You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by "Randy Watler (JIRA)" <je...@portals.apache.org> on 2010/02/07 06:02:28 UTC
[jira] Created: (JS2-1101) OpenID Login Support
OpenID Login Support
--------------------
Key: JS2-1101
URL: https://issues.apache.org/jira/browse/JS2-1101
Project: Jetspeed 2
Issue Type: New Feature
Components: Admin Portlets
Affects Versions: 2.2.1
Environment: Jetspeed Portal
Reporter: Randy Watler
Assignee: Randy Watler
Fix For: 2.2.1
Add OpenID Portal login support, registering and authenticating users using email address accessed from OpenID Provider.
Support Google, Yahoo, and myOpenID providers.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
[jira] Issue Comment Edited: (JS2-1101) OpenID Login Support
Posted by "Randy Watler (JIRA)" <je...@portals.apache.org>.
[ https://issues.apache.org/jira/browse/JS2-1101?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12830651#action_12830651 ]
Randy Watler edited comment on JS2-1101 at 2/7/10 5:17 AM:
-----------------------------------------------------------
Todo for next update:
1. update portal documentation
2. disable EDIT_DEFAULTS mode for page owners, (should be only accessible by admin users)
3. verify Relaying Party metadata access on system deployed on internet
was (Author: rwatler):
Todo for next update:
1. update portal documentation
2. disable EDIT_DEFAULTS mode for page owners, (should be only accessible by admin users)
> OpenID Login Support
> --------------------
>
> Key: JS2-1101
> URL: https://issues.apache.org/jira/browse/JS2-1101
> Project: Jetspeed 2
> Issue Type: New Feature
> Components: Admin Portlets
> Affects Versions: 2.2.1
> Environment: Jetspeed Portal
> Reporter: Randy Watler
> Assignee: Randy Watler
> Fix For: 2.2.1
>
>
> Add OpenID Portal login support, registering and authenticating users using email address accessed from OpenID Provider.
> Support Google, Yahoo, and myOpenID providers.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
[jira] Commented: (JS2-1101) OpenID Login Support
Posted by "Randy Watler (JIRA)" <je...@portals.apache.org>.
[ https://issues.apache.org/jira/browse/JS2-1101?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12833465#action_12833465 ]
Randy Watler commented on JS2-1101:
-----------------------------------
Additional commits to support Google's proposed OpenID extensions for hosted domain metadata discovery/validation implemented in the Step2 project libraries:
J2-admin: 909922 and Jetspeed: 909924
These modifications changed the configuration options for the OpenIDRelayingPartyServlet to include the specification of the Step2 consumer implementation to override the standard openid4java implementation. Here is an example that assumes 'mydomain.com' is hosted by Google Apps:
<init-param>
<description>Discovery domain to consumer implementation mapping.</description>
<param-name>consumer.mydomain.com</param-name>
<param-value>step2</param-value>
</init-param>
<init-param>
<description>Discovery domain to provider URL/host mapping.</description>
<param-name>discovery.mydomainalias.com</param-name>
<param-value>mydomain.com</param-value>
</init-param>
<init-param>
<description>Discovery domain to consumer implementation mapping.</description>
<param-name>consumer.mydomainalias.com</param-name>
<param-value>step2</param-value>
</init-param>
Additional preferences and options have been added to the OpenIDLoginPortlet to control the OpenID login buttons and whether the OpenID provider/URL entry field appears in the portlet:
<init-param>
<description>Display names for OpenID provider buttons.</description>
<name>providerLabels</name>
<value>Gmail, Yahoo!, myOpenID</value>
</init-param>
<init-param>
<description>Domain names for OpenID provider buttons.</description>
<name>providerDomains</name>
<value>gmail.com, yahoo.com, myopenid.com</value>
</init-param>
<init-param>
<description>Enable OpenID provider or URL entry.</description>
<name>enableOpenIDEntry</name>
<value>true</value>
</init-param>
<!-- Display names for OpenID provider buttons. -->
<preference>
<name>providerLabels</name>
<value>Gmail, Yahoo!, myOpenID</value>
</preference>
<!-- Domain names for OpenID provider buttons. -->
<preference>
<name>providerDomains</name>
<value>gmail.com, yahoo.com, myopenid.com</value>
</preference>
<!-- Enable OpenID provider or URL entry. -->
<preference>
<name>enableOpenIDEntry</name>
<value>true</value>
</preference>
> OpenID Login Support
> --------------------
>
> Key: JS2-1101
> URL: https://issues.apache.org/jira/browse/JS2-1101
> Project: Jetspeed 2
> Issue Type: New Feature
> Components: Admin Portlets
> Affects Versions: 2.2.1
> Environment: Jetspeed Portal
> Reporter: Randy Watler
> Assignee: Randy Watler
> Fix For: 2.2.1
>
>
> Add OpenID Portal login support, registering and authenticating users using email address accessed from OpenID Provider.
