You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@cocoon.apache.org by cz...@apache.org on 2006/06/16 18:29:23 UTC
svn commit: r414856 [1/2] - in /cocoon/branches/BRANCH_2_1_X: ./
src/blocks/auth/ src/blocks/auth/conf/ src/blocks/auth/java/
src/blocks/auth/java/org/ src/blocks/auth/java/org/apache/
src/blocks/auth/java/org/apache/cocoon/ src/blocks/auth/java/org/ap...
Author: cziegeler
Date: Fri Jun 16 09:29:21 2006
New Revision: 414856
URL: http://svn.apache.org/viewvc?rev=414856&view=rev
Log:
Contribution of CoWarp 0.4 to Cocoon 2.1.x (not building yet)
Added:
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/conf/
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/conf/auth.xroles
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/AbstractSecurityHandler.java (with props)
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/Application.java (with props)
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/ApplicationManager.java (with props)
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/ApplicationStore.java (with props)
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/ApplicationUtil.java (with props)
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/SecurityHandler.java (with props)
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/StandardApplication.java (with props)
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/StandardUser.java (with props)
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/User.java (with props)
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/AbstractAuthAction.java (with props)
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/LoggedInAction.java (with props)
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/LoginAction.java (with props)
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/LogoutAction.java (with props)
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/AnonymousSecurityHandler.java (with props)
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/LoginInfo.java (with props)
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/PipelineSecurityHandler.java (with props)
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/ServletSecurityHandler.java (with props)
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/ServletSessionListener.java (with props)
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/StandardApplicationManager.java (with props)
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/portal/
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/portal/PortalApplication.java (with props)
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/portal/StandardPortalApplication.java (with props)
cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/portal/UserInfoProviderImpl.java (with props)
Modified:
cocoon/branches/BRANCH_2_1_X/CREDITS.txt
cocoon/branches/BRANCH_2_1_X/status.xml
Modified: cocoon/branches/BRANCH_2_1_X/CREDITS.txt
URL: http://svn.apache.org/viewvc/cocoon/branches/BRANCH_2_1_X/CREDITS.txt?rev=414856&r1=414855&r2=414856&view=diff
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/CREDITS.txt (original)
+++ cocoon/branches/BRANCH_2_1_X/CREDITS.txt Fri Jun 16 09:29:21 2006
@@ -41,6 +41,9 @@
evolved from the Woody donation made by Outerthought
(http://outerthought.org).
+The initial code of the official Cocoon authentication block (CAuth)
+evolved from the CoWarp donation made by Carsten Ziegeler (cziegeler@osoco.org).
+
Credits of included software
----------------------------
Added: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/conf/auth.xroles
URL: http://svn.apache.org/viewvc/cocoon/branches/BRANCH_2_1_X/src/blocks/auth/conf/auth.xroles?rev=414856&view=auto
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/auth/conf/auth.xroles (added)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/auth/conf/auth.xroles Fri Jun 16 09:29:21 2006
@@ -0,0 +1,27 @@
+<?xml version="1.0"?>
+<!--
+ Copyright 1999-2004 The Apache Software Foundation
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<!-- @version $Id$ -->
+<xroles xpath="/role-list" unless="role[@name='org.apache.cocoon.auth.ApplicationManager']">
+
+ <!--+
+ | Application Manager
+ |
+ +-->
+ <role name="org.apache.cocoon.auth.ApplicationManager"
+ default-class="org.apache.cocoon.auth.impl.StandardApplicationManager"/>
+
+</xroles>
Added: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/AbstractSecurityHandler.java
URL: http://svn.apache.org/viewvc/cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/AbstractSecurityHandler.java?rev=414856&view=auto
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/AbstractSecurityHandler.java (added)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/AbstractSecurityHandler.java Fri Jun 16 09:29:21 2006
@@ -0,0 +1,72 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth;
+
+import org.apache.avalon.framework.configuration.Configurable;
+import org.apache.avalon.framework.configuration.Configuration;
+import org.apache.avalon.framework.configuration.ConfigurationException;
+import org.apache.avalon.framework.context.Context;
+import org.apache.avalon.framework.context.ContextException;
+import org.apache.avalon.framework.context.Contextualizable;
+import org.apache.avalon.framework.logger.AbstractLogEnabled;
+import org.apache.avalon.framework.thread.ThreadSafe;
+
+/**
+ * This is a base class that can be used for own {@link SecurityHandler}s. It
+ * provides a save implementation for the {@link #getId()} method. The only
+ * drawback is that a subclass has to use {@link Configurable} and can't
+ * use {@link org.apache.avalon.framework.parameters.Parameterizable}.
+ *
+ * @version $Id$
+*/
+public abstract class AbstractSecurityHandler
+ extends AbstractLogEnabled
+ implements SecurityHandler, Configurable, Contextualizable, ThreadSafe {
+
+ /** The unique identifier. */
+ protected String id;
+
+ /**
+ * @see org.apache.avalon.framework.context.Contextualizable#contextualize(org.apache.avalon.framework.context.Context)
+ */
+ public void contextualize(final Context context) throws ContextException {
+ String sitemapPrefix = null;
+ try {
+ // this is available starting with Cocoon 2.2
+ sitemapPrefix = (String)context.get("env-prefix");
+ } catch (ContextException ce) {
+ // no prefix available, so we are running pre 2.2 which means
+ // we only have one cocoon.xconf anyway
+ sitemapPrefix = "cocoon-2.1.x";
+ }
+ this.id = sitemapPrefix + '/';
+ }
+
+ /**
+ * @see org.apache.avalon.framework.configuration.Configurable#configure(org.apache.avalon.framework.configuration.Configuration)
+ */
+ public void configure(final Configuration conf) throws ConfigurationException {
+ this.id = this.id + '/' + this.getClass().getName() + '/'
+ + conf.getAttribute( "role", this.getClass().getName());
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.SecurityHandler#getId()
+ */
+ public String getId() {
+ return this.id;
+ }
+}
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/AbstractSecurityHandler.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/AbstractSecurityHandler.java
------------------------------------------------------------------------------
svn:keywords = Id
Added: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/Application.java
URL: http://svn.apache.org/viewvc/cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/Application.java?rev=414856&view=auto
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/Application.java (added)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/Application.java Fri Jun 16 09:29:21 2006
@@ -0,0 +1,94 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth;
+
+import java.util.Map;
+
+
+/**
+ * This class describes the current application. Inside Cocoon, you can have
+ * different applications running at the same time (a portal, a shop, a
+ * registration wizard etc.) Each of these applications might require its
+ * own login or might have different settings. The application object helps in
+ * managing these things.
+ *
+ * An application provides access to the corresponding {@link SecurityHandler}
+ * and {@link ApplicationStore}. It can also store configuration values as
+ * attributes.
+ *
+ * In addition, the application is notified about user actions (login, logout
+ * and usage).
+ *
+ * @version $Id$
+*/
+public interface Application {
+
+ /**
+ * Return the security handler for this application.
