portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From d...@apache.org
Subject svn commit: r734954 [2/4] - in /portals/jetspeed-2/portal/trunk: ./ applications/jetspeed-demo/ applications/jetspeed-dependencies/ components/ components/jetspeed-db-tools/ components/jetspeed-portal/ components/jetspeed-security/src/main/java/org/apa...
Date Fri, 16 Jan 2009 10:07:34 GMT
Modified: portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/impl/SSOSiteImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/impl/SSOSiteImpl.java?rev=734954&r1=734953&r2=734954&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/impl/SSOSiteImpl.java (original)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/impl/SSOSiteImpl.java Fri Jan 16 02:07:13 2009
@@ -1,306 +1,250 @@
 /*
-* Licensed to the Apache Software Foundation (ASF) under one or more
-* contributor license agreements.  See the NOTICE file distributed with
-* this work for additional information regarding copyright ownership.
-* The ASF licenses this file to You under the Apache License, Version 2.0
-* (the "License"); you may not use this file except in compliance with
-* the License.  You may obtain a copy of the License at
-* 
-*      http://www.apache.org/licenses/LICENSE-2.0
-* 
-* Unless required by applicable law or agreed to in writing, software
-* distributed under the License is distributed on an "AS IS" BASIS,
-* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-* See the License for the specific language governing permissions and
-* limitations under the License.
-*/
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 
 package org.apache.jetspeed.sso.impl;
 
-import java.util.Collection;
-import java.util.Iterator;
-import java.util.Vector;
-
-import org.apache.jetspeed.sso.SSOException;
 import org.apache.jetspeed.sso.SSOSite;
-import org.apache.jetspeed.sso.SSOPrincipal;
 
 /**
-* SSOSiteImpl
-* 	Class holding information about the Site and credentials for Single Sign on SSO.
-*	OJB will map the database entries into this class
-*
-* @author <a href="mailto:rogerrut@apache.org">Roger Ruttimann</a>
-* @version $Id$
-*/
-
-public class SSOSiteImpl implements SSOSite {
-	
-	// Private member for OJB mapping
-	private int		siteId;
-	private String	name;
-	private String	siteURL;
-	private boolean	isAllowUserSet;
-	private boolean isCertificateRequired;
-	
-	private boolean	isChallangeResponseAuthentication;
-	
-	/* Realm used to do ChallengeResponse Authentication */
-	private String	realm;
-	
-	private boolean	isFormAuthentication;
-	
-	/* Names of fields for User and Password values. The names are up to the
-	 * application developer and therefore it must be configurable for SSO*/
-	private String	formUserField;
-	private String	formPwdField;
-	
-	private Collection	principals = new Vector();
-	private Collection	remotePrincipals = new Vector();
-	
-	/**
+ * SSOSiteImpl Class holding information about the Site and credentials for
+ * Single Sign on SSO. OJB will map the database entries into this class
+ * 
+ * @author <a href="mailto:rogerrut@apache.org">Roger Ruttimann</a>
+ * @author <a href="mailto:ddam@apache.org">Dennis Dam</a>
+ * @version $Id$
+ */
+
+public class SSOSiteImpl implements SSOSite
+{
+
+    // Private member for OJB mapping
+    private int id;
+
+    private String name;
+
+    private String url;
+
+    private boolean isAllowUserSet;
+
+    private boolean isCertificateRequired;
+
+    private boolean challengeResponseAuthentication;
+
+    /* Realm used to do ChallengeResponse Authentication */
+    private String realm;
+
+    private boolean isFormAuthentication;
+
+    /*
+     * Names of fields for User and Password values. The names are up to the
+     * application developer and therefore it must be configurable for SSO
+     */
+    private String formUserField;
+
+    private String formPwdField;
+
+    private Long securityDomainId;
+
+    /**
 	 * 
 	 */
-	public SSOSiteImpl() {
-		super();
-		
-	}
+    public SSOSiteImpl()
+    {
+        super();
 
-	/*
-	 * Setters and getters for member variables
-	 */
-	
-	/**
-	 * @return Returns the isAllowUserSet.
-	 */
-	public boolean isAllowUserSet() {
-		return isAllowUserSet;
-	}
-	/**
-	 * @param isAllowUserSet The isAllowUserSet to set.
-	 */
-	public void setAllowUserSet(boolean isAllowUserSet) {
-		this.isAllowUserSet = isAllowUserSet;
-	}
-	/**
-	 * @return Returns the isCertificateRequired.
-	 */
-	public boolean isCertificateRequired() {
-		return isCertificateRequired;
-	}
-	/**
-	 * @param isCertificateRequired The isCertificateRequired to set.
-	 */
-	public void setCertificateRequired(boolean isCertificateRequired) {
-		this.isCertificateRequired = isCertificateRequired;
-	}
-	/**
-	 * @return Returns the name.
-	 */
-	public String getName() {
-		return name;
-	}
-	/**
-	 * @param name The name to set.
-	 */
-	public void setName(String name) {
-		this.name = name;
-	}
-	/**
-	 * @return Returns the principals.
-	 */
-	public Collection getPrincipals() {
-		return this.principals;
-	}
-	/**
-	 * @param principals The principals to set.
-	 */
-	public void setPrincipals(Collection principals) {
-		this.principals.addAll(principals);
-	}
-	/**
-	 * @return Returns the siteId.
-	 */
-	public int getSiteId() {
-		return siteId;
-	}
-	/**
-	 * @param siteId The siteId to set.
-	 */
-	public void setSiteId(int siteId) {
-		this.siteId = siteId;
-	}
-	/**
-	 * @return Returns the siteURL.
-	 */
-	public String getSiteURL() {
-		return siteURL;
-	}
-	/**
-	 * @param siteURL The siteURL to set.
-	 */
-	public void setSiteURL(String siteURL) {
-		this.siteURL = siteURL;
-	}
-	
-	/**
-	 * Utility functions
-	 * addCredential()
-	 * Adds the credentail to the credentials collection
-	 *
-	 */
-	
-	
-	
-		/**
-		 * addPrincipal
-		 * Adds the SSOPrincipal to the principals collection
-		 *
-		 */
-		public void addPrincipal(SSOPrincipal principal) throws SSOException {
-			boolean bStatus = false;
-			
-			try
-			{
-				bStatus = principals.add(principal);
-			}
-			catch(Exception e)
-			{
-				// Adding credentail to coollection failed -- notify caller with SSOException
-				throw new SSOException(SSOException.FAILED_ADDING_PRINCIPAL_TO_MAPPING_TABLE_FOR_SITE + e.getMessage()); 
-			}
-			
-			if ( bStatus == false)
-				throw new SSOException(SSOException.FAILED_ADDING_PRINCIPAL_TO_MAPPING_TABLE_FOR_SITE ); 	
-		}
-		
-		/**
-		* removePrincipal()
-		 * removes a principal from the principals collection
-		 *
-		 */
-		public void removePrincipal(long principalId) throws SSOException
-		{
-			boolean bStatus = false;
-			SSOPrincipal principalObj = null;
-			Iterator itSitePrincipals = principals.iterator();
-			
-			while (itSitePrincipals.hasNext() )
-			{
-				principalObj = (SSOPrincipal)itSitePrincipals.next();
-				if ( principalObj.getPrincipalId() == principalId)
-				{
-				
-					try
-					{
-						bStatus = principals.remove(principalObj);
-					}
-					catch(Exception e)
-					{
-						// Adding credentail to coollection failed -- notify caller with SSOException
-						throw new SSOException(SSOException.FAILED_REMOVING_PRINCIPAL_FROM_MAPPING_TABLE_FOR_SITE + e.getMessage()); 
-					}
-					
-					if ( bStatus == false)
-						throw new SSOException(SSOException.FAILED_REMOVING_PRINCIPAL_FROM_MAPPING_TABLE_FOR_SITE ); 
-				}
-					
-			}
-		}
-    /**
-     * @return Returns the remotePrincipals.
+    }
+    
+    public SSOSiteImpl(String name, String url)
+    {
+        this();
+        this.name=name;
+        this.url=url;
+    }
+    
+    /**
+     * @return Returns the isAllowUserSet.
+     */
+    public boolean isAllowUserSet()
+    {
+        return isAllowUserSet;
+    }
+
+    /**
+     * @param isAllowUserSet
+     *            The isAllowUserSet to set.
      */
-    public Collection getRemotePrincipals() {
-        return remotePrincipals;
+    public void setAllowUserSet(boolean isAllowUserSet)
+    {
+        this.isAllowUserSet = isAllowUserSet;
     }
+
     /**
-     * @param remotePrincipals The remotePrincipals to set.
+     * @return Returns the isCertificateRequired.
      */
-    public void setRemotePrincipals(Collection remotePrincipals) {
-        this.remotePrincipals = remotePrincipals;
+    public boolean isCertificateRequired()
+    {
+        return isCertificateRequired;
     }
-    
+
+    /**
+     * @param isCertificateRequired
+     *            The isCertificateRequired to set.
+     */
+    public void setCertificateRequired(boolean isCertificateRequired)
+    {
+        this.isCertificateRequired = isCertificateRequired;
+    }
+
+    /**
+     * @return Returns the name.
+     */
+    public String getName()
+    {
+        return name;
+    }
+
+    /**
+     * @param name
+     *            The name to set.
+     */
+    public void setName(String name)
+    {
+        this.name = name;
+    }
+
     /**
-     * Define the Authentication methods. 
-     * Supported are: Challenge Response and From based
+     * @return Returns the siteId.
+     */
+    public int getId()
+    {
+        return id;
+    }
+
+    /**
+     * @return sets the id of the site
+     */
+    public void setId(int id)
+    {
+        this.id = id;
+    }
+
+    /**
+     * @return Returns the siteURL.
+     */
+    public String getURL()
+    {
+        return url;
+    }
+
+    /**
+     * @param siteURL
+     *            The siteURL to set.
+     */
+    public void setURL(String url)
+    {
+        this.url = url;
+    }
+
+    /**
+     * Define the Authentication methods. Supported are: Challenge Response and
+     * From based
      */
     /**
-     * Form authentication requires two fields that hold the credential 
+     * Form authentication requires two fields that hold the credential
      * information for the request.
      */
     public void setFormAuthentication(String formUserField, String formPwdField)
     {
-    	// Set the fields for Form Authentication and clear other authentication methods
-    	
+        // Set the fields for Form Authentication and clear other authentication
+        // methods
+
+    }
+   
+    public String getFormPwdField()
+    {
+        return formPwdField;
+    }
+
+    public void setFormPwdField(String formPwdField)
+    {
+        this.formPwdField = formPwdField;
+    }
+
+    public String getFormUserField()
+    {
+        return formUserField;
+    }
+
+    public void setFormUserField(String formUserField)
+    {
+        this.formUserField = formUserField;
     }
+
+    public boolean isFormAuthentication()
+    {
+        return isFormAuthentication;
+    }
+
+    public void setFormAuthentication(boolean isFormAuthentication)
+    {
+        this.isFormAuthentication = isFormAuthentication;
+    }
+
+    public void configFormAuthentication(String formUserField,
+            String formPwdField)
+    {
+        this.isFormAuthentication = true;
+        this.setChallengeResponseAuthentication(false);
+
+        this.formPwdField = formPwdField;
+        this.formUserField = formUserField;
+    }
+
+    public void setRealm(String realm)
+    {
+        this.realm = realm;
+    }
+
+    public String getRealm()
+    {
+        return this.realm;
+    }
+
+    public Long getSecurityDomainId()
+    {
+        return securityDomainId;
+    }
+
+    public void setSecurityDomainId(Long securityDomainId)
+    {
+        this.securityDomainId = securityDomainId;
+    }
+
     
