You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by wo...@apache.org on 2009/09/28 14:38:27 UTC
svn commit: r819511 [1/3] - in
/portals/jetspeed-2/applications/j2-admin/trunk: ./
src/main/java/org/apache/jetspeed/portlets/sso/ src/main/webapp/WEB-INF/
src/main/webapp/WEB-INF/conf/
Author: woonsan
Date: Mon Sep 28 12:38:26 2009
New Revision: 819511
URL: http://svn.apache.org/viewvc?rev=819511&view=rev
Log:
JS2-1071: Adding sso reverse proxy iframe portlet.
Also, 2-spaces-based-indentation in web.xml and portlet.xml files.
Added:
portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/DefaultSSOSiteCredentialsProviderImpl.java (with props)
portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOReverseProxyIFramePortlet.java (with props)
portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/conf/reverseproxy.properties (with props)
Modified:
portals/jetspeed-2/applications/j2-admin/trunk/pom.xml
portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/portlet.xml
portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/web.xml
Modified: portals/jetspeed-2/applications/j2-admin/trunk/pom.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/pom.xml?rev=819511&r1=819510&r2=819511&view=diff
==============================================================================
--- portals/jetspeed-2/applications/j2-admin/trunk/pom.xml (original)
+++ portals/jetspeed-2/applications/j2-admin/trunk/pom.xml Mon Sep 28 12:38:26 2009
@@ -44,7 +44,7 @@
<org.apache.portals.bridges.frameworks.version>1.0.4</org.apache.portals.bridges.frameworks.version>
<org.apache.portals.bridges.portletfilter.version>1.0.4</org.apache.portals.bridges.portletfilter.version>
<org.apache.portals.applications.apa-gems.version>1.0</org.apache.portals.applications.apa-gems.version>
- <org.apache.portals.applications.apa-webcontent.version>1.0</org.apache.portals.applications.apa-webcontent.version>
+ <org.apache.portals.applications.apa-webcontent.version>1.1-SNAPSHOT</org.apache.portals.applications.apa-webcontent.version>
<commons-digester.version>1.8</commons-digester.version>
<commons-configuration.version>1.6</commons-configuration.version>
<commons-lang.version>2.4</commons-lang.version>
Added: portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/DefaultSSOSiteCredentialsProviderImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/DefaultSSOSiteCredentialsProviderImpl.java?rev=819511&view=auto
==============================================================================
--- portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/DefaultSSOSiteCredentialsProviderImpl.java (added)
+++ portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/DefaultSSOSiteCredentialsProviderImpl.java Mon Sep 28 12:38:26 2009
@@ -0,0 +1,74 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.portlets.sso;
+
+import java.io.Serializable;
+import java.net.URI;
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+
+import org.apache.portals.applications.webcontent.proxy.SSOSiteCredentials;
+import org.apache.portals.applications.webcontent.proxy.SSOSiteCredentialsProvider;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class DefaultSSOSiteCredentialsProviderImpl implements SSOSiteCredentialsProvider, Serializable
+{
+ private static final long serialVersionUID = 1L;
+
+ private static Logger log = LoggerFactory.getLogger(DefaultSSOSiteCredentialsProviderImpl.class);
+
+ public List<SSOSiteCredentials> getSSOCredentials(HttpServletRequest request, URI siteURI)
+ {
+ List<SSOSiteCredentials> ssoSiteCreds = new ArrayList<SSOSiteCredentials>();
+ HttpSession session = request.getSession(false);
+
+ if (session == null)
+ {
+ return ssoSiteCreds;
+ }
+
+ List<SSOSiteCredentials> ssoSiteCredsOfSubject = (List<SSOSiteCredentials>) session.getAttribute(SSOReverseProxyIFramePortlet.SUBJECT_SSO_SITE_CREDS);
+
+ if (ssoSiteCredsOfSubject != null)
+ {
+ for (SSOSiteCredentials ssoCreds : ssoSiteCredsOfSubject)
+ {
+ try
+ {
+ if (ssoCreds.getHost().equals(siteURI.getHost()) && ssoCreds.getPort() == siteURI.getPort())
+ {
+ ssoSiteCreds.add(ssoCreds);
+ }
+ }
+ catch (Exception e)
+ {
+ if (log.isWarnEnabled())
+ {
+ log.warn("Failed to match site uri. {}", e.toString());
+ }
+ }
+ }
+ }
+
+ return ssoSiteCreds;
+ }
+
+}
Propchange: portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/DefaultSSOSiteCredentialsProviderImpl.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/DefaultSSOSiteCredentialsProviderImpl.java
------------------------------------------------------------------------------
svn:keywords = Id
Propchange: portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/DefaultSSOSiteCredentialsProviderImpl.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOReverseProxyIFramePortlet.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOReverseProxyIFramePortlet.java?rev=819511&view=auto
==============================================================================
--- portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOReverseProxyIFramePortlet.java (added)
+++ portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOReverseProxyIFramePortlet.java Mon Sep 28 12:38:26 2009