+ * @return The security handler
+ */
+ SecurityHandler getSecurityHandler();
+
+ /**
+ * Return the application store for loading/saving user specific data.
+ * @return Return the application store or null.
+ */
+ ApplicationStore getApplicationStore();
+
+ /**
+ * Notify the application about a successful login of a user.
+ * @param user The current user.
+ * @param context The context for the login operation.
+ */
+ void userDidLogin(User user, Map context);
+
+ /**
+ * Notify the application about a logout of a user.
+ * @param user The current user.
+ * @param context The context for the logout operation.
+ */
+ void userWillLogout(User user, Map context);
+
+ /**
+ * Notify the application about a user using the application
+ * in the current request. This method might be called more than
+ * once during one request, so the application should check this.
+ * This hook can for example be used by the application to
+ * prepare the current object model of the request.
+ * @param user The current user.
+ */
+ void userIsAccessing(User user);
+
+ /**
+ * Set an application attribute.
+ * @param key The key of the attribute.
+ * @param value The value of the attribute.
+ */
+ void setAttribute(String key, Object value);
+
+ /**
+ * Remove an application attribute.
+ * @param key The key of the attribute.
+ */
+ void removeAttribute(String key);
+
+ /**
+ * Get the value of an application attribute.
+ * @param key The key of the attribute.
+ * @return The value of the attribute or null.
+ */
+ Object getAttribute(String key);
+}
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/Application.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/Application.java
------------------------------------------------------------------------------
svn:keywords = Id
Added: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/ApplicationManager.java
URL: http://svn.apache.org/viewvc/cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/ApplicationManager.java?rev=414856&view=auto
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/ApplicationManager.java (added)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/ApplicationManager.java Fri Jun 16 09:29:21 2006
@@ -0,0 +1,84 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth;
+
+import java.util.Map;
+
+/**
+ * This is the central component of Cocoon Authentication. It controls all applications
+ * defined in the current Cocoon instance and provides ways to authenticate
+ * a user.
+ *
+ * @version $Id$
+*/
+public interface ApplicationManager {
+
+ /** The string used to store the user in the object model and the prefix
+ * for the session. */
+ String USER = "cauth-user";
+
+ /** The string used to store the application in the object model. */
+ String APPLICATION = "cauth-application";
+
+ /** The string used to store the application data in the object model .*/
+ String APPLICATION_DATA = "cauth-application-data";
+
+ /** The key for parameters in the login context. */
+ String LOGIN_CONTEXT_PARAMETERS_KEY = "parameters";
+
+ /** The key for parameters in the logout context. */
+ String LOGOUT_CONTEXT_PARAMETERS_KEY = "parameters";
+
+ /** The key for the logout method in the logout context. */
+ String LOGOUT_CONTEXT_MODE_KEY = "mode";
+
+ /** logout mode: terminate session if the user is not logged into
+ * any application anymore (default). */
+ String LOGOUT_MODE_TERMINATE_SESSION_IF_UNUSED = "0";
+
+ /** logout mode: don't terminate the session. */
+ String LOGOUT_MODE_KEEP_SESSION = "1";
+
+ /**
+ * Test, if the current user is already logged into the application.
+ * @param appName The name of the application.
+ * @return Returns true if the user is already logged in, false otherwise.
+ */
+ boolean isLoggedIn(String appName);
+
+ /**
+ * Log the user in to the application. If the user is already logged in
+ * then the corresponding user object is returned.
+ * If the login process is started, the login context is passed to
+ * {@link SecurityHandler#login(Map)} and on successful login to
+ * {@link Application#userDidLogin(User, Map)}.
+ * @param appName The name of the application.
+ * @param loginContext The context for the login operation.
+ * @return The user object on a successful login, null otherwise.
+ * @throws Exception If anything goes wrong.
+ */
+ User login(String appName, Map loginContext) throws Exception;
+
+ /**
+ * Logout the user from an application.
+ * During the logout process, the logout context is passed to
+ * {@link Application#userWillLogout(User, Map)},
+ * and eventually to {@link SecurityHandler#logout(Map, User)}.
+ * @param appName The name of the application.
+ * @param logoutContext The context for the logout operation.
+ */
+ void logout(String appName, Map logoutContext);
+}
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/ApplicationManager.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/ApplicationManager.java
------------------------------------------------------------------------------
svn:keywords = Id
Added: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/ApplicationStore.java
URL: http://svn.apache.org/viewvc/cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/ApplicationStore.java?rev=414856&view=auto
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/ApplicationStore.java (added)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/ApplicationStore.java Fri Jun 16 09:29:21 2006
@@ -0,0 +1,46 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth;
+
+/**
+ * This component loads/saves application data for a user. If an application
+ * has an application store, the {@link #loadApplicationData(User, Application)}
+ * is executed after the user has logged into the application. The loaded
+ * data object is stored in the session, see {@link org.apache.cocoon.auth.ApplicationUtil}.
+ * Calling the {@link #saveApplicationData(User, Application, Object)} is the
+ * task of the application.
+ *
+ * @version $Id$
+*/
+public interface ApplicationStore {
+
+ /**
+ * Load data for the given user and application.
+ * For session replication to work this data should be {@link java.io.Serializable}.
+ * @param user The current user.
+ * @param app The current application.
+ * @return The loaded data or null.
+ */
+ Object loadApplicationData(User user, Application app);
+
+ /**
+ * Save the data for the given user and application.
+ * @param user The current user.
+ * @param app The current application.
+ * @param data The user data.
+ */
+ void saveApplicationData(User user, Application app, Object data);
+}
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/ApplicationStore.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/ApplicationStore.java
------------------------------------------------------------------------------
svn:keywords = Id
Added: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/ApplicationUtil.java
URL: http://svn.apache.org/viewvc/cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/ApplicationUtil.java?rev=414856&view=auto
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/ApplicationUtil.java (added)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/ApplicationUtil.java Fri Jun 16 09:29:21 2006
@@ -0,0 +1,133 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth;
+
+import java.util.Map;
+
+import org.apache.avalon.framework.context.Context;
+import org.apache.avalon.framework.context.ContextException;
+import org.apache.avalon.framework.context.Contextualizable;
+import org.apache.cocoon.components.ContextHelper;
+import org.apache.cocoon.environment.ObjectModelHelper;
+import org.apache.cocoon.environment.Request;
+
+
+/**
+ * Utility class that can be used from flow to access the different
+ * application functions of Cocoon Authentication.
+ *
+ * @version $Id$
+*/
+public class ApplicationUtil
+ implements Contextualizable {
+
+ /** The Avalon context. */
+ protected Context context;
+
+ /**
+ * @see org.apache.avalon.framework.context.Contextualizable#contextualize(org.apache.avalon.framework.context.Context)
+ */
+ public void contextualize(final Context aContext) throws ContextException {
+ this.context = aContext;
+ }
+
+ /**
+ * Return the current user.
+ * @param objectModel The object model of the current request.
+ * @return The current user or null.
+ */
+ public static User getUser(final Map objectModel) {
+ return (User)objectModel.get(ApplicationManager.USER);
+ }
+
+ /**
+ * Return the current application.
