You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@stratos.apache.org by pr...@apache.org on 2014/04/17 04:43:30 UTC
[50/52] [partial] forking carbon ui bundle in to stratos code base
and removing license incompatible JS and packing the new module to carbon
runtime, through dropins
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/6b1dba58/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/BasicAuthUIAuthenticator.java
----------------------------------------------------------------------
diff --git a/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/BasicAuthUIAuthenticator.java b/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/BasicAuthUIAuthenticator.java
new file mode 100644
index 0000000..53a2842
--- /dev/null
+++ b/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/BasicAuthUIAuthenticator.java
@@ -0,0 +1,164 @@
+package org.wso2.carbon.ui;
+
+import java.util.Map;
+
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.axis2.AxisFault;
+import org.apache.axis2.client.ServiceClient;
+import org.wso2.carbon.CarbonConstants;
+import org.wso2.carbon.core.common.AuthenticationException;
+import org.wso2.carbon.ui.util.CarbonUIAuthenticationUtil;
+import org.wso2.carbon.utils.CarbonUtils;
+import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
+
+public class BasicAuthUIAuthenticator extends AbstractCarbonUIAuthenticator {
+
+ private static final String AUTHENTICATOR_NAME = "BasicAuthUIAuthenticator";
+
+ @Override
+ public boolean canHandle(HttpServletRequest request) {
+
+ String userName = request.getParameter(AbstractCarbonUIAuthenticator.USERNAME);
+ String password = request.getParameter(AbstractCarbonUIAuthenticator.PASSWORD);
+
+ if (CarbonUtils.isRunningOnLocalTransportMode()) {
+ return false;
+ }
+
+ if (userName != null && password != null) {
+ return true;
+ }
+
+ // This is to login with Remember Me.
+ Cookie[] cookies = request.getCookies();
+ if (cookies != null) {
+ for (Cookie cookie : cookies) {
+ if (cookie.getName().equals(CarbonConstants.REMEMBER_ME_COOKE_NAME)) {
+ return true;
+ }
+ }
+ }
+
+ return false;
+ }
+
+ @Override
+ public void authenticate(HttpServletRequest request) throws AuthenticationException {
+
+ String userName = request.getParameter(AbstractCarbonUIAuthenticator.USERNAME);
+ String password = request.getParameter(AbstractCarbonUIAuthenticator.PASSWORD);
+ String value = request.getParameter(AbstractCarbonUIAuthenticator.REMEMBER_ME);
+
+ boolean isRememberMe = false;
+
+ if (userName == null || password == null) {
+ throw new AuthenticationException("Invalid username or password provided.");
+ }
+
+ if (value != null && value.equals(AbstractCarbonUIAuthenticator.REMEMBER_ME)) {
+ isRememberMe = true;
+ }
+
+ String userNameWithDomain = userName;
+ String domainName = (String) request.getAttribute(MultitenantConstants.TENANT_DOMAIN);
+ if (domainName != null) {
+ userNameWithDomain += "@" + domainName;
+ }
+ if (userNameWithDomain != null) {
+ // User-name can be null in remember me scenario.
+ userNameWithDomain = userNameWithDomain.trim();
+ }
+ DefaultAuthenticatorCredentials credentials;
+ credentials = new DefaultAuthenticatorCredentials(userNameWithDomain, password);
+
+ // No exception means authentication successful
+ handleSecurity(credentials, isRememberMe, request);
+ }
+
+ @Override
+ public void authenticateWithCookie(HttpServletRequest request) throws AuthenticationException {
+
+ Cookie[] cookies = request.getCookies();
+
+ for (Cookie cookie : cookies) {
+ if (cookie.getName().equals(CarbonConstants.REMEMBER_ME_COOKE_NAME)) {
+ DefaultAuthenticatorCredentials credentials;
+ credentials = new DefaultAuthenticatorCredentials(null, null);
+ // No exception means authentication successful
+ handleSecurity(credentials, true, request);
+ }
+ }
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ public String doAuthentication(Object credentials, boolean isRememberMe, ServiceClient client,
+ HttpServletRequest request) throws AuthenticationException {
+
+ DefaultAuthenticatorCredentials defaultCredentials = (DefaultAuthenticatorCredentials) credentials;
+
+ if (isRememberMe && defaultCredentials.getUserName() == null
+ && defaultCredentials.getPassword() == null) {
+ // This is to login with Remember Me.
+ Cookie[] cookies = request.getCookies();
+ if (cookies != null) {
+ for (Cookie cookie : cookies) {
+ if (cookie.getName().equals(CarbonConstants.REMEMBER_ME_COOKE_NAME)) {
+ CarbonUIAuthenticationUtil.setCookieHeaders(cookie, client);
+ String cookieValue = cookie.getValue();
+ return getUserNameFromCookie(cookieValue);
+ }
+ }
+ }
+ } else {
+ CarbonUtils.setBasicAccessSecurityHeaders(defaultCredentials.getUserName(),
+ defaultCredentials.getPassword(), isRememberMe, client);
+ return defaultCredentials.getUserName();
+ }
+
+ throw new AuthenticationException("Invalid user credentials.");
+ }
+
+ /**
+ *
+ * @param serviceClient
+ * @param httpServletRequest
+ * @throws AxisFault
+ */
+ @SuppressWarnings("rawtypes")
+ public void handleRememberMe(Map transportHeaders, HttpServletRequest httpServletRequest)
+ throws AuthenticationException {
+
+ if (transportHeaders != null) {
+ String cookieValue = (String) transportHeaders.get("RememberMeCookieValue");
+ String cookieAge = (String) transportHeaders.get("RememberMeCookieAge");
+
+ if (cookieValue == null || cookieAge == null) {
+ throw new AuthenticationException("Unable to load remember me date from response. "
+ + "Cookie value or cookie age or both are null");
+ }
+
+ if (log.isDebugEnabled()) {
+ log.debug("Cookie value returned " + cookieValue + " cookie age " + cookieAge);
+ }
+
+ httpServletRequest.setAttribute(CarbonConstants.REMEMBER_ME_COOKIE_VALUE, cookieValue);
+ httpServletRequest.setAttribute(CarbonConstants.REMEMBER_ME_COOKIE_AGE, cookieAge);
+ }
+ }
+
+ @Override
+ public void unauthenticate(Object object) throws Exception {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public String getAuthenticatorName() {
+ return AUTHENTICATOR_NAME;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/6b1dba58/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/BreadCrumbGenerator.java
----------------------------------------------------------------------
diff --git a/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/BreadCrumbGenerator.java b/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/BreadCrumbGenerator.java
new file mode 100644
index 0000000..792941b
--- /dev/null
+++ b/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/BreadCrumbGenerator.java
@@ -0,0 +1,343 @@
+/*
+* Copyright (c) 2005-2010, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+*
+* WSO2 Inc. licenses this file to you under the Apache License,
+* Version 2.0 (the "License"); you may not use this file except
+* in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing,
+* software distributed under the License is distributed on an
+* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+* KIND, either express or implied. See the License for the
+* specific language governing permissions and limitations
+* under the License.
+*/
+package org.wso2.carbon.ui;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.wso2.carbon.ui.deployment.beans.BreadCrumbItem;
+
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import java.util.HashMap;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.StringTokenizer;
+import java.util.Locale;
+
+public class BreadCrumbGenerator {
+ private static Log log = LogFactory.getLog(BreadCrumbGenerator.class);
+
+ /**
+ * Generates breadcrumb html content.
+ * Please do not add line breaks to places where HTML content is written.
+ * It makes debugging difficult.
