You are viewing a plain text version of this content. The canonical link for it is here.
Posted to photark-commits@incubator.apache.org by av...@apache.org on 2010/06/11 07:36:33 UTC
svn commit: r953595 - in /incubator/photark/trunk:
photark-jcr/src/main/java/org/apache/photark/jcr/security/
photark-jcr/src/main/java/org/apache/photark/jcr/security/authorization/
photark-security/src/main/java/org/apache/photark/security/authentica...
Author: avd
Date: Fri Jun 11 07:36:32 2010
New Revision: 953595
URL: http://svn.apache.org/viewvc?rev=953595&view=rev
Log:
PHOTARK-20 Applying patch from Suhothayan Sriskandarajah with some minor changes.This patch adds the functionality of users registering with PhotArk.
Added:
incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/security/JCRSecurityServiceImpl.java
incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/RegistrationFilter.java
incubator/photark/trunk/photark-ui-security/src/main/webapp/home/registration.html
Modified:
incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/security/authorization/JCRAccessManager.java
incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/AuthorizationFilter.java
incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/FormAuthenticationServiceImpl.java
incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/LogoutServiceImpl.java
incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/OpenIDAuthenticationServiceImpl.java
incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/AccessList.java
incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/Permission.java
incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/Role.java
incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/User.java
incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/UserInfo.java
incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/services/AccessManager.java
incubator/photark/trunk/photark-ui/src/main/webapp/js/constants.js
incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.composite
incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.xml
Added: incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/security/JCRSecurityServiceImpl.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/security/JCRSecurityServiceImpl.java?rev=953595&view=auto
==============================================================================
--- incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/security/JCRSecurityServiceImpl.java (added)
+++ incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/security/JCRSecurityServiceImpl.java Fri Jun 11 07:36:32 2010
@@ -0,0 +1,112 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.photark.jcr.security;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import javax.servlet.Servlet;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.photark.security.authorization.AccessList;
+import org.apache.photark.security.authorization.User;
+import org.apache.photark.security.authorization.UserInfo;
+import org.apache.photark.security.authorization.services.AccessManager;
+import org.oasisopen.sca.annotation.Reference;
+import org.oasisopen.sca.annotation.Scope;
+import org.oasisopen.sca.annotation.Service;
+
+
+@Service(Servlet.class)
+@Scope("COMPOSITE")
+public class JCRSecurityServiceImpl extends HttpServlet implements Servlet /*SecurityService*/ {
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = -6452934544772432330L;
+ private AccessManager accessManager;
+
+ @Reference(name="accessmanager")
+ protected void setAccessService(AccessManager accessManager) {
+ this.accessManager = accessManager;
+ }
+
+ @Override
+ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+ response.setContentType("text/html");
+ doPost( request, response);
+ }
+
+ @Override
+ public void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException {
+ response.setContentType("text/html");
+ AccessList accessList= (AccessList)request.getSession().getAttribute("accessList");
+ StringBuffer sb = new StringBuffer();
+ String userId= accessList.getUserId();
+ User user ;
+
+ if("get".equalsIgnoreCase(request.getParameter("userInfo").toString())){
+
+ user = accessManager.getUser(userId);
+ UserInfo userInfo= user.getUserInfo();
+ if(accessManager.isUserStoredInRole(userId, "unRegisteredUserRole")){
+
+ /* sb.append("userId="+ userId);
+ sb.append(",displayName=" + userInfo.getDisplayName());
+ sb.append(",email=" + userInfo.getEmail());
+ sb.append(",realName=" + userInfo.getRealName());
+ sb.append(",webSite=" + userInfo.getWebsite());*/
