You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@cocoon.apache.org by cz...@apache.org on 2007/01/15 15:46:29 UTC
svn commit: r496344 - in /cocoon/trunk/blocks:
cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/
cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/
cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth...
Author: cziegeler
Date: Mon Jan 15 06:46:28 2007
New Revision: 496344
URL: http://svn.apache.org/viewvc?view=rev&rev=496344
Log:
Further refactoring of cauth: no need to store map in a map anymore
Add simple security handler and dao based security handler
Added:
cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/AuthenticationException.java (with props)
cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/DAOSecurityHandler.java (with props)
cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/SimpleSecurityHandler.java (with props)
cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardApplication.java
- copied, changed from r496246, cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardApplication.java
cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardUser.java
- copied, changed from r496246, cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardUser.java
cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserDAO.java (with props)
cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserInfo.java (with props)
Removed:
cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardApplication.java
cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardUser.java
Modified:
cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/ApplicationManager.java
cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/SecurityHandler.java
cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LoginAction.java
cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LogoutAction.java
cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/AnonymousSecurityHandler.java
cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/PipelineSecurityHandler.java
cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/ServletSecurityHandler.java
cocoon/trunk/blocks/cocoon-portal/cocoon-portal-auth-impl/src/main/java/org/apache/cocoon/auth/portal/StandardPortalApplication.java
cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/DBSecurityHandler.java
cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/PortalUser.java
Modified: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/ApplicationManager.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/ApplicationManager.java?view=diff&rev=496344&r1=496343&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/ApplicationManager.java (original)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/ApplicationManager.java Mon Jan 15 06:46:28 2007
@@ -39,11 +39,11 @@
/** The string used to store the application data in the object model .*/
String APPLICATION_DATA = "cauth-application-data";
- /** The key for properties in the login context. */
- String LOGIN_CONTEXT_PROPERTIES_KEY = "properties";
+ /** The key for the user name in the login context. */
+ String LOGIN_CONTEXT_USERNAME_KEY = "name";
- /** The key for properties in the logout context. */
- String LOGOUT_CONTEXT_PROPERTIES_KEY = "properties";
+ /** The key for the user password in the login context. */
+ String LOGIN_CONTEXT_PASSWORD_KEY = "password";
/** The key for the logout method in the logout context. */
String LOGOUT_CONTEXT_MODE_KEY = "mode";
Added: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/AuthenticationException.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/AuthenticationException.java?view=auto&rev=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/AuthenticationException.java (added)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/AuthenticationException.java Mon Jan 15 06:46:28 2007
@@ -0,0 +1,75 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ * implied.
+ *
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth;
+
+/**
+ * This exception is thrown by a {@link SecurityHandler} if the authentication
+ * fails.
+ *
+ * @version $Id$
+ */
+public class AuthenticationException extends Exception {
+
+ public static final int AUTHENTICATION_FAILED = -1;
+ public static final int AUTHENTICATION_FAILED_ACCOUNT_CLOSED = -2;
+ public static final int AUTHENTICATION_FAILED_ACCOUNT_IS_CLOSED = -3;
+ public static final int AUTHENTICATION_FAILED_PASSWORD_EXPIRED = -4;
+
+ protected int errorCode = AUTHENTICATION_FAILED;
+
+ public AuthenticationException() {
+ super();
+ }
+
+ public AuthenticationException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ public AuthenticationException(String message) {
+ super(message);
+ }
+
+ public AuthenticationException(Throwable cause) {
+ super(cause);
+ }
+
+ public AuthenticationException(int s) {
+ super();
+ this.errorCode = s;
+ }
+
+ public AuthenticationException(String message, int s, Throwable cause) {
+ super(message, cause);
+ this.errorCode = s;
+ }
+
+ public AuthenticationException(String message, int s) {
+ super(message);
+ this.errorCode = s;
+ }
+
+ public AuthenticationException(int s, Throwable cause) {
+ super(cause);
+ this.errorCode = s;
+ }
+
+ public int getErrorCode() {
+ return this.errorCode;
+ }
+}
Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/AuthenticationException.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/AuthenticationException.java
------------------------------------------------------------------------------
svn:keywords = Id
Modified: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/SecurityHandler.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/SecurityHandler.java?view=diff&rev=496344&r1=496343&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/SecurityHandler.java (original)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/SecurityHandler.java Mon Jan 15 06:46:28 2007
@@ -38,10 +38,10 @@
* Try to authenticate the user.
