portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tay...@apache.org
Subject svn commit: r605431 - in /portals/jetspeed-2/branches/JETSPEED-2.1.3: applications/demo/src/webapp/WEB-INF/conf/ components/rewriter/src/java/org/apache/jetspeed/rewriter/ components/web-content/src/java/org/apache/jetspeed/portlet/
Date Wed, 19 Dec 2007 05:11:41 GMT
Author: taylor
Date: Tue Dec 18 21:11:40 2007
New Revision: 605431

URL: http://svn.apache.org/viewvc?rev=605431&view=rev
Log:
i've had these ticket based SSO Portlet and rewriter sitting around for a while now

Added:
    portals/jetspeed-2/branches/JETSPEED-2.1.3/components/rewriter/src/java/org/apache/jetspeed/rewriter/TicketParamRewriter.java
    portals/jetspeed-2/branches/JETSPEED-2.1.3/components/web-content/src/java/org/apache/jetspeed/portlet/SSOTicketPortlet.java
Modified:
    portals/jetspeed-2/branches/JETSPEED-2.1.3/applications/demo/src/webapp/WEB-INF/conf/default-rewriter-rules.xml
    portals/jetspeed-2/branches/JETSPEED-2.1.3/components/web-content/src/java/org/apache/jetspeed/portlet/SSOWebContentPortlet.java
    portals/jetspeed-2/branches/JETSPEED-2.1.3/components/web-content/src/java/org/apache/jetspeed/portlet/WebContentPortlet.java

Modified: portals/jetspeed-2/branches/JETSPEED-2.1.3/applications/demo/src/webapp/WEB-INF/conf/default-rewriter-rules.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/branches/JETSPEED-2.1.3/applications/demo/src/webapp/WEB-INF/conf/default-rewriter-rules.xml?rev=605431&r1=605430&r2=605431&view=diff
==============================================================================
--- portals/jetspeed-2/branches/JETSPEED-2.1.3/applications/demo/src/webapp/WEB-INF/conf/default-rewriter-rules.xml
(original)
+++ portals/jetspeed-2/branches/JETSPEED-2.1.3/applications/demo/src/webapp/WEB-INF/conf/default-rewriter-rules.xml
Tue Dec 18 21:11:40 2007
@@ -28,7 +28,7 @@
 <tag id='body' remove='true'/>
 
 <!-- strip tags -->
-<tag id='head' strip='true'/>
+<tag id='head' remove='true'/>
 
 <!-- rewritten tags -->
 <tag id='a'>

Added: portals/jetspeed-2/branches/JETSPEED-2.1.3/components/rewriter/src/java/org/apache/jetspeed/rewriter/TicketParamRewriter.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/branches/JETSPEED-2.1.3/components/rewriter/src/java/org/apache/jetspeed/rewriter/TicketParamRewriter.java?rev=605431&view=auto
==============================================================================
--- portals/jetspeed-2/branches/JETSPEED-2.1.3/components/rewriter/src/java/org/apache/jetspeed/rewriter/TicketParamRewriter.java
(added)
+++ portals/jetspeed-2/branches/JETSPEED-2.1.3/components/rewriter/src/java/org/apache/jetspeed/rewriter/TicketParamRewriter.java
Tue Dec 18 21:11:40 2007
@@ -0,0 +1,67 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.rewriter;
+
+
+/**
+ * Parses looking for a Ticket Param, used in SSO portlets where ticket processing is required
+ * Often tickets are added as form parameters and checked on the authentication for better
security
+ *
+ * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
+ * @version $Id$
+ */
+public class TicketParamRewriter extends BasicRewriter
+{    
+    private String ticket;
+    private String ticketName;
+
+    public String getTicketName() 
+    {
+        return ticketName;
+    }
+
+    public void setTicketName(String ticketName) 
+    {
+        this.ticketName = ticketName;
+    }
+    
+    public String getTicket() 
+    {
+		return ticket;
+	}
+
+	public void setTicket(String ticket) 
+    {
+		this.ticket = ticket;
+	}
+    
+    public boolean enterSimpleTagEvent(String tag, MutableAttributes attrs)
+    {
+        if (tag.equalsIgnoreCase("input"))
+        {
+            String name = attrs.getValue("name");
+            String value = attrs.getValue("value");
+            if (name.equals(this.ticketName))
+            {
+            
+            	//System.out.println("*** TICKET attr=" + name + " val = " + value);    
+            	setTicket(value);
+            }
+        }        
+        return true;
+    }            
+}

