You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lenya.apache.org by an...@apache.org on 2008/03/30 19:20:36 UTC
svn commit: r642784 - in /lenya/branches/branch_1_2_x_shibboleth/src:
java/org/apache/lenya/ac/impl/
java/org/apache/lenya/cms/cocoon/components/modules/input/ webapp/
webapp/lenya/xslt/ac/
Author: andreas
Date: Sun Mar 30 10:20:34 2008
New Revision: 642784
URL: http://svn.apache.org/viewvc?rev=642784&view=rev
Log:
Choose login screen based on authentictor type.
Added:
lenya/branches/branch_1_2_x_shibboleth/src/webapp/lenya/xslt/ac/login-shibboleth.xsl
lenya/branches/branch_1_2_x_shibboleth/src/webapp/lenya/xslt/ac/login-user.xsl
- copied, changed from r642699, lenya/branches/branch_1_2_x_shibboleth/src/webapp/lenya/xslt/ac/login.xsl
Removed:
lenya/branches/branch_1_2_x_shibboleth/src/webapp/lenya/xslt/ac/login.xsl
Modified:
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/DefaultAccessController.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/cms/cocoon/components/modules/input/AccessControlModule.java
lenya/branches/branch_1_2_x_shibboleth/src/webapp/sitemap.xmap
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/DefaultAccessController.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/DefaultAccessController.java?rev=642784&r1=642783&r2=642784&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/DefaultAccessController.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/DefaultAccessController.java Sun Mar 30 10:20:34 2008
@@ -267,16 +267,17 @@
*/
protected void setupAuthenticator(Configuration config) throws Exception {
Configuration authConfig = config.getChild(AUTHENTICATOR_ELEMENT, false);
- String type = authConfig == null ? Authenticator.DEFAULT_AUTHENTICATOR : authConfig
+ this.authenticatorType = authConfig == null ? Authenticator.DEFAULT_AUTHENTICATOR : authConfig
.getAttribute(TYPE_ATTRIBUTE);
this.authenticatorSelector = (ServiceSelector) manager.lookup(Authenticator.ROLE
+ "Selector");
- this.authenticator = (Authenticator) this.authenticatorSelector.select(type);
+ this.authenticator = (Authenticator) this.authenticatorSelector.select(this.authenticatorType);
configureOrParameterize(this.authenticator, authConfig);
}
private ServiceManager manager;
+ private String authenticatorType;
/**
* Set the global component manager.
@@ -452,6 +453,10 @@
AttributeDefinition definition = (AttributeDefinition) this.manager
.lookup(AttributeDefinition.ROLE);
AttributeDefinitionRegistry.register(definition);
+ }
+
+ public String getAuthenticatorType() {
+ return this.authenticatorType;
}
}
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/cms/cocoon/components/modules/input/AccessControlModule.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/cms/cocoon/components/modules/input/AccessControlModule.java?rev=642784&r1=642783&r2=642784&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/cms/cocoon/components/modules/input/AccessControlModule.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/cms/cocoon/components/modules/input/AccessControlModule.java Sun Mar 30 10:20:34 2008
@@ -64,33 +64,32 @@
*/
public static final String LOGIN_URI = "login-uri";
+ /**
+ * The authenticator type (i.e., selector hint) as declared in cocoon.xconf.
+ * Used for the login screen presentation.
+ */
+ public static final String AUTHENTICATOR_TYPE = "authenticator-type";
+
public static final String USER_MANAGER = "user-manager";
public static final String GROUP_MANAGER = "group-manager";
public static final String ROLE_MANAGER = "role-manager";
public static final String IP_RANGE_MANAGER = "iprange-manager";
/**
- * The names of the AccessControlModule parameters.
- */
- public static final String[] PARAMETER_NAMES =
- {
- IP_ADDRESS,
- USER_ID,
- USER_NAME,
- USER_EMAIL,
- ROLE_IDS,
- USER_MANAGER,
- GROUP_MANAGER,
- ROLE_MANAGER,
- IP_RANGE_MANAGER,
- LOGIN_URI };
+ * The names of the AccessControlModule parameters.