* @param context The context for the login operation.
* @return The user if the authentication is successful, null otherwise.
- * @throws Exception If something goes wrong.
+ * @throws AuthenticationException If something goes wrong.
*/
User login(Map context)
- throws Exception;
+ throws AuthenticationException;
/**
* This notifies the security-handler that a user logs out.
Modified: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LoginAction.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LoginAction.java?view=diff&rev=496344&r1=496343&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LoginAction.java (original)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LoginAction.java Mon Jan 15 06:46:28 2007
@@ -25,7 +25,6 @@
import org.apache.avalon.framework.parameters.Parameters;
import org.apache.cocoon.environment.Redirector;
import org.apache.cocoon.environment.SourceResolver;
-import org.apache.cocoon.auth.ApplicationManager;
import org.apache.cocoon.auth.User;
/**
@@ -59,7 +58,7 @@
Map map = null;
final Map loginContext = new HashMap();
- loginContext.put(ApplicationManager.LOGIN_CONTEXT_PROPERTIES_KEY, Parameters.toProperties(par));
+ loginContext.putAll(Parameters.toProperties(par));
final User user =
this.applicationManager.login( applicationName, loginContext );
Modified: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LogoutAction.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LogoutAction.java?view=diff&rev=496344&r1=496343&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LogoutAction.java (original)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LogoutAction.java Mon Jan 15 06:46:28 2007
@@ -64,7 +64,7 @@
}
final Map logoutContext = new HashMap();
- logoutContext.put(ApplicationManager.LOGOUT_CONTEXT_PROPERTIES_KEY, Parameters.toProperties(par));
+ logoutContext.putAll(Parameters.toProperties(par));
logoutContext.put(ApplicationManager.LOGOUT_CONTEXT_MODE_KEY, mode);
this.applicationManager.logout(applicationName, logoutContext);
Modified: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/AnonymousSecurityHandler.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/AnonymousSecurityHandler.java?view=diff&rev=496344&r1=496343&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/AnonymousSecurityHandler.java (original)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/AnonymousSecurityHandler.java Mon Jan 15 06:46:28 2007
@@ -20,7 +20,7 @@
import java.util.Map;
-import org.apache.cocoon.auth.StandardUser;
+import org.apache.cocoon.auth.AuthenticationException;
import org.apache.cocoon.auth.User;
/**
@@ -38,7 +38,8 @@
/**
* @see org.apache.cocoon.auth.SecurityHandler#login(java.util.Map)
*/
- public synchronized User login(final Map loginContext) throws Exception {
+ public synchronized User login(final Map loginContext)
+ throws AuthenticationException {
final User user = new StandardUser("anonymous"+this.number);
this.number++;
return user;
Added: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/DAOSecurityHandler.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/DAOSecurityHandler.java?view=auto&rev=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/DAOSecurityHandler.java (added)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/DAOSecurityHandler.java Mon Jan 15 06:46:28 2007
@@ -0,0 +1,147 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ * implied.
+ *
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth.impl;
+
+import java.util.Date;
+import java.util.Map;
+
+import org.apache.cocoon.auth.ApplicationManager;
+import org.apache.cocoon.auth.AuthenticationException;
+import org.apache.cocoon.auth.User;
+import org.apache.commons.lang.StringUtils;
+
+/**
+ * Implementation of a DAO security handler.
+ * This implementation supports:
+ * - a retry count (counting up and down)
+ * - an expires date for the user account.
+ *
+ * The database access is forwarded to a configured UserDAO instance.
