You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@lenya.apache.org by an...@apache.org on 2007/12/14 17:40:58 UTC
svn commit: r604221 - in
/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac: ./
file/ impl/ shibboleth/
Author: andreas
Date: Fri Dec 14 08:40:56 2007
New Revision: 604221
URL: http://svn.apache.org/viewvc?rev=604221&view=rev
Log:
Minor re-design of group affiliation and transient item handling: The groups don't store their member list anymore, but determine it dynamically (expensive, but only used for administration usecases). The transient items aren't attached to the item managers anymore. These changes simplify the code a lot.
Removed:
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/TransientItemConfiguration.java
Modified:
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/Group.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/Identity.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/User.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileGroupManager.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileIPRangeManager.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileItemManager.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FilePolicyManager.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileRoleManager.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileUser.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileUserManager.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AbstractGroup.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AbstractGroupable.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AbstractUser.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AnonymousAuthenticator.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/TransientUser.java
lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/shibboleth/ShibbolethAuthenticator.java
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/Group.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/Group.java?rev=604221&r1=604220&r2=604221&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/Group.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/Group.java Fri Dec 14 08:40:56 2007
@@ -48,7 +48,7 @@
void removeAllMembers();
/**
- * Returns if this group contains this member.
+ * Returns if this group explicitly contains this member. The rule is not considered.
* @param member The member to check.
* @return A boolean value.
*/
@@ -76,5 +76,11 @@
* @return The rule or <code>null</code> if no rule is set.
*/
String getRule();
+
+ /**
+ * @param user The user.
+ * @return if the group's rule matches this user.
+ */
+ boolean matches(User user);
}
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/Identity.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/Identity.java?rev=604221&r1=604220&r2=604221&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/Identity.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/Identity.java Fri Dec 14 08:40:56 2007
@@ -25,6 +25,7 @@
import java.util.Set;
import org.apache.cocoon.environment.Session;
+import org.apache.lenya.ac.impl.TransientUser;
import org.apache.log4j.Logger;
/**
@@ -127,6 +128,9 @@
public boolean belongsTo(AccreditableManager manager) throws AccessControlException {
User user = getUser();
if (user == null) {
+ return true;
+ }
+ else if (user instanceof TransientUser) {
return true;
}
else {
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/User.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/User.java?rev=604221&r1=604220&r2=604221&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/User.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/User.java Fri Dec 14 08:40:56 2007
@@ -80,10 +80,4 @@
*/
String[] getAttributeValues(String name) throws AccessControlException;
- /**
- * @return If this user object is persistent, i.e. stored in the Lenya user
- * database (not transient).
- */
- boolean isPersistent();
-
}
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileGroupManager.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileGroupManager.java?rev=604221&r1=604220&r2=604221&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileGroupManager.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileGroupManager.java Fri Dec 14 08:40:56 2007
@@ -55,7 +55,7 @@
* @return a <code>GroupManager</code>
* @throws AccessControlException if no GroupManager could be instanciated
*/
- public static FileGroupManager instance(ServiceManager manager, FileAccreditableManager accrMgr,
+ public static synchronized FileGroupManager instance(ServiceManager manager, FileAccreditableManager accrMgr,
Logger logger) throws AccessControlException {
File configDir = accrMgr.getConfigurationDirectory();
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileIPRangeManager.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileIPRangeManager.java?rev=604221&r1=604220&r2=604221&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileIPRangeManager.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileIPRangeManager.java Fri Dec 14 08:40:56 2007
@@ -61,7 +61,7 @@
* @return an <code>IPRangeManager</code> value
* @exception AccessControlException if an error occurs
*/
- public static FileIPRangeManager instance(ServiceManager manager,
+ public static synchronized FileIPRangeManager instance(ServiceManager manager,
FileAccreditableManager accrMgr, Logger logger) throws AccessControlException {
File configDir = accrMgr.getConfigurationDirectory();
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileItemManager.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileItemManager.java?rev=604221&r1=604220&r2=604221&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileItemManager.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileItemManager.java Fri Dec 14 08:40:56 2007
@@ -47,9 +47,7 @@
import org.apache.lenya.ac.Item;
import org.apache.lenya.ac.ItemManager;
import org.apache.lenya.ac.ItemManagerListener;
-import org.apache.lenya.ac.impl.AbstractItem;
import org.apache.lenya.ac.impl.ItemConfiguration;
-import org.apache.lenya.ac.impl.TransientItemConfiguration;
/**
* Abstract superclass for classes that manage items loaded from configuration
@@ -274,33 +272,11 @@
Item item;
if (items.containsKey(id)) {
item = (Item) items.get(id);
- } else if (allowTransientItems()) {
- try {
- item = createItem(getTransientItemClass());
- TransientItemConfiguration config = new TransientItemConfiguration(id);
- config.configure((AbstractItem) item);
- } catch (AccessControlException e) {
- throw new RuntimeException(e);
- }
} else {
throw new RuntimeException("Item [" + id + "] not found.");
}
return item;
- }
-
- /**
- * @return Override this if you want to allow transient items.