+ * @param objectModel The object model of the current request.
+ * @return The current application or null.
+ */
+ public static Application getApplication(final Map objectModel) {
+ return (Application)objectModel.get(ApplicationManager.APPLICATION);
+ }
+
+ /**
+ * Return the current user data.
+ * @param objectModel The object model of the current request.
+ * @return The current user data or null.
+ */
+ public static Object getData(final Map objectModel) {
+ return objectModel.get(ApplicationManager.APPLICATION_DATA);
+ }
+
+ /**
+ * Checks if the user has the given role.
+ * First {@link User#isUserInRole(String)} is invoked. If the result is false,
+ * the {@link Request#isUserInRole(java.lang.String)} is called.
+ *
+ * @param user The user to test.
+ * @param role The role.
+ * @param objectModel The Cocoon object model.
+ * @return This returns true, if the user has the role; otherwise false is returned.
+ */
+ public boolean isUserInRole(final User user, final String role, final Map objectModel) {
+ boolean result = user.isUserInRole(role);
+ if ( !result ) {
+ final Request req = ObjectModelHelper.getRequest(objectModel);
+ result = req.isUserInRole(role);
+ }
+ return result;
+ }
+
+ /**
+ * Return the current user.
+ * @return The current user or null.
+ */
+ public User getUser() {
+ final Map objectModel = ContextHelper.getObjectModel(this.context);
+ return (User)objectModel.get(ApplicationManager.USER);
+ }
+
+ /**
+ * Return the current application.
+ * @return The current application or null.
+ */
+ public Application getApplication() {
+ final Map objectModel = ContextHelper.getObjectModel(this.context);
+ return (Application)objectModel.get(ApplicationManager.APPLICATION);
+ }
+
+ /**
+ * Return the current user data.
+ * @return The current user data or null.
+ */
+ public Object getData() {
+ final Map objectModel = ContextHelper.getObjectModel(this.context);
+ return objectModel.get(ApplicationManager.APPLICATION_DATA);
+ }
+
+ /**
+ * Checks if the user has the given role.
+ * First {@link User#isUserInRole(String)} is invoked. If the result is false,
+ * the {@link Request#isUserInRole(java.lang.String)} is called.
+ *
+ * @param user The user to test.
+ * @param role The role.
+ * @return This returns true, if the user has the role; otherwise false is returned.
+ */
+ public boolean isUserInRole(final User user, final String role) {
+ final Map objectModel = ContextHelper.getObjectModel(this.context);
+ return isUserInRole(user, role, objectModel);
+ }
+}
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/ApplicationUtil.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/ApplicationUtil.java
------------------------------------------------------------------------------
svn:keywords = Id
Added: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/SecurityHandler.java
URL: http://svn.apache.org/viewvc/cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/SecurityHandler.java?rev=414856&view=auto
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/SecurityHandler.java (added)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/SecurityHandler.java Fri Jun 16 09:29:21 2006
@@ -0,0 +1,57 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth;
+
+import java.util.Map;
+
+/**
+ * The Security Handler
+ * A security handler is the connection between the web application and the
+ * backend system managing the users.
+ * A handler offers two main methods: one for login and one for logout. The
+ * login method tries to authenticate the current user and returns a
+ * {@link User} object on success.
+ *
+ * A {@link SecurityHandler} must be implemented in a thread safe manner.
+ *
+ * @version $Id$
+*/
+public interface SecurityHandler {
+
+ /**
+ * Try to authenticate the user.
+ * @param context The context for the login operation.
+ * @return The user if the authentication is successful, null otherwise.
+ * @throws Exception If something goes wrong.
+ */
+ User login(Map context)
+ throws Exception;
+
+ /**
+ * This notifies the security-handler that a user logs out.
+ * @param context The context for the login operation.
+ * @param user The user object.
+ */
+ void logout(Map context, User user);
+
+ /**
+ * Return a unique identifier for this security handler.
+ * For session replication to work, a security handler must deliver
+ * the same identifier across systems!
+ * @return A unique identifier.
+ */
+ String getId();
+}
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/SecurityHandler.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/SecurityHandler.java
------------------------------------------------------------------------------
svn:keywords = Id
Added: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/StandardApplication.java
URL: http://svn.apache.org/viewvc/cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/StandardApplication.java?rev=414856&view=auto
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/StandardApplication.java (added)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/StandardApplication.java Fri Jun 16 09:29:21 2006
@@ -0,0 +1,185 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.avalon.framework.activity.Disposable;
+import org.apache.avalon.framework.configuration.Configurable;
+import org.apache.avalon.framework.configuration.Configuration;
+import org.apache.avalon.framework.configuration.ConfigurationException;
+import org.apache.avalon.framework.logger.AbstractLogEnabled;
+import org.apache.avalon.framework.service.ServiceException;
+import org.apache.avalon.framework.service.ServiceManager;
+import org.apache.avalon.framework.service.Serviceable;
+import org.apache.avalon.framework.thread.ThreadSafe;
+import org.apache.cocoon.auth.impl.AnonymousSecurityHandler;
+
+/**
+ * This is the default implementation for an {@link Application}.
+ *
+ * @version $Id$
+*/
+public class StandardApplication
+ extends AbstractLogEnabled
+ implements Application, Configurable, Serviceable, Disposable, ThreadSafe {
+
+ /** This prefix is used to lookup security handlers. */
+ protected static final String HANDLER_CONFIG_PREFIX =
+ SecurityHandler.class.getName() + '/';
+ /** This prefix is used to lookup application stores. */
+ protected static final String STORE_CONFIG_PREFIX =
+ ApplicationStore.class.getName() + '/';
+
+ /** The service manager. */
+ protected ServiceManager manager;
+
+ /** The security handler. */
+ protected SecurityHandler handler;
+
+ /** Attributes. */
+ protected final Map attributes = new HashMap();
+
+ /** Application store. */
+ protected ApplicationStore store;
+
+ /**
+ * @see org.apache.avalon.framework.service.Serviceable#service(org.apache.avalon.framework.service.ServiceManager)
+ */
+ public void service(final ServiceManager aManager) throws ServiceException {
+ this.manager = aManager;
+ }
+
+ /**
+ * @see org.apache.avalon.framework.configuration.Configurable#configure(org.apache.avalon.framework.configuration.Configuration)
+ */
+ public void configure(final Configuration conf)
+ throws ConfigurationException {
+ String handlerName = conf.getAttribute("security-handler", null);
+ String storeName = conf.getAttribute("store", null);
+ try {
+ if ( handlerName == null ) {
+ this.handler = new AnonymousSecurityHandler();
+ } else {
+ if ( !handlerName.startsWith(HANDLER_CONFIG_PREFIX) ) {
+ handlerName = HANDLER_CONFIG_PREFIX + handlerName;
+ }
+ this.handler = (SecurityHandler)this.manager.lookup(handlerName);
+ }
+ if ( storeName != null ) {
+ if ( !storeName.startsWith(STORE_CONFIG_PREFIX) ) {
+ storeName = STORE_CONFIG_PREFIX + storeName;
+ }
+ this.store = (ApplicationStore)this.manager.lookup(storeName);
+ }
+ } catch (ServiceException se) {
+ throw new ConfigurationException("Unable to look up component.", se);
+ }
+ this.configureAttributes(conf);
+ }
+
+ /**
+ * This method is invoked during configuration of the application. The
+ * default behaviour is to add all children of the configuration object
+ * as key value pairs. The name of the child is the key, and the value
+ * of the tag is the value (as a string).
