You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by ro...@apache.org on 2004/11/16 20:08:48 UTC
cvs commit: jakarta-jetspeed-2/components/sso/src/test/org/apache/jetspeed/sso TestSSOComponent.java
rogerrut 2004/11/16 11:08:48
Added: components/sso project.properties .cvsignore locator.ent
maven.xml project.xml
components/sso/src/java/org/apache/jetspeed/sso/impl
SSOContextImpl.java SSOPrincipalImpl.java
PersistenceBrokerSSOProvider.java SSOSiteImpl.java
components/sso/src/java/META-INF transaction.xml sso-dao.xml
sso_repository.xml
components/sso/src/test/org/apache/jetspeed/sso
TestSSOComponent.java
Log:
Single Sign On SSO Framework
The current version of SSO relies on the Jetspeed security model (storage of credentials/Principals) but for future release it can be decoupled from Jetspeed.
Portlets (IFrame, perl, PHP) will be enhanced (Preference setting) so that they can enable SSO functionality.
Revision Changes Path
1.1 jakarta-jetspeed-2/components/sso/project.properties
Index: project.properties
===================================================================
# Copyright 2004 The Apache Software Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# $Id: project.properties,v 1.1 2004/11/16 19:08:47 rogerrut Exp $
#
maven.multiproject.type=jar
maven.license.licenseFile=${basedir}/../../LICENSE.TXT
1.1 jakarta-jetspeed-2/components/sso/.cvsignore
Index: .cvsignore
===================================================================
maven.log
target
1.1 jakarta-jetspeed-2/components/sso/locator.ent
Index: locator.ent
===================================================================
<!-- Project dependencies -->
<!ENTITY pico-nano-groovy SYSTEM "file:../../etc/project-dependencies/spring-deps.xml">
<!ENTITY db-ojb-deps SYSTEM "file:../../etc/project-dependencies/db-ojb-deps.xml">
<!-- Project resources -->
<!ENTITY db-ojb-resources SYSTEM "file:../../etc/project-resources/db-ojb-resources.xml">
<!ENTITY log4j-resources SYSTEM "file:../../etc/project-resources/log4j-resources.xml">
<!-- Project reports -->
<!ENTITY j2-reports SYSTEM "file:../../etc/project-reports/j2-reports.xml">
1.1 jakarta-jetspeed-2/components/sso/maven.xml
Index: maven.xml
===================================================================
<!--
Copyright 2004 The Apache Software Foundation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<project default="java:jar"
xmlns:j="jelly:core"
xmlns:define="jelly:define"
xmlns:maven="jelly:maven">
<!-- Target of maven test:single test -->
<property name='testcase' value='org.apache.jetspeed.sso.TestSSOComponent'/>
<goal name="deployJar">
<attainGoal name="jar:install"/>
<copy file="${basedir}/target/${maven.final.name}.jar" todir="${org.apache.jetspeed.deploy.war.dir}/jetspeed/WEB-INF/lib"/>
</goal>
</project>
1.1 jakarta-jetspeed-2/components/sso/project.xml
Index: project.xml
===================================================================
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE project [
<!ENTITY % locator-entities SYSTEM "file:locator.ent"> %locator-entities;
]>
<!--
Copyright 2004 The Apache Software Foundation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<project>
<extend>${basedir}/../../project.xml</extend>
<pomVersion>3</pomVersion>
<id>jetspeed-sso</id>
<groupId>jetspeed2</groupId>
<name>Jetspeed-2 Single Sign On Components</name>
<currentVersion>2.0-a1-dev</currentVersion>
<package>org.apache.jetspeed</package>
<description>
Single Sign On SSO Components
</description>
<shortDescription>Single Sign On SSO Components</shortDescription>
<repository>
<connection>scm:cvs:pserver:anoncvs@cvs.apache.org:/home/cvspublic:jakarta-jetspeed-2/components/sso</connection>
<url>http://cvs.apache.org/viewcvs/jakarta-jetspeed-2/components/sso/</url>
</repository>
<dependencies>
&pico-nano-groovy;
&db-ojb-deps;
<!-- Components -->
<!-- Servlet API -->
<dependency>
<groupId>servletapi</groupId>
<artifactId>servletapi</artifactId>
<version>2.3</version>
</dependency>
<!-- Security implementation -->
<dependency>
<id>jetspeed-security</id>
<groupId>jetspeed2</groupId>
<version>2.0-a1-dev</version>
