You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by rw...@apache.org on 2009/06/26 09:33:52 UTC
svn commit: r788615 - in
/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE:
components/serializer/
components/serializer/src/java/org/apache/jetspeed/serializer/
components/serializer/src/java/org/apache/jetspeed/serializer/objects/
compon...
Author: rwatler
Date: Fri Jun 26 07:33:51 2009
New Revision: 788615
URL: http://svn.apache.org/viewvc?rev=788615&view=rev
Log:
JS2-1034: implement SSO import/export serialization
Added:
portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSite.java
portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSiteRemoteUser.java
portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSiteRemoteUsers.java
portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSites.java
Modified:
portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/maven.xml
portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/project.xml
portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/JetspeedSerializerApplication.java
portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/JetspeedSerializerImpl.java
portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSeedData.java
portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/JETSPEED-INF/ojb/sso_repository.xml
portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java
portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/SSOSiteImpl.java
portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/etc/build-with-DDLUTILS.xml
portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/etc/build.xml
portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/installer/etc/database/build.xml
portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/serializer/JetspeedSerializer.java
portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOProvider.java
portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOSite.java
portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-archetypes/portal/build.xml
portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-archetypes/portal/src/archetype/archetype-resources/etc/build.xml
portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-plugin/plugin-with-DDLUTILS.jelly
portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-plugin/plugin.jelly
Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/maven.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/maven.xml?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/maven.xml (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/maven.xml Fri Jun 26 07:33:51 2009
@@ -33,6 +33,7 @@
<copy todir='${maven.build.dir}/assembly/' file='../../src/webapp/WEB-INF/assembly/security-spi.xml'/>
<copy todir='${maven.build.dir}/assembly/' file='../../src/webapp/WEB-INF/assembly/security-spi-atn.xml'/>
<copy todir='${maven.build.dir}/assembly/' file='../../src/webapp/WEB-INF/assembly/security-spi-atz.xml'/>
+ <copy todir='${maven.build.dir}/assembly/' file='../../src/webapp/WEB-INF/assembly/sso.xml'/>
<copy todir='${maven.build.dir}/assembly/' file='../../src/webapp/WEB-INF/assembly/transaction.xml'/>
<copy todir='${maven.build.dir}/assembly/' file='../../src/webapp/WEB-INF/assembly/prefs.xml'/>
<copy todir='${maven.build.dir}/assembly/' file='../../src/webapp/WEB-INF/assembly/cache.xml'/>
Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/project.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/project.xml?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/project.xml (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/project.xml Fri Jun 26 07:33:51 2009
@@ -83,7 +83,7 @@
</dependency>
- <dependency>
+ <dependency>
<id>org.apache.portals.jetspeed-2:jetspeed-profiler</id>
<version>${jetspeed.version}</version>
<properties>
@@ -91,6 +91,13 @@
</properties>
</dependency>
+ <dependency>
+ <id>org.apache.portals.jetspeed-2:jetspeed-sso</id>
+ <version>${jetspeed.version}</version>
+ <properties>
+ <war.bundle>true</war.bundle>
+ </properties>
+ </dependency>
<dependency>
<id>org.apache.portals.jetspeed-2:jetspeed-locator</id>
Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/JetspeedSerializerApplication.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/JetspeedSerializerApplication.java?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/JetspeedSerializerApplication.java (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/JetspeedSerializerApplication.java Fri Jun 26 07:33:51 2009
@@ -48,6 +48,7 @@
* PROFILE = extract/import profile settings (for export requires USER)
* PERMISSIONS = extract/import permissions
* PREFS = extract/import portlet preferences (ignored if any of the above is set)
+ * SSO = extract/import sso sites
*
* NOOVERWRITE = don't overwrite existing file (for export)
* BACKUP = backup before process
@@ -264,6 +265,7 @@
settings.put(JetspeedSerializer.KEY_PROCESS_CAPABILITIES, Boolean.FALSE);
settings.put(JetspeedSerializer.KEY_PROCESS_PROFILER, Boolean.FALSE);
settings.put(JetspeedSerializer.KEY_PROCESS_USER_PREFERENCES, Boolean.FALSE);
+ settings.put(JetspeedSerializer.KEY_PROCESS_SSO, Boolean.FALSE);
settings.put(JetspeedSerializer.KEY_OVERWRITE_EXISTING, Boolean.TRUE);
settings.put(JetspeedSerializer.KEY_BACKUP_BEFORE_PROCESS, Boolean.FALSE);
String[] optionSet = getTokens(options);
@@ -279,6 +281,7 @@
settings.put(JetspeedSerializer.KEY_PROCESS_CAPABILITIES, Boolean.TRUE);
settings.put(JetspeedSerializer.KEY_PROCESS_PROFILER, Boolean.TRUE);
settings.put(JetspeedSerializer.KEY_PROCESS_PERMISSIONS, Boolean.TRUE);
+ settings.put(JetspeedSerializer.KEY_PROCESS_SSO, Boolean.TRUE);
settings.put(JetspeedSerializer.KEY_PROCESS_USER_PREFERENCES, Boolean.FALSE);
processHelper = 1;
}
@@ -308,6 +311,11 @@
settings.put(JetspeedSerializer.KEY_PROCESS_PERMISSIONS,
Boolean.TRUE);
processHelper = 1;
+ } else if (o.equalsIgnoreCase("SSO"))
+ {
+ settings.put(JetspeedSerializer.KEY_PROCESS_SSO,
+ Boolean.TRUE);
+ processHelper = 1;
} else if (o.equalsIgnoreCase("NOOVERWRITE"))
settings.put(JetspeedSerializer.KEY_OVERWRITE_EXISTING,
Boolean.FALSE);
@@ -344,8 +352,7 @@
throw new IllegalArgumentException(
"Can't proceed without a valid database user");
-
-
+
HashMap context = new HashMap();
context.put(SpringJNDIStarter.DATASOURCE_DRIVER, driverClass);
Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/JetspeedSerializerImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/JetspeedSerializerImpl.java?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/JetspeedSerializerImpl.java (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/JetspeedSerializerImpl.java Fri Jun 26 07:33:51 2009