+ * @param request
+ * @param currentPageHeader
+ * @return String
+ */
+ public HashMap<String,String> getBreadCrumbContent(HttpServletRequest request
+ ,BreadCrumbItem currentBreadcrumbItem
+ ,String jspFilePath
+ ,boolean topPage
+ ,boolean removeLastItem){
+ String breadcrumbCookieString = "";
+ //int lastIndexofSlash = jspFilePath.lastIndexOf(System.getProperty("file.separator"));
+ //int lastIndexofSlash = jspFilePath.lastIndexOf('/');
+
+ StringBuffer content = new StringBuffer();
+ StringBuffer cookieContent = new StringBuffer();
+ HashMap<String,String> breadcrumbContents = new HashMap<String,String>();
+ HashMap<String, BreadCrumbItem> breadcrumbs =
+ (HashMap<String, BreadCrumbItem>) request.getSession().getAttribute("breadcrumbs");
+
+ String menuId = request.getParameter("item");
+ String region = request.getParameter("region");
+ String ordinalStr = request.getParameter("ordinal");
+
+ if(topPage){
+ //some wizards redirect to index page of the component after doing some operations.
+ //Hence a map of region & menuId for component/index page is maintained & retrieved
+ //by passing index page (eg: ../service-mgt/index.jsp)
+ //This logic should run only for pages marked as toppage=true
+ if(menuId == null && region == null){
+ HashMap<String, String> indexPageBreadcrumbParamMap =
+ (HashMap<String, String>) request.getSession().getAttribute("index-page-breadcrumb-param-map");
+ //eg: indexPageBreadcrumbParamMap contains ../service-mgt/index.jsp : region1,services_list_menu pattern
+
+ if(indexPageBreadcrumbParamMap != null && !(indexPageBreadcrumbParamMap.isEmpty())){
+ String params = indexPageBreadcrumbParamMap.get(jspFilePath);
+ if(params != null){
+ region = params.substring(0, params.indexOf(','));
+ menuId = params.substring(params.indexOf(',')+1);
+ }
+ }
+ }
+ }
+
+ if (menuId != null && region != null) {
+ String key = region.trim() + "-" + menuId.trim();
+ HashMap<String, String> breadcrumbMap =
+ (HashMap<String, String>) request.getSession().getAttribute(region + "menu-id-breadcrumb-map");
+
+ String breadCrumb = "";
+ if (breadcrumbMap != null && !(breadcrumbMap.isEmpty())) {
+ breadCrumb = breadcrumbMap.get(key);
+ }
+ if (breadCrumb != null) {
+ content.append("<table cellspacing=\"0\"><tr>");
+ Locale locale = CarbonUIUtil.getLocaleFromSession(request);
+ String homeText = CarbonUIUtil.geti18nString("component.home", "org.wso2.carbon.i18n.Resources", locale);
+ content.append("<td class=\"breadcrumb-link\"><a href=\"" + CarbonUIUtil.getHomePage() + "\">"+homeText+"</a></td>");
+ cookieContent.append(breadCrumb);
+ cookieContent.append("#");
+ generateBreadcrumbForMenuPath(content, breadcrumbs, breadCrumb,true);
+ }
+ }else{
+ HashMap<String,List<BreadCrumbItem>> links = (HashMap<String,List<BreadCrumbItem>>) request
+ .getSession().getAttribute("page-breadcrumbs");
+
+ //call came within a page. Retrieve the breadcrumb cookie
+ Cookie[] cookies = request.getCookies();
+ for (int a = 0; a < cookies.length; a++) {
+ Cookie cookie = cookies[a];
+ if("current-breadcrumb".equals(cookie.getName())){
+ breadcrumbCookieString = cookie.getValue();
+ //bringing back the ,
+ breadcrumbCookieString = breadcrumbCookieString.replace("%2C", ",");
+ //bringing back the #
+ breadcrumbCookieString = breadcrumbCookieString.replace("%23", "#");
+ if(log.isDebugEnabled()){
+ log.debug("cookie :"+cookie.getName()+" : "+breadcrumbCookieString);
+ }
+ }
+ }
+
+
+ if(links != null){
+ if(log.isDebugEnabled()){
+ log.debug("size of page-breadcrumbs is : "+links.size());
+ }
+
+ content.append("<table cellspacing=\"0\"><tr>");
+ Locale locale = CarbonUIUtil.getLocaleFromSession(request);
+ String homeText = CarbonUIUtil.geti18nString("component.home", "org.wso2.carbon.i18n.Resources", locale);
+ content.append("<td class=\"breadcrumb-link\"><a href=\"" + CarbonUIUtil.getHomePage() + "\">"+homeText+"</a></td>");
+
+ String menuBreadcrumbs = "";
+ if(breadcrumbCookieString.indexOf('#') > -1){
+ menuBreadcrumbs = breadcrumbCookieString.substring(0, breadcrumbCookieString.indexOf('#'));
+ }
+ cookieContent.append(menuBreadcrumbs);
+ cookieContent.append("#");
+
+ generateBreadcrumbForMenuPath(content, breadcrumbs,
+ menuBreadcrumbs,false);
+
+ int clickedBreadcrumbLocation = 0;
+ if (ordinalStr != null) {
+ //only clicking on already made page breadcrumb link will send this via request parameter
+ try {
+ clickedBreadcrumbLocation = Integer.parseInt(ordinalStr);
+ } catch (NumberFormatException e) {
+ // Do nothing
+ log.warn("Found String for breadcrumb ordinal");
+ }
+ }
+
+ String pageBreadcrumbs = "";
+ if(breadcrumbCookieString.indexOf('#') > -1){
+ pageBreadcrumbs = breadcrumbCookieString.substring(breadcrumbCookieString.indexOf('#')+1);
+ }
+ StringTokenizer st2 = new StringTokenizer(pageBreadcrumbs,"*");
+ String[] tokens = new String[st2.countTokens()];
+ int count = 0;
+ String previousToken = "";
+ while(st2.hasMoreTokens()){
+ String currentToken = st2.nextToken();
+ //To avoid page refresh create breadcrumbs
+ if(! currentToken.equals(previousToken)){
+ previousToken = currentToken;
+ tokens[count] = currentToken;
+ count++;
+ }
+ }
+
+
+ //jspSubContext should be the same across all the breadcrumbs
+ //(cookie is updated everytime a page is loaded)
+ List<BreadCrumbItem> breadcrumbItems = null;
+// if(tokens != null && tokens.length > 0){
+ //String token = tokens[0];
+ //String jspSubContext = token.substring(0, token.indexOf('+'));
+ //breadcrumbItems = links.get("../"+jspSubContext);
+// }
+
+ LinkedList<String> tokenJSPFileOrder = new LinkedList<String>();
+ LinkedList<String> jspFileSubContextOrder = new LinkedList<String>();
+ HashMap<String,String> jspFileSubContextMap = new HashMap<String,String>();
+ for(int a = 0;a < tokens.length;a++){
+ String token = tokens[a];
+ if(token != null){
+ String jspFileName = token.substring(token.indexOf('+')+1);
+ String jspSubContext = token.substring(0, token.indexOf('+'));
+ jspFileSubContextMap.put(jspFileName, jspSubContext);
+ tokenJSPFileOrder.add(jspFileName);
+ jspFileSubContextOrder.add(jspSubContext+"^"+jspFileName);
+ }
+ }
+
+ if(clickedBreadcrumbLocation > 0){
+ int tokenCount = tokenJSPFileOrder.size();
+ while (tokenCount > clickedBreadcrumbLocation) {
+ String lastItem = tokenJSPFileOrder.getLast();
+ if(log.isDebugEnabled()){
+ log.debug("Removing breacrumbItem : "+ lastItem);
+ }
+ tokenJSPFileOrder.removeLast();
+ jspFileSubContextOrder.removeLast();
+ tokenCount = tokenJSPFileOrder.size();
+ }
+ }
+
+ boolean lastBreadcrumbItemAvailable = false;
+ if(clickedBreadcrumbLocation == 0){
+ String tmp = getSubContextFromUri(currentBreadcrumbItem.getLink())+"+"+currentBreadcrumbItem.getId();
+ if(! previousToken.equals(tmp)){ //To prevent page refresh
+ lastBreadcrumbItemAvailable = true;
+ }
+ }
+
+
+ if(tokenJSPFileOrder != null){
+ //found breadcrumb items for given sub context
