You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by bd...@apache.org on 2009/06/09 12:38:06 UTC

svn commit: r782948 - in /incubator/sling/trunk/bundles: engine/src/main/java/org/apache/sling/engine/impl/auth/ extensions/httpauth/src/main/java/org/apache/sling/httpauth/impl/ extensions/httpauth/src/main/resources/org/apache/sling/httpauth/impl/

Author: bdelacretaz
Date: Tue Jun  9 10:38:06 2009
New Revision: 782948

URL: http://svn.apache.org/viewvc?rev=782948&view=rev
Log:
SLING-998 - redirect to /system/sling/login if not authenticated and anonymous session not allowed

Added:
    incubator/sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/auth/LoginServlet.java
      - copied, changed from r782913, incubator/sling/trunk/bundles/extensions/httpauth/src/main/java/org/apache/sling/httpauth/impl/LoginServlet.java
Removed:
    incubator/sling/trunk/bundles/extensions/httpauth/src/main/java/org/apache/sling/httpauth/impl/LoginServlet.java
Modified:
    incubator/sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/auth/SlingAuthenticator.java
    incubator/sling/trunk/bundles/extensions/httpauth/src/main/resources/org/apache/sling/httpauth/impl/LoginFormTemplate.html

Copied: incubator/sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/auth/LoginServlet.java (from r782913, incubator/sling/trunk/bundles/extensions/httpauth/src/main/java/org/apache/sling/httpauth/impl/LoginServlet.java)
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/auth/LoginServlet.java?p2=incubator/sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/auth/LoginServlet.java&p1=incubator/sling/trunk/bundles/extensions/httpauth/src/main/java/org/apache/sling/httpauth/impl/LoginServlet.java&r1=782913&r2=782948&rev=782948&view=diff
==============================================================================
--- incubator/sling/trunk/bundles/extensions/httpauth/src/main/java/org/apache/sling/httpauth/impl/LoginServlet.java (original)
+++ incubator/sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/auth/LoginServlet.java Tue Jun  9 10:38:06 2009
@@ -16,7 +16,7 @@
  * specific language governing permissions and limitations
  * under the License.
  */
-package org.apache.sling.httpauth.impl;
+package org.apache.sling.engine.impl.auth;
 
 import java.io.IOException;
 
@@ -31,13 +31,13 @@
 import org.slf4j.LoggerFactory;
 
 /**
- * The <code>LoginServlet</code> TODO
+ * The <code>LoginServlet</code> lets the Authenticator
+ * do the login.
  * 
  * @scr.component metatype="no"
  * @scr.service interface="javax.servlet.Servlet"
  * @scr.property name="service.description" value="HTTP Header Login Servlet"
  * @scr.property name="service.vendor" value="The Apache Software Foundation"
- * @scr.property name="sling.servlet.paths" value="/system/sling/login"
  * @scr.property name="sling.servlet.methods" values.0="GET" values.1="POST"
  */
 public class LoginServlet extends SlingAllMethodsServlet {
@@ -51,6 +51,11 @@
     /** @scr.reference cardinality="0..1" policy="dynamic" */
     private Authenticator authenticator;
 
+    /** The servlet is registered on this path, and the authenticator allows
+     *  any requests to that path, without authentication
+     *  @scr.property name="sling.servlet.paths" */
+    public static final String LOGIN_SERVLET_PATH = "/system/sling/login";
+
     @Override
     protected void doGet(SlingHttpServletRequest request,
             SlingHttpServletResponse response) throws IOException {

Modified: incubator/sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/auth/SlingAuthenticator.java
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/auth/SlingAuthenticator.java?rev=782948&r1=782947&r2=782948&view=diff
==============================================================================
--- incubator/sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/auth/SlingAuthenticator.java (original)
+++ incubator/sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/auth/SlingAuthenticator.java Tue Jun  9 10:38:06 2009
@@ -84,7 +84,7 @@
     /**
      * The name of the request attribute containing the AuthenticationHandler
      * which authenticated the current request. If the request is authenticated
-     * through a session, this is the handler, which iinitially authenticated
+     * through a session, this is the handler, which initially authenticated
      * the user.
      */
     public static final String REQUEST_ATTRIBUTE_HANDLER = "org.apache.sling.engine.impl.auth.authentication_handler";
@@ -495,11 +495,15 @@
         return null;
     }
 
-    // TODO
+    /** Try to acquire an anonymous Session */
     private boolean getAnonymousSession(HttpServletRequest req,
             HttpServletResponse res) throws MissingRepositoryException {
-        // login anonymously, log the exact cause in case of failure
-        if (this.anonymousAllowed) {
+
+        final boolean isLoginPath = LoginServlet.LOGIN_SERVLET_PATH.equals(req.getPathInfo()); 
+          
+        // Get an anonymous session if allowed, or if we are handling
+        // a request for the login servlet
+        if (this.anonymousAllowed || isLoginPath) {
             try {
                 Session session = getRepository().login();
                 setAttributes(session, null, req);
@@ -509,18 +513,23 @@
                 handleLoginFailure(req, res, re);
                 return false;
             }
-        }
+        } 
 
-        // request authentication now, and fail if not possible
-        log.debug("getAnonymousSession: Anonymous access not allowed by configuration");
-        login(req, res);
+        // If we get here, anonymous access is not allowed: redirect
+        // to the login servlet
+        log.debug("getAnonymousSession: Anonymous access not allowed by configuration - redirecting to login form");
+        try {
+          res.sendRedirect(req.getContextPath() + LoginServlet.LOGIN_SERVLET_PATH);
+        } catch(IOException ioe) {
+          handleLoginFailure(req, res, ioe);
+        }
 
         // fallback to no session
         return false;
     }
 
     private void handleLoginFailure(HttpServletRequest request,
-            HttpServletResponse response, RepositoryException reason) {
+            HttpServletResponse response, Exception reason) {
 
         if (reason instanceof TooManySessionsException) {
 

Modified: incubator/sling/trunk/bundles/extensions/httpauth/src/main/resources/org/apache/sling/httpauth/impl/LoginFormTemplate.html
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/bundles/extensions/httpauth/src/main/resources/org/apache/sling/httpauth/impl/LoginFormTemplate.html?rev=782948&r1=782947&r2=782948&view=diff
==============================================================================
--- incubator/sling/trunk/bundles/extensions/httpauth/src/main/resources/org/apache/sling/httpauth/impl/LoginFormTemplate.html (original)
+++ incubator/sling/trunk/bundles/extensions/httpauth/src/main/resources/org/apache/sling/httpauth/impl/LoginFormTemplate.html Tue Jun  9 10:38:06 2009
@@ -30,10 +30,10 @@
 }
 
 #main {
-    border: 1px solid black;
+    border: 1px solid gray;
     margin-top: 25%;
     margin-left: 25%;
-    width: 220px;
+    width: 400px;
     padding: 10px;
 }
 
@@ -136,10 +136,10 @@
 <form name='login' onsubmit='return loginuser()'>
 <table align='center'>
   <tr>
-    <td colspan='2' align='center'>You are not currently logged in</td>
+    <td colspan='2' align='left'>You are not currently logged in</td>
   </tr>
   <tr>
-    <td>Name</td>
+    <td>Username</td>
     <td><input type='text' name='usr' /></td>
   </tr>
   <tr>