portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tay...@apache.org
Subject svn commit: r544250 - in /portals/jetspeed-2/trunk: applications/j2-admin/src/webapp/WEB-INF/view/statistics/ components/portal/src/java/org/apache/jetspeed/administration/ components/portal/src/java/org/apache/jetspeed/decoration/ components/portal/sr...
Date Mon, 04 Jun 2007 20:30:45 GMT
Author: taylor
Date: Mon Jun  4 13:30:43 2007
New Revision: 544250

URL: http://svn.apache.org/viewvc?view=rev&rev=544250
Log:
https://issues.apache.org/jira/browse/JS2-625
https://issues.apache.org/jira/browse/JS2-712 (still in progress)

Added:
    portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/administration/PortalAuthenticationConfigurationImpl.java
    portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/administration/PortalAuthenticationConfiguration.java
Modified:
    portals/jetspeed-2/trunk/applications/j2-admin/src/webapp/WEB-INF/view/statistics/statistics.vm
    portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/decoration/AbstractDecoratorActionsFactory.java
    portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/decoration/DecorationValve.java
    portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/decoration/DecoratorActionsFactory.java
    portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/LoginProxyServlet.java
    portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/LoginRedirectorServlet.java
    portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalFilter.java
    portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/security/impl/AbstractSecurityValve.java
    portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/security/impl/SecurityValveImpl.java
    portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/security/impl/ntlm/NtlmSecurityValve.java
    portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/administration.xml
    portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/jetspeed-services.xml
    portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/pipelines.xml

Modified: portals/jetspeed-2/trunk/applications/j2-admin/src/webapp/WEB-INF/view/statistics/statistics.vm
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/applications/j2-admin/src/webapp/WEB-INF/view/statistics/statistics.vm?view=diff&rev=544250&r1=544249&r2=544250
==============================================================================
--- portals/jetspeed-2/trunk/applications/j2-admin/src/webapp/WEB-INF/view/statistics/statistics.vm
(original)
+++ portals/jetspeed-2/trunk/applications/j2-admin/src/webapp/WEB-INF/view/statistics/statistics.vm
Mon Jun  4 13:30:43 2007
@@ -155,7 +155,7 @@
 		</TR>
 	#foreach ( $row in $results.statlist )
   		<tr>
-  			<td> $row.get("groupColumn") </td>
+  			<td> $!row.get("groupColumn") </td>
   			<td align="right" > $row.get("count") </td>
   			<td align="right" > $row.get("max") </td>
   			<td align="right" > $row.get("avg") </td>

