Return-Path: Delivered-To: apmail-cocoon-cvs-archive@www.apache.org Received: (qmail 94199 invoked from network); 15 Jan 2007 14:47:34 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 15 Jan 2007 14:47:34 -0000 Received: (qmail 65183 invoked by uid 500); 15 Jan 2007 14:47:41 -0000 Delivered-To: apmail-cocoon-cvs-archive@cocoon.apache.org Received: (qmail 65133 invoked by uid 500); 15 Jan 2007 14:47:41 -0000 Mailing-List: contact cvs-help@cocoon.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@cocoon.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list cvs@cocoon.apache.org Received: (qmail 65122 invoked by uid 99); 15 Jan 2007 14:47:40 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 15 Jan 2007 06:47:40 -0800 X-ASF-Spam-Status: No, hits=-9.4 required=10.0 tests=ALL_TRUSTED,NO_REAL_NAME X-Spam-Check-By: apache.org Received: from [140.211.11.3] (HELO eris.apache.org) (140.211.11.3) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 15 Jan 2007 06:47:32 -0800 Received: by eris.apache.org (Postfix, from userid 65534) id 0B19F1A981A; Mon, 15 Jan 2007 06:46:30 -0800 (PST) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r496344 - in /cocoon/trunk/blocks: cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/ cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/ cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth... Date: Mon, 15 Jan 2007 14:46:29 -0000 To: cvs@cocoon.apache.org From: cziegeler@apache.org X-Mailer: svnmailer-1.1.0 Message-Id: <20070115144630.0B19F1A981A@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: cziegeler Date: Mon Jan 15 06:46:28 2007 New Revision: 496344 URL: http://svn.apache.org/viewvc?view=rev&rev=496344 Log: Further refactoring of cauth: no need to store map in a map anymore Add simple security handler and dao based security handler Added: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/AuthenticationException.java (with props) cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/DAOSecurityHandler.java (with props) cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/SimpleSecurityHandler.java (with props) cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardApplication.java - copied, changed from r496246, cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardApplication.java cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardUser.java - copied, changed from r496246, cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardUser.java cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserDAO.java (with props) cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserInfo.java (with props) Removed: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardApplication.java cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardUser.java Modified: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/ApplicationManager.java cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/SecurityHandler.java cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LoginAction.java cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LogoutAction.java cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/AnonymousSecurityHandler.java cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/PipelineSecurityHandler.java cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/ServletSecurityHandler.java cocoon/trunk/blocks/cocoon-portal/cocoon-portal-auth-impl/src/main/java/org/apache/cocoon/auth/portal/StandardPortalApplication.java cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/DBSecurityHandler.java cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/PortalUser.java Modified: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/ApplicationManager.java URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/ApplicationManager.java?view=diff&rev=496344&r1=496343&r2=496344 ============================================================================== --- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/ApplicationManager.java (original) +++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/ApplicationManager.java Mon Jan 15 06:46:28 2007 @@ -39,11 +39,11 @@ /** The string used to store the application data in the object model .*/ String APPLICATION_DATA = "cauth-application-data"; - /** The key for properties in the login context. */ - String LOGIN_CONTEXT_PROPERTIES_KEY = "properties"; + /** The key for the user name in the login context. */ + String LOGIN_CONTEXT_USERNAME_KEY = "name"; - /** The key for properties in the logout context. */ - String LOGOUT_CONTEXT_PROPERTIES_KEY = "properties"; + /** The key for the user password in the login context. */ + String LOGIN_CONTEXT_PASSWORD_KEY = "password"; /** The key for the logout method in the logout context. */ String LOGOUT_CONTEXT_MODE_KEY = "mode"; Added: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/AuthenticationException.java URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/AuthenticationException.java?view=auto&rev=496344 ============================================================================== --- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/AuthenticationException.java (added) +++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/AuthenticationException.java Mon Jan 15 06:46:28 2007 @@ -0,0 +1,75 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. + * + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.cocoon.auth; + +/** + * This exception is thrown by a {@link SecurityHandler} if the authentication + * fails. + * + * @version $Id$ + */ +public class AuthenticationException extends Exception { + + public static final int AUTHENTICATION_FAILED = -1; + public static final int AUTHENTICATION_FAILED_ACCOUNT_CLOSED = -2; + public static final int AUTHENTICATION_FAILED_ACCOUNT_IS_CLOSED = -3; + public static final int AUTHENTICATION_FAILED_PASSWORD_EXPIRED = -4; + + protected int errorCode = AUTHENTICATION_FAILED; + + public AuthenticationException() { + super(); + } + + public AuthenticationException(String message, Throwable cause) { + super(message, cause); + } + + public AuthenticationException(String message) { + super(message); + } + + public AuthenticationException(Throwable cause) { + super(cause); + } + + public AuthenticationException(int s) { + super(); + this.errorCode = s; + } + + public AuthenticationException(String message, int s, Throwable cause) { + super(message, cause); + this.errorCode = s; + } + + public AuthenticationException(String message, int s) { + super(message); + this.errorCode = s; + } + + public AuthenticationException(int s, Throwable cause) { + super(cause); + this.errorCode = s; + } + + public int getErrorCode() { + return this.errorCode; + } +} Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/AuthenticationException.