+ for(int i = 0;i < jspFileSubContextOrder.size(); i++){
+ String token = tokenJSPFileOrder.get(i);
+ //String jspFileName = token.substring(token.indexOf('+')+1);
+ //String jspSubContext = jspFileSubContextMap.get(jspFileName);
+
+ String fileContextToken = jspFileSubContextOrder.get(i);
+ String jspFileName = fileContextToken.substring(fileContextToken.indexOf('^')+1);
+ String jspSubContext = fileContextToken.substring(0,fileContextToken.indexOf('^'));
+
+ if(jspSubContext != null){
+ breadcrumbItems = links.get("../"+jspSubContext);
+ }
+ if(breadcrumbItems != null){
+ int bcSize = breadcrumbItems.size();
+ for (int a = 0; a < bcSize ; a++) {
+ BreadCrumbItem tmp = breadcrumbItems.get(a);
+ if(tmp.getId().equals(jspFileName)){
+ if(tmp.getLink().startsWith("#")){
+ content.append("<td class=\"breadcrumb-link\"> > "+tmp.getConvertedText()+"</td>");
+ }else{
+ //if((a+1) == bcSize){
+ //if((a+1) == bcSize && clickedBreadcrumbLocation > 0){
+ if((((a+1) == bcSize) && !(lastBreadcrumbItemAvailable))
+ || removeLastItem){
+ content.append("<td class=\"breadcrumb-link\"> > "+tmp.getConvertedText()+"</td>");
+ }else{
+ content.append("<td class=\"breadcrumb-link\"> > <a href=\""+appendOrdinal(tmp.getLink(),i+1)+"\">"+tmp.getConvertedText()+"</a></td>");
+ }
+ }
+ cookieContent.append(getSubContextFromUri(tmp.getLink())+"+"+token+"*");
+ }
+ }
+ }
+ }
+ }
+
+ //add last breadcrumb item
+ if(lastBreadcrumbItemAvailable && !(removeLastItem)){
+ String tmp = getSubContextFromUri(currentBreadcrumbItem.getLink())+"+"+currentBreadcrumbItem.getId();
+ cookieContent.append(tmp);
+ cookieContent.append("*");
+ content.append("<td class=\"breadcrumb-link\"> > "+currentBreadcrumbItem.getConvertedText()+"</td>");
+ }
+ content.append("</tr></table>");
+ }
+ }
+ breadcrumbContents.put("html-content", content.toString());
+
+ String finalCookieContent = cookieContent.toString();
+ if(removeLastItem && breadcrumbCookieString != null &&
+ breadcrumbCookieString.trim().length() > 0){
+ finalCookieContent = breadcrumbCookieString;
+ }
+ breadcrumbContents.put("cookie-content", finalCookieContent);
+ return breadcrumbContents;
+ }
+
+ /**
+ *
+ * @param uri
+ * @return
+ */
+ private static String getSubContextFromUri(String uri){
+ //eg: uri = ../service-mgt/service_info.jsp?serviceName=HelloService&ordinal=1
+ if(uri != null){
+ int jspExtensionLocation = uri.indexOf(".jsp");
+ String tmp = uri.substring(0, jspExtensionLocation);
+ tmp = tmp.replace("../", "");
+ int firstSlashLocation = tmp.indexOf('/');
+ return tmp.substring(0, firstSlashLocation);
+ }else{
+ return "";
+ }
+ }
+
+ /**
+ *
+ * @param url
+ * @param ordinal
+ * @return
+ */
+ private static String appendOrdinal(String url, int ordinal) {
+ if(url != null){
+ if (url.indexOf('?') > -1) {
+ return url + "&ordinal=" + ordinal;
+ } else {
+ return url + "?ordinal=" + ordinal;
+ }
+ }else{
+ return "#";
+ }
+ }
+
+ /**
+ * Generates breadcrumb for menu navigation path
+ * @param content
+ * @param breadcrumbs
+ * @param breadCrumb
+ */
+ private void generateBreadcrumbForMenuPath(StringBuffer content,
+ HashMap<String, BreadCrumbItem> breadcrumbs, String breadCrumb,boolean clickFromMenu) {
+ StringTokenizer st = new StringTokenizer(breadCrumb, ",");
+ int tokenCount = st.countTokens();
+ int count = 0;
+ while (st.hasMoreTokens()) {
+ count++;
+ String token = st.nextToken();
+ BreadCrumbItem breadcrumbItem = (BreadCrumbItem) breadcrumbs.get(token);
+ if (breadcrumbItem != null) {
+ //if (count == tokenCount) {
+ // content.append("<td class=\"breadcrumb-current-page\"><a href=\""+breadcrumbItem.getLink()+"\">"+breadcrumbItem.getConvertedText()+"</a></td>");
+ //} else {
+ if (breadcrumbItem.getLink().startsWith("#")) {
+ content.append("<td class=\"breadcrumb-link\">"+" > "+breadcrumbItem.getConvertedText()+"</td>");
+ } else {
+ if(count == tokenCount && (clickFromMenu)){//if last breadcrumb item, do not put the link
+ content.append("<td class=\"breadcrumb-link\"> > "+breadcrumbItem.getConvertedText()+"</td>");
+ }else{
+ content.append("<td class=\"breadcrumb-link\"> > <a href=\""+breadcrumbItem.getLink()+"\">"+breadcrumbItem.getConvertedText()+"</a></td>");
+ }
+ }
+ //}
+ }
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/6b1dba58/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/BundleBasedUIResourceProvider.java
----------------------------------------------------------------------
diff --git a/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/BundleBasedUIResourceProvider.java b/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/BundleBasedUIResourceProvider.java
new file mode 100644
index 0000000..0e37da5
--- /dev/null
+++ b/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/BundleBasedUIResourceProvider.java
@@ -0,0 +1,124 @@
+/*
+ * Copyright 2009-2010 WSO2, Inc. (http://wso2.com)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.wso2.carbon.ui;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.osgi.framework.Bundle;
+import org.wso2.carbon.ui.util.UIResourceProvider;
+
+import java.net.URL;
+import java.util.*;
+
+public class BundleBasedUIResourceProvider implements UIResourceProvider {
+
+ protected static final Log log = LogFactory.getLog(BundleBasedUIResourceProvider.class);
+ private Map<String, Bundle> bundleResourceMap; // resourcePath -> Bundle
+ private Map<Bundle, List<String>> inverseBundleResourceMap; // Bundle -> resoucePath1, reosourcePath2, ...
+ private String bundleResourcePath;
+
+ public BundleBasedUIResourceProvider(String bundleResourcePath) {
+ this.bundleResourcePath = bundleResourcePath;
+ this.bundleResourceMap = new HashMap<String, Bundle>();
+ this.inverseBundleResourceMap = new HashMap<Bundle, List<String>>();
+
+ }
+
+ public URL getUIResource(String name) {
+ String resourceName = bundleResourcePath + name;
+ int lastSlash = resourceName.lastIndexOf('/');
+ if (lastSlash == -1) {
+ return null;
+ }
+
+ String path = resourceName.substring(0, lastSlash);
+ if (path.length() == 0) {
+ path = "/";
+ }
+ String file = resourceName.substring(lastSlash + 1);
+
+ //Searching the resourceBundle for the given bundle resource paths.
+ String resourcePath = CarbonUIUtil.getBundleResourcePath(name);
+ Bundle resourceBundle = bundleResourceMap.get(resourcePath);
+ if (resourceBundle != null) {
+ Enumeration entryPaths = resourceBundle.findEntries(path, file, false);
+ /* Enumeration entryPaths = null;
+ try {
+ entryPaths = resourceBundle.getResources(path + File.separator + file);
+ } catch (IOException ignored) {
+ log.error(ignored.getMessage(), ignored);
+ }*/
+ if (entryPaths != null && entryPaths.hasMoreElements()) {
+ return (URL) entryPaths.nextElement();
+ }
+ }
+ return null;
+ }
+
+ public Set<String> getUIResourcePaths(String name) {
+ Set<String> result = new HashSet<String>();
+ //Searching the resourceBundle for the given bundle resource paths.