- */
- protected String getTransientItemClass() {
- return null;
- }
-
- /**
- * @return if items should be created on demand.
- */
- protected boolean allowTransientItems() {
- return false;
}
/**
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FilePolicyManager.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FilePolicyManager.java?rev=604221&r1=604220&r2=604221&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FilePolicyManager.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FilePolicyManager.java Fri Dec 14 08:40:56 2007
@@ -440,7 +440,7 @@
removeAccreditable(manager, accreditable, getPoliciesDirectory());
- if (accreditable instanceof User && ((User) accreditable).isPersistent()) {
+ if (accreditable instanceof User) {
Role role = URLPolicy.getAuthorRole(manager);
if (role != null) {
String url = USER_ADMIN_URL + ((User) accreditable).getId() + ".html";
@@ -471,7 +471,7 @@
*/
public void accreditableAdded(AccreditableManager manager, Accreditable accreditable)
throws AccessControlException {
- if (accreditable instanceof User && ((User) accreditable).isPersistent()) {
+ if (accreditable instanceof User) {
Role role = URLPolicy.getAuthorRole(manager);
if (role != null) {
String url = USER_ADMIN_URL + ((User) accreditable).getId() + ".html";
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileRoleManager.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileRoleManager.java?rev=604221&r1=604220&r2=604221&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileRoleManager.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileRoleManager.java Fri Dec 14 08:40:56 2007
@@ -53,7 +53,7 @@
* @return A role manager.
* @throws AccessControlException when something went wrong.
*/
- public static FileRoleManager instance(ServiceManager manager, FileAccreditableManager accrMgr,
+ public static synchronized FileRoleManager instance(ServiceManager manager, FileAccreditableManager accrMgr,
Logger logger) throws AccessControlException {
File configDir = accrMgr.getConfigurationDirectory();
if (!instances.containsKey(configDir)) {
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileUser.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileUser.java?rev=604221&r1=604220&r2=604221&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileUser.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileUser.java Fri Dec 14 08:40:56 2007
@@ -41,8 +41,6 @@
public static final String ID = "identity";
public static final String EMAIL = "email";
public static final String PASSWORD = "password";
- public static final String GROUPS = "groups";
- public static final String GROUP = "group";
public static final String PASSWORD_ATTRIBUTE = "type";
/**
@@ -70,8 +68,7 @@
* Configure this FileUser.