+ * Subclasses can override this method, if a different/additional
+ * behaviour is wanted.
+ * @param conf The application configuration.
+ */
+ protected void configureAttributes(final Configuration conf) {
+ Configuration[] children = conf.getChildren();
+ for(int i=0; i<children.length; i++) {
+ final String name = children[i].getName();
+ final String value = children[i].getValue(null);
+ if ( value != null && value.trim().length() > 0 ) {
+ this.setAttribute(name, value.trim());
+ }
+ }
+ }
+
+ /**
+ * @see org.apache.avalon.framework.activity.Disposable#dispose()
+ */
+ public void dispose() {
+ if ( this.manager != null) {
+ this.manager.release(this.store);
+ if ( !(this.handler instanceof AnonymousSecurityHandler) ) {
+ this.manager.release(this.handler);
+ }
+ this.store = null;
+ this.handler = null;
+ this.manager = null;
+ }
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.Application#getSecurityHandler()
+ */
+ public SecurityHandler getSecurityHandler() {
+ return this.handler;
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.Application#getApplicationStore()
+ */
+ public ApplicationStore getApplicationStore() {
+ return this.store;
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.Application#setAttribute(java.lang.String, java.lang.Object)
+ */
+ public void setAttribute(final String key, final Object value) {
+ this.attributes.put(key, value);
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.Application#removeAttribute(java.lang.String)
+ */
+ public void removeAttribute(final String key) {
+ this.attributes.remove(key);
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.Application#getAttribute(java.lang.String)
+ */
+ public Object getAttribute(final String key) {
+ return this.attributes.get(key);
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.Application#userDidLogin(org.apache.cocoon.auth.User, java.util.Map)
+ */
+ public void userDidLogin(final User user, final Map context) {
+ // nothing to do here
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.Application#userWillLogout(org.apache.cocoon.auth.User, java.util.Map)
+ */
+ public void userWillLogout(final User user, final Map context) {
+ // nothing to do here
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.Application#userIsAccessing(org.apache.cocoon.auth.User)
+ */
+ public void userIsAccessing(final User user) {
+ // nothing to do here
+ }
+}
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/StandardApplication.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/StandardApplication.java
------------------------------------------------------------------------------
svn:keywords = Id
Added: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/StandardUser.java
URL: http://svn.apache.org/viewvc/cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/StandardUser.java?rev=414856&view=auto
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/StandardUser.java (added)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/StandardUser.java Fri Jun 16 09:29:21 2006
@@ -0,0 +1,123 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth;
+
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.StringTokenizer;
+
+/**
+ * This object represents the current user. Each user must have a unique
+ * identifier (per {@link org.apache.cocoon.auth.SecurityHandler}).
+ *
+ * @version $Id$
+*/
+public class StandardUser
+implements User, Serializable {
+
+ /** The unique id of the user. */
+ protected String id;
+
+ /** The user attributes. */
+ protected final Map attributes = new HashMap();
+
+ /** Cache the roles info. */
+ protected List roles;
+
+ /**
+ * Create a new user object.
+ * @param userId The unique identifier for this user.
+ */
+ public StandardUser(final String userId) {
+ this.id = userId;
+ }
+
+ /**
+ * Create a new user object.
+ * If you use this constructor, you have to ensure that the id of the user
+ * is set accordingly before the user object is used
+ */
+ public StandardUser() {
+ // nothing to do here, we have to ensure that the id is set!
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.User#getId()
+ */
+ public String getId() {
+ return this.id;
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.User#setAttribute(java.lang.String, java.lang.Object)
+ */
+ public void setAttribute(final String key, final Object value) {
+ this.attributes.put(key, value);
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.User#removeAttribute(java.lang.String)
+ */
+ public void removeAttribute(final String key) {
+ this.attributes.remove(key);
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.User#getAttribute(java.lang.String)
+ */
+ public Object getAttribute(final String key) {
+ return this.attributes.get(key);
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.User#getAttributeNames()
+ */
+ public Iterator getAttributeNames() {
+ return this.attributes.keySet().iterator();
+ }
+
+ /**
+ * Check if the user is in a given role. This default implementation
+ * checks the two attributes "roles" and "role". If the incomming role
+ * is found in one of the two attributes, true is returned.
+ * Subclasses should override this method.
+ *
+ * @param role The role to test.
+ * @return Returns true if the user has the role, otherwise false.
+ * @see org.apache.cocoon.auth.User#isUserInRole(java.lang.String)
+ */
+ public boolean isUserInRole(final String role) {
+ if ( this.roles == null ) {
+ this.roles = new ArrayList();
+ final Object allRoles = this.getAttribute("roles");
+ if ( allRoles != null && allRoles instanceof String ) {
+ final StringTokenizer st = new StringTokenizer( (String)allRoles, ",");
+ while ( st.hasMoreElements() ) {
+ this.roles.add(st.nextElement());
+ }
+ }
+ final Object singleRole = this.getAttribute("role");
+ if ( singleRole != null && singleRole instanceof String ) {
+ this.roles.add(singleRole);
+ }
+ }
+ return this.roles.contains( role );
+ }
+}
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/StandardUser.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/StandardUser.java
------------------------------------------------------------------------------
svn:keywords = Id
Added: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/User.java
URL: http://svn.apache.org/viewvc/cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/User.java?rev=414856&view=auto
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/User.java (added)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/User.java Fri Jun 16 09:29:21 2006
@@ -0,0 +1,74 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth;
+
+import java.util.Iterator;
+
+/**
+ * This object represents the current user. Each user must have a unique
+ * identifier (per {@link org.apache.cocoon.auth.SecurityHandler}).
+ * For session replication, the implementation should be {@link java.io.Serializable}.
+ *
+ * @version $Id$
+*/
+public interface User {
+
+ /**
+ * Return the unique id of this user.
+ * @return The identifier.
+ */
+ String getId();
+
+ /**
+ * Set an information about the user.
+ * For session replication the value of the attribute should
+ * be {@link java.io.Serializable}.
+ * @param key The key identifying the information.
+ * @param value The value of the information.
+ */
+ void setAttribute(String key, Object value);
+
+ /**
+ * Remove an information about the user.
+ * @param key The key identifying the information.
+ */
+ void removeAttribute(String key);
+
+ /**
+ * Get information about the user.
+ * @param key The key identifying the information.
+ * @return The value or null.
+ */
+ Object getAttribute(String key);
+
+ /**
+ * Return all available names.
+ * @return An Iterator for the names (Strings).