+ String resourcePath = CarbonUIUtil.getBundleResourcePath(name);
+ Bundle resourceBundle = bundleResourceMap.get(resourcePath);
+
+ if (resourceBundle != null) {
+ Enumeration e = resourceBundle.findEntries(bundleResourcePath + name, null, false);
+ if (e != null) {
+ while (e.hasMoreElements()) {
+ URL entryURL = (URL) e.nextElement();
+ result.add(entryURL.getFile().substring(bundleResourcePath.length()));
+ }
+ }
+ }
+ return result;
+ }
+
+ public void addBundleResourcePaths(Bundle bundle) {
+ List<String> resourcePathList = new LinkedList<String>();
+ Enumeration entries = bundle.findEntries("web", "*", false);
+ while (entries != null && entries.hasMoreElements()) {
+ URL url = (URL) entries.nextElement();
+ String path = url.getPath();
+ if (path.endsWith("/")) {
+ String bundleResourcePath = path.substring("/web/".length(), path.length() - 1);
+ bundleResourceMap.put(bundleResourcePath, bundle);
+ resourcePathList.add(bundleResourcePath);
+ }
+ }
+
+ inverseBundleResourceMap.put(bundle,resourcePathList);
+ }
+
+
+ /*
+ removing the resource paths mapped to a bundle. For this we make use of the bunde - > resourcePath
+ multiple entry hashmap
+ */
+ public void removeBundleResourcePaths(Bundle bundle){
+ List<String> resourcePathList = inverseBundleResourceMap.get(bundle);
+ for(String str : resourcePathList){
+ if(bundleResourceMap.containsKey(str)){
+ System.out.println("Removing the resource Path : "+ str);
+ bundleResourceMap.remove(str);
+ }
+ }
+
+ }
+
+ public Bundle getBundle(String resourcePath) {
+ return bundleResourceMap.get(resourcePath);
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/6b1dba58/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/BundleProxyClassLoader.java
----------------------------------------------------------------------
diff --git a/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/BundleProxyClassLoader.java b/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/BundleProxyClassLoader.java
new file mode 100644
index 0000000..3f161fc
--- /dev/null
+++ b/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/BundleProxyClassLoader.java
@@ -0,0 +1,65 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.wso2.carbon.ui;
+
+import org.osgi.framework.Bundle;
+
+import java.io.IOException;
+import java.net.URL;
+import java.util.Enumeration;
+
+/**
+ * A BundleProxyClassLoader wraps a bundle and uses the various Bundle methods to produce a ClassLoader.
+ */
+public class BundleProxyClassLoader extends ClassLoader {
+ private Bundle bundle;
+ private ClassLoader parent;
+
+ public BundleProxyClassLoader(Bundle bundle) {
+ this.bundle = bundle;
+ }
+
+ public BundleProxyClassLoader(Bundle bundle, ClassLoader parent) {
+ super(parent);
+ this.parent = parent;
+ this.bundle = bundle;
+ }
+
+ public Enumeration findResources(String name) throws IOException {
+ return bundle.getResources(name);
+ }
+
+ public URL findResource(String name) {
+ return bundle.getResource(name);
+ }
+
+ public Class findClass(String name) throws ClassNotFoundException {
+ return bundle.loadClass(name);
+ }
+
+ public URL getResource(String name) {
+ return (parent == null) ? findResource(name) : super.getResource(name);
+ }
+
+ protected Class loadClass(String name, boolean resolve) throws ClassNotFoundException {
+ Class clazz = (parent == null) ? findClass(name) : super.loadClass(name, false);
+ if (resolve) {
+ super.resolveClass(clazz);
+ }
+
+ return clazz;
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/6b1dba58/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/BundleResourcePathRegistry.java
----------------------------------------------------------------------
diff --git a/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/BundleResourcePathRegistry.java b/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/BundleResourcePathRegistry.java
new file mode 100644
index 0000000..bb1524f
--- /dev/null
+++ b/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/BundleResourcePathRegistry.java
@@ -0,0 +1,38 @@
+/*
+ * Copyright 2005-2007 WSO2, Inc. (http://wso2.com)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.wso2.carbon.ui;
+
+import org.osgi.framework.Bundle;
+
+import java.util.HashMap;
+import java.util.Map;
+
+public class BundleResourcePathRegistry {
+
+ private Map<String, Bundle> bundleResourceMap;
+ //This map needs to be synchronized
+ public BundleResourcePathRegistry(){
+ bundleResourceMap = new HashMap<String, Bundle>();
+ }
+
+ public Bundle getBundle(String bundleResourcePath){
+ return bundleResourceMap.get(bundleResourcePath);
+ }
+
+ public void addBundleResourcePath(String bundleResourcePath, Bundle bundle){
+ bundleResourceMap.put(bundleResourcePath, bundle);
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/6b1dba58/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonConnection.java
----------------------------------------------------------------------
diff --git a/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonConnection.java b/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonConnection.java
new file mode 100644
index 0000000..ecd4c42
--- /dev/null
+++ b/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonConnection.java
@@ -0,0 +1,127 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.wso2.carbon.ui;
+
+import org.apache.axis2.context.ConfigurationContext;
+import org.apache.axis2.description.Parameter;
+import org.apache.axis2.description.TransportInDescription;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.osgi.framework.BundleContext;
+import org.wso2.carbon.ui.internal.CarbonUIServiceComponent;
+import org.wso2.carbon.utils.CarbonUtils;
+import org.wso2.carbon.utils.ServerConstants;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URL;
+import java.net.URLConnection;
+
+/**
+ *
+ */
+public class CarbonConnection extends URLConnection {
+
+ private static final Log log = LogFactory.getLog(CarbonConnection.class);
+
+ private byte[] buf = null;
+
+ /**
+ * Constructs a URL connection to the specified URL. A connection to
+ * the object referenced by the URL is not created.
+ *
+ * @param url the specified URL.
+ * @param context BundleContext
+ */
+ protected CarbonConnection(URL url, BundleContext context) throws Exception {
+ super(url);
+ ConfigurationContext configContext;
+ configContext = CarbonUIServiceComponent
+ .getConfigurationContextService().getServerConfigContext();
+
+ TransportInDescription httpsInDescription = configContext.getAxisConfiguration().
+ getTransportIn(ServerConstants.HTTPS_TRANSPORT);
+ Parameter proxyParameter = httpsInDescription.getParameter("proxyPort");
+ String httpsProxyPort = null;
+ if (proxyParameter != null && !"-1".equals(proxyParameter.getValue())) {
+ httpsProxyPort = (String) proxyParameter.getValue();
+ }
+
+ TransportInDescription httpInDescription = configContext.getAxisConfiguration().
+ getTransportIn(ServerConstants.HTTP_TRANSPORT);
+ if (httpInDescription != null) {
+ proxyParameter = httpInDescription.getParameter("proxyPort");
+ }
+ String httpProxyPort = null;
+ if (proxyParameter != null && !"-1".equals(proxyParameter.getValue())) {
+ httpProxyPort = (String) proxyParameter.getValue();
+ }
+ try {
+ String servicePath = configContext.getServicePath();
+ String contextRoot = configContext.getContextRoot();
+ contextRoot = contextRoot.equals("/") ? "" : contextRoot;
+ String httpsPort;
+ if (httpsProxyPort != null) {
+ httpsPort = httpsProxyPort;
+ } else {
+ httpsPort =
+ CarbonUtils.
+ getTransportPort(CarbonUIServiceComponent.getConfigurationContextService(),
+ "https") + "";
+ }
+ String httpPort;
+ if (httpProxyPort != null) {
+ httpPort = httpProxyPort;
+ } else {
+ if (httpInDescription != null) {
+ httpPort =
+ CarbonUtils.