+ */
+ public static final String[] PARAMETER_NAMES = { IP_ADDRESS, USER_ID, USER_NAME, USER_EMAIL,
+ ROLE_IDS, USER_MANAGER, GROUP_MANAGER, ROLE_MANAGER, IP_RANGE_MANAGER, LOGIN_URI,
+ AUTHENTICATOR_TYPE };
/**
- *
- * @see org.apache.cocoon.components.modules.input.InputModule#getAttribute(java.lang.String, org.apache.avalon.framework.configuration.Configuration, java.util.Map)
+ *
+ * @see org.apache.cocoon.components.modules.input.InputModule#getAttribute(java.lang.String,
+ * org.apache.avalon.framework.configuration.Configuration,
+ * java.util.Map)
*/
public Object getAttribute(String name, Configuration modeConf, Map objectModel)
- throws ConfigurationException {
+ throws ConfigurationException {
Request request = ObjectModelHelper.getRequest(objectModel);
Session session = request.getSession();
@@ -135,25 +134,41 @@
}
value = roleIds;
} catch (AccessControlException e) {
- throw new ConfigurationException(
- "Obtaining value for attribute [" + name + "] failed: ", e);
+ throw new ConfigurationException("Obtaining value for attribute [" + name
+ + "] failed: ", e);
}
}
}
}
- if (name.equals(USER_MANAGER)
- || name.equals(GROUP_MANAGER)
- || name.equals(ROLE_MANAGER)
- || name.equals(IP_RANGE_MANAGER)) {
+ if (name.equals(USER_MANAGER) || name.equals(GROUP_MANAGER) || name.equals(ROLE_MANAGER)
+ || name.equals(IP_RANGE_MANAGER)) {
value = getItemManager(request, name);
- }
- else if (name.equals(LOGIN_URI)) {
- value = getLoginUri(request);
+ } else if (name.equals(LOGIN_URI)) {
+ ValueExtractor extractor = new ValueExtractor() {
+ protected String extractValue(DefaultAccessController accessController,
+ Request request) {
+ return accessController.getAuthenticator().getLoginUri(request);
+ }
+ };
+ value = extractValue(request, extractor);
+ } else if (name.equals(AUTHENTICATOR_TYPE)) {
+ ValueExtractor extractor = new ValueExtractor() {
+ protected String extractValue(DefaultAccessController accessController,
+ Request request) {
+ return accessController.getAuthenticatorType();
+ }
+ };
+ value = extractValue(request, extractor);
}
return value;
}
+ protected String getAuthenticatorType() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
protected User getUser(Request request, Identity identity) throws ConfigurationException {
User user = null;
UserReference userRef = identity.getUserReference();
@@ -167,21 +182,30 @@
return user;
}
- protected String getLoginUri(Request request) throws ConfigurationException {
+ /**
+ * Class to obtain a property of the access controller without duplicating
+ * the lookup/release boilerplate code.
+ */
+ protected static abstract class ValueExtractor {
+ protected abstract String extractValue(DefaultAccessController accessController,
+ Request request);
+ }
+
+ protected String extractValue(Request request, ValueExtractor extractor)
+ throws ConfigurationException {
DefaultAccessController accessController = null;
ServiceSelector selector = null;
AccessControllerResolver resolver = null;
try {
selector = (ServiceSelector) manager.lookup(AccessControllerResolver.ROLE + "Selector");
- resolver =
- (AccessControllerResolver) selector.select(
- AccessControllerResolver.DEFAULT_RESOLVER);
+ resolver = (AccessControllerResolver) selector
+ .select(AccessControllerResolver.DEFAULT_RESOLVER);
String url = ServletHelper.getWebappURI(request);
accessController = (DefaultAccessController) resolver.resolveAccessController(url);
-
- return accessController.getAuthenticator().getLoginUri(request);
+
+ return extractor.extractValue(accessController, request);
} catch (Exception e) {
throw new ConfigurationException("Could not determine login URI: ", e);
@@ -199,19 +223,22 @@
}
/**
- * @see org.apache.cocoon.components.modules.input.InputModule#getAttributeNames(org.apache.avalon.framework.configuration.Configuration, java.util.Map)
+ * @see org.apache.cocoon.components.modules.input.InputModule#getAttributeNames(org.apache.avalon.framework.configuration.Configuration,
+ * java.util.Map)
*/
public Iterator getAttributeNames(Configuration modeConf, Map objectModel)
- throws ConfigurationException {
+ throws ConfigurationException {
return Arrays.asList(PARAMETER_NAMES).iterator();
}
/**
- * @see org.apache.cocoon.components.modules.input.InputModule#getAttributeValues(java.lang.String, org.apache.avalon.framework.configuration.Configuration, java.util.Map)
+ * @see org.apache.cocoon.components.modules.input.InputModule#getAttributeValues(java.lang.String,
+ * org.apache.avalon.framework.configuration.Configuration,
+ * java.util.Map)
*/
public Object[] getAttributeValues(String name, Configuration modeConf, Map objectModel)
- throws ConfigurationException {
- Object[] objects = { getAttribute(name, modeConf, objectModel)};
+ throws ConfigurationException {
+ Object[] objects = { getAttribute(name, modeConf, objectModel) };
return objects;
}
@@ -220,12 +247,13 @@
* Returns the item manager for a certain name.
* @param request The request.