+ *
+ * @version $Id$
+ */
+public class DAOSecurityHandler extends AbstractSecurityHandler {
+
+ protected UserDAO userDAO;
+
+ protected boolean checkExpires = true;
+ protected boolean useRetryCount = true;
+ protected boolean negateRetryCount = false;
+ protected int defaultRetryCount = 3;
+
+ public void setCheckExpires(boolean checkExpires) {
+ this.checkExpires = checkExpires;
+ }
+
+ public void setDefaultRetryCount(int defaultRetryCount) {
+ this.defaultRetryCount = defaultRetryCount;
+ }
+
+ public void setNegateRetryCount(boolean negateRetryCount) {
+ this.negateRetryCount = negateRetryCount;
+ }
+
+ public void setUserDAO(UserDAO userDAO) {
+ this.userDAO = userDAO;
+ }
+
+ public void setUseRetryCount(boolean useRetryCount) {
+ this.useRetryCount = useRetryCount;
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.SecurityHandler#login(java.util.Map)
+ */
+ public User login(Map loginContext)
+ throws AuthenticationException {
+ // get user name and password
+ final String name = (String)loginContext.get(ApplicationManager.LOGIN_CONTEXT_USERNAME_KEY);
+ if ( name == null ) {
+ throw new AuthenticationException("Required user name property is missing for login.");
+ }
+ final String password = (String)loginContext.get(ApplicationManager.LOGIN_CONTEXT_PASSWORD_KEY);
+
+ final UserInfo userinfo = this.userDAO.getUserInfo(name);
+ if ( userinfo == null ) {
+ return null;
+ }
+ boolean pwCorrect = StringUtils.equals(userinfo.getPassword(), password);
+ // check retry count
+ if ( this.useRetryCount ) {
+ if ( !negateRetryCount ) {
+ if ( userinfo.getRetryCount() >= this.defaultRetryCount ) {
+ throw new AuthenticationException(AuthenticationException.AUTHENTICATION_FAILED_ACCOUNT_IS_CLOSED);
+ }
+ if ( !pwCorrect ) {
+ userinfo.setRetryCount(userinfo.getRetryCount() + 1);
+ this.userDAO.storeUserInfo(userinfo);
+ if ( userinfo.getRetryCount() == this.defaultRetryCount ) {
+ throw new AuthenticationException(AuthenticationException.AUTHENTICATION_FAILED_ACCOUNT_CLOSED);
+ }
+ } else {
+ // reset retry count
+ if ( userinfo.getRetryCount() != 0 ) {
+ userinfo.setRetryCount(0);
+ this.userDAO.storeUserInfo(userinfo);
+ }
+ }
+ } else {
+ // the account is disabled when the counter is zero!
+ if ( userinfo.getRetryCount() == 0 ) {
+ throw new AuthenticationException(AuthenticationException.AUTHENTICATION_FAILED_ACCOUNT_IS_CLOSED);
+ }
+ if ( !pwCorrect ) {
+ userinfo.setRetryCount(userinfo.getRetryCount() - 1);
+ this.userDAO.storeUserInfo(userinfo);
+ if ( userinfo.getRetryCount() == 0 ) {
+ throw new AuthenticationException(AuthenticationException.AUTHENTICATION_FAILED_ACCOUNT_CLOSED);
+ }
+ } else {
+ // reset retry count
+ if ( userinfo.getRetryCount() != this.defaultRetryCount ) {
+ userinfo.setRetryCount(this.defaultRetryCount);
+ this.userDAO.storeUserInfo(userinfo);
+ }
+ }
+ }
+ }
+ // check expires
+ if ( pwCorrect && this.checkExpires ) {
+ final Date now = new Date();
+ if ( userinfo.getExpires() != null ) {
+ if ( userinfo.getExpires().before(now) ) {
+ throw new AuthenticationException(AuthenticationException.AUTHENTICATION_FAILED_PASSWORD_EXPIRED);
+ }
+ }
+ }
+ // everything still correct?
+ if ( !pwCorrect ) {
+ return null;
+ }
+ return this.userDAO.getUser(userinfo);
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.SecurityHandler#logout(java.util.Map, org.apache.cocoon.auth.User)
+ */
+ public void logout(Map context, User user) {
+ // nothing to do here
+ }
+
+}
Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/DAOSecurityHandler.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/DAOSecurityHandler.java
------------------------------------------------------------------------------
svn:keywords = Id
Modified: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/PipelineSecurityHandler.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/PipelineSecurityHandler.java?view=diff&rev=496344&r1=496343&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/PipelineSecurityHandler.java (original)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/PipelineSecurityHandler.java Mon Jan 15 06:46:28 2007
@@ -18,22 +18,24 @@
*/
package org.apache.cocoon.auth.impl;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
import java.util.Iterator;
import java.util.Map;
import java.util.Properties;
-import org.apache.cocoon.auth.ApplicationManager;
-import org.apache.cocoon.auth.StandardUser;
+import org.apache.cocoon.ProcessingException;
+import org.apache.cocoon.auth.AuthenticationException;
import org.apache.cocoon.auth.User;
import org.apache.cocoon.components.source.util.SourceUtil;
import org.apache.cocoon.util.NetUtils;
import org.apache.excalibur.source.Source;
-import org.apache.excalibur.source.SourceException;
import org.apache.excalibur.source.SourceResolver;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
+import org.xml.sax.SAXException;
/**
* Verify if a user can be authenticated.