+ getTransportPort(CarbonUIServiceComponent.getConfigurationContextService(),
+ "http") + "";
+ } else {
+ httpPort = "-1";
+ }
+ }
+ buf = ("var SERVICE_PATH=\"" + servicePath + "\";\n" +
+ "var ROOT_CONTEXT=\"" + contextRoot + "\";\n" +
+ "var HTTP_PORT=" + httpPort + ";\n" +
+ "var HTTPS_PORT=" + httpsPort + ";\n").getBytes();
+ } catch (Exception e) {
+ String msg = "Error occurred while getting connection properties";
+ log.error(msg, e);
+ }
+ }
+
+ public void connect() throws IOException {
+ //Ignore; no need to have this
+ }
+
+ public InputStream getInputStream() throws IOException {
+// String s = getURL().getPath();
+ return new ByteArrayInputStream(buf);
+ }
+
+ public String getContentType() {
+ return "text/javascript";
+ }
+
+ public int getContentLength() {
+ return buf.length;
+ }
+
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/6b1dba58/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonProtocol.java
----------------------------------------------------------------------
diff --git a/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonProtocol.java b/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonProtocol.java
new file mode 100644
index 0000000..1f6cec6
--- /dev/null
+++ b/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonProtocol.java
@@ -0,0 +1,49 @@
+/*
+ * Copyright 2004,2005 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.wso2.carbon.ui;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.osgi.framework.BundleContext;
+import org.osgi.service.url.AbstractURLStreamHandlerService;
+
+import java.io.IOException;
+import java.net.URL;
+import java.net.URLConnection;
+
+/**
+ *
+ */
+public class CarbonProtocol extends AbstractURLStreamHandlerService {
+
+ private BundleContext context;
+
+ private static final Log log = LogFactory.getLog(CarbonConnection.class);
+
+ public CarbonProtocol(BundleContext context) {
+ this.context = context;
+ }
+
+ public URLConnection openConnection(URL url) throws IOException {
+ try {
+ return new CarbonConnection(url, context);
+ } catch (Exception e) {
+ String msg = "Can't create CarbonConnection. Required Services are not available.";
+ log.error(msg, e);
+ }
+ return null;
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/6b1dba58/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonSSOSessionManager.java
----------------------------------------------------------------------
diff --git a/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonSSOSessionManager.java b/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonSSOSessionManager.java
new file mode 100644
index 0000000..3ab2212
--- /dev/null
+++ b/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonSSOSessionManager.java
@@ -0,0 +1,213 @@
+/*
+ * Copyright (c) 2005-2010, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.wso2.carbon.ui;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import java.util.List;
+import java.util.concurrent.ConcurrentHashMap;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * This class is used to maintain a mapping between the session indexes of the SSO Identity Provider
+ * end and the relying party end. When a user is authenticated and logged-in using SSO, an entry is
+ * added to the validSessionMap where Idp-session-index --> RP-Session-id.
+ *
+ * When he logs out from either of SSO relying party, a SAML2 LogoutRequest is sent to all the
+ * relying party service providers who have established sessions with the Identity Provider at that
+ * moment. When a relying party receives a logout request, it should validate the request and
+ * extract the IdP session index from the request. Then it should identify the sessionId of the
+ * corresponding user which represents the session established at the relying party end. Then it
+ * removes that session from the validSessionMap and includes it to the invalidSessionsMap. So when
+ * a user tries to do some activity thereafter he should be logged-out from the system.
+ *
+ * This class maintains two maps to maintain valid sessions and invalid sessions. This class is
+ * implemented as a singleton because there should be only one SSOSessionManager per instance.
+ */
+public class CarbonSSOSessionManager {
+
+ private static Log log = LogFactory.getLog(CarbonSSOSessionManager.class);
+
+ /**
+ * CarbonSSOSessionManager instance which is used as the singleton instance
+ */
+ private static CarbonSSOSessionManager instance = new CarbonSSOSessionManager();
+
+ /**
+ * This hash map is used to maintain a map of valid sessions. IdpSessionIndex is used as the key
+ * while the RPSessionId is used as the value.
+ */
+ private ConcurrentHashMap<String, String> validSessionMap = new ConcurrentHashMap<String, String>();
+
+ /**
+ * This hash map is used to maintain the invalid sessions. RPSessionIndex is used as the key
+ * while IdpSessionIndex is used as the value.
+ */
+ private ConcurrentHashMap<String, String> invalidSessionsMap = new ConcurrentHashMap<String, String>();
+
+ /**
+ * Private Constructor since we are implementing a Singleton here
+ */
+ private CarbonSSOSessionManager() {
+
+ }
+
+ /**
+ * Get the CarbonSSOSessionManager instance.
+ *
+ * @return CarbonSSOSessionManager instance
+ */
+ public static CarbonSSOSessionManager getInstance() {
+ return instance;
+ }
+
+ /**
+ * Add a new session mapping : IdpSessionIndex --> localSessionId
+ *
+ * @param idPSessionIndex session index sent along in the SAML Response
+ * @param localSessionId id of the current session established locally.
+ */
+ public void addSessionMapping(String idPSessionIndex, String localSessionId) {
+ validSessionMap.put(idPSessionIndex, localSessionId);
+ }
+
+ /**
+ * make a session invalid after receiving the single logout request from the identity provider
+ *
+ * @param idPSessionIndex session index established at the identity provider's end
+ */
+ public void makeSessionInvalid(String idPSessionIndex) {
+ if (validSessionMap.containsKey(idPSessionIndex)) {
+ // add the invalid session to the invalidSessionMap
+ invalidSessionsMap.put(validSessionMap.get(idPSessionIndex), idPSessionIndex);
+ // remove the invalid session from the valid session map
+ validSessionMap.remove(idPSessionIndex);
+ }
+ }
+
+ /**
+ * Check whether a particular session is valid.
+ *
+ * @param localSessionId session id established locally
+ * @return true, if the session is valid, false otherwise
+ */
+ public boolean isSessionValid(String localSessionId) {
+ boolean isSessionValid = true;
+ if (invalidSessionsMap.containsKey(localSessionId)) {
+ isSessionValid = false;
+ }
+ return isSessionValid;
+ }
+
+ /**
+ * Remove invalid session from the invalid session map. This needs to be done before completing
+ * the sign out.
+ *
+ * @param localSessionId SessionId established locally
+ */
+ public void removeInvalidSession(String localSessionId) {
+ if (invalidSessionsMap.containsKey(localSessionId)) {
+ invalidSessionsMap.remove(localSessionId);
+ }
+ }
+
+ /**
+ * This method checks whether the request is for a SSO authentication related page or servlet.
+ * If it is so, the session invalidation should be skipped.
+ *
+ * @param request Request, HTTPServletRequest
+ * @return true, if session invalidation should be skipped.
+ */
+ public boolean skipSSOSessionInvalidation(HttpServletRequest request,
+ CarbonUIAuthenticator uiAuthenticator) {
+
+ String requestedURI = request.getRequestURI();
+
+ if (uiAuthenticator != null) {
+ List<String> skippingUrls = uiAuthenticator.getSessionValidationSkippingUrls();
+ return skip(requestedURI, skippingUrls);
+ } else {
+ return false;
+
+ }
+ }
+
+ /**
+ * Skips authentication for given URI's.
+ *
+ * @param request The request to access a page.
+ * @return <code>true</code> if request doesnt need to authenticate, else <code>false</code>.