-    /*
-     * Uses Challenge Response mechanism for authentication
-     */
-    public void setChallengeResponseAuthentication()
+    public boolean isChallengeResponseAuthentication()
     {
-    	// Set the fields for ChallengeResponse and clear other authentication methods
-    	
+        return challengeResponseAuthentication;
+    }
+
+    
+    public void setChallengeResponseAuthentication(
+            boolean challengeResponseAuthentication)
+    {
+        this.challengeResponseAuthentication = challengeResponseAuthentication;
     }
 
-    /* Setters/Getters for Authentication settings */
-	public String getFormPwdField() {
-		return formPwdField;
-	}
-
-	public void setFormPwdField(String formPwdField) {
-		this.formPwdField = formPwdField;
-	}
-
-	public String getFormUserField() {
-		return formUserField;
-	}
-
-	public void setFormUserField(String formUserField) {
-		this.formUserField = formUserField;
-	}
-
-	public boolean isChallangeResponseAuthentication() {
-		return isChallangeResponseAuthentication;
-	}
-
-	public void setChallengeResponseAuthentication(
-			boolean isChallangeResponseAuthentication) {
-		this.isChallangeResponseAuthentication = isChallangeResponseAuthentication;
-	}
-
-	public boolean isFormAuthentication() {
-		return isFormAuthentication;
-	}
-
-	public void setFormAuthentication(boolean isFormAuthentication) {
-		this.isFormAuthentication = isFormAuthentication;
-	}
-	
-	public void configFormAuthentication(String formUserField, String formPwdField)
-	{
-		this.isFormAuthentication = true;
-		this.setChallengeResponseAuthentication(false);
-		
-		this.formPwdField	=	formPwdField;
-		this.formUserField	=	formUserField;
-	}
-	
-	/*
-	 *  (non-Javadoc)
-	 * @see org.apache.jetspeed.sso.SSOSite#setRealm(java.lang.String)
-	 */
-	public void setRealm(String realm)
-	{
-		this.realm = realm;
-	}
-	
-	/*
-	 *  (non-Javadoc)
-	 * @see org.apache.jetspeed.sso.SSOSite#getRealm()
-	 */
-	public String getRealm()
-	{
-		return this.realm;
-	}    
 }

Added: portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/impl/SSOUserImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/impl/SSOUserImpl.java?rev=734954&view=auto
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/impl/SSOUserImpl.java (added)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/impl/SSOUserImpl.java Fri Jan 16 02:07:13 2009
@@ -0,0 +1,32 @@
+/* 
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.sso.impl;
+
+import org.apache.jetspeed.security.impl.PersistentJetspeedPrincipal;
+import org.apache.jetspeed.sso.SSOUser;
+
+
+/**
+ * @author <a href="mailto:ddam@apache.org">Dennis Dam</a>
+ * @version $Id$
+ */
+public class SSOUserImpl extends PersistentJetspeedPrincipal implements SSOUser 
+{
+
+    private static final long serialVersionUID = 1L;
+
+}

Propchange: portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/impl/SSOUserImpl.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/impl/SSOUserImpl.java
------------------------------------------------------------------------------
    svn:keywords = Id

Added: portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/spi/SSOSiteManagerSPI.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/spi/SSOSiteManagerSPI.java?rev=734954&view=auto
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/spi/SSOSiteManagerSPI.java (added)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/spi/SSOSiteManagerSPI.java Fri Jan 16 02:07:13 2009
@@ -0,0 +1,51 @@
+/* 
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.sso.spi;
+
+import java.util.Collection;
+
+import org.apache.jetspeed.sso.SSOException;
+import org.apache.jetspeed.sso.SSOSite;
+import org.apache.jetspeed.sso.SSOUser;
+
+
+/**
+ * @author <a href="mailto:ddam@apache.org">Dennis Dam</a>
+ * @version $Id$
+ */
+public interface SSOSiteManagerSPI
+{
+    
+    SSOSite getByName(String siteName);
+
+	SSOSite getByUrl(String siteUrl);
+
+	SSOSite getById(int id);
+
+    void update(SSOSite site) throws SSOException;
+    
+    SSOSite add(SSOSite site) throws SSOException; 
+    
+    void remove(SSOSite site) throws SSOException;
+
+	Collection<SSOSite> getSites(String filter);
+
+	SSOSite getSite(SSOUser ssoUser);
+	
+	Collection<SSOSite> getSites(Collection<SSOUser> users);
+
+}

Propchange: portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/spi/SSOSiteManagerSPI.java
------------------------------------------------------------------------------
    svn:mergeinfo = 