@@ -0,0 +1,141 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.portlets.sso;
+
+import java.io.IOException;
+import java.net.URI;
+import java.security.AccessController;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+
+import javax.portlet.PortletConfig;
+import javax.portlet.PortletException;
+import javax.portlet.PortletSession;
+import javax.portlet.RenderRequest;
+import javax.portlet.RenderResponse;
+import javax.security.auth.Subject;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.jetspeed.security.JSSubject;
+import org.apache.jetspeed.security.PasswordCredential;
+import org.apache.jetspeed.sso.SSOManager;
+import org.apache.jetspeed.sso.SSOSite;
+import org.apache.jetspeed.sso.SSOUser;
+import org.apache.portals.applications.webcontent.portlet.IFrameGenericPortlet;
+import org.apache.portals.applications.webcontent.proxy.HttpReverseProxyConstants;
+import org.apache.portals.applications.webcontent.proxy.SSOSiteCredentials;
+import org.apache.portals.applications.webcontent.proxy.impl.DefaultSSOSiteCredentials;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * SSOReverseProxyIFramePortlet
+ *
+ * @version $Id$
+ */
+public class SSOReverseProxyIFramePortlet extends IFrameGenericPortlet
+{
+
+ public static final String SUBJECT_SSO_SITE_CREDS = SSOReverseProxyIFramePortlet.class.getName() + ".ssoSiteCredsOfSubject";
+
+ private static Logger log = LoggerFactory.getLogger(SSOReverseProxyIFramePortlet.class);
+
+ private SSOManager ssoManager;
+
+ public void init(PortletConfig config) throws PortletException
+ {
+ super.init(config);
+
+ ssoManager = (SSOManager) config.getPortletContext().getAttribute("cps:SSO");
+
+ if (null == ssoManager)
+ {
+ throw new PortletException("Failed to find SSO Provider on portlet initialization");
+ }
+ }
+
+ @Override
+ public void doView(RenderRequest request, RenderResponse response) throws PortletException, IOException
+ {
+ List<SSOSiteCredentials> ssoSiteCredsOfSubject = (List<SSOSiteCredentials>) request.getPortletSession().getAttribute(SUBJECT_SSO_SITE_CREDS, PortletSession.APPLICATION_SCOPE);
+
+ if (ssoSiteCredsOfSubject == null)
+ {
+ request.getPortletSession().setAttribute(SUBJECT_SSO_SITE_CREDS, createSSOSiteCredentialsOfSubject(), PortletSession.APPLICATION_SCOPE);
+ request.getPortletSession().setAttribute(HttpReverseProxyConstants.SSO_SITE_CREDENTIALS_PROVIDER, new DefaultSSOSiteCredentialsProviderImpl(), PortletSession.APPLICATION_SCOPE);
+ }
+
+ super.doView(request, response);
+ }
+
+ private List<SSOSiteCredentials> createSSOSiteCredentialsOfSubject()
+ {
+ List<SSOSiteCredentials> ssoSiteCredsOfSubject = new ArrayList<SSOSiteCredentials>();
+
+ try
+ {
+ Subject subject = JSSubject.getSubject(AccessController.getContext());
+ Collection<SSOSite> ssoSites = ssoManager.getSitesForSubject(subject);
+
+ if (ssoSites != null)
+ {
+ for (SSOSite ssoSite : ssoSites)
+ {
+ URI siteURI = URI.create(ssoSite.getURL());
+ Collection<SSOUser> ssoUsers = ssoManager.getRemoteUsers(ssoSite, subject);
+
+ if (ssoUsers != null)
+ {
+ for (SSOUser ssoUser : ssoUsers)
+ {
+ DefaultSSOSiteCredentials ssoCreds = new DefaultSSOSiteCredentials(siteURI.getHost(), siteURI.getPort());
+
+ if (!StringUtils.isBlank(ssoSite.getRealm()))
+ {
+ ssoCreds.setRealm(ssoSite.getRealm());
+ }
+
+ PasswordCredential pwc = ssoManager.getCredentials(ssoUser);
+ ssoCreds.setUsername(pwc.getUserName());
+ ssoCreds.setPassword(pwc.getPassword());
+
+ if (ssoSite.isFormAuthentication())
+ {
+ ssoCreds.setFormAuthentication(true);
+ ssoCreds.setFormUserField(ssoSite.getFormUserField());
+ ssoCreds.setFormPwdField(ssoSite.getFormPwdField());
+ }
+
+ ssoSiteCredsOfSubject.add(ssoCreds);
+ }
+ }
+ }
+ }
+ }
+ catch (Exception e)
+ {
+ if (log.isWarnEnabled())
+ {
+ log.warn("Failed to retrieve sso site credentials. {}", e.toString());
+ }
+ }
+
+ return ssoSiteCredsOfSubject;
+ }
+
+}
Propchange: portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOReverseProxyIFramePortlet.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOReverseProxyIFramePortlet.java
------------------------------------------------------------------------------
svn:keywords = Id
Propchange: portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOReverseProxyIFramePortlet.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Added: portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/conf/reverseproxy.properties
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/conf/reverseproxy.properties?rev=819511&view=auto
==============================================================================
--- portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/conf/reverseproxy.properties (added)
+++ portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/conf/reverseproxy.properties Mon Sep 28 12:38:26 2009
@@ -0,0 +1,101 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ------------------------------------------------------------------------
+#
+# Reverse Proxy Configuration
+#
+# $Id$
+#
+# ------------------------------------------------------------------------
+
+# Constant properties
+# ... Constant properties can be used in other property values by wrapping '${}'.
