You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@roller.apache.org by sn...@apache.org on 2007/09/25 20:07:07 UTC
svn commit: r579335 - in /roller/branches/roller_4.1_dev/apps/weblogger:
src/java/org/apache/roller/weblogger/config/
src/java/org/apache/roller/weblogger/ui/core/
src/java/org/apache/roller/weblogger/ui/core/security/
src/java/org/apache/roller/weblog...
Author: snoopdave
Date: Tue Sep 25 11:07:03 2007
New Revision: 579335
URL: http://svn.apache.org/viewvc?rev=579335&view=rev
Log:
Optional CMA patch from Shing Wai Chan
Added:
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/CmaRollerContext.java
Modified:
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/config/roller.properties
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/RollerSession.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/security/AutoProvision.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/security/BasicUserAutoProvision.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/ModifyUser.java
roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/core/Register.java
roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/jsps/core/Login.jsp
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/config/roller.properties
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/config/roller.properties?rev=579335&r1=579334&r2=579335&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/config/roller.properties (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/config/roller.properties Tue Sep 25 11:07:03 2007
@@ -358,6 +358,9 @@
passwds.encryption.enabled=true
passwds.encryption.algorithm=SHA
+# Enable container managed authentication
+authentication.cma.enabled=false
+
# Role to globbal permissions mappings
role.names=anonymous,editor,admin
role.action.anonymous=comment
Added: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/CmaRollerContext.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/CmaRollerContext.java?rev=579335&view=auto
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/CmaRollerContext.java (added)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/CmaRollerContext.java Tue Sep 25 11:07:03 2007
@@ -0,0 +1,45 @@
+/*
+ * Copyright 2007 Sun Microsystems, Inc. All rights reserved.
+ * Use is subject to license terms.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you
+ * may not use this file except in compliance with the License. You may
+ * obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.roller.weblogger.ui.core;
+
+import javax.servlet.ServletContext;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+
+/**
+ * Initialize the Roller web application/context for container managed
+ * authentication.
+ *
+ * @author Shing Wai Chan
+ */
+public class CmaRollerContext extends RollerContext {
+
+ private static Log log = LogFactory.getLog(CmaRollerContext.class);
+
+ public CmaRollerContext() {
+ super();
+ }
+
+ /**
+ * Setup Acegi security features.
+ */
+ protected void initializeSecurityFeatures(ServletContext context) {
+ // no need to setup Acegi security
+ }
+}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/RollerSession.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/RollerSession.java?rev=579335&r1=579334&r2=579335&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/RollerSession.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/RollerSession.java Tue Sep 25 11:07:03 2007
@@ -82,7 +82,7 @@
// provisioning enabled, get provisioner and execute
AutoProvision provisioner = RollerContext.getAutoProvision();
if(provisioner != null) {
- boolean userProvisioned = provisioner.execute();
+ boolean userProvisioned = provisioner.execute(request);
if(userProvisioned) {