@@ -50,8 +50,10 @@
import org.apache.jetspeed.security.RoleManager;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.UserManager;
+import org.apache.jetspeed.security.om.InternalCredential;
import org.apache.jetspeed.security.om.InternalPermission;
import org.apache.jetspeed.security.om.InternalPrincipal;
+import org.apache.jetspeed.security.om.InternalUserPrincipal;
import org.apache.jetspeed.security.spi.PasswordCredentialProvider;
import org.apache.jetspeed.serializer.objects.JSCapabilities;
import org.apache.jetspeed.serializer.objects.JSCapability;
@@ -79,12 +81,19 @@
import org.apache.jetspeed.serializer.objects.JSRuleCriterions;
import org.apache.jetspeed.serializer.objects.JSSeedData;
import org.apache.jetspeed.serializer.objects.JSSnapshot;
+import org.apache.jetspeed.serializer.objects.JSSSOSite;
+import org.apache.jetspeed.serializer.objects.JSSSOSiteRemoteUser;
+import org.apache.jetspeed.serializer.objects.JSSSOSiteRemoteUsers;
+import org.apache.jetspeed.serializer.objects.JSSSOSites;
import org.apache.jetspeed.serializer.objects.JSUser;
import org.apache.jetspeed.serializer.objects.JSUserAttributes;
import org.apache.jetspeed.serializer.objects.JSUserGroups;
import org.apache.jetspeed.serializer.objects.JSUserRoles;
import org.apache.jetspeed.serializer.objects.JSUserUsers;
import org.apache.jetspeed.serializer.objects.JSUsers;
+import org.apache.jetspeed.sso.SSOException;
+import org.apache.jetspeed.sso.SSOProvider;
+import org.apache.jetspeed.sso.SSOSite;
/**
* Jetspeed Serializer
@@ -127,6 +136,8 @@
private HashMap rulesMap = new HashMap();
+ private HashMap ssoSitesMap = new HashMap();
+
int refCouter = 0;
@@ -192,6 +203,7 @@
setSetting(JetspeedSerializer.KEY_PROCESS_CAPABILITIES, true);
setSetting(JetspeedSerializer.KEY_PROCESS_PROFILER, true);
setSetting(JetspeedSerializer.KEY_PROCESS_PERMISSIONS, true);
+ setSetting(JetspeedSerializer.KEY_PROCESS_SSO, true);
setSetting(JetspeedSerializer.KEY_OVERWRITE_EXISTING, true);
setSetting(JetspeedSerializer.KEY_BACKUP_BEFORE_PROCESS, true);
}
@@ -926,6 +938,19 @@
}
}
+ private void importSSO()
+ {
+ System.out.println("importSSO - processing");
+ try
+ {
+ recreateSSOSites();
+ }
+ catch (Exception e)
+ {
+ e.printStackTrace();
+ }
+ }
+
/**
* The workhorse for importing data
@@ -971,6 +996,12 @@
logMe("permissions, rules etc. skipped ");
recreatePermissions();
}
+
+ if (this.getSetting(JetspeedSerializer.KEY_PROCESS_SSO))
+ {
+ logMe("importing sso");
+ this.importSSO();
+ }
}
/**
@@ -1019,6 +1050,13 @@
} else
logMe(" permissions skipped");
+ if (this.getSetting(JetspeedSerializer.KEY_PROCESS_SSO))
+ {
+ logMe("collecting sso sites");
+ this.getSSOSites();
+ } else
+ logMe(" sso skipped");
+
}
/**
@@ -1067,6 +1105,11 @@
binding.setAlias(JSPWAttributes.class,"credentials");
+ binding.setAlias(JSSSOSite.class, "Site");
+ binding.setAlias(JSSSOSiteRemoteUser.class, "RemoteUser");
+ binding.setAlias(JSSSOSiteRemoteUsers.class, "RemoteUsers");
+ binding.setAlias(JSSSOSites.class, "SSOSites");
+
binding.setClassAttribute(null);
}
@@ -1860,6 +1903,112 @@
}
/**
+ * Create the SSO Site Wrapper
+ *
+ * @param s sso site
+ * @return sso site wrapper
+ */
+ private JSSSOSite createSSOSite(SSOSite s)
+ {
+ JSSSOSite site = new JSSSOSite();
+ site.setName(s.getName());
+ site.setSiteURL(s.getSiteURL());
+ site.setAllowUserSet(s.isAllowUserSet());
+ site.setCertificateRequired(s.isCertificateRequired());
+ site.setChallengeResponseAuthentication(s.isChallengeResponseAuthentication());
+ site.setRealm(s.getRealm());
+ site.setFormAuthentication(s.isFormAuthentication());
+ site.setFormUserField(s.getFormUserField());
+ site.setFormPwdField(s.getFormPwdField());
+
+ Iterator rupIter = s.getRemotePrincipals().iterator();
+ while (rupIter.hasNext())
+ {
+ InternalUserPrincipal rup = (InternalUserPrincipal)rupIter.next();
+ InternalCredential rupCredential = null;
+ Collection rupCredentials = rup.getCredentials();
+ if (rupCredentials != null)
+ {
+ rupCredential = (InternalCredential)rupCredentials.iterator().next();
+ }
+ if (rupCredential != null)
+ {
+ String rupPath = rup.getFullPath();
+ String rupPrincipalType = null;
+ String rupPrincipalName = null;
+ String rupName = null;
+ String [] names = null;
+ if (rupPath.startsWith("/sso/") && rupPath.contains("/user/"))
+ {
+ rupPrincipalType = "user";
+ names = rupPath.replaceAll("^/sso/[0-9]+/user/", "").split("/");
+ }
+ else if (rupPath.startsWith("/sso/") && rupPath.contains("/group/"))
+ {
+ rupPrincipalType = "group";
+ names = rupPath.replaceAll("^/sso/[0-9]+/group/", "").split("/");
+ }
+ if ((names != null) && (names.length == 2))
+ {
+ rupPrincipalName = names[0];
+ rupName = names[1];
+ }
+ if ((rupPrincipalType != null) && (rupPrincipalName != null) && (rupPrincipalName.length() > 0) && (rupName != null) && (rupName.length() > 0))
+ {
+ JSSSOSiteRemoteUser siteRemoteUser = new JSSSOSiteRemoteUser();
+ siteRemoteUser.setPrincipalName(rupPrincipalName);
+ siteRemoteUser.setPrincipalType(rupPrincipalType);
+ siteRemoteUser.setUserCredential(rupName, rupCredential.getValue().toCharArray());
+ site.addRemoteUser(siteRemoteUser);
+ }
+ }
+ }
+
+ return site;
+ }
+
+ /**
+ * extract SSO sites and save in snapshot file
+ *
+ * @throws SerializerException
+ */
+ private void getSSOSites() throws SerializerException
+ {
+ SSOProvider ssoProvider = (SSOProvider) getCM().getComponent("org.apache.jetspeed.sso.SSOProvider");
+ if (ssoProvider == null)
+ {
+ throw new SerializerException(SerializerException.COMPONENTMANAGER_DOES_NOT_EXIST.create("org.apache.jetspeed.sso.SSOProvider"));
+ }
+
+ Iterator list = null;
+ try
+ {
+ list = ssoProvider.getSites("");
+ }
+ catch (Exception e)
+ {
+ throw new SerializerException(SerializerException.GET_EXISTING_OBJECTS.create(new String[]{"SSOSites", e.getMessage()}));
+ }
+ while (list.hasNext())
+ {
+ try
+ {
+ SSOSite s = (SSOSite) list.next();
+ if (!(ssoSitesMap.containsKey(s.getSiteURL())))
+ {
+ JSSSOSite site = createSSOSite(s);
+ ssoSitesMap.put(site.getSiteURL(), site);
+ ((JSSeedData)getSnapshot()).getSSOSites().add(site);
+ }
+ }
+ catch (Exception e)
+ {
+ throw new SerializerException(SerializerException.CREATE_SERIALIZED_OBJECT_FAILED.create(new String[]{"SSOSites", e.getMessage()}));
+ }
+ }
+ }
+
+ /**
* ++++++++++++++++++++++++++++++HELPERS
* +++++++++++++++++++++++++++++++++++++++++++++
*/
@@ -2001,5 +2150,95 @@
}
+ /**
+ * Construct SSO site from (JS) SSOSite.