+ */
+ public boolean skipAuthentication(HttpServletRequest request) {
+
+ String requestedURI = request.getRequestURI();
+ CarbonUIAuthenticator uiAuthenticator = CarbonUILoginUtil.getAuthenticator(request);
+
+ if (uiAuthenticator != null) {
+ List<String> skippingUrls = uiAuthenticator.getAuthenticationSkippingUrls();
+ return skip(requestedURI, skippingUrls);
+ } else {
+ return false;
+
+ }
+ }
+
+ /**
+ *
+ * @param request
+ * @return
+ */
+ public String getRequestedUrl(HttpServletRequest request, CarbonUIAuthenticator uiAuthenticator) {
+ String requestedURI = request.getRequestURI();
+ boolean skipSessionValidation = skipSSOSessionInvalidation(request, uiAuthenticator);
+ boolean isSessionValid = isSessionValid(request.getSession().getId());
+
+ if (!skipSessionValidation && !isSessionValid) {
+ requestedURI = "/carbon/admin/logout_action.jsp";
+ if(log.isDebugEnabled()) {
+ log.debug("Request URI changed to " + requestedURI);
+ }
+ }
+
+ if (skipSessionValidation && !isSessionValid) {
+ removeInvalidSession(request.getSession().getId());
+ }
+
+ return requestedURI;
+ }
+
+ /**
+ *
+ * @param requestedURI
+ * @param skippingUrls
+ * @return
+ */
+ private boolean skip(String requestedURI, List<String> skippingUrls) {
+
+ for (String skippingUrl : skippingUrls) {
+ if (requestedURI.contains(skippingUrl)) {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/6b1dba58/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonSecuredHttpContext.java
----------------------------------------------------------------------
diff --git a/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonSecuredHttpContext.java b/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonSecuredHttpContext.java
new file mode 100644
index 0000000..1b9e366
--- /dev/null
+++ b/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonSecuredHttpContext.java
@@ -0,0 +1,497 @@
+/*
+ * Copyright (c) 2005-2010, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.wso2.carbon.ui;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.osgi.framework.Bundle;
+import org.osgi.framework.ServiceReference;
+import org.wso2.carbon.CarbonConstants;
+import org.wso2.carbon.core.common.AuthenticationException;
+import org.wso2.carbon.registry.core.Registry;
+import org.wso2.carbon.ui.deployment.beans.CarbonUIDefinitions;
+import org.wso2.carbon.ui.deployment.beans.Context;
+import org.wso2.carbon.ui.internal.CarbonUIServiceComponent;
+import org.wso2.carbon.utils.multitenancy.MultitenantConstants;
+
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.regex.Matcher;
+
+public class CarbonSecuredHttpContext extends SecuredComponentEntryHttpContext {
+
+ public static final String LOGGED_USER = CarbonConstants.LOGGED_USER;
+ public static final String CARBON_AUTHNETICATOR = "CarbonAuthenticator";
+
+ private static final Log log = LogFactory.getLog(CarbonSecuredHttpContext.class);
+ private Bundle bundle = null;
+
+ private HashMap<String, String> httpUrlsToBeByPassed = new HashMap<String, String>();
+ private HashMap<String, String> urlsToBeByPassed = new HashMap<String, String>();
+ private String defaultHomePage;
+ private Context defaultContext;
+
+ /**
+ *
+ * @param bundle
+ * @param s
+ * @param uiResourceRegistry
+ * @param registry
+ */
+ public CarbonSecuredHttpContext(Bundle bundle, String s, UIResourceRegistry uiResourceRegistry,
+ Registry registry) {
+ super(bundle, s, uiResourceRegistry);
+ this.registry = registry;
+ this.bundle = bundle;
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ public boolean handleSecurity(HttpServletRequest request, HttpServletResponse response)
+ throws IOException {
+ String requestedURI = request.getRequestURI();
+
+ // Get the matching CarbonUIAuthenticator. If no match found for the given request, this
+ // will return null.
+ CarbonUIAuthenticator authenticator = CarbonUILoginUtil.getAuthenticator(request);
+
+ // This check is required for Single Logout implementation. If the request is not for SSO
+ // based authentication page or SSO Servlet, then if the session is invalid redirect the
+ // requests to logout_action.jsp.
+ CarbonSSOSessionManager ssoSessionManager = CarbonSSOSessionManager.getInstance();
+ requestedURI = ssoSessionManager.getRequestedUrl(request,authenticator);
+
+ HttpSession session;
+ String sessionId;
+ boolean authenticated = false;
+
+ try {
+ // Get the user's current authenticated session - if any exists.
+ session = request.getSession();
+ sessionId = session.getId();
+ Boolean authenticatedObj = (Boolean) session.getAttribute("authenticated");
+ if (authenticatedObj != null) {
+ authenticated = authenticatedObj.booleanValue();
+ if(log.isDebugEnabled()){
+ log.debug("Is authenticated " + authenticated);
+ }
+ }
+ } catch (Exception e) {
+ log.debug("No session exits");
+ return false;
+ }
+
+ String context = request.getContextPath();
+ if ("/".equals(context)) {
+ context = "";
+ }
+
+ // We eliminate the /tenant/{tenant-domain} from authentications
+ Matcher matcher = CarbonUILoginUtil.getTenantEnabledUriPattern().matcher(requestedURI);
+ if (matcher.matches()) {
+ log.debug("Tenant webapp request " + requestedURI);
+ return CarbonUILoginUtil.escapeTenantWebAppRequests(authenticated, response,
+ requestedURI, context);
+ }
+
+ // TODO: When filtered from a Servlet filter the request uri always contains 2 //, this is a
+ // temporary fix
+ if (requestedURI.indexOf("//") == 0) {
+ requestedURI = requestedURI.substring(1);
+ }
+
+
+ if (httpUrlsToBeByPassed.isEmpty()) {
+ // Populates http urls to be by passed.
+ populatehttpUrlsToBeByPassed();
+ }
+
+ if (requestedURI.equals(context) || requestedURI.equals(context + "/")) {
+ return handleRequestOnContext(request, response);
+ }
+
+ // Storing intermediate value of requestedURI.
+ // This is needed for OpenID authentication later.
+ String tempUrl = requestedURI;
+
+ // When war is deployed on top of an existing app server we cannot use root context
+ // for deployment. Hence a new context is added.Now url changes from eg:
+ // carbon/admin/index.jsp to wso2/carbon/admin/index.jsp In this case before doing anything,
+ // we need to remove web app context (eg: wso2) .
+ CarbonUILoginUtil.addNewContext(requestedURI);
+
+ // Disabling http access to admin console user guide documents should be allowed to access
+ // via http protocol
+ int val = -1;
+ if ((val = allowNonSecuredContent(requestedURI, request, response, authenticated,
+ authenticator)) != CarbonUILoginUtil.CONTINUE) {
+ if (val == CarbonUILoginUtil.RETURN_TRUE) {
+ log.debug("Skipping security check for non secured content. " + requestedURI);
+ return true;
+ } else {
+ log.debug("Security check failed for the resource " + requestedURI);
+ return false;
+ }
+ }
+ // We are allowing requests for .jar/.class resources. Otherwise applets won't get loaded
+ // due to session checks. (applet loading happens over https://)
+ if(requestedURI.endsWith(".jar") || requestedURI.endsWith(".class")) {
+ log.debug("Skipping authentication for .jar files and .class file." + requestedURI);
+ return true;
+ }
+
+
+ String resourceURI = requestedURI.replaceFirst("/carbon/", "../");
+
+ if (log.isDebugEnabled()) {
+ log.debug("CarbonSecuredHttpContext -> handleSecurity() requestURI:" + requestedURI
+ + " id:" + sessionId + " resourceURI:" + resourceURI);
+ }
+
+ if (urlsToBeByPassed.isEmpty()) {
+ // retrieve urls that should be by-passed from security check
+ populateUrlsToBeBypassed();
+ }
+
+ // if the current uri is marked to be by-passed, let it pass through
+ if (isCurrentUrlToBePassed(request, session, resourceURI)) {
+ return true;
+ }
+
+ String indexPageURL = CarbonUIUtil.getIndexPageURL(session.getServletContext(),
+ request.getSession());
+
+ // Reading the requestedURL from the cookie to obtain the request made while not
+ // authanticated; and setting it as the indexPageURL
+ indexPageURL = CarbonUILoginUtil.getIndexPageUrlFromCookie(requestedURI, indexPageURL,
+ request);
+
+ // If a custom index page is used send the login request with the indexpage specified
+ indexPageURL = CarbonUILoginUtil.getCustomIndexPage(request, indexPageURL);
+
+ // Reading home page set on product.xml
+ // If the params in the servletcontext is null get them from the UTIL
+ indexPageURL = updateIndexPageWithHomePage(indexPageURL);
+
+ if ((val = CarbonUILoginUtil.handleLoginPageRequest(requestedURI, request, response,
+ authenticated, context, indexPageURL)) != CarbonUILoginUtil.CONTINUE) {
+ if (val == CarbonUILoginUtil.RETURN_TRUE) {
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ // If authenticator defines to skip URL, return true
+ if (ssoSessionManager.skipAuthentication(request)) {
+ if(log.isDebugEnabled()){
+ log.debug("Skipping security checks for authenticator defined URL " + requestedURI);
+ }
+ return true;
+ }
+
+ // If someone signed in from a tenant, try to access a different tenant domain, he should be
+ // forced to sign out without any prompt Cloud requirement
+ requestedURI = CarbonUILoginUtil.getForcedSignOutRequestedURI(requestedURI, request);
+
+ String contextPath = (request.getContextPath().equals("") || request.getContextPath()
+ .equals("/")) ? "" : request.getContextPath();
+
+ String tenantDomain = (String) session.getAttribute(MultitenantConstants.TENANT_DOMAIN);
+ if (tenantDomain != null && !tenantDomain.equals(MultitenantConstants.SUPER_TENANT_DOMAIN_NAME)) {
+ contextPath += "/" + MultitenantConstants.TENANT_AWARE_URL_PREFIX + "/" + tenantDomain;
+ }
+
+ String httpLogin = request.getParameter("gsHttpRequest");
+
+ boolean skipLoginPage = false;
+
+ // Login page is not required for all the Authenticators.
