You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by wo...@apache.org on 2010/08/31 02:30:30 UTC
svn commit: r991049 - in
/portals/jetspeed-2/applications/j2-admin/trunk/src/main:
java/org/apache/jetspeed/portlets/sso/SSOIFramePortlet.java
webapp/WEB-INF/portlet.xml
webapp/WEB-INF/security/sso/sso-iframe-form-login.jsp
Author: woonsan
Date: Tue Aug 31 00:30:29 2010
New Revision: 991049
URL: http://svn.apache.org/viewvc?rev=991049&view=rev
Log:
JS2-1208: Supporting form-based SSO in SSOIFramePortlet
Added:
portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/security/sso/sso-iframe-form-login.jsp
Modified:
portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOIFramePortlet.java
portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/portlet.xml
Modified: portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOIFramePortlet.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOIFramePortlet.java?rev=991049&r1=991048&r2=991049&view=diff
==============================================================================
--- portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOIFramePortlet.java (original)
+++ portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOIFramePortlet.java Tue Aug 31 00:30:29 2010
@@ -25,8 +25,10 @@ import javax.portlet.PortletContext;
import javax.portlet.PortletException;
import javax.portlet.PortletMode;
import javax.portlet.PortletPreferences;
+import javax.portlet.PortletSession;
import javax.portlet.RenderRequest;
import javax.portlet.RenderResponse;
+import javax.portlet.ResourceURL;
import org.apache.commons.codec.binary.Base64;
import org.apache.jetspeed.security.PasswordCredential;
@@ -52,17 +54,30 @@ public class SSOIFramePortlet extends IF
public static final String SSO_TYPE_URL_BASE64 = "url.base64";
public static final String SSO_TYPE_HTTP = "http";
public static final String SSO_TYPE_CERTIFICATE = "certificate";
+ public static final String SSO_TYPE_FORM = "form";
+ public static final String SSO_TYPE_FORM_GET = "form.get";
+ public static final String SSO_TYPE_FORM_POST = "form.post";
+
public static final String SSO_TYPE_URL_USERNAME = "sso.url.Principal";
public static final String SSO_TYPE_URL_PASSWORD = "sso.url.Credential";
+
+ public static final String SSO_TYPE_FORM_USERNAME = "sso.form.Principal";
+ public static final String SSO_TYPE_FORM_PASSWORD = "sso.form.Credential";
+ public static final String SSO_TYPE_FORM_ACTION = "sso.form.Action";
+ public static final String SSO_TYPE_FORM_ARGS = "sso.form.Args";
+
+ public static final String SSO_TYPE_FORM_AUTH_FLAG = SSOIFramePortlet.class.getName() + ".authFlag";
+
public static final String SSO_REQUEST_ATTRIBUTE_USERNAME = "sso.ra.username";
public static final String SSO_REQUEST_ATTRIBUTE_PASSWORD = "sso.ra.password";
-
+
/*
* The constants must be used in your HTML form for the SSO principal and
* credential
*/
public static final String SSO_FORM_PRINCIPAL = "ssoPrincipal";
public static final String SSO_FORM_CREDENTIAL = "ssoCredential";
+
private PortletContext context;
private SSOManager sso;
@@ -255,6 +270,19 @@ public class SSOIFramePortlet extends IF
return response.encodeURL(source.toString());
}
+ else if (type.equals(SSO_TYPE_FORM) || type.equals(SSO_TYPE_FORM_GET) || type.equals(SSO_TYPE_FORM_POST))
+ {
+ PortletSession portletSession = request.getPortletSession(false);
+
+ if (portletSession == null || portletSession.getAttribute(SSO_TYPE_FORM_AUTH_FLAG) == null)
+ {
+ ResourceURL ssoLoginUrl = response.createResourceURL();
+ ssoLoginUrl.setResourceID("/WEB-INF/security/sso/sso-iframe-form-login.jsp");
+ return ssoLoginUrl.toString();
+ }
+
+ return baseSource;
+ }
else
{
return baseSource;
Modified: portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/portlet.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/portlet.xml?rev=991049&r1=991048&r2=991049&view=diff
==============================================================================
--- portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/portlet.xml (original)
+++ portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/portlet.xml Tue Aug 31 00:30:29 2010
@@ -1717,7 +1717,7 @@
<name>portlet-icon</name>
<value>system-software-update.png</value>
</init-param>
- <expiration-cache>300</expiration-cache>
+ <expiration-cache>0</expiration-cache>
<supports>
<mime-type>text/html</mime-type>
<portlet-mode>EDIT</portlet-mode>
@@ -1734,7 +1734,11 @@
<portlet-preferences>
<preference>
<name>EDITABLEPREFS</name>
- <value>TITLE, SRC, WIDTH, HEIGHT, MAX-WIDTH, MAX-HEIGHT, SCROLLING, AUTORESIZE, VISITLASTPAGE</value>
+ <value>
+ TITLE, SRC, WIDTH, HEIGHT, MAX-WIDTH, MAX-HEIGHT, SCROLLING, AUTORESIZE, VISITLASTPAGE,
+ sso.type, sso.url.Principal, sso.url.Credential,
+ sso.form.Action, sso.form.Principal, sso.form.Credential, sso.form.Args
+ </value>
</preference>
<preference>
<name>TITLE</name>
@@ -1761,16 +1765,40 @@
<value>100%</value>
</preference>
<preference>
+ <name>VISITLASTPAGE</name>
+ <value>true</value>
+ </preference>
+ <preference>
+ <name>sso.type</name>
+ <value>url.base64</value>
+ </preference>