> Support Google, Yahoo, and myOpenID providers.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
[jira] Issue Comment Edited: (JS2-1101) OpenID Login Support
Posted by "Randy Watler (JIRA)" <je...@portals.apache.org>.
[ https://issues.apache.org/jira/browse/JS2-1101?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12830651#action_12830651 ]
Randy Watler edited comment on JS2-1101 at 2/7/10 5:20 AM:
-----------------------------------------------------------
Todo for next update:
1. update portal documentation
2. disable EDIT_DEFAULTS mode for page owners, (should be only accessible by admin users)
3. verify Relaying Party metadata access on system deployed on internet
4. add OpenID configuration support to Jetspeed archetypes
was (Author: rwatler):
Todo for next update:
1. update portal documentation
2. disable EDIT_DEFAULTS mode for page owners, (should be only accessible by admin users)
3. verify Relaying Party metadata access on system deployed on internet
> OpenID Login Support
> --------------------
>
> Key: JS2-1101
> URL: https://issues.apache.org/jira/browse/JS2-1101
> Project: Jetspeed 2
> Issue Type: New Feature
> Components: Admin Portlets
> Affects Versions: 2.2.1
> Environment: Jetspeed Portal
> Reporter: Randy Watler
> Assignee: Randy Watler
> Fix For: 2.2.1
>
>
> Add OpenID Portal login support, registering and authenticating users using email address accessed from OpenID Provider.
> Support Google, Yahoo, and myOpenID providers.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
[jira] Commented: (JS2-1101) OpenID Login Support
Posted by "Randy Watler (JIRA)" <je...@portals.apache.org>.
[ https://issues.apache.org/jira/browse/JS2-1101?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12830651#action_12830651 ]
Randy Watler commented on JS2-1101:
-----------------------------------
Todo for next update:
1. update portal documentation
2. disable EDIT_DEFAULTS mode for page owners, (should be only accessible by admin users)
> OpenID Login Support
> --------------------
>
> Key: JS2-1101
> URL: https://issues.apache.org/jira/browse/JS2-1101
> Project: Jetspeed 2
> Issue Type: New Feature
> Components: Admin Portlets
> Affects Versions: 2.2.1
> Environment: Jetspeed Portal
> Reporter: Randy Watler
> Assignee: Randy Watler
> Fix For: 2.2.1
>
>
> Add OpenID Portal login support, registering and authenticating users using email address accessed from OpenID Provider.
> Support Google, Yahoo, and myOpenID providers.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
[jira] Resolved: (JS2-1101) OpenID Login Support
Posted by "Randy Watler (JIRA)" <je...@portals.apache.org>.
[ https://issues.apache.org/jira/browse/JS2-1101?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Randy Watler resolved JS2-1101.
-------------------------------
Resolution: Fixed
Initial OpenId support implementation verified against Google hosted, Google public, Yahoo, and MyOpenID providers.
> OpenID Login Support
> --------------------
>
> Key: JS2-1101
> URL: https://issues.apache.org/jira/browse/JS2-1101
> Project: Jetspeed 2
> Issue Type: New Feature
> Components: Admin Portlets
> Affects Versions: 2.2.1
> Environment: Jetspeed Portal
> Reporter: Randy Watler
> Assignee: Randy Watler
> Fix For: 2.2.1
>
>
> Add OpenID Portal login support, registering and authenticating users using email address accessed from OpenID Provider.
> Support Google, Yahoo, and myOpenID providers.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
[jira] Commented: (JS2-1101) OpenID Login Support
Posted by "Randy Watler (JIRA)" <je...@portals.apache.org>.
[ https://issues.apache.org/jira/browse/JS2-1101?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12830647#action_12830647 ]
Randy Watler commented on JS2-1101:
-----------------------------------
Initial implementation includes the following:
j2-admin OpenID login portlet:
src/main/java/org/apache/jetspeed/portlets/openid/OpenIDLoginPortlet.java
src/main/resources/org/apache/jetspeed/portlets/security/resources/OpenIDLoginResources*.properties
Portal OpenID Relaying Party servlet:
components/jetspeed-portal/src/main/java/org/apache/jetspeed/openid/OpenIDRelayingPartyServlet.java
Portal OpenID login filter:
components/jetspeed-portal/src/main/java/org/apache/jetspeed/openid/filter/OpenIDPortalFilter.java
j2-admin portlet configuration:
src/main/webapp/WEB-INF/portlet.xml
src/main/webapp/WEB-INF/jetspeed-portlet.xml
Portal servlet configuration:
applications/jetspeed/src/main/webapp/WEB-INF/web.xml
SVN revisions: j2-admin: 907379, jetspeed: 907378
> OpenID Login Support
> --------------------
>
> Key: JS2-1101
> URL: https://issues.apache.org/jira/browse/JS2-1101
> Project: Jetspeed 2
> Issue Type: New Feature
> Components: Admin Portlets
> Affects Versions: 2.2.1
> Environment: Jetspeed Portal
> Reporter: Randy Watler
> Assignee: Randy Watler
> Fix For: 2.2.1
>
>
> Add OpenID Portal login support, registering and authenticating users using email address accessed from OpenID Provider.