+ *
+ * @param ssoProvider SSO provider
+ * @param site SSO site
+ * @param s existing SSO site
+ * @return created SSO site
+ * @throws SerializerException
+ * @throws SSOException
+ */
+ private SSOSite recreateSSOSite(SSOProvider ssoProvider, JSSSOSite site, SSOSite s) throws SerializerException, SSOException
+ {
+ if (s != null)
+ {
+ ssoProvider.removeSite(s);
+ }
+
+ ssoProvider.addSite(site.getName(), site.getSiteURL());
+ s = ssoProvider.getSite(site.getSiteURL());
+ s.setAllowUserSet(site.isAllowUserSet());
+ s.setCertificateRequired(site.isCertificateRequired());
+ s.setChallengeResponseAuthentication(site.isChallengeResponseAuthentication());
+ s.setRealm(site.getRealm());
+ s.setFormAuthentication(site.isFormAuthentication());
+ s.setFormUserField(site.getFormUserField());
+ s.setFormPwdField(site.getFormPwdField());
+
+ if (site.getRemoteUsers() != null)
+ {
+ Iterator ruIter = site.getRemoteUsers().iterator();
+ while (ruIter.hasNext())
+ {
+ JSSSOSiteRemoteUser rUser = (JSSSOSiteRemoteUser)ruIter.next();
+ if (rUser.getPassword() != null)
+ {
+ String pName = rUser.getPrincipalName();
+ String pFullPath = "/"+rUser.getPrincipalType()+"/"+pName;
+ String rName = rUser.getName();
+ String rPassword = new String(rUser.getPassword());
+ ssoProvider.addCredentialsForSite(s, pFullPath, pName, rName, rPassword);
+ }
+ }
+ }
+
+ return s;
+ }
+
+ /**
+ * Create imported SSO sites.
+ *
+ * @throws SerializerException
+ */
+ private void recreateSSOSites() throws SerializerException
+ {
+ logMe("recreateSSOSites - processing");
+
+ SSOProvider ssoProvider = (SSOProvider) getCM().getComponent("org.apache.jetspeed.sso.SSOProvider");
+ if (ssoProvider == null)
+ {
+ throw new SerializerException(SerializerException.COMPONENTMANAGER_DOES_NOT_EXIST.create("org.apache.jetspeed.sso.SSOProvider"));
+ }
+ JSSSOSites sites = ((JSSeedData)getSnapshot()).getSSOSites();
+ if ((sites != null) && (sites.size() > 0))
+ {
+ Iterator sitesIter = sites.iterator();
+ while (sitesIter.hasNext())
+ {
+ JSSSOSite site = (JSSSOSite)sitesIter.next();
+ try
+ {
+ SSOSite s = ssoProvider.getSite(site.getSiteURL());
+ if ((s == null) || getSetting(JetspeedSerializer.KEY_OVERWRITE_EXISTING))
+ {
+ s = recreateSSOSite(ssoProvider, site, s);
+ ssoProvider.updateSite(s);
+ }
+ }
+ catch (Exception e)
+ {
+ throw new SerializerException(SerializerException.CREATE_OBJECT_FAILED.create("SSOSite",e.getLocalizedMessage()));
+ }
+ }
+ }
+ else
+ {
+ logMe("NO SSO SITES?????");
+ }
+
+ logMe("recreateSSOSites - done");
+ }
}
Added: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSite.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSite.java?rev=788615&view=auto
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSite.java (added)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSite.java Fri Jun 26 07:33:51 2009
@@ -0,0 +1,226 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.serializer.objects;
+
+import javolution.xml.XMLFormat;
+import javolution.xml.stream.XMLStreamException;
+
+import org.apache.commons.lang.StringEscapeUtils;
+
+/**
+ * Jetspeed Serialized (JS) SSOSite
+ *
+ * @author <a href="mailto:rwatler@apache.org">Randy Watler</a>
+ * @version $Id: $
+ */
+public class JSSSOSite
+{
+ private String name;
+
+ private String siteURL;
+
+ private boolean allowUserSet;
+
+ private boolean certificateRequired;
+
+ private boolean challengeResponseAuthentication;
+
+ private String realm;
+
+ private boolean formAuthentication;
+
+ private String formUserField;
+
+ private String formPwdField;
+
+ private JSSSOSiteRemoteUsers remoteUsers;
+
+ public JSSSOSite()
+ {
+ }
+
+ public String getName()
+ {
+ return name;
+ }
+
+ public void setName(String name)
+ {
+ this.name = name;
+ }
+
+ public String getSiteURL()
+ {
+ return siteURL;
+ }
+
+ public void setSiteURL(String siteURL)
+ {
+ this.siteURL = siteURL;
+ }
+
+ public boolean isAllowUserSet()
+ {
+ return allowUserSet;
+ }
+
+ public void setAllowUserSet(boolean allowUserSet)
+ {
+ this.allowUserSet = allowUserSet;
+ }
+
+ public boolean isCertificateRequired()
+ {
+ return certificateRequired;
+ }
+
+ public void setCertificateRequired(boolean certificateRequired)
+ {
+ this.certificateRequired = certificateRequired;
+ }
+
+ public boolean isChallengeResponseAuthentication()
+ {
+ return challengeResponseAuthentication;
+ }
+
+ public void setChallengeResponseAuthentication(boolean challengeResponseAuthentication)
