You are viewing a plain text version of this content. The canonical link for it is here.
Posted to portalapps-dev@portals.apache.org by wo...@apache.org on 2009/09/28 14:36:07 UTC
svn commit: r819510 - in /portals/applications/webcontent/trunk:
webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/
webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/impl/
webcontent-war/src/main/...
Author: woonsan
Date: Mon Sep 28 12:36:06 2009
New Revision: 819510
URL: http://svn.apache.org/viewvc?rev=819510&view=rev
Log:
APA-17: Adding default sso site creds info bean and form-based sso feature.
TODO: in form-based sso, we'd better use form posting instead of query parameter with username and password.
Added:
portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/impl/DefaultSSOSiteCredentials.java (with props)
Modified:
portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/SSOSiteCredentials.java
portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/SSOSiteCredentialsProvider.java
portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/impl/RewritableHttpReverseProxyServiceImpl.java
portals/applications/webcontent/trunk/webcontent-war/src/main/webapp/WEB-INF/conf/reverseproxy.properties
Modified: portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/SSOSiteCredentials.java
URL: http://svn.apache.org/viewvc/portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/SSOSiteCredentials.java?rev=819510&r1=819509&r2=819510&view=diff
==============================================================================
--- portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/SSOSiteCredentials.java (original)
+++ portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/SSOSiteCredentials.java Mon Sep 28 12:36:06 2009
@@ -31,4 +31,12 @@
public String getPassword();
+ public boolean isChallengeResponseAuthentication();
+
+ public boolean isFormAuthentication();
+
+ public String getFormPwdField();
+
+ public String getFormUserField();
+
}
Modified: portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/SSOSiteCredentialsProvider.java
URL: http://svn.apache.org/viewvc/portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/SSOSiteCredentialsProvider.java?rev=819510&r1=819509&r2=819510&view=diff
==============================================================================
--- portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/SSOSiteCredentialsProvider.java (original)
+++ portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/SSOSiteCredentialsProvider.java Mon Sep 28 12:36:06 2009
@@ -16,11 +16,14 @@
*/
package org.apache.portals.applications.webcontent.proxy;
+import java.net.URI;
import java.util.List;
+import javax.servlet.http.HttpServletRequest;
+
public interface SSOSiteCredentialsProvider
{
- public List<SSOSiteCredentials> getSSOCredentials(String siteURL);
+ public List<SSOSiteCredentials> getSSOCredentials(HttpServletRequest request, URI siteURI);
}
Added: portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/impl/DefaultSSOSiteCredentials.java
URL: http://svn.apache.org/viewvc/portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/impl/DefaultSSOSiteCredentials.java?rev=819510&view=auto
==============================================================================
--- portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/impl/DefaultSSOSiteCredentials.java (added)
+++ portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/impl/DefaultSSOSiteCredentials.java Mon Sep 28 12:36:06 2009
@@ -0,0 +1,143 @@
+package org.apache.portals.applications.webcontent.proxy.impl;
+
+import org.apache.portals.applications.webcontent.proxy.SSOSiteCredentials;
+
+public class DefaultSSOSiteCredentials implements SSOSiteCredentials
+{
+
+ private String host;
+ private int port = -1;
+ private String realm;
+ private String scheme;
+
+ private String username;
+ private String password;
+
+ private boolean challengeResponseAuthentication = true;
+ private boolean formAuthentication = false;
+ private String formUserField;
+ private String formPwdField;
+
+ public DefaultSSOSiteCredentials()
+ {
+ this(null);
+ }
+
+ public DefaultSSOSiteCredentials(String host)
+ {
+ this(host, -1);
+ }
+
+ public DefaultSSOSiteCredentials(String host, int port)
+ {
+ this(host, port, null);
+ }
+
+ public DefaultSSOSiteCredentials(String host, int port, String realm)
+ {
+ this.host = host;
+ this.port = port;
+ this.realm = realm;
+ }
+
+ public String getHost()
+ {
+ return host;
+ }
+
+ public void setHost(String host)
+ {
+ this.host = host;
+ }
+
+ public int getPort()
+ {
+ return port;
+ }
+
+ public void setPort(int port)
+ {
+ this.port = port;
+ }
+
+ public String getRealm()
+ {
+ return realm;
+ }
+
+ public void setRealm(String realm)
+ {
+ this.realm = realm;
+ }
+
+ public String getScheme()
+ {
+ return scheme;
+ }
+
+ public void setScheme(String scheme)
+ {
+ this.scheme = scheme;
+ }
+
+ public String getUsername()
+ {
+ return username;
+ }
+
+ public void setUsername(String username)
+ {
+ this.username = username;
+ }
+
+ public String getPassword()
+ {
+ return password;
+ }
+
+ public void setPassword(String password)
+ {
+ this.password = password;
+ }
+
+ public boolean isChallengeResponseAuthentication()
+ {
+ return challengeResponseAuthentication;
+ }
+
+ public void setChallengeResponseAuthentication(boolean challengeResponseAuthentication)
+ {
+ this.challengeResponseAuthentication = challengeResponseAuthentication;
+ }
+
+ public boolean isFormAuthentication()
+ {
+ return formAuthentication;