Added: portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/spi/SSOUserManagerSPI.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/spi/SSOUserManagerSPI.java?rev=734954&view=auto
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/spi/SSOUserManagerSPI.java (added)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/spi/SSOUserManagerSPI.java Fri Jan 16 02:07:13 2009
@@ -0,0 +1,130 @@
+/* 
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.sso.spi;
+
+import java.util.Collection;
+
+import org.apache.jetspeed.security.JetspeedPrincipal;
+import org.apache.jetspeed.security.PasswordCredential;
+import org.apache.jetspeed.security.PrincipalTypeManager;
+import org.apache.jetspeed.security.SecurityException;
+import org.apache.jetspeed.sso.SSOUser;
+
+/**
+ * @author <a href="mailto:ddam@apache.org">Dennis Dam</a>
+ * @version $Id$
+ */
+public interface SSOUserManagerSPI extends PrincipalTypeManager {
+
+    SSOUser newUser(String name, Long domainId);
+
+    /**
+     * <p>
+     * Add a new user
+     * </p>
+     * <p>
+     * If an external security storage manager is used, the user will be mapped/replicated to it as well.
+     * </p>
+     * @param userName The user name.
+     * @param domainId The domain ID of the remote domain
+     * @param localPrincipal The portal principal (e.g. user / group) related to this SSO User
+     * @return the new {@link SSOUser}
+     * @throws Throws a security exception.
+     */
+    SSOUser addUser(String userName, Long domainId, JetspeedPrincipal ownerPrincipal) throws SecurityException;
+
+    /**
+     * <p>
+     * Remove a user. If there user attributes associated with this user, they will be removed as well.
+     * </p>
+     * <p>
+     * {@link java.security.Permission}for this user will be removed as well.
+     * </p>
+     * 
+     * @param userName The user name.
+     * @throws Throws a security exception.
+     */
+    void removeUser(String userName, Long domainId) throws SecurityException;
+
+    /**
+     * <p>
+     * Whether or not a user exists.
+     * </p>
+     * 
+     * @param userName The user name.
+     * @return Whether or not a user exists.
+     */
+    boolean userExists(String userName, Long domainId);
+
+    /**
+     * <p>
+     * Get a {@link SSOUser}for a given user name.
+     * </p>
+     * 
+     * @param userName The user name.
+     * @return The {@link SSOUser}.
+     * @throws Throws a security exception idomainPrincipalAccessf the user cannot be found.
+     */
+    SSOUser getUser(String userName, Long domainId) throws SecurityException;
+
+    /**
+     * <p>
+     * Retrieves a detached and modifiable {@link SSOUser} list matching the corresponding
+     * user name filter.
+     * </p>
+     * 
+     * @param nameFilter The filter used to retrieve matching users.
+     * @return a list of {@link SSOUser}.
+     */
+    Collection<SSOUser> getUsers(String nameFilter, Long domainId) throws SecurityException;
+
+    Collection<SSOUser> getUsers(JetspeedPrincipal principal) throws SecurityException;
+    
+    Collection<SSOUser> getUsers(JetspeedPrincipal principal, Long domainId) throws SecurityException;
+    
+    /**
+     * <p>
+     * Retrieves a a detached and modifiable List user names, finding users matching the corresponding
+     * user name filter.
+     * </p>
+     * 
+     * @param nameFilter The filter used to retrieve matching users.
+     * @return A list of user names
+     */
+    Collection<String> getUserNames(String nameFilter, Long domainId) throws SecurityException;
+
+    /**
+     * Updates a user and all its attributes
+     * @param user
+     * @throws SecurityException
+     */
+    void updateUser(SSOUser user) throws SecurityException;
+
+    /**
+     * Returns the current PasswordCredential for a User or a new one if the doesn't have one yet
+     * @param user the user
+     * @return null if the SSOUserManager doesn't support PasswordCredentials
+     */
+    PasswordCredential getPasswordCredential(SSOUser user) throws SecurityException;
+    
+    void storePasswordCredential(PasswordCredential credential) throws SecurityException;
+    
+    void addSSOUserToPrincipal(SSOUser user, JetspeedPrincipal principal) throws SecurityException;
+    
+    Collection<JetspeedPrincipal> getPortalPrincipals(SSOUser remoteUser, Long portalPrincipalDomain);
+    
+}
\ No newline at end of file

Propchange: portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/spi/SSOUserManagerSPI.java
------------------------------------------------------------------------------
    svn:mergeinfo = 

Added: portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/spi/impl/JetspeedPersistentSSOSiteManager.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/spi/impl/JetspeedPersistentSSOSiteManager.java?rev=734954&view=auto
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/spi/impl/JetspeedPersistentSSOSiteManager.java (added)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/spi/impl/JetspeedPersistentSSOSiteManager.java Fri Jan 16 02:07:13 2009
@@ -0,0 +1,224 @@
+/* 
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.sso.spi.impl;
+
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Hashtable;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.jetspeed.components.dao.InitablePersistenceBrokerDaoSupport;
+import org.apache.jetspeed.security.SecurityDomain;
+import org.apache.jetspeed.security.impl.SecurityDomainImpl;
+import org.apache.jetspeed.sso.SSOException;
+import org.apache.jetspeed.sso.SSOSite;
+import org.apache.jetspeed.sso.SSOUser;
+import org.apache.jetspeed.sso.impl.SSOSiteImpl;
+import org.apache.jetspeed.sso.spi.SSOSiteManagerSPI;
+import org.apache.ojb.broker.query.Criteria;
+import org.apache.ojb.broker.query.Query;
+import org.apache.ojb.broker.query.QueryByCriteria;
+import org.apache.ojb.broker.query.QueryFactory;
+import org.springframework.orm.ObjectRetrievalFailureException;
+
+/**
+ * @author <a href="mailto:ddam@apache.org">Dennis Dam</a>
+ * @version $Id$
+ */
+public class JetspeedPersistentSSOSiteManager extends
+InitablePersistenceBrokerDaoSupport implements SSOSiteManagerSPI
+{
+    /* Logging */
+    private static final Log log = LogFactory.getLog(JetspeedPersistentSSOSiteManager.class);
+    private Hashtable<String,SSOSite> mapSiteNameIndex = new Hashtable<String,SSOSite>();
+    private Hashtable<String,SSOSite> mapSiteUrlIndex = new Hashtable<String,SSOSite>();
+    private Hashtable<Long,SSOSite> mapSiteDomainIndex = new Hashtable<Long,SSOSite>();
+    
+    public JetspeedPersistentSSOSiteManager(String repositoryPath) throws ClassNotFoundException
+    {
+       super(repositoryPath);
+    }
+    
+    public SSOSite add(SSOSite ssoSite) throws SSOException
+    {
+        try
+        {
+            getPersistenceBrokerTemplate().store(ssoSite);
+            cacheSite(ssoSite);
+            return ssoSite;
+        }
+        catch (Exception e)
+        {
+            String msg = "Unable to add SSO Site: " + ssoSite.getName();
+            log.error(msg, e);
+            throw new SSOException(msg, e);
+        }                
+    }
+    
+    public boolean exists(String siteUrl) {
+		return getByUrl(siteUrl) != null;
+	}
+
+    public SSOSite getById(int id){
+        try{
+            return (SSOSite) getPersistenceBrokerTemplate().getObjectById(SSOSiteImpl.class, id);    
+        } catch (ObjectRetrievalFailureException ore){
+            return null;
+        }
+    
+    }
+    
+	public SSOSite getByName(String siteName) {
+		
+	    Criteria filter = new Criteria();
+        filter.addEqualTo("name", siteName);
+        Query query = QueryFactory.newQuery(SSOSiteImpl.class, filter);
+        SSOSite site = (SSOSite) getPersistenceBrokerTemplate().getObjectByQuery(query);
+        if (site != null){
+            cacheSite(site);
+        }
+        return site;   
+	}
+
+	public SSOSite getByUrl(String siteUrl)
+    {
+        Criteria filter = new Criteria();
+        filter.addEqualTo("url", siteUrl);
+        Query query = QueryFactory.newQuery(SSOSiteImpl.class, filter);
+        SSOSite site = (SSOSite) getPersistenceBrokerTemplate().getObjectByQuery(query);
+        if (site != null){
+            cacheSite(site);
+        }
+        return site;       
+    }
+
+    public SSOSite getSite(SSOUser ssoUser)
+    {        
+        Collection<SSOSite> sitesForUser = getSites(Arrays.asList(new SSOUser[]{ ssoUser} ));
+        if (sitesForUser.size() == 1){
+            return sitesForUser.iterator().next();
+        } else {
+            return null;
+        }
+    }
+
+    @SuppressWarnings("unchecked")
+    public Collection<SSOSite> getSites(String filter)
+    {
+        
+        Criteria finalCriteria = new Criteria();
+
+        
+        if (StringUtils.isNotEmpty(filter)){
+            
+            filter = filter.replaceAll("%", "\\%");
+            filter = "%"+filter+"%";
+            Criteria urlCriteria = new Criteria();
+            urlCriteria.addLike("url", filter);
+            finalCriteria.addOrCriteria(urlCriteria);
+
+            Criteria nameCriteria = new Criteria();
+            nameCriteria.addLike("name", filter);
+            finalCriteria.addOrCriteria(nameCriteria);
+        }
+        
+        Query query = QueryFactory.newQuery(SSOSiteImpl.class, finalCriteria);
+        
+        return getPersistenceBrokerTemplate().getCollectionByQuery(query);
+    }
+    
+    @SuppressWarnings("unchecked")
+    public Collection<SSOSite> getSites(Collection<SSOUser> users)
+    {
+        if (users.size() > 0){
+            Criteria queryCriteria = new Criteria();
+            
+            for (SSOUser u : users){
+                Criteria domainCriteria = new Criteria();
+                domainCriteria.addEqualTo("securityDomainId",u.getDomainId());
+                queryCriteria.addOrCriteria(domainCriteria);
+            }
+
+            QueryByCriteria query = QueryFactory.newQuery(SSOSiteImpl.class, queryCriteria);
+            query.addOrderByAscending("name");
+            return getPersistenceBrokerTemplate().getCollectionByQuery(query);
+        } else {
+            return Collections.EMPTY_LIST;
+        }
+    }
+
+    public void remove(SSOSite site)
+    throws SSOException
+    {
+        try
+        {
+            getPersistenceBrokerTemplate().delete(site);
+            removeSiteFromCache(site);
+        }
+        catch (Exception e)
+        {
+            String msg = "Unable to remove SSO Site: " + site.getName();
+            log.error(msg, e);
+            throw new SSOException(msg, e);
+        }        
+    }
+
+    public void update(SSOSite site)
+    throws SSOException
+    {
+        try
+        {
+            getPersistenceBrokerTemplate().store(site);
+            cacheSite(site);
+        }
+        catch (Exception e)
+        {
+            String msg = "Unable to remove SSO Site: " + site.getName();
+            log.error(msg, e);
+            throw new SSOException(msg, e);
+        }        
+    }
+    
+    protected void cacheSite(SSOSite site){
+        if (getCachedSiteByDomainId(site.getSecurityDomainId()) != null){
+            removeSiteFromCache(site);    
+        }
+        mapSiteUrlIndex.put(site.getURL(), site);
+        mapSiteDomainIndex.put(site.getSecurityDomainId(), site);
+        mapSiteNameIndex.put(site.getName(), site);
+    }
+    
+    protected SSOSite getCachedSiteByUrl(String url){
+        return mapSiteUrlIndex.get(url);
+    }
+    
+    protected SSOSite getCachedSiteByDomainId(Long domainId){
+        return mapSiteUrlIndex.get(domainId);
+    }
+    
+    protected SSOSite getCachedSiteByName(String name){
+        return mapSiteNameIndex.get(name);
+    }
+
+    protected void removeSiteFromCache(SSOSite site){
+        mapSiteUrlIndex.remove(site.getURL());
+        mapSiteDomainIndex.remove(site.getSecurityDomainId());
+    }
+}