+ sb.append( "registered,"+userId+","+ userInfo.getRealName()+","+userInfo.getDisplayName()+","+ userInfo.getEmail()+","+userInfo.getWebsite());
+
+ }else {
+ /*sb.append("userId="+ userId);
+ sb.append(",unRegistered=false");*/
+ sb.append("unRegistered,"+userId+","+ userInfo.getRealName()+","+userInfo.getDisplayName()+","+ userInfo.getEmail()+","+userInfo.getWebsite());
+ }
+
+ }else if("set".equalsIgnoreCase( request.getParameter("userInfo").toString())){
+
+ user = new User(userId);
+ UserInfo userInfo = new UserInfo(request.getParameter("displayName").toString(),
+ request.getParameter("email").toString(),
+ request.getParameter("realName").toString(),
+ request.getParameter("webSite").toString());
+ user.setUserInfo(userInfo);
+
+ if(accessManager.isUserStoredInRole(userId, "unRegisteredUserRole")){
+ accessManager.removeUserFromRole(userId,"unRegisteredUserRole");
+ }
+ if(!accessManager.isUserStoredInRole(userId, "registeredUserRole")){
+ accessManager.addUserToRole(user,"registeredUserRole");
+ }
+ //sb.append("userId="+ userId);
+ //sb.append(",unRegistered=false");
+
+ }
+ PrintWriter out = response.getWriter();
+ out.write(sb.toString());
+ out.flush();
+ out.close();
+
+ }
+}
Modified: incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/security/authorization/JCRAccessManager.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/security/authorization/JCRAccessManager.java?rev=953595&r1=953594&r2=953595&view=diff
==============================================================================
--- incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/security/authorization/JCRAccessManager.java (original)
+++ incubator/photark/trunk/photark-jcr/src/main/java/org/apache/photark/jcr/security/authorization/JCRAccessManager.java Fri Jun 11 07:36:32 2010
@@ -19,8 +19,20 @@
package org.apache.photark.jcr.security.authorization;
+import java.util.ArrayList;
+
+import javax.jcr.LoginException;
+import javax.jcr.Node;
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+
import org.apache.photark.jcr.JCRRepositoryManager;
+import org.apache.photark.security.authorization.AccessList;
+import org.apache.photark.security.authorization.User;
+import org.apache.photark.security.authorization.UserInfo;
import org.apache.photark.security.authorization.services.AccessManager;
+import org.oasisopen.sca.annotation.Destroy;
+import org.oasisopen.sca.annotation.Init;
import org.oasisopen.sca.annotation.Reference;
import org.oasisopen.sca.annotation.Remotable;
import org.oasisopen.sca.annotation.Scope;
@@ -28,20 +40,214 @@ import org.oasisopen.sca.annotation.Scop
@Remotable
@Scope("COMPOSITE")
public class JCRAccessManager implements AccessManager {
- private static String accessList;
- private JCRRepositoryManager repositoryManager;
- public JCRAccessManager(){
+ /** JCR Repository Manager **/
+ private static JCRRepositoryManager repositoryManager;
+ AccessList accessList;
+
+ public JCRAccessManager() {
}
- @Reference(name="repositoryManager")
+ @Reference(name = "repositoryManager")
protected void setRepositoryManager(JCRRepositoryManager repositoryManager) {
this.repositoryManager = repositoryManager;
}
- public synchronized String creatAccessList(String accessList) {
+ @Init
+ public void init() {
+
+ try {
+ Session session = repositoryManager.getSession();
+ Node root = session.getRootNode();
+
+ if (!root.hasNode("userStore")) {
+
+ Node userStore = root.addNode("userStore");
+ Node roles = userStore.addNode("roles");
+ Node allUsers = userStore.addNode("allUsers");
+ Node registeredUserRole = roles.addNode("registeredUserRole");
+ Node unRegisteredUserRole = roles
+ .addNode("unRegisteredUserRole");
+ session.save();
+ }
+
+ } catch (Exception e) {
+ // FIXME: ignore for now
+ e.printStackTrace();
+ } finally {
+ // repositoryManager.releaseSession();
+ }
+ }
+
+ public synchronized void addUserToRole(User user, String node) {
+ init();
+ try {
+ Session session = repositoryManager.getSession();
+ Node subRoleNode = (Node) session.getItem("/userStore/roles/"
+ + node);
+ Node userNode;
+ UserInfo userInfo = user.getUserInfo();
+ if (subRoleNode != null) {
+ if (subRoleNode.hasNode(toJCRFormat(user.getUserId()))) {
+ userNode = subRoleNode
+ .getNode(toJCRFormat(user.getUserId()));
+ } else {
+ userNode = subRoleNode
+ .addNode(toJCRFormat(user.getUserId()));
+ }
+ userNode.setProperty("displayName", toJCRFormat(userInfo
+ .getDisplayName()));
+ userNode.setProperty("email", toJCRFormat(userInfo.getEmail()));
+ userNode.setProperty("realName", toJCRFormat(userInfo
+ .getRealName()));
+ userNode.setProperty("webSite", toJCRFormat(userInfo
+ .getWebsite()));
+ userNode.setProperty("userId", toJCRFormat(user.getUserId()));
+ }
+
+ Node allUsers = (Node) session.getItem("/userStore/allUsers");
+ if (allUsers != null) {
+
+ if (allUsers.hasNode(toJCRFormat(user.getUserId()))) {
+ userNode = allUsers.getNode(toJCRFormat(user.getUserId()));
+ } else {
+ userNode = allUsers.addNode(toJCRFormat(user.getUserId()));
+ }
+ userNode.setProperty("displayName", toJCRFormat(userInfo
+ .getDisplayName()));
+ userNode.setProperty("email", toJCRFormat(userInfo.getEmail()));
+ userNode.setProperty("realName", toJCRFormat(userInfo
+ .getRealName()));
+ userNode.setProperty("webSite", toJCRFormat(userInfo
+ .getWebsite()));
+ userNode.setProperty("userId", toJCRFormat(user.getUserId()));
+ }
+ session.save();
+ } catch (Exception e) {
+ // FIXME: ignore for now
+ e.printStackTrace();
+ } finally {
+ // repositoryManager.releaseSession();
+
+ }
+
+ }
+
+ public synchronized User getUser(String userId) {
+ init();
+ User user = null;
+ try {
+ Session session = repositoryManager.getSession();
+ Node allUsers = (Node) session.getItem("/userStore/allUsers");
+ Node userNode;
+
+ if (allUsers != null) {
+
+ if (allUsers.hasNode(toJCRFormat(userId))) {
+ userNode = allUsers.getNode(toJCRFormat(userId));
+ user = new User(userId);
+ UserInfo userInfo = new UserInfo(
+ toNormalFormat(userNode.getProperty("displayName").getValue().getString()),
+ toNormalFormat(userNode.getProperty("email").getValue().getString()),
+ toNormalFormat(userNode.getProperty("realName").getValue().getString()),
+ toNormalFormat(userNode.getProperty("webSite").getValue().getString())
+ );
+ user.setUserInfo(userInfo);
+ }
+ }
+
+ } catch (Exception e) {
+ // FIXME: ignore for now
+ e.printStackTrace();
+ } finally {
+ // repositoryManager.releaseSession();
+ }
+ return user;
+ }
+
+ @Destroy
+ public void destroy() {
+ // repositoryManager.releaseSession();
+ }
+
+ public String getCurrentUserInfo() {
+
+ return "Works";
+ }
+
+ public boolean isUserStoredInRole(String userId, String node) {
+ init();
+ try {
+ Session session = repositoryManager.getSession();
+ Node subRoleNode = (Node) session.getItem("/userStore/roles/"
+ + node);
+ if (subRoleNode != null && subRoleNode.hasNode(toJCRFormat(userId))) {
+ return true;
+ }
+ } catch (Exception e) {
+ // FIXME: ignore for now
+ e.printStackTrace();
+ } finally {
+ // repositoryManager.releaseSession();
+ }
+ return false;
+ }
+
+ public synchronized AccessList creatAccessList(String userId, String email) {
+
+ User user = new User(userId);
+ user.setUserInfo(new UserInfo(email));
+ if (!isUserStoredInRole(userId, "registeredUserRole")) {
+ if (!isUserStoredInRole(userId, "unRegisteredUserRole")) {
+ addUserToRole(user, "unRegisteredUserRole");
+ }
+ }
+ AccessList accessList = new AccessList(userId, new ArrayList<String>());
this.accessList = accessList;
return accessList;
}
+
+ private String toJCRFormat(String string) {
+ if (string != null) {
+ string = string.replaceAll("/", "#1");
+ string = string.replaceAll(":", "#2");
+ }
+ return string;
+
+ }
+
+ private String toNormalFormat(String string) {
+ if (string != null) {
+ string = string.replaceAll("\\#1", "/");
+ string = string.replaceAll("\\#2", ":");
+ }
+ return string;
+
+ }
+
+ public synchronized void removeUserFromRole(String userId, String node) {
+ Session session;
+ try {
+ session = repositoryManager.getSession();
+ Node subRoleNode = (Node) session.getItem("/userStore/roles/"
+ + node);
+
+ if (subRoleNode != null) {
+ if (subRoleNode.hasNode(toJCRFormat(userId))) {
+ Node userNode = subRoleNode
+ .getNode(toJCRFormat(userId));
+ userNode.remove();
+ session.save();
+ }
+ }
+ } catch (LoginException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ } catch (RepositoryException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
}
Modified: incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/AuthorizationFilter.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/AuthorizationFilter.java?rev=953595&r1=953594&r2=953595&view=diff
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/AuthorizationFilter.java (original)
+++ incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/AuthorizationFilter.java Fri Jun 11 07:36:32 2010
@@ -31,6 +31,8 @@ import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.photark.security.authorization.AccessList;
+
/**
* Authorization Filter. This will only allow authenticated user
* to access to upload.html and redirect others to OpenID authentication
