You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by ta...@apache.org on 2007/07/03 05:57:50 UTC
svn commit: r552657 - in
/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed:
./ layout/impl/ login/filter/
Author: taylor
Date: Mon Jul 2 20:57:47 2007
New Revision: 552657
URL: http://svn.apache.org/viewvc?view=rev&rev=552657
Log:
While working with Mohan on Weblogic support + the secondary authentication method, discovered:
* isUserInRole method was not implemented for secondary authentication (PortalFilter)
* a few Ajax apis needed improved security behaviors
Modified:
portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/Jetspeed.java
portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/GetUserInformationAction.java
portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/PortletActionSecurityConstraintsBehavior.java
portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/SecurityConstraintsAction.java
portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/UpdateFolderAction.java
portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/UpdateLinkAction.java
portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/UpdatePageAction.java
portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalFilter.java
portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalRequestWrapper.java
Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/Jetspeed.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/Jetspeed.java?view=diff&rev=552657&r1=552656&r2=552657
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/Jetspeed.java (original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/Jetspeed.java Mon Jul 2 20:57:47 2007
@@ -18,6 +18,7 @@
import java.util.Locale;
+import org.apache.jetspeed.administration.PortalConfiguration;
import org.apache.jetspeed.components.ComponentManager;
import org.apache.jetspeed.engine.Engine;
import org.apache.jetspeed.exception.JetspeedException;
@@ -55,7 +56,7 @@
{
if (engine == null)
{
- throw new NullPointerException("The engine is null, have you called createEgine() yet?");
+ throw new NullPointerException("The engine is null, have you called createEngine() yet?");
}
return engine.getContext();
}
@@ -103,6 +104,14 @@
public static void setEngine(Engine engine)
{
Jetspeed.engine = engine;
+ }
+
+ public static PortalConfiguration getConfiguration()
+ {
+ ComponentManager manager = getComponentManager();
+ if (manager != null)
+ return (PortalConfiguration)manager.getComponent("PortalConfiguration");
+ return null;
}
}
Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/GetUserInformationAction.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/GetUserInformationAction.java?view=diff&rev=552657&r1=552656&r2=552657
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/GetUserInformationAction.java (original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/GetUserInformationAction.java Mon Jul 2 20:57:47 2007
@@ -50,9 +50,10 @@
public GetUserInformationAction(String template,
String errorTemplate,
- UserManager um)
+ UserManager um,
+ RolesSecurityBehavior securityBehavior)
{
- super(template, errorTemplate, um);
+ super(template, errorTemplate, um, securityBehavior);
}
public boolean run(RequestContext requestContext, Map resultMap)
Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/PortletActionSecurityConstraintsBehavior.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/PortletActionSecurityConstraintsBehavior.java?view=diff&rev=552657&r1=552656&r2=552657
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/PortletActionSecurityConstraintsBehavior.java (original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/PortletActionSecurityConstraintsBehavior.java Mon Jul 2 20:57:47 2007
@@ -20,6 +20,8 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.jetspeed.Jetspeed;
+import org.apache.jetspeed.administration.PortalConfiguration;
import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
import org.apache.jetspeed.om.page.Page;
import org.apache.jetspeed.page.PageManager;
@@ -36,10 +38,17 @@
implements PortletActionSecurityBehavior
{
protected Log log = LogFactory.getLog(PortletActionSecurityConstraintsBehavior.class);
+ protected String guest = "guest";
public PortletActionSecurityConstraintsBehavior(PageManager pageManager)
{
super(pageManager);
+ PortalConfiguration config = Jetspeed.getConfiguration();
+ if (config != null)
+ {
+ guest = config.getString("default.user.principal");
+ System.out.println("pas.guest=" + guest);
+ }
}