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/AuthenticationException.java ------------------------------------------------------------------------------ svn:keywords = Id Modified: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/SecurityHandler.java URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/SecurityHandler.java?view=diff&rev=496344&r1=496343&r2=496344 ============================================================================== --- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/SecurityHandler.java (original) +++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/SecurityHandler.java Mon Jan 15 06:46:28 2007 @@ -38,10 +38,10 @@ * Try to authenticate the user. * @param context The context for the login operation. * @return The user if the authentication is successful, null otherwise. - * @throws Exception If something goes wrong. + * @throws AuthenticationException If something goes wrong. */ User login(Map context) - throws Exception; + throws AuthenticationException; /** * This notifies the security-handler that a user logs out. Modified: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LoginAction.java URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LoginAction.java?view=diff&rev=496344&r1=496343&r2=496344 ============================================================================== --- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LoginAction.java (original) +++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LoginAction.java Mon Jan 15 06:46:28 2007 @@ -25,7 +25,6 @@ import org.apache.avalon.framework.parameters.Parameters; import org.apache.cocoon.environment.Redirector; import org.apache.cocoon.environment.SourceResolver; -import org.apache.cocoon.auth.ApplicationManager; import org.apache.cocoon.auth.User; /** @@ -59,7 +58,7 @@ Map map = null; final Map loginContext = new HashMap(); - loginContext.put(ApplicationManager.LOGIN_CONTEXT_PROPERTIES_KEY, Parameters.toProperties(par)); + loginContext.putAll(Parameters.toProperties(par)); final User user = this.applicationManager.login( applicationName, loginContext ); Modified: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LogoutAction.java URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LogoutAction.java?view=diff&rev=496344&r1=496343&r2=496344 ============================================================================== --- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LogoutAction.java (original) +++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/acting/LogoutAction.java Mon Jan 15 06:46:28 2007 @@ -64,7 +64,7 @@ } final Map logoutContext = new HashMap(); - logoutContext.put(ApplicationManager.LOGOUT_CONTEXT_PROPERTIES_KEY, Parameters.toProperties(par)); + logoutContext.putAll(Parameters.toProperties(par)); logoutContext.put(ApplicationManager.LOGOUT_CONTEXT_MODE_KEY, mode); this.applicationManager.logout(applicationName, logoutContext); Modified: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/AnonymousSecurityHandler.java URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/AnonymousSecurityHandler.java?view=diff&rev=496344&r1=496343&r2=496344 ============================================================================== --- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/AnonymousSecurityHandler.java (original) +++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/AnonymousSecurityHandler.java Mon Jan 15 06:46:28 2007 @@ -20,7 +20,7 @@ import java.util.Map; -import org.apache.cocoon.auth.StandardUser; +import org.apache.cocoon.auth.AuthenticationException; import org.apache.cocoon.auth.User; /** @@ -38,7 +38,8 @@ /** * @see org.apache.cocoon.auth.SecurityHandler#login(java.util.Map) */ - public synchronized User login(final Map loginContext) throws Exception { + public synchronized User login(final Map loginContext) + throws AuthenticationException { final User user = new StandardUser("anonymous"+this.number); this.number++; return user; Added: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/DAOSecurityHandler.java URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/DAOSecurityHandler.java?view=auto&rev=496344 ============================================================================== --- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/DAOSecurityHandler.java (added) +++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/DAOSecurityHandler.java Mon Jan 15 06:46:28 2007 @@ -0,0 +1,147 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. + * + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.cocoon.auth.impl; + +import java.util.Date; +import java.util.Map; + +import org.apache.cocoon.auth.ApplicationManager; +import org.apache.cocoon.auth.AuthenticationException; +import org.apache.cocoon.auth.User; +import org.apache.commons.lang.StringUtils; + +/** + * Implementation of a DAO security handler. + * This implementation supports: + * - a retry count (counting up and down) + * - an expires date for the user account. + * + * The database access is forwarded to a configured UserDAO instance. + * + * @version $Id$ + */ +public class DAOSecurityHandler extends AbstractSecurityHandler { + + protected UserDAO userDAO; + + protected boolean checkExpires = true; + protected boolean useRetryCount = true; + protected boolean negateRetryCount = false; + protected int defaultRetryCount = 3; + + public void setCheckExpires(boolean checkExpires) { + this.checkExpires = checkExpires; + } + + public void setDefaultRetryCount(int defaultRetryCount) { + this.defaultRetryCount = defaultRetryCount; + } + + public void setNegateRetryCount(boolean negateRetryCount) { + this.negateRetryCount = negateRetryCount; + } + + public void setUserDAO(UserDAO userDAO) { + this.userDAO = userDAO; + } + + public void setUseRetryCount(boolean useRetryCount) { + this.useRetryCount = useRetryCount; + } + + /** + * @see org.apache.cocoon.auth.SecurityHandler#login(java.util.Map) + */ + public User login(Map loginContext) + throws AuthenticationException { + // get user name and password + final String name = (String)loginContext.get(ApplicationManager.LOGIN_CONTEXT_USERNAME_KEY); + if ( name == null ) { + throw new AuthenticationException("Required user name property is missing for login."); + } + final String password = (String)loginContext.get(ApplicationManager.LOGIN_CONTEXT_PASSWORD_KEY); + + final UserInfo userinfo = this.userDAO.getUserInfo(name); + if ( userinfo == null ) { + return null; + } + boolean pwCorrect = StringUtils.equals(userinfo.getPassword(), password); + // check retry count + if ( this.useRetryCount ) { + if ( !negateRetryCount ) { + if ( userinfo.getRetryCount() >= this.defaultRetryCount ) { + throw new AuthenticationException(AuthenticationException.AUTHENTICATION_FAILED_ACCOUNT_IS_CLOSED); + } + if ( !pwCorrect ) { + userinfo.setRetryCount(userinfo.getRetryCount() + 1); + this.userDAO.storeUserInfo(userinfo); + if ( userinfo.getRetryCount() == this.defaultRetryCount ) { + throw new AuthenticationException(AuthenticationException.AUTHENTICATION_FAILