portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jf...@apache.org
Subject cvs commit: jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions JAASSessionValidator.java
Date Thu, 12 Aug 2004 02:56:35 GMT
jford       2004/08/11 19:56:35

  Modified:    src/java/org/apache/jetspeed/modules/actions
                        JAASSessionValidator.java
  Log:
  JAAS implementation.  Tested against Tomcat Memory Realm using Basic authentication
  
  Revision  Changes    Path
  1.2       +158 -11   jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/JAASSessionValidator.java
  
  Index: JAASSessionValidator.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/JAASSessionValidator.java,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- JAASSessionValidator.java	12 Aug 2004 00:33:01 -0000	1.1
  +++ JAASSessionValidator.java	12 Aug 2004 02:56:35 -0000	1.2
  @@ -15,11 +15,20 @@
    */
   package org.apache.jetspeed.modules.actions;
   
  -import java.security.Principal;
  +import java.util.Locale;
   
   import org.apache.jetspeed.om.security.JetspeedUser;
  +import org.apache.jetspeed.services.JetspeedSecurity;
  +import org.apache.jetspeed.services.customlocalization.CustomLocalizationService;
   import org.apache.jetspeed.services.logging.JetspeedLogFactoryService;
   import org.apache.jetspeed.services.logging.JetspeedLogger;
  +import org.apache.jetspeed.services.rundata.JetspeedRunData;
  +import org.apache.jetspeed.services.security.JetspeedSecurityCache;
  +import org.apache.jetspeed.services.security.LoginException;
  +import org.apache.jetspeed.services.security.UnknownUserException;
  +import org.apache.jetspeed.util.ServiceUtil;
  +import org.apache.turbine.services.localization.LocalizationService;
  +import org.apache.turbine.services.resources.TurbineResources;
   import org.apache.turbine.util.RunData;
   
   
  @@ -27,34 +36,172 @@
    * JAAS Session validator populates the Jetspeed User via the servlet.getUserPrincipal()
call
    * When using this session validator, Authentication is delegated to the Application Server.
    * Recommend disabling all user login functionality via Jetspeed, and using your web.xml
  - * to protect access to all Jetspeed resources:
  + * to protect access to all Jetspeed resources  (place after resource-ref or welcome-file-list:
    * 
  - * <security-constraints>
  - *    <resources>
  - *      <url>/*</url>
  - *    </resources>
  + * <security-constraint>
  + *   <display-name>Jetspeed Security</display-name>
  + *   <web-resource-collection>
  + *     <web-resource-name>Protected Area</web-resource-name>
  + *     <!-- Define the context-relative URL(s) to be protected -->
  + *     <url-pattern>/*</url-pattern>
  + * 
  + *     <!-- If you list http methods, only those methods are protected -->
  + *     <http-method>DELETE</http-method>
  + *     <http-method>GET</http-method>
  + *     <http-method>POST</http-method>
  + *     <http-method>PUT</http-method>
  + *   </web-resource-collection>
  + *   <auth-constraint>
  + *     <!-- Anyone with one of the listed roles may access this area -->
  + *     <role-name>user</role-name>
  + *     <role-name>admin</role-name>
  + *   </auth-constraint>
  + * 
  + *   <!--
  + *     <user-data-constraint>
  + *       <transport-guarantee>CONFIDENTIAL</transport-guarantee>
  + *     </user-data-constraint>
  + *   -->
    * </security-constraint>
    * 
  + * <login-config>
  + *   <auth-method>BASIC</auth-method>
  + *   <realm-name>Jetspeed BASIC Authentication</realm-name>
  + * </login-config>
  + * 
  + * <!-- Default login configuration uses form-based authentication -->
  + * <!--
  + *   <login-config>
  + *     <auth-method>FORM</auth-method>
  + *     <realm-name>Example Form-Based Authentication Area</realm-name>
  + *     <form-login-config>
  + *       <form-login-page>/jsp/security/protected/login.jsp</form-login-page>
  + *       <form-error-page>/jsp/security/protected/error.jsp</form-error-page>
  + *     </form-login-config>
  + *   </login-config>
  + * -->
  + * 
  + * <!-- Security roles referenced by this web application -->
  + * <security-role>
  + *   <role-name>admin</role-name>
  + * </security-role>
  + * <security-role>
  + *   <role-name>user</role-name>
  + * </security-role>
  + * <security-role>
  + *   <role-name>guest</role-name>
  + * </security-role>
  + * 
  + * Place the following the the servlet element where the Turbine servlet is defined:
  + * 
  + * <security-role-ref>
  + *  <role-name>user</role-name>  <!--passed to isUserInRole()-->
  + *  <role-link>user</role-link>  <!--Jetspeed role name-->
  + * </security-role-ref>
  + *
  + * <security-role-ref>
  + *   <role-name>admin</role-name>
  + *   <role-link>admin</role-link>
  + * </security-role-ref>
  + *
  + * <security-role-ref>
  + *   <role-name>guest</role-name>
  + *   <role-link>guest</role-link>
  + * </security-role-ref>
  + * 
  + * 
    * @author <a href="mailto:taylor@apache.org">David Sean Taylor </a>
    * @version $Id$
    */
   public class JAASSessionValidator extends TemplateSessionValidator
   {
  -    private static final JetspeedLogger log = JetspeedLogFactoryService.getLogger(JAASSessionValidator.class.getName());
   