Added: portals/jetspeed-2/branches/JETSPEED-2.1.3/components/web-content/src/java/org/apache/jetspeed/portlet/SSOTicketPortlet.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/branches/JETSPEED-2.1.3/components/web-content/src/java/org/apache/jetspeed/portlet/SSOTicketPortlet.java?rev=605431&view=auto
==============================================================================
--- portals/jetspeed-2/branches/JETSPEED-2.1.3/components/web-content/src/java/org/apache/jetspeed/portlet/SSOTicketPortlet.java
(added)
+++ portals/jetspeed-2/branches/JETSPEED-2.1.3/components/web-content/src/java/org/apache/jetspeed/portlet/SSOTicketPortlet.java
Tue Dec 18 21:11:40 2007
@@ -0,0 +1,113 @@
+package org.apache.jetspeed.portlet;
+
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.io.Reader;
+import java.util.Map;
+
+import javax.portlet.PortletException;
+import javax.portlet.RenderRequest;
+import javax.portlet.RenderResponse;
+
+import org.apache.commons.httpclient.Header;
+import org.apache.commons.httpclient.HttpClient;
+import org.apache.commons.httpclient.HttpMethodBase;
+import org.apache.commons.httpclient.methods.PostMethod;
+import org.apache.jetspeed.rewriter.ParserAdaptor;
+import org.apache.jetspeed.rewriter.RewriterException;
+import org.apache.jetspeed.rewriter.TicketParamRewriter;
+import org.apache.jetspeed.rewriter.html.SwingParserAdaptor;
+
+public class SSOTicketPortlet extends SSOWebContentPortlet 
+{
+    public final static String SSO_PREF_TICKET_NAME = "ticket.name";
+    // sso.type
+	protected Class adaptorHtmlClass = SwingParserAdaptor.class;
+        
+    //form Constants
+    public static final String FORM_POST_METHOD = "post";
+    public static final String FORM_GET_METHOD = "get";
+    public static final String FORM_MULTIPART_METHOD = "multipart";
+    
+    protected HttpMethodBase getHttpMethod(HttpClient client, String uri, Map params, String
formMethod, RenderRequest request) throws IOException
+    {
+        String postURI = (String)request.getPreferences().getValue(SSO_TYPE_FORM_ACTION_URL,
"");
+        String ticketName = (String)request.getPreferences().getValue(SSO_PREF_TICKET_NAME,
"");        
+    	if(uri.startsWith(postURI))
+        {
+            if(!params.containsKey(ticketName))
+            {
+            	params.put(ticketName, new String[]
+                                        { requestTicket(uri, request, null) });
+            }
+        }        
+        return super.getHttpMethod(client, uri, params, formMethod, request);
+    }
+
+    private String requestTicket(String url, RenderRequest request, RenderResponse response)
+    {
+        // ...set up URL and HttpClient stuff
+    	String ticket = "";
+    	HttpClient client = new HttpClient();
+        HttpMethodBase httpMethod = null;
+        httpMethod = new PostMethod();
+        //String useragentProperty = request.getProperty("User-Agent");
+        httpMethod.addRequestHeader( "User-Agent", "Firefox" );
+        httpMethod.setPath(url);
+        try
+        {
+            client.executeMethod(httpMethod);
+            int responseCode  = httpMethod.getStatusCode();
+            if (responseCode >= 300 && responseCode <= 399)
+            {
+                // redirection that could not be handled automatically!!! (probably from
a POST)
+                Header locationHeader = httpMethod.getResponseHeader("location");
+                String redirectLocation = locationHeader != null ? locationHeader.getValue()
: null ;
+                if (redirectLocation != null)
+                {
+                    // System.out.println("WebContentPortlet.doHttpWebContent() >>>handling
redirect to: "+redirectLocation+"<<<");                    
+                    // one more time (assume most params are already encoded & new URL
is using GET protocol!)
+                    return requestTicket( redirectLocation,null,null) ;
+                }
+                else
+                {
+                    // The response is a redirect, but did not provide the new location for
the resource.
+                    throw new PortletException("Redirection code: "+responseCode+", but with
no redirectionLocation set.");
+                }
+            }
+            else if (responseCode == 200)
+            {        	
+    //        	String body = httpMethod.getResponseBodyAsString();
+    //        	Header [] head =  httpMethod.getResponseHeaders();
+            	TicketParamRewriter ticketWriter =  new TicketParamRewriter();
+                String ticketName = (String)request.getPreferences().getValue(SSO_PREF_TICKET_NAME,
null);
+                if (ticketName != null)
+                {
+                    ticketWriter.setTicketName(ticketName);
+                    Reader reader = new InputStreamReader(httpMethod.getResponseBodyAsStream());
+                    createParserAdaptor().parse(ticketWriter, reader);
+                    ticket = ticketWriter.getTicket();
+                }
+            }
+        }
+        catch (Exception e) 
+        {
+			e.printStackTrace();
+		}	
+    	return ticket;
+    }
+
+    public ParserAdaptor createParserAdaptor() throws RewriterException
+    {
+        try
+        {
+                return (ParserAdaptor) adaptorHtmlClass.newInstance();
+         
+        }
+        catch (Exception e)
+        {
+            log.error("Error creating rewriter class", e);
+        }
+        return null;
+    }    
+}

