-04-20
19:54:45 UTC (rev 13240)
@@ -1,34 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- ~ JBoss, a division of Red Hat ~
- ~ Copyright 2006, Red Hat Middleware, LLC, and individual ~
- ~ contributors as indicated by the @authors tag. See the ~
- ~ copyright.txt in the distribution for a full listing of ~
- ~ individual contributors. ~
- ~ ~
- ~ This is free software; you can redistribute it and/or modify it ~
- ~ under the terms of the GNU Lesser General Public License as ~
- ~ published by the Free Software Foundation; either version 2.1 of ~
- ~ the License, or (at your option) any later version. ~
- ~ ~
- ~ This software is distributed in the hope that it will be useful, ~
- ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~
- ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ~
- ~ Lesser General Public License for more details. ~
- ~ ~
- ~ You should have received a copy of the GNU Lesser General Public ~
- ~ License along with this software; if not, write to the Free ~
- ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA ~
- ~ 02110-1301 USA, or see the FSF site:
http://www.fsf.org. ~
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~-->
-
-<server>
- <mbean
- code="org.jboss.portal.identity.sso.josso.JOSSOIdentityServiceImpl"
- name="portal:service=Module,type=JOSSOIdentityService"
- xmbean-dd=""
- xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
- <xmbean/>
-
<depends>portal:service=Module,type=IdentityServiceController</depends>
- </mbean>
-</server>
\ No newline at end of file
Copied:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/META-INF/jboss-service.xml
(from rev 13225,
modules/identity/trunk/sso/src/main/config/josso/sar/META-INF/jboss-service.xml)
===================================================================
---
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/META-INF/jboss-service.xml
(rev 0)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/config/josso/sar/META-INF/jboss-service.xml 2009-04-20
19:54:45 UTC (rev 13240)
@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ ~ JBoss, a division of Red Hat ~
+ ~ Copyright 2006, Red Hat Middleware, LLC, and individual ~
+ ~ contributors as indicated by the @authors tag. See the ~
+ ~ copyright.txt in the distribution for a full listing of ~
+ ~ individual contributors. ~
+ ~ ~
+ ~ This is free software; you can redistribute it and/or modify it ~
+ ~ under the terms of the GNU Lesser General Public License as ~
+ ~ published by the Free Software Foundation; either version 2.1 of ~
+ ~ the License, or (at your option) any later version. ~
+ ~ ~
+ ~ This software is distributed in the hope that it will be useful, ~
+ ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~
+ ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ~
+ ~ Lesser General Public License for more details. ~
+ ~ ~
+ ~ You should have received a copy of the GNU Lesser General Public ~
+ ~ License along with this software; if not, write to the Free ~
+ ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA ~
+ ~ 02110-1301 USA, or see the FSF site:
http://www.fsf.org. ~
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~-->
+
+<server>
+ <mbean
+ code="org.jboss.portal.identity.sso.josso.JOSSOIdentityServiceImpl"
+ name="portal:service=Module,type=JOSSOIdentityService"
+ xmbean-dd=""
+ xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
+ <xmbean/>
+
<depends>portal:service=Module,type=IdentityServiceController</depends>
+ </mbean>
+</server>
\ No newline at end of file
Modified:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOIdentityStore.java
===================================================================
---
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOIdentityStore.java 2009-04-20
19:45:59 UTC (rev 13239)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOIdentityStore.java 2009-04-20
19:54:45 UTC (rev 13240)
@@ -30,6 +30,7 @@
import org.jboss.mx.util.MBeanProxy;
import org.jboss.mx.util.MBeanServerLocator;
import org.jboss.portal.identity.sso.josso.JOSSOIdentityService;
+
import org.josso.gateway.SSONameValuePair;
import org.josso.gateway.identity.exceptions.NoSuchUserException;
import org.josso.gateway.identity.exceptions.SSOIdentityException;
@@ -37,22 +38,27 @@
import org.josso.gateway.identity.service.BaseRoleImpl;
import org.josso.gateway.identity.service.BaseUser;
import org.josso.gateway.identity.service.BaseUserImpl;
-import org.josso.gateway.identity.service.store.IdentityStore;
import org.josso.gateway.identity.service.store.UserKey;
import org.josso.gateway.identity.service.store.SimpleUserKey;
+import org.josso.gateway.identity.service.store.IdentityStore;
+
import org.josso.auth.Credential;
import org.josso.auth.CredentialKey;
-import org.josso.auth.BindableCredentialStore;
-import org.josso.auth.exceptions.SSOAuthenticationException;
+import org.josso.auth.CredentialProvider;
import org.josso.auth.scheme.AuthenticationScheme;
import org.josso.auth.scheme.UsernameCredential;
import org.josso.auth.scheme.PasswordCredential;
+import org.josso.auth.BindableCredentialStore;
+import org.josso.auth.exceptions.SSOAuthenticationException;
+
/**
+ * @org.apache.xbean.XBean element="portal-store"
+ *
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
*
*/
-public class JOSSOIdentityStore implements IdentityStore, BindableCredentialStore
+public class JOSSOIdentityStore implements IdentityStore,BindableCredentialStore
{
/**
*
@@ -81,6 +87,9 @@
MBeanServer mbeanServer = MBeanServerLocator.locateJBoss();
this.portalIdentityService = (JOSSOIdentityService)
MBeanProxy.get(JOSSOIdentityService.class,new
ObjectName("portal:service=Module,type=JOSSOIdentityService"),mbeanServer);
+
log.info("-------------------------------------------------------------------");
+ log.info("JBoss Portal JOSSO Identity Store successfully
started.............");
+
log.info("-------------------------------------------------------------------");
}
catch(Exception e)
{
@@ -91,18 +100,34 @@
