portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tay...@apache.org
Subject cvs commit: jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions JAASSessionValidator.java
Date Thu, 12 Aug 2004 00:33:01 GMT
taylor      2004/08/11 17:33:01

  Added:       src/java/org/apache/jetspeed/modules/actions
  start of JAASSessionValidator (nothing here yet, just a shell)
  CVS: ----------------------------------------------------------------------
  CVS: PR:
  CVS:   If this change addresses a PR in the problem report tracking
  CVS:   database, then enter the PR number(s) here.
  CVS: Obtained from:
  CVS:   If this change has been taken from another system, such as NCSA,
  CVS:   then name the system in this line, otherwise delete it.
  CVS: Submitted by:
  CVS:   If this code has been contributed to Apache by someone else; i.e.,
  CVS:   they sent us a patch or a new module, then include their name/email
  CVS:   address here. If this is your work then delete this line.
  CVS: Reviewed by:
  CVS:   If we are doing pre-commit code reviews and someone else has
  CVS:   reviewed your changes, include their name(s) here.
  CVS:   If you have not had it reviewed then delete this line.
  Revision  Changes    Path
  1.1                  jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/JAASSessionValidator.java
  Index: JAASSessionValidator.java
   * Copyright 2000-2004 The Apache Software Foundation.
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
   * You may obtain a copy of the License at
   *      http://www.apache.org/licenses/LICENSE-2.0
   * Unless required by applicable law or agreed to in writing, software
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
   * limitations under the License.
  package org.apache.jetspeed.modules.actions;
  import java.security.Principal;
  import org.apache.jetspeed.om.security.JetspeedUser;
  import org.apache.jetspeed.services.logging.JetspeedLogFactoryService;
  import org.apache.jetspeed.services.logging.JetspeedLogger;
  import org.apache.turbine.util.RunData;
   * JAAS Session validator populates the Jetspeed User via the servlet.getUserPrincipal()
   * When using this session validator, Authentication is delegated to the Application Server.
   * Recommend disabling all user login functionality via Jetspeed, and using your web.xml
   * to protect access to all Jetspeed resources:
   * <security-constraints>
   *    <resources>
   *      <url>/*</url>
   *    </resources>
   * </security-constraint>
   * @author <a href="mailto:taylor@apache.org">David Sean Taylor </a>
   * @version $Id: JAASSessionValidator.java,v 1.1 2004/08/12 00:33:01 taylor Exp $
  public class JAASSessionValidator extends TemplateSessionValidator
      private static final JetspeedLogger log = JetspeedLogFactoryService.getLogger(JAASSessionValidator.class.getName());
      public void doPerform(RunData data) throws Exception
          Principal principal = data.getRequest().getUserPrincipal();
          // TODO: make sure logged user is same as principal
          JetspeedUser user = (JetspeedUser) data.getUser();
          if (!user.hasLoggedIn())

To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org

View raw message