You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by dd...@apache.org on 2009/01/16 11:07:34 UTC
svn commit: r734954 [4/4] - in /portals/jetspeed-2/portal/trunk: ./
applications/jetspeed-demo/ applications/jetspeed-dependencies/ components/
components/jetspeed-db-tools/ components/jetspeed-portal/
components/jetspeed-security/src/main/java/org/apa...
Added: portals/jetspeed-2/portal/trunk/jetspeed-api/src/main/java/org/apache/jetspeed/sso/SSOUserManager.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/jetspeed-api/src/main/java/org/apache/jetspeed/sso/SSOUserManager.java?rev=734954&view=auto
==============================================================================
--- portals/jetspeed-2/portal/trunk/jetspeed-api/src/main/java/org/apache/jetspeed/sso/SSOUserManager.java (added)
+++ portals/jetspeed-2/portal/trunk/jetspeed-api/src/main/java/org/apache/jetspeed/sso/SSOUserManager.java Fri Jan 16 02:07:13 2009
@@ -0,0 +1,129 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+package org.apache.jetspeed.sso;
+
+import java.util.Collection;
+
+import javax.security.auth.Subject;
+
+import org.apache.jetspeed.security.JetspeedPrincipal;
+import org.apache.jetspeed.security.PasswordCredential;
+
+
+/**
+ * @author <a href="mailto:ddam@apache.org">Dennis Dam</a>
+ * @version $Id$
+ */
+public interface SSOUserManager
+{
+
+ /**
+ * Retrieves a single SSO user, given the SSO user's site and name
+ * @param site The SSO Site
+ * @param remoteUserName the name of the SSO user
+ * @return the SSO user
+ */
+ SSOUser getRemoteUser(SSOSite site, String remoteUserName);
+
+ /**
+ * Retrieves all Portal ("local") Principals connected to a given SSO User
+ * @param user the SSO user
+ * @return Portal principals
+ */
+ Collection<JetspeedPrincipal> getPortalPrincipals(SSOUser user);
+
+ /**
+ * Retrieves all SSO Users related to this subject, for the given site. A subject can contain
+ * multiple Portal Principals, each of which can be related to multiple SSO users.
+ * The result of calling this method would be the same as calling getRemoteUsers(SSOSite site, JetspeedPrincipal portalPrincipal)
+ * for every principal in the subject, and aggregating all the SSO users in one collection.
+ * @param site the SSO Site for which to fetch the SSO users
+ * @param subject
+ * @return the collection of SSO users
+ * @throws SSOException
+ */
+ Collection<SSOUser> getRemoteUsers(SSOSite site, Subject subject) throws SSOException;
+
+ /**
+ * Retrieves all SSO users related to the Portal principal, for the given site.
+ * @param site the SSO Site
+ * @param portalPrincipal a Portal principal
+ * @return a collection of SSO users
+ * @throws SSOException
+ */
+ Collection<SSOUser> getRemoteUsers(SSOSite site, JetspeedPrincipal portalPrincipal) throws SSOException;
+
+ /**
+ * Retrieves the credentials for a SSO user
+ * @param user the SSO user for which to return the credential
+ * @return the SSO user's credential
+ * @throws SSOException
+ */
+ PasswordCredential getCredentials(SSOUser user) throws SSOException;
+
+ /**
+ * Retrieves all SSO users which belong to a SSO site
+ * @param site
+ * @return the site's SSO users
+ * @throws SSOException
+ */
+ Collection<SSOUser> getUsersForSite(SSOSite site) throws SSOException;
+
+ /**
+ * Removes the given SSO user
+ * @param remoteUser the SSO user to be removed
+ * @throws SSOException
+ */
+ void removeUser(SSOUser remoteUser) throws SSOException;
+
+ /**
+ * Adds a SSO user within the given SSO site. Each SSO user is 'owned' by exactly one portal principal called the 'owner principal'.
+ * The owner principal will have two associations with the new SSO user: an owner relationship and a usage relationship.