* @param name The name of the manager ({@link #USER_MANAGER},
- * {@link #ROLE_MANAGER}, {@link #GROUP_MANAGER}, or {@link IP_RANGE_MANAGER}
+ * {@link #ROLE_MANAGER}, {@link #GROUP_MANAGER}, or
+ * {@link IP_RANGE_MANAGER}
* @return An item manager.
* @throws ConfigurationException when something went wrong.
*/
protected ItemManager getItemManager(Request request, String name)
- throws ConfigurationException {
+ throws ConfigurationException {
AccessController accessController = null;
ServiceSelector selector = null;
AccessControllerResolver resolver = null;
@@ -233,15 +261,14 @@
try {
selector = (ServiceSelector) manager.lookup(AccessControllerResolver.ROLE + "Selector");
- resolver =
- (AccessControllerResolver) selector.select(
- AccessControllerResolver.DEFAULT_RESOLVER);
+ resolver = (AccessControllerResolver) selector
+ .select(AccessControllerResolver.DEFAULT_RESOLVER);
String url = ServletHelper.getWebappURI(request);
accessController = resolver.resolveAccessController(url);
- AccreditableManager accreditableManager =
- ((DefaultAccessController) accessController).getAccreditableManager();
+ AccreditableManager accreditableManager = ((DefaultAccessController) accessController)
+ .getAccreditableManager();
if (name.equals(USER_MANAGER)) {
itemManager = accreditableManager.getUserManager();
Added: lenya/branches/branch_1_2_x_shibboleth/src/webapp/lenya/xslt/ac/login-shibboleth.xsl
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/webapp/lenya/xslt/ac/login-shibboleth.xsl?rev=642784&view=auto
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/webapp/lenya/xslt/ac/login-shibboleth.xsl (added)
+++ lenya/branches/branch_1_2_x_shibboleth/src/webapp/lenya/xslt/ac/login-shibboleth.xsl Sun Mar 30 10:20:34 2008
@@ -0,0 +1,36 @@
+<?xml version="1.0"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+
+<!-- $Id: login.xsl 473841 2006-11-12 00:46:38Z gregor $ -->
+
+ <xsl:stylesheet version="1.0"
+ xmlns:i18n="http://apache.org/cocoon/i18n/2.1"
+ xmlns:page="http://apache.org/cocoon/lenya/cms-page/1.0"
+ xmlns:session="http://www.apache.org/xsp/session/2.0"
+ xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+
+ <xsl:import href="login-user.xsl"/>
+
+ <xsl:template name="afterLoginForm">
+ <br/>
+ <a href="?lenya.usecase=shibboleth&lenya.step=wayf">Login via Shibboleth</a>
+ </xsl:template>
+
+ </xsl:stylesheet>
+
+
\ No newline at end of file
Copied: lenya/branches/branch_1_2_x_shibboleth/src/webapp/lenya/xslt/ac/login-user.xsl (from r642699, lenya/branches/branch_1_2_x_shibboleth/src/webapp/lenya/xslt/ac/login.xsl)
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/webapp/lenya/xslt/ac/login-user.xsl?p2=lenya/branches/branch_1_2_x_shibboleth/src/webapp/lenya/xslt/ac/login-user.xsl&p1=lenya/branches/branch_1_2_x_shibboleth/src/webapp/lenya/xslt/ac/login.xsl&r1=642699&r2=642784&rev=642784&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/webapp/lenya/xslt/ac/login.xsl (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/webapp/lenya/xslt/ac/login-user.xsl Sun Mar 30 10:20:34 2008
@@ -101,11 +101,13 @@
</tr>
</table>
</form>
- <br/>
- <a href="?lenya.usecase=shibboleth&lenya.step=wayf">Login via Shibboleth</a>
+ <xsl:call-template name="afterLoginForm"/>
</div>
</div>
</xsl:template>
+
+ <xsl:template name="afterLoginForm"/>
+
<xsl:template name="pubname">
<xsl:value-of
select="translate($publication_name, 'abcdefghijklmnopqrstuvwxyz','ABCDEFGHIJKLMNOPQRSTUVWXYZ')" />
Modified: lenya/branches/branch_1_2_x_shibboleth/src/webapp/sitemap.xmap
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/webapp/sitemap.xmap?rev=642784&r1=642783&r2=642784&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/webapp/sitemap.xmap (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/webapp/sitemap.xmap Sun Mar 30 10:20:34 2008
@@ -484,7 +484,7 @@
<map:match type="step" pattern="showscreen">
<map:generate type="serverpages" src="{fallback:content/ac/login.xsp}"/>
- <map:transform src="{fallback:xslt/ac/login.xsl}">
+ <map:transform src="{fallback:xslt/ac/login-{access-control:authenticator-type}.xsl}">
<map:parameter name="publication_name" value="{page-envelope:publication-id}"/>
</map:transform>
<map:call resource="style-cms-page"/>
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@lenya.apache.org
For additional commands, e-mail: commits-help@lenya.apache.org