// try lookup again real quick
user = umgr.getUserByUserName(principal.getName());
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/security/AutoProvision.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/security/AutoProvision.java?rev=579335&r1=579334&r2=579335&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/security/AutoProvision.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/security/AutoProvision.java Tue Sep 25 11:07:03 2007
@@ -17,8 +17,10 @@
*/
package org.apache.roller.weblogger.ui.core.security;
+import javax.servlet.http.HttpServletRequest;
+
public interface AutoProvision {
- public boolean execute();
+ public boolean execute(HttpServletRequest request);
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/security/BasicUserAutoProvision.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/security/BasicUserAutoProvision.java?rev=579335&r1=579334&r2=579335&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/security/BasicUserAutoProvision.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/security/BasicUserAutoProvision.java Tue Sep 25 11:07:03 2007
@@ -17,6 +17,8 @@
*/
package org.apache.roller.weblogger.ui.core.security;
+import javax.servlet.http.HttpServletRequest;
+
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.roller.weblogger.WebloggerException;
@@ -37,8 +39,8 @@
*
* @see org.apache.roller.weblogger.ui.core.security.AutoProvision#execute()
*/
- public boolean execute() {
- User ud = CustomUserRegistry.getUserDetailsFromAuthentication();
+ public boolean execute(HttpServletRequest request) {
+ User ud = CustomUserRegistry.getUserDetailsFromAuthentication(request);
if(ud != null) {
UserManager mgr;
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java?rev=579335&r1=579334&r2=579335&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java Tue Sep 25 11:07:03 2007
@@ -18,11 +18,13 @@
package org.apache.roller.weblogger.ui.core.security;
import java.util.Locale;
+import java.util.Set;
import java.util.TimeZone;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
+import javax.servlet.http.HttpServletRequest;
import org.acegisecurity.Authentication;
import org.acegisecurity.context.SecurityContextHolder;
@@ -39,21 +41,24 @@
*/
public class CustomUserRegistry {
- private static Log log = LogFactory.getLog(CustomUserRegistry.class);
-
- private static String DEFAULT_SNAME_LDAP_ATTRIBUTE = "screenname";
- private static String DEFAULT_NAME_LDAP_ATTRIBUTE = "cn";
- private static String DEFAULT_EMAIL_LDAP_ATTRIBUTE = "mail";
- private static String DEFAULT_LOCALE_LDAP_ATTRIBUTE = "locale";
- private static String DEFAULT_TIMEZONE_LDAP_ATTRIBUTE = "timezone";
-
- private static String SNAME_LDAP_PROPERTY = "users.sso.registry.ldap.attributes.screenname";
- private static String NAME_LDAP_PROPERTY = "users.sso.registry.ldap.attributes.name";
- private static String EMAIL_LDAP_PROPERTY = "users.sso.registry.ldap.attributes.email";
- private static String LOCALE_LDAP_PROPERTY = "users.sso.registry.ldap.attributes.locale";
- private static String TIMEZONE_LDAP_PROPERTY = "users.sso.registry.ldap.attributes.timezone";
+ private static final Log log = LogFactory.getLog(CustomUserRegistry.class);
+
+ private static final String DEFAULT_SNAME_LDAP_ATTRIBUTE = "screenname";
+ private static final String DEFAULT_UID_LDAP_ATTRIBUTE = "uid";
+ private static final String DEFAULT_NAME_LDAP_ATTRIBUTE = "cn";
+ private static final String DEFAULT_EMAIL_LDAP_ATTRIBUTE = "mail";
+ private static final String DEFAULT_LOCALE_LDAP_ATTRIBUTE = "locale";
+ private static final String DEFAULT_TIMEZONE_LDAP_ATTRIBUTE = "timezone";
- public static User getUserDetailsFromAuthentication() {