+ if (authenticator != null
+ && authenticator.skipLoginPage()
+ && requestedURI.indexOf("login_action.jsp") < 0
+ && (requestedURI.endsWith("/carbon/") || (requestedURI.indexOf("/registry/atom") == -1 && requestedURI
+ .endsWith("/carbon")))) {
+ // Add this to session for future use.
+ request.getSession().setAttribute("skipLoginPage", "true");
+ }
+
+ if (request.getSession().getAttribute("skipLoginPage") != null) {
+ if ("true".equals(((String) request.getSession().getAttribute("skipLoginPage")))) {
+ skipLoginPage = true;
+ }
+ }
+
+ if (requestedURI.indexOf("login_action.jsp") > -1 && authenticator != null) {
+ return CarbonUILoginUtil.handleLogin(authenticator, request, response, session,
+ authenticated, contextPath, indexPageURL, httpLogin);
+ } else if (requestedURI.indexOf("logout_action.jsp") > 1) {
+ return CarbonUILoginUtil.handleLogout(authenticator, request, response, session,
+ authenticated, contextPath, indexPageURL, httpLogin);
+ }
+
+ if (requestedURI.endsWith("/carbon/")) {
+ if (skipLoginPage) {
+ response.sendRedirect(contextPath + indexPageURL + "?skipLoginPage=true");
+ } else {
+ response.sendRedirect(contextPath + indexPageURL);
+ }
+ return false;
+ } else if (requestedURI.indexOf("/registry/atom") == -1 && requestedURI.endsWith("/carbon")) {
+ if (skipLoginPage) {
+ response.sendRedirect(contextPath + indexPageURL + "?skipLoginPage=true");
+ } else {
+ response.sendRedirect(contextPath + indexPageURL);
+ }
+ return false;
+ } else if (CarbonUILoginUtil.letRequestedUrlIn(requestedURI, tempUrl)) {
+ return true;
+ } else if (requestedURI.endsWith(".jsp") && authenticated) {
+ return true;
+ }
+
+ if (!authenticated) {
+ if (requestedURI.endsWith("ajaxprocessor.jsp")) {
+ // Prevent login page appearing
+ return true;
+ } else {
+ return CarbonUILoginUtil.saveOriginalUrl(authenticator, request, response, session,
+ skipLoginPage, contextPath, indexPageURL, requestedURI);
+ }
+ }
+ if (request.getSession().isNew()) {
+ if (skipLoginPage) {
+ response.sendRedirect(contextPath + "/carbon/admin/login_action.jsp");
+ } else {
+ response.sendRedirect(contextPath + "/carbon/admin/login.jsp");
+
+ }
+ return false;
+ }
+ return true;
+ }
+
+ /**
+ *
+ * @param indexPageURL
+ * @return
+ */
+ private String updateIndexPageWithHomePage(String indexPageURL) {
+ // If the params in the servletcontext is null get them from the UTIL
+ if (defaultHomePage == null) {
+ defaultHomePage = (String) CarbonUIUtil
+ .getProductParam(CarbonConstants.PRODUCT_XML_WSO2CARBON
+ + CarbonConstants.DEFAULT_HOME_PAGE);
+ }
+
+ if (defaultHomePage != null && defaultHomePage.trim().length() > 0
+ && indexPageURL.contains("/carbon/admin/index.jsp")) {
+ indexPageURL = defaultHomePage;
+ if (!indexPageURL.startsWith("/")) {
+ indexPageURL = "/" + indexPageURL;
+ }
+ }
+
+ return indexPageURL;
+ }
+
+ /**
+ *
+ * @param request
+ * @param session
+ * @param resourceURI
+ * @return
+ */
+ private boolean isCurrentUrlToBePassed(HttpServletRequest request, HttpSession session,
+ String resourceURI) {
+
+ if (!urlsToBeByPassed.isEmpty() && urlsToBeByPassed.containsKey(resourceURI)) {
+ if (log.isDebugEnabled()) {
+ log.debug("By passing authentication check for URI : " + resourceURI);
+ }
+ // Before bypassing, set the backendURL properly so that it doesn't fail
+ String contextPath = request.getContextPath();
+ String backendServerURL = request.getParameter("backendURL");
+ if (backendServerURL == null) {
+ backendServerURL = CarbonUIUtil.getServerURL(session.getServletContext(),
+ request.getSession());
+ }
+ if ("/".equals(contextPath)) {
+ contextPath = "";
+ }
+ backendServerURL = backendServerURL.replace("${carbon.context}", contextPath);
+ session.setAttribute(CarbonConstants.SERVER_URL, backendServerURL);
+ return true;
+ }
+
+ return false;
+ }
+
+ /**
+ *
+ */
+ @SuppressWarnings({ "unchecked", "rawtypes" })
+ private void populateUrlsToBeBypassed() {
+ if (bundle != null && urlsToBeByPassed.isEmpty()) {
+ ServiceReference reference = bundle.getBundleContext().getServiceReference(
+ CarbonUIDefinitions.class.getName());
+ CarbonUIDefinitions carbonUIDefinitions;
+ if (reference != null) {
+ carbonUIDefinitions = (CarbonUIDefinitions) bundle.getBundleContext().getService(
+ reference);
+ if (carbonUIDefinitions != null) {
+ urlsToBeByPassed = carbonUIDefinitions.getUnauthenticatedUrls();
+ }
+ }
+ }
+ }
+
+ /**
+ *
+ * @param requestedURI
+ * @param request
+ * @param response
+ * @param authenticated
+ * @param authenticator
+ * @return
+ * @throws IOException
+ */
+ @SuppressWarnings("deprecation")
+ private int allowNonSecuredContent(String requestedURI, HttpServletRequest request,
+ HttpServletResponse response, boolean authenticated, CarbonUIAuthenticator authenticator)
+ throws IOException {
+ if (!request.isSecure() && !(requestedURI.endsWith(".html"))) {
+
+ // By passing items required for try-it & IDE plugins
+ if (requestedURI.endsWith(".css") || requestedURI.endsWith(".gif")
+ || requestedURI.endsWith(".GIF") || requestedURI.endsWith(".jpg")
+ || requestedURI.endsWith(".JPG") || requestedURI.endsWith(".png")
+ || requestedURI.endsWith(".PNG") || requestedURI.endsWith(".xsl")
+ || requestedURI.endsWith(".xslt") || requestedURI.endsWith(".js")
+ || requestedURI.endsWith(".ico") || requestedURI.endsWith("/filedownload")
+ || requestedURI.endsWith("/fileupload")
+ || requestedURI.contains("/fileupload/")
+ || requestedURI.contains("admin/jsp/WSRequestXSSproxy_ajaxprocessor.jsp")
+ || requestedURI.contains("registry/atom")
+ || requestedURI.contains("registry/tags") || requestedURI.contains("gadgets/")
+ || requestedURI.contains("registry/resource")) {
+ return CarbonUILoginUtil.RETURN_TRUE;
+ }
+
+ String resourceURI = requestedURI.replaceFirst("/carbon/", "../");
+
+ // By passing the pages which are specified as bypass https
+ if (httpUrlsToBeByPassed.containsKey(resourceURI)) {
+ if (!authenticated) {
+ try {
+ Cookie[] cookies = request.getCookies();
+ if (cookies != null) {
+ for (Cookie cookie : cookies) {
+ if (cookie.getName().equals(CarbonConstants.REMEMBER_ME_COOKE_NAME)
+ && authenticator != null) {
+ try {
+ authenticator.authenticateWithCookie(request);
+ } catch (AuthenticationException ignored) {
+ // We can ignore here and proceed with normal login.