+ */
+ Iterator getAttributeNames();
+
+ /**
+ * Check if the user is in a given role.
+ * This method can't check for a role handled by the servlet engine,
+ * it only handles indendently specified roles.
+ * Therefore, it is advisable to not call this method directly, but
+ * use the provided methods from the {@link ApplicationUtil} instead.
+ *
+ * @param role The role to test.
+ * @return Returns true if the user has the role, otherwise false.
+ */
+ boolean isUserInRole(String role);
+}
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/User.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/User.java
------------------------------------------------------------------------------
svn:keywords = Id
Added: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/AbstractAuthAction.java
URL: http://svn.apache.org/viewvc/cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/AbstractAuthAction.java?rev=414856&view=auto
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/AbstractAuthAction.java (added)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/AbstractAuthAction.java Fri Jun 16 09:29:21 2006
@@ -0,0 +1,55 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth.acting;
+
+import org.apache.avalon.framework.activity.Disposable;
+import org.apache.avalon.framework.service.ServiceException;
+import org.apache.avalon.framework.service.ServiceManager;
+import org.apache.avalon.framework.thread.ThreadSafe;
+import org.apache.cocoon.acting.ServiceableAction;
+import org.apache.cocoon.auth.ApplicationManager;
+
+/**
+ * This action tests if the user is logged in for a given application.
+ *
+ * @version $Id$
+*/
+public abstract class AbstractAuthAction
+extends ServiceableAction
+implements ThreadSafe, Disposable {
+
+ /** Application manager component. */
+ protected ApplicationManager applicationManager;
+
+ /**
+ * @see org.apache.avalon.framework.service.Serviceable#service(org.apache.avalon.framework.service.ServiceManager)
+ */
+ public void service(final ServiceManager aManager) throws ServiceException {
+ super.service(aManager);
+ this.applicationManager = (ApplicationManager)
+ this.manager.lookup(ApplicationManager.class.getName());
+ }
+
+ /**
+ * @see org.apache.avalon.framework.activity.Disposable#dispose()
+ */
+ public void dispose() {
+ if ( this.manager != null ) {
+ this.manager.release(applicationManager);
+ }
+ }
+
+}
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/AbstractAuthAction.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/AbstractAuthAction.java
------------------------------------------------------------------------------
svn:keywords = Id
Added: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/LoggedInAction.java
URL: http://svn.apache.org/viewvc/cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/LoggedInAction.java?rev=414856&view=auto
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/LoggedInAction.java (added)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/LoggedInAction.java Fri Jun 16 09:29:21 2006
@@ -0,0 +1,83 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth.acting;
+
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
+
+import org.apache.avalon.framework.parameters.Parameters;
+import org.apache.cocoon.environment.Redirector;
+import org.apache.cocoon.environment.SourceResolver;
+import org.apache.cocoon.auth.ApplicationUtil;
+import org.apache.cocoon.auth.User;
+
+/**
+ * This action tests if the user is logged in for a given application.
+ *
+ * @version $Id$
+*/
+public final class LoggedInAction
+extends AbstractAuthAction {
+
+ /**
+ * @see org.apache.cocoon.acting.Action#act(org.apache.cocoon.environment.Redirector, org.apache.cocoon.environment.SourceResolver, java.util.Map, java.lang.String, org.apache.avalon.framework.parameters.Parameters)
+ */
+ public Map act(final Redirector redirector,
+ final SourceResolver resolver,
+ final Map objectModel,
+ final String source,
+ final Parameters par)
+ throws Exception {
+ if (this.getLogger().isDebugEnabled() ) {
+ this.getLogger().debug("BEGIN act resolver="+resolver+
+ ", objectModel="+objectModel+
+ ", source="+source+
+ ", par="+par);
+ }
+
+ Map map = null;
+ final String applicationName = par.getParameter("application");
+ final String roleName = par.getParameter("role", null);
+
+ final boolean negate = par.getParameterAsBoolean("negate-result", false);
+ if ( this.applicationManager.isLoggedIn(applicationName) ) {
+ final User user = ApplicationUtil.getUser(objectModel);
+ if ( roleName == null || user.isUserInRole(roleName) ) {
+ if ( !negate ) {
+ map = new HashMap();
+ map.put("ID", user.getId());
+ Iterator i = user.getAttributeNames();
+ while ( i.hasNext() ) {
+ final String key = (String)i.next();
+ map.put(key, user.getAttribute(key));
+ }
+ }
+ }
+ } else {
+ if ( negate ) {
+ map = EMPTY_MAP;
+ }
+ }
+
+ if (this.getLogger().isDebugEnabled() ) {
+ this.getLogger().debug("END act map={}");
+ }
+
+ return map;
+ }
+
+}
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/LoggedInAction.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/LoggedInAction.java
------------------------------------------------------------------------------
svn:keywords = Id
Added: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/LoginAction.java
URL: http://svn.apache.org/viewvc/cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/LoginAction.java?rev=414856&view=auto
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/LoginAction.java (added)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/LoginAction.java Fri Jun 16 09:29:21 2006
@@ -0,0 +1,81 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth.acting;
+
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
+
+import org.apache.avalon.framework.parameters.Parameters;
+import org.apache.cocoon.environment.Redirector;
+import org.apache.cocoon.environment.SourceResolver;
+import org.apache.cocoon.auth.ApplicationManager;
+import org.apache.cocoon.auth.User;
+
+/**
+ * This action logs the current user into a given application. If the
+ * authentication is successful, a map is returned with the authentication
+ * information and a session is created (if it not already exists).
+ *
+ * @version $Id$
+*/
+public final class LoginAction
+extends AbstractAuthAction {
+
+ /**
+ * @see org.apache.cocoon.acting.Action#act(org.apache.cocoon.environment.Redirector, org.apache.cocoon.environment.SourceResolver, java.util.Map, java.lang.String, org.apache.avalon.framework.parameters.Parameters)
+ */
+ public Map act(final Redirector redirector,
+ final SourceResolver resolver,
+ final Map objectModel,
+ final String source,
+ final Parameters par)
+ throws Exception {
+ if (this.getLogger().isDebugEnabled() ) {
+ this.getLogger().debug("BEGIN act resolver="+resolver+
+ ", objectModel="+objectModel+
+ ", source="+source+
+ ", par="+par);
+ }
+
+ final String applicationName = par.getParameter("application");
+
+ Map map = null;
+
+ final Map loginContext = new HashMap();
+ loginContext.put(ApplicationManager.LOGIN_CONTEXT_PARAMETERS_KEY, par);
+ final User user =
+ this.applicationManager.login( applicationName, loginContext );
+
+ if ( user != null) {
+ // success
+ map = new HashMap();
+ map.put("ID", user.getId());
+ Iterator i = user.getAttributeNames();
+ while ( i.hasNext() ) {
+ final String key = (String)i.next();
+ map.put(key, user.getAttribute(key));
+ }
+ }
+
+ if (this.getLogger().isDebugEnabled() ) {
+ this.getLogger().debug("END act map="+map);
+ }
+
+ return map;
+ }
+
+}
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/LoginAction.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/LoginAction.java
------------------------------------------------------------------------------
svn:keywords = Id
Added: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/LogoutAction.java
URL: http://svn.apache.org/viewvc/cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/LogoutAction.java?rev=414856&view=auto
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/LogoutAction.java (added)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/LogoutAction.java Fri Jun 16 09:29:21 2006
@@ -0,0 +1,76 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth.acting;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.avalon.framework.parameters.Parameters;
+import org.apache.cocoon.ProcessingException;
+import org.apache.cocoon.environment.Redirector;
+import org.apache.cocoon.environment.SourceResolver;
+import org.apache.cocoon.auth.ApplicationManager;
+
+/**
+ * This action logs the current user out of a given application.