+ {
+ this.challengeResponseAuthentication = challengeResponseAuthentication;
+ }
+
+ public String getRealm()
+ {
+ return realm;
+ }
+
+ public void setRealm(String realm)
+ {
+ this.realm = realm;
+ }
+
+ public boolean isFormAuthentication()
+ {
+ return formAuthentication;
+ }
+
+ public void setFormAuthentication(boolean formAuthentication)
+ {
+ this.formAuthentication = formAuthentication;
+ }
+
+ public String getFormUserField()
+ {
+ return formUserField;
+ }
+
+ public void setFormUserField(String formUserField)
+ {
+ this.formUserField = formUserField;
+ }
+
+ public String getFormPwdField()
+ {
+ return formPwdField;
+ }
+
+ public void setFormPwdField(String formPwdField)
+ {
+ this.formPwdField = formPwdField;
+ }
+
+ public JSSSOSiteRemoteUsers getRemoteUsers()
+ {
+ return remoteUsers;
+ }
+
+ public void setRemoteUsers(JSSSOSiteRemoteUsers remoteUsers)
+ {
+ this.remoteUsers = remoteUsers;
+ }
+
+ public void addRemoteUser(JSSSOSiteRemoteUser remoteUser)
+ {
+ if (remoteUsers == null)
+ {
+ remoteUsers = new JSSSOSiteRemoteUsers();
+ }
+ remoteUsers.add(remoteUser);
+ }
+
+ /***************************************************************************
+ * SERIALIZER
+ */
+ private static final XMLFormat XML = new XMLFormat(JSSSOSite.class)
+ {
+ public void write(Object o, OutputElement xml) throws XMLStreamException
+ {
+ try
+ {
+ JSSSOSite g = (JSSSOSite) o;
+
+ xml.setAttribute("name", g.getName());
+ xml.setAttribute("siteURL", g.getSiteURL());
+ xml.setAttribute("allowUserSet", g.isAllowUserSet());
+ xml.setAttribute("certificateRequired", g.isCertificateRequired());
+ xml.setAttribute("challengeResponseAuthentication", g.isChallengeResponseAuthentication());
+ xml.setAttribute("realm", g.getRealm());
+ xml.setAttribute("formAuthentication", g.isFormAuthentication());
+ xml.setAttribute("formUserField", g.getFormUserField());
+ xml.setAttribute("formPwdField", g.getFormPwdField());
+
+ xml.add(g.getRemoteUsers());
+ }
+ catch (Exception e)
+ {
+ e.printStackTrace();
+ }
+ }
+
+ public void read(InputElement xml, Object o)
+ {
+ try
+ {
+ JSSSOSite g = (JSSSOSite) o;
+
+ g.setName(StringEscapeUtils.unescapeHtml(xml.getAttribute("name", (String)null)));
+ g.setSiteURL(StringEscapeUtils.unescapeHtml(xml.getAttribute("siteURL", (String)null)));
+ g.setAllowUserSet(Boolean.parseBoolean(StringEscapeUtils.unescapeHtml(xml.getAttribute("allowUserSet", "false"))));
+ g.setCertificateRequired(Boolean.parseBoolean(StringEscapeUtils.unescapeHtml(xml.getAttribute("certificateRequired", "false"))));
+ g.setChallengeResponseAuthentication(Boolean.parseBoolean(StringEscapeUtils.unescapeHtml(xml.getAttribute("challengeResponseAuthentication", "false"))));
+ g.setRealm(StringEscapeUtils.unescapeHtml(xml.getAttribute("realm", (String)null)));
+ g.setFormAuthentication(Boolean.parseBoolean(StringEscapeUtils.unescapeHtml(xml.getAttribute("formAuthentication", "false"))));
+ g.setFormUserField(StringEscapeUtils.unescapeHtml(xml.getAttribute("formUserField", (String)null)));
+ g.setFormPwdField(StringEscapeUtils.unescapeHtml(xml.getAttribute("formPwdField", (String)null)));
+
+ Object o1 = null;
+ while (xml.hasNext())
+ {
+ o1 = xml.getNext();
+ if (o1 instanceof JSSSOSiteRemoteUsers)
+ {
+ g.setRemoteUsers((JSSSOSiteRemoteUsers)o1);
+ }
+ }
+ }
+ catch (Exception e)
+ {
+ e.printStackTrace();
+ }
+ }
+ };
+}
Added: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSiteRemoteUser.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSiteRemoteUser.java?rev=788615&view=auto
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSiteRemoteUser.java (added)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSiteRemoteUser.java Fri Jun 26 07:33:51 2009
@@ -0,0 +1,133 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.serializer.objects;
+
+import javolution.xml.XMLFormat;
+import javolution.xml.stream.XMLStreamException;
+
+import org.apache.commons.lang.StringEscapeUtils;
+
+/**
+ * Jetspeed Serialized (JS) SSORemoteUser
+ *
+ * @author <a href="mailto:rwatler@apache.org">Randy Watler</a>
+ * @version $Id: $
+ */
+public class JSSSOSiteRemoteUser
+{
+ private String principalName;
+
+ private String principalType;
+
+ private String name;
+
+ private char[] password;
+
+ public JSSSOSiteRemoteUser()
+ {
+ }
+
+ public String getPrincipalName()
+ {
+ return principalName;
+ }
+
+ public void setPrincipalName(String principalName)