<properties>
<war.bundle>false</war.bundle>
</properties>
</dependency>
<dependency>
<id>jetspeed-api</id>
<groupId>jetspeed2</groupId>
<version>2.0-a1-dev</version>
<properties>
<war.bundle>true</war.bundle>
</properties>
</dependency>
<dependency>
<id>jetspeed-cm</id>
<groupId>jetspeed2</groupId>
<version>2.0-a1-dev</version>
<properties>
<war.bundle>true</war.bundle>
</properties>
</dependency>
<dependency>
<id>jetspeed-persistence</id>
<groupId>jetspeed2</groupId>
<version>2.0-a1-dev</version>
<properties>
<war.bundle>true</war.bundle>
</properties>
</dependency>
<!-- Testing only -->
<dependency>
<id>jetspeed-rdbms</id>
<groupId>jetspeed2</groupId>
<version>2.0-a1-dev</version>
<properties>
<war.bundle>false</war.bundle>
</properties>
</dependency>
<dependency>
<id>commons-lang</id>
<version>2.0</version>
<properties>
<war.bundle>true</war.bundle>
</properties>
</dependency>
<dependency>
<id>commons-logging</id>
<version>1.0.3</version>
<properties>
<war.bundle>true</war.bundle>
</properties>
</dependency>
<dependency>
<id>commons-beanutils</id>
<version>1.6.1</version>
<properties>
<war.bundle>true</war.bundle>
</properties>
</dependency>
<dependency>
<id>junit</id>
<version>3.8.1</version>
<properties>
<war.bundle>false</war.bundle>
</properties>
</dependency>
<dependency>
<id>log4j</id>
<version>1.2.8</version>
<properties>
<war.bundle>true</war.bundle>
</properties>
</dependency>
<dependency>
<id>commons-configuration</id>
<version>1.0-dev</version>
<properties>
<war.bundle>false</war.bundle>
</properties>
</dependency>
<dependency>
<id>commons-collections</id>
<version>3.0</version>
<properties>
<war.bundle>true</war.bundle>
</properties>
</dependency>
<dependency>
<id>commons-io</id>
<version>0.1</version>
<properties>
<war.bundle>true</war.bundle>
</properties>
</dependency>
<dependency>
<id>commons-pool</id>
<version>1.2</version>
<properties>
<war.bundle>true</war.bundle>
</properties>
</dependency>
<dependency>
<id>commons-dbcp</id>
<version>1.2.1</version>
<properties>
<war.bundle>true</war.bundle>
</properties>
</dependency>
<dependency>
<id>jdbc-se</id>
<jar>jdbc-se2.0.jar</jar>
<properties>
<war.bundle>false</war.bundle>
</properties>
</dependency>
<dependency>
<id>xerces</id>
<version>2.3.0</version>
<properties>
<war.bundle>true</war.bundle>
</properties>
</dependency>
<dependency>
<id>xml-apis</id>
<version>2.0.2</version>
<properties>
<war.bundle>true</war.bundle>
</properties>
</dependency>
<dependency>
<id>jdom</id>
<version>b10</version>
<properties>
<war.bundle>true</war.bundle>
</properties>
</dependency>
<!-- This is only a test dependency -->
<dependency>
<id>jetspeed-commons</id>
<groupId>jetspeed2</groupId>
<version>2.0-a1-dev</version>
<properties>
<war.bundle>false</war.bundle>
</properties>
</dependency>
<dependency>
<id>hsqldb</id>
<version>1.7.1</version>
<properties>
<war.bundle>false</war.bundle>
</properties>
</dependency>
<dependency>
<!-- portlet-api.jar must be in %MAVEN_HOME%respository/portlet-api/jars -->
<id>portlet-api</id>
<version>1.0</version>
<properties>
<war.bundle>false</war.bundle>
</properties>
</dependency>
<dependency>
<id>jta</id>
<jar>jta1.0.1.jar</jar>
<properties>
<war.bundle>true</war.bundle>
</properties>
</dependency>
<dependency>
<id>tyrex</id>
<version>1.0.1</version>
<properties>
<war.bundle>true</war.bundle>
</properties>
</dependency>
<dependency>
<id>commons-codec</id>
<version>1.3</version>
<properties>
<war.bundle>true</war.bundle>
</properties>
</dependency>
</dependencies>
<build>
<sourceDirectory>src/java</sourceDirectory>
<unitTestSourceDirectory>${basedir}/src/test</unitTestSourceDirectory>
<unitTest>
<includes>
<include>**/Test*.java</include>
</includes>
<resources>
<resource>
<directory>${basedir}/src/test</directory>
<excludes>
<exclude>**/*.java</exclude>
</excludes>
</resource>
<resource>
<directory>${basedir}/src/java</directory>
<excludes>
<exclude>**/*.java</exclude>
</excludes>
</resource>
&db-ojb-resources;
&log4j-resources;
</resources>
</unitTest>
<resources>
<resource>
<directory>${basedir}/src/java</directory>
<excludes>
<exclude>**/*.java</exclude>
</excludes>
</resource>
</resources>
</build>
<reports>
&j2-reports;
</reports>
</project>
1.1 jakarta-jetspeed-2/components/sso/src/java/org/apache/jetspeed/sso/impl/SSOContextImpl.java
Index: SSOContextImpl.java
===================================================================
/*
* Copyright 2000-2004 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.jetspeed.sso.impl;
import org.apache.jetspeed.sso.SSOContext;
/**
* SSOContextImpl
* Class holding credential information
*
* @author <a href="mailto:rogerrut@apache.org">Roger Ruttimann</a>
* @version $Id: SSOContextImpl.java,v 1.1 2004/11/16 19:08:47 rogerrut Exp $
*/
public class SSOContextImpl implements SSOContext {
private long userID;
private String password;
private String userName;
/**
* Constructor takes all arguments since members can't be altered
*/
public SSOContextImpl(long userID, String userName, String pwd) {
super();
this.userID = userID;
this.userName = userName;
this.password = pwd;
}
/* (non-Javadoc)
* @see org.apache.jetspeed.sso.SSOContext#getUserID()
*/
public long getUserID() {
return this.userID;
}
/* (non-Javadoc)
* @see org.apache.jetspeed.sso.SSOContext#getUserName()
*/
public String getUserName() {
return this.userName;
}
/* (non-Javadoc)
* @see org.apache.jetspeed.sso.SSOContext#getPassword()
*/
public String getPassword() {
return this.password;
}
}
1.1 jakarta-jetspeed-2/components/sso/src/java/org/apache/jetspeed/sso/impl/SSOPrincipalImpl.java
Index: SSOPrincipalImpl.java
===================================================================
/* Copyright 2004 Apache Software Foundation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.jetspeed.sso.impl;
import java.sql.Timestamp;
import java.util.Collection;
import org.apache.jetspeed.security.om.InternalPrincipal;
/**
* <p>
* SSOPrincipalImpl
* Class used for mapping Principal information for a site. This is the short form of
* the InternalPrincipalImpl
* .</p>
*
* @author <a href="mailto:rogerrut @apache.org">Roger Ruttimann</a>
*/
public class SSOPrincipalImpl implements InternalPrincipal {
/** The principal id. */
private long principalId;
/** The class name. */
private String classname;
/** The is mapping only. */
private boolean isMappingOnly = false;
/** The full path. */
private String fullPath;
/** The creation date. */
private Timestamp creationDate;
/** The modified date. */
private Timestamp modifiedDate;
/** The enabled state. */
private boolean enabled = true;
/** Permissions not used by required by the interface*/
private Collection permissions;
/**
* <p>
* The special attribute telling OJB the object's concrete type.
* </p>
* <p>
* NOTE: this attribute MUST be called ojbConcreteClass
* </p>
*/
protected String ojbConcreteClass;
/**
* <p>
* InternalPrincipal implementation default constructor.
* </p>
*/
public SSOPrincipalImpl()
{
}
/**
* <p>
* InternalPrincipal constructor given a classname and name.
* </p>
*
* @param classname The classname.
* @param fullPath The full path.
*/
public SSOPrincipalImpl(String classname, String fullPath)
{
this.ojbConcreteClass = classname;
this.classname = classname;
this.fullPath = fullPath;
this.permissions = null; // Not used
this.creationDate = new Timestamp(System.currentTimeMillis());
this.modifiedDate = this.creationDate;
}
/**
* @see org.apache.jetspeed.security.om.InternalPrincipal#getPrincipalId()
*/
public long getPrincipalId()
{
return this.principalId;
}
/**
* @see org.apache.jetspeed.security.om.InternalPrincipal#setPrincipalId(int)
*/
public void setPrincipalId(long principalId)
{
this.principalId = principalId;
}
/**
* @see org.apache.jetspeed.security.om.InternalPrincipal#getClassname()
*/
public String getClassname()
{
return this.classname;
}
/**
* @see org.apache.jetspeed.security.om.InternalPrincipal#setClassname(java.lang.String)
*/
public void setClassname(String classname)
{
this.ojbConcreteClass = classname;
this.classname = classname;
}
/**
* @return Returns the isMappingOnly.
*/
public boolean isMappingOnly()
{
return isMappingOnly;
}
/**
* @param isMappingOnly The isMappingOnly to set.