Propchange: portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/spi/impl/JetspeedPersistentSSOSiteManager.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/spi/impl/JetspeedPersistentSSOSiteManager.java
------------------------------------------------------------------------------
    svn:keywords = Id

Added: portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/spi/impl/SSOUserManagerSPIImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/spi/impl/SSOUserManagerSPIImpl.java?rev=734954&view=auto
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/spi/impl/SSOUserManagerSPIImpl.java (added)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/spi/impl/SSOUserManagerSPIImpl.java Fri Jan 16 02:07:13 2009
@@ -0,0 +1,203 @@
+/* 
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.sso.spi.impl;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import org.apache.jetspeed.security.JetspeedPrincipal;
+import org.apache.jetspeed.security.JetspeedPrincipalAssociationReference;
+import org.apache.jetspeed.security.JetspeedPrincipalAssociationType;
+import org.apache.jetspeed.security.JetspeedPrincipalType;
+import org.apache.jetspeed.security.PasswordCredential;
+import org.apache.jetspeed.security.SecurityDomain;
+import org.apache.jetspeed.security.SecurityException;
+import org.apache.jetspeed.security.impl.BaseJetspeedPrincipalManager;
+import org.apache.jetspeed.security.spi.JetspeedDomainPrincipalAccessManager;
+import org.apache.jetspeed.security.spi.JetspeedPrincipalAccessManager;
+import org.apache.jetspeed.security.spi.JetspeedPrincipalStorageManager;
+import org.apache.jetspeed.security.spi.SecurityDomainAccessManager;
+import org.apache.jetspeed.security.spi.UserPasswordCredentialAccessManager;
+import org.apache.jetspeed.security.spi.UserPasswordCredentialStorageManager;
+import org.apache.jetspeed.sso.SSOUser;
+import org.apache.jetspeed.sso.impl.IsOwnedByPrincipalAssociationHandler;
+import org.apache.jetspeed.sso.impl.IsRemoteIdentityForPrincipalAssociationHandler;
+import org.apache.jetspeed.sso.impl.SSOUserImpl;
+import org.apache.jetspeed.sso.spi.SSOUserManagerSPI;
+
+
+/**
+ * @author <a href="mailto:ddam@apache.org">Dennis Dam</a>
+ * @version $Id$
+ */
+public class SSOUserManagerSPIImpl extends BaseJetspeedPrincipalManager implements SSOUserManagerSPI
+{
+
+    private static final long serialVersionUID = 1L;
+
+    private JetspeedDomainPrincipalAccessManager domainPrincipalAccess;
+    private SecurityDomainAccessManager domainAccess;
+    
+    private UserPasswordCredentialStorageManager credentialStorageManager;
+    private UserPasswordCredentialAccessManager credentialAccessManager;
+
+    
+    public SSOUserManagerSPIImpl(JetspeedPrincipalType principalType, 
+            JetspeedPrincipalAccessManager jpam, JetspeedPrincipalStorageManager jpsm, UserPasswordCredentialStorageManager credentialStorageManager,
+            UserPasswordCredentialAccessManager credentialAccessManager, JetspeedDomainPrincipalAccessManager domainPrincipalAccess, SecurityDomainAccessManager domainAccess)
+    {
+        super(principalType, jpam, jpsm);
+        this.credentialStorageManager = credentialStorageManager;
+        this.credentialAccessManager = credentialAccessManager;
+        this.domainPrincipalAccess=domainPrincipalAccess;
+        this.domainAccess=domainAccess;
+    }
+    
+    public JetspeedPrincipal newPrincipal(String name, boolean mapped)
+    {
+        return null;
+    }
+
+    public JetspeedPrincipal newTransientPrincipal(String name)
+    {
+        return null;
+    }
+
+    public SSOUser addUser(String name, Long domainId, JetspeedPrincipal ownerPrincipal)
+            throws SecurityException
+    {
+        SSOUser user = newUser(name, domainId);
+        Set<JetspeedPrincipalAssociationReference> reqAssociations = new HashSet<JetspeedPrincipalAssociationReference>();
+        reqAssociations.add(new JetspeedPrincipalAssociationReference(JetspeedPrincipalAssociationReference.Type.TO, ownerPrincipal, IsOwnedByPrincipalAssociationHandler.ASSOCIATION_NAME));
+        super.addPrincipal(user, reqAssociations);
+        // by default add a relation to the owner 
+        super.addAssociation(user, ownerPrincipal, IsRemoteIdentityForPrincipalAssociationHandler.ASSOCIATION_NAME);
+        return user;
+    }
+
+    public PasswordCredential getPasswordCredential(SSOUser user)
+            throws SecurityException
+    {
+        return credentialAccessManager.getPasswordCredential(user.getName(),user.getDomainId());
+    }
+
+    public SSOUser getUser(String userName, Long domainId)
+            throws SecurityException
+    {
+        SSOUser user = (SSOUser)domainPrincipalAccess.getPrincipal(userName, getPrincipalType(), domainId);
+        if (null == user)
+        {
+            throw new SecurityException(SecurityException.PRINCIPAL_DOES_NOT_EXIST.createScoped(JetspeedPrincipalType.SSO_USER, userName));
+        }
+        return user;
+    }
+
+    public Collection<String> getUserNames(String nameFilter, Long domainId)
+            throws SecurityException
+    {
+        return (List<String>) domainPrincipalAccess.getPrincipalNames(nameFilter, getPrincipalType(), domainId);
+    }
+
+    protected List<? extends JetspeedPrincipal> getPrincipals(String nameFilter, Long domainId)
+    {
+        return domainPrincipalAccess.getPrincipals(nameFilter, getPrincipalType(), domainId);
+    }
+    
+    @SuppressWarnings("unchecked")
+    public Collection<SSOUser> getUsers(String nameFilter, Long domainId)
+            throws SecurityException
+    {
+        return (List<SSOUser>) getPrincipals(nameFilter, domainId);
+    }
+
+    public SSOUser newUser(String name, Long domainId)
+    {
+        SSOUserImpl user = new SSOUserImpl();
+        user.setDomainId(domainId);
+        user.setName(name);
+        return user;
+    }
+
+    public void removeUser(String userName, Long domainId)
+            throws SecurityException
+    {
+        JetspeedPrincipal user;        
+        user = getUser(userName, domainId);
+        super.removePrincipal(user);
+    }
+
+    public void storePasswordCredential(PasswordCredential credential) throws SecurityException
+    {
+        credentialStorageManager.storePasswordCredential(credential);
+    }
+
+    public void updateUser(SSOUser user) throws SecurityException
+    {
+        super.updatePrincipal(user);
+    }
+
+    public boolean userExists(String userName, Long domainId)
+    {
+        return domainPrincipalAccess.principalExists(userName, getPrincipalType(), domainId);
+    }
+
+    public Collection<SSOUser> getUsers(JetspeedPrincipal principal) throws SecurityException
+    {
+        Collection<SecurityDomain> allDomains = domainAccess.getDomainsOwnedBy(principal.getDomainId());
+        Collection<SSOUser> users = new ArrayList<SSOUser>();
+        for (SecurityDomain domain : allDomains){
+            users.addAll(getUsers(principal,domain.getDomainId()));
+        }
+        return users;
+    }    
+    
+    @SuppressWarnings("unchecked")
+    public Collection<SSOUser> getUsers(JetspeedPrincipal principal, Long remoteSecurityDomain) throws SecurityException
+    {
+        return (Collection<SSOUser>)_getSSOUsersForPrincipal(principal,remoteSecurityDomain);
+    }    
+
+    private Collection<? extends JetspeedPrincipal> _getSSOUsersForPrincipal(JetspeedPrincipal principal, Long remoteSecurityDomain) throws SecurityException
+    {
+        return domainPrincipalAccess.getAssociatedTo(principal.getName(), getPrincipalType(), principal.getType(), IsRemoteIdentityForPrincipalAssociationHandler.ASSOCIATION_NAME, remoteSecurityDomain, principal.getDomainId());
+    }  
+    
+    public void addSSOUserToPrincipal(SSOUser user, JetspeedPrincipal principal)
+            throws SecurityException
+    {
+        super.addAssociation(user,principal,IsRemoteIdentityForPrincipalAssociationHandler.ASSOCIATION_NAME);
+        
+    }
+
+    public Collection<JetspeedPrincipal> getPortalPrincipals(SSOUser remoteUser, Long portalPrincipalDomain)
+    {
+        Collection<JetspeedPrincipal> principalsFound = new ArrayList<JetspeedPrincipal>();
+        List<JetspeedPrincipalAssociationType> assTypes = super.getAssociationTypes();
+        for (JetspeedPrincipalAssociationType type : assTypes)
+        {
+            if (type.getAssociationName().equals(IsRemoteIdentityForPrincipalAssociationHandler.ASSOCIATION_NAME)){
+                Collection<JetspeedPrincipal> principalsForThisType = domainPrincipalAccess.getAssociatedFrom(remoteUser.getName(), getPrincipalType(), type.getToPrincipalType(), IsRemoteIdentityForPrincipalAssociationHandler.ASSOCIATION_NAME, remoteUser.getDomainId(), portalPrincipalDomain);
+                principalsFound.addAll(principalsForThisType);
+            }
+        }
+        return principalsFound;
+    }    
+    
+}