+ * @param site the SSO site for which to add the new user
+ * @param ownerPrincipal the owner Portal principal
+ * @param ssoUsername the name of the new user
+ * @param ssoUserPassword the password of the new user
+ * @return the new SSO user
+ * @throws SSOException
+ */
+ SSOUser addUser(SSOSite site, JetspeedPrincipal ownerPrincipal, String ssoUsername, String ssoUserPassword) throws SSOException;
+
+ /**
+ * Updates a SSO user
+ * @param user the SSO user to be updated
+ * @throws SSOException
+ */
+ void updateUser(SSOUser user) throws SSOException;
+
+ /**
+ * Adds an association between a SSO user and a Portal principal. This will allow the portal principal to 'use' the SSO user
+ * to navigate the SSO site.
+ * @param user a SSO user
+ * @param principal a Portal principal
+ * @throws SSOException
+ */
+ void addAssociation(SSOUser user, JetspeedPrincipal principal) throws SSOException;
+
+ /**
+ * Sets the password for a given SSO user
+ * @param user the SSO user for which to set the password
+ * @param password the new password
+ * @throws SSOException
+ */
+ void setPassword(SSOUser user, String password) throws SSOException;
+
+}
Propchange: portals/jetspeed-2/portal/trunk/jetspeed-api/src/main/java/org/apache/jetspeed/sso/SSOUserManager.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: portals/jetspeed-2/portal/trunk/jetspeed-api/src/main/java/org/apache/jetspeed/sso/SSOUserManager.java
------------------------------------------------------------------------------
svn:keywords = Id
Modified: portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/ddl-schema/security-schema.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/ddl-schema/security-schema.xml?rev=734954&r1=734953&r2=734954&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/ddl-schema/security-schema.xml (original)
+++ portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/ddl-schema/security-schema.xml Fri Jan 16 02:07:13 2009
@@ -152,7 +152,34 @@
<reference foreign="PRINCIPAL_ID" local="PRINCIPAL_ID"/>
</foreign-key>
</table>
+
+ <!--
+ Create SiteTable
+ -->
+ <table name="SSO_SITE">
+ <column name="SITE_ID" primaryKey="true" required="true" type="INTEGER"/>
+ <column name="NAME" required="true" size="254" type="VARCHAR"/>
+ <column name="URL" required="true" size="254" type="VARCHAR"/>
+ <column name="ALLOW_USER_SET" default="0" type="BOOLEANINT"/>
+ <column name="REQUIRES_CERTIFICATE" default="0" type="BOOLEANINT"/>
+ <column name="CHALLENGE_RESPONSE_AUTH" default="0" type="BOOLEANINT"/>
+ <column name="FORM_AUTH" default="0" type="BOOLEANINT"/>
+ <column name="FORM_USER_FIELD" required="false" size="128" type="VARCHAR"/>
+ <column name="FORM_PWD_FIELD" required="false" size="128" type="VARCHAR"/>
+ <column name="REALM" required="false" size="128" type="VARCHAR"/>
+ <column name="DOMAIN_ID" required="true" type="INTEGER"/>
+ <foreign-key foreignTable="SECURITY_DOMAIN" name="FK_SECURITY_DOMAIN_2" onDelete="cascade">
+ <reference foreign="DOMAIN_ID" local="DOMAIN_ID"/>
+ </foreign-key>
+ <unique name="UIX_SITE_NAME">
+ <unique-column name="NAME" />
+ </unique>
+ <unique name="UIX_SITE_URL">
+ <unique-column name="URL" />
+ </unique>
+ </table>
+
<table name="SECURITY_DOMAIN">
<column name="DOMAIN_ID" primaryKey="true" type="INTEGER" autoIncrement="true"/>
<column name="DOMAIN_NAME" type="VARCHAR" size="30"/>
@@ -162,6 +189,9 @@
<unique name="UIX_DOMAIN_NAME">
<unique-column name="DOMAIN_NAME" />
</unique>
+ <!--<foreign-key foreignTable="SECURITY_DOMAIN" name="FK_OWNER_DOMAIN_ID" onDelete="none">
+ <reference foreign="DOMAIN_ID" local="OWNER_DOMAIN_ID"/>
+ </foreign-key>-->
</table>
Modified: portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/jetspeed-services.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/jetspeed-services.xml?rev=734954&r1=734953&r2=734954&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/jetspeed-services.xml (original)
+++ portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/jetspeed-services.xml Fri Jan 16 02:07:13 2009
@@ -47,9 +47,9 @@
<entry key="Profiler">
<ref bean="org.apache.jetspeed.profiler.Profiler" />
</entry>
- <!--<entry key="SSO">
- <ref bean="org.apache.jetspeed.sso.SSOProvider" />
- </entry>-->
+ <entry key="SSO">
+ <ref bean="org.apache.jetspeed.sso.SSOManager" />
+ </entry>
<entry key="EntityAccessor">
<ref bean='org.apache.jetspeed.components.portletentity.PortletEntityAccessComponent' />
</entry>
Modified: portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/security-managers.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/security-managers.xml?rev=734954&r1=734953&r2=734954&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/security-managers.xml (original)
+++ portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/security-managers.xml Fri Jan 16 02:07:13 2009
@@ -283,6 +283,7 @@
<ref bean="org.apache.jetspeed.security.UserManager" />
<ref bean="org.apache.jetspeed.security.GroupManager" />
<ref bean="org.apache.jetspeed.security.RoleManager" />
+ <ref bean="org.apache.jetspeed.sso.spi.SSOUserManagerSPI" />
</set>
</constructor-arg>
</bean>
Modified: portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/sso.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/sso.xml?rev=734954&r1=734953&r2=734954&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/sso.xml (original)
+++ portals/jetspeed-2/portal/trunk/jetspeed-portal-resources/src/main/resources/assembly/sso.xml Fri Jan 16 02:07:13 2009
@@ -15,40 +15,155 @@
See the License for the specific language governing permissions and
limitations under the License.