*/
public void setMappingOnly(boolean isMappingOnly)
{
this.isMappingOnly = isMappingOnly;
}
/**
* @see org.apache.jetspeed.security.om.InternalPrincipal#getFullPath()
*/
public String getFullPath()
{
return this.fullPath;
}
/**
* @see org.apache.jetspeed.security.om.InternalPrincipal#setFullPath(java.lang.String)
*/
public void setFullPath(String fullPath)
{
this.fullPath = fullPath;
}
/**
* @see org.apache.jetspeed.security.om.InternalPrincipal#getPermissions()
*/
public Collection getPermissions()
{
return this.permissions;
}
/**
* @see org.apache.jetspeed.security.om.InternalPrincipal#setPermissions(java.util.Collection)
*/
public void setPermissions(Collection permissions)
{
this.permissions = permissions;
}
/**
* @see org.apache.jetspeed.security.om.InternalPrincipal#getCreationDate()
*/
public Timestamp getCreationDate()
{
return this.creationDate;
}
/**
* @see org.apache.jetspeed.security.om.InternalPrincipal#setCreationDate(java.sql.Timestamp)
*/
public void setCreationDate(Timestamp creationDate)
{
this.creationDate = creationDate;
}
/**
* @see org.apache.jetspeed.security.om.InternalPrincipal#getModifiedDate()
*/
public Timestamp getModifiedDate()
{
return this.modifiedDate;
}
/**
* @see org.apache.jetspeed.security.om.InternalPrincipal#setModifiedDate(java.sql.Timestamp)
*/
public void setModifiedDate(Timestamp modifiedDate)
{
this.modifiedDate = modifiedDate;
}
/**
* @see org.apache.jetspeed.security.om.InternalPrincipal#isEnabled()
*/
public boolean isEnabled()
{
return enabled;
}
/**
* @see org.apache.jetspeed.security.om.InternalPrincipal#setEnabled(boolean)
*/
public void setEnabled(boolean enabled)
{
this.enabled = enabled;
}
}
1.1 jakarta-jetspeed-2/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java
Index: PersistenceBrokerSSOProvider.java
===================================================================
/*
* Copyright 2000-2001,2004 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.jetspeed.sso.impl;
import java.util.Collection;
import java.util.Hashtable;
import java.util.Iterator;
import org.apache.jetspeed.security.UserPrincipal;
import javax.security.auth.Subject;
import javax.servlet.http.HttpServletRequest;
import org.apache.jetspeed.components.dao.InitablePersistenceBrokerDaoSupport;
import org.apache.jetspeed.sso.SSOContext;
import org.apache.jetspeed.sso.SSOException;
import org.apache.jetspeed.sso.SSOProvider;
import org.apache.jetspeed.security.SecurityHelper;
import org.apache.jetspeed.security.BasePrincipal;
import org.apache.jetspeed.security.om.impl.InternalCredentialImpl;
import org.apache.jetspeed.security.om.impl.InternalPrincipalImpl;
import org.apache.ojb.broker.query.Criteria;
import org.apache.ojb.broker.query.QueryByCriteria;
import org.apache.ojb.broker.query.QueryFactory;
/**
* <p>Utility component to handle SSO requests</p>
*
* @author <a href="mailto:rogerrut@apache.org">Roger Ruttimann</a>
*/
public class PersistenceBrokerSSOProvider extends
InitablePersistenceBrokerDaoSupport implements SSOProvider {
private Hashtable mapSite = new Hashtable();
/**
* PersitenceBrokerSSOProvider()
* @param repository Location of repository mapping file. Must be available within the classpath.
* @param prefsFactoryImpl <code>java.util.prefs.PreferencesFactory</code> implementation to use.
* @param enablePropertyManager Whether or not we chould be suing the property manager.
* @throws ClassNotFoundException if the <code>prefsFactoryImpl</code> argument does not reperesent
* a Class that exists in the current classPath.
