portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tay...@apache.org
Subject svn commit: r378171 - in /portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter: PortalFilter.java PortalRequestWrapper.java
Date Thu, 16 Feb 2006 05:48:39 GMT
Author: taylor
Date: Wed Feb 15 21:48:39 2006
New Revision: 378171

URL: http://svn.apache.org/viewcvs?rev=378171&view=rev
Log:
support for authentication via non-container managed authentication
i know i know, bring it on, but i needed something for WAS and this works
still need to iron out a few issues
* need to logout/login after changing PW
* security features are no longer enabled such 3 strikes and other login pipeline features


Added:
    portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalFilter.java
    portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalRequestWrapper.java

Added: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalFilter.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalFilter.java?rev=378171&view=auto
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalFilter.java
(added)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalFilter.java
Wed Feb 15 21:48:39 2006
@@ -0,0 +1,101 @@
+/*
+ * Copyright 2000-2004 The Apache Software Foundation.
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License. You may obtain a copy of
+ * the License at
+ * 
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.jetspeed.login.filter;
+
+import java.io.IOException;
+import java.security.Principal;
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.security.auth.Subject;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.jetspeed.Jetspeed;
+import org.apache.jetspeed.PortalReservedParameters;
+import org.apache.jetspeed.login.LoginConstants;
+import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.UserManager;
+import org.apache.jetspeed.security.UserPrincipal;
+import org.apache.jetspeed.security.impl.PrincipalsSet;
+import org.apache.jetspeed.security.impl.UserSubjectPrincipalImpl;
+
+public class PortalFilter implements Filter
+{
+    public void init(FilterConfig filterConfig) throws ServletException
+    {
+    }
+
+    public void doFilter(ServletRequest sRequest,
+            ServletResponse sResponse, FilterChain filterChain)
+            throws IOException, ServletException
+    {
+        if (sRequest instanceof HttpServletRequest)
+        {
+            HttpServletRequest request = (HttpServletRequest)sRequest;
+            System.out.println("...path..." + request.getPathInfo());
+            String username = request.getParameter(LoginConstants.USERNAME);
+            String password = request.getParameter(LoginConstants.PASSWORD);            
+            if (username != null)
+            {
+                UserManager userManager = (UserManager)Jetspeed.getComponentManager().getComponent("org.apache.jetspeed.security.UserManager");
+                boolean success = userManager.authenticate(username, password);
+                if (success)
+                {
+                    Set principals = new PrincipalsSet();
+                    Subject subject = new Subject(true, principals, new HashSet(), new HashSet());
+                    UserPrincipal userPrincipal = new UserSubjectPrincipalImpl(username,
subject);
+                    principals.add(userPrincipal);
+                    sRequest = wrapperRequest((HttpServletRequest)request, userPrincipal);
+                    request.getSession().removeAttribute(LoginConstants.ERRORCODE);
+                }
+                else
+                {
+                    request.getSession().setAttribute(LoginConstants.ERRORCODE, "2");   
                
+                }
+            }
+            else
+            {
+                Subject subject = (Subject)request.getSession().getAttribute(PortalReservedParameters.SESSION_KEY_SUBJECT);
+                if (subject != null)
+                {
+                    Principal principal = SecurityHelper.getPrincipal(subject, UserPrincipal.class);
+                    sRequest = wrapperRequest((HttpServletRequest)request, principal);
+                }                
+            }              
+        }
+
+        if (filterChain != null)
+        {
+            filterChain.doFilter(sRequest, sResponse);
+        }
+    }
+
+    private ServletRequest wrapperRequest(HttpServletRequest request, Principal principal)
+    {
+        PortalRequestWrapper wrapper = new PortalRequestWrapper(request, principal);
+        return wrapper;
+    }
+
+    public void destroy()
+    {
+    }
+}

Added: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalRequestWrapper.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalRequestWrapper.java?rev=378171&view=auto
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalRequestWrapper.java
(added)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalRequestWrapper.java
Wed Feb 15 21:48:39 2006
@@ -0,0 +1,43 @@
+/*
+ * Copyright 2000-2004 The Apache Software Foundation.
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License. You may obtain a copy of
+ * the License at
+ * 
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.jetspeed.login.filter;
+
+import java.security.Principal;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
+
+public class PortalRequestWrapper extends HttpServletRequestWrapper
+{
+    private Principal userPrincipal = null;
+
+    public PortalRequestWrapper(HttpServletRequest request,
+            Principal userPrincipal)
+    {
+        super(request);
+        this.userPrincipal = userPrincipal;
+    }
+
+    public void setUserPrincipal(Principal userPrincipal)
+    {
+        this.userPrincipal = userPrincipal;
+    }
+
+    public Principal getUserPrincipal()
+    {
+        return userPrincipal;
+    }
+}



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message