Propchange: portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/spi/impl/SSOUserManagerSPIImpl.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/main/java/org/apache/jetspeed/sso/spi/impl/SSOUserManagerSPIImpl.java
------------------------------------------------------------------------------
    svn:keywords = Id

Added: portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/test/java/org/apache/jetspeed/sso/AbstractSecurityTestCase.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/test/java/org/apache/jetspeed/sso/AbstractSecurityTestCase.java?rev=734954&view=auto
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/test/java/org/apache/jetspeed/sso/AbstractSecurityTestCase.java (added)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/test/java/org/apache/jetspeed/sso/AbstractSecurityTestCase.java Fri Jan 16 02:07:13 2009
@@ -0,0 +1,207 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.sso;
+
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Iterator;
+import java.util.List;
+
+import javax.security.auth.Subject;
+
+import org.apache.jetspeed.JetspeedActions;
+import org.apache.jetspeed.components.util.DatasourceEnabledSpringTestCase;
+import org.apache.jetspeed.security.GroupManager;
+import org.apache.jetspeed.security.JetspeedPermission;
+import org.apache.jetspeed.security.PasswordCredential;
+import org.apache.jetspeed.security.PermissionManager;
+import org.apache.jetspeed.security.RoleManager;
+import org.apache.jetspeed.security.SecurityDomain;
+import org.apache.jetspeed.security.User;
+import org.apache.jetspeed.security.UserManager;
+import org.apache.jetspeed.security.SecurityException;
+import org.apache.jetspeed.security.impl.SecurityDomainImpl;
+import org.apache.jetspeed.security.spi.SecurityDomainAccessManager;
+import org.apache.jetspeed.security.spi.SecurityDomainStorageManager;
+
+/**
+ * @author <a href="mailto:sweaver@einnovation.com">Scott T. Weaver </a>
+ * @author <a href="mailto:dlestrat@apache.org">David Le Strat </a>
+ * @author <a href="mailto:ddam@apache.org">Dennis Dam</a>
+ * @version $Id$
+ *  
+ */
+public abstract class AbstractSecurityTestCase extends DatasourceEnabledSpringTestCase
+{
+    /** The user manager. */
+    protected UserManager ums;
+
+    /** The group manager. */
+    protected GroupManager gms;
+
+    /** The role manager. */
+    protected RoleManager rms;
+
+    /** The permission manager. */
+    protected PermissionManager pms;
+
+    /** needed to seed default domain
+     *  TODO: can be removed once the default seed has been adjusted to include the default and system domain
+     *
+    */
+    protected SecurityDomainStorageManager domainStorageManager;
+    protected SecurityDomainAccessManager domainAccessManager;
+    
+    /**
+     * @see junit.framework.TestCase#setUp()
+     */
+    protected void setUp() throws Exception
+    {
+
+        super.setUp();
+
+        ums = (UserManager) scm.getComponent("org.apache.jetspeed.security.UserManager");
+        gms = (GroupManager) scm.getComponent("org.apache.jetspeed.security.GroupManager");
+        rms = (RoleManager) scm.getComponent("org.apache.jetspeed.security.RoleManager");
+                
+        // Authorization.
+        pms = (PermissionManager) scm.getComponent("org.apache.jetspeed.security.PermissionManager");
+        domainStorageManager = (SecurityDomainStorageManager) scm.getComponent(SecurityDomainStorageManager.class.getName());
+        domainAccessManager = (SecurityDomainAccessManager) scm.getComponent("org.apache.jetspeed.security.spi.SecurityDomainAccessManager");
+        
+        // TODO: remove when default seed contains the default domain        
+        SecurityDomain domain = domainAccessManager.getDomainByName(SecurityDomain.SYSTEM_NAME); 
+        if (domain == null){
+            
+            SecurityDomainImpl newDomain = new SecurityDomainImpl();
+            newDomain.setName(SecurityDomain.SYSTEM_NAME);
+            domainStorageManager.addDomain(newDomain);
+        } 
+        domain = domainAccessManager.getDomainByName(SecurityDomain.DEFAULT_NAME); 
+        if (domain == null){
+            
+            SecurityDomainImpl newDomain = new SecurityDomainImpl();
+            newDomain.setName(SecurityDomain.DEFAULT_NAME);
+            domainStorageManager.addDomain(newDomain);
+        }
+        
+        
+        new JetspeedActions(new String[] {"secure"}, new String[] {});
+        
+        destroyPrincipals();
+        destroyPermissions();
+
+        
+    }
+
+    protected void tearDown() throws Exception
+    {
+        destroyPrincipals();
+        destroyPermissions();
+        super.tearDown();
+    }
+    
+    /**
+     * Returns subject's principals of type claz
+     * 
+     * @param subject
+     * @param claz
+     * @return Returns subject's principals of type claz
+     */
+    protected Collection<Principal> getPrincipals(Subject subject, Class<? extends Principal> claz)
+    {
+        List<Principal> principals = new ArrayList<Principal>();
+        for (Iterator<Principal> iter = subject.getPrincipals().iterator(); iter.hasNext();)
+        {
+            Principal element = iter.next();
+            if (claz.isInstance(element))
+                principals.add(element);
+
+        }
+        return principals;
+    }
+    
+    protected User addUser(String name, String password) throws SecurityException
+    {
+        User user = ums.addUser(name);            
+        PasswordCredential credential = ums.getPasswordCredential(user);
+        credential.setPassword(password, false);
+        ums.storePasswordCredential(credential);
+        return user;
+    }
+    
+    protected String getBeanDefinitionFilterCategories()
+    {
+        return "security,dbSecurity,transaction,cache,jdbcDS";
+    }
+
+    protected String[] getConfigurations()
+    {
+        //String[] confs = super.getConfigurations();
+        List<String> confList = new ArrayList<String>(); //Arrays.asList(confs));
+        confList.add("security-atn.xml");
+        confList.add("security-atz.xml");
+        confList.add("security-managers.xml");
+        confList.add("security-providers.xml");
+        confList.add("security-spi.xml");
+        confList.add("security-spi-atn.xml");
+        confList.add("transaction.xml");
+        confList.add("cache-test.xml");
+        confList.add("static-bean-references.xml");
+        return (String[]) confList.toArray(new String[1]);
+    }
+
+    /**
+     * <p>
+     * Destroy group test objects.
+     * </p>
+     */
+    protected void destroyPrincipals() throws Exception
+    {
+        for (String name : ums.getUserNames(null))
+        {
+            ums.removeUser(name);
+        }
+        for (String name : rms.getRoleNames(null))
+        {
+            // because of possible dependent roles already been deleted through a parent deletion,
+            // first check if it still exists
+            if (rms.roleExists(name))
+            {
+                rms.removeRole(name);
+            }
+        }
+        for (String name : gms.getGroupNames(null))
+        {
+            // because of possible dependent groups already been deleted through a parent deletion,
+            // first check if it still exists
+            if (gms.groupExists(name))
+            {
+                gms.removeGroup(name);
+            }
+        }
+    }
+    
+    protected void destroyPermissions() throws Exception
+    {
+        for (JetspeedPermission p : pms.getPermissions())
+        {
+            pms.removePermission(p);
+        }
+    }
+}
\ No newline at end of file