throw new RuntimeException("JOSSOIdentityStore registration
failed....");
}
}
- //-----IdentityStore
implementation--------------------------------------------------------------------------------------------------
- /**
- *
- */
- public BaseRole[] findRolesByUserKey(UserKey userKey)
- throws SSOIdentityException
- {
+
+ public void setAuthenticationScheme(AuthenticationScheme authenticationScheme)
+ {
if(this.portalIdentityService == null)
{
throw new IllegalStateException("JOSSOIdentityStore not properly registered
with the JOSSO system..");
}
+ this.authenticationScheme = authenticationScheme;
+ }
+ //----------------IdentityStore
implementation------------------------------------------------------------------------------------------------------------------------
+ public boolean userExists(UserKey userKey) throws SSOIdentityException
+ {
+ if(this.portalIdentityService == null)
+ {
+ throw new IllegalStateException("JOSSOIdentityStore not properly registered
with the JOSSO system..");
+ }
+
+ return this.portalIdentityService.exists(userKey.toString());
+ }
+
+ public BaseRole[] findRolesByUserKey(UserKey userKey) throws SSOIdentityException
+ {
+ if(this.portalIdentityService == null)
+ {
+ throw new IllegalStateException("JOSSOIdentityStore not properly registered
with the JOSSO system..");
+ }
+
//Get the role information from the Portal Identity System
String[] userRoles = this.portalIdentityService.getUserRoles(userKey.toString());
@@ -113,17 +138,12 @@
roles[i] = new BaseRoleImpl(userRoles[i]);
}
-
return roles;
}
- /**
- *
- */
- public BaseUser loadUser(UserKey userKey) throws NoSuchUserException,
- SSOIdentityException
- {
- if(this.portalIdentityService == null)
+ public BaseUser loadUser(UserKey userKey) throws NoSuchUserException,
SSOIdentityException
+ {
+ if(this.portalIdentityService == null)
{
throw new IllegalStateException("JOSSOIdentityStore not properly registered
with the JOSSO system..");
}
@@ -134,58 +154,25 @@
user.addProperty("password", "");
return user;
- }
-
- /**
- *
- */
- public boolean userExists(UserKey userKey) throws SSOIdentityException
- {
- if(this.portalIdentityService == null)
+ }
+ //---------------CredentialStore
implementation----------------------------------------------------------------------------------------------------------------------
+ public Credential[] loadCredentials(CredentialKey credentialKey, CredentialProvider
credentialProvider) throws SSOIdentityException
+ {
+ if(this.portalIdentityService == null)
{
throw new IllegalStateException("JOSSOIdentityStore not properly registered
with the JOSSO system..");
}
- return this.portalIdentityService.exists(userKey.toString());
- }
- //---------BindableCredentialStore
implementation---------------------------------------------------------------------------------------------
- /**
- *
- */
- public Credential[] loadCredentials(CredentialKey credentialKey) throws
SSOIdentityException
- {
- if(this.portalIdentityService == null)
- {
- throw new IllegalStateException("JOSSOIdentityStore not properly registered
with the JOSSO system..");
- }
-
//Get the User corresponding to this credentialKey
BaseUser user = this.loadUser((SimpleUserKey)credentialKey);
SSONameValuePair[] properties = user.getProperties();
String password = properties[0].getValue();
return new Credential[]{new UsernameCredential(user.getName()), new
PasswordCredential(password)};
- }
+ }
- /**
- *
- */
public boolean bind(String username, String password) throws
SSOAuthenticationException
{
return this.portalIdentityService.authenticate(username, password);
}
-
-
- /**
- *
- */
- public void setAuthenticationScheme(AuthenticationScheme authenticationScheme)
- {
- if(this.portalIdentityService == null)
- {
- throw new IllegalStateException("JOSSOIdentityStore not properly registered
with the JOSSO system..");
- }
-
- this.authenticationScheme = authenticationScheme;
- }
}
Modified:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLoginModule.java
===================================================================
---
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLoginModule.java 2009-04-20
19:45:59 UTC (rev 13239)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLoginModule.java 2009-04-20
19:54:45 UTC (rev 13240)
@@ -36,10 +36,7 @@
import org.apache.log4j.Logger;
import org.josso.gateway.identity.SSORole;
-import org.josso.gateway.identity.SSOUser;
import org.josso.gateway.identity.service.BaseRoleImpl;
-import org.josso.gateway.identity.service.BaseUserImpl;
-import org.josso.tc55.agent.jaas.SSOGatewayLoginModule;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
@@ -50,6 +47,8 @@
import java.util.Map;
import java.util.Set;
+import org.josso.jb42.agent.JBossSSOGatewayLoginModule;
+
/**
* SSOGatewayLogin Module for JBoss.
* <p>
@@ -83,70 +82,20 @@
* @version CVS $Id: JBossSSOGatewayLoginModule.java 338 2006-02-09 16:53:07Z sgonzalez
$
*/
-public class JOSSOLoginModule extends SSOGatewayLoginModule {
+public class JOSSOLoginModule extends JBossSSOGatewayLoginModule
+{
private static final Logger logger = Logger.getLogger(JOSSOLoginModule .class);
-
+
private Subject _savedSubject;
-
- /** the principal to use when user is not authenticated **/
- protected SSOUser _unauthenticatedIdentity;
-
-
- /**
- * Initialize this LoginModule .
- * Save the received Subject to change it when commit() gets invoked.
- *
- * @param subject the Subject to be authenticated.
- *
- * @param callbackHandler a CallbackHandler for communicating
- * with the end user (prompting for user names and
- * passwords, for example).
- *
- * @param sharedState shared LoginModule state.
- *
- * @param options options specified in the login Configuration
- * for this particular LoginModule.
- */
+
public void initialize(Subject subject, CallbackHandler callbackHandler,
- Map sharedState, Map options) {
-
- _savedSubject = subject;
- super.initialize(subject, callbackHandler, sharedState, options);
- // Check for unauthenticatedIdentity option.