+ private static final String SNAME_LDAP_PROPERTY = "users.sso.registry.ldap.attributes.screenname";
+ private static final String UID_LDAP_PROPERTY = "users.sso.registry.ldap.attributes.uid";
+ private static final String NAME_LDAP_PROPERTY = "users.sso.registry.ldap.attributes.name";
+ private static final String EMAIL_LDAP_PROPERTY = "users.sso.registry.ldap.attributes.email";
+ private static final String LOCALE_LDAP_PROPERTY = "users.sso.registry.ldap.attributes.locale";
+ private static final String TIMEZONE_LDAP_PROPERTY = "users.sso.registry.ldap.attributes.timezone";
+
+ public static User getUserDetailsFromAuthentication(HttpServletRequest request) {
+
boolean usingSSO = WebloggerConfig.getBooleanProperty("users.sso.enabled");
if(!usingSSO) {
log.info("SSO is not enabled. Skipping CustomUserRegistry functionality.");
@@ -62,82 +67,107 @@
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+ User ud = new User();
+ // setting default
+ ud.setId(null);
+ ud.setLocale(Locale.getDefault().toString());
+ ud.setTimeZone(TimeZone.getDefault().getID());
+ ud.setDateCreated(new java.util.Date());
+
+ String userName = null;
+ String password = null;
+ String fullName = null;
+ String email = null;
+ String screenName = null;
+ String locale = null;
+ String timezone = null;
+ boolean enabled = false;
+
if(authentication == null) {
- log.warn("No Authentication found in SecurityContextHolder.");
- return null;
- }
+ // Try to get SSO data from HttpServletRequest
+ userName = getRequestAttribute(request, WebloggerConfig.getProperty(UID_LDAP_PROPERTY, DEFAULT_SNAME_LDAP_ATTRIBUTE));
+
+ screenName = getRequestAttribute(request, WebloggerConfig.getProperty(SNAME_LDAP_PROPERTY, DEFAULT_SNAME_LDAP_ATTRIBUTE));
+
+ fullName = getRequestAttribute(request, WebloggerConfig.getProperty(NAME_LDAP_PROPERTY, DEFAULT_NAME_LDAP_ATTRIBUTE));
+
+ email = getRequestAttribute(request, WebloggerConfig.getProperty(EMAIL_LDAP_PROPERTY, DEFAULT_EMAIL_LDAP_ATTRIBUTE));
+
+ locale = getRequestAttribute(request, WebloggerConfig.getProperty(LOCALE_LDAP_PROPERTY, DEFAULT_LOCALE_LDAP_ATTRIBUTE));
+
+ timezone = getRequestAttribute(request, WebloggerConfig.getProperty(TIMEZONE_LDAP_PROPERTY, DEFAULT_TIMEZONE_LDAP_ATTRIBUTE));
+
+
+ if (userName == null && fullName == null && screenName == null &&
+ email == null && locale == null && timezone == null) {
+
+ log.warn("No Authentication found in SecurityContextHolder and HttpServletRequest.");
+ return null;
+ } else {
+ enabled = true;
+ }
+ } else {
- Object oPrincipal = authentication.getPrincipal();
+ Object oPrincipal = authentication.getPrincipal();
- if(oPrincipal == null) {
- log.warn("Principal is null. Skipping auto-registration.");
- return null;
- }
+ if(oPrincipal == null) {
+ log.warn("Principal is null. Skipping auto-registration.");
+ return null;
+ }
- if (!(oPrincipal instanceof UserDetails)) {
- log.warn("Unsupported Principal type in Authentication. Skipping auto-registration.");
- return null;
- }
+ if (!(oPrincipal instanceof UserDetails)) {
+ log.warn("Unsupported Principal type in Authentication. Skipping auto-registration.");
+ return null;
+ }
- UserDetails userDetails = (UserDetails) oPrincipal;
+ UserDetails userDetails = (UserDetails) oPrincipal;
- String userName = userDetails.getUsername();
- String password = userDetails.getPassword();
- boolean enabled = userDetails.isEnabled();
+ userName = userDetails.getUsername();
+ password = userDetails.getPassword();
+ enabled = userDetails.isEnabled();
- User ud = new User();
- ud.setId(null);
- ud.setUserName(userName);
+ if(userDetails instanceof RollerUserDetails) {
+ RollerUserDetails rollerDetails = (RollerUserDetails) userDetails;
+