Added: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/administration/PortalAuthenticationConfigurationImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/administration/PortalAuthenticationConfigurationImpl.java?view=auto&rev=544250
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/administration/PortalAuthenticationConfigurationImpl.java
(added)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/administration/PortalAuthenticationConfigurationImpl.java
Mon Jun  4 13:30:43 2007
@@ -0,0 +1,103 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.administration;
+
+import org.apache.jetspeed.administration.PortalAuthenticationConfiguration;
+
+/**
+ * PasswordCredentialValve
+ *
+ * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
+ * @version $Id: $
+ */
+public class PortalAuthenticationConfigurationImpl implements PortalAuthenticationConfiguration
+{
+    protected boolean createNewSessionOnLogin = false;
+    protected int maxSessionHardLimit = 0;
+    protected long msMaxSessionHardLimit = 1;
+    protected String timeoutRedirectLocation = "";
+    
+    /**
+     * Portal Authentication Configuration stored and accessed from this bean
+     * 
+     * @param createNewSessionOnLogin Should a new session be created upon logging on to
the system 
+     * @param maxSessionHardLimit The maximum session hard limit, ignores user activity,
set to zero to turn off this feature
+     * @param timeoutRedirectLocation Path to redirection upon logging out user on session
limit experiation, only used with maxSessionHardLimit
+     */
+    public PortalAuthenticationConfigurationImpl(boolean createNewSessionOnLogin, int maxSessionHardLimit,
String timeoutRedirectLocation)
+    {
+        this.createNewSessionOnLogin = createNewSessionOnLogin;
+        this.maxSessionHardLimit = maxSessionHardLimit;
+        this.timeoutRedirectLocation = timeoutRedirectLocation;
+        this.msMaxSessionHardLimit = this.maxSessionHardLimit * 1000;
+    }
+
+    public boolean isMaxSessionHardLimitEnabled()
+    {
+        return this.maxSessionHardLimit > 0;
+    }
+    
+    public int getMaxSessionHardLimit()
+    {
+        return maxSessionHardLimit;
+    }
+
+    
+    public void setMaxSessionHardLimit(int maxSessionHardLimit)
+    {
+        this.maxSessionHardLimit = maxSessionHardLimit;
+    }
+
+    
+    public long getMsMaxSessionHardLimit()
+    {
+        return msMaxSessionHardLimit;
+    }
+
+    
+    public void setMsMaxSessionHardLimit(long msMaxSessionHardLimit)
+    {
+        this.msMaxSessionHardLimit = msMaxSessionHardLimit;
+    }
+
+    
+    public String getTimeoutRedirectLocation()
+    {
+        return timeoutRedirectLocation;
+    }
+
+    
+    public void setTimeoutRedirectLocation(String timeoutRedirectLocation)
+    {
+        this.timeoutRedirectLocation = timeoutRedirectLocation;
+    }
+
+
+    
+    public boolean isCreateNewSessionOnLogin()
+    {
+        return createNewSessionOnLogin;
+    }
+
+
+    
+    public void setCreateNewSessionOnLogin(boolean createNewSessionOnLogin)
+    {
+        this.createNewSessionOnLogin = createNewSessionOnLogin;
+    }
+
+}

Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/decoration/AbstractDecoratorActionsFactory.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/decoration/AbstractDecoratorActionsFactory.java?view=diff&rev=544250&r1=544249&r2=544250
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/decoration/AbstractDecoratorActionsFactory.java
(original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/decoration/AbstractDecoratorActionsFactory.java
Mon Jun  4 13:30:43 2007
@@ -22,51 +22,114 @@
 
 import javax.portlet.PortletMode;
 import javax.portlet.WindowState;
-
+
+import org.apache.jetspeed.JetspeedActions;
 import org.apache.jetspeed.container.url.PortalURL;
-import org.apache.jetspeed.om.common.portlet.PortletApplication;
-import org.apache.jetspeed.request.RequestContext;
+import org.apache.jetspeed.om.common.portlet.PortletApplication;
+import org.apache.jetspeed.om.common.portlet.PortletDefinitionComposite;
+import org.apache.jetspeed.om.page.ContentFragment;
+import org.apache.jetspeed.request.RequestContext;
+import org.apache.jetspeed.security.SecurityAccessController;
 import org.apache.pluto.om.window.PortletWindow;
 
 public abstract class AbstractDecoratorActionsFactory implements DecoratorActionsFactory
-{
-    public List getDecoratorActions(RequestContext rc, PortletApplication pa, PortletWindow
pw, PortletMode pm,
-                    WindowState ws, Decoration decoration, List actionTemplates)
+{
+    public List getDecoratorActions(RequestContext rc, PortletApplication pa, PortletWindow
pw, PortletMode pm,
+                    WindowState ws, Decoration decoration, List actionTemplates,PortletDefinitionComposite
portlet, 
+                    ContentFragment fragment,SecurityAccessController accessController)
     {
-        DecoratorAction action;
+        DecoratorAction action;
+        boolean checkConstraints=false;        
         ArrayList actions = new ArrayList();
         