+ {
+ this.principalName = principalName;
+ }
+
+ public String getPrincipalType()
+ {
+ return principalType;
+ }
+
+ public void setPrincipalType(String principalType)
+ {
+ this.principalType = principalType;
+ }
+
+ public String getName()
+ {
+ return name;
+ }
+
+ public void setName(String name)
+ {
+ this.name = name;
+ }
+
+ public char[] getPassword()
+ {
+ return password;
+ }
+
+ public void setPassword(char[] password)
+ {
+ this.password = password;
+ }
+
+ public void setUserCredential(String name, char[] password)
+ {
+ setName(name);
+ setPassword(password);
+ }
+
+ /***************************************************************************
+ * SERIALIZER
+ */
+ private static final XMLFormat XML = new XMLFormat(JSSSOSiteRemoteUser.class)
+ {
+ public void write(Object o, OutputElement xml) throws XMLStreamException
+ {
+ try
+ {
+ JSSSOSiteRemoteUser g = (JSSSOSiteRemoteUser) o;
+
+ xml.setAttribute("principalName", g.getPrincipalName());
+ xml.setAttribute("principalType", g.getPrincipalType());
+ xml.setAttribute("name", g.getName());
+ if (g.getPassword() != null)
+ {
+ xml.setAttribute("password", new String(g.getPassword()));
+ }
+ }
+ catch (Exception e)
+ {
+ e.printStackTrace();
+ }
+ }
+
+ public void read(InputElement xml, Object o)
+ {
+ try
+ {
+ JSSSOSiteRemoteUser g = (JSSSOSiteRemoteUser) o;
+
+ g.setPrincipalName(StringEscapeUtils.unescapeHtml(xml.getAttribute("principalName", (String)null)));
+ g.setPrincipalType(StringEscapeUtils.unescapeHtml(xml.getAttribute("principalType", (String)null)));
+ g.setName(StringEscapeUtils.unescapeHtml(xml.getAttribute("name", (String)null)));
+ String passwordString = StringEscapeUtils.unescapeHtml(xml.getAttribute("password", (String)null));
+ g.setPassword((passwordString != null) ? passwordString.toCharArray() : null);
+ }
+ catch (Exception e)
+ {
+ e.printStackTrace();
+ }
+ }
+ };
+}
Added: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSiteRemoteUsers.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSiteRemoteUsers.java?rev=788615&view=auto
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSiteRemoteUsers.java (added)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSiteRemoteUsers.java Fri Jun 26 07:33:51 2009
@@ -0,0 +1,31 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.serializer.objects;
+
+import java.util.ArrayList;
+
+
+/**
+ * Simple wrapper class for XML serialization
+ *
+ * @author <a href="mailto:rwatler@apache.org">Randy Watler</a>
+ * @version $Id: $
+ *
+ */
+public class JSSSOSiteRemoteUsers extends ArrayList
+{
+}
Added: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSites.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSites.java?rev=788615&view=auto
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSites.java (added)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSites.java Fri Jun 26 07:33:51 2009
@@ -0,0 +1,31 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.serializer.objects;
+
+import java.util.ArrayList;
+
+
+/**
+ * Simple wrapper class for XML serialization
+ *
+ * @author <a href="mailto:rwatler@apache.org">Randy Watler</a>
+ * @version $Id: $
+ *
+ */
+public class JSSSOSites extends ArrayList
+{
+}
Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSeedData.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSeedData.java?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSeedData.java (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSeedData.java Fri Jun 26 07:33:51 2009
@@ -50,6 +50,8 @@
private JSProfilingRules rules;
private String defaultRule;
+
+ private JSSSOSites ssoSites;
/**
* check the software version and subvversion against the saved
@@ -98,6 +100,7 @@
users = new JSUsers();
permissions = new JSPermissions();
rules = new JSProfilingRules();
+ ssoSites = new JSSSOSites();
}
@@ -136,6 +139,7 @@
xml.add(g.getPermissions());
xml.add(g.getRules());
+ xml.add(g.getSSOSites());
} catch (Exception e)
{
e.printStackTrace();
@@ -175,6 +179,8 @@
g.permissions = (JSPermissions) o1;
else if (o1 instanceof JSProfilingRules)
g.rules = (JSProfilingRules) o1;
+ else if (o1 instanceof JSSSOSites)
+ g.ssoSites = (JSSSOSites) o1;
}
} catch (Exception e)
{
@@ -377,4 +383,20 @@
this.defaultRule = defaultRule;
}
+ /**
+ * @return Returns the SSOSites.
+ */
+ public JSSSOSites getSSOSites()
+ {
+ return ssoSites;
+ }
+
+ /**
+ * @param sites
+ * The SSO sites to set.