+ screenName = rollerDetails.getScreenName();
+ fullName = rollerDetails.getFullName();
+ email = rollerDetails.getEmailAddress();
+ locale = rollerDetails.getLocale();
+ timezone = rollerDetails.getTimeZone();
+
+ } else if(userDetails instanceof LdapUserDetails) {
+ LdapUserDetails ldapDetails = (LdapUserDetails) userDetails;
+
+ Attributes attributes = ldapDetails.getAttributes();
+ screenName = getLdapAttribute(attributes, WebloggerConfig.getProperty(SNAME_LDAP_PROPERTY, DEFAULT_SNAME_LDAP_ATTRIBUTE));
+ fullName = getLdapAttribute(attributes, WebloggerConfig.getProperty(NAME_LDAP_PROPERTY, DEFAULT_NAME_LDAP_ATTRIBUTE));
+ email = getLdapAttribute(attributes, WebloggerConfig.getProperty(EMAIL_LDAP_PROPERTY, DEFAULT_EMAIL_LDAP_ATTRIBUTE));
+ locale = getLdapAttribute(attributes, WebloggerConfig.getProperty(LOCALE_LDAP_PROPERTY, DEFAULT_LOCALE_LDAP_ATTRIBUTE));
+ timezone = getLdapAttribute(attributes, WebloggerConfig.getProperty(TIMEZONE_LDAP_PROPERTY, DEFAULT_TIMEZONE_LDAP_ATTRIBUTE));
+
+ }
+ }
+
boolean storePassword = WebloggerConfig.getBooleanProperty("users.sso.passwords.save");
if(!storePassword) {
password = WebloggerConfig.getProperty("users.sso.passwords.defaultValue","<unknown>");
}
+
ud.setPassword(password);
ud.setEnabled(enabled ? Boolean.TRUE : Boolean.FALSE);
- ud.setLocale(Locale.getDefault().toString());
- ud.setTimeZone(TimeZone.getDefault().getID());
- ud.setDateCreated(new java.util.Date());
-
- if(userDetails instanceof RollerUserDetails) {
- RollerUserDetails rollerDetails = (RollerUserDetails) userDetails;
-
- ud.setScreenName(rollerDetails.getScreenName());
-
- ud.setFullName(rollerDetails.getFullName());
- //TODO: Bug here as setting email addy to a full name value?
- ud.setEmailAddress(rollerDetails.getFullName());
- if(rollerDetails.getTimeZone() != null) {
- ud.setTimeZone(rollerDetails.getTimeZone());
- }
-
- if(rollerDetails.getLocale() != null) {
- ud.setLocale(rollerDetails.getLocale());
- }
-
- } else if(userDetails instanceof LdapUserDetails) {
- LdapUserDetails ldapDetails = (LdapUserDetails) userDetails;
- Attributes attributes = ldapDetails.getAttributes();
- String sname = getLdapAttribute(attributes, WebloggerConfig.getProperty(SNAME_LDAP_PROPERTY, DEFAULT_SNAME_LDAP_ATTRIBUTE));
- String name = getLdapAttribute(attributes, WebloggerConfig.getProperty(NAME_LDAP_PROPERTY, DEFAULT_NAME_LDAP_ATTRIBUTE));
- String email = getLdapAttribute(attributes, WebloggerConfig.getProperty(EMAIL_LDAP_PROPERTY, DEFAULT_EMAIL_LDAP_ATTRIBUTE));
-
- ud.setScreenName(sname);
- ud.setFullName(name);
- ud.setEmailAddress(email);
-
- String locale = getLdapAttribute(attributes, WebloggerConfig.getProperty(LOCALE_LDAP_PROPERTY, DEFAULT_LOCALE_LDAP_ATTRIBUTE));
- String timezone = getLdapAttribute(attributes, WebloggerConfig.getProperty(TIMEZONE_LDAP_PROPERTY, DEFAULT_TIMEZONE_LDAP_ATTRIBUTE));
-
- if(locale != null) {
- ud.setLocale(locale);
- }
- if(timezone != null) {
- ud.setTimeZone(timezone);
- }
+ ud.setUserName(userName);
+ ud.setFullName(fullName);
+ ud.setEmailAddress(email);
+ ud.setScreenName(screenName);
+ if (locale != null) {
+ ud.setLocale(locale);
}
-
+ if (timezone != null) {
+ ud.setTimeZone(timezone);
+ }
+
return ud;
}
@@ -164,6 +194,22 @@
}
return oValue.toString();
+ }
+
+ private static String getRequestAttribute(HttpServletRequest request, String attributeName) {
+
+ String attr = null;
+ Object attrObj = request.getAttribute(attributeName);
+ if (attrObj instanceof String) {
+ attr = (String)attrObj;
+ } else if (attrObj instanceof Set) {
+ Set attrSet = (Set)attrObj;
+ if (!attrSet.isEmpty()) {
+ attr = (String)attrSet.iterator().next();
+ }
+ }
+
+ return attr;
}
}