> Support Google, Yahoo, and myOpenID providers.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
[jira] Commented: (JS2-1101) OpenID Login Support
Posted by "Randy Watler (JIRA)" <je...@portals.apache.org>.
[ https://issues.apache.org/jira/browse/JS2-1101?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12834660#action_12834660 ]
Randy Watler commented on JS2-1101:
-----------------------------------
Update:
Jetspeed svn commit: 910835, 910837
Add PortalReservedParameter.SESSION_OPEN_ID_PROVIDER session attribute to expose current OpenID provider to portlets indicating a valid portal login for a domain.
J2-admin svn commit: 910838
Add OpenIDIFramePortlet that displays its content only when a specific OpenID provider domain has been used for the current portal session login.
> OpenID Login Support
> --------------------
>
> Key: JS2-1101
> URL: https://issues.apache.org/jira/browse/JS2-1101
> Project: Jetspeed 2
> Issue Type: New Feature
> Components: Admin Portlets
> Affects Versions: 2.2.1
> Environment: Jetspeed Portal
> Reporter: Randy Watler
> Assignee: Randy Watler
> Fix For: 2.2.1
>
>
> Add OpenID Portal login support, registering and authenticating users using email address accessed from OpenID Provider.
> Support Google, Yahoo, and myOpenID providers.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
[jira] Commented: (JS2-1101) OpenID Login Support
Posted by "Randy Watler (JIRA)" <je...@portals.apache.org>.
[ https://issues.apache.org/jira/browse/JS2-1101?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12830650#action_12830650 ]
Randy Watler commented on JS2-1101:
-----------------------------------
Configuration:
j2-admin portal.xml:
---------------------------------------------------
<portlet id="OpenIDLoginPortlet">
<description>
Logs a user on to the Jetspeed portal using an OpenID Provider
and a built in Relaying Party servlet implmentation. Copies
and maintains user information in Jetspeed user data on login.
</description>
<portlet-name>OpenIDLoginPortlet</portlet-name>
<display-name>OpenID Login Portlet</display-name>
<portlet-class>org.apache.jetspeed.portlets.openid.OpenIDLoginPortlet</portlet-class>
<init-param>
<name>ViewPage</name>
<value>/WEB-INF/security/login/openid-login.jsp</value>
</init-param>
<init-param>
<name>EditPage</name>
<value>/WEB-INF/security/login/openid-login-prefs.jsp</value>
</init-param>
<init-param>
<description>Enable portlet init parameter registration configuration.</description>
<name>enableRegistrationConfig</name>
<value>false</value>
</init-param>
<init-param>
<description>Global enable new user registration.</description>
<name>enableRegistration</name>
<value>true</value>
</init-param>
<init-param>
<description>Global new user template directory to be used for registration.</description>
<name>newUserTemplateDirectory</name>
<value>/_template/new-user/</value>
</init-param>
<init-param>
<description>Global subsite root folder to be used for registration.</description>
<name>subsiteRootFolder</name>
<value></value>
</init-param>
<init-param>
<description>Global roles to be assigned at registration.</description>
<name>roles</name>
<value>user</value>
</init-param>
<init-param>
<description>Global groups to be assigned at registration.</description>
<name>groups</name>
<value></value>
</init-param>
<init-param>
<description>Global profiling rule names to be assigned at registration.</description>
<name>rulesNames</name>
<value>page</value>
</init-param>
<init-param>
<description>Global profiling rule values to be assigned at registration.</description>
<name>rulesValues</name>
<value>j2</value>
</init-param>
<init-param>
<name>portlet-icon</name>
<value>system-lock-screen.png</value>
</init-param>
<expiration-cache>0</expiration-cache>
<supports>
<mime-type>text/html</mime-type>
<portlet-mode>VIEW</portlet-mode>
<portlet-mode>edit_defaults</portlet-mode>
</supports>
<resource-bundle>org.apache.jetspeed.portlets.security.resources.OpenIDLoginResources</resource-bundle>
<portlet-preferences>
<!-- Enable portlet preferences registration configuration. -->
<preference>
<name>enableRegistrationConfig</name>
<value>false</value>
</preference>
<!-- New user registration. -->
<preference>
<name>enableRegistration</name>
<value>true</value>
</preference>
<!-- New user template directory to be used for registration. -->
<preference>
<name>newUserTemplateDirectory</name>
<value>/_template/new-user/</value>
</preference>
<!-- Subsite root folder to be used for registration. -->
<preference>
<name>subsiteRootFolder</name>
<value></value>
</preference>