+ */
+ public void setSSOSites(JSSSOSites sites)
+ {
+ this.ssoSites = sites;
+ }
}
Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/JETSPEED-INF/ojb/sso_repository.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/JETSPEED-INF/ojb/sso_repository.xml?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/JETSPEED-INF/ojb/sso_repository.xml (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/JETSPEED-INF/ojb/sso_repository.xml Fri Jun 26 07:33:51 2009
@@ -151,7 +151,7 @@
</field-descriptor>
<field-descriptor
- name="isChallangeResponseAuthentication"
+ name="isChallengeResponseAuthentication"
column="CHALLENGE_RESPONSE_AUTH"
jdbc-type="INTEGER"
conversion="org.apache.ojb.broker.accesslayer.conversions.Boolean2IntFieldConversion"
Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java Fri Jun 26 07:33:51 2009
@@ -448,12 +448,11 @@
}
/* addCredential()
- * Adds credentials for a user to the site. If the site doesn't exist it will be created
+ * Adds credentials for a user to the site. If the site doesn't exist it will be created
* @see org.apache.jetspeed.sso.SSOProvider#addCredentialsForSite(javax.security.auth.Subject, java.lang.String, java.lang.String)
*/
- public void addCredentialsForSite(Subject subject, String remoteUser, String site, String pwd)
- throws SSOException {
-
+ public void addCredentialsForSite(Subject subject, String remoteUser, String site, String pwd) throws SSOException
+ {
// Check if an entry for the site already exists otherwise create a new one
SSOSite ssoSite = getSSOSiteObject(site);
if (ssoSite == null)
@@ -469,98 +468,17 @@
ssoSite.setFormAuthentication(false);
// Store the site so that we get a valid SSOSiteID
- try
- {
- getPersistenceBrokerTemplate().store(ssoSite);
- }
- catch (Exception e)
- {
- e.printStackTrace();
- throw new SSOException(SSOException.FAILED_STORING_SITE_INFO_IN_DB + e.toString() );
- }
+ updateSite(ssoSite);
}
- // Get the Principal information (logged in user)
+ // Get the Principal information, (logged in user), and add
+ // principals and credentials as needed
String fullPath = ((BasePrincipal)SecurityHelper.getBestPrincipal(subject, UserPrincipal.class)).getFullPath();
String principalName = ((BasePrincipal)SecurityHelper.getBestPrincipal(subject, UserPrincipal.class)).getName();
-
- // Add an entry for the principal to the site if it doesn't exist
- SSOPrincipal principal = this.getPrincipalForSite(ssoSite, fullPath);
-
- if (principal == null )
- {
- principal = getSSOPrincipal(fullPath);
- ssoSite.addPrincipal(principal);
- }
- else
- {
- // Check if the entry the user likes to update exists already
- Collection remoteForSite = ssoSite.getRemotePrincipals();
- Collection principalsForSite = ssoSite.getPrincipals();
-
- if ( remoteForSite != null && principalsForSite != null)
- {
- Collection remoteForPrincipals = this.getRemotePrincipalsForPrincipal(principalsForSite, fullPath);
- if ( remoteForPrincipals != null)
- {
- if (findRemoteMatch(remoteForPrincipals, remoteForSite) != null )
- {
- // Entry exists can't to an add has to call update
- throw new SSOException(SSOException.REMOTE_PRINCIPAL_EXISTS_CALL_UPDATE);
- }
- }
- }
- }
-
- if (principal == null)
- throw new SSOException(SSOException.FAILED_ADDING_PRINCIPAL_TO_MAPPING_TABLE_FOR_SITE);
-
- // Create a remote principal and credentials
- InternalUserPrincipalImpl remotePrincipal = new InternalUserPrincipalImpl(remoteUser);
-
- /*
- * The RemotePrincipal (class InternalUserPrincipal) will have a fullPath that identifies the entry as an SSO credential.
- * The entry has to be unique for a site and principal (GROUP -or- USER ) an therefore it needs to be encoded as following:
- * The convention for the path is the following: /sso/SiteID/{user|group}/{user name | group name}/remote user name
- */
- if ( fullPath.indexOf("/group/") > -1)
- remotePrincipal.setFullPath("/sso/" + ssoSite.getSiteId() + "/group/"+ principalName + "/" + remoteUser);
- else
- remotePrincipal.setFullPath("/sso/" + ssoSite.getSiteId() + "/user/"+ principalName + "/" + remoteUser);
-
- // New credential object for remote principal
- InternalCredentialImpl credential =
- new InternalCredentialImpl(remotePrincipal.getPrincipalId(),
- this.scramble(pwd), 0, DefaultPasswordCredentialImpl.class.getName());
-
- if ( remotePrincipal.getCredentials() == null)
- remotePrincipal.setCredentials(new ArrayList(0));
-
- remotePrincipal.getCredentials().add( credential);
-
- // Add it to Principals remotePrincipals list
- principal.addRemotePrincipal(remotePrincipal);
-
- // Update the site remotePrincipals list
- ssoSite.getRemotePrincipals().add(remotePrincipal);
-
+ addCredentialsForSite(ssoSite, fullPath, principalName, remoteUser, scramble(pwd));
// Update database and reset cache
- try
- {
- getPersistenceBrokerTemplate().store(ssoSite);
-
- // Persist Principal/Remote
- getPersistenceBrokerTemplate().store(principal);
- }
- catch (Exception e)
- {
- e.printStackTrace();
- throw new SSOException(SSOException.FAILED_STORING_SITE_INFO_IN_DB + e.toString() );
- }
-
- // Add to site
- this.mapSite.put(site, ssoSite);
+ updateSite(ssoSite);
}
/* (non-Javadoc)
@@ -1037,7 +955,14 @@
filter.addEqualTo("siteURL", siteUrl);
Query query = QueryFactory.newQuery(SSOSiteImpl.class, filter);
SSOSite site = (SSOSite) getPersistenceBrokerTemplate().getObjectByQuery(query);
- this.mapSite.put(siteUrl, site);
+ if (site != null)
+ {
+ this.mapSite.put(siteUrl, site);
+ }
+ else
+ {
+ this.mapSite.remove(siteUrl);
+ }
return site;
}
@@ -1148,7 +1073,7 @@
try
{
getPersistenceBrokerTemplate().delete(site);
- this.mapSite.remove(site);
+ this.mapSite.remove(site.getSiteURL());
}
catch (Exception e)
@@ -1437,22 +1362,31 @@
return result;
}
- public void addCredentialsForSite(SSOSite ssoSite, Subject subject, String remoteUser, String pwd)
- throws SSOException
+ /* (non-Javadoc)
+ * @see org.apache.jetspeed.sso.SSOProvider#addCredentialsForSite(org.apache.jetspeed.sso.SSOSite, javax.security.auth.Subject, java.lang.String, java.lang.String)
+ */
+ public void addCredentialsForSite(SSOSite ssoSite, Subject subject, String remoteUser, String pwd) throws SSOException
{
- String fullPath = ((BasePrincipal) SecurityHelper.getBestPrincipal(
- subject, UserPrincipal.class)).getFullPath();
- String principalName = ((BasePrincipal) SecurityHelper
- .getBestPrincipal(subject, UserPrincipal.class)).getName();
+ String fullPath = ((BasePrincipal) SecurityHelper.getBestPrincipal(subject, UserPrincipal.class)).getFullPath();
+ String principalName = ((BasePrincipal) SecurityHelper.getBestPrincipal(subject, UserPrincipal.class)).getName();