+ *
+ * @version $Id$
+*/
+public final class LogoutAction
+extends AbstractAuthAction {
+
+ /**
+ * @see org.apache.cocoon.acting.Action#act(org.apache.cocoon.environment.Redirector, org.apache.cocoon.environment.SourceResolver, java.util.Map, java.lang.String, org.apache.avalon.framework.parameters.Parameters)
+ */
+ public Map act(final Redirector redirector,
+ final SourceResolver resolver,
+ final Map objectModel,
+ final String source,
+ final Parameters par)
+ throws Exception {
+ if (this.getLogger().isDebugEnabled() ) {
+ this.getLogger().debug("BEGIN act resolver="+resolver+
+ ", objectModel="+objectModel+
+ ", source="+source+
+ ", par="+par);
+ }
+
+ final String applicationName = par.getParameter("application");
+
+ final String modeString = par.getParameter("mode", "terminate");
+ final String mode;
+ if ( modeString.equals("terminate") ) {
+ mode = ApplicationManager.LOGOUT_MODE_TERMINATE_SESSION_IF_UNUSED;
+ } else if ( modeString.equalsIgnoreCase("keep") ) {
+ mode = ApplicationManager.LOGOUT_MODE_KEEP_SESSION;
+ } else {
+ throw new ProcessingException("Unknown mode " + modeString);
+ }
+
+ final Map logoutContext = new HashMap();
+ logoutContext.put(ApplicationManager.LOGOUT_CONTEXT_PARAMETERS_KEY, par);
+ logoutContext.put(ApplicationManager.LOGOUT_CONTEXT_MODE_KEY, mode);
+
+ this.applicationManager.logout(applicationName, logoutContext);
+
+ if (this.getLogger().isDebugEnabled() ) {
+ this.getLogger().debug("END act map={}");
+ }
+
+ return EMPTY_MAP;
+ }
+
+}
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/LogoutAction.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/acting/LogoutAction.java
------------------------------------------------------------------------------
svn:keywords = Id
Added: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/AnonymousSecurityHandler.java
URL: http://svn.apache.org/viewvc/cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/AnonymousSecurityHandler.java?rev=414856&view=auto
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/AnonymousSecurityHandler.java (added)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/AnonymousSecurityHandler.java Fri Jun 16 09:29:21 2006
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth.impl;
+
+import java.util.Map;
+
+import org.apache.cocoon.auth.AbstractSecurityHandler;
+import org.apache.cocoon.auth.StandardUser;
+import org.apache.cocoon.auth.User;
+
+/**
+ * This security handlers doesn't check any credentials of the user.
+ * It just creates a new user object.
+ *
+ * @version $Id$
+*/
+public class AnonymousSecurityHandler
+ extends AbstractSecurityHandler {
+
+ /** Counter to generate the anonymous user object. */
+ protected long number = 1;
+
+ /**
+ * @see org.apache.cocoon.auth.SecurityHandler#login(java.util.Map)
+ */
+ public synchronized User login(final Map loginContext) throws Exception {
+ final User user = new StandardUser("anonymous"+this.number);
+ this.number++;
+ return user;
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.SecurityHandler#logout(java.util.Map, org.apache.cocoon.auth.User)
+ */
+ public void logout(final Map context, final User user) {
+ // nothing to do
+ }
+}
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/AnonymousSecurityHandler.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/AnonymousSecurityHandler.java
------------------------------------------------------------------------------
svn:keywords = Id
Added: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/LoginInfo.java
URL: http://svn.apache.org/viewvc/cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/LoginInfo.java?rev=414856&view=auto
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/LoginInfo.java (added)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/LoginInfo.java Fri Jun 16 09:29:21 2006
@@ -0,0 +1,89 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth.impl;
+
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.cocoon.auth.User;
+
+/**
+ * This class keeps track of the number of applications a user is logged into
+ * using the same security handler.
+ *
+ * @version $Id$
+*/
+public class LoginInfo
+implements Serializable {
+
+ /** Number of applications using the security handler. */
+ protected int counter;
+ /** The corresponding user. */
+ protected final User user;
+ /** The applications the user is logged in to. */
+ protected List applications = new ArrayList();
+
+ /**
+ * Instantiate new info object.
+ * @param aUser The user object returned by the security handler.
+ */
+ public LoginInfo(final User aUser) {
+ this.user = aUser;
+ }
+
+ /**
+ * Notification of another application using the handler.
+ * @param appName The application name.
+ */
+ public void incUsageCounter(final String appName) {
+ this.counter++;
+ this.applications.add(appName);
+ }
+
+ /**
+ * Notification of an application that is not using the handler anymore.
+ * @param appName The application name.
+ */
+ public void decUsageCounter(final String appName) {
+ this.applications.remove(appName);
+ this.counter--;
+ }
+
+ /**
+ * Is the handler used by any application.
+ * @return true if it's used, otherwise false.
+ */
+ public boolean isUsed() {
+ return (this.counter > 0);
+ }
+
+ /**
+ * Return the corresponding user.
+ * @return The user generated by the security handler.
+ */
+ public User getUser() {
+ return this.user;
+ }
+
+ /**
+ * Return the list of all applications.
+ * @return The list containing all applications this user is logged in to.
+ */
+ public List getApplications() {
+ return this.applications;
+ }
+}
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/LoginInfo.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/LoginInfo.java
------------------------------------------------------------------------------
svn:keywords = Id
Added: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/PipelineSecurityHandler.java
URL: http://svn.apache.org/viewvc/cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/PipelineSecurityHandler.java?rev=414856&view=auto
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/PipelineSecurityHandler.java (added)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/PipelineSecurityHandler.java Fri Jun 16 09:29:21 2006
@@ -0,0 +1,346 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth.impl;
+
+import java.util.List;
+import java.util.Map;
+
+import org.apache.avalon.framework.activity.Disposable;
+import org.apache.avalon.framework.configuration.Configuration;
+import org.apache.avalon.framework.configuration.ConfigurationException;
+import org.apache.avalon.framework.context.Context;
+import org.apache.avalon.framework.context.ContextException;
+import org.apache.avalon.framework.parameters.Parameters;
+import org.apache.avalon.framework.service.ServiceException;
+import org.apache.avalon.framework.service.ServiceManager;
+import org.apache.avalon.framework.service.Serviceable;
+import org.apache.cocoon.components.source.SourceUtil;
+import org.apache.cocoon.util.NetUtils;
+import org.apache.excalibur.source.Source;
+import org.apache.excalibur.source.SourceException;
+import org.apache.excalibur.source.SourceParameters;
+import org.apache.excalibur.source.SourceResolver;
+import org.apache.cocoon.auth.AbstractSecurityHandler;
+import org.apache.cocoon.auth.ApplicationManager;
+import org.apache.cocoon.auth.StandardUser;
+import org.apache.cocoon.auth.User;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+
+/**
+ * Verify if a user can be authenticated.