*
* @param config where the user details are specified
- * @throws ConfigurationException if the necessary details aren't specified
- * in the config
+ * @throws ConfigurationException if the necessary details aren't specified in the config
*/
public void configure(Configuration config) throws ConfigurationException {
new ItemConfiguration().configure(this, config);
@@ -87,7 +84,8 @@
FileGroupManager manager = null;
try {
- manager = (FileGroupManager) getItemManager().getAccreditableManager().getGroupManager();
+ manager = (FileGroupManager) getItemManager().getAccreditableManager()
+ .getGroupManager();
} catch (AccessControlException e) {
throw new ConfigurationException(
"Exception when trying to fetch GroupManager for directory: ["
@@ -97,16 +95,10 @@
for (int i = 0; i < groups.length; i++) {
String groupId = groups[i].getValue();
Group group = manager.getGroup(groupId);
-
if (group == null) {
- throw new ConfigurationException("Couldn't find Group for group name ["
- + groupId + "]");
- }
-
- if (!group.contains(this)) {
- group.add(this);
+ throw new ConfigurationException("Group [" + groupId + "] does not exist.");
}
-
+ group.add(this);
}
} else {
// strange, it should have groups
@@ -115,8 +107,7 @@
}
/**
- * Create a configuration from the current user details. Can be used for
- * saving.
+ * Create a configuration from the current user details. Can be used for saving.
*
* @return a <code>Configuration</code>
*/
@@ -200,10 +191,6 @@
public void setConfigurationDirectory(File configurationDirectory) {
assert (configurationDirectory != null) && configurationDirectory.isDirectory();
this.configurationDirectory = configurationDirectory;
- }
-
- public boolean isPersistent() {
- return true;
}
}
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileUserManager.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileUserManager.java?rev=604221&r1=604220&r2=604221&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileUserManager.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/file/FileUserManager.java Fri Dec 14 08:40:56 2007
@@ -33,7 +33,6 @@
import org.apache.lenya.ac.User;
import org.apache.lenya.ac.UserManager;
import org.apache.lenya.ac.UserType;
-import org.apache.lenya.ac.impl.TransientUser;
/**
* File-based user manager implementation.
@@ -59,7 +58,7 @@
* @return an <code>UserManager</code> value
* @exception AccessControlException if an error occurs
*/
- public static FileUserManager instance(ServiceManager manager, FileAccreditableManager accrMgr,
+ public static synchronized FileUserManager instance(ServiceManager manager, FileAccreditableManager accrMgr,
UserType[] userTypes, Logger logger) throws AccessControlException {
File configDir = accrMgr.getConfigurationDirectory();
@@ -122,14 +121,6 @@
*/
protected String getSuffix() {
return SUFFIX;
- }
-
- protected boolean allowTransientItems() {
- return true;
- }
-
- protected String getTransientItemClass() {
- return TransientUser.class.getName();
}
public boolean contains(String userId) {
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AbstractGroup.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AbstractGroup.java?rev=604221&r1=604220&r2=604221&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AbstractGroup.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AbstractGroup.java Fri Dec 14 08:40:56 2007
@@ -20,16 +20,20 @@
package org.apache.lenya.ac.impl;
+import java.util.Arrays;
import java.util.HashSet;
+import java.util.Iterator;
import java.util.Set;
import org.apache.lenya.ac.AccessControlException;
import org.apache.lenya.ac.Accreditable;
+import org.apache.lenya.ac.AccreditableManager;
import org.apache.lenya.ac.AttributeRuleEvaluator;
import org.apache.lenya.ac.Group;
import org.apache.lenya.ac.Groupable;
import org.apache.lenya.ac.Message;
import org.apache.lenya.ac.User;
+import org.apache.lenya.util.Assert;
/**
* A group is a set of {@link Groupable}s.
@@ -48,45 +52,37 @@
public AbstractGroup(String id) {
setId(id);
}
-
- private Set members = new HashSet();
-
+
/**
* Returns the members of this group.
* @return An array of {@link Groupable}s.
*/
public Groupable[] getMembers() {
- Set members = members();
- return (Groupable[]) members.toArray(new Groupable[members.size()]);
- }
-
- private boolean initializing = false;
-
- protected Set members() {
- // First we must make sure that the user and IP range managers
- // are initialized because otherwise the group won't contain their members
- if (!initializing) {
- // avoid race condition
- initializing = true;
- try {
- getItemManager().getAccreditableManager().getUserManager();
- getItemManager().getAccreditableManager().getIPRangeManager();
- } catch (AccessControlException e) {
- throw new RuntimeException(e);
+ Set members = new HashSet();
+ Set groupables = new HashSet();
+ AccreditableManager accrMgr = getItemManager().getAccreditableManager();
+ try {
+ groupables.addAll(Arrays.asList(accrMgr.getUserManager().getUsers()));
+ groupables.addAll(Arrays.asList(accrMgr.getIPRangeManager().getIPRanges()));
+ }
+ catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ for (Iterator i = groupables.iterator(); i.hasNext(); ) {
+ Groupable groupable = (Groupable) i.next();
+ if (Arrays.asList(groupable.getGroups()).contains(this)) {
+ members.add(groupable);
}
- initializing = false;
}
- return this.members;
+ return (Groupable[]) members.toArray(new Groupable[members.size()]);
}
-
+
/**
* Adds a member to this group.