- String name = (String) options.get("unauthenticatedIdentity");
- if( name != null )
- {
- try
- {
- _unauthenticatedIdentity = createIdentity(name);
- logger.debug("Saw unauthenticatedIdentity="+name);
- }
- catch(Exception e)
- {
- logger.warn("Failed to create custom unauthenticatedIdentity",
e);
- }
- }
+ Map sharedState, Map options)
+ {
+ super.initialize(subject, callbackHandler, sharedState, options);
+ this._savedSubject = subject;
}
- /**
- * This method supports the unauthenticatedIdentity property used by JBoss.
- */
- public boolean login() throws LoginException {
-
- if (!super.login()) {
- // We have an unauthenticated user, use configured Principal
- if (_unauthenticatedIdentity != null) {
- logger.debug("Authenticated as unauthenticatedIdentity : " +
_unauthenticatedIdentity);
- _ssoUserPrincipal = _unauthenticatedIdentity;
- _succeeded = true;
- return true;
- }
- }
-
- return true;
- }
-
/*
* This method is called if the LoginContext's overall authentication succeeded.
*
@@ -159,55 +108,22 @@
* @return true if this LoginModule's own login and commit
* attempts succeeded, or false otherwise.
*/
- public boolean commit() throws LoginException {
- boolean rc = false;
- // HashMap setsMap = new HashMap();
-
- rc = super.commit();
-
+ public boolean commit() throws LoginException
+ {
+ boolean rc = super.commit();
+
+
Set ssoRolePrincipals = _savedSubject.getPrincipals(SSORole.class);
Group targetGrp = new BaseRoleImpl("Roles");
Iterator i = ssoRolePrincipals.iterator();
Set cour = new java.util.HashSet();
- while (i.hasNext()) {
- Principal p = (Principal)i.next();
-
- targetGrp.addMember(p); // Add user role to "Roles" group
-
+ while (i.hasNext())
+ {
+ Principal p = (Principal)i.next();
//super hack to make the Subject work properly with the Portal Authorization
Engine
((BaseRoleImpl)p).addMember(this.createIdentity(p.getName()));
}
- // Add the "Roles" group to the Subject so that JBoss can fetch user
roles.
- _savedSubject.getPrincipals().removeAll(ssoRolePrincipals);
- _savedSubject.getPrincipals().add(targetGrp);
-
- /*Set ssoUserPrincipals = _savedSubject.getPrincipals(SSOUser.class);
- Group callerPrincipal = new BaseRoleImpl("CallerPrincipal");
- Iterator j = ssoUserPrincipals.iterator();
- if (j.hasNext()) {
- Principal user = (Principal) j.next();
- callerPrincipal.addMember(user);
- }
-
- // Add the "CallerPrincipal" group to the Subject so that JBoss can
fetch user.
- _savedSubject.getPrincipals().add(callerPrincipal);*/
-
- return rc;
+
+ return rc;
}
-
- protected SSOUser createIdentity(String username) {
- return new BaseUserImpl(username);
- }
-
- protected SSORole[] getRoleSets() throws LoginException {
- if (_ssoUserPrincipal == _unauthenticatedIdentity) {
- // Using unauthenticatedIdentity ..
- if(logger.isDebugEnabled())
- logger.debug("Using unauthenticatedIdentity " +
_ssoUserPrincipal + ", returning no roles.");
-
- return new SSORole[0];
- }
- return super.getRoleSets();
- }
-
}
Modified:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLogoutValve.java
===================================================================
---
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLogoutValve.java 2009-04-20
19:45:59 UTC (rev 13239)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/identity/sso/josso/JOSSOLogoutValve.java 2009-04-20
19:54:45 UTC (rev 13240)
@@ -26,7 +26,6 @@
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.Cookie;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
@@ -47,77 +46,15 @@
{
HttpServletRequest httpRequest = (HttpServletRequest) request;
request.setAttribute("ssoEnabled", "true");
-
- Cookie jossoPortalCookie = this.findJOSSOPortalLogoutCookie(httpRequest);
- if(jossoPortalCookie != null)
- {
- String referer = jossoPortalCookie.getValue();
-
- if(referer != null && referer.trim().length() > 0)
- {
- //Delete this cookie
- jossoPortalCookie = new Cookie("JOSSO_PORTAL_LOGOUT",
"");
- jossoPortalCookie.setMaxAge(0); //setting the value to 0 should delete this
cookie from the browser
- response.addCookie(jossoPortalCookie);
-
- //This form of redirect is needed instead of sendRedirect
- //otherwise the JBOSS_PORTAL_LOGOUT cookie cleanup does not happen
- StringBuffer buffer = new StringBuffer();
- buffer.append("<html>"+"\n");
- buffer.append("<head>"+"\n");
- buffer.append("</head>"+"\n");
- buffer.append("<body
onload=\"setTimeout('document.form1.submit()',1000);\">"+"\n");
- buffer.append("<form name=\"form1\"
action=\""+referer+"\"
method=\"post\">"+"\n");
- buffer.append("</form>"+"\n");
- buffer.append("</body>"+"\n");
- buffer.append("</html>"+"\n");
-
- response.getOutputStream().write(buffer.toString().getBytes());
- response.getOutputStream().flush();
-
- return;
- }
- }
-
- // continue processing the request
+
+ //Logout not activated, Continue processing the request through the system
this.getNext().invoke(request, response);
+ //Check if Logout was activated...If so, perform a JOSSO logout
if(request.getAttribute("org.jboss.portal.logout") != null)
- {
- String jossoLogout = httpRequest.getContextPath() +
org.josso.agent.Constants.JOSSO_LOGOUT_URI;
-
- Cookie cookie = new
Cookie("JOSSO_PORTAL_LOGOUT",httpRequest.getHeader("Referer"));
- cookie.setMaxAge(-1); //setting the value so that cookie expires when broser is
closed
- response.addCookie(cookie);
-
+ {
+ String jossoLogout = httpRequest.getContextPath() + "/josso_logout/";
response.sendRedirect(jossoLogout);
}
- }
-
- /**
- *
- * @param request
- * @return
- */
- private Cookie findJOSSOPortalLogoutCookie(HttpServletRequest request)
- {
- Cookie cookie = null;
-
- Cookie[] cookies = request.getCookies();
- if(cookies != null)
- {
- for(int i=0; i<cookies.length; i++)
- {
- Cookie cour = cookies[i];
-
- if(cour.getName().equals("JOSSO_PORTAL_LOGOUT"))
- {
- cookie = cour;
- break;
- }
- }
- }
-
- return cookie;
- }
+ }
}
Modified:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/EasySSLProtocolSocketFactory.java
===================================================================
---
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/EasySSLProtocolSocketFactory.java 2009-04-20
19:45:59 UTC (rev 13239)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/EasySSLProtocolSocketFactory.java 2009-04-20
19:54:45 UTC (rev 13240)
@@ -1,8 +1,8 @@
/*
- * $Header:
/home/jerenkrantz/tmp/commons/commons-convert/cvs/home/cvs/jakarta-commons//httpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/EasySSLProtocolSocketFactory.java,v
1.7 2004/06/11 19:26:27 olegk Exp $
+ * $Header:
/home/jerenkrantz/tmp/commons/commons-convert/cvs/home/cvs/jakarta-commonshttpclient/src/contrib/org/apache/commons/httpclient/contrib/ssl/EasySSLProtocolSocketFactory.java,v
1.7 2004/06/11 19:26:27 olegk Exp $
* $Revision$
* $Date$
- *
+ *
* ====================================================================
*
* Licensed to the Apache Software Foundation (ASF) under one or more
@@ -12,7 +12,7 @@
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
- *
http://www.apache.org/licenses/LICENSE-2.0
+ * http:www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -24,7 +24,7 @@
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
- * <
http://www.apache.org/>.