@@ -116,30 +118,32 @@
/**
* @see org.apache.cocoon.auth.SecurityHandler#login(java.util.Map)
*/
- public User login(final Map loginContext) throws Exception {
+ public User login(final Map loginContext)
+ throws AuthenticationException {
String authenticationResourceName = this.authenticationResource;
// append parameters
- Properties p = (Properties)
- loginContext.get(ApplicationManager.LOGIN_CONTEXT_PROPERTIES_KEY);
- if ( p != null ) {
- final StringBuffer b = new StringBuffer(authenticationResourceName);
- boolean hasParams = (authenticationResourceName.indexOf('?') != -1);
- final Iterator i = p.entrySet().iterator();
- while ( i.hasNext() ) {
- final Map.Entry current = (Map.Entry)i.next();
- final String key = current.getKey().toString();
- final String value = current.getValue().toString();
- if ( hasParams ) {
- b.append('&');
- } else {
- b.append('?');
- hasParams = true;
- }
+ final StringBuffer b = new StringBuffer(authenticationResourceName);
+ boolean hasParams = (authenticationResourceName.indexOf('?') != -1);
+ final Iterator i = loginContext.entrySet().iterator();
+ while ( i.hasNext() ) {
+ final Map.Entry current = (Map.Entry)i.next();
+ final String key = current.getKey().toString();
+ final String value = current.getValue().toString();
+ if ( hasParams ) {
+ b.append('&');
+ } else {
+ b.append('?');
+ hasParams = true;
+ }
+ try {
b.append(key).append('=').append(NetUtils.encode(value, "utf-8"));
+ } catch (UnsupportedEncodingException ignore) {
+ // this can never happen
}
- authenticationResourceName = b.toString();
}
+ authenticationResourceName = b.toString();
+
User user = null;
Document doc = null;
@@ -149,8 +153,12 @@
source = SourceUtil.getSource(authenticationResourceName, null,
null, this.resolver);
doc = org.apache.cocoon.components.source.SourceUtil.toDOM(source);
- } catch (SourceException se) {
- throw SourceUtil.handle(se);
+ } catch (IOException e) {
+ throw new AuthenticationException(e);
+ } catch (ProcessingException e) {
+ throw new AuthenticationException(e);
+ } catch (SAXException e) {
+ throw new AuthenticationException(e);
} finally {
this.resolver.release(source);
}
Modified: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/ServletSecurityHandler.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/ServletSecurityHandler.java?view=diff&rev=496344&r1=496343&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/ServletSecurityHandler.java (original)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/ServletSecurityHandler.java Mon Jan 15 06:46:28 2007
@@ -24,7 +24,7 @@
import org.apache.cocoon.environment.ObjectModelHelper;
import org.apache.cocoon.environment.Request;
import org.apache.cocoon.processing.ProcessInfoProvider;
-import org.apache.cocoon.auth.StandardUser;
+import org.apache.cocoon.auth.AuthenticationException;
import org.apache.cocoon.auth.User;
/**
@@ -57,7 +57,8 @@
/**
* @see org.apache.cocoon.auth.SecurityHandler#login(java.util.Map)
*/
- public User login(final Map loginContext) throws Exception {
+ public User login(final Map loginContext)
+ throws AuthenticationException {
final Request req = ObjectModelHelper.getRequest(this.processInfoProvider.getObjectModel());
User user = null;
if ( req.getRemoteUser() != null ) {
Added: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/SimpleSecurityHandler.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/SimpleSecurityHandler.java?view=auto&rev=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/SimpleSecurityHandler.java (added)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/SimpleSecurityHandler.java Mon Jan 15 06:46:28 2007
@@ -0,0 +1,91 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ * implied.