*/
public PersistenceBrokerSSOProvider(String repositoryPath) throws ClassNotFoundException
{
super(repositoryPath);
}
/* (non-Javadoc)
* @see org.apache.jetspeed.sso.SSOProvider#hasSSOCredentials(javax.security.auth.Subject, java.lang.String)
*/
public boolean hasSSOCredentials(Subject subject, String site) {
// Initialization
SSOSiteImpl ssoSite = getSSOSiteObject(site);
if ( ssoSite == null)
return false; // no entry for site
// Get the principal from the subject
BasePrincipal principal = (BasePrincipal)SecurityHelper.getBestPrincipal(subject, UserPrincipal.class);
String fullPath = principal.getFullPath();
// Filter the credentials for the given principals
InternalCredentialImpl credential = getCredential(ssoSite, fullPath);
if (credential == null)
return false;
else
return true;
}
/* (non-Javadoc)
* @see org.apache.jetspeed.sso.SSOProvider#addBasicAuthenticationForSite(javax.servlet.http.HttpServletRequest, javax.security.auth.Subject, java.lang.String)
*/
public void addBasicAuthenticationForSite(HttpServletRequest request,
Subject subject, String site) throws SSOException {
// TODO Auto-generated method stub
}
/* (non-Javadoc)
* @see org.apache.jetspeed.sso.SSOProvider#getCredentials(javax.security.auth.Subject, java.lang.String)
*/
public SSOContext getCredentials(Subject subject, String site)
throws SSOException {
// Initialization
SSOSiteImpl ssoSite = getSSOSiteObject(site);
if ( ssoSite == null)
throw new SSOException(SSOException.NO_CREDENTIALS_FOR_SITE); // no entry for site
// Get the principal from the subject
BasePrincipal principal = (BasePrincipal)SecurityHelper.getBestPrincipal(subject, UserPrincipal.class);
String fullPath = principal.getFullPath();
// Filter the credentials for the given principals
InternalCredentialImpl credential = getCredential(ssoSite, fullPath);
if ( credential == null)
throw new SSOException(SSOException.NO_CREDENTIALS_FOR_SITE); // no entry for site
SSOContext context = new SSOContextImpl(credential.getPrincipalId(), principal.getName(),credential.getValue());
return context;
}
/* addCredential()
* Adds credentials for a user to the site. If the site doesn't exist it will be created
* @see org.apache.jetspeed.sso.SSOProvider#addCredentialsForSite(javax.security.auth.Subject, java.lang.String, java.lang.String)
*/
public void addCredentialsForSite(Subject subject, String site, String pwd)
throws SSOException {
// Check if the site already exists
SSOSiteImpl ssoSite = getSSOSiteObject(site);
if (ssoSite == null)
{
// Create a new site
ssoSite = new SSOSiteImpl();
ssoSite.setSiteURL(site);
}
// Get the Principal information
String fullPath = ((BasePrincipal)SecurityHelper.getBestPrincipal(subject, UserPrincipal.class)).getFullPath();
SSOPrincipalImpl principal = this.getPrincipalForPath(subject, fullPath);
// New credential object
InternalCredentialImpl credential = new InternalCredentialImpl();
ssoSite.addCredential(credential);
// Populate the credential information
credential.setValue(pwd);
credential.setPrincipalId(principal.getPrincipalId());
// Update database and reset cache
try
{
getPersistenceBrokerTemplate().store(ssoSite);
}
catch (Exception e)
{
throw new SSOException(SSOException.FAILED_STORING_SITE_INFO_IN_DB + e.toString() );
}
// Clear cache
this.mapSite.clear();
}
/* (non-Javadoc)
* @see org.apache.jetspeed.sso.SSOProvider#removeCredentialsForSite(javax.security.auth.Subject, java.lang.String)
*/
public void removeCredentialsForSite(Subject subject, String site)
throws SSOException {
// TODO Auto-generated method stub
}
/*
* Helper utilities
*
*/
/*
* getSSOSiteObject
* Obtains the Site information including the credentials for a site (url).
*/
private SSOSiteImpl getSSOSiteObject(String site)
{
//Initialization
SSOSiteImpl ssoSite = null;
//Check if the site is in the map
if (mapSite.containsKey(site) == false )
{
// Go to the database and fetch the information for this site
// Find the MediaType by matching the Mimetype
Criteria filter = new Criteria();
filter.addEqualTo("siteURL", site);
QueryByCriteria query = QueryFactory.newQuery(SSOSiteImpl.class, filter);
Collection ssoSiteCollection = getPersistenceBrokerTemplate().getCollectionByQuery(query);
if ( ssoSiteCollection != null && ssoSiteCollection.isEmpty() != true)
{
Iterator itSite = ssoSiteCollection.iterator();
// Get the site from the collection. There should be only one entry (uniqueness)
if (itSite.hasNext())
{
ssoSite = (SSOSiteImpl) itSite.next();
}
// Add it to the map
mapSite.put(site, ssoSite);
}
else
{
// No entry for this site
return null;
}
}
else
{
ssoSite = (SSOSiteImpl)mapSite.get(site);
}
return ssoSite;
}
/*
* getCredential
