cocoon-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cziege...@apache.org
Subject svn commit: r496344 - in /cocoon/trunk/blocks: cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/ cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/ cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth...
Date Mon, 15 Jan 2007 14:46:29 GMT
Author: cziegeler
Date: Mon Jan 15 06:46:28 2007
New Revision: 496344

URL: http://svn.apache.org/viewvc?view=rev&rev=496344
Log:
Further refactoring of cauth: no need to store map in a map anymore
Add simple security handler and dao based security handler

Added:
    cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/AuthenticationException.java
  (with props)
    cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/DAOSecurityHandler.java
  (with props)
    cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/SimpleSecurityHandler.java
  (with props)
    cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardApplication.java
      - copied, changed from r496246, cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardApplication.java
    cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardUser.java
      - copied, changed from r496246, cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardUser.java
    cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserDAO.java
  (with props)
    cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserInfo.java
  (with props)
Removed:
    cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardApplication.java
    cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardUser.java
Modified:
    cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/ApplicationManager.java
    cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/SecurityHandler.java
    cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LoginAction.java
    cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LogoutAction.java
    cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/AnonymousSecurityHandler.java
    cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/PipelineSecurityHandler.java
    cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/ServletSecurityHandler.java
    cocoon/trunk/blocks/cocoon-portal/cocoon-portal-auth-impl/src/main/java/org/apache/cocoon/auth/portal/StandardPortalApplication.java
    cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/DBSecurityHandler.java
    cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/PortalUser.java

Modified: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/ApplicationManager.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/ApplicationManager.java?view=diff&rev=496344&r1=496343&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/ApplicationManager.java
(original)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/ApplicationManager.java
Mon Jan 15 06:46:28 2007
@@ -39,11 +39,11 @@
     /** The string used to store the application data in the object model .*/
     String APPLICATION_DATA = "cauth-application-data";
 
-    /** The key for properties in the login context. */
-    String LOGIN_CONTEXT_PROPERTIES_KEY = "properties";
+    /** The key for the user name in the login context. */
+    String LOGIN_CONTEXT_USERNAME_KEY = "name";
 
-    /** The key for properties in the logout context. */
-    String LOGOUT_CONTEXT_PROPERTIES_KEY = "properties";
+    /** The key for the user password in the login context. */
+    String LOGIN_CONTEXT_PASSWORD_KEY = "password";
 
     /** The key for the logout method in the logout context. */
     String LOGOUT_CONTEXT_MODE_KEY = "mode";

Added: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/AuthenticationException.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/AuthenticationException.java?view=auto&rev=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/AuthenticationException.java
(added)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/AuthenticationException.java
Mon Jan 15 06:46:28 2007
@@ -0,0 +1,75 @@
+/* 
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed  under the  License is distributed on an "AS IS" BASIS,
+ * WITHOUT  WARRANTIES OR CONDITIONS  OF ANY KIND, either  express  or
+ * implied.
+ *
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth;
+
+/**
+ * This exception is thrown by a {@link SecurityHandler} if the authentication
+ * fails.
+ *
+ * @version $Id$
+ */
+public class AuthenticationException extends Exception {
+
+    public static final int AUTHENTICATION_FAILED = -1;
+    public static final int AUTHENTICATION_FAILED_ACCOUNT_CLOSED = -2;
+    public static final int AUTHENTICATION_FAILED_ACCOUNT_IS_CLOSED = -3;
+    public static final int AUTHENTICATION_FAILED_PASSWORD_EXPIRED = -4;
+
+    protected int errorCode = AUTHENTICATION_FAILED;
+
+    public AuthenticationException() {
+        super();
+    }
+
+    public AuthenticationException(String message, Throwable cause) {
+        super(message, cause);
+    }
+
+    public AuthenticationException(String message) {
+        super(message);
+    }
+
+    public AuthenticationException(Throwable cause) {
+        super(cause);
+    }
+
+    public AuthenticationException(int s) {
+        super();
+        this.errorCode = s;
+    }
+
+    public AuthenticationException(String message, int s, Throwable cause) {
+        super(message, cause);
+        this.errorCode = s;
+    }
+
+    public AuthenticationException(String message, int s) {
+        super(message);
+        this.errorCode = s;
+    }
+
+    public AuthenticationException(int s, Throwable cause) {
+        super(cause);
+        this.errorCode = s;
+    }
+
+    public int getErrorCode() {
+        return this.errorCode;
+    }
+}

Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/AuthenticationException.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/AuthenticationException.java
------------------------------------------------------------------------------
    svn:keywords = Id

Modified: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/SecurityHandler.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/SecurityHandler.java?view=diff&rev=496344&r1=496343&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/SecurityHandler.java
(original)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/SecurityHandler.java
Mon Jan 15 06:46:28 2007
@@ -38,10 +38,10 @@
      * Try to authenticate the user.
      * @param context The context for the login operation.
      * @return The user if the authentication is successful, null otherwise.
-     * @throws Exception If something goes wrong.
+     * @throws AuthenticationException If something goes wrong.
      */
     User login(Map context)
-    throws Exception;
+    throws AuthenticationException;
 
     /**
      * This notifies the security-handler that a user logs out.

Modified: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LoginAction.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LoginAction.java?view=diff&rev=496344&r1=496343&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LoginAction.java
(original)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LoginAction.java
Mon Jan 15 06:46:28 2007
@@ -25,7 +25,6 @@
 import org.apache.avalon.framework.parameters.Parameters;
 import org.apache.cocoon.environment.Redirector;
 import org.apache.cocoon.environment.SourceResolver;
-import org.apache.cocoon.auth.ApplicationManager;
 import org.apache.cocoon.auth.User;
 
 /**
@@ -59,7 +58,7 @@
         Map map = null;
 
         final Map loginContext = new HashMap();
-        loginContext.put(ApplicationManager.LOGIN_CONTEXT_PROPERTIES_KEY, Parameters.toProperties(par));
+        loginContext.putAll(Parameters.toProperties(par));
         final User user =
                   this.applicationManager.login( applicationName, loginContext );
 

Modified: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LogoutAction.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LogoutAction.java?view=diff&rev=496344&r1=496343&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LogoutAction.java
(original)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LogoutAction.java
Mon Jan 15 06:46:28 2007
@@ -64,7 +64,7 @@
         }
 
         final Map logoutContext = new HashMap();
-        logoutContext.put(ApplicationManager.LOGOUT_CONTEXT_PROPERTIES_KEY, Parameters.toProperties(par));
+        logoutContext.putAll(Parameters.toProperties(par));
         logoutContext.put(ApplicationManager.LOGOUT_CONTEXT_MODE_KEY, mode);
 
         this.applicationManager.logout(applicationName, logoutContext);

Modified: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/AnonymousSecurityHandler.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/AnonymousSecurityHandler.java?view=diff&rev=496344&r1=496343&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/AnonymousSecurityHandler.java
(original)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/AnonymousSecurityHandler.java
Mon Jan 15 06:46:28 2007
@@ -20,7 +20,7 @@
 
 import java.util.Map;
 
-import org.apache.cocoon.auth.StandardUser;
+import org.apache.cocoon.auth.AuthenticationException;
 import org.apache.cocoon.auth.User;
 
 /**
@@ -38,7 +38,8 @@
     /**
      * @see org.apache.cocoon.auth.SecurityHandler#login(java.util.Map)
      */
-    public synchronized User login(final Map loginContext) throws Exception {
+    public synchronized User login(final Map loginContext)
+    throws AuthenticationException {
         final User user = new StandardUser("anonymous"+this.number);
         this.number++;
         return user;