Propchange: portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/test/java/org/apache/jetspeed/sso/AbstractSecurityTestCase.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/test/java/org/apache/jetspeed/sso/AbstractSecurityTestCase.java
------------------------------------------------------------------------------
    svn:keywords = Id

Modified: portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/test/java/org/apache/jetspeed/sso/TestBasicSSO.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/test/java/org/apache/jetspeed/sso/TestBasicSSO.java?rev=734954&r1=734953&r2=734954&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/test/java/org/apache/jetspeed/sso/TestBasicSSO.java (original)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/test/java/org/apache/jetspeed/sso/TestBasicSSO.java Fri Jan 16 02:07:13 2009
@@ -16,6 +16,10 @@
  */
 package org.apache.jetspeed.sso;
 
+import junit.framework.Test;
+import junit.framework.TestCase;
+import junit.framework.TestSuite;
+
 import org.apache.commons.httpclient.Cookie;
 import org.apache.commons.httpclient.Header;
 import org.apache.commons.httpclient.HttpClient;
@@ -26,10 +30,6 @@
 import org.apache.commons.httpclient.auth.HttpAuthenticator;
 import org.apache.commons.httpclient.methods.GetMethod;
 
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-
 
 /**
  * TestBasicSSO

Modified: portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/test/java/org/apache/jetspeed/sso/TestSSOComponent.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/test/java/org/apache/jetspeed/sso/TestSSOComponent.java?rev=734954&r1=734953&r2=734954&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/test/java/org/apache/jetspeed/sso/TestSSOComponent.java (original)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-sso/src/test/java/org/apache/jetspeed/sso/TestSSOComponent.java Fri Jan 16 02:07:13 2009
@@ -17,17 +17,6 @@
 
 package org.apache.jetspeed.sso;
 
-import org.apache.jetspeed.security.SecurityException;
-import org.apache.jetspeed.security.impl.GroupPrincipalImpl;
-import org.apache.jetspeed.security.impl.UserPrincipalImpl;
-import org.apache.jetspeed.security.util.test.AbstractSecurityTestcase;
-import org.apache.jetspeed.sso.SSOProvider;
-
-import junit.framework.Test;
-import junit.framework.TestSuite;
-
-import javax.security.auth.Subject;
-
 import java.security.Principal;
 import java.util.ArrayList;
 import java.util.Arrays;
@@ -36,13 +25,17 @@
 import java.util.List;
 import java.util.Set;
 
-import org.apache.jetspeed.sso.SSOException;
-import java.lang.Exception;
+import javax.security.auth.Subject;
+
+import junit.framework.Test;
+import junit.framework.TestSuite;
+
+import org.apache.jetspeed.security.SecurityException;
 
 /**
  * @author   David Le Strat
  */
-public class TestSSOComponent extends AbstractSecurityTestcase
+public abstract class TestSSOComponent extends AbstractSecurityTestCase
 {
     /**
      * test url for this UnitTest
@@ -66,7 +59,7 @@
     static private String TEST_GROUP_USER = "jack";
 
     /** The property manager. */
-    private static SSOProvider ssoBroker = null;
+    private static SSOManager ssoManager = null;
 
     /**
      * @see junit.framework.TestCase#setUp()
@@ -77,7 +70,7 @@
 
         try
         {
-            ssoBroker = (SSOProvider) scm.getComponent("ssoProvider");
+            ssoManager = (SSOManager) scm.getComponent("org.apache.jetspeed.sso.SSOManager");
         }
         catch (Exception ex)
         {
@@ -101,278 +94,279 @@
         return new TestSuite(TestSSOComponent.class);
     }
 