         Iterator iter = actionTemplates.iterator();
         while (iter.hasNext())
         {
-            action = createAction(rc, pw, decoration, (DecoratorActionTemplate)iter.next());
-            if ( action != null )
-            {
-                actions.add(action);
-            }
+            checkConstraints = false;
+            DecoratorActionTemplate template = (DecoratorActionTemplate)iter.next();
+            //checking the constraints only on EDIT and HELP Action, as VIEW will taken care
with portlet view.
+            if (template.getAction().equals(JetspeedActions.EDIT) || template.getAction().equals(JetspeedActions.HELP))

+                checkConstraints = true; 
+            if (checkConstraints && checkSecurityConstraint(portlet,fragment,accessController,template.getAction()))
+            {
+                action = createAction(rc, pw, decoration,template );
+                if ( action != null)
+                {
+                    actions.add(action);
+                }
+            }
+            else if (!checkConstraints)
+            {
+                action = createAction(rc, pw, decoration,template );
+                if ( action != null)
+                {
+                    actions.add(action);
+                }
+            }            
         }
         return actions;
     }
-
-    protected DecoratorAction createAction(RequestContext rc, PortletWindow pw, Decoration
decoration,
-                    DecoratorActionTemplate template)
-    {
-        String actionName = template.getAction();
-
-        PortalURL portalURL = rc.getPortalURL();
-        Boolean isAjaxRequest = (Boolean)rc.getAttribute(DecorationValve.IS_AJAX_DECORATION_REQUEST);
-        
-        String actionURL = rc.getResponse().encodeURL( (isAjaxRequest == null) 
-            ? portalURL.createPortletURL(pw, template.getCustomMode(), template.getCustomState(),
-                        portalURL.isSecure()).toString()
-            :  portalURL.createNavigationalEncoding(pw, template.getCustomMode(), template.getCustomState())
);
-
-        String linkURL = decoration.getResource("images/" + actionName + ".gif");
-
-        boolean customAction = (template.getMode() != null && !template.getMode().equals(template.getCustomMode()))
-                        || (template.getState() != null && !template.getState().equals(template.getCustomState()));
-
-        return new DecoratorAction( actionName, rc.getLocale(), linkURL, actionURL, customAction,
template.getActionType() );
-    }
-        
+    
+    public List getDecoratorActions(RequestContext rc, PortletApplication pa, PortletWindow
pw, PortletMode pm,
+             WindowState ws, Decoration decoration, List actionTemplates)
+    {
+        DecoratorAction action;
+        ArrayList actions = new ArrayList();
+        Iterator iter = actionTemplates.iterator();
+        while (iter.hasNext())
+        {
+            action = createAction(rc, pw, decoration,(DecoratorActionTemplate)iter.next()
);
+            if ( action != null)
+            {
+                actions.add(action);
+            }
+        }
+        return actions;
+    }        
+
+    protected DecoratorAction createAction(RequestContext rc, PortletWindow pw, Decoration
decoration,
+            DecoratorActionTemplate template)
+    {
+        String actionName = template.getAction();
+
+        PortalURL portalURL = rc.getPortalURL();
+        Boolean isAjaxRequest = (Boolean) rc
+                .getAttribute(DecorationValve.IS_AJAX_DECORATION_REQUEST);
+
+        String actionURL = rc.getResponse().encodeURL(
+                (isAjaxRequest == null) ? portalURL.createPortletURL(pw,
+                        template.getCustomMode(), template.getCustomState(),
+                        portalURL.isSecure()).toString() : portalURL
+                        .createNavigationalEncoding(pw, template
+                                .getCustomMode(), template.getCustomState()));
+
+        String linkURL = decoration
+                .getResource("images/" + actionName + ".gif");
+
+        boolean customAction = (template.getMode() != null && !template
+                .getMode().equals(template.getCustomMode()))
+                || (template.getState() != null && !template.getState().equals(
+                        template.getCustomState()));
+
+        return new DecoratorAction(actionName, rc.getLocale(), linkURL,
+                actionURL, customAction, template.getActionType());
+    }
+    
+    //added for checkin the constraints on actions
+    protected boolean checkSecurityConstraint(
+            PortletDefinitionComposite portlet, ContentFragment fragment,
+            SecurityAccessController accessController, String action)
+    {
+        if (fragment.getType().equals(ContentFragment.PORTLET))
+        {
+            if (accessController != null) 
+            { 
+                return accessController
+                    .checkPortletAccess(portlet, JetspeedActions
+                            .getContainerActionMask(action)); 
+            }
+        }
+        return true;
+    }    
+    
 }

Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/decoration/DecorationValve.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/decoration/DecorationValve.java?view=diff&rev=544250&r1=544249&r2=544250
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/decoration/DecorationValve.java
(original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/decoration/DecorationValve.java
Mon Jun  4 13:30:43 2007
@@ -42,6 +42,7 @@
 import org.apache.jetspeed.pipeline.valve.Valve;
 import org.apache.jetspeed.pipeline.valve.ValveContext;
 import org.apache.jetspeed.request.RequestContext;
+import org.apache.jetspeed.security.SecurityAccessController;
 import org.apache.pluto.om.portlet.ContentTypeSet;
 import org.apache.pluto.om.window.PortletWindow;
 
@@ -57,6 +58,7 @@
  * @see org.apache.jetspeed.decoration.Theme
  * 
  * @author <href a="mailto:weaver@apache.org">Scott T. Weaver</a>
+ * @author <href a="mailto:firevelocity@gmail.com">Vivek Kumar</a>
  *
  */
 public class DecorationValve extends AbstractValve implements Valve
@@ -74,11 +76,18 @@
     
     private DecoratorActionsFactory defaultDecoratorActionsFactory;
 
-    public DecorationValve(DecorationFactory decorationFactory, PortletWindowAccessor windowAccessor)
-    {
+     /**
+      * For security constraint checks
+      */
+     protected SecurityAccessController accessController;
+     
+     public DecorationValve(DecorationFactory decorationFactory, PortletWindowAccessor windowAccessor,SecurityAccessController
accessController)
+     {    
         this.decorationFactory = decorationFactory;
         this.windowAccessor = windowAccessor;
         this.defaultDecoratorActionsFactory = new DefaultDecoratorActionsFactory();
+        //added the accessController in portlet decorater for checking the actions
+        this.accessController = accessController;        
     }
     
 
@@ -287,7 +296,7 @@
                     }
                 }
             }
-            actions = actionsAdapter.getDecoratorActions(requestContext, pa, window, currentMode,
currentState, decoration, actionTemplates);
+            actions = actionsAdapter.getDecoratorActions(requestContext, pa, window, currentMode,
currentState, decoration, actionTemplates,portlet,fragment,accessController);            
             
             decoration.setCurrentModeAction( currentModeAction );
             decoration.setCurrentStateAction( currentStateAction );

Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/decoration/DecoratorActionsFactory.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/decoration/DecoratorActionsFactory.java?view=diff&rev=544250&r1=544249&r2=544250
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/decoration/DecoratorActionsFactory.java
(original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/decoration/DecoratorActionsFactory.java
Mon Jun  4 13:30:43 2007
@@ -22,7 +22,10 @@
 import javax.portlet.WindowState;
 
 import org.apache.jetspeed.om.common.portlet.PortletApplication;
+import org.apache.jetspeed.om.common.portlet.PortletDefinitionComposite;
+import org.apache.jetspeed.om.page.ContentFragment;
 import org.apache.jetspeed.request.RequestContext;
+import org.apache.jetspeed.security.SecurityAccessController;
 import org.apache.pluto.om.window.PortletWindow;
 
 public interface DecoratorActionsFactory
@@ -31,5 +34,5 @@
                     WindowState ws, Decoration decoration);
 