@@ -38,33 +40,12 @@ import javax.servlet.http.HttpServletRes
*
*
*/
-//@Service(Filter.class)
-//@Scope("COMPOSITE")
public class AuthorizationFilter implements Filter {
private static final Logger logger = Logger.getLogger(AuthorizationFilter.class.getName());
- /**Default Name of the Redirect Page */
- //private final String REDIRECT_PAGE_DEFAULT = "photark";
-
- //@Property(name = "redirectPage", required = true)
private String redirectPage;
- /*@Property
- public void setRedirectPage(String redirectPage) {
- if (redirectPage != null && !redirectPage.equals("")) {
- this.redirectPage = redirectPage;
- } else {
- logger.log(Level.WARNING, "Setting Default Redirect Page to Upload.html:"
- + REDIRECT_PAGE_DEFAULT);
- this.redirectPage = REDIRECT_PAGE_DEFAULT;
- }
- }
-
- public String getRedirectPage() {
- return redirectPage;
- }
- */
- /** Filter should be configured with an redirect page. */
+ /** Filter should be configured with an redirect page. */
public void init(FilterConfig FilterConfig) throws ServletException {
if (FilterConfig != null) {
redirectPage = FilterConfig.getInitParameter("redirect_page");
@@ -81,8 +62,8 @@ public class AuthorizationFilter impleme
HttpServletRequest httpReq = (HttpServletRequest) request;
HttpServletResponse httpResp = (HttpServletResponse) response;
- if ((String)httpReq.getSession().getAttribute("accessList") != null && !((String)httpReq.getSession().getAttribute("accessList")).equals("")) {
- System.err.println( (String)httpReq.getSession().getAttribute("accessList") +" Accessing Admin page");
+ if (httpReq.getSession().getAttribute("accessList") != null && ! httpReq.getSession().getAttribute("accessList").equals("")) {
+ System.err.println(((AccessList)httpReq.getSession().getAttribute("accessList")).getUserId() +" Accessing Admin page");
chain.doFilter(request, response);
} else {
httpResp.sendRedirect(httpReq.getContextPath() + redirectPage);
@@ -90,8 +71,4 @@ public class AuthorizationFilter impleme
}
- /*public void init(FilterConfig filterConfig) throws ServletException {
- // TODO Auto-generated method stub
-
- }*/
}
Added: incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/RegistrationFilter.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/RegistrationFilter.java?rev=953595&view=auto
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/RegistrationFilter.java (added)
+++ incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/RegistrationFilter.java Fri Jun 11 07:36:32 2010
@@ -0,0 +1,76 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.photark.security.authentication;
+
+import java.io.IOException;
+import java.util.logging.Logger;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+
+/**
+ * Authorization Filter. This will only allow authenticated user to access to
+ * upload.html and redirect others to OpenID authentication
+ *
+ *
+ *
+ */
+
+public class RegistrationFilter implements Filter {
+ private static final Logger logger = Logger
+ .getLogger(RegistrationFilter.class.getName());
+
+ private String redirectPage;
+
+ /** Filter should be configured with an redirect page. */
+ public void init(FilterConfig FilterConfig) throws ServletException {
+ if (FilterConfig != null) {
+ redirectPage = FilterConfig.getInitParameter("redirect_page");
+ }
+ }
+
+ public void destroy() {
+ // TODO Auto-generated method stub
+ }
+
+ public void doFilter(ServletRequest request, ServletResponse response,
+ FilterChain chain) throws ServletException, IOException {
+ HttpServletRequest httpReq = (HttpServletRequest) request;
+ HttpServletResponse httpResp = (HttpServletResponse) response;
+
+ if (httpReq.getSession().getAttribute("toRigester") != null
+ && httpReq.getSession().getAttribute("toRigester").equals("true")) {
+ httpReq.getSession().setAttribute("toRigester", "false");
+ chain.doFilter(request, response);
+ } else {
+ // httpResp.sendRedirect(httpReq.getContextPath() +"/admin/upload.html");
+ httpResp.sendRedirect(httpReq.getContextPath() + redirectPage);
+ }
+
+ }
+
+}
Modified: incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/FormAuthenticationServiceImpl.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/FormAuthenticationServiceImpl.java?rev=953595&r1=953594&r2=953595&view=diff
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/FormAuthenticationServiceImpl.java (original)
+++ incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/FormAuthenticationServiceImpl.java Fri Jun 11 07:36:32 2010
@@ -27,6 +27,7 @@ import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.photark.security.authorization.AccessList;