-    /**
-     * <p>
-     * Test user root.
-     * </p>
-     */
-    public void testSSOGroup() throws Exception
-    {
-        System.out.println("*************************************\n" + "Start Unit Test for SSO Group Support"
-                + "\n*************************************");
-
-        // Create a user
-        try
-        {
-            ums.addUser(TEST_GROUP_USER, "password");
-        }
-        catch (SecurityException sex)
-        {
-            // assertTrue("user already exists. exception caught: " + sex, false);
-        }
-
-        // Create a group
-        try
-        {
-            gms.addGroup(TEST_GROUP);
-            System.out.println("Creating Group " + TEST_GROUP + " and adding User " + TEST_GROUP_USER + " succeeded!.");
-        }
-        catch (SecurityException secex)
-        {
-            System.out.println("Creating Group " + TEST_GROUP + " and adding User " + TEST_GROUP_USER
-                    + " failed. Group might already exist. Continue test...");
-            // secex.printStackTrace();
-            // throw new Exception(secex.getMessage());
-        }
-
-        if (gms.groupExists(TEST_GROUP))
-        {
-            // Add user to Group
-            gms.addUserToGroup(TEST_GROUP_USER, TEST_GROUP);
-        }
-        else
-        {
-            assertTrue("Could not create group. Abort test.", false);
-        }
-
-        // Initialization of Group
-        Principal principal = new GroupPrincipalImpl(TEST_GROUP);
-        Set principals = new HashSet();
-        principals.add(principal);
-        Subject subject = new Subject(true, principals, new HashSet(), new HashSet());
-
-        // Add SSO Credential for Group
-        if (ssoBroker.hasSSOCredentials(subject, TEST_URL) == false)
-        {
-            try
-            {
-                ssoBroker.addCredentialsForSite(subject, REMOTE_USER, TEST_URL, REMOTE_PWD_1);
-                System.out.println("SSO Credential added for Group:" + TEST_GROUP + " site: " + TEST_URL);
-            }
-            catch (SSOException ssoex)
-            {
-                System.out.println("SSO Credential add FAILED for Group:" + TEST_GROUP + " site: " + TEST_URL);
-                ssoex.printStackTrace();
-                throw new Exception(ssoex.getMessage());
-            }
-        }
-        else
-        {
-            System.out.println("Group:" + TEST_GROUP + " site: " + TEST_URL + " has already a remote credential");
-        }
-
-        // Create Principal for User
-        principal = new UserPrincipalImpl(TEST_GROUP_USER);
-        principals = new HashSet();
-        principals.add(principal);
-        subject = new Subject(true, principals, new HashSet(), new HashSet());
-
-        // User should have credential for site
-        if (ssoBroker.hasSSOCredentials(subject, TEST_URL) == false)
-        {
-            // Group expansion failed. User not recognized
-            System.out.println("No SSO Credential for user:" + TEST_GROUP_USER + " site: " + TEST_URL);
-
-            // Test failure
-            try
-            {
-                ums.removeUser(TEST_GROUP_USER);
-                gms.removeGroup(TEST_GROUP);
-            }
-            catch (SecurityException sex)
-            {
-                assertTrue("could not remove user and group. exception caught: " + sex, false);
-            }
-
-            throw new Exception("SSO Unit test for Group support failed");
-        }
-        else
-        {
-            // Group lookup succesful
-            System.out.println("SSO Test for Group support successful" + "\nSSO Credential for user:" + TEST_GROUP_USER
-                    + " site: " + TEST_URL + " found. User is member of Group " + TEST_GROUP);
-        }
-
-        // Cleanup test.
-
-        /*
-         * For hypersonic the cascading deletes are not generated by Torque and the remove credentials fails with a
-         * constraint error. Comment test out for M1 release but the problem needs to be addressed for the upcoming
-         * releases
-         */
-        try
-        {
-            // Remove credential for Site
-            ssoBroker.removeCredentialsForSite("/group/" + TEST_GROUP, TEST_URL);
-            System.out.println("SSO Credential removed for Group:" + TEST_GROUP + " site: " + TEST_URL);
-        }
-        catch (SSOException ssoex)
-        {
-            System.out.println("SSO Credential remove FAILED for Group:" + TEST_GROUP + " site: " + TEST_URL);
-            throw new Exception(ssoex.getMessage());
-        }
-
-        try
-        {
-            ums.removeUser(TEST_GROUP_USER);
-            gms.removeGroup(TEST_GROUP);
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("could not remove user and group. exception caught: " + sex, false);
-        }
-
-    }
-
-    public void testSSO() throws Exception
-    {
-        System.out.println("***************************\nStart Unit Test for SSO API\n***************************");
-
-        // Create a user
-        try
-        {
-            ums.addUser(TEST_USER, "password");
-        }
-        catch (SecurityException sex)
-        {
-            // assertTrue("user already exists. exception caught: " + sex, false);
-        }
-
-        // Initialization
-        Principal principal = new UserPrincipalImpl(TEST_USER);
-        Set principals = new HashSet();
-        principals.add(principal);
-        Subject subject = new Subject(true, principals, new HashSet(), new HashSet());
-
-        if (ssoBroker.hasSSOCredentials(subject, TEST_URL) == false)
-        {
-            System.out.println("No SSO Credential for user:" + TEST_USER + " site: " + TEST_URL);
-
-            // Add credential
-            try
-            {
-                ssoBroker.addCredentialsForSite(subject, REMOTE_USER, TEST_URL, REMOTE_PWD_1);
-                System.out.println("SSO Credential added for user:" + TEST_USER + " site: " + TEST_URL);
-            }
-            catch (SSOException ssoex)
-            {
-                System.out.println("SSO Credential add FAILED for user:" + TEST_USER + " site: " + TEST_URL);
-                ssoex.printStackTrace();
-                throw new Exception(ssoex.getMessage());
-            }
-        }
-        else
-        {
-            System.out.println("SSO Credential found for user:" + TEST_USER + " site: " + TEST_URL);
-        }
-
-        // Add another remote principal for the same user
-        if (ssoBroker.hasSSOCredentials(subject, TEST_URL2) == false)
-        {
-            System.out.println("No SSO Credential for user:" + TEST_USER + " site: " + TEST_URL2);
-
-            // Add credential
-            try
-            {
-                ssoBroker.addCredentialsForSite(subject, REMOTE_USER2, TEST_URL2, REMOTE_PWD_2);
-                ssoBroker.setRealmForSite(TEST_URL2, "Nagios Access");
-                
-                System.out.println("SSO Credential added for user:" + TEST_USER + " site: " + TEST_URL2);
-            }
-            catch (SSOException ssoex)
-            {
-                System.out.println("SSO Credential add FAILED for user:" + TEST_USER + " site: " + TEST_URL2);
-                ssoex.printStackTrace();
-                throw new Exception(ssoex.getMessage());
-            }
-        }
-        else
-        {
-            System.out.println("SSO Credential found for user:" + TEST_USER + " site: " + TEST_URL2);
-        }
-
-        // Add the credentail again -- should get an error
-        try
-        {
-            ssoBroker.addCredentialsForSite(subject, REMOTE_USER2, TEST_URL2, REMOTE_PWD_2);
-            throw new Exception("Added same credentail twice -- API should prevent users from doing that.");
-
-        }
-        catch (SSOException ssoex)
-        {
-            System.out.println("Adding same SSO Credential twice failed (as expected) Message :" + ssoex.getMessage());
-        }
-        catch (Exception e)
-        {
-            throw new Exception("Adding SSO Credential twice throw an unandled exception. Error: " + e.getMessage());
-        }
-
-        // Test if the credential where persisted
-
-        // Test credential update
-        SSOContext ssocontext = ssoBroker.getCredentials(subject, TEST_URL);
-        System.out.println("SSO Credential: User:" + ssocontext.getRemotePrincipalName() + " Password: "
-                + ssocontext.getRemoteCredential() + " for site: " + TEST_URL);
-
-        System.out.println("SSO Credential: User:" + ssocontext.getRemotePrincipalName() + " Password: "
-                + ssocontext.getRemoteCredential() + " for site: " + TEST_URL2);
-
-        try
-        {
-            // Update Remote credential
-            System.out.println("SSO Credential Update");
-            ssoBroker.updateCredentialsForSite(subject, REMOTE_USER, TEST_URL, REMOTE_PWD_2);
-
-            ssocontext = ssoBroker.getCredentials(subject, TEST_URL);
-            System.out.println("SSO Credential updated: User:" + ssocontext.getRemotePrincipalName() + " Password: "
-                    + ssocontext.getRemoteCredential());
-
-        }
-        catch (SSOException ssoex)
-        {
-            System.out.println("SSO Credential update FAILED for user:" + TEST_USER + " site: " + TEST_URL);
-            throw new Exception(ssoex.getMessage());
-        }
-          
-        /*
-         * For hypersonic the cascading deletes are not generated by Torque and the remove credentials fails with a
-         * constraint error. Comment test out for M1 release but the problem needs to be addressed for the upcoming
-         * releases try { // Remove credential for Site ssoBroker.removeCredentialsForSite(subject, TEST_URL);
-         * System.out.println("SSO Credential removed for user:" + TEST_USER+ " site: " + TEST_URL); }
-         * catch(SSOException ssoex) { System.out.println("SSO Credential remove FAILED for user:" + TEST_USER+ " site: " +
-         * TEST_URL); throw new Exception(ssoex.getMessage()); }
-         */
-
-        Iterator sites = ssoBroker.getSites("");
-        while (sites.hasNext())
-        {
-            SSOSite site = (SSOSite) sites.next();
-            System.out.println("Site = " + site.getName());
-        }
-        // Cleanup
-        try
-        {
-        	ssoBroker.removeCredentialsForSite(subject, TEST_URL);
-        	ssoBroker.removeCredentialsForSite(subject, TEST_URL2);
-        	System.out.println("SSO Credential removed for user:" + TEST_USER+ " sites: " + TEST_URL + " " + TEST_URL2); 
-        }
-        catch(SSOException ssoex) 
-        { 
-        	System.out.println("SSO Credential remove FAILED for user:" + TEST_USER+ " site: " + TEST_URL + " and " + TEST_URL2); 
-        	throw new Exception(ssoex.getMessage());
-        }
-
-    }
+//    /**
+//     * <p>
+//     * Test user root.
+//     * </p>
+//     */
+//    public void testSSOGroup() throws Exception
+//    {
+//        System.out.println("*************************************\n" + "Start Unit Test for SSO Group Support"
+//                + "\n*************************************");
+//