+ <preference>
<name>sso.url.Principal</name>
<value>sso-principal</value>
</preference>
<preference>
<name>sso.url.Credential</name>
<value>sso-credential</value>
- </preference>
+ </preference>
+ <preference>
+ <name>sso.form.Action</name>
+ <value></value>
+ </preference>
+ <preference>
+ <name>sso.form.Principal</name>
+ <value>USERID</value>
+ </preference>
+ <preference>
+ <name>sso.form.Credential</name>
+ <value>PASSWORD</value>
+ </preference>
+ <preference>
+ <name>sso.form.Args</name>
+ <value>Submit2=Log In;OP=;OQ=;is_continue=false</value>
+ </preference>
</portlet-preferences>
</portlet>
-
+
<portlet id="SSOWebContent">
<description>Includes the content of another website inside the portal without using frames. All links are rewritten back to the portal to attempt to proxy all content through the portal. Additional Single-Signon Support to automatically log on this portlet to other web sites and manage sessions.</description>
<portlet-name>SSOWebContentPortlet</portlet-name>
Added: portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/security/sso/sso-iframe-form-login.jsp
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/security/sso/sso-iframe-form-login.jsp?rev=991049&view=auto
==============================================================================
--- portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/security/sso/sso-iframe-form-login.jsp (added)
+++ portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/security/sso/sso-iframe-form-login.jsp Tue Aug 31 00:30:29 2010
@@ -0,0 +1,124 @@
+<%--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+--%>
+<%@ page import="java.util.*" %>
+<%@ page import="javax.portlet.*" %>
+<%@ page import="org.apache.commons.lang.StringUtils" %>
+<%@ page import="org.apache.jetspeed.security.PasswordCredential" %>
+<%@ page import="org.apache.jetspeed.sso.SSOException" %>
+<%@ page import="org.apache.jetspeed.sso.SSOManager" %>
+<%@ page import="org.apache.jetspeed.sso.SSOSite" %>
+<%@ page import="org.apache.jetspeed.sso.SSOUser" %>
+<%@ page import="org.apache.jetspeed.portlets.sso.SSOIFramePortlet" %>
+<%@ page import="org.apache.jetspeed.portlets.sso.SSOPortletUtil" %>
+
+<%!
+private PasswordCredential getRemotePasswordCredential(PortletRequest portletRequest)
+{
+ PortletSession portletSession = portletRequest.getPortletSession();
+
+ if (portletSession != null)
+ {
+ SSOManager sso = (SSOManager)portletSession.getPortletContext().getAttribute("cps:SSO");
+ String siteUrl = portletRequest.getPreferences().getValue("SRC", "");
+ SSOSite site = sso.getSiteByUrl(siteUrl);
+
+ if (site != null)
+ {
+ try
+ {
+ SSOUser remoteUser = SSOPortletUtil.getRemoteUser(sso, portletRequest, site);
+
+ if (remoteUser != null)
+ {
+ PasswordCredential pwc = sso.getCredentials(remoteUser);
+ return pwc;
+ }
+ }
+ catch (SSOException e)
+ {
+ }
+ }
+ }
+
+ return null;
+}
+%>
+
+<%
+ResourceRequest resourceRequest = (ResourceRequest) request.getAttribute("javax.portlet.request");
+
+PortletPreferences prefs = resourceRequest.getPreferences();
+
+String userNameParam = prefs.getValue(SSOIFramePortlet.SSO_TYPE_FORM_USERNAME, "user");
+String passwordParam = prefs.getValue(SSOIFramePortlet.SSO_TYPE_FORM_PASSWORD, "password");
+
+PasswordCredential remotePwc = getRemotePasswordCredential(resourceRequest);
+String userName = (remotePwc != null ? remotePwc.getUserName() : "");
+String password = (remotePwc != null ? remotePwc.getPassword() : "");
+
+String formArgs = prefs.getValue(SSOIFramePortlet.SSO_TYPE_FORM_ARGS, "");
+
+String formAction = prefs.getValue(SSOIFramePortlet.SSO_TYPE_FORM_ACTION, "");
+String matrixArgs = StringUtils.substringAfter(formArgs, ";");
+if (!StringUtils.isBlank(matrixArgs))
+{
+ formAction += (";" + matrixArgs);
+}
+
+String ssoType = prefs.getValue(SSOIFramePortlet.SSO_TYPE, "");
+String formMethod = ("form.get".equals(ssoType) ? "GET" : "POST");
+
+Map<String, String> formArgMap = new HashMap<String, String>();
+
+String [] args = StringUtils.split(StringUtils.substringBefore(formArgs, ";"), "&");
+
+for (String arg : args)
+{
+ String name = "";
+ String value = "";
+ String [] pair = StringUtils.split(arg, "=");
+
+ if (pair.length > 0)
+ {
+ name = StringUtils.trim(StringUtils.defaultString(pair[0], ""));
+ }
+
+ if (pair.length > 1)
+ {
+ value = StringUtils.trim(StringUtils.defaultString(pair[1], ""));
+ }
+
+ formArgMap.put(name, value);
+}
+%>
+<html>
+<head>
+</head>
+<body onload="return document.getElementById('loginForm').submit();">
+<form id="loginForm" method="<%=formMethod%>" action="<%=formAction%>">
+ <input type="hidden" name="<%=userNameParam%>" value="<%=userName%>" />
+ <input type="hidden" name="<%=passwordParam%>" value="<%=password%>" />
+<% for (Map.Entry<String, String> entry : formArgMap.entrySet()) { %>
+ <input type="hidden" name="<%=entry.getKey()%>" value="<%=entry.getValue()%>" />
+<% } %>
+</form>
+</body>
+</html>
+
+<%
+resourceRequest.getPortletSession(true).setAttribute(SSOIFramePortlet.SSO_TYPE_FORM_AUTH_FLAG, Boolean.TRUE);
+%>
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org