+ *
+ * @version $Id$
+*/
+public class PipelineSecurityHandler
+ extends AbstractSecurityHandler
+ implements Serviceable,
+ Disposable {
+
+ /** The service manager. */
+ protected ServiceManager manager;
+
+ /** The source resolver. */
+ protected SourceResolver resolver;
+
+ /** Configuration. */
+ protected Configuration config;
+
+ /** Context. */
+ protected Context context;
+
+ /**
+ * @see org.apache.avalon.framework.context.Contextualizable#contextualize(org.apache.avalon.framework.context.Context)
+ */
+ public void contextualize(final Context aContext) throws ContextException {
+ super.contextualize(aContext);
+ this.context = aContext;
+ }
+
+ /**
+ * @see org.apache.avalon.framework.configuration.Configurable#configure(org.apache.avalon.framework.configuration.Configuration)
+ */
+ public void configure(final Configuration conf) throws ConfigurationException {
+ super.configure(conf);
+ this.config = conf;
+ }
+
+ /**
+ * Check if this is a valid document.
+ * A valid document has "authentication" as the root node and
+ * at least one child element "ID".
+ * @param doc The document read by the pipeline.
+ * @return The value of the ID element or null if the document is not valid
+ */
+ protected String isValidAuthenticationDocument(final Document doc) {
+ String validId = null;
+
+ final Element child = doc.getDocumentElement();
+
+ if ( child.getNodeName().equals("authentication") ) {
+
+ // now authentication must have one child ID
+ if (child.hasChildNodes()) {
+ final NodeList children = child.getChildNodes();
+ boolean found = false;
+ int i = 0;
+ Node current = null;
+
+ while (!found && i < children.getLength()) {
+ current = children.item(i);
+ if (current.getNodeType() == Node.ELEMENT_NODE
+ && current.getNodeName().equals("ID")) {
+ found = true;
+ } else {
+ i++;
+ }
+ }
+
+ // now the last check: ID must have a TEXT child
+ if (found) {
+ current.normalize(); // join text nodes
+ if (current.hasChildNodes() &&
+ current.getChildNodes().getLength() == 1 &&
+ current.getFirstChild().getNodeType() == Node.TEXT_NODE) {
+
+ final String value = current.getFirstChild().getNodeValue().trim();
+ if (value.length() > 0) {
+ validId = value;
+ }
+ }
+ }
+ }
+
+ }
+ return validId;
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.SecurityHandler#login(java.util.Map)
+ */
+ public User login(final Map loginContext) throws Exception {
+ String authenticationResourceName =
+ this.config.getChild("authentication-resource").getValue();
+
+ // append parameters
+ Parameters p = (Parameters)
+ loginContext.get(ApplicationManager.LOGIN_CONTEXT_PARAMETERS_KEY);
+ if ( p != null ) {
+ final StringBuffer b = new StringBuffer(authenticationResourceName);
+ boolean hasParams = (authenticationResourceName.indexOf('?') != -1);
+ final String[] names = p.getNames();
+ for(int i=0;i<names.length;i++) {
+ final String key = names[i];
+ final String value = p.getParameter(key);
+ if ( hasParams ) {
+ b.append('&');
+ } else {
+ b.append('?');
+ hasParams = true;
+ }
+ b.append(key).append('=').append(NetUtils.encode(value, "utf-8"));
+ }
+ authenticationResourceName = b.toString();
+ }
+ User user = null;
+ Document doc = null;
+
+ // invoke the source
+ Source source = null;
+ try {
+ source = SourceUtil.getSource(authenticationResourceName, null,
+ null, this.resolver);
+ doc = SourceUtil.toDOM(source);
+ } catch (SourceException se) {
+ throw SourceUtil.handle(se);
+ } finally {
+ this.resolver.release(source);
+ }
+
+ // test if authentication was successful
+ String validId = null;
+ if (doc != null) {
+ validId = this.isValidAuthenticationDocument( doc );
+
+ if ( validId != null ) {
+ user = new PipelineSHUser( doc, validId );
+ }
+ }
+ // TODO - What do we do, if authentication fails?
+
+ return user;
+ }
+
+ /**
+ * @see org.apache.avalon.framework.service.Serviceable#service(org.apache.avalon.framework.service.ServiceManager)
+ */
+ public void service(final ServiceManager aManager) throws ServiceException {
+ this.manager = aManager;
+ this.resolver = (SourceResolver) this.manager.lookup(SourceResolver.ROLE);
+ }
+
+ /**
+ * @see org.apache.avalon.framework.activity.Disposable#dispose()
+ */
+ public void dispose() {
+ if ( this.manager != null ){
+ this.manager.release( this.resolver );
+ this.manager = null;
+ this.resolver = null;
+ }
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.SecurityHandler#logout(java.util.Map, org.apache.cocoon.auth.User)
+ */
+ public void logout(final Map logoutContext, final User user) {
+ final String logoutResourceName = this.config.getChild("logout-resource").getValue(null);
+ if (logoutResourceName != null) {
+ // invoke the source
+ Source source = null;
+ try {
+ // This allows arbitrary business logic to be called. Whatever is returned
+ // is ignored.
+ source = SourceUtil.getSource(logoutResourceName, null, null, this.resolver);
+ SourceUtil.toDOM(source);
+ } catch (Exception ignore) {
+ this.getLogger().warn("Exception during logout of user: " + user.getId(),
+ ignore);
+ } finally {
+ this.resolver.release(source);
+ }
+ }
+ }
+
+ /**
+ * The internal user class.
+ */
+ public static class PipelineSHUser extends StandardUser {
+
+ /** The document delivered by the pipeline. */
+ protected final Document userInfo;
+ /** The cached list of roles for this user. */
+ protected List roles;
+
+ /**
+ * Create a new user object.
+ * @param info The pipeline document.
+ * @param id The unique id of the user.
+ */
+ public PipelineSHUser(final Document info, final String id) {
+ super(id);
+ this.userInfo = info;
+ this.calculateContextInfo();
+ }
+
+ /**
+ * Return the pipeline document.
+ * @return The document.
+ */
+ public Document getUserInfo() {
+ return this.userInfo;
+ }
+
+ /**
+ * Internal method that calculates the context information. All
+ * key-value pairs contained in the document are added as
+ * attributes to the user object.