import org.apache.photark.security.authorization.services.AccessManager;
import org.oasisopen.sca.annotation.Reference;
import org.oasisopen.sca.annotation.Scope;
@@ -71,7 +72,7 @@ public class FormAuthenticationServiceIm
RelyingParty.getInstance().invalidate(request, response);
//Creating the accessList
- String accesList=accessManager.creatAccessList("SuperAdmin");
+ AccessList accesList=accessManager.creatAccessList("SuperAdmin","");
request.getSession().setAttribute("accessList", accesList);
System.err.println("Super Admin authenticated");
Modified: incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/LogoutServiceImpl.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/LogoutServiceImpl.java?rev=953595&r1=953594&r2=953595&view=diff
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/LogoutServiceImpl.java (original)
+++ incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/LogoutServiceImpl.java Fri Jun 11 07:36:32 2010
@@ -27,6 +27,7 @@ import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.photark.security.authorization.AccessList;
import org.oasisopen.sca.annotation.Scope;
import org.oasisopen.sca.annotation.Service;
@@ -59,19 +60,20 @@ public class LogoutServiceImpl extends H
@Override
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException {
-
- System.err.print((String)request.getSession().getAttribute("accessList"));
- // Removing the AccessList
- request.getSession().setAttribute("accessList", "");
- // invalidating the Authenticated OpenID User
- RelyingParty.getInstance().invalidate(request, response);
- // invalidating the Authenticated Super Admin User
- request.getSession().invalidate();
+ if(request.getSession().getAttribute("accessList")!=null){
+ System.err.print(((AccessList)request.getSession().getAttribute("accessList")).getUserId());
+ }
+ // Removing the AccessList
+ request.getSession().setAttribute("accessList", "");
+ // invalidating the Authenticated OpenID User
+ RelyingParty.getInstance().invalidate(request, response);
+ // invalidating the Authenticated Super Admin User
+ request.getSession().invalidate();
+
+ System.err.println(" logged out");
- System.err.println(" logged out");
-
- // Redirect to Gallery
- response.sendRedirect(request.getContextPath() + "/");
+ // Redirect to Gallery
+ response.sendRedirect(request.getContextPath() + "/");
}
}
\ No newline at end of file
Modified: incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/OpenIDAuthenticationServiceImpl.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/OpenIDAuthenticationServiceImpl.java?rev=953595&r1=953594&r2=953595&view=diff
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/OpenIDAuthenticationServiceImpl.java (original)
+++ incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/OpenIDAuthenticationServiceImpl.java Fri Jun 11 07:36:32 2010
@@ -30,6 +30,7 @@ import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.photark.security.authorization.AccessList;
import org.apache.photark.security.authorization.services.AccessManager;
import org.oasisopen.sca.annotation.Reference;
import org.oasisopen.sca.annotation.Scope;
@@ -84,23 +85,34 @@ public class OpenIDAuthenticationService
//Invalidating the Super Admin user
request.getSession().invalidate();
- //Creating the accessList for the newly authenticated user
- //Creating the accessList
- String accesList=accessManager.creatAccessList(user.getIdentity());
- request.getSession().setAttribute("accessList", accesList);
-
+
+ String email=null;
+
Map<String,String> sreg = SRegExtension.remove(user);
Map<String,String> axschema = AxSchemaExtension.remove(user);
if(sreg!=null && !sreg.isEmpty())
{
System.err.println("sreg: " + sreg);
user.setAttribute("info", sreg);
+ email= sreg.get("email");
}
else if(axschema!=null && !axschema.isEmpty())
{
System.err.println("axschema: " + axschema);
user.setAttribute("info", axschema);
- }
+ email= axschema.get("email");
+ }
+ //Creating the accessList for the newly authenticated user
+
+ if (email==null){
+ email="";
+ }
+ AccessList accesList=accessManager.creatAccessList(user.getIdentity(),email);
+ request.getSession().setAttribute("accessList", accesList);
+ if(!accessManager.isUserStoredInRole(accesList.getUserId(), "registeredUserRole")){
+ request.getSession().setAttribute("toRigester", "true");
+ }
+
}
public void onAccess(OpenIdUser user, HttpServletRequest request)
{
@@ -180,10 +192,12 @@ public class OpenIDAuthenticationService
if(user.isAuthenticated())
{
// user already authenticated