Added: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/DAOSecurityHandler.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/DAOSecurityHandler.java?view=auto&rev=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/DAOSecurityHandler.java
(added)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/DAOSecurityHandler.java
Mon Jan 15 06:46:28 2007
@@ -0,0 +1,147 @@
+/* 
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed  under the  License is distributed on an "AS IS" BASIS,
+ * WITHOUT  WARRANTIES OR CONDITIONS  OF ANY KIND, either  express  or
+ * implied.
+ *
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth.impl;
+
+import java.util.Date;
+import java.util.Map;
+
+import org.apache.cocoon.auth.ApplicationManager;
+import org.apache.cocoon.auth.AuthenticationException;
+import org.apache.cocoon.auth.User;
+import org.apache.commons.lang.StringUtils;
+
+/**
+ * Implementation of a DAO security handler.
+ * This implementation supports:
+ * - a retry count (counting up and down)
+ * - an expires date for the user account.
+ *
+ * The database access is forwarded to a configured UserDAO instance.
+ *
+ * @version $Id$
+ */
+public class DAOSecurityHandler extends AbstractSecurityHandler {
+
+    protected UserDAO userDAO;
+
+    protected boolean checkExpires = true;
+    protected boolean useRetryCount = true;
+    protected boolean negateRetryCount = false;
+    protected int defaultRetryCount = 3;
+
+    public void setCheckExpires(boolean checkExpires) {
+        this.checkExpires = checkExpires;
+    }
+
+    public void setDefaultRetryCount(int defaultRetryCount) {
+        this.defaultRetryCount = defaultRetryCount;
+    }
+
+    public void setNegateRetryCount(boolean negateRetryCount) {
+        this.negateRetryCount = negateRetryCount;
+    }
+
+    public void setUserDAO(UserDAO userDAO) {
+        this.userDAO = userDAO;
+    }
+
+    public void setUseRetryCount(boolean useRetryCount) {
+        this.useRetryCount = useRetryCount;
+    }
+
+    /**
+     * @see org.apache.cocoon.auth.SecurityHandler#login(java.util.Map)
+     */
+    public User login(Map loginContext)
+    throws AuthenticationException {
+        // get user name and password
+        final String name = (String)loginContext.get(ApplicationManager.LOGIN_CONTEXT_USERNAME_KEY);
+        if ( name == null ) {
+            throw new AuthenticationException("Required user name property is missing for
login.");            
+        }
+        final String password = (String)loginContext.get(ApplicationManager.LOGIN_CONTEXT_PASSWORD_KEY);
+
+        final UserInfo userinfo = this.userDAO.getUserInfo(name);
+        if ( userinfo == null ) {
+            return null;
+        }
+        boolean pwCorrect = StringUtils.equals(userinfo.getPassword(), password);
+        // check retry count
+        if ( this.useRetryCount ) {
+            if ( !negateRetryCount ) {
+                if ( userinfo.getRetryCount() >= this.defaultRetryCount ) {
+                    throw new AuthenticationException(AuthenticationException.AUTHENTICATION_FAILED_ACCOUNT_IS_CLOSED);
+                }
+                if ( !pwCorrect ) {
+                    userinfo.setRetryCount(userinfo.getRetryCount() + 1);
+                    this.userDAO.storeUserInfo(userinfo);
+                    if ( userinfo.getRetryCount() == this.defaultRetryCount ) {
+                        throw new AuthenticationException(AuthenticationException.AUTHENTICATION_FAILED_ACCOUNT_CLOSED);
+                    }
+                } else {
+                    // reset retry count
+                    if ( userinfo.getRetryCount() != 0 ) {
+                        userinfo.setRetryCount(0);
+                        this.userDAO.storeUserInfo(userinfo);
+                    }
+                }
+            } else {
+                // the account is disabled when the counter is zero!
+                if ( userinfo.getRetryCount() == 0 ) {
+                    throw new AuthenticationException(AuthenticationException.AUTHENTICATION_FAILED_ACCOUNT_IS_CLOSED);
+                }
+                if ( !pwCorrect ) {
+                    userinfo.setRetryCount(userinfo.getRetryCount() - 1);
+                    this.userDAO.storeUserInfo(userinfo);
+                    if ( userinfo.getRetryCount() == 0 ) {
+                        throw new AuthenticationException(AuthenticationException.AUTHENTICATION_FAILED_ACCOUNT_CLOSED);
+                    }
+                } else {
+                    // reset retry count
+                    if ( userinfo.getRetryCount() != this.defaultRetryCount ) {
+                        userinfo.setRetryCount(this.defaultRetryCount);
+                        this.userDAO.storeUserInfo(userinfo);
+                    }
+                }
+            }
+        }
+        // check expires
+        if ( pwCorrect && this.checkExpires ) {
+            final Date now = new Date();
+            if ( userinfo.getExpires() != null ) {
+                if ( userinfo.getExpires().before(now) ) {
+                    throw new AuthenticationException(AuthenticationException.AUTHENTICATION_FAILED_PASSWORD_EXPIRED);
+                }
+            }
+        }
+        // everything still correct?
+        if ( !pwCorrect ) {
+            return null;
+        }
+        return this.userDAO.getUser(userinfo);
+    }
+
+    /**
+     * @see org.apache.cocoon.auth.SecurityHandler#logout(java.util.Map, org.apache.cocoon.auth.User)
+     */
+    public void logout(Map context, User user) {
+        // nothing to do here
+    }
+
+}

Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/DAOSecurityHandler.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/DAOSecurityHandler.java
------------------------------------------------------------------------------
    svn:keywords = Id

Modified: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/PipelineSecurityHandler.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/PipelineSecurityHandler.java?view=diff&rev=496344&r1=496343&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/PipelineSecurityHandler.java
(original)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/PipelineSecurityHandler.java
Mon Jan 15 06:46:28 2007
@@ -18,22 +18,24 @@
  */
 package org.apache.cocoon.auth.impl;
 
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
 import java.util.Iterator;
 import java.util.Map;
 import java.util.Properties;
 
-import org.apache.cocoon.auth.ApplicationManager;
-import org.apache.cocoon.auth.StandardUser;
+import org.apache.cocoon.ProcessingException;
+import org.apache.cocoon.auth.AuthenticationException;
 import org.apache.cocoon.auth.User;
 import org.apache.cocoon.components.source.util.SourceUtil;
 import org.apache.cocoon.util.NetUtils;
 import org.apache.excalibur.source.Source;
-import org.apache.excalibur.source.SourceException;
 import org.apache.excalibur.source.SourceResolver;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
 import org.w3c.dom.NodeList;
+import org.xml.sax.SAXException;
 
 /**
  * Verify if a user can be authenticated.
@@ -116,30 +118,32 @@
     /**
      * @see org.apache.cocoon.auth.SecurityHandler#login(java.util.Map)
      */
-    public User login(final Map loginContext) throws Exception {
+    public User login(final Map loginContext)
+    throws AuthenticationException {
         String authenticationResourceName = this.authenticationResource;
 
         // append parameters
-        Properties p = (Properties)
-                     loginContext.get(ApplicationManager.LOGIN_CONTEXT_PROPERTIES_KEY);
-        if ( p != null ) {
-            final StringBuffer b = new StringBuffer(authenticationResourceName);
-            boolean hasParams = (authenticationResourceName.indexOf('?') != -1);
-            final Iterator i = p.entrySet().iterator();
-            while ( i.hasNext() ) {
-                final Map.Entry current = (Map.Entry)i.next();
-                final String key = current.getKey().toString();
-                final String value = current.getValue().toString();
-                if ( hasParams ) {
-                    b.append('&');
-                } else {
-                    b.append('?');
-                    hasParams = true;
-                }
+        final StringBuffer b = new StringBuffer(authenticationResourceName);
+        boolean hasParams = (authenticationResourceName.indexOf('?') != -1);
+        final Iterator i = loginContext.entrySet().iterator();
+        while ( i.hasNext() ) {
+            final Map.Entry current = (Map.Entry)i.next();
+            final String key = current.getKey().toString();
+            final String value = current.getValue().toString();
+            if ( hasParams ) {
+                b.append('&');
+            } else {
+                b.append('?');
+                hasParams = true;
+            }
+            try {
                 b.append(key).append('=').append(NetUtils.encode(value, "utf-8"));
+            } catch (UnsupportedEncodingException ignore) {
+                // this can never happen
             }
-            authenticationResourceName = b.toString();
         }
+        authenticationResourceName = b.toString();
+
         User user = null;
         Document doc = null;
 
@@ -149,8 +153,12 @@
             source = SourceUtil.getSource(authenticationResourceName, null,
                                           null, this.resolver);
             doc = org.apache.cocoon.components.source.SourceUtil.toDOM(source);
-        } catch (SourceException se) {
-            throw SourceUtil.handle(se);
+        } catch (IOException e) {
+            throw new AuthenticationException(e);
+        } catch (ProcessingException e) {
+            throw new AuthenticationException(e);
+        } catch (SAXException e) {
+            throw new AuthenticationException(e);
         } finally {
             this.resolver.release(source);
         }

Modified: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/ServletSecurityHandler.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/ServletSecurityHandler.java?view=diff&rev=496344&r1=496343&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/ServletSecurityHandler.java
(original)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/ServletSecurityHandler.java
Mon Jan 15 06:46:28 2007
@@ -24,7 +24,7 @@
 import org.apache.cocoon.environment.ObjectModelHelper;
 import org.apache.cocoon.environment.Request;
 import org.apache.cocoon.processing.ProcessInfoProvider;
-import org.apache.cocoon.auth.StandardUser;
+import org.apache.cocoon.auth.AuthenticationException;
 import org.apache.cocoon.auth.User;
 
 /**
@@ -57,7 +57,8 @@
     /**
      * @see org.apache.cocoon.auth.SecurityHandler#login(java.util.Map)
      */
-    public User login(final Map loginContext) throws Exception {
+    public User login(final Map loginContext)
+    throws AuthenticationException {
         final Request req = ObjectModelHelper.getRequest(this.processInfoProvider.getObjectModel());
         User user = null;
         if ( req.getRemoteUser() != null ) {

Added: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/SimpleSecurityHandler.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/SimpleSecurityHandler.java?view=auto&rev=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/SimpleSecurityHandler.java
(added)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/SimpleSecurityHandler.java
Mon Jan 15 06:46:28 2007
@@ -0,0 +1,91 @@
+/* 
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed  under the  License is distributed on an "AS IS" BASIS,
+ * WITHOUT  WARRANTIES OR CONDITIONS  OF ANY KIND, either  express  or
+ * implied.
+ *
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth.impl;
+
+import java.util.Iterator;
+import java.util.Map;
+import java.util.Properties;
+
+import org.apache.cocoon.auth.ApplicationManager;
+import org.apache.cocoon.auth.AuthenticationException;
+import org.apache.cocoon.auth.User;
+import org.apache.commons.lang.StringUtils;
+
+/**
+ * The simple security handler implements the {@link SecurityHandler} interface.
+ * The user configuration is done through a properties object which can be configured
+ * in the Spring application context.
+ * The property file should have the following format:
+ * {username}={userpassword}
+ * 
+ * For example:
+ * cziegeler=secret_password
+ * cocoon=apache
+ * 
+ * If you want to specify additional user attributes, use this format:
+ * {username}.{attributename}={attributevalue}
+ *
+ * @version $Id$
+ */
+public class SimpleSecurityHandler
+    extends AbstractSecurityHandler {
+
+    /** The properties. */
+    protected Properties userProperties;
+
+    public void setUserProperties(Properties p) {
+        this.userProperties = p;
+    }
+
+    /**
+     * @see org.apache.cocoon.auth.SecurityHandler#login(java.util.Map)
+     */
+    public User login(final Map loginContext)
+    throws AuthenticationException {
+        // get user name and password
+        final String name = (String)loginContext.get(ApplicationManager.LOGIN_CONTEXT_USERNAME_KEY);
+        if ( name == null ) {
+            throw new AuthenticationException("Required user name property is missing for
login.");            
+        }
+        final String password = (String)loginContext.get(ApplicationManager.LOGIN_CONTEXT_PASSWORD_KEY);
+        // compare password
+        if ( !StringUtils.equals(password, this.userProperties.getProperty(name)) ) {
+            return null;
+        }
+        final User user = new StandardUser(name);
+        // check for additional attributes
+        final String prefix = name + '.';
+        final Iterator i = this.userProperties.entrySet().iterator();
+        while ( i.hasNext() ) {
+            final Map.Entry current = (Map.Entry)i.next();
+            if ( current.getKey().toString().startsWith(prefix) ) {
+                final String key = current.getKey().toString().substring(prefix.length());
+                user.setAttribute(key, current.getValue());
+            }
+        }
+        return user;
+    }
+
+    /**
+     * @see org.apache.cocoon.auth.SecurityHandler#logout(java.util.Map, org.apache.cocoon.auth.User)
+     */
+    public void logout(final Map logoutContext, final User user) {
+        // nothing to do here
+    }
+}

Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/SimpleSecurityHandler.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/SimpleSecurityHandler.java
------------------------------------------------------------------------------
    svn:keywords = Id

Copied: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardApplication.java
(from r496246, cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardApplication.java)
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardApplication.java?view=diff&rev=496344&p1=cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardApplication.java&r1=496246&p2=cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardApplication.java&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardApplication.java
(original)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardApplication.java
Mon Jan 15 06:46:28 2007
@@ -16,12 +16,16 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.apache.cocoon.auth;
+package org.apache.cocoon.auth.impl;
 
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.Map;
 
+import org.apache.cocoon.auth.Application;
+import org.apache.cocoon.auth.ApplicationStore;
+import org.apache.cocoon.auth.SecurityHandler;
+import org.apache.cocoon.auth.User;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 

Copied: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardUser.java
(from r496246, cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardUser.java)
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardUser.java?view=diff&rev=496344&p1=cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardUser.java&r1=496246&p2=cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardUser.java&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardUser.java
(original)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardUser.java
Mon Jan 15 06:46:28 2007
@@ -16,7 +16,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package org.apache.cocoon.auth;
+package org.apache.cocoon.auth.impl;
 
 import java.io.Serializable;
 import java.util.ArrayList;
@@ -25,6 +25,8 @@
 import java.util.List;
 import java.util.Map;
 import java.util.StringTokenizer;
+
+import org.apache.cocoon.auth.User;
 
 /**
  * This object represents the current user. Each user must have a unique

Added: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserDAO.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserDAO.java?view=auto&rev=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserDAO.java
(added)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserDAO.java
Mon Jan 15 06:46:28 2007
@@ -0,0 +1,44 @@
+/* 
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed  under the  License is distributed on an "AS IS" BASIS,
+ * WITHOUT  WARRANTIES OR CONDITIONS  OF ANY KIND, either  express  or
+ * implied.
+ *
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth.impl;
+
+import org.apache.cocoon.auth.User;
+
+/**
+ * Interface for the user dao.
+ * 
+ * @version $Id$
+ */
+public interface UserDAO {
+
+    /**
+     * Get a user info for the given user name.
+     */
+    UserInfo getUserInfo(String name);
+
+    /**
+     * Store or update a user info in the database.
+     */
+    void storeUserInfo(UserInfo info);
+
+    /**
+     * Get the complete user for the user info.
+     */
+    User getUser(UserInfo info);
+}

Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserDAO.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserDAO.java
------------------------------------------------------------------------------
    svn:keywords = Id