public boolean checkAccess(RequestContext context, String action)
@@ -52,7 +61,7 @@
catch (Exception e)
{
Principal principal = context.getRequest().getUserPrincipal();
- String userName = "guest";
+ String userName = this.guest;
if (principal != null)
userName = principal.getName();
log.warn("Insufficient access to page " + page.getPath() + " by user " + userName);
Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/SecurityConstraintsAction.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/SecurityConstraintsAction.java?view=diff&rev=552657&r1=552656&r2=552657
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/SecurityConstraintsAction.java (original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/SecurityConstraintsAction.java Mon Jul 2 20:57:47 2007
@@ -28,6 +28,7 @@
import org.apache.jetspeed.ajax.AJAXException;
import org.apache.jetspeed.ajax.AjaxAction;
import org.apache.jetspeed.ajax.AjaxBuilder;
+import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
import org.apache.jetspeed.om.common.SecurityConstraint;
import org.apache.jetspeed.om.page.PageSecurity;
import org.apache.jetspeed.om.page.SecurityConstraintsDef;
@@ -57,9 +58,10 @@
public SecurityConstraintsAction(String template,
String errorTemplate,
- PageManager pm)
+ PageManager pm,
+ PortletActionSecurityBehavior securityBehavior)
{
- super(template, errorTemplate, pm);
+ super(template, errorTemplate, pm, securityBehavior);
}
public boolean run(RequestContext requestContext, Map resultMap)
Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/UpdateFolderAction.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/UpdateFolderAction.java?view=diff&rev=552657&r1=552656&r2=552657
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/UpdateFolderAction.java (original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/UpdateFolderAction.java Mon Jul 2 20:57:47 2007
@@ -24,6 +24,7 @@
import org.apache.jetspeed.ajax.AJAXException;
import org.apache.jetspeed.ajax.AjaxAction;
import org.apache.jetspeed.ajax.AjaxBuilder;
+import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
import org.apache.jetspeed.om.folder.Folder;
import org.apache.jetspeed.om.page.Fragment;
import org.apache.jetspeed.page.PageManager;
@@ -55,9 +56,11 @@
public UpdateFolderAction(String template,
String errorTemplate,
- PageManager pm)
+ PageManager pm,
+ PortletActionSecurityBehavior securityBehavior)
+
{
- super(template, errorTemplate, pm);
+ super(template, errorTemplate, pm, securityBehavior);
}
public boolean run(RequestContext requestContext, Map resultMap)
Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/UpdateLinkAction.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/UpdateLinkAction.java?view=diff&rev=552657&r1=552656&r2=552657
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/UpdateLinkAction.java (original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/UpdateLinkAction.java Mon Jul 2 20:57:47 2007
@@ -24,6 +24,7 @@
import org.apache.jetspeed.ajax.AJAXException;
import org.apache.jetspeed.ajax.AjaxAction;
import org.apache.jetspeed.ajax.AjaxBuilder;
+import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
import org.apache.jetspeed.om.folder.Folder;
import org.apache.jetspeed.om.page.Link;
import org.apache.jetspeed.page.PageManager;
@@ -55,9 +56,11 @@
public UpdateLinkAction(String template,
String errorTemplate,
- PageManager pm)
+ PageManager pm,
+ PortletActionSecurityBehavior securityBehavior)
+
{
- super(template, errorTemplate, pm);
+ super(template, errorTemplate, pm, securityBehavior);
}
public boolean run(RequestContext requestContext, Map resultMap)
Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/UpdatePageAction.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/UpdatePageAction.java?view=diff&rev=552657&r1=552656&r2=552657
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/UpdatePageAction.java (original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/layout/impl/UpdatePageAction.java Mon Jul 2 20:57:47 2007
@@ -29,6 +29,7 @@
import org.apache.jetspeed.components.portletentity.PortletEntityNotStoredException;
import org.apache.jetspeed.container.window.FailedToRetrievePortletWindow;
import org.apache.jetspeed.container.window.PortletWindowAccessor;
+import org.apache.jetspeed.layout.PortletActionSecurityBehavior;
import org.apache.jetspeed.om.folder.Folder;
import org.apache.jetspeed.om.page.ContentFragment;
import org.apache.jetspeed.om.page.ContentFragmentImpl;
@@ -72,10 +73,11 @@
String errorTemplate,