+ if (log.isDebugEnabled()) {
+ log.debug(ignored);
+ }
+ }
+ }
+ }
+ }
+ } catch (Exception e) {
+ log.error(e.getMessage(), e);
+ throw new IOException(e.getMessage(), e);
+ }
+ }
+ return CarbonUILoginUtil.RETURN_TRUE;
+ }
+
+ String enableHTTPAdminConsole = CarbonUIServiceComponent.getServerConfiguration()
+ .getFirstProperty(CarbonConstants.ENABLE_HTTP_ADMIN_CONSOLE);
+
+ if (enableHTTPAdminConsole == null || "false".equalsIgnoreCase(enableHTTPAdminConsole.trim())) {
+ String adminConsoleURL = CarbonUIUtil.getAdminConsoleURL(request);
+ if (adminConsoleURL != null) {
+ if (log.isTraceEnabled()) {
+ log.trace("Request came to admin console via http.Forwarding to : "
+ + adminConsoleURL);
+ }
+ response.sendRedirect(adminConsoleURL);
+ return CarbonUILoginUtil.RETURN_FALSE;
+ }
+ }
+ }
+
+ return CarbonUILoginUtil.CONTINUE;
+ }
+
+ /**
+ *
+ * @param request
+ * @param response
+ * @return
+ * @throws IOException
+ */
+ private boolean handleRequestOnContext(HttpServletRequest request, HttpServletResponse response)
+ throws IOException {
+ log.debug("Handling request on context");
+ if (defaultContext != null && !"".equals(defaultContext.getContextName())
+ && !"null".equals(defaultContext.getContextName())) {
+ String adminConsoleURL = CarbonUIUtil.getAdminConsoleURL(request);
+ int index = adminConsoleURL.lastIndexOf("carbon");
+ String defaultContextUrl = adminConsoleURL.substring(0, index)
+ + defaultContext.getContextName() + "/";
+ response.sendRedirect(defaultContextUrl);
+ } else {
+ response.sendRedirect("carbon");
+ }
+ return false;
+ }
+
+ /**
+ *
+ */
+ @SuppressWarnings("unchecked")
+ private void populatehttpUrlsToBeByPassed() {
+ if (bundle != null && httpUrlsToBeByPassed.isEmpty() && defaultContext == null) {
+ @SuppressWarnings("rawtypes")
+ ServiceReference reference = bundle.getBundleContext().getServiceReference(
+ CarbonUIDefinitions.class.getName());
+ CarbonUIDefinitions carbonUIDefinitions;
+ if (reference != null) {
+ carbonUIDefinitions = (CarbonUIDefinitions) bundle.getBundleContext().getService(
+ reference);
+ if (carbonUIDefinitions != null) {
+ httpUrlsToBeByPassed = carbonUIDefinitions.getHttpUrls();
+ if (carbonUIDefinitions.getContexts().containsKey("default-context")) {
+ defaultContext = carbonUIDefinitions.getContexts().get("default-context");
+ }
+
+ }
+ }
+ }
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/6b1dba58/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonUIAuthenticator.java
----------------------------------------------------------------------
diff --git a/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonUIAuthenticator.java b/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonUIAuthenticator.java
new file mode 100644
index 0000000..7a46e2e
--- /dev/null
+++ b/dependencies/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonUIAuthenticator.java
@@ -0,0 +1,123 @@
+/*
+ * Copyright (c) 2005-2010, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
+ *
+ * WSO2 Inc. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.wso2.carbon.ui;
+
+import org.wso2.carbon.core.common.AuthenticationException;
+
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * This is the interface of the Authenticator to Carbon UI framework. Implement this interface in a
+ * bundle and drop-in to the framework and it will be automatically called. The authenticator has
+ * the freedom to decide how it does the authentication.
+ *
+ * When an authentication request is received by the framework each authenticator will be checked to
+ * see who handles the request, i.e. isHandle() method of each authenticator will be called in the
+ * priority order given by the getPriority() method. Highest priority authenticator that returns
+ * true for the isHandle() method will be given the responsibility of authentication.
+ *
+ * Priority is defined as higher the number higher the priority.
+ */
+public interface CarbonUIAuthenticator {
+
+ /**
+ * This method will check whether given request can be handled by the authenticator. If
+ * authenticator is capable of handling given request this method will return <code>true</code>.
+ * Else this will return <code>false</code>.
+ *
+ * @param object The request to authenticate.
+ * @return <code>true</code> if this authenticator can handle the request, else
+ * <code>false</code>.
+ */
+ boolean canHandle(HttpServletRequest request);
+
+ /**
+ * Authenticates the given request.
+ *
+ * @param object The request to be authenticate.
+ * @return <code>true</code> if authentication is successful, else <code>false</code>.
+ * @throws AuthenticationException If an error occurred during authentication process.
+ */
+ void authenticate(HttpServletRequest request) throws AuthenticationException;
+
+ /**
+ * Handles authentication during a session expiration. Usually the request is a cookie.
+ *
+ * @param object The request to be re-authenticated.
+ * @return <code>true</code> if re-authentication is successful, else <code>false</code>.
+ * @throws AuthenticationException If an error occurred during authentication process.
+ */
+ void authenticateWithCookie(HttpServletRequest request) throws AuthenticationException;
+
+ /**
+ * Invalidates the authentication session. TODO why we need this ? An authenticator should not
+ * maintain a session
+ *
+ * @param object The request to invalidate TODO (?)
+ * @throws Exception If an error occurred during authentication process.
+ */
+ void unauthenticate(Object object) throws Exception;
+
+ /**
+ * Gets the authenticator priority.
+ *
+ * @return The integer representing the priority. Higher the value, higher the priority.
+ */
+ int getPriority();
+
+ /**
+ * Returns the name of the authenticator.
+ *
+ * @return The name of the authenticator.
+ */
+ String getAuthenticatorName();
+
+ /**
+ * By default all the authenticators found in the system are enabled. Can use this property to
+ * control default behavior.
+ *
+ * @return <code>true</code> if this authenticator is disabled, else <code>false</code>.
+ */
+ boolean isDisabled();
+
+ /**
+ * Gets a list of urls to skip authentication. Also see
+ * CarbonSecuredHttpContext.skipSSOSessionInvalidation for more information.
+ *
+ * @return A list of urls to skip authentication.
+ */
+ List<String> getAuthenticationSkippingUrls();
+
+ /**
+ * Gets a list of urls to skip session validation. Also see
+ * CarbonSecuredHttpContext.skipSSOSessionInvalidation for more information.
+ *
+ * @return A list of urls to skip session validation.
+ */
+ List<String> getSessionValidationSkippingUrls();
+
+ /**
+ * If Authenticator does not need to have login page - set this to true.
+ *
+ * @return
+ */
+ boolean skipLoginPage();
+
+}