* returns the credentials for a given user
*/
private InternalCredentialImpl getCredential(SSOSiteImpl ssoSite, String fullPath)
{
long principalID = -1;
InternalCredentialImpl credential = null;
/* Error checking
* 1) should have at least one principal
* 2) should have at least one credential
*
* If one of the above fails return null wich means that the user doesn't have credentials for that site
*/
if ( ssoSite.getPrincipals() == null || ssoSite.getCredentials() == null)
return null;
// Iterate over the principals and extract the principal id for the given full path
Iterator itPrincipals = ssoSite.getPrincipals().iterator();
while (itPrincipals.hasNext() && principalID == -1 /*not found yet*/)
{
InternalPrincipalImpl principal = (InternalPrincipalImpl)itPrincipals.next();
if ( principal != null && principal.getFullPath().compareToIgnoreCase(fullPath) == 0)
{
principalID = principal.getPrincipalId();
}
}
if ( principalID == -1)
return null; // No principal found for that site
// Last lookup to see if there are credentials for that user
Iterator itCredentials = ssoSite.getCredentials().iterator();
while (itCredentials.hasNext() && credential == null /*not found yet*/)
{
InternalCredentialImpl cred = (InternalCredentialImpl)itCredentials.next();
if ( cred != null && cred.getPrincipalId() == principalID)
{
// Found credentials for Orincipals
credential = cred;
}
}
return credential;
}
private SSOPrincipalImpl getPrincipalForPath(Subject subject, String fullPath)
{
Criteria filter = new Criteria();
filter.addEqualTo("fullPath", fullPath);
QueryByCriteria query = QueryFactory.newQuery(SSOPrincipalImpl.class, filter);
Collection principals = getPersistenceBrokerTemplate().getCollectionByQuery(query);
if ( principals != null && principals.isEmpty() != true)
{
Iterator itPrincipals = principals.iterator();
// Get the site from the collection. There should be only one entry (uniqueness)
if (itPrincipals.hasNext())
{
return (SSOPrincipalImpl) itPrincipals.next();
}
}
// Principal for path doesn't exist
return null;
}
}
1.1 jakarta-jetspeed-2/components/sso/src/java/org/apache/jetspeed/sso/impl/SSOSiteImpl.java
Index: SSOSiteImpl.java
===================================================================
/*
* Copyright 2000-2004 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.jetspeed.sso.impl;
import java.util.Collection;
import org.apache.jetspeed.sso.SSOException;
import org.apache.jetspeed.security.om.impl.InternalCredentialImpl;
/**
* SSOSiteImpl
* Class holding information about the Site and credentials for Single Sign on SSO.
* OJB will map the database entries into this class
*
* @author <a href="mailto:rogerrut@apache.org">Roger Ruttimann</a>
* @version $Id: SSOSiteImpl.java,v 1.1 2004/11/16 19:08:47 rogerrut Exp $
*/
public class SSOSiteImpl {
// Private member for OJB mapping
private int siteId;
private String name;
private String siteURL;
private boolean isAllowUserSet;
private boolean isCertificateRequired;
private Collection credentials;
private Collection principals;
/**
*
*/
public SSOSiteImpl() {
super();
}
/*
* Setters and getters for member variables
*/
/**
* @return Returns the credentials.
*/
public Collection getCredentials() {
return credentials;
}
/**
* @param credentials The credentials to set.
*/
public void setCredentials(Collection credentials) {
this.credentials = credentials;
}
/**
* @return Returns the isAllowUserSet.
*/
public boolean isAllowUserSet() {
return isAllowUserSet;
}
/**
* @param isAllowUserSet The isAllowUserSet to set.
*/
public void setAllowUserSet(boolean isAllowUserSet) {
this.isAllowUserSet = isAllowUserSet;
}
/**
* @return Returns the isCertificateRequired.
*/
public boolean isCertificateRequired() {
return isCertificateRequired;
}
/**
* @param isCertificateRequired The isCertificateRequired to set.
*/
public void setCertificateRequired(boolean isCertificateRequired) {
this.isCertificateRequired = isCertificateRequired;
}
/**
* @return Returns the name.
*/
public String getName() {
return name;
}
/**
* @param name The name to set.
*/
public void setName(String name) {
this.name = name;
}
/**
* @return Returns the principals.
*/
public Collection getPrincipals() {
return principals;
}
/**
* @param principals The principals to set.
*/
public void setPrincipals(Collection principals) {
this.principals = principals;
}
/**
* @return Returns the siteId.
*/
public int getSiteId() {
return siteId;
}
/**
* @param siteId The siteId to set.
*/
public void setSiteId(int siteId) {
this.siteId = siteId;
}
/**
* @return Returns the siteURL.
*/
public String getSiteURL() {
return siteURL;
}
/**
* @param siteURL The siteURL to set.