+ addCredentialsForSite(ssoSite, fullPath, principalName, remoteUser, scramble(pwd));
+ }
+
+ /* (non-Javadoc)
+ * @see org.apache.jetspeed.sso.SSOProvider#addCredentialsForSite(org.apache.jetspeed.sso.SSOSite, java.lang.String, java.lang.String, java.lang.String, java.lang.String)
+ */
+ public void addCredentialsForSite(SSOSite ssoSite, String principalFullPath, String principalName, String remoteUser, String scrambledPwd) throws SSOException
+ {
// Add an entry for the principal to the site if it doesn't exist
- SSOPrincipal principal = this.getPrincipalForSite(ssoSite, fullPath);
+ SSOPrincipal principal = getPrincipalForSite(ssoSite, principalFullPath);
if (principal == null)
{
- principal = getSSOPrincipal(fullPath);
+ principal = getSSOPrincipal(principalFullPath);
ssoSite.addPrincipal(principal);
- } else
+ }
+ else
{
// Check if the entry the user likes to update exists already
Collection remoteForSite = ssoSite.getRemotePrincipals();
@@ -1460,28 +1394,24 @@
if (remoteForSite != null && principalsForSite != null)
{
- Collection remoteForPrincipals = this
- .getRemotePrincipalsForPrincipal(principalsForSite,
- fullPath);
+ Collection remoteForPrincipals = getRemotePrincipalsForPrincipal(principalsForSite, principalFullPath);
if (remoteForPrincipals != null)
{
if (findRemoteMatch(remoteForPrincipals, remoteForSite) != null)
{
// Entry exists can't to an add has to call update
- throw new SSOException(
- SSOException.REMOTE_PRINCIPAL_EXISTS_CALL_UPDATE);
+ throw new SSOException(SSOException.REMOTE_PRINCIPAL_EXISTS_CALL_UPDATE);
}
}
}
}
-
if (principal == null)
- throw new SSOException(
- SSOException.FAILED_ADDING_PRINCIPAL_TO_MAPPING_TABLE_FOR_SITE);
+ {
+ throw new SSOException(SSOException.FAILED_ADDING_PRINCIPAL_TO_MAPPING_TABLE_FOR_SITE);
+ }
// Create a remote principal and credentials
- InternalUserPrincipalImpl remotePrincipal = new InternalUserPrincipalImpl(
- remoteUser);
+ InternalUserPrincipalImpl remotePrincipal = new InternalUserPrincipalImpl(remoteUser);
/*
* The RemotePrincipal (class InternalUserPrincipal) will have a
@@ -1491,21 +1421,21 @@
* path is the following: /sso/SiteID/{user|group}/{user name | group
* name}/remote user name
*/
- if (fullPath.indexOf("/group/") > -1)
- remotePrincipal.setFullPath("/sso/" + ssoSite.getSiteId()
- + "/group/" + principalName + "/" + remoteUser);
+ if (principalFullPath.indexOf("/group/") > -1)
+ {
+ remotePrincipal.setFullPath("/sso/" + ssoSite.getSiteId() + "/group/" + principalName + "/" + remoteUser);
+ }
else
- remotePrincipal.setFullPath("/sso/" + ssoSite.getSiteId()
- + "/user/" + principalName + "/" + remoteUser);
+ {
+ remotePrincipal.setFullPath("/sso/" + ssoSite.getSiteId() + "/user/" + principalName + "/" + remoteUser);
+ }
// New credential object for remote principal
- InternalCredentialImpl credential = new InternalCredentialImpl(
- remotePrincipal.getPrincipalId(), this.scramble(pwd), 0,
- DefaultPasswordCredentialImpl.class.getName());
-
+ InternalCredentialImpl credential = new InternalCredentialImpl(remotePrincipal.getPrincipalId(), scrambledPwd, 0, DefaultPasswordCredentialImpl.class.getName());
if (remotePrincipal.getCredentials() == null)
+ {
remotePrincipal.setCredentials(new ArrayList(0));
-
+ }
remotePrincipal.getCredentials().add(credential);
// Add it to Principals remotePrincipals list
@@ -1514,7 +1444,7 @@
// Update the site remotePrincipals list
ssoSite.getRemotePrincipals().add(remotePrincipal);
- // Update database and reset cache
+ // Update principal in database, (defer site update)
try
{
getPersistenceBrokerTemplate().store(principal);
@@ -1522,8 +1452,7 @@
catch (Exception e)
{
e.printStackTrace();
- throw new SSOException(SSOException.FAILED_STORING_SITE_INFO_IN_DB
- + e.toString());
+ throw new SSOException(SSOException.FAILED_STORING_SITE_INFO_IN_DB + e.toString());
}
}
Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/SSOSiteImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/SSOSiteImpl.java?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/SSOSiteImpl.java (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/SSOSiteImpl.java Fri Jun 26 07:33:51 2009
@@ -43,7 +43,7 @@
private boolean isAllowUserSet;
private boolean isCertificateRequired;
- private boolean isChallangeResponseAuthentication;
+ private boolean isChallengeResponseAuthentication;
/* Realm used to do ChallengeResponse Authentication */
private String realm;
@@ -260,13 +260,13 @@
this.formUserField = formUserField;
}
- public boolean isChallangeResponseAuthentication() {
- return isChallangeResponseAuthentication;
+ public boolean isChallengeResponseAuthentication() {
+ return isChallengeResponseAuthentication;
}
public void setChallengeResponseAuthentication(
- boolean isChallangeResponseAuthentication) {
- this.isChallangeResponseAuthentication = isChallangeResponseAuthentication;
+ boolean isChallengeResponseAuthentication) {
+ this.isChallengeResponseAuthentication = isChallengeResponseAuthentication;
}
public boolean isFormAuthentication() {
Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/etc/build-with-DDLUTILS.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/etc/build-with-DDLUTILS.xml?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/etc/build-with-DDLUTILS.xml (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/etc/build-with-DDLUTILS.xml Fri Jun 26 07:33:51 2009
@@ -590,6 +590,7 @@
<include name="capabilities.xml"/>
<include name="prefs.xml"/>
<include name="profiler.xml"/>
+ <include name="sso.xml"/>
<include name="jetspeed-spring.xml"/>
<include name="registry.xml"/>
<include name="transaction.xml"/>
@@ -632,6 +633,9 @@
<dependency groupId="${org.apache.jetspeed.deploy.groupid}"
artifactId="jetspeed-profiler"
version="${org.apache.jetspeed.deploy.version}"/>
+ <dependency groupId="${org.apache.jetspeed.deploy.groupid}"
+ artifactId="jetspeed-sso"
+ version="${org.apache.jetspeed.deploy.version}"/>
<dependency groupId="portlet-api"
artifactId="portlet-api"
version="${portlet-api.version}"/>
@@ -1693,6 +1697,7 @@
+ <include name="profiler.xml"/>
+ <include name="jetspeed-spring.xml"/>
+ <include name="registry.xml"/>
++ <include name="sso.xml"/>
+ <include name="transaction.xml"/>
+ </fileset>
+ </copy>
Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/etc/build.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/etc/build.xml?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/etc/build.xml (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/etc/build.xml Fri Jun 26 07:33:51 2009