-->
-<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd">
<!-- SSO Implementation -->
- <!--
- <bean id="PersistenceBrokerSSOProvider" class="org.apache.jetspeed.sso.impl.PersistenceBrokerSSOProvider"
- init-method="init">
- <meta key="j2:cat" value="default" />
+
+ <bean id="org.apache.jetspeed.sso.spi.impl.SSOUserManagerSPIImpl" class="org.apache.jetspeed.sso.spi.impl.SSOUserManagerSPIImpl">
+ <meta key="j2:cat" value="default,security" />
+ <constructor-arg index="0" ref="org.apache.jetspeed.security.JetspeedPrincipalType.sso_user" />
+ <constructor-arg index="1" ref="org.apache.jetspeed.security.spi.JetspeedSecurityPersistenceManager" />
+ <constructor-arg index="2" ref="org.apache.jetspeed.security.spi.JetspeedPrincipalStorageManager" />
+ <constructor-arg index="3" ref="org.apache.jetspeed.security.spi.JetspeedSecurityPersistenceManager" />
+ <constructor-arg index="4" ref="org.apache.jetspeed.security.spi.JetspeedSecurityPersistenceManager" />
+ <constructor-arg index="5" ref="org.apache.jetspeed.security.spi.JetspeedSecurityPersistenceManager" />
+ <constructor-arg index="6" ref="org.apache.jetspeed.security.spi.SecurityDomainAccessManager" />
+ </bean>
+
+ <bean id="org.apache.jetspeed.security.JetspeedPrincipalType.sso_user"
+ class="org.apache.jetspeed.security.impl.JetspeedPrincipalTypeImpl">
+ <meta key="j2:cat" value="default,security" />
+ <constructor-arg index="0" value="sso_user" />
+ <constructor-arg index="1" value="org.apache.jetspeed.sso.impl.SSOUserImpl" />
+ <constructor-arg index="2">
+ <bean class="org.apache.jetspeed.security.impl.SecurityAttributeTypesImpl">
+ <constructor-arg index="0">
+ <value>true</value>
+ </constructor-arg>
+ <constructor-arg index="1">
+ <value>false</value>
+ </constructor-arg>
+ <constructor-arg index="2">
+ <list>
+ <bean class="org.apache.jetspeed.security.impl.SecurityAttributeTypeImpl">
+ <constructor-arg index="0" value="org.apache.jetspeed.user.subsite" />
+ <constructor-arg index="1" value="jetspeed" />
+ </bean>
+ <bean class="org.apache.jetspeed.security.impl.SecurityAttributeTypeImpl">
+ <constructor-arg index="0" value="org.apache.jetspeed.prefered.locale" />
+ <constructor-arg index="1" value="jetspeed" />
+ </bean>
+ <bean class="org.apache.jetspeed.security.impl.SecurityAttributeTypeImpl">
+ <constructor-arg index="0" value="org.apache.jetspeed.sso.user.shared" />
+ <constructor-arg index="1" value="jetspeed" />
+ </bean>
+ <bean class="org.apache.jetspeed.security.impl.SecurityAttributeTypeImpl">
+ <constructor-arg index="0" value="user.name.given" />
+ <constructor-arg index="1" value="info" />
+ </bean>
+ <bean class="org.apache.jetspeed.security.impl.SecurityAttributeTypeImpl">
+ <constructor-arg index="0" value="user.name.family" />
+ <constructor-arg index="1" value="info" />
+ </bean>
+ </list>
+ </constructor-arg>
+ </bean>
+ </constructor-arg>
+ </bean>
+
+ <bean id="org.apache.jetspeed.sso.spi.SSOUserManagerSPI" parent="baseTransactionProxy">
+ <meta key="j2:cat" value="default,security" />
+ <property name="proxyInterfaces">
+ <value>