+ */
+ protected void calculateContextInfo() {
+ SourceParameters parameters = new SourceParameters();
+
+ // add all elements from inside the handler data
+ this.addParametersFromAuthenticationXML("/data",
+ parameters);
+
+ // add all top level elements from authentication
+ this.addParametersFromAuthenticationXML(null,
+ parameters);
+
+ Parameters pars = parameters.getFirstParameters();
+ String[] names = pars.getNames();
+ if (names != null) {
+ String key;
+ String value;
+ for(int i=0;i<names.length;i++) {
+ key = names[i];
+ value = pars.getParameter(key, null);
+ if (value != null) {
+ this.setAttribute(key, value);
+ }
+ }
+ }
+ }
+
+ /**
+ * Convert the authentication XML of a handler to parameters.
+ * The XML is flat and consists of elements which all have exactly one text node:
+ * <parone>value_one<parone>
+ * <partwo>value_two<partwo>
+ * A parameter can occur more than once with different values.
+ * @param childElementName The name of the element to search in.
+ * @param parameters The found key-value pair is added to this parameters object.
+ */
+ private void addParametersFromAuthenticationXML(final String childElementName,
+ final SourceParameters parameters) {
+ Element root = this.userInfo.getDocumentElement();
+ if ( childElementName != null ) {
+ NodeList l = root.getElementsByTagName(childElementName);
+ if ( l.getLength() > 0 ) {
+ root = (Element)l.item(0);
+ } else {
+ root = null;
+ }
+ }
+ if (root != null) {
+ NodeList childs = root.getChildNodes();
+ if (childs != null) {
+ Node current;
+ for(int i = 0; i < childs.getLength(); i++) {
+ current = childs.item(i);
+
+ // only element nodes
+ if (current.getNodeType() == Node.ELEMENT_NODE) {
+ current.normalize();
+ NodeList valueChilds = current.getChildNodes();
+ String key;
+ StringBuffer valueBuffer;
+ String value;
+
+ key = current.getNodeName();
+ valueBuffer = new StringBuffer();
+ for(int m = 0; m < valueChilds.getLength(); m++) {
+ current = valueChilds.item(m); // attention: current is reused here!
+ if (current.getNodeType() == Node.TEXT_NODE) { // only text nodes
+ if (valueBuffer.length() > 0) {
+ valueBuffer.append(' ');
+ }
+ valueBuffer.append(current.getNodeValue());
+ }
+ }
+ value = valueBuffer.toString().trim();
+ if (key != null && value != null && value.length() > 0) {
+ parameters.setParameter(key, value);
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+}
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/PipelineSecurityHandler.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/PipelineSecurityHandler.java
------------------------------------------------------------------------------
svn:keywords = Id
Added: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/ServletSecurityHandler.java
URL: http://svn.apache.org/viewvc/cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/ServletSecurityHandler.java?rev=414856&view=auto
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/ServletSecurityHandler.java (added)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/ServletSecurityHandler.java Fri Jun 16 09:29:21 2006
@@ -0,0 +1,105 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth.impl;
+
+import java.security.Principal;
+import java.util.Map;
+
+import org.apache.avalon.framework.context.Context;
+import org.apache.avalon.framework.context.ContextException;
+import org.apache.cocoon.components.ContextHelper;
+import org.apache.cocoon.environment.Request;
+import org.apache.cocoon.auth.AbstractSecurityHandler;
+import org.apache.cocoon.auth.StandardUser;
+import org.apache.cocoon.auth.User;
+
+/**
+ * Verify if a user can be authenticated.
+ * This is a very simple authenticator that checks if the user is authenticated
+ * using the servlet authentication mechanisms.
+ *
+ * @version $Id$
+*/
+public class ServletSecurityHandler
+ extends AbstractSecurityHandler {
+
+ /** The component context. */
+ protected Context context;
+
+ /**
+ * @see org.apache.avalon.framework.context.Contextualizable#contextualize(org.apache.avalon.framework.context.Context)
+ */
+ public void contextualize(final Context aContext) throws ContextException {
+ super.contextualize(aContext);
+ this.context = aContext;
+ }
+
+ /**
+ * Create a new user.
+ * @param req The current request.
+ * @return A new user object.
+ */
+ protected User createUser(final Request req) {
+ final User user = new ServletUser(req);
+ return user;
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.SecurityHandler#login(java.util.Map)
+ */
+ public User login(final Map loginContext) throws Exception {
+ final Request req = ContextHelper.getRequest(this.context);
+ User user = null;
+ if ( req.getRemoteUser() != null ) {
+ user = this.createUser( req );
+ }
+ return user;
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.SecurityHandler#logout(java.util.Map, org.apache.cocoon.auth.User)
+ */
+ public void logout(final Map logoutContext, final User user) {
+ // TODO what can we do here?
+ }
+
+ /**
+ * Inner class for the current user. This class provides access to some
+ * servlet specific information.
+ */
+ public static class ServletUser extends StandardUser {
+
+ /** The principal belonging to the user. */
+ protected final Principal principal;
+
+ /**
+ * Instantiate a new user.
+ * @param req The current request.
+ */
+ public ServletUser(final Request req) {
+ super(req.getRemoteUser());
+ this.principal = req.getUserPrincipal();
+ }
+
+ /**
+ * Return the current principal.
+ * @return The principal.
+ */
+ public Principal getPrincipal() {
+ return this.principal;
+ }
+ }
+}
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/ServletSecurityHandler.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/ServletSecurityHandler.java
------------------------------------------------------------------------------
svn:keywords = Id
Added: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/ServletSessionListener.java
URL: http://svn.apache.org/viewvc/cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/ServletSessionListener.java?rev=414856&view=auto
==============================================================================
--- cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/ServletSessionListener.java (added)
+++ cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/ServletSessionListener.java Fri Jun 16 09:29:21 2006
@@ -0,0 +1,46 @@
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth.impl;
+
+import javax.servlet.http.HttpSession;
+import javax.servlet.http.HttpSessionEvent;
+import javax.servlet.http.HttpSessionListener;
+
+/**
+ * This session listener keeps track of expired sessions. It can be used in
+ * conjunction with the {@link org.apache.cocoon.auth.impl.StandardApplicationManager}
+ *
+ * This listener has not been tested yet.
+ *
+ * @version $Id$
+*/
+public class ServletSessionListener implements HttpSessionListener {
+
+ /**
+ * @see javax.servlet.http.HttpSessionListener#sessionCreated(javax.servlet.http.HttpSessionEvent)
+ */
+ public void sessionCreated(final HttpSessionEvent event) {
+ // we don't care about a new session
+ }
+
+ /**
+ * @see javax.servlet.http.HttpSessionListener#sessionDestroyed(javax.servlet.http.HttpSessionEvent)
+ */
+ public void sessionDestroyed(final HttpSessionEvent event) {
+ final HttpSession session = event.getSession();
+ StandardApplicationManager.logoutFromAllApplications(session);
+ }
+}
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/ServletSessionListener.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/branches/BRANCH_2_1_X/src/blocks/auth/java/org/apache/cocoon/auth/impl/ServletSessionListener.java
------------------------------------------------------------------------------
svn:keywords = Id