@@ -476,6 +476,7 @@
<include name="capabilities.xml"/>
<include name="prefs.xml"/>
<include name="profiler.xml"/>
+ <include name="sso.xml"/>
<include name="transaction.xml"/>
<include name="cache.xml" />
</fileset>
@@ -528,6 +529,9 @@
artifactId="jetspeed-profiler"
version="${org.apache.jetspeed.deploy.version}"/>
<dependency groupId="${org.apache.jetspeed.deploy.groupid}"
+ artifactId="jetspeed-sso"
+ version="${org.apache.jetspeed.deploy.version}"/>
+ <dependency groupId="${org.apache.jetspeed.deploy.groupid}"
artifactId="jetspeed-registry"
version="${org.apache.jetspeed.deploy.version}"/>
<dependency groupId="${org.apache.jetspeed.deploy.groupid}"
Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/installer/etc/database/build.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/installer/etc/database/build.xml?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/installer/etc/database/build.xml (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/installer/etc/database/build.xml Fri Jun 26 07:33:51 2009
@@ -339,6 +339,7 @@
<include name="capabilities.xml" />
<include name="prefs.xml" />
<include name="profiler.xml" />
+ <include name="sso.xml" />
<include name="transaction.xml" />
<include name="cache.xml" />
</fileset>
Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/serializer/JetspeedSerializer.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/serializer/JetspeedSerializer.java?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/serializer/JetspeedSerializer.java (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/serializer/JetspeedSerializer.java Fri Jun 26 07:33:51 2009
@@ -87,6 +87,9 @@
public final static String KEY_BACKUP_BEFORE_PROCESS = "backup_before_process"
.intern();
+ public final static String KEY_PROCESS_SSO = "process_sso"
+ .intern();
+
/** export/import instructions secondary*/
public final static String KEY_PROCESS_ENTITIES = "process_entities".intern();
public final static String KEY_PROCESS_PREFERENCES = "process_preferences".intern();
Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOProvider.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOProvider.java?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOProvider.java (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOProvider.java Fri Jun 26 07:33:51 2009
@@ -138,6 +138,18 @@
*/
public void addCredentialsForSite(SSOSite ssoSite, Subject subject, String remoteUser, String pwd)
throws SSOException;
+
+ /**
+ * Add credentials inside a transaction using existing ssoSite for specified principal
+ * @param ssoSite
+ * @param principalFullPath
+ * @param principalName
+ * @param remoteUser
+ * @param scrambledPwd
+ * @throws SSOException
+ */
+ public void addCredentialsForSite(SSOSite ssoSite, String principalFullPath, String principalName, String remoteUser, String scrambledPwd)
+ throws SSOException;
/**
* removeCredentialsForSite()
Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOSite.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOSite.java?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOSite.java (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOSite.java Fri Jun 26 07:33:51 2009
@@ -130,7 +130,7 @@
*/
public void setChallengeResponseAuthentication(boolean isChallengeResponseAuthentication);
- public boolean isChallangeResponseAuthentication();
+ public boolean isChallengeResponseAuthentication();
public boolean isFormAuthentication();
public String getFormPwdField();
Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-archetypes/portal/build.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-archetypes/portal/build.xml?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-archetypes/portal/build.xml (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-archetypes/portal/build.xml Fri Jun 26 07:33:51 2009
@@ -120,6 +120,7 @@
<include name="capabilities.xml"/>
<include name="prefs.xml"/>
<include name="profiler.xml"/>
+ <include name="sso.xml"/>
<include name="cache.xml"/>
<include name="transaction.xml"/>
</fileset>
Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-archetypes/portal/src/archetype/archetype-resources/etc/build.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-archetypes/portal/src/archetype/archetype-resources/etc/build.xml?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-archetypes/portal/src/archetype/archetype-resources/etc/build.xml (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-archetypes/portal/src/archetype/archetype-resources/etc/build.xml Fri Jun 26 07:33:51 2009
@@ -477,6 +477,7 @@
<include name="capabilities.xml"/>
<include name="prefs.xml"/>
<include name="profiler.xml"/>
+ <include name="sso.xml"/>
<include name="transaction.xml"/>
</fileset>
</copy>
@@ -536,6 +537,9 @@
<dependency groupId="${org.apache.jetspeed.deploy.groupid}"
artifactId="jetspeed-portal"
version="${org.apache.jetspeed.deploy.version}"/>
+ <dependency groupId="${org.apache.jetspeed.deploy.groupid}"
+ artifactId="jetspeed-sso"
+ version="${org.apache.jetspeed.deploy.version}"/>
<dependency groupId="portlet-api"
artifactId="portlet-api"
version="${portlet-api.version}"/>
@@ -580,4 +584,4 @@
</target>
-</project>
\ No newline at end of file
+</project>
Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-plugin/plugin-with-DDLUTILS.jelly
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-plugin/plugin-with-DDLUTILS.jelly?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-plugin/plugin-with-DDLUTILS.jelly (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-plugin/plugin-with-DDLUTILS.jelly Fri Jun 26 07:33:51 2009
@@ -920,6 +920,7 @@
<include name="prefs.xml"/>
<include name="profiler.xml"/>
<include name="registry.xml"/>
+ <include name="sso.xml"/>
<include name="transaction.xml"/>
</fileset>
</copy>
@@ -1780,6 +1781,7 @@
+ <include name="prefs.xml"/>
+ <include name="profiler.xml"/>
+ <include name="registry.xml"/>
++ <include name="sso.xml"/>
+ <include name="transaction.xml"/>
+ </fileset>
+ </copy>
Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-plugin/plugin.jelly
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-plugin/plugin.jelly?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-plugin/plugin.jelly (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-plugin/plugin.jelly Fri Jun 26 07:33:51 2009
@@ -1098,6 +1098,7 @@
<include name="capabilities.xml"/>
<include name="prefs.xml"/>
<include name="profiler.xml"/>
+ <include name="sso.xml"/>
<include name="transaction.xml"/>
<include name="cache.xml"/>
</fileset>
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org