     List getDecoratorActions(RequestContext rc, PortletApplication pa, PortletWindow pw,
PortletMode pm,
-                    WindowState ws, Decoration decoration, List allowedActions);
+                        WindowState ws, Decoration decoration, List allowedActions, PortletDefinitionComposite
portlet, ContentFragment fragment, SecurityAccessController accessController);
 }

Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/LoginProxyServlet.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/LoginProxyServlet.java?view=diff&rev=544250&r1=544249&r2=544250
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/LoginProxyServlet.java
(original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/LoginProxyServlet.java
Mon Jun  4 13:30:43 2007
@@ -24,7 +24,9 @@
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 
+import org.apache.jetspeed.Jetspeed;
 import org.apache.jetspeed.PortalReservedParameters;
+import org.apache.jetspeed.administration.PortalAuthenticationConfiguration;
 
 /**
  * LoginProxyServlet
@@ -41,6 +43,13 @@
         String parameter;
 
         request.setCharacterEncoding( "UTF-8" );
+        
+        PortalAuthenticationConfiguration authenticationConfiguration = (PortalAuthenticationConfiguration)
+        Jetspeed.getComponentManager().getComponent("org.apache.jetspeed.administration.PortalAuthenticationConfiguration");
  
+        if (authenticationConfiguration.isCreateNewSessionOnLogin())
+        {
+            request.getSession().invalidate();
+        }        
         
         HttpSession session = request.getSession(true);
 

Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/LoginRedirectorServlet.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/LoginRedirectorServlet.java?view=diff&rev=544250&r1=544249&r2=544250
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/LoginRedirectorServlet.java
(original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/LoginRedirectorServlet.java
Mon Jun  4 13:30:43 2007
@@ -24,7 +24,9 @@
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 
+import org.apache.jetspeed.Jetspeed;
 import org.apache.jetspeed.PortalReservedParameters;
+import org.apache.jetspeed.administration.PortalAuthenticationConfiguration;
 
 /**
  * LoginRedirectorServlet
@@ -50,6 +52,14 @@
         session.removeAttribute(LoginConstants.PASSWORD);
         session.removeAttribute(LoginConstants.RETRYCOUNT);
         session.removeAttribute(PortalReservedParameters.PREFERED_LOCALE_ATTRIBUTE);
+        
+//        PortalAuthenticationConfiguration authenticationConfiguration = (PortalAuthenticationConfiguration)
+//        Jetspeed.getComponentManager().getComponent("org.apache.jetspeed.administration.PortalAuthenticationConfiguration");
  
+//        if (authenticationConfiguration.isCreateNewSessionOnLogin())
+//        {
+//            request.getSession().invalidate();
+//        }        
+        
         response.sendRedirect(response.encodeURL(destination));
     }
 

Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalFilter.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalFilter.java?view=diff&rev=544250&r1=544249&r2=544250
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalFilter.java
(original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalFilter.java
Mon Jun  4 13:30:43 2007
@@ -33,6 +33,7 @@
 
 import org.apache.jetspeed.Jetspeed;
 import org.apache.jetspeed.PortalReservedParameters;
+import org.apache.jetspeed.administration.PortalAuthenticationConfiguration;
 import org.apache.jetspeed.login.LoginConstants;
 import org.apache.jetspeed.security.SecurityHelper;
 import org.apache.jetspeed.security.UserManager;
@@ -57,10 +58,16 @@
             String password = request.getParameter(LoginConstants.PASSWORD);            
             if (username != null)
             {
-                UserManager userManager = (UserManager)Jetspeed.getComponentManager().getComponent("org.apache.jetspeed.security.UserManager");
+                UserManager userManager = (UserManager)Jetspeed.getComponentManager().getComponent("org.apache.jetspeed.security.UserManager");
               
                 boolean success = userManager.authenticate(username, password);
                 if (success)
                 {
+                    PortalAuthenticationConfiguration authenticationConfiguration = (PortalAuthenticationConfiguration)
+                        Jetspeed.getComponentManager().getComponent("org.apache.jetspeed.administration.PortalAuthenticationConfiguration");
  