+defaults.htmlRewriter = org.apache.portals.applications.webcontent.rewriter.WebContentRewriter
+defaults.xmlRewriter = org.apache.portals.applications.webcontent.rewriter.WebContentRewriter
+defaults.htmlAdaptor = org.apache.portals.applications.webcontent.rewriter.html.neko.NekoParserAdaptor
+defaults.xmlAdaptor = org.apache.portals.applications.webcontent.rewriter.xml.SaxParserAdaptor
+defaults.ruleMappings = /WEB-INF/conf/rewriter-rules-mapping.xml
+defaults.rewriterRules = /WEB-INF/conf/default-rewriter-rules.xml
+
+# Proxy Host Configurations
+# ... Set the following when you want to force HOST header value forcefully.
+#proxy.server.hostname = www.localhost.com
+# ... Set the following when you to force to prepend the base url.
+#proxy.server.baseurl = http://www.localhost.com/
+
+
+# Global HTTP Client parameters
+# ... You can set various http client parameters with prefix, 'proxy.http.client.param.'.
+# ... Refer to the javadoc of org.apache.http.client.params.ClientParamBean.
+proxy.http.client.param.allowCircularRedirects = false
+
+
+# Global HTTP ClientConnectionManager parameters
+# ... You can set various http client connection manager parameters with prefix, 'proxy.http.connManager.param.'.
+# ... Refer to the javadoc of org.apache.http.conn.params.ConnManagerParamBean.
+proxy.http.connManager.param.maxTotalConnections = 200
+proxy.http.connManager.param.timeout = 10000
+
+
+# HTTP Connection parameters per route.
+# ... If you don't specify here for a route, then the default values are applied.
+# ... Put the route item names here.
+proxy.http.route = apache, portals, somewhere
+proxy.http.route.param.defaultMaxPerRoute = 20
+
+# ... Sets detail attirbutes for each route item.
+
+proxy.http.route.apache.target.hostname = www.apache.org
+proxy.http.route.apache.maxConnections = 10
+
+proxy.http.route.portals.target.hostname = portals.apache.org
+proxy.http.route.portals.maxConnections = 40
+
+# ... 'somewhere' is just an example to show the full configurable items...
+proxy.http.route.somewhere.target.hostname = somewhere.localhost.com
+proxy.http.route.somewhere.target.port = 8080
+proxy.http.route.somewhere.maxConnections = 5
+proxy.http.route.somewhere.local = 111.111.111.111
+proxy.http.route.somewhere.secure = false
+proxy.http.route.somewhere.tunnelled = plain
+proxy.http.route.somewhere.layered = plain
+proxy.http.route.somewhere.proxy = proxyserver1, proxyserver2
+proxy.http.route.somewhere.proxy.proxyserver1.hostname = proxyserver1
+proxy.http.route.somewhere.proxy.proxyserver1.port = 10080
+proxy.http.route.somewhere.proxy.proxyserver2.hostname = proxyserver2
+proxy.http.route.somewhere.proxy.proxyserver2.port = 10081
+
+
+# Proxy Pass Reverse Mapping configurations for each category
+# ... Put the path item names here. Each path item will be evaluated by the order.
+proxy.reverse.pass = apache, portals, localhost, somewhere
+
+# ... Sets detail attributes for each path item.
+
+proxy.reverse.pass.apache.local = /apache/
+proxy.reverse.pass.apache.remote = http://www.apache.org/
+
+proxy.reverse.pass.portals.local = /portals/
+proxy.reverse.pass.portals.remote = http://portals.apache.org/
+
+proxy.reverse.pass.localhost.local = /localhost/
+proxy.reverse.pass.localhost.remote = http://localhost:8080/
+
+# ... 'somewhere' is just an example to show the full configurable items...
+proxy.reverse.pass.somewhere.local = /somewhere/
+proxy.reverse.pass.somewhere.remote = http://somewhere.localhost.com/
+proxy.reverse.pass.somewhere.rewriters = ${defaults.htmlRewriter}, ${defaults.xmlRewriter}
+proxy.reverse.pass.somewhere.adaptors = ${defaults.htmlAdaptor}, ${defaults.xmlAdaptor}
+proxy.reverse.pass.somewhere.rules = ${defaults.ruleMappings}, ${defaults.rewriterRules}
Propchange: portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/conf/reverseproxy.properties
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/conf/reverseproxy.properties
------------------------------------------------------------------------------
svn:keywords = Id
Propchange: portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/conf/reverseproxy.properties
------------------------------------------------------------------------------
svn:mime-type = text/plain
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org