+ *
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth.impl;
+
+import java.util.Iterator;
+import java.util.Map;
+import java.util.Properties;
+
+import org.apache.cocoon.auth.ApplicationManager;
+import org.apache.cocoon.auth.AuthenticationException;
+import org.apache.cocoon.auth.User;
+import org.apache.commons.lang.StringUtils;
+
+/**
+ * The simple security handler implements the {@link SecurityHandler} interface.
+ * The user configuration is done through a properties object which can be configured
+ * in the Spring application context.
+ * The property file should have the following format:
+ * {username}={userpassword}
+ *
+ * For example:
+ * cziegeler=secret_password
+ * cocoon=apache
+ *
+ * If you want to specify additional user attributes, use this format:
+ * {username}.{attributename}={attributevalue}
+ *
+ * @version $Id$
+ */
+public class SimpleSecurityHandler
+ extends AbstractSecurityHandler {
+
+ /** The properties. */
+ protected Properties userProperties;
+
+ public void setUserProperties(Properties p) {
+ this.userProperties = p;
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.SecurityHandler#login(java.util.Map)
+ */
+ public User login(final Map loginContext)
+ throws AuthenticationException {
+ // get user name and password
+ final String name = (String)loginContext.get(ApplicationManager.LOGIN_CONTEXT_USERNAME_KEY);
+ if ( name == null ) {
+ throw new AuthenticationException("Required user name property is missing for login.");
+ }
+ final String password = (String)loginContext.get(ApplicationManager.LOGIN_CONTEXT_PASSWORD_KEY);
+ // compare password
+ if ( !StringUtils.equals(password, this.userProperties.getProperty(name)) ) {
+ return null;
+ }
+ final User user = new StandardUser(name);
+ // check for additional attributes
+ final String prefix = name + '.';
+ final Iterator i = this.userProperties.entrySet().iterator();
+ while ( i.hasNext() ) {
+ final Map.Entry current = (Map.Entry)i.next();
+ if ( current.getKey().toString().startsWith(prefix) ) {
+ final String key = current.getKey().toString().substring(prefix.length());
+ user.setAttribute(key, current.getValue());
+ }
+ }
+ return user;
+ }
+
+ /**
+ * @see org.apache.cocoon.auth.SecurityHandler#logout(java.util.Map, org.apache.cocoon.auth.User)
+ */
+ public void logout(final Map logoutContext, final User user) {
+ // nothing to do here
+ }
+}
Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/SimpleSecurityHandler.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/SimpleSecurityHandler.java
------------------------------------------------------------------------------
svn:keywords = Id
Copied: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardApplication.java (from r496246, cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardApplication.java)
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardApplication.java?view=diff&rev=496344&p1=cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardApplication.java&r1=496246&p2=cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardApplication.java&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardApplication.java (original)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardApplication.java Mon Jan 15 06:46:28 2007
@@ -16,12 +16,16 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.apache.cocoon.auth;
+package org.apache.cocoon.auth.impl;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
+import org.apache.cocoon.auth.Application;
+import org.apache.cocoon.auth.ApplicationStore;
+import org.apache.cocoon.auth.SecurityHandler;
+import org.apache.cocoon.auth.User;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
Copied: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardUser.java (from r496246, cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardUser.java)
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardUser.java?view=diff&rev=496344&p1=cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardUser.java&r1=496246&p2=cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardUser.java&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardUser.java (original)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardUser.java Mon Jan 15 06:46:28 2007
@@ -16,7 +16,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.apache.cocoon.auth;
+package org.apache.cocoon.auth.impl;
import java.io.Serializable;
import java.util.ArrayList;
@@ -25,6 +25,8 @@
import java.util.List;
import java.util.Map;
import java.util.StringTokenizer;
+
+import org.apache.cocoon.auth.User;
/**
* This object represents the current user. Each user must have a unique
Added: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserDAO.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserDAO.java?view=auto&rev=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserDAO.java (added)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserDAO.java Mon Jan 15 06:46:28 2007
@@ -0,0 +1,44 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ * implied.
+ *
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth.impl;
+
+import org.apache.cocoon.auth.User;
+
+/**
+ * Interface for the user dao.
+ *
+ * @version $Id$
+ */
+public interface UserDAO {
+
+ /**
+ * Get a user info for the given user name.