+ org.apache.jetspeed.sso.spi.SSOUserManagerSPI, org.apache.jetspeed.security.JetspeedPrincipalManager,
+ org.apache.jetspeed.security.spi.JetspeedPrincipalManagerSPI
+ </value>
+ </property>
+ <property name="target">
+ <ref bean="org.apache.jetspeed.sso.spi.impl.SSOUserManagerSPIImpl" />
+ </property>
+ <property name="transactionAttributes">
+ <props>
+ <prop key="get*">PROPAGATION_SUPPORTS</prop>
+ <prop key="lookup*">PROPAGATION_SUPPORTS</prop>
+ <prop key="userExists">PROPAGATION_SUPPORTS</prop>
+ <prop key="*">PROPAGATION_REQUIRED</prop>
+ </props>
+ </property>
+ </bean>
+
+ <bean id="ssoUserIsOwnedByUserAssociationHandler"
+ class="org.apache.jetspeed.sso.impl.IsOwnedByPrincipalAssociationHandler">
+ <meta key="j2:cat" value="default,security" />
+ <constructor-arg index="0" ref="org.apache.jetspeed.sso.spi.SSOUserManagerSPI" />
+ <constructor-arg index="1" ref="org.apache.jetspeed.security.UserManager" />
+ <constructor-arg index="2" ref="org.apache.jetspeed.security.spi.JetspeedPrincipalAssociationStorageManager" />
+ </bean>
+
+ <bean id="ssoUserIsOwnedByGroupAssociationHandler"
+ class="org.apache.jetspeed.sso.impl.IsOwnedByPrincipalAssociationHandler">
+ <meta key="j2:cat" value="default,security" />
+ <constructor-arg index="0" ref="org.apache.jetspeed.sso.spi.SSOUserManagerSPI" />
+ <constructor-arg index="1" ref="org.apache.jetspeed.security.GroupManager" />
+ <constructor-arg index="2" ref="org.apache.jetspeed.security.spi.JetspeedPrincipalAssociationStorageManager" />
+ </bean>
+
+ <bean id="ssoUserIsRelatedToUserAssociationHandler"
+ class="org.apache.jetspeed.sso.impl.IsRemoteIdentityForPrincipalAssociationHandler">
+ <meta key="j2:cat" value="default,security" />
+ <constructor-arg index="0" ref="org.apache.jetspeed.sso.spi.SSOUserManagerSPI" />
+ <constructor-arg index="1" ref="org.apache.jetspeed.security.UserManager" />
+ <constructor-arg index="2" ref="org.apache.jetspeed.security.spi.JetspeedPrincipalAssociationStorageManager" />
+ </bean>
+
+ <bean id="ssoUserIsRelatedGroupAssociationHandler"
+ class="org.apache.jetspeed.sso.impl.IsRemoteIdentityForPrincipalAssociationHandler">
+ <meta key="j2:cat" value="default,security" />
+ <constructor-arg index="0" ref="org.apache.jetspeed.sso.spi.SSOUserManagerSPI" />
+ <constructor-arg index="1" ref="org.apache.jetspeed.security.GroupManager" />
+ <constructor-arg index="2" ref="org.apache.jetspeed.security.spi.JetspeedPrincipalAssociationStorageManager" />
+ </bean>
+
+ <bean id="org.apache.jetspeed.sso.SSOManager" class="org.apache.jetspeed.sso.impl.SSOManagerImpl">
+ <meta key="j2:cat" value="default,security"/>
+ <property name="userManager" ref="org.apache.jetspeed.security.UserManager"/>
+ <property name="SSOUserManagerSPI" ref="org.apache.jetspeed.sso.spi.SSOUserManagerSPI"/>
+ <property name="domainAccessManager" ref="org.apache.jetspeed.security.spi.JetspeedSecurityPersistenceManager"/>
+ <property name="domainStorageManager" ref="org.apache.jetspeed.security.spi.SecurityDomainStorageManager"/>
+ <property name="SSOSiteManagerSPI" ref="org.apache.jetspeed.sso.spi.SSOSiteManagerSPI"/>