Added: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserInfo.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserInfo.java?view=auto&rev=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserInfo.java
(added)
+++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserInfo.java
Mon Jan 15 06:46:28 2007
@@ -0,0 +1,71 @@
+/* 
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed  under the  License is distributed on an "AS IS" BASIS,
+ * WITHOUT  WARRANTIES OR CONDITIONS  OF ANY KIND, either  express  or
+ * implied.
+ *
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.auth.impl;
+
+import java.util.Date;
+
+/**
+ * A simple bean holding user information like
+ * - the user name
+ * - the user password
+ * - the retry count
+ * - an expires date
+ * @version $Id$
+ */
+public class UserInfo {
+
+    protected int id;
+
+    protected String user;
+    protected String password;
+    protected int    retryCount;
+    protected Date   expires;
+
+    public Date getExpires() {
+        return expires;
+    }
+    public void setExpires(Date expires) {
+        this.expires = expires;
+    }
+    public String getPassword() {
+        return password;
+    }
+    public void setPassword(String password) {
+        this.password = password;
+    }
+    public int getRetryCount() {
+        return retryCount;
+    }
+    public void setRetryCount(int retryCount) {
+        this.retryCount = retryCount;
+    }
+    public String getUser() {
+        return user;
+    }
+    public void setUser(String user) {
+        this.user = user;
+    }
+    public int getId() {
+        return id;
+    }
+    public void setId(int id) {
+        this.id = id;
+    }
+
+}

Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserInfo.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserInfo.java
------------------------------------------------------------------------------
    svn:keywords = Id

Modified: cocoon/trunk/blocks/cocoon-portal/cocoon-portal-auth-impl/src/main/java/org/apache/cocoon/auth/portal/StandardPortalApplication.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-portal/cocoon-portal-auth-impl/src/main/java/org/apache/cocoon/auth/portal/StandardPortalApplication.java?view=diff&rev=496344&r1=496343&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-portal/cocoon-portal-auth-impl/src/main/java/org/apache/cocoon/auth/portal/StandardPortalApplication.java
(original)
+++ cocoon/trunk/blocks/cocoon-portal/cocoon-portal-auth-impl/src/main/java/org/apache/cocoon/auth/portal/StandardPortalApplication.java
Mon Jan 15 06:46:28 2007
@@ -29,8 +29,8 @@
 import org.apache.cocoon.portal.event.user.UserEventUtil;
 import org.apache.cocoon.portal.om.PortalUser;
 import org.apache.cocoon.portal.profile.impl.AbstractPortalUser;
-import org.apache.cocoon.auth.StandardApplication;
 import org.apache.cocoon.auth.User;
+import org.apache.cocoon.auth.impl.StandardApplication;
 
 /**
  * This is a default implementation for a portal application.

Modified: cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/DBSecurityHandler.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/DBSecurityHandler.java?view=diff&rev=496344&r1=496343&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/DBSecurityHandler.java
(original)
+++ cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/DBSecurityHandler.java
Mon Jan 15 06:46:28 2007
@@ -19,6 +19,7 @@
 import java.util.Map;
 
 import org.apache.cocoon.auth.impl.AbstractSecurityHandler;
+import org.apache.cocoon.auth.AuthenticationException;
 import org.apache.cocoon.auth.SecurityHandler;
 
 /**
@@ -31,7 +32,8 @@
     /**
      * @see SecurityHandler#login(Map)
      */
-    public org.apache.cocoon.auth.User login(Map loginContext) throws Exception {
+    public org.apache.cocoon.auth.User login(Map loginContext)
+    throws AuthenticationException {
         /*
         PersistenceBroker broker = PersistenceBrokerFactory.defaultPersistenceBroker();
 

Modified: cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/PortalUser.java
URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/PortalUser.java?view=diff&rev=496344&r1=496343&r2=496344
==============================================================================
--- cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/PortalUser.java
(original)
+++ cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/PortalUser.java
Mon Jan 15 06:46:28 2007
@@ -18,7 +18,7 @@
 
 import java.util.ArrayList;
 
-import org.apache.cocoon.auth.StandardUser;
+import org.apache.cocoon.auth.impl.StandardUser;
 
 /**
  * @version $Id$



Mime
View raw message