Modified: portals/jetspeed-2/branches/JETSPEED-2.1.3/components/web-content/src/java/org/apache/jetspeed/portlet/SSOWebContentPortlet.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/branches/JETSPEED-2.1.3/components/web-content/src/java/org/apache/jetspeed/portlet/SSOWebContentPortlet.java?rev=605431&r1=605430&r2=605431&view=diff
==============================================================================
--- portals/jetspeed-2/branches/JETSPEED-2.1.3/components/web-content/src/java/org/apache/jetspeed/portlet/SSOWebContentPortlet.java
(original)
+++ portals/jetspeed-2/branches/JETSPEED-2.1.3/components/web-content/src/java/org/apache/jetspeed/portlet/SSOWebContentPortlet.java
Tue Dec 18 21:11:40 2007
@@ -120,8 +120,8 @@
     
     // Data Members
     
-    private PortletContext context;
-    private SSOProvider sso;
+    protected PortletContext context;
+    protected SSOProvider sso;
     
     
     // Methods
@@ -348,7 +348,8 @@
                 }
 
                 // resuse client - in case new cookies get set - but create a new method
(for the formAction)
-                method = getHttpMethod(client, getURLSource(formAction, formParams, request,
response), formParams, isPost, request);
+                String formMethod = (isPost) ? FORM_POST_METHOD : FORM_GET_METHOD;      
         
+                method = getHttpMethod(client, getURLSource(formAction, formParams, request,
response), formParams, formMethod, request);
                 // System.out.println("...posting credentials");
                 result = doHttpWebContent(client, method, 0, request, response) ;
                 // System.out.println("Result of attempted authorization: "+success);