+ }
+
+ public void setFormAuthentication(boolean formAuthentication)
+ {
+ this.formAuthentication = formAuthentication;
+ }
+
+ public String getFormUserField()
+ {
+ return formUserField;
+ }
+
+ public void setFormUserField(String formUserField)
+ {
+ this.formUserField = formUserField;
+ }
+
+ public String getFormPwdField()
+ {
+ return formPwdField;
+ }
+
+ public void setFormPwdField(String formPwdField)
+ {
+ this.formPwdField = formPwdField;
+ }
+
+}
Propchange: portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/impl/DefaultSSOSiteCredentials.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/impl/DefaultSSOSiteCredentials.java
------------------------------------------------------------------------------
svn:keywords = Id
Propchange: portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/impl/DefaultSSOSiteCredentials.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Modified: portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/impl/RewritableHttpReverseProxyServiceImpl.java
URL: http://svn.apache.org/viewvc/portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/impl/RewritableHttpReverseProxyServiceImpl.java?rev=819510&r1=819509&r2=819510&view=diff
==============================================================================
--- portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/impl/RewritableHttpReverseProxyServiceImpl.java (original)
+++ portals/applications/webcontent/trunk/webcontent-jar/src/main/java/org/apache/portals/applications/webcontent/proxy/impl/RewritableHttpReverseProxyServiceImpl.java Mon Sep 28 12:36:06 2009
@@ -23,6 +23,7 @@
import java.io.OutputStreamWriter;
import java.io.Reader;
import java.io.Writer;
+import java.net.URI;
import java.util.Enumeration;
import java.util.List;
@@ -212,7 +213,29 @@
httpClient.getParams().setBooleanParameter(ClientPNames.HANDLE_REDIRECTS, false);
// set sso credentials if available
- setSSOSiteCredentials(proxyTargetURL, httpClient, request);
+ List<SSOSiteCredentials> credsList = getSSOSiteCredentials(proxyTargetURL, httpClient, request);
+ if (credsList != null && !credsList.isEmpty())
+ {
+ if (credsList.get(0).isFormAuthentication())
+ {
+ SSOSiteCredentials formCreds = credsList.get(0);
+ proxyTargetURL = new StringBuilder(proxyTargetURL)
+ .append(proxyTargetURL.indexOf('?') == -1 ? '?' : '&')
+ .append(formCreds.getFormUserField()).append('=').append(formCreds.getUsername())
+ .append('&')
+ .append(formCreds.getFormPwdField()).append('=').append(formCreds.getPassword())
+ .toString();
+ }
+ else
+ {
+ for (SSOSiteCredentials creds : credsList)
+ {
+ AuthScope authScope = new AuthScope(creds.getHost(), creds.getPort(), creds.getRealm(), creds.getScheme());
+ Credentials usernamePwdCreds = new UsernamePasswordCredentials(creds.getUsername(), creds.getPassword());
+ httpClient.getCredentialsProvider().setCredentials(authScope, usernamePwdCreds);
+ }
+ }
+ }
String method = request.getMethod();
boolean isGetMethod = "GET".equals(method);
@@ -490,7 +513,7 @@
}
}
- private void setSSOSiteCredentials(String siteURL, DefaultHttpClient httpClient, HttpServletRequest request)
+ private List<SSOSiteCredentials> getSSOSiteCredentials(String siteURL, DefaultHttpClient httpClient, HttpServletRequest request)
{
SSOSiteCredentialsProvider credsProvider = (SSOSiteCredentialsProvider) request.getAttribute(HttpReverseProxyConstants.SSO_SITE_CREDENTIALS_PROVIDER);
@@ -504,16 +527,13 @@
}
}
- if (credsProvider != null)
+ if (credsProvider == null)
{
- List<SSOSiteCredentials> credsList = credsProvider.getSSOCredentials(siteURL);
-
- for (SSOSiteCredentials creds : credsList)
- {
- AuthScope authScope = new AuthScope(creds.getHost(), creds.getPort(), creds.getRealm(), creds.getScheme());
- Credentials usernamePwdCreds = new UsernamePasswordCredentials(creds.getUsername(), creds.getPassword());
- httpClient.getCredentialsProvider().setCredentials(authScope, usernamePwdCreds);
- }
+ return null;
+ }
+ else
+ {
+ return credsProvider.getSSOCredentials(request, URI.create(siteURL));
}
}
Modified: portals/applications/webcontent/trunk/webcontent-war/src/main/webapp/WEB-INF/conf/reverseproxy.properties
URL: http://svn.apache.org/viewvc/portals/applications/webcontent/trunk/webcontent-war/src/main/webapp/WEB-INF/conf/reverseproxy.properties?rev=819510&r1=819509&r2=819510&view=diff
==============================================================================
--- portals/applications/webcontent/trunk/webcontent-war/src/main/webapp/WEB-INF/conf/reverseproxy.properties (original)
+++ portals/applications/webcontent/trunk/webcontent-war/src/main/webapp/WEB-INF/conf/reverseproxy.properties Mon Sep 28 12:36:06 2009
@@ -80,7 +80,7 @@
# Proxy Pass Reverse Mapping configurations for each category
# ... Put the path item names here. Each path item will be evaluated by the order.
-proxy.reverse.pass = apache, portals, localhost, somewhere
+proxy.reverse.pass = apache, portals, somewhere
# ... Sets detail attributes for each path item.
@@ -90,10 +90,6 @@
proxy.reverse.pass.portals.local = /portals/
proxy.reverse.pass.portals.remote = http://portals.apache.org/
-proxy.reverse.pass.localhost.local = /localhost/
-proxy.reverse.pass.localhost.remote = http://localhost:8080/
-
-# ... 'somewhere' is just an example to show the full configurable items...
proxy.reverse.pass.somewhere.local = /somewhere/
proxy.reverse.pass.somewhere.remote = http://somewhere.localhost.com/
proxy.reverse.pass.somewhere.rewriters = ${defaults.htmlRewriter}, ${defaults.xmlRewriter}