*/
public void setSiteURL(String siteURL) {
this.siteURL = siteURL;
}
/**
* Utility functions
* addCredential()
* Adds the credentail to the credentials collection
*
*/
public void addCredential(InternalCredentialImpl credential) throws SSOException
{
boolean bStatus = false;
try
{
bStatus = credentials.add(credential);
}
catch(Exception e)
{
// Adding credentail to coollection failed -- notify caller with SSOException
throw new SSOException(SSOException.FAILED_ADDING_CREDENTIALS_FOR_SITE + e.getMessage());
}
if ( bStatus == false)
throw new SSOException(SSOException.FAILED_ADDING_CREDENTIALS_FOR_SITE );
}
/**
* removeCredential()
* removes a credentail from the credentials collection
*
*/
public void removeCredential(InternalCredentialImpl credential) throws SSOException
{
boolean bStatus = false;
try
{
bStatus = credentials.remove(credential);
}
catch(Exception e)
{
// Adding credentail to coollection failed -- notify caller with SSOException
throw new SSOException(SSOException.FAILED_REMOVING_CREDENTIALS_FOR_SITE + e.getMessage());
}
if ( bStatus == false)
throw new SSOException(SSOException.FAILED_REMOVING_CREDENTIALS_FOR_SITE );
}
}
1.1 jakarta-jetspeed-2/components/sso/src/java/META-INF/transaction.xml
Index: transaction.xml
===================================================================
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<!--
- Application context definition for PortletRegistry using Apache OJB.
-->
<beans>
<!-- Transaction manager for a single OJB PersistenceBroker (alternative to JTA) -->
<bean id="transactionManager" class="org.springframework.orm.ojb.PersistenceBrokerTransactionManager"/>
<!-- Transaction manager that delegates to JTA (for a transactional JNDI DataSource) -->
<!--
<bean id="transactionManager" class="org.springframework.transaction.jta.JtaTransactionManager"/>
-->
<!--
- A parent bean definition which is a base definition for transaction proxies.
- It is markes as abstract, since it is never supposed to be instantiated itself.
- We set shared transaction attributes here, following our naming patterns.
- The attributes can still be overridden in child bean definitions.
-->
<bean id="baseTransactionProxy" class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean"
abstract="true">
<property name="transactionManager"><ref bean="transactionManager"/></property>
<property name="transactionAttributes">
<props>
<prop key="*">PROPAGATION_REQUIRED</prop>
</props>
</property>
</bean>
</beans>
1.1 jakarta-jetspeed-2/components/sso/src/java/META-INF/sso-dao.xml
Index: sso-dao.xml
===================================================================
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<!--
- Application context definition for PortletRegistry using Apache OJB.
-->
<beans>
<!-- ========================= BUSINESS OBJECT DEFINITIONS ========================= -->
<!-- SSO Implementation -->
<bean id="PersistenceBrokerSSOProvider"
class="org.apache.jetspeed.sso.impl.PersistenceBrokerSSOProvider"
init-method="init"
>
<constructor-arg index="0"><value>META-INF/sso_repository.xml</value></constructor-arg>
</bean>
<bean id="org.apache.jetspeed.sso.SSOProvider" parent="baseTransactionProxy"
name="ssoProvider"
>
<property name="proxyInterfaces">
<value>org.apache.jetspeed.sso.SSOProvider</value>
</property>
<property name="target">
<ref bean="PersistenceBrokerSSOProvider"/>
</property>
</bean>
</beans>
1.1 jakarta-jetspeed-2/components/sso/src/java/META-INF/sso_repository.xml
Index: sso_repository.xml
===================================================================
<!--
Copyright 2004 The Apache Software Foundation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<descriptor-repository version="1.0">
<!--
- S E C U R I T Y P R I N C I P A L (Short version for SSO lookup)
-->
<class-descriptor
class="org.apache.jetspeed.sso.impl.SSOPrincipalImpl"
proxy="dynamic"
table="SECURITY_PRINCIPAL"
>
<documentation>Represents a user principal.</documentation>
<field-descriptor
name="principalId"
column="principal_id"
jdbc-type="BIGINT"
primarykey="true"
indexed="true"
autoincrement="true"
>
</field-descriptor>
<field-descriptor
name="classname"
column="classname"
jdbc-type="VARCHAR"
nullable="false"
length="254"
>
</field-descriptor>
<field-descriptor
name="isMappingOnly"
column="is_mapping_only"
jdbc-type="BIT"
nullable="false"
>
</field-descriptor>
<field-descriptor
name="fullPath"
column="full_path"