PageManager pm,
PortletWindowAccessor windowAccess,
- PortletEntityAccessComponent entityAccess)
+ PortletEntityAccessComponent entityAccess,
+ PortletActionSecurityBehavior securityBehavior)
{
- super(template, errorTemplate, pm);
+ super(template, errorTemplate, pm, securityBehavior);
this.windowAccess = windowAccess;
this.entityAccess = entityAccess;
}
Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalFilter.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalFilter.java?view=diff&rev=552657&r1=552656&r2=552657
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalFilter.java (original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalFilter.java Mon Jul 2 20:57:47 2007
@@ -34,6 +34,7 @@
import org.apache.jetspeed.Jetspeed;
import org.apache.jetspeed.PortalReservedParameters;
import org.apache.jetspeed.administration.PortalAuthenticationConfiguration;
+import org.apache.jetspeed.administration.PortalConfiguration;
import org.apache.jetspeed.login.LoginConstants;
import org.apache.jetspeed.security.SecurityHelper;
import org.apache.jetspeed.security.UserManager;
@@ -43,8 +44,13 @@
public class PortalFilter implements Filter
{
+ protected String guest = "guest";
+
public void init(FilterConfig filterConfig) throws ServletException
{
+ PortalConfiguration config = Jetspeed.getConfiguration();
+ if (config != null)
+ guest = config.getString("default.user.principal");
}
public void doFilter(ServletRequest sRequest,
@@ -72,7 +78,7 @@
Subject subject = new Subject(true, principals, new HashSet(), new HashSet());
UserPrincipal userPrincipal = new UserSubjectPrincipalImpl(username, subject);
principals.add(userPrincipal);
- sRequest = wrapperRequest(request, userPrincipal);
+ sRequest = wrapperRequest(request, subject, userPrincipal);
request.getSession().removeAttribute(LoginConstants.ERRORCODE);
HttpSession session = request.getSession(true);
session.setAttribute(PortalReservedParameters.SESSION_KEY_SUBJECT, subject);
@@ -91,12 +97,12 @@
if (subject != null)
{
Principal principal = SecurityHelper.getPrincipal(subject, UserPrincipal.class);
- if (principal != null && principal.getName().equals("guest"))
+ if (principal != null && principal.getName().equals(this.guest))
{
}
else
{
- sRequest = wrapperRequest(request, principal);
+ sRequest = wrapperRequest(request, subject, principal);
}
}
}
@@ -110,9 +116,9 @@
}
}
- private ServletRequest wrapperRequest(HttpServletRequest request, Principal principal)
+ private ServletRequest wrapperRequest(HttpServletRequest request, Subject subject, Principal principal)
{
- PortalRequestWrapper wrapper = new PortalRequestWrapper(request, principal);
+ PortalRequestWrapper wrapper = new PortalRequestWrapper(request, subject, principal);
return wrapper;
}
Modified: portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalRequestWrapper.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalRequestWrapper.java?view=diff&rev=552657&r1=552656&r2=552657
==============================================================================
--- portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalRequestWrapper.java (original)
+++ portals/jetspeed-2/trunk/components/portal/src/java/org/apache/jetspeed/login/filter/PortalRequestWrapper.java Mon Jul 2 20:57:47 2007
@@ -17,21 +17,46 @@
package org.apache.jetspeed.login.filter;
import java.security.Principal;
+import java.util.Iterator;
+import java.util.List;
+import javax.security.auth.Subject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
+import org.apache.jetspeed.security.RolePrincipal;
+import org.apache.jetspeed.security.SecurityHelper;
+
public class PortalRequestWrapper extends HttpServletRequestWrapper
{
private Principal userPrincipal = null;
+ private Subject subject ;
- public PortalRequestWrapper(HttpServletRequest request,
+ public PortalRequestWrapper(HttpServletRequest request, Subject subject,
Principal userPrincipal)
{
super(request);
+ this.subject = subject;
this.userPrincipal = userPrincipal;
}
+ public boolean isUserInRole(String roleName)
+ {
+ if (subject == null)
+ {
+ return false;
+ }
+ List roles = SecurityHelper.getPrincipals(subject, RolePrincipal.class);
+ Iterator ir = roles.iterator();
+ while (ir.hasNext())
+ {
+ RolePrincipal role = (RolePrincipal)ir.next();
+ if (roleName.equals(role.getName()))
+ return true;
+ }
+ return false;
+ }
+
public void setUserPrincipal(Principal userPrincipal)
{
this.userPrincipal = userPrincipal;
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org