+ * <http:www.apache.org/>.
*
*/
@@ -56,38 +56,38 @@
* reasons, unless it is a concious decision and you are perfectly aware of
* security implications of accepting self-signed certificates
* </p>
- *
+ *
* <p>
* Example of using custom protocol socket factory for a specific host:
- *
+ *
* <pre>
* Protocol easyhttps = new Protocol("https", new
EasySSLProtocolSocketFactory(),
* 443);
* HttpClient client = new HttpClient();
* client.getHostConfiguration().setHost("localhost", 443, easyhttps);
- * // use relative url only
+ * use relative url only
* GetMethod httpget = new GetMethod("/");
* client.executeMethod(httpget);
* </pre>
- *
+ *
* </p>
* <p>
* Example of using custom protocol socket factory per default instead of the
* standard one:
- *
+ *
* <pre>
* Protocol easyhttps = new Protocol("https", new
EasySSLProtocolSocketFactory(),
* 443);
* Protocol.registerProtocol("https", easyhttps);
* HttpClient client = new HttpClient();
- * GetMethod httpget = new GetMethod("https://localhost/");
+ * GetMethod httpget = new GetMethod("https:localhost/");
* client.executeMethod(httpget);
* </pre>
- *
+ *
* </p>
- *
+ *
* @author <a href="mailto:oleg -at- ural.ru">Oleg
Kalnichevski</a>
- *
+ *
* <p>
* DISCLAIMER: HttpClient developers DO NOT actively support this component. The
* component is provided as a reference material, which may be inappropriate for
@@ -154,7 +154,7 @@
* does not return until the timeout expires, the controller terminates and
* throws an {@link ConnectTimeoutException}
* </p>
- *
+ *
* @param host
* the host name/IP
* @param port
@@ -165,9 +165,9 @@
* the port on the local machine
* @param params
* {@link HttpConnectionParams Http connection parameters}
- *
+ *
* @return Socket a new socket
- *
+ *
* @throws IOException
* if an I/O error occurs while creating the socket
* @throws UnknownHostException
Modified:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/EasyX509TrustManager.java
===================================================================
---
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/EasyX509TrustManager.java 2009-04-20
19:45:59 UTC (rev 13239)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/EasyX509TrustManager.java 2009-04-20
19:54:45 UTC (rev 13240)
@@ -8,7 +8,7 @@
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
-*
http://www.apache.org/licenses/LICENSE-2.0
+* http:www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
@@ -20,7 +20,7 @@
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
-* <
http://www.apache.org/>.
+* <http:www.apache.org/>.
*
*/
@@ -38,19 +38,19 @@
/**
* <p>
-* EasyX509TrustManager unlike default {@link X509TrustManager} accepts
-* self-signed certificates.
+* EasyX509TrustManager unlike default {@link X509TrustManager} accepts
+* self-signed certificates.
* </p>
* <p>
-* This trust manager SHOULD NOT be used for productive systems
-* due to security reasons, unless it is a concious decision and
-* you are perfectly aware of security implications of accepting
+* This trust manager SHOULD NOT be used for productive systems
+* due to security reasons, unless it is a concious decision and
+* you are perfectly aware of security implications of accepting
* self-signed certificates
* </p>
-*
+*
* @author <a href="mailto:adrian.sutton@ephox.com">Adrian
Sutton</a>
* @author <a href="mailto:oleg@ural.ru">Oleg Kalnichevski</a>
-*
+*
* <p>
* DISCLAIMER: HttpClient developers DO NOT actively support this component.