+                    if (authenticationConfiguration.isCreateNewSessionOnLogin())
+                    {
+                        request.getSession().invalidate();
+                    }
                     Set principals = new PrincipalsSet();
                     Subject subject = new Subject(true, principals, new HashSet(), new HashSet());
                     UserPrincipal userPrincipal = new UserSubjectPrincipalImpl(username,
subject);

Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/security/impl/AbstractSecurityValve.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/security/impl/AbstractSecurityValve.java?view=diff&rev=544250&r1=544249&r2=544250
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/security/impl/AbstractSecurityValve.java
(original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/security/impl/AbstractSecurityValve.java
Mon Jun  4 13:30:43 2007
@@ -30,6 +30,7 @@
 import javax.servlet.http.HttpSession;
 
 import org.apache.jetspeed.PortalReservedParameters;
+import org.apache.jetspeed.administration.PortalAuthenticationConfiguration;
 import org.apache.jetspeed.pipeline.PipelineException;
 import org.apache.jetspeed.pipeline.valve.AbstractValve;
 import org.apache.jetspeed.pipeline.valve.SecurityValve;
@@ -50,9 +51,7 @@
  */
 public abstract class AbstractSecurityValve extends AbstractValve implements SecurityValve
 {
-    protected int maxSessionHardLimit = 0;
-    protected long msMaxSessionHardLimit = 1;
-    protected String timeoutRedirectLocation = "";
+    protected PortalAuthenticationConfiguration authenticationConfiguration = null;
     
     /**
      * 
@@ -167,15 +166,15 @@
      */
     protected boolean isSessionExpired(RequestContext request) throws PipelineException 
  
     {
-        if (maxSessionHardLimit > 0)
+        if (authenticationConfiguration != null && authenticationConfiguration.isMaxSessionHardLimitEnabled())
         {
             HttpSession session = request.getRequest().getSession();
             long sessionCreationTime = session.getCreationTime();
             long currentTime = System.currentTimeMillis();
-            if ((currentTime - sessionCreationTime) > msMaxSessionHardLimit)
+            if ((currentTime - sessionCreationTime) > authenticationConfiguration.getMsMaxSessionHardLimit())
             {
                 session.invalidate();
-                String redirector = request.getRequest().getContextPath() + timeoutRedirectLocation;
+                String redirector = request.getRequest().getContextPath() + authenticationConfiguration.getTimeoutRedirectLocation();
                 // System.out.println("logging user out " + redirector + ", " + (currentTime
- sessionCreationTime) + ", " + this.msMaxSessionHardLimit);
                 try
                 {

Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/security/impl/SecurityValveImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/security/impl/SecurityValveImpl.java?view=diff&rev=544250&r1=544249&r2=544250
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/security/impl/SecurityValveImpl.java
(original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/security/impl/SecurityValveImpl.java
Mon Jun  4 13:30:43 2007
@@ -16,15 +16,13 @@
  */
 package org.apache.jetspeed.security.impl;
 
-import java.io.IOException;
 import java.security.Principal;
 import java.util.HashSet;
 import java.util.Set;
 
 import javax.security.auth.Subject;
-import javax.servlet.http.HttpSession;
 
-import org.apache.jetspeed.pipeline.PipelineException;
+import org.apache.jetspeed.administration.PortalAuthenticationConfiguration;
 import org.apache.jetspeed.pipeline.valve.SecurityValve;
 import org.apache.jetspeed.profiler.Profiler;
 import org.apache.jetspeed.request.RequestContext;
@@ -48,13 +46,12 @@
     private UserManager userMgr;
     private PortalStatistics statistics;
 
-    public SecurityValveImpl(Profiler profiler, UserManager userMgr, PortalStatistics statistics,
int maxSessionHardLimit, String timeoutRedirectLocation)
+    public SecurityValveImpl(Profiler profiler, UserManager userMgr, PortalStatistics statistics,