+//        // Create a user
+//        try
+//        {
+//            ums.addUser(TEST_GROUP_USER);
+//        }
+//        catch (SecurityException sex)
+//        {
+//            // assertTrue("user already exists. exception caught: " + sex, false);
+//        }
+//
+//        // Create a group
+//        try
+//        {
+//            gms.addGroup(TEST_GROUP);
+//            System.out.println("Creating Group " + TEST_GROUP + " and adding User " + TEST_GROUP_USER + " succeeded!.");
+//        }
+//        catch (SecurityException secex)
+//        {
+//            System.out.println("Creating Group " + TEST_GROUP + " and adding User " + TEST_GROUP_USER
+//                    + " failed. Group might already exist. Continue test...");
+//            // secex.printStackTrace();
+//            // throw new Exception(secex.getMessage());
+//        }
+//
+//        if (gms.groupExists(TEST_GROUP))
+//        {
+//            // Add user to Group
+//            gms.addUserToGroup(TEST_GROUP_USER, TEST_GROUP);
+//        }
+//        else
+//        {
+//            assertTrue("Could not create group. Abort test.", false);
+//        }
+//
+//        // Initialization of Group
+//        
+//        Principal principal = gms.newTransientGroup(TEST_GROUP);
+//        Set principals = new HashSet();
+//        principals.add(principal);
+//        Subject subject = new Subject(true, principals, new HashSet(), new HashSet());
+//
+//        // Add SSO Credential for Group
+//        if (ssoBroker.hasSSOCredentials(subject, TEST_URL) == false)
+//        {
+//            try
+//            {
+//                ssoBroker.addCredentialsForSite(subject, REMOTE_USER, TEST_URL, REMOTE_PWD_1);
+//                System.out.println("SSO Credential added for Group:" + TEST_GROUP + " site: " + TEST_URL);
+//            }
+//            catch (SSOException ssoex)
+//            {
+//                System.out.println("SSO Credential add FAILED for Group:" + TEST_GROUP + " site: " + TEST_URL);
+//                ssoex.printStackTrace();
+//                throw new Exception(ssoex.getMessage());
+//            }
+//        }
+//        else
+//        {
+//            System.out.println("Group:" + TEST_GROUP + " site: " + TEST_URL + " has already a remote credential");
+//        }
+//
+//        // Create Principal for User
+//        principal = ums.newTransientUser(TEST_GROUP_USER);
+//        principals = new HashSet();
+//        principals.add(principal);
+//        subject = new Subject(true, principals, new HashSet(), new HashSet());
+//
+//        // User should have credential for site
+//        if (ssoBroker.hasSSOCredentials(subject, TEST_URL) == false)
+//        {
+//            // Group expansion failed. User not recognized
+//            System.out.println("No SSO Credential for user:" + TEST_GROUP_USER + " site: " + TEST_URL);
+//
+//            // Test failure
+//            try
+//            {
+//                ums.removeUser(TEST_GROUP_USER);
+//                gms.removeGroup(TEST_GROUP);
+//            }
+//            catch (SecurityException sex)
+//            {
+//                assertTrue("could not remove user and group. exception caught: " + sex, false);
+//            }
+//
+//            throw new Exception("SSO Unit test for Group support failed");
+//        }
+//        else
+//        {
+//            // Group lookup succesful
+//            System.out.println("SSO Test for Group support successful" + "\nSSO Credential for user:" + TEST_GROUP_USER
+//                    + " site: " + TEST_URL + " found. User is member of Group " + TEST_GROUP);
+//        }
+//
+//        // Cleanup test.
+//
+//        /*
+//         * For hypersonic the cascading deletes are not generated by Torque and the remove credentials fails with a
+//         * constrGroupPrincipalImplaint error. Comment test out for M1 release but the problem needs to be addressed for the upcoming
+//         * releases
+//         */
+//        try
+//        {
+//            // Remove credential for Site
+//            ssoBroker.removeCredentialsForSite("/group/" + TEST_GROUP, TEST_URL);
+//            System.out.println("SSO Credential removed for Group:" + TEST_GROUP + " site: " + TEST_URL);
+//        }
+//        catch (SSOException ssoex)
+//        {
+//            System.out.println("SSO Credential remove FAILED for Group:" + TEST_GROUP + " site: " + TEST_URL);
+//            throw new Exception(ssoex.getMessage());
+//        }
+//
+//        try
+//        {
+//            ums.removeUser(TEST_GROUP_USER);
+//            gms.removeGroup(TEST_GROUP);
+//        }
+//        catch (SecurityException sex)
+//        {
+//            assertTrue("could not remove user and group. exception caught: " + sex, false);
+//        }
+//
+//    }
+//
+//    public void testSSO() throws Exception
+//    {
+//        System.out.println("***************************\nStart Unit Test for SSO API\n***************************");
+//
+//        // Create a user
+//        try
+//        {
+//            ums.addUser(TEST_USER);
+//        }
+//        catch (SecurityException sex)
+//        {
+//            // assertTrue("user already exists. exception caught: " + sex, false);
+//        }
+//
+//        // Initialization
+//        Principal principal = ums.newTransientUser(TEST_USER);
+//        Set principals = new HashSet();
+//        principals.add(principal);
+//        Subject subject = new Subject(true, principals, new HashSet(), new HashSet());
+//
+//        if (ssoBroker.hasSSOCredentials(subject, TEST_URL) == false)
+//        {
+//            System.out.println("No SSO Credential for user:" + TEST_USER + " site: " + TEST_URL);
+//
+//            // Add credential
+//            try
+//            {
+//                ssoBroker.addCredentialsForSite(subject, REMOTE_USER, TEST_URL, REMOTE_PWD_1);
+//                System.out.println("SSO Credential added for user:" + TEST_USER + " site: " + TEST_URL);
+//            }
+//            catch (SSOException ssoex)
+//            {
+//                System.out.println("SSO Credential add FAILED for user:" + TEST_USER + " site: " + TEST_URL);
+//                ssoex.printStackTrace();
+//                throw new Exception(ssoex.getMessage());
+//            }
+//        }
+//        else
+//        {
+//            System.out.println("SSO Credential found for user:" + TEST_USER + " site: " + TEST_URL);
+//        }
+//
+//        // Add another remote principal for the same user
+//        if (ssoBroker.hasSSOCredentials(subject, TEST_URL2) == false)
+//        {
+//            System.out.println("No SSO Credential for user:" + TEST_USER + " site: " + TEST_URL2);
+//
+//            // Add credential
+//            try
+//            {
+//                ssoBroker.addCredentialsForSite(subject, REMOTE_USER2, TEST_URL2, REMOTE_PWD_2);
+//                ssoBroker.setRealmForSite(TEST_URL2, "Nagios Access");
+//                
+//                System.out.println("SSO Credential added for user:" + TEST_USER + " site: " + TEST_URL2);
+//            }
+//            catch (SSOException ssoex)
+//            {
+//                System.out.println("SSO Credential add FAILED for user:" + TEST_USER + " site: " + TEST_URL2);
+//                ssoex.printStackTrace();
+//                throw new Exception(ssoex.getMessage());
+//            }
+//        }
+//        else
+//        {
+//            System.out.println("SSO Credential found for user:" + TEST_USER + " site: " + TEST_URL2);
+//        }
+//
+//        // Add the credentail again -- should get an error
+//        try
+//        {
+//            ssoBroker.addCredentialsForSite(subject, REMOTE_USER2, TEST_URL2, REMOTE_PWD_2);
+//            throw new Exception("Added same credentail twice -- API should prevent users from doing that.");
+//
+//        }
+//        catch (SSOException ssoex)
+//        {
+//            System.out.println("Adding same SSO Credential twice failed (as expected) Message :" + ssoex.getMessage());
+//        }
+//        catch (Exception e)
+//        {
+//            throw new Exception("Adding SSO Credential twice throw an unandled exception. Error: " + e.getMessage());
+//        }
+//
+//        // Test if the credential where persisted
+//
+//        // Test credential update
+//        SSOContext ssocontext = ssoBroker.getCredentials(subject, TEST_URL);
+//        System.out.println("SSO Credential: User:" + ssocontext.getRemotePrincipalName() + " Password: "
+//                + ssocontext.getRemoteCredential() + " for site: " + TEST_URL);
+//
+//        System.out.println("SSO Credential: User:" + ssocontext.getRemotePrincipalName() + " Password: "
+//                + ssocontext.getRemoteCredential() + " for site: " + TEST_URL2);
+//
+//        try
+//        {
+//            // Update Remote credential
+//            System.out.println("SSO Credential Update");
+//            ssoBroker.updateCredentialsForSite(subject, REMOTE_USER, TEST_URL, REMOTE_PWD_2);
+//
+//            ssocontext = ssoBroker.getCredentials(subject, TEST_URL);
+//            System.out.println("SSO Credential updated: User:" + ssocontext.getRemotePrincipalName() + " Password: "
+//                    + ssocontext.getRemoteCredential());
+//
+//        }
+//        catch (SSOException ssoex)
+//        {
+//            System.out.println("SSO Credential update FAILED for user:" + TEST_USER + " site: " + TEST_URL);
+//            throw new Exception(ssoex.getMessage());
+//        }
+//          
+//        /*
+//         * For hypersonic the cascading deletes are not generated by Torque and the remove credentials fails with a
+//         * constraint error. Comment test out for M1 release but the problem needs to be addressed for the upcoming
+//         * releases try { // Remove credential for Site ssoBroker.removeCredentialsForSite(subject, TEST_URL);
+//         * System.out.println("SSO Credential removed for user:" + TEST_USER+ " site: " + TEST_URL); }
+//         * catch(SSOException ssoex) { System.out.println("SSO Credential remove FAILED for user:" + TEST_USER+ " site: " +
+//         * TEST_URL); throw new Exception(ssoex.getMessage()); }
+//         */
+//
+//        Iterator sites = ssoBroker.getSites("");
+//        while (sites.hasNext())
+//        {
+//            SSOSite site = (SSOSite) sites.next();
+//            System.out.println("Site = " + site.getName());
+//        }
+//        // Cleanup
+//        try
+//        {
+//        	ssoBroker.removeCredentialsForSite(subject, TEST_URL);
+//        	ssoBroker.removeCredentialsForSite(subject, TEST_URL2);
+//        	System.out.println("SSO Credential removed for user:" + TEST_USER+ " sites: " + TEST_URL + " " + TEST_URL2); 
+//        }
+//        catch(SSOException ssoex) 
+//        { 
+//        	System.out.println("SSO Credential remove FAILED for user:" + TEST_USER+ " site: " + TEST_URL + " and " + TEST_URL2); 
+//        	throw new Exception(ssoex.getMessage());
+//        }
+//
+//    }
 
     /**
      * <p>



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message