* The component is provided as a reference material, which may be inappropriate
@@ -106,4 +106,4 @@
public X509Certificate[] getAcceptedIssuers() {
return this.standardTrustManager.getAcceptedIssuers();
}
-}
\ No newline at end of file
+}
Modified:
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/JOSSOTestCase.java
===================================================================
---
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/JOSSOTestCase.java 2009-04-20
19:45:59 UTC (rev 13239)
+++
modules/identity/branches/JBP_IDENTITY_BRANCH_1_0/sso/src/main/org/jboss/portal/test/identity/sso/JOSSOTestCase.java 2009-04-20
19:54:45 UTC (rev 13240)
@@ -18,7 +18,7 @@
* You should have received a copy of the GNU Lesser General Public *
* License along with this software; if not, write to the Free *
* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
- * 02110-1301 USA, or see the FSF site:
http://www.fsf.org. *
+ * 02110-1301 USA, or see the FSF site: http:www.fsf.org. *
******************************************************************************/
package org.jboss.portal.test.identity.sso;
@@ -27,25 +27,22 @@
import java.util.Iterator;
import java.util.HashMap;
-import org.jboss.portal.test.framework.mc.TestRuntimeContext;
-
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.Cookie;
import org.apache.commons.httpclient.NameValuePair;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.httpclient.methods.PostMethod;
-import org.apache.commons.httpclient.protocol.Protocol;
import junit.framework.TestCase;
/**
* @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
- *
+ *
*/
public class JOSSOTestCase extends TestCase
{
/**
- *
+ *
*/
private String firstPortal = null;
private String secondPortal = null;
@@ -54,64 +51,49 @@
private String userLoggedInIndicator = null;
private String username = null;
private String password = null;
-
+
+
/**
- *
+ *
*/
- protected TestRuntimeContext runtimeContext = null;
-
- /**
- *
- */
protected void setUp() throws Exception
- {
- super.setUp();
-
- this.runtimeContext = new
TestRuntimeContext("org/jboss/portal/test/identity/sso-beans.xml");
-
- this.runtimeContext.addBean("JOSSOConfig", this);
- this.runtimeContext.addBean("CASConfig", new CASTestCase());
-
- this.runtimeContext.start();
-
- //SSL setup
- Protocol.registerProtocol("https",new Protocol("https", new
EasySSLProtocolSocketFactory(), 443));
+ {
+ this.firstPortal = "http://josso-01:8080/portal";
+ this.secondPortal = "http://josso-02:8080/portal";
+ this.sameHostSecondPortal = "http://josso-01:8080/portal2";
+ this.jossoServer = "josso-01";
+ this.userLoggedInIndicator = "Logged in as:";
+ this.username = "user";
+ this.password = "user";
}
/**
- *
+ *
*/
protected void tearDown() throws Exception
- {
- super.tearDown();
-
- //Service stoppage
- this.runtimeContext.stop();
-
- //Data cleanup
- this.runtimeContext = null;
+ {
}
-
+
/**
- *
+ *
* @return
- */
+ */
public String getUserLoggedInIndicator()
{
return userLoggedInIndicator;
}
/**
- *
+ *
* @param userLoggedInIndicator
*/
public void setUserLoggedInIndicator(String userLoggedInIndicator)
{
this.userLoggedInIndicator = userLoggedInIndicator;
}
-
+
/**
- *
+ *
* @return
*/
public String getPassword()
@@ -120,7 +102,7 @@
}
/**
- *
+ *
* @param password
*/
public void setPassword(String password)
@@ -129,7 +111,7 @@
}
/**
- *
+ *
* @return
*/
public String getUsername()
@@ -138,16 +120,16 @@
}
/**
- *
+ *
* @param username
*/
public void setUsername(String username)
{
this.username = username;
}
-
+
/**
- *
+ *
* @return
*/
public String getFirstPortal()
@@ -156,7 +138,7 @@
}
/**
- *
+ *
* @param firstPortal
*/
public void setFirstPortal(String firstPortal)
@@ -165,7 +147,7 @@
}
/**
- *
+ *
* @return
*/
public String getSecondPortal()
@@ -174,16 +156,16 @@
}
/**
- *
+ *
* @param secondPortal
*/
public void setSecondPortal(String secondPortal)
{
this.secondPortal = secondPortal;
}
-
+
/**
- *
+ *
* @return
*/
public String getJossoServer()
@@ -192,16 +174,16 @@
}
/**
- *
+ *
* @param jossoServer
*/
public void setJossoServer(String jossoServer)
{
this.jossoServer = jossoServer;
}
-
+
/**
- *
+ *
* @return
*/
public String getSameHostSecondPortal()
@@ -210,150 +192,152 @@
}
/**
- *
+ *
* @param sameHostSecondPortal
*/
public void setSameHostSecondPortal(String sameHostSecondPortal)
{
this.sameHostSecondPortal = sameHostSecondPortal;
}
-
+
//-----------------------------------------------------------------------------------------------------------------------------------------------------------------------
/**
* This tests the scenario when the two portals are deployed on separate
hosts/servers
- *
+ *
* @throws Exception
*/
public void testMultiHostDeployment() throws Exception
- {
- Cookie ssoCookie = null;
+ {
String firstPortalFinalResponse = null;
String secondPortalFinalResponse = null;
-
+
//Load the main portal page on firstPortalContext
String firstContextPortalUrl = this.firstPortal;
- WebConversation portalConversation = this.startConversation(firstContextPortalUrl);
- TestCase.assertFalse(this.isUserLoggedIn(portalConversation.getResponse()));
-
+ WebConversation firstPortalConversation =
this.startConversation(firstContextPortalUrl);
+ TestCase.assertFalse(this.isUserLoggedIn(firstPortalConversation.getResponse()));
+
//Click the Login link on the firstPortalContext
String firstContextLoginUrl = firstContextPortalUrl +
"/auth/portal/default/default";
- this.sendGet(firstContextLoginUrl, portalConversation);
-
+ this.sendGet(firstContextLoginUrl, firstPortalConversation, false);
+
//Navigate to a secured resource on the portal
- TestCase.assertNotNull(portalConversation.getRedirectLocation());