+ */
+ UserInfo getUserInfo(String name);
+
+ /**
+ * Store or update a user info in the database.
+ */
+ void storeUserInfo(UserInfo info);
+
+ /**
+ * Get the complete user for the user info.
+ */
+ User getUser(UserInfo info);
+}
Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserDAO.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserDAO.java
------------------------------------------------------------------------------
svn:keywords = Id
Added: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserInfo.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserInfo.java?view=auto&rev=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserInfo.java (added)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserInfo.java Mon Jan 15 06:46:28 2007
@@ -0,0 +1,71 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ * implied.
+ *
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth.impl;
+
+import java.util.Date;
+
+/**
+ * A simple bean holding user information like
+ * - the user name
+ * - the user password
+ * - the retry count
+ * - an expires date
+ * @version $Id$
+ */
+public class UserInfo {
+
+ protected int id;
+
+ protected String user;
+ protected String password;
+ protected int retryCount;
+ protected Date expires;
+
+ public Date getExpires() {
+ return expires;
+ }
+ public void setExpires(Date expires) {
+ this.expires = expires;
+ }
+ public String getPassword() {
+ return password;
+ }
+ public void setPassword(String password) {
+ this.password = password;
+ }
+ public int getRetryCount() {
+ return retryCount;
+ }
+ public void setRetryCount(int retryCount) {
+ this.retryCount = retryCount;
+ }
+ public String getUser() {
+ return user;
+ }
+ public void setUser(String user) {
+ this.user = user;
+ }
+ public int getId() {
+ return id;
+ }
+ public void setId(int id) {
+ this.id = id;
+ }
+
+}
Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserInfo.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserInfo.java
------------------------------------------------------------------------------
svn:keywords = Id
Modified: cocoon/trunk/blocks/cocoon-portal/cocoon-portal-auth-impl/src/main/java/org/apache/cocoon/auth/portal/StandardPortalApplication.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-portal/cocoon-portal-auth-impl/src/main/java/org/apache/cocoon/auth/portal/StandardPortalApplication.java?view=diff&rev=496344&r1=496343&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-portal/cocoon-portal-auth-impl/src/main/java/org/apache/cocoon/auth/portal/StandardPortalApplication.java (original)
+++ cocoon/trunk/blocks/cocoon-portal/cocoon-portal-auth-impl/src/main/java/org/apache/cocoon/auth/portal/StandardPortalApplication.java Mon Jan 15 06:46:28 2007
@@ -29,8 +29,8 @@
import org.apache.cocoon.portal.event.user.UserEventUtil;
import org.apache.cocoon.portal.om.PortalUser;
import org.apache.cocoon.portal.profile.impl.AbstractPortalUser;
-import org.apache.cocoon.auth.StandardApplication;
import org.apache.cocoon.auth.User;
+import org.apache.cocoon.auth.impl.StandardApplication;
/**
* This is a default implementation for a portal application.
Modified: cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/DBSecurityHandler.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/DBSecurityHandler.java?view=diff&rev=496344&r1=496343&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/DBSecurityHandler.java (original)
+++ cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/DBSecurityHandler.java Mon Jan 15 06:46:28 2007
@@ -19,6 +19,7 @@
import java.util.Map;
import org.apache.cocoon.auth.impl.AbstractSecurityHandler;
+import org.apache.cocoon.auth.AuthenticationException;
import org.apache.cocoon.auth.SecurityHandler;
/**
@@ -31,7 +32,8 @@
/**
* @see SecurityHandler#login(Map)
*/
- public org.apache.cocoon.auth.User login(Map loginContext) throws Exception {
+ public org.apache.cocoon.auth.User login(Map loginContext)
+ throws AuthenticationException {
/*
PersistenceBroker broker = PersistenceBrokerFactory.defaultPersistenceBroker();
Modified: cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/PortalUser.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/PortalUser.java?view=diff&rev=496344&r1=496343&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/PortalUser.java (original)
+++ cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/PortalUser.java Mon Jan 15 06:46:28 2007
@@ -18,7 +18,7 @@
import java.util.ArrayList;
-import org.apache.cocoon.auth.StandardUser;
+import org.apache.cocoon.auth.impl.StandardUser;
/**
* @version $Id$