* @param member The member to add.
*/
public void add(Groupable member) {
- Set members = members();
- assert (member != null) && !members.contains(member);
- members.add(member);
+ Assert.notNull("member", member);
member.addedToGroup(this);
}
@@ -95,9 +91,7 @@
* @param member The member to remove.
*/
public void remove(Groupable member) {
- Set members = members();
- assert (member != null) && members.contains(member);
- members.remove(member);
+ Assert.notNull("member", member);
member.removedFromGroup(this);
}
@@ -111,20 +105,13 @@
}
}
- /**
- * Returns if this group contains this member.
- * @param member The member to check.
- * @return A boolean value.
- */
public boolean contains(Groupable member) {
- boolean contains = members().contains(member);
-
- if (!contains && member instanceof User && getRule() != null) {
- User user = (User) member;
- AttributeRuleEvaluator evaluator = getAttributeRuleEvaluator();
- contains = evaluator.isComplied(user, getRule());
- }
- return contains;
+ return Arrays.asList(getMembers()).contains(member);
+ }
+
+ public boolean matches(User user) {
+ AttributeRuleEvaluator evaluator = getAttributeRuleEvaluator();
+ return evaluator.isComplied(user, getRule());
}
protected AttributeRuleEvaluator getAttributeRuleEvaluator() {
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AbstractGroupable.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AbstractGroupable.java?rev=604221&r1=604220&r2=604221&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AbstractGroupable.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AbstractGroupable.java Fri Dec 14 08:40:56 2007
@@ -31,6 +31,10 @@
* @version $Id: AbstractGroupable.java 473841 2006-11-12 00:46:38Z gregor $
*/
public abstract class AbstractGroupable extends AbstractItem implements Groupable, Accreditable {
+
+ public static final String GROUPS = "groups";
+ public static final String GROUP = "group";
+
private Set groups = new HashSet();
/**
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AbstractUser.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AbstractUser.java?rev=604221&r1=604220&r2=604221&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AbstractUser.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AbstractUser.java Fri Dec 14 08:40:56 2007
@@ -108,9 +108,8 @@
}
/**
- * This method can be used for subclasses to set the password without it
- * being encrypted again. Some subclass might have knowledge of the
- * encrypted password and needs to be able to set it.
+ * This method can be used for subclasses to set the password without it being encrypted again.
+ * Some subclass might have knowledge of the encrypted password and needs to be able to set it.
*
* @param encryptedPassword the encrypted password
*/
@@ -144,8 +143,8 @@
}
/**
- * Authenticate a user. This is done by encrypting the given password and
- * comparing this to the encryptedPassword.
+ * Authenticate a user. This is done by encrypting the given password and comparing this to the
+ * encryptedPassword.
*
* @param password to authenticate with
* @return true if the given password matches the password for this user
@@ -178,19 +177,28 @@
public void setAttributeValues(String name, String[] values) throws AccessControlException {
this.attributes.put(name, values);
}
-
+
protected boolean hasAttributes() {
return !this.attributes.isEmpty();
}
+ /**
+ * @return The explicitly assigned groups, which excludes groups that contain this user because
+ * it matches the group's rule.