- TestCase.assertEquals(portalConversation.getStatusCode(), 302);
- String portalToJOSSO = portalConversation.getRedirectLocation();
- this.sendGet(portalToJOSSO, portalConversation);
-
+ TestCase.assertNotNull(firstPortalConversation.getRedirectLocation());
+ TestCase.assertEquals(firstPortalConversation.getStatusCode(), 302);
+ String portalToJOSSO = firstPortalConversation.getRedirectLocation();
+ this.sendGet(portalToJOSSO, firstPortalConversation, false);
+
//When authentication is triggered, move over to the JOSSO server establishing an
SSO session with JOSSO
- String jossoLocation = portalConversation.getRedirectLocation();
- WebConversation ssoConversation = this.startConversation(jossoLocation);
- String response = ssoConversation.getResponse();
-
+ String jossoLocation = firstPortalConversation.getRedirectLocation();
+ WebConversation gatewayConversation = this.startConversation(jossoLocation);
+ String response = gatewayConversation.getResponse();
+
//Extract the josso post action value
int searchIndex = response.indexOf("action=\"")+9;
int endIndex = response.indexOf('"', searchIndex);
String action = response.substring(searchIndex,endIndex);
-
+
//Perform HTTP Post based authentication with the JOSSO Server
Map postParams = new HashMap();
postParams.put("josso_username", this.username);
postParams.put("josso_password", this.password);
postParams.put("josso_cmd", "login");
- this.sendPost("http://"+ this.jossoServer
+"/"+action,postParams, ssoConversation);
+ this.sendPost("http://"+ this.jossoServer
+":8080/"+action,postParams, gatewayConversation);
+ String assertUrl = gatewayConversation.getRedirectLocation();
+ this.sendGet(assertUrl, firstPortalConversation, false);
- //Go back to the Portal since login has succeeded, starting with assertion on the
JOSSO Agent installed on the Portal
- String assertUrl = ssoConversation.getRedirectLocation();
- this.sendGet(assertUrl, portalConversation);
-
//Now go back to the original Portal resource requested. This time user should have
an authenticated session established
- TestCase.assertNotNull(portalConversation.getRedirectLocation());
- TestCase.assertEquals(portalConversation.getStatusCode(), 302);
-
TestCase.assertTrue(portalConversation.getRedirectLocation().indexOf(firstContextLoginUrl)
!= -1);
- TestCase.assertNotNull(portalConversation.getSSOCookie());
- String goBack = portalConversation.getRedirectLocation();
- ssoCookie = ssoConversation.getSSOCookie();
- this.sendGet(goBack, portalConversation);
- firstPortalFinalResponse = portalConversation.getResponse();
+ TestCase.assertNotNull(firstPortalConversation.getRedirectLocation());
+ TestCase.assertEquals(firstPortalConversation.getStatusCode(), 302);
+
TestCase.assertTrue(firstPortalConversation.getRedirectLocation().indexOf(firstContextLoginUrl)
!= -1);
+ TestCase.assertNotNull(firstPortalConversation.getSSOCookie());
+ String goBack = firstPortalConversation.getRedirectLocation();
+ this.sendGet(goBack, firstPortalConversation, false);
+ firstPortalFinalResponse = firstPortalConversation.getResponse();
TestCase.assertTrue(this.isUserLoggedIn(firstPortalFinalResponse));
-
+
+
//Load the main portal page on secondPortalContext
String secondContextPortalUrl = this.secondPortal;
- portalConversation = this.startConversation(secondContextPortalUrl);
-
+ WebConversation secondPortalConversation =
this.startConversation(secondContextPortalUrl);
+
//Click the Login Link on the secondPortalContext
String secondContextLoginUrl = secondContextPortalUrl +
"/auth/portal/default/default";
- this.sendGet(secondContextLoginUrl, portalConversation);
-
+ this.sendGet(secondContextLoginUrl, secondPortalConversation, false);
+
//Perform re-direct to the JOSSO Server but this time sending in the JOSSO cookie
- TestCase.assertNotNull(portalConversation.getRedirectLocation());
- TestCase.assertEquals(portalConversation.getStatusCode(), 302);
- portalToJOSSO = portalConversation.getRedirectLocation();
- this.sendGet(portalToJOSSO, portalConversation);
-
-
+ TestCase.assertNotNull(secondPortalConversation.getRedirectLocation());
+ TestCase.assertEquals(secondPortalConversation.getStatusCode(), 302);
+ portalToJOSSO = secondPortalConversation.getRedirectLocation();
+ this.sendGet(portalToJOSSO, secondPortalConversation, false);
+
+
//Assert the redirect and it should be to the JOSSO Server, but this time
//It should end up with an Authenticated session back to the secondPortalContext
- jossoLocation = portalConversation.getRedirectLocation();
- ssoConversation = this.startConversation(jossoLocation,ssoCookie);
- secondPortalFinalResponse = ssoConversation.getResponse();
- TestCase.assertTrue(this.isUserLoggedIn(secondPortalFinalResponse));
+ jossoLocation = secondPortalConversation.getRedirectLocation();
+ this.sendGet(jossoLocation, gatewayConversation, false);
+ assertUrl = gatewayConversation.getRedirectLocation();
+ this.sendGet(assertUrl, secondPortalConversation, true);
- //Assert and make sure its the same user logged into both Portals
+
+ //Assert that automatic login occurred
+ secondPortalFinalResponse = secondPortalConversation.getResponse();
+ TestCase.assertTrue(this.isUserLoggedIn(secondPortalFinalResponse));
+
+ //Assert and make sure its the same user logged into both Portals
String firstPortalUser = this.extractLoggedInUser(firstPortalFinalResponse);
- String secondPortalUser = this.extractLoggedInUser(secondPortalFinalResponse);
+ String secondPortalUser = this.extractLoggedInUser(secondPortalFinalResponse);
TestCase.assertEquals(firstPortalUser, this.username);
TestCase.assertEquals(secondPortalUser, this.username);
- TestCase.assertEquals(firstPortalUser, secondPortalUser);