- // request.getRequestDispatcher("/home/home.jsp").forward(request, response);
+ // request.getRequestDispatcher("/home/home.jsp").forward(request, response);
//added by suho
- response.sendRedirect(request.getContextPath() + "/admin/upload.html");
-
+ // the original entry
+ //response.sendRedirect(request.getContextPath() + "/admin/upload.html");
+ // for registering purposes
+ response.sendRedirect(request.getContextPath() + "/home/registration.html");
return;
}
Modified: incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/AccessList.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/AccessList.java?rev=953595&r1=953594&r2=953595&view=diff
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/AccessList.java (original)
+++ incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/AccessList.java Fri Jun 11 07:36:32 2010
@@ -19,19 +19,28 @@
package org.apache.photark.security.authorization;
+import java.io.Serializable;
+import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
+import org.oasisopen.sca.annotation.Remotable;
+
/**
* Immutable AccessList Object responsible for storing permissions of the user.
*
*/
-public class AccessList {
+
+public class AccessList implements Serializable {
+ /**
+ *
+ */
+ private static final long serialVersionUID = 6849853208649971131L;
/** */
- private String userId;
+ private String userId="";
/** */
- private List<String> permissions;
+ private List<String> permissions= new ArrayList<String>();
/**
@@ -41,10 +50,13 @@ public class AccessList {
* @param permissions List<String>
*/
public AccessList(String userId, List<String> permissions){
- this.permissions = Collections.unmodifiableList(permissions);
+ //TODO this.permissions = Collections.unmodifiableList(permissions);
this.userId = userId;
}
+ public AccessList(){
+
+ }
/**
*
Modified: incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/Permission.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/Permission.java?rev=953595&r1=953594&r2=953595&view=diff
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/Permission.java (original)
+++ incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/Permission.java Fri Jun 11 07:36:32 2010
@@ -19,10 +19,16 @@
package org.apache.photark.security.authorization;
+import java.io.Serializable;
+
/**
* Model representing a Permission
*/
-public class Permission {
+public class Permission implements Serializable {
+ /**
+ *
+ */
+ private static final long serialVersionUID = 115956810128294635L;
public String permission;
private String desc;
Modified: incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/Role.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/Role.java?rev=953595&r1=953594&r2=953595&view=diff
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/Role.java (original)
+++ incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/Role.java Fri Jun 11 07:36:32 2010
@@ -19,13 +19,18 @@
package org.apache.photark.security.authorization;
+import java.io.Serializable;
import java.util.ArrayList;
import java.util.List;
/**
* Model representing a Role
*/
-public class Role {
+public class Role implements Serializable {
+ /**
+ *
+ */
+ private static final long serialVersionUID = -7560129536060718311L;
public String roleName;
public List<Permission> permissions = new ArrayList<Permission>();
Modified: incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/User.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/User.java?rev=953595&r1=953594&r2=953595&view=diff
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/User.java (original)
+++ incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/User.java Fri Jun 11 07:36:32 2010
@@ -19,13 +19,21 @@
package org.apache.photark.security.authorization;
+import java.io.Serializable;
+
/**
* Model representing an User of Gallery
*/
-public class User {
- private String userId;
- private UserInfo userinfo;
+
+public class User implements Serializable {
+ /**
+ *
+ */
+ private static final long serialVersionUID = 3933174647645362951L;
+ private String userId ="";
+ private UserInfo userinfo = new UserInfo("");
+
/**
*
Modified: incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/UserInfo.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/UserInfo.java?rev=953595&r1=953594&r2=953595&view=diff
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/UserInfo.java (original)
+++ incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/UserInfo.java Fri Jun 11 07:36:32 2010
@@ -19,39 +19,54 @@
package org.apache.photark.security.authorization;
+import java.io.Serializable;
+
