You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by ow...@apache.org on 2012/12/14 21:38:16 UTC

svn commit: r1422071 - in /cxf/fediz/trunk/services/idp/src/main: java/org/apache/cxf/fediz/service/idp/HttpFormAuthenticationFilter.java webapp/WEB-INF/signinform.jsp webapp/WEB-INF/web.xml

Author: owulff
Date: Fri Dec 14 20:38:15 2012
New Revision: 1422071

URL: http://svn.apache.org/viewvc?rev=1422071&view=rev
Log:
[FEDIZ-36] Http Form Based Login

Added:
    cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/HttpFormAuthenticationFilter.java
    cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinform.jsp
Modified:
    cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml

Added: cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/HttpFormAuthenticationFilter.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/HttpFormAuthenticationFilter.java?rev=1422071&view=auto
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/HttpFormAuthenticationFilter.java (added)
+++ cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/HttpFormAuthenticationFilter.java Fri Dec 14 20:38:15 2012
@@ -0,0 +1,93 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.fediz.service.idp;
+
+import java.io.IOException;
+
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class HttpFormAuthenticationFilter extends AbstractAuthFilter {
+
+    public static final String PARAM_TAG = "cxf.fediz.loginform.tag";
+    public static final String PARAM_USERNAME = "cxf.fediz.loginform.username";
+    public static final String PARAM_PASSWORD = "cxf.fediz.loginform.password";
+    public static final String FORM_LOGIN_PAGE_URI_DEFAULT = "/WEB-INF/signinform.jsp";
+
+    private static final Logger LOG = LoggerFactory.getLogger(HttpFormAuthenticationFilter.class);
+    
+    private static final String PARAM_FORM_LOGIN_PAGE = "form.login.page";
+    
+    protected String formLoginPage;
+
+    @Override
+    public void init(FilterConfig filterConfig) throws ServletException {
+        super.init(filterConfig);
+        formLoginPage = filterConfig.getInitParameter(PARAM_FORM_LOGIN_PAGE);
+        if (formLoginPage != null && formLoginPage.length() > 0) {
+            LOG.info("Configured form login page: " + formLoginPage);
+        }
+    }
+    
+    @Override
+    public void process(HttpServletRequest request,
+                        HttpServletResponse response, AuthContext context)
+        throws IOException, ServletException {
+
+        String tag = request.getParameter(PARAM_TAG);
+
+        if (tag == null) {
+            // request authentication from user
+            response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate, private");
+            
+            if (formLoginPage != null && formLoginPage.length() > 0) {
+                request.getRequestDispatcher(formLoginPage)
+                    .forward(request, response);
+            } else {
+                request.getRequestDispatcher(FORM_LOGIN_PAGE_URI_DEFAULT)
+                    .forward(request, response);
+            }
+            
+            setNextState(States.USERNAME_PASSWORD_REQUIRED.toString(), context);
+            context.put(AbstractAuthFilter.PROCESSING_STATE,
+                        AbstractAuthFilter.ProcessingState.SEND_RESPONSE);
+            return;
+
+        } else {
+            String username = request.getParameter(PARAM_USERNAME);
+            String password = request.getParameter(PARAM_PASSWORD);
+
+            try {
+                context.put(AuthContext.AUTH_USERNAME, username);
+                context.put(AuthContext.AUTH_PASSWORD, password);
+            } catch (Exception ex) {
+                LOG.error("Invalid Authorization header", ex);
+                response.sendError(HttpServletResponse.SC_BAD_REQUEST,
+                    "Invalid http form format");
+                throw new ProcessingException("Invalid http form format");
+            }
+        }
+    }
+
+}

Added: cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinform.jsp
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinform.jsp?rev=1422071&view=auto
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinform.jsp (added)
+++ cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinform.jsp Fri Dec 14 20:38:15 2012
@@ -0,0 +1,43 @@
+<%@ page import="java.util.Set"%>
+<%@ page import="java.util.HashSet"%>
+<%@ page import="java.lang.reflect.Field"%>
+<%@ page import="org.apache.cxf.fediz.service.idp.FederationFilter"%>
+<%@ page import="org.apache.cxf.fediz.service.idp.HttpFormAuthenticationFilter"%>
+<%@ page import="org.apache.cxf.fediz.service.idp.IdpServlet"%>
+
+<%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<title>IDP SignIn Request Form</title>
+</head>
+<body>
+	<form method="POST" name="signinform">
+		<%--
+			Replicating the context.
+		--%>
+		<%
+		Set<String> ctx = new HashSet<String>();
+		Field[] fields = FederationFilter.class.getFields();
+		for (Field f : fields) {
+			if(f.getName().startsWith("PARAM_") && String.class.equals(f.getType())) { 
+				String key = (String) f.get(null);
+				Object value = request.getAttribute(key);
+				if(null != value && value instanceof String) {
+					%>
+		<input type="hidden" name="<%=key%>" value="<%=value%>" readonly="readonly" />
+					<%
+				}
+			}
+		}
+		%>
+		<input type="hidden" name="<%=HttpFormAuthenticationFilter.PARAM_TAG%>" value="<%=HttpFormAuthenticationFilter.PARAM_TAG%>" readonly="readonly" />
+		userid :
+		<input type="text" name="<%=HttpFormAuthenticationFilter.PARAM_USERNAME%>" size="32" /><br />
+		password :
+		<input type="password" name="<%=HttpFormAuthenticationFilter.PARAM_PASSWORD%>" size="32" /><br />
+		<input type="submit" value="Authenticate" />
+	</form>
+</body>
+</html>
\ No newline at end of file

Modified: cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml?rev=1422071&r1=1422070&r2=1422071&view=diff
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml (original)
+++ cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml Fri Dec 14 20:38:15 2012
@@ -53,6 +53,19 @@
 	</filter>
 	
 	<filter>
+		<filter-name>FormAuthenticationFilter</filter-name>
+		<filter-class>org.apache.cxf.fediz.service.idp.HttpFormAuthenticationFilter</filter-class>
+		<init-param>
+			<param-name>pre-state</param-name>
+			<param-value>USERNAME_PASSWORD_REQUIRED</param-value>
+		</init-param>
+		<init-param>
+			<param-name>next-state</param-name>
+			<param-value>SECURITY_TOKEN_REQUIRED</param-value>
+		</init-param>		
+	</filter>
+	
+	<filter>
 		<filter-name>STSClientFilterRequestor</filter-name>
 		<filter-class>org.apache.cxf.fediz.service.idp.STSClientFilter</filter-class>
 		<init-param>
@@ -207,12 +220,20 @@
 		<filter-name>AuthenticationFilter</filter-name>
 		<url-pattern>/*</url-pattern>
 	</filter-mapping>
-
+     
 	<filter-mapping>
 		<filter-name>BasicAuthenticationFilter</filter-name>
 		<url-pattern>/*</url-pattern>
 	</filter-mapping>
 	
+	<!-- FORM based authentication -->
+	<!--
+	<filter-mapping>
+		<filter-name>FormAuthenticationFilter</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+	-->
+	
 	<filter-mapping>
 		<filter-name>STSClientFilterRequestor</filter-name>
 		<url-pattern>/*</url-pattern>
@@ -220,6 +241,7 @@
 	
 	<filter-mapping>
 		<filter-name>STSClientFilterRequestor</filter-name>
+                
 		<url-pattern>/*</url-pattern>
 	</filter-mapping>