+ */
+ protected Group[] getExplicitlyAssignedGroups() {
+ return super.getGroups();
+ }
+
public Group[] getGroups() {
- Group[] groups = super.getGroups();
+ Group[] groups = getExplicitlyAssignedGroups();
if (hasAttributes()) {
Set set = new HashSet(Arrays.asList(groups));
try {
- Group[] allGroups = getItemManager().getAccreditableManager().getGroupManager().getGroups();
+ Group[] allGroups = getItemManager().getAccreditableManager().getGroupManager()
+ .getGroups();
for (int i = 0; i < allGroups.length; i++) {
- if (!set.contains(allGroups[i]) && allGroups[i].contains(this)) {
+ if (!set.contains(allGroups[i]) && allGroups[i].matches(this)) {
set.add(allGroups[i]);
}
}
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AnonymousAuthenticator.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AnonymousAuthenticator.java?rev=604221&r1=604220&r2=604221&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AnonymousAuthenticator.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/AnonymousAuthenticator.java Fri Dec 14 08:40:56 2007
@@ -83,4 +83,8 @@
public String getLoginUri(Request request) {
return request.getRequestURI() + "?lenya.usecase=login&lenya.step=showscreen";
}
+
+ public String getTargetUri(Request request) {
+ return request.getRequestURI();
+ }
}
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/TransientUser.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/TransientUser.java?rev=604221&r1=604220&r2=604221&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/TransientUser.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/impl/TransientUser.java Fri Dec 14 08:40:56 2007
@@ -22,6 +22,8 @@
import org.apache.avalon.framework.configuration.Configuration;
import org.apache.avalon.framework.configuration.ConfigurationException;
import org.apache.lenya.ac.AccessControlException;
+import org.apache.lenya.ac.Group;
+import org.apache.lenya.ac.ItemManager;
/**
* Class for users which are not stored in the CMS, but in an external directory
@@ -56,6 +58,34 @@
public boolean isPersistent() {
return false;
+ }
+
+ public void delete() throws AccessControlException {
+ throw new UnsupportedOperationException();
+ }
+
+ public ItemManager getItemManager() {
+ throw new UnsupportedOperationException();
+ }
+
+ public void setItemManager(ItemManager manager) {
+ throw new UnsupportedOperationException();
+ }
+
+ public void addedToGroup(Group group) {
+ throw new UnsupportedOperationException();
+ }
+
+ public Group[] getGroups() {
+ throw new UnsupportedOperationException();
+ }
+
+ public void removeFromAllGroups() {
+ throw new UnsupportedOperationException();
+ }
+
+ public void removedFromGroup(Group group) {
+ throw new UnsupportedOperationException();
}
}
Modified: lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/shibboleth/ShibbolethAuthenticator.java
URL: http://svn.apache.org/viewvc/lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/shibboleth/ShibbolethAuthenticator.java?rev=604221&r1=604220&r2=604221&view=diff
==============================================================================
--- lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/shibboleth/ShibbolethAuthenticator.java (original)
+++ lenya/branches/branch_1_2_x_shibboleth/src/java/org/apache/lenya/ac/shibboleth/ShibbolethAuthenticator.java Fri Dec 14 08:40:56 2007
@@ -126,17 +126,18 @@
logAttributesMap(attributesMap);
// fetch unique identifier from attributes
- String uniqueID = attrReqService.getUniqueID(attributesMap, bpResponse);
- if (uniqueID == null) {
+ String uniqueId = attrReqService.getUniqueID(attributesMap, bpResponse);
+ if (uniqueId == null) {
issueError(handler, ERROR_MISSING_UID_ATTRIBUTE);
} else {
- User user = accreditableManager.getUserManager().getUser(uniqueID);
- if (user.isPersistent()) {
+ if (accreditableManager.getUserManager().getUser(uniqueId) != null) {
getLogger().error(
- "Persistent user with ID [" + user.getId()
+ "Persistent user with ID [" + uniqueId
+ "] exists, can't create transient user.");
handler.error("Shibboleth authentication error (see logfile for details).");
} else {
+ TransientUser user = new TransientUser();
+ user.setId(uniqueId);
passAttributes((TransientUser) user, attributesMap);
updateIdentity(identity, user);
authenticated = true;
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@lenya.apache.org
For additional commands, e-mail: commits-help@lenya.apache.org