jdbc-type="VARCHAR"
nullable="false"
length="254"
>
</field-descriptor>
<field-descriptor
name="creationDate"
column="creation_date"
jdbc-type="TIMESTAMP"
nullable="false"
>
</field-descriptor>
<field-descriptor
name="modifiedDate"
column="modified_date"
jdbc-type="TIMESTAMP"
nullable="false"
>
</field-descriptor>
<field-descriptor
name="enabled"
column="is_enabled"
jdbc-type="BIT"
nullable="false"
>
</field-descriptor>
</class-descriptor>
<!--
- S I T E
-->
<class-descriptor
class="org.apache.jetspeed.sso.impl.SSOSiteImpl"
proxy="dynamic"
table="SSOSite"
>
<documentation>Represents the single sign on site</documentation>
<field-descriptor
name="siteId"
column="SITE_ID"
jdbc-type="INTEGER"
primarykey="true"
indexed="true"
autoincrement="true"
>
</field-descriptor>
<field-descriptor
name="name"
column="NAME"
jdbc-type="VARCHAR"
nullable="false"
length="254"
>
</field-descriptor>
<field-descriptor
name="siteURL"
column="URL"
jdbc-type="VARCHAR"
nullable="false"
length="254"
>
</field-descriptor>
<field-descriptor
name="isAllowUserSet"
column="ALLOW_USER_SET"
jdbc-type="BIT"
nullable="false"
>
</field-descriptor>
<field-descriptor
name="isRequireCertificate"
column="REQUIRE_CERTIFICATE"
jdbc-type="BIT"
nullable="false"
>
</field-descriptor>
<collection-descriptor
name="credentials"
element-class-ref="org.apache.jetspeed.security.om.impl.InternalCredentialImpl"
proxy="true"
refresh="true"
auto-retrieve="true"
auto-update="link"
auto-delete="link"
indirection-table="SSO_SITE_TO_CREDENTIALS"
>
<documentation>This is the reference to credentials.</documentation>
<fk-pointing-to-this-class column="SITE_ID"/>
<fk-pointing-to-element-class column="CREDENTIAL_ID"/>
<fk-pointing-to-element-class column="PRINCIPAL_ID"/>
</collection-descriptor>
<collection-descriptor
name="principals"
element-class-ref="org.apache.jetspeed.sso.impl.SSOPrincipalImpl"
proxy="true"
refresh="true"
auto-retrieve="true"
auto-update="link"
auto-delete="link"
indirection-table="SSO_SITE_TO_CREDENTIALS"
>
<documentation>This is the reference to credentials.</documentation>
<fk-pointing-to-this-class column="SITE_ID"/>
<fk-pointing-to-element-class column="PRINCIPAL_ID"/>
</collection-descriptor>
</class-descriptor>
</descriptor-repository>
1.1 jakarta-jetspeed-2/components/sso/src/test/org/apache/jetspeed/sso/TestSSOComponent.java
Index: TestSSOComponent.java
===================================================================
/* Copyright 2004 Apache Software Foundation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.jetspeed.sso;
import java.util.HashMap;
import java.util.Map;
import org.apache.jetspeed.sso.impl.PersistenceBrokerSSOProvider;
import org.apache.jetspeed.sso.SSOProvider;
import org.apache.jetspeed.sso.impl.SSOSiteImpl;
import javax.security.auth.Subject;
import junit.framework.Test;
import junit.framework.TestSuite;
import org.apache.jetspeed.components.util.DatasourceEnabledSpringTestCase;
/**
* <p>
* Unit testing for {@link Preferences}.
* </p>
*
* @author <a href="rogerrut@apache.org">Roger Ruttimann</a>
*/
public class TestSSOComponent extends DatasourceEnabledSpringTestCase
{
/** The property manager. */
private static PersistenceBrokerSSOProvider ssoBroker = null;
/**
* @see junit.framework.TestCase#setUp()
*/
public void setUp() throws Exception
{
super.setUp();
try
{
//ssoBroker = (PersistenceBrokerSSOProvider) ctx.getBean("ssoProvider");
Object o = (Object) ctx.getBean("ssoProvider");
if (o == null)
System.out.println("Returned bean is null!!");
else
System.out.println("Bean is instance of:" + o.toString());
}
catch(Exception ex)
{
ex.printStackTrace();
throw new Exception("Exception while setup SSO TEST");
}
}
/**
* @see junit.framework.TestCase#tearDown()
*/
public void tearDown() throws Exception
{
clean();
// super.tearDown();
}
public static Test suite()
{
// All methods starting with "test" will be executed in the test suite.
return new TestSuite(TestSSOComponent.class);
}
/**
* <p>
* Test user root.
* </p>
*/
public void testSSO()
{
// TODO: Test cases
}
/**
* <p>
* Clean properties.
* </p>
*/
protected void clean() throws Exception
{
// Cleanup any credentails added during the test
/*
try
{
}
catch (SSOException ex)
{
System.out.println("SSOException" + ex);
}
*/
}
protected String[] getConfigurations()
{
return new String[]{"META-INF/sso-dao.xml", "META-INF/transaction.xml"};
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org