  +    private static final JetspeedLogger logger = JetspeedLogFactoryService.getLogger(JAASSessionValidator.class.getName());
   
       
       public void doPerform(RunData data) throws Exception
       {
           super.doPerform(data);         
   
  -        Principal principal = data.getRequest().getUserPrincipal();
           
  -        // TODO: make sure logged user is same as principal
           
           JetspeedUser user = (JetspeedUser) data.getUser();
           if (!user.hasLoggedIn())
           {
  +            String userName = data.getRequest().getRemoteUser();            
  +            //Principal principal = data.getRequest().getUserPrincipal();
  +
  +            if(userName != null && userName.length() > 0)
  +            {
  +                try
  +                {
  +                    user = JetspeedSecurity.getUser(userName);
  +                    data.setUser(user);
  +                    user.setHasLoggedIn(Boolean.TRUE);
  +                    user.updateLastLogin();
  +                    data.save();
  +                    if (JetspeedSecurityCache.getAcl(userName) == null)
  +                    {
  +                        JetspeedSecurityCache.load(userName);
  +                    }
  +                    logger.info("JAASSessionValidator: automatic login using [" + userName
+ "]");
  +                }
  +                catch (LoginException noSuchUser)
  +                {
  +                    //user not found - ignore it - they will not be logged in automatically
  +                }
  +                catch (UnknownUserException unknownUser)
  +                {
  +                    //user not found - ignore it - they will not be logged in automatically
  +                    if (logger.isWarnEnabled())
  +                    {
  +                        logger.warn("JAASSessionValidator: username [" + userName + "]
does not exist or authentication failed, " 
  +                                 + "redirecting to anon profile");
  +                    }
  +                }
  +            }
           }
           
  -    }
  +        /*
  +         * This was copied straight from NTLM.  Could refactor this... 
  +         */
  +        // now, define Jetspeed specific properties, using the customized
  +        // RunData properties
  +        JetspeedRunData jdata = null;
   
  +        try
  +        {
  +            jdata = (JetspeedRunData) data;
  +        }
  +        catch (ClassCastException e)
  +        {
  +            logger.error("The RunData object does not implement the expected interface,
"
  +                      + "please verify the RunData factory settings");
  +            return;
  +        }
  +        String language = (String) data.getRequest().getParameter("js_language");
  +
  +        if (null != language)
  +        {
  +            user.setPerm("language", language);
  +        }
  +
  +        // Get the locale store it in the user object
  +        CustomLocalizationService locService = 
  +            (CustomLocalizationService) ServiceUtil.getServiceByName(LocalizationService.SERVICE_NAME);
  +        Locale locale = locService.getLocale(data);
  +        if (locale == null)
  +        {
  +            locale = new Locale(TurbineResources.getString("locale.default.language", "en"),

  +                                TurbineResources.getString("locale.default.country", "US"));
  +        }
  +
  +        data.getUser().setTemp("locale", locale);
  +
  +        // if a portlet is referenced in the parameters request, store it
  +        // in the RunData object
  +        String paramPortlet = jdata.getParameters().getString("js_peid");
  +        if (paramPortlet != null && paramPortlet.length() > 0)
  +        {
  +            jdata.setJs_peid(paramPortlet);
  +        }
  +    }
   }
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org


Mime
View raw message