+import org.oasisopen.sca.annotation.Remotable;
+
/**
* Model representing Information of an User of Gallery
*/
-public class UserInfo {
- private String displayName;
- private String email;
- private String realName;
- private String website;
-
-
- public UserInfo(String email){
+
+public class UserInfo implements Serializable {
+ /**
+ *
+ */
+ private static final long serialVersionUID = 3735573328644358405L;
+ private String displayName = "";
+ private String email = "";
+ private String realName = "";
+ private String website = "";
+
+ public UserInfo(String email) {
this.email = email;
}
-
- public String getDisplayName(){
- return displayName;
+
+ public UserInfo(String displayName, String email, String realName,
+ String website) {
+ super();
+ this.displayName = displayName;
+ this.email = email;
+ this.realName = realName;
+ this.website = website;
}
-
-
- public void setDiplayName(String displayName){
+
+ public void setDisplayName(String displayName) {
this.displayName = displayName;
}
-
- public String getEmail(){
+
+ public String getDisplayName() {
+ return displayName;
+ }
+
+ public String getEmail() {
return email;
}
-
-
- public String getRealName(){
+
+ public String getRealName() {
return realName;
}
-
- public String getWebsite(){
+
+ public String getWebsite() {
return website;
}
}
Modified: incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/services/AccessManager.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/services/AccessManager.java?rev=953595&r1=953594&r2=953595&view=diff
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/services/AccessManager.java (original)
+++ incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/services/AccessManager.java Fri Jun 11 07:36:32 2010
@@ -19,10 +19,18 @@
package org.apache.photark.security.authorization.services;
+import org.apache.photark.security.authorization.AccessList;
+import org.apache.photark.security.authorization.User;
import org.oasisopen.sca.annotation.Remotable;
@Remotable
public interface AccessManager {
+
+ AccessList creatAccessList(String identity, String email);
- String creatAccessList(String accessList );
+ boolean isUserStoredInRole(String userId, String node);
+ User getUser(String userId);
+ void removeUserFromRole(String userId, String node);
+ void addUserToRole(User user, String node);
+
}
Added: incubator/photark/trunk/photark-ui-security/src/main/webapp/home/registration.html
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-ui-security/src/main/webapp/home/registration.html?rev=953595&view=auto
==============================================================================
--- incubator/photark/trunk/photark-ui-security/src/main/webapp/home/registration.html (added)
+++ incubator/photark/trunk/photark-ui-security/src/main/webapp/home/registration.html Fri Jun 11 07:36:32 2010
@@ -0,0 +1,133 @@
+<!--
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+-->
+
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
+<title>Registration</title>
+ <script type="text/javascript" src="../js/constants.js"></script>
+ <script type="text/javascript" src="../dojo/dojo.js"></script>
+
+<script type="text/javascript">
+
+ dojo.addOnLoad(function() {
+ // dojo.require("dojo.rpc.JsonService");
+ dojo.require("dojo._base.xhr");
+ });
+
+
+ function populateInfo() {
+ dojo.xhrPost({
+ url:"../security", //photark.constants.SecurityEndpoint,
+ content:{userInfo:"get"},
+ handleAs: "text",
+ load: function(response, ioArgs){
+ setUserInfo(response);
+ },
+ error: function(response, ioArgs){
+ console.error("Error in getting user info");
+ }
+ });
+ }
+
+ function setUserInfo(response){
+ var array = new Array();
+ array =response.split(',');
+ document.getElementById('userId').innerHTML=""+array[1];
+ if(array[0]!=null && array[0]=="unRegistered"){
+ document.getElementById('realName').value=array[2];
+ document.getElementById('displayName').value=array[3];
+ document.getElementById('email').value=array[4];
+ document.getElementById('webSite').value=array[5];
+ }else {
+ }
+
+ }
+
+ function init() {
+ try {
+ populateInfo();
+ } catch (e) {
+ alert(e);
+ }
+ }
+
+ function redirect(){
+ window.location="../admin/upload.html";
+ }
+
+ function set(){
+ dojo.xhrPost({
+ url:"../security", //photark.constants.SecurityEndpoint,
+ content:{userInfo:"set",
+ realName:document.getElementById('realName').value,
+ displayName:document.getElementById('displayName').value,
+ email:document.getElementById('email').value,
+ webSite:document.getElementById('webSite').value},
+ handleAs: "text",