+                            PortalAuthenticationConfiguration authenticationConfiguration)
     {
         this.userMgr = userMgr;
         this.statistics = statistics;
-        this.maxSessionHardLimit = maxSessionHardLimit;
-        this.msMaxSessionHardLimit = this.maxSessionHardLimit * 1000;
-        this.timeoutRedirectLocation = timeoutRedirectLocation;
+        this.authenticationConfiguration = authenticationConfiguration;
     }
     
     public SecurityValveImpl( Profiler profiler, UserManager userMgr, PortalStatistics statistics
)

Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/security/impl/ntlm/NtlmSecurityValve.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/security/impl/ntlm/NtlmSecurityValve.java?view=diff&rev=544250&r1=544249&r2=544250
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/security/impl/ntlm/NtlmSecurityValve.java
(original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/security/impl/ntlm/NtlmSecurityValve.java
Mon Jun  4 13:30:43 2007
@@ -23,6 +23,7 @@
 import javax.security.auth.Subject;
 
 import org.apache.commons.lang.StringUtils;
+import org.apache.jetspeed.administration.PortalAuthenticationConfiguration;
 import org.apache.jetspeed.pipeline.PipelineException;
 import org.apache.jetspeed.request.RequestContext;
 import org.apache.jetspeed.security.SecurityException;
@@ -83,20 +84,19 @@
      * 
      */
     public NtlmSecurityValve(UserManager userMgr, String networkDomain, boolean omitDomain,
boolean ntlmAuthRequired, 
-            PortalStatistics statistics, int maxSessionHardLimit, String timeoutRedirectLocation)

+            PortalStatistics statistics, PortalAuthenticationConfiguration authenticationConfiguration)

     {
         this.userMgr = userMgr;
         this.statistics = statistics;
         this.networkDomain = networkDomain;
         this.ntlmAuthRequired = ntlmAuthRequired;
         this.omitDomain = omitDomain;
-        this.maxSessionHardLimit = maxSessionHardLimit;
-        this.timeoutRedirectLocation = timeoutRedirectLocation;
+        this.authenticationConfiguration = authenticationConfiguration;
     }
 
     public NtlmSecurityValve(UserManager userMgr, String networkDomain, boolean omitDomain,
boolean ntlmAuthRequired, PortalStatistics statistics)
     {
-        this(userMgr, networkDomain, omitDomain, ntlmAuthRequired, statistics, 0, "");  
     
+        this(userMgr, networkDomain, omitDomain, ntlmAuthRequired, statistics, null);   
    
     }
     
     public NtlmSecurityValve(UserManager userMgr, String networkDomain, boolean omitDomain,
boolean ntlmAuthRequired)

Added: portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/administration/PortalAuthenticationConfiguration.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/administration/PortalAuthenticationConfiguration.java?view=auto&rev=544250
==============================================================================
--- portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/administration/PortalAuthenticationConfiguration.java
(added)
+++ portals/jetspeed-2/trunk/jetspeed-api/src/java/org/apache/jetspeed/administration/PortalAuthenticationConfiguration.java
Mon Jun  4 13:30:43 2007
@@ -0,0 +1,73 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.administration;
+
+
+/**
+ * PortalAdministration
+ * 
+ * 
+ * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
+ * @since 2.1.1
+ * @version $Id: $
+ */
+public interface PortalAuthenticationConfiguration
+{   
+    /**
+     * Is the session hard limit expiration feature enabled
+     * @return
+     */
+    public boolean isMaxSessionHardLimitEnabled();
+    
+    /**
+     * hard session timeout limit in seconds, regardless of (in)activity
+     * 
+     * @return
+     */
+    public int getMaxSessionHardLimit();
+    
+    
+    /**
+     * Get the session hard limit in milliseconds
+     * 
+     * @return session hard limit in milliseconds
+     */
+    public long getMsMaxSessionHardLimit();
+    
+    /**
+     * redirect location for hard session expiration, must be used with Max Session Hard
Limit turned on
+     * 
+     * @return
+     */
+    public String getTimeoutRedirectLocation();
+
+    /**
+     * redirect location for hard session expiration, must be used with Max Session Hard
Limit turned on
+     *  
+     * @param timeoutRedirectLocation
+     */
+    public void setTimeoutRedirectLocation(String timeoutRedirectLocation);
+
+    /**
+     * Should we create new session upon authentication
+     * 
+     * @return
+     */
+    public boolean isCreateNewSessionOnLogin();
+   
+}
+