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/ModifyUser.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/ModifyUser.java?rev=579335&r1=579334&r2=579335&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/ModifyUser.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/admin/ModifyUser.java Tue Sep 25 11:07:03 2007
@@ -24,6 +24,7 @@
import org.apache.roller.weblogger.WebloggerException;
import org.apache.roller.weblogger.business.WebloggerFactory;
import org.apache.roller.weblogger.business.UserManager;
+import org.apache.roller.weblogger.config.WebloggerConfig;
import org.apache.roller.weblogger.pojos.User;
import org.apache.roller.weblogger.ui.core.RollerContext;
import org.apache.roller.weblogger.ui.struts2.util.UIAction;
@@ -35,6 +36,8 @@
public class ModifyUser extends UIAction {
private static Log log = LogFactory.getLog(ModifyUser.class);
+
+ private static final boolean isCMA = WebloggerConfig.getBooleanProperty("authentication.cma.enabled");
// user we are modifying
private User user = new User();
@@ -150,7 +153,9 @@
}
- RollerContext.flushAuthenticationUserCache(getUser().getUserName());
+ if (!isCMA) {
+ RollerContext.flushAuthenticationUserCache(getUser().getUserName());
+ }
// save the updated profile
mgr.saveUser(getUser());
Modified: roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/core/Register.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/core/Register.java?rev=579335&r1=579334&r2=579335&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/core/Register.java (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/core/Register.java Tue Sep 25 11:07:03 2007
@@ -90,7 +90,8 @@
// and retrieve custom user data to pre-populate form.
boolean usingSSO = WebloggerConfig.getBooleanProperty("users.sso.enabled");
if(usingSSO) {
- User fromSSO = CustomUserRegistry.getUserDetailsFromAuthentication();
+ User fromSSO = CustomUserRegistry.getUserDetailsFromAuthentication(getServletRequest());
+
if(fromSSO != null) {
getBean().copyFrom(fromSSO);
setFromSS0(true);
@@ -245,7 +246,8 @@
boolean usingSSO = WebloggerConfig.getBooleanProperty("users.sso.enabled");
if(usingSSO) {
boolean storePassword = WebloggerConfig.getBooleanProperty("users.sso.passwords.saveInRollerDb");
- User fromSSO = CustomUserRegistry.getUserDetailsFromAuthentication();
+ User fromSSO = CustomUserRegistry.getUserDetailsFromAuthentication(getServletRequest());
+
if(fromSSO != null) {
String password = WebloggerConfig.getProperty("users.sso.passwords.defaultValue", "<unknown>");
if(storePassword) {
Modified: roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/jsps/core/Login.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/jsps/core/Login.jsp?rev=579335&r1=579334&r2=579335&view=diff
==============================================================================
--- roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/jsps/core/Login.jsp (original)
+++ roller/branches/roller_4.1_dev/apps/weblogger/web/WEB-INF/jsps/core/Login.jsp Tue Sep 25 11:07:03 2007
@@ -17,13 +17,26 @@
-->
<%-- Body of the login page, invoked from login.jsp --%>
-
+<%@ page import="org.apache.roller.weblogger.config.WebloggerConfig" %>
<%@ include file="/WEB-INF/jsps/taglibs-struts2.jsp" %>
+<%!
+String securityCheckUrl = null;
+boolean cmaEnabled = WebloggerConfig.getBooleanProperty("authentication.cma.enabled");
+%>
+
+<%
+if (cmaEnabled) {
+ securityCheckUrl = "/j_security_check";
+} else {
+ securityCheckUrl = "/roller_j_security_check";
+}
+%>
+
<p><s:text name="loginPage.prompt" /></p>
<form method="post" id="loginForm"
- action="<c:url value="/roller_j_security_check"/>"
+ action="<c:url value="<%= securityCheckUrl %>"/>"
onsubmit="saveUsername(this)">
<table>