<!-- Roles to be assigned at registration. -->
<preference>
<name>roles</name>
<value>user</value>
</preference>
<!-- Groups to be assigned at registration. -->
<preference>
<name>groups</name>
<value></value>
</preference>
<!-- Profiling rule names to be assigned at registration. -->
<preference>
<name>rulesNames</name>
<value>page</value>
</preference>
<!-- Profiling rule values to be assigned at registration. -->
<preference>
<name>rulesValues</name>
<value>j2</value>
</preference>
</portlet-preferences>
<portlet-info>
<title>OpenID Login</title>
<short-title>OpenID Login</short-title>
<keywords>openid,login,security,management,admin</keywords>
</portlet-info>
</portlet>
j2-admin jetspeed-portal.xml:
---------------------------------------------------
<portlet>
<portlet-name>OpenIDLoginPortlet</portlet-name>
<js:security-constraint-ref>public-view</js:security-constraint-ref>
<dc:title>OpenID Login Portlet</dc:title>
<dc:creator>J2 Team</dc:creator>
</portlet>
PSML: default-page.psml:
---------------------------------------------------
<fragment id="dp-12" type="portlet" name="j2-admin::OpenIDLoginPortlet">
<property layout="TwoColumns" name="row" value="5" />
<property layout="TwoColumns" name="column" value="1" />
</fragment>
portal web.xml:
---------------------------------------------------
<filter>
<filter-name>OpenIDPortalFilter</filter-name>
<filter-class>org.apache.jetspeed.openid.filter.OpenIDPortalFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>OpenIDPortalFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<servlet>
<description>
OpenID Relaying Party, (RP), servlet used to return discovery
metadata at OpenID realm and to process authentication return
requests.
</description>
<display-name>OpenID Relaying Party Servlet</display-name>
<servlet-name>OpenIDRelayingPartyServlet</servlet-name>
<servlet-class>org.apache.jetspeed.openid.OpenIDRelayingPartyServlet</servlet-class>
<init-param>
<description>Discovery domain to URL mapping.</description>
<param-name>discovery.gmail.com</param-name>
<param-value>https://www.google.com/accounts/o8/id</param-value>
</init-param>
<init-param>
<description>Discovery domain to URL mapping.</description>
<param-name>discovery.yahoo.com</param-name>
<param-value>http://yahoo.com</param-value>
</init-param>
<init-param>
<description>Discovery domain to URL mapping.</description>
<param-name>discovery.myopenid.com</param-name>
<param-value>http://myopenid.com</param-value>
</init-param>
<init-param>
<description>Enable servlet init parameter registration configuration.</description>
<param-name>enableRegistrationConfig</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<description>Enable new user registration.</description>
<param-name>enableRegistration</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<description>Global new user template directory to be used for registration.</description>
<param-name>newUserTemplateDirectory</param-name>
<param-value>/_template/new-user/</param-value>
</init-param>
<init-param>
<description>Global subsite root folder to be used for registration.</description>
<param-name>subsiteRootFolder</param-name>
<param-value></param-value>
</init-param>
<init-param>
<description>Global roles to be assigned at registration.</description>
<param-name>roles</param-name>
<param-value>user</param-value>
</init-param>
<init-param>
<description>Global groups to be assigned at registration.</description>
<param-name>groups</param-name>
<param-value></param-value>
</init-param>
<init-param>
<description>Global profiling rule names to be assigned at registration.</description>
<param-name>rulesNames</param-name>
<param-value>page</param-value>
</init-param>
<init-param>
<description>Global profiling rule values to be assigned at registration.</description>
<param-name>rulesValues</param-name>
<param-value>j2</param-value>
</init-param>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>OpenIDRelayingPartyServlet</servlet-name>
<url-pattern>/openid</url-pattern>
<url-pattern>/openid/*</url-pattern>
</servlet-mapping>
> OpenID Login Support
> --------------------
>
> Key: JS2-1101
> URL: https://issues.apache.org/jira/browse/JS2-1101
> Project: Jetspeed 2
> Issue Type: New Feature
> Components: Admin Portlets
> Affects Versions: 2.2.1
> Environment: Jetspeed Portal
> Reporter: Randy Watler
> Assignee: Randy Watler
> Fix For: 2.2.1
>
>
> Add OpenID Portal login support, registering and authenticating users using email address accessed from OpenID Provider.
> Support Google, Yahoo, and myOpenID providers.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org