Modified: portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/administration.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/administration.xml?view=diff&rev=544250&r1=544249&r2=544250
==============================================================================
--- portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/administration.xml (original)
+++ portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/administration.xml Mon Jun  4 13:30:43
2007
@@ -100,5 +100,24 @@
             <value>2</value>
         </constructor-arg>
 </bean>
+    
+<bean id='org.apache.jetspeed.administration.PortalAuthenticationConfiguration'
+	class='org.apache.jetspeed.administration.PortalAuthenticationConfigurationImpl'>
+
+   <!--  create new session upon authentication -->   
+   <constructor-arg index='0'>
+   		<value>false</value>
+   </constructor-arg>	
+   <!--  hard session timeout limit in seconds, regardless of (in)activity, setting to
0 turns off this feature 
+   		 note:this feature should be used with 'create new session upon authentication' feature

+   -->   
+   <constructor-arg index='1'>
+   		<value>0</value>
+   </constructor-arg>
+   <!--  redirect location for hard session expiration -->   
+   <constructor-arg index='2'>
+   		<value>/login/logout</value>
+   </constructor-arg>
+</bean>    
     
 </beans>

Modified: portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/jetspeed-services.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/jetspeed-services.xml?view=diff&rev=544250&r1=544249&r2=544250
==============================================================================
--- portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/jetspeed-services.xml (original)
+++ portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/jetspeed-services.xml Mon Jun  4
13:30:43 2007
@@ -108,6 +108,9 @@
           <entry key="PortletTrackingManager">
             <ref bean="org.apache.jetspeed.aggregator.PortletTrackingManager"/>
           </entry>
+          <entry key ="PortalAuthenticationConfiguration">
+          	<ref bean="org.apache.jetspeed.administration.PortalAuthenticationConfiguration"/>
+          </entry>
           
 <!-- first uncomment the below service bean in security-spi-atn.xml
          <entry key="PasswordEncodingService">

Modified: portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/pipelines.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/pipelines.xml?view=diff&rev=544250&r1=544249&r2=544250
==============================================================================
--- portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/pipelines.xml (original)
+++ portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/pipelines.xml Mon Jun  4 13:30:43
2007
@@ -57,13 +57,8 @@
    <constructor-arg index='2'>
        <ref bean="PortalStatistics" />
    </constructor-arg>
-   <!--  hard session timeout limit in seconds, regardless of (in)activity, setting to
0 turns off this feature -->   
    <constructor-arg index='3'>
-   		<value>0</value>
-   </constructor-arg>
-   <!--  redirect location for hard session expiration -->   
-   <constructor-arg index='4'>
-   		<value>/login/logout</value>
+       <ref bean="org.apache.jetspeed.administration.PortalAuthenticationConfiguration"
/>
    </constructor-arg>
   </bean> 
   
@@ -261,6 +256,9 @@
 		<constructor-arg>			
 			 <ref bean="PortletWindowAccessor" />
 		</constructor-arg>
+		<constructor-arg>
+			<ref bean="org.apache.jetspeed.security.SecurityAccessController" />
+		</constructor-arg>
   </bean>
 
   <bean id="loginViewValve"
@@ -538,6 +536,5 @@
   <bean id="debugValve"
         class="org.apache.jetspeed.pipeline.valve.impl.DebugValveImpl"
   /> 
-
           
 </beans>



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message