You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by ow...@apache.org on 2012/12/14 21:38:16 UTC
svn commit: r1422071 - in /cxf/fediz/trunk/services/idp/src/main:
java/org/apache/cxf/fediz/service/idp/HttpFormAuthenticationFilter.java
webapp/WEB-INF/signinform.jsp webapp/WEB-INF/web.xml
Author: owulff
Date: Fri Dec 14 20:38:15 2012
New Revision: 1422071
URL: http://svn.apache.org/viewvc?rev=1422071&view=rev
Log:
[FEDIZ-36] Http Form Based Login
Added:
cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/HttpFormAuthenticationFilter.java
cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinform.jsp
Modified:
cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml
Added: cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/HttpFormAuthenticationFilter.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/HttpFormAuthenticationFilter.java?rev=1422071&view=auto
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/HttpFormAuthenticationFilter.java (added)
+++ cxf/fediz/trunk/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/HttpFormAuthenticationFilter.java Fri Dec 14 20:38:15 2012
@@ -0,0 +1,93 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.fediz.service.idp;
+
+import java.io.IOException;
+
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class HttpFormAuthenticationFilter extends AbstractAuthFilter {
+
+ public static final String PARAM_TAG = "cxf.fediz.loginform.tag";
+ public static final String PARAM_USERNAME = "cxf.fediz.loginform.username";
+ public static final String PARAM_PASSWORD = "cxf.fediz.loginform.password";
+ public static final String FORM_LOGIN_PAGE_URI_DEFAULT = "/WEB-INF/signinform.jsp";
+
+ private static final Logger LOG = LoggerFactory.getLogger(HttpFormAuthenticationFilter.class);
+
+ private static final String PARAM_FORM_LOGIN_PAGE = "form.login.page";
+
+ protected String formLoginPage;
+
+ @Override
+ public void init(FilterConfig filterConfig) throws ServletException {
+ super.init(filterConfig);
+ formLoginPage = filterConfig.getInitParameter(PARAM_FORM_LOGIN_PAGE);
+ if (formLoginPage != null && formLoginPage.length() > 0) {
+ LOG.info("Configured form login page: " + formLoginPage);
+ }
+ }
+
+ @Override
+ public void process(HttpServletRequest request,
+ HttpServletResponse response, AuthContext context)
+ throws IOException, ServletException {
+
+ String tag = request.getParameter(PARAM_TAG);
+
+ if (tag == null) {
+ // request authentication from user
+ response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate, private");
+
+ if (formLoginPage != null && formLoginPage.length() > 0) {
+ request.getRequestDispatcher(formLoginPage)
+ .forward(request, response);
+ } else {
+ request.getRequestDispatcher(FORM_LOGIN_PAGE_URI_DEFAULT)
+ .forward(request, response);
+ }
+
+ setNextState(States.USERNAME_PASSWORD_REQUIRED.toString(), context);
+ context.put(AbstractAuthFilter.PROCESSING_STATE,
+ AbstractAuthFilter.ProcessingState.SEND_RESPONSE);
+ return;
+
+ } else {
+ String username = request.getParameter(PARAM_USERNAME);
+ String password = request.getParameter(PARAM_PASSWORD);
+
+ try {
+ context.put(AuthContext.AUTH_USERNAME, username);
+ context.put(AuthContext.AUTH_PASSWORD, password);
+ } catch (Exception ex) {
+ LOG.error("Invalid Authorization header", ex);
+ response.sendError(HttpServletResponse.SC_BAD_REQUEST,
+ "Invalid http form format");
+ throw new ProcessingException("Invalid http form format");
+ }
+ }
+ }
+
+}
Added: cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinform.jsp
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinform.jsp?rev=1422071&view=auto
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinform.jsp (added)
+++ cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/signinform.jsp Fri Dec 14 20:38:15 2012
@@ -0,0 +1,43 @@
+<%@ page import="java.util.Set"%>
+<%@ page import="java.util.HashSet"%>
+<%@ page import="java.lang.reflect.Field"%>
+<%@ page import="org.apache.cxf.fediz.service.idp.FederationFilter"%>
+<%@ page import="org.apache.cxf.fediz.service.idp.HttpFormAuthenticationFilter"%>
+<%@ page import="org.apache.cxf.fediz.service.idp.IdpServlet"%>
+
+<%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<head>
+<title>IDP SignIn Request Form</title>
+</head>
+<body>
+ <form method="POST" name="signinform">
+ <%--
+ Replicating the context.
+ --%>
+ <%
+ Set<String> ctx = new HashSet<String>();
+ Field[] fields = FederationFilter.class.getFields();
+ for (Field f : fields) {
+ if(f.getName().startsWith("PARAM_") && String.class.equals(f.getType())) {
+ String key = (String) f.get(null);
+ Object value = request.getAttribute(key);
+ if(null != value && value instanceof String) {
+ %>
+ <input type="hidden" name="<%=key%>" value="<%=value%>" readonly="readonly" />
+ <%
+ }
+ }
+ }
+ %>
+ <input type="hidden" name="<%=HttpFormAuthenticationFilter.PARAM_TAG%>" value="<%=HttpFormAuthenticationFilter.PARAM_TAG%>" readonly="readonly" />
+ userid :
+ <input type="text" name="<%=HttpFormAuthenticationFilter.PARAM_USERNAME%>" size="32" /><br />
+ password :
+ <input type="password" name="<%=HttpFormAuthenticationFilter.PARAM_PASSWORD%>" size="32" /><br />
+ <input type="submit" value="Authenticate" />
+ </form>
+</body>
+</html>
\ No newline at end of file
Modified: cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml?rev=1422071&r1=1422070&r2=1422071&view=diff
==============================================================================
--- cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml (original)
+++ cxf/fediz/trunk/services/idp/src/main/webapp/WEB-INF/web.xml Fri Dec 14 20:38:15 2012
@@ -53,6 +53,19 @@
</filter>
<filter>
+ <filter-name>FormAuthenticationFilter</filter-name>
+ <filter-class>org.apache.cxf.fediz.service.idp.HttpFormAuthenticationFilter</filter-class>
+ <init-param>
+ <param-name>pre-state</param-name>
+ <param-value>USERNAME_PASSWORD_REQUIRED</param-value>
+ </init-param>
+ <init-param>
+ <param-name>next-state</param-name>
+ <param-value>SECURITY_TOKEN_REQUIRED</param-value>
+ </init-param>
+ </filter>
+
+ <filter>
<filter-name>STSClientFilterRequestor</filter-name>
<filter-class>org.apache.cxf.fediz.service.idp.STSClientFilter</filter-class>
<init-param>
@@ -207,12 +220,20 @@
<filter-name>AuthenticationFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
-
+
<filter-mapping>
<filter-name>BasicAuthenticationFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
+ <!-- FORM based authentication -->
+ <!--
+ <filter-mapping>
+ <filter-name>FormAuthenticationFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+ </filter-mapping>
+ -->
+
<filter-mapping>
<filter-name>STSClientFilterRequestor</filter-name>
<url-pattern>/*</url-pattern>
@@ -220,6 +241,7 @@
<filter-mapping>
<filter-name>STSClientFilterRequestor</filter-name>
+
<url-pattern>/*</url-pattern>
</filter-mapping>