+ TestCase.assertEquals(firstPortalUser, secondPortalUser);
}
-
+
/**
* This tests the scenario where the two portals are deployed within the same
host/server but under
* different web contexts
- *
+ *
* @throws Exception
*/
- public void testSameHostDeployment() throws Exception
- {
+ /*public void testSameHostDeployment() throws Exception
+ {
Cookie ssoCookie = null;
String firstPortalFinalResponse = null;
String secondPortalFinalResponse = null;
-
+
//Load the main portal page on firstPortalContext
String firstContextPortalUrl = this.firstPortal;
- WebConversation portalConversation = this.startConversation(firstContextPortalUrl);
+ WebConversation portalConversation =
this.startConversation(firstContextPortalUrl);
TestCase.assertFalse(this.isUserLoggedIn(portalConversation.getResponse()));
-
+
//Click the Login link on the firstPortalContext
String firstContextLoginUrl = firstContextPortalUrl +
"/auth/portal/default/default";
- this.sendGet(firstContextLoginUrl, portalConversation);
-
+ this.sendGet(firstContextLoginUrl, portalConversation);
+
//Navigate to a secured resource on the portal
TestCase.assertNotNull(portalConversation.getRedirectLocation());
TestCase.assertEquals(portalConversation.getStatusCode(), 302);
String portalToJOSSO = portalConversation.getRedirectLocation();
- this.sendGet(portalToJOSSO, portalConversation);
-
+ this.sendGet(portalToJOSSO, portalConversation);
+
//When authentication is triggered, move over to the JOSSO server establishing an
SSO session with JOSSO
String jossoLocation = portalConversation.getRedirectLocation();
WebConversation ssoConversation = this.startConversation(jossoLocation);
String response = ssoConversation.getResponse();
-
+
//Extract the josso post action value
int searchIndex = response.indexOf("action=\"")+9;
int endIndex = response.indexOf('"', searchIndex);
String action = response.substring(searchIndex,endIndex);
-
+
//Perform HTTP Post based authentication with the JOSSO Server
Map postParams = new HashMap();
postParams.put("josso_username", this.username);
postParams.put("josso_password", this.password);
postParams.put("josso_cmd", "login");
- this.sendPost("http://"+ this.jossoServer
+"/"+action,postParams, ssoConversation);
-
+ this.sendPost("http:"+ this.jossoServer +"/"+action,postParams,
ssoConversation);
+
//Go back to the Portal since login has succeeded, starting with assertion on the
JOSSO Agent installed on the Portal
String assertUrl = ssoConversation.getRedirectLocation();
this.sendGet(assertUrl, portalConversation);
-
+
//Now go back to the original Portal resource requested. This time user should have
an authenticated session established
TestCase.assertNotNull(portalConversation.getRedirectLocation());
TestCase.assertEquals(portalConversation.getStatusCode(), 302);
@@ -361,68 +345,62 @@
TestCase.assertNotNull(portalConversation.getSSOCookie());
String goBack = portalConversation.getRedirectLocation();
ssoCookie = ssoConversation.getSSOCookie();
- this.sendGet(goBack, portalConversation);
+ this.sendGet(goBack, portalConversation);
firstPortalFinalResponse = portalConversation.getResponse();
TestCase.assertTrue(this.isUserLoggedIn(firstPortalFinalResponse));
-
+
//Load the main portal page on secondPortalContext
String secondContextPortalUrl = this.sameHostSecondPortal;
portalConversation = this.startConversation(secondContextPortalUrl);
-
+
//Click the Login Link on the secondPortalContext
String secondContextLoginUrl = secondContextPortalUrl +
"/auth/portal/default/default";
this.sendGet(secondContextLoginUrl, portalConversation);
-
+
//Perform re-direct to the JOSSO Server but this time sending in the JOSSO cookie
TestCase.assertNotNull(portalConversation.getRedirectLocation());
TestCase.assertEquals(portalConversation.getStatusCode(), 302);
portalToJOSSO = portalConversation.getRedirectLocation();
this.sendGet(portalToJOSSO, portalConversation);
-
-
+
+
//Assert the redirect and it should be to the JOSSO Server, but this time
//It should end up with an Authenticated session back to the secondPortalContext
jossoLocation = portalConversation.getRedirectLocation();
ssoConversation = this.startConversation(jossoLocation,ssoCookie);
secondPortalFinalResponse = ssoConversation.getResponse();
TestCase.assertTrue(this.isUserLoggedIn(secondPortalFinalResponse));
-
- //Assert and make sure its the same user logged into both Portals
+
+ //Assert and make sure its the same user logged into both Portals
String firstPortalUser = this.extractLoggedInUser(firstPortalFinalResponse);
- String secondPortalUser = this.extractLoggedInUser(secondPortalFinalResponse);
+ String secondPortalUser = this.extractLoggedInUser(secondPortalFinalResponse);
TestCase.assertEquals(firstPortalUser, this.username);
TestCase.assertEquals(secondPortalUser, this.username);
- TestCase.assertEquals(firstPortalUser, secondPortalUser);
- }
-
- /**
- *
- * @param portalUrl
- * @return
- * @throws Exception
- */
+ TestCase.assertEquals(firstPortalUser, secondPortalUser);
+ }*/
+
//-----------------------------------------------------------------------------------------------------------------------------------------------------------------------
private WebConversation startConversation(String portalUrl) throws Exception
{
WebConversation conversation = null;
-
+
HttpClient httpClient = new HttpClient();
GetMethod getMethod = new GetMethod(portalUrl);
try
{
conversation = new WebConversation();
-
+
int statusCode = httpClient.executeMethod(getMethod);
String response = getMethod.getResponseBodyAsString();
-
- Cookie[] cookies = httpClient.getState().getCookies();
+
+ Cookie[] cookies = httpClient.getState().getCookies();
for(int i=0;i<cookies.length;i++)