Modified: portals/jetspeed-2/branches/JETSPEED-2.1.3/components/web-content/src/java/org/apache/jetspeed/portlet/WebContentPortlet.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/branches/JETSPEED-2.1.3/components/web-content/src/java/org/apache/jetspeed/portlet/WebContentPortlet.java?rev=605431&r1=605430&r2=605431&view=diff
==============================================================================
--- portals/jetspeed-2/branches/JETSPEED-2.1.3/components/web-content/src/java/org/apache/jetspeed/portlet/WebContentPortlet.java
(original)
+++ portals/jetspeed-2/branches/JETSPEED-2.1.3/components/web-content/src/java/org/apache/jetspeed/portlet/WebContentPortlet.java
Tue Dec 18 21:11:40 2007
@@ -54,6 +54,7 @@
 import org.apache.commons.httpclient.HttpMethodBase;
 import org.apache.commons.httpclient.NameValuePair;
 import org.apache.commons.httpclient.methods.GetMethod;
+import org.apache.commons.httpclient.methods.MultipartPostMethod;
 import org.apache.commons.httpclient.methods.PostMethod;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
@@ -119,6 +120,9 @@
     private RulesetRewriter rewriter = null;
     private RewriterController rewriteController = null;
 
+    public static final String FORM_POST_METHOD = "post";
+    public static final String FORM_GET_METHOD = "get";
+    public static final String FORM_MULTIPART_METHOD = "multipart";
     
     public WebContentPortlet()
     {
@@ -323,7 +327,8 @@
             
             // ...set up URL and HttpClient stuff
             HttpClient httpClient = getHttpClient(request) ;
-            httpMethod = getHttpMethod(httpClient, getURLSource(sourceAttr, sourceParams,
request, response), sourceParams, isPost, request);
+            String method = (isPost) ? FORM_POST_METHOD : FORM_GET_METHOD;
+            httpMethod = getHttpMethod(httpClient, getURLSource(sourceAttr, sourceParams,
request, response), sourceParams, method, request);
             byte[] result = doPreemptiveAuthentication(httpClient, httpMethod, request, response);
             
             // ...get, cache, and return the content
@@ -517,14 +522,35 @@
         return client ;
     }
     
-    protected HttpMethodBase getHttpMethod(HttpClient client, String uri, Map params, boolean
isPost, RenderRequest request) throws IOException
+    protected HttpMethodBase getHttpMethod(HttpClient client, String uri, Map params, String
formMethod, RenderRequest request) throws IOException
     {
+        formMethod = FORM_MULTIPART_METHOD;
         HttpMethodBase httpMethod = null;
         String useragentProperty = request.getProperty("User-Agent");
-        if (!isPost)
-        {
-            // System.out.println("WebContentPortlet.getHttpMethod() - HTTP GET from URL:
"+uri);
+        if(formMethod.equalsIgnoreCase(FORM_MULTIPART_METHOD)){ 
+            // http mutipart
+            MultipartPostMethod mutlitPart = (MultipartPostMethod)( httpMethod = new MultipartPostMethod(uri))
; 
+            if (params != null && !params.isEmpty())
+            {
+                Iterator iter = params.entrySet().iterator();
+                while (iter.hasNext())
+                {
+                    Map.Entry entry = (Map.Entry)iter.next();
+                    String name = (String)entry.getKey(); 
+                    String[] values = (String[])entry.getValue();
+                    if (values != null)
+                        for (int i=0,limit=values.length; i<limit; i++)
+                        {
+                            // System.out.println("...adding >>>POST parameter:
"+name+", with value: "+values[i]+"<<<");
+                            
+                            mutlitPart.addParameter(name, values[i]);
+                        }
+                }   
+            }
             
+        }else if (formMethod.equalsIgnoreCase(FORM_GET_METHOD)){
+        
+            // System.out.println("WebContentPortlet.getHttpMethod() - HTTP GET from URL:
"+uri);
             // http GET
             httpMethod = new GetMethod(uri);
             if (params != null && !params.isEmpty())
@@ -548,9 +574,7 @@
             
             // automatically follow redirects (NOTE: not supported in POST - will throw exeception
if you ask for it, then sees a redirect!!)
             httpMethod.setFollowRedirects(true);
-        }
-        else
-        {
+        }else if (formMethod.equalsIgnoreCase(FORM_POST_METHOD)) {
             // System.out.println("WebContentPortlet.getHttpMethod() - HTTP POST to URL:
"+uri);
             
             // http POST
@@ -584,6 +608,8 @@
         return httpMethod ;
     }
 
+    
+    
 
     static final int BLOCK_SIZE = 4096;
 



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message