+ load: function(response, ioArgs){
+ redirect();
+ },
+ error: function(response, ioArgs){
+ console.error("Error in getting user info");
+ redirect();
+ }
+ });
+ }
+
+
+</script>
+
+</head>
+
+<body onload="init()">
+
+<h2>Get Registered With PhotArk</h2>
+
+<table border="0">
+<tr>
+<td>OpenID : </td>
+<td><div id="userId"></div></td>
+</tr>
+<tr>
+<td>Real Name : </td>
+<td><input id="realName" type="text" name="realName" /></td>
+</tr>
+<tr>
+<td>Display Name : </td>
+<td><input id="displayName" type="text" name="displayName" /></td>
+</tr>
+<tr>
+<td>E-mail : </td>
+<td><input id="email" type="text" name="email" /></td>
+</tr>
+<tr>
+<td>Website :</td>
+<td><input id="webSite" type="text" name="webSite" /></td>
+</tr>
+</tr>
+<tr>
+<td><button id="submit" type="button" onclick="set()">Register</button></td>
+<td><button id="cancel" type="button" onclick="redirect()">Cancel</button></td>
+</tr>
+</table>
+
+</body>
+
+</html>
Modified: incubator/photark/trunk/photark-ui/src/main/webapp/js/constants.js
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-ui/src/main/webapp/js/constants.js?rev=953595&r1=953594&r2=953595&view=diff
==============================================================================
--- incubator/photark/trunk/photark-ui/src/main/webapp/js/constants.js (original)
+++ incubator/photark/trunk/photark-ui/src/main/webapp/js/constants.js Fri Jun 11 07:36:32 2010
@@ -30,5 +30,6 @@ photark.constants.adminContextRoot = "/p
photark.constants.GalleryServiceEndpoint = photark.constants.contextRoot + "GalleryService?smd";
+//photark.constants.SecurityEndpoint = photark.constants.contextRoot + "Security?smd";
photark.constants.UploadEndpoint = photark.constants.adminContextRoot + "upload";
Modified: incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.composite
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.composite?rev=953595&r1=953594&r2=953595&view=diff
==============================================================================
--- incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.composite (original)
+++ incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.composite Fri Jun 11 07:36:32 2010
@@ -42,6 +42,17 @@
</service>
<reference name="repositoryManager" target="RepositoryManager"/>
</component>
+
+ <!-- Component responsible for providing REST access to Security Data -->
+ <component name="SecurityServiceComponent">
+ <implementation.java class="org.apache.photark.jcr.security.JCRSecurityServiceImpl"/>
+ <service name="Servlet">
+ <tuscany:binding.http uri="/security"/>
+ </service>
+ <reference name="accessmanager" target="AccessManager">
+ <binding.sca name="local"/>
+ </reference>
+ </component>
<!-- Component responsible for providing upload support for gallery/album -->
<component name="ImageUploadServiceComponent">
@@ -97,6 +108,7 @@
<service name="AccessManager">
<interface.java interface="org.apache.photark.security.authorization.services.AccessManager"/>
<binding.sca name="local"/>
+ <!--<tuscany:binding.jsonrpc uri="/Security"/> -->
</service>
<reference name="repositoryManager" target="RepositoryManager"/>
</component>
Modified: incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.xml?rev=953595&r1=953594&r2=953595&view=diff
==============================================================================
--- incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.xml (original)
+++ incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.xml Fri Jun 11 07:36:32 2010
@@ -73,7 +73,7 @@
</error-page>
<filter>
- <filter-name>login-Filter</filter-name>
+ <filter-name>login-filter</filter-name>
<filter-class>org.apache.photark.security.authentication.AuthorizationFilter</filter-class>
<description>This Filter authorizes user access to application
components based upon request URI.</description>
@@ -84,9 +84,24 @@
</filter>
<filter-mapping>
- <filter-name>login-Filter</filter-name>
+ <filter-name>login-filter</filter-name>
<url-pattern>/admin/upload.html</url-pattern>
</filter-mapping>
+
+ <filter>
+ <filter-name>registration-filter</filter-name>
+ <filter-class>org.apache.photark.security.authentication.RegistrationFilter</filter-class>
+ <description>This Filter registers the unregistered user.</description>
+ <init-param>
+ <param-name>redirect_page</param-name>
+ <param-value>/admin/upload.html</param-value>
+ </init-param>
+ </filter>
+
+ <filter-mapping>
+ <filter-name>registration-filter</filter-name>
+ <url-pattern>/home/registration.html</url-pattern>
+ </filter-mapping>
<filter>
<filter-name>openid-filter</filter-name>