{
if(cookies[i].getName().equals("JSESSIONID"))
{
- conversation.setSessionId(cookies[i].getValue());
+ conversation.setSessionCookie(cookies[i]);
}
}
-
+
conversation.setClient(httpClient);
conversation.setStatusCode(statusCode);
conversation.setResponse(response);
@@ -434,91 +412,38 @@
getMethod.releaseConnection();
}
}
-
+
return conversation;
- }
+ }
- /**
- *
- * @param portalUrl
- * @return
- * @throws Exception
- */
- private WebConversation startConversation(String portalUrl, Cookie ssoCookie) throws
Exception
+ private void sendGet(String portalUrl,WebConversation conversation, boolean
followRedirects) throws Exception
{
- WebConversation conversation = null;
-
- HttpClient httpClient = new HttpClient();
+ HttpClient httpClient = conversation.getClient();
+
GetMethod getMethod = new GetMethod(portalUrl);
-
- //Set ssoCookie to be sent in
-
getMethod.setRequestHeader("Cookie",ssoCookie.getName()+"="+ssoCookie.getValue());
-
+ getMethod.setFollowRedirects(followRedirects);
try
{
- conversation = new WebConversation();
-
int statusCode = httpClient.executeMethod(getMethod);
+
String response = getMethod.getResponseBodyAsString();
-
- Cookie[] cookies = httpClient.getState().getCookies();
+
+ Cookie[] cookies = httpClient.getState().getCookies();
for(int i=0;i<cookies.length;i++)
{
if(cookies[i].getName().equals("JSESSIONID"))
{
- conversation.setSessionId(cookies[i].getValue());
+ conversation.setSessionCookie(cookies[i]);
}
- }
-
- conversation.setClient(httpClient);
- conversation.setStatusCode(statusCode);
- conversation.setResponse(response);
- }
- finally
- {
- if(getMethod != null)
- {
- getMethod.releaseConnection();
- }
- }
-
- return conversation;
- }
-
- /**
- *
- * @param portalUrl
- * @param conversation
- * @throws Exception
- */
- private void sendGet(String portalUrl,WebConversation conversation) throws Exception
- {
- HttpClient httpClient = conversation.getClient();
-
- GetMethod getMethod = new GetMethod(portalUrl);
- getMethod.setFollowRedirects(false);
- try
- {
- int statusCode = httpClient.executeMethod(getMethod);
-
- String response = getMethod.getResponseBodyAsString();
-
- Cookie[] cookies = httpClient.getState().getCookies();
- for(int i=0;i<cookies.length;i++)
- {
- if(cookies[i].getName().equals("JSESSIONID"))
- {
- conversation.setSessionId(cookies[i].getValue());
- }
if(cookies[i].getName().equals("JOSSO_SESSIONID"))
{
conversation.setSSOCookie(cookies[i]);
}
}
-
+
conversation.setStatusCode(statusCode);
conversation.setResponse(response);
-
+
if(statusCode == 302)
{
//Store the redirect location
@@ -535,21 +460,13 @@
}
}
-
- /**
- *
- * @param url
- * @param parameters
- * @param conversation
- * @throws Exception
- */
private void sendPost(String url,Map parameters,WebConversation conversation) throws
Exception
{
HttpClient httpClient = conversation.getClient();
-
+
PostMethod postMethod = new PostMethod(url);
-
- //Add post parameters
+
+ //Add post parameters
Set keySet = parameters.keySet();
NameValuePair[] postdata = new NameValuePair[keySet.size()];
int index = 0;
@@ -561,27 +478,27 @@
}
postMethod.setRequestBody(postdata);
try
- {
+ {
int statusCode = httpClient.executeMethod(postMethod);
-
+
String response = postMethod.getResponseBodyAsString();
-
- Cookie[] cookies = httpClient.getState().getCookies();
+
+ Cookie[] cookies = httpClient.getState().getCookies();
for(int i=0;i<cookies.length;i++)
{
if(cookies[i].getName().equals("JSESSIONID"))
{
- conversation.setSessionId(cookies[i].getValue());
+ conversation.setSessionCookie(cookies[i]);
}
if(cookies[i].getName().equals("JOSSO_SESSIONID"))
{
conversation.setSSOCookie(cookies[i]);
}
}
-
+
conversation.setStatusCode(statusCode);
conversation.setResponse(response);
-
+
if(statusCode == 302)
{
//Store the redirect location
@@ -598,74 +515,59 @@
}
}
- /**
- *
- * @param response
- * @return
- */
private boolean isUserLoggedIn(String response)
{
boolean isUserLoggedIn = false;
-
+
isUserLoggedIn = (response.indexOf(this.userLoggedInIndicator) != -1);
-
+
return isUserLoggedIn;
}
- /**
- *
- * @param response
- * @return
- */
private String extractLoggedInUser(String response)
{
String loggedInUser = null;
-
+
int startIndex = response.indexOf(this.userLoggedInIndicator) +
this.userLoggedInIndicator.length();
int endIndex = response.indexOf("<",startIndex);
-
+
loggedInUser = response.substring(startIndex,endIndex).trim();
-
+
return loggedInUser;
}
- /**
- *
- * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
- *
- */
private static class WebConversation
{
/**
- *
+ *
*/
- private HttpClient client = null;
- private String sessionId = null;
+ private HttpClient client = null;
private int statusCode = 0;
private String response = null;
private String redirectLocation = null;
private Cookie ssoCookie = null;
-
+ private Cookie sessionCookie = null;
+
/**
- *
*
+ *
*/
public WebConversation()
{
-
+
}
-
+
/**
- *
+ *
* @return
*/
public HttpClient getClient()
{
return this.client;
}
-
+
/**
- *
+ *
* @param client
*/
public void setClient(HttpClient client)
@@ -693,16 +595,6 @@
this.statusCode = statusCode;
}
- public String getSessionId()
- {
- return sessionId;
- }
-
- public void setSessionId(String sessionId)
- {
- this.sessionId = sessionId;
- }
-
public String getRedirectLocation()
{
return redirectLocation;
@@ -721,6 +613,21 @@
public void setSSOCookie(Cookie ssoCookie)
{
this.ssoCookie = ssoCookie;
- }
+ }
+
+ public String getSessionId()
+ {
+ return this.sessionCookie.getValue();
+ }
+
+ public void setSessionCookie(Cookie sessionCookie)
+ {
+ this.sessionCookie = sessionCookie;
+ }
+
+ public Cookie getSessionCookie()
+ {
+ return this.sessionCookie;
+ }
}
}