+ </bean>
+
+ <bean id="PersistenceBrokerSSOSiteManager"
+ class="org.apache.jetspeed.sso.spi.impl.JetspeedPersistentSSOSiteManager" init-method="init">
+ <meta key="j2:cat" value="default,security"/>
<constructor-arg index="0">
- <value>JETSPEED-INF/ojb/sso_repository.xml</value>
+ <value>JETSPEED-INF/ojb/sso_repository.xml</value>
</constructor-arg>
- </bean>
-
- <bean id="org.apache.jetspeed.sso.SSOProvider" parent="baseTransactionProxy" name="ssoProvider">
- <meta key="j2:cat" value="default" />
+ </bean>
+
+ <bean id="org.apache.jetspeed.sso.spi.SSOSiteManagerSPI" parent="baseTransactionProxy" name="ssoSiteManager">
+ <meta key="j2:cat" value="default,security"/>
<property name="proxyInterfaces">
- <value>org.apache.jetspeed.sso.SSOProvider</value>
+ <value>org.apache.jetspeed.sso.spi.SSOSiteManagerSPI</value>
</property>
-
+
<property name="target">
- <ref bean="PersistenceBrokerSSOProvider" />
+ <ref bean="PersistenceBrokerSSOSiteManager"/>
</property>
<property name="transactionAttributes">
- <props>
- <prop key="addSite*">PROPAGATION_REQUIRED</prop>
- <prop key="updateSite*">PROPAGATION_REQUIRED</prop>
- <prop key="removeSite">PROPAGATION_REQUIRED</prop>
- <prop key="addCredentialsForSite">PROPAGATION_REQUIRED</prop>
- <prop key="updateCredentialsForSite">PROPAGATION_REQUIRED</prop>
- <prop key="removeCredentialsForSite">PROPAGATION_REQUIRED</prop>
- <prop key="setRealmForSite">PROPAGATION_REQUIRED</prop>
- <prop key="*">PROPAGATION_SUPPORTS</prop>
- </props>
+ <props>
+ <prop key="addSite*">PROPAGATION_REQUIRED</prop>
+ <prop key="updateSite*">PROPAGATION_REQUIRED</prop>
+ <prop key="removeSite">PROPAGATION_REQUIRED</prop>
+ <prop key="addCredentialsForSite">PROPAGATION_REQUIRED</prop>
+ <prop key="updateCredentialsForSite">PROPAGATION_REQUIRED</prop>
+ <prop key="removeCredentialsForSite">PROPAGATION_REQUIRED</prop>
+ <prop key="setRealmForSite">PROPAGATION_REQUIRED</prop>
+ <prop key="*">PROPAGATION_SUPPORTS</prop>
+ </props>
</property>
-
- </bean>-->
-</beans>
\ No newline at end of file
+
+ </bean>
+</beans>
Modified: portals/jetspeed-2/portal/trunk/pom.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/pom.xml?rev=734954&r1=734953&r2=734954&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/pom.xml (original)
+++ portals/jetspeed-2/portal/trunk/pom.xml Fri Jan 16 02:07:13 2009
@@ -472,13 +472,11 @@
<artifactId>jetspeed-portlet-factory</artifactId>
<version>${pom.version}</version>
</dependency>
- <!-- Commenting out SSO module for now
<dependency>
<groupId>org.apache.portals.jetspeed-2</groupId>
<artifactId>jetspeed-sso</artifactId>
<version>${pom.version}</version>
</dependency>
- -->
<dependency>
<groupId>org.apache.portals.jetspeed-2</groupId>
<artifactId>jetspeed-statistics</artifactId>
@@ -552,7 +550,7 @@
<version>${pom.version}</version>
</dependency>
<dependency>
- <groupId>org.apache.portals.jetspeed-2</groupId>
+ <groupId>org.apache.portals.applications</groupId>
<artifactId>demo</artifactId>
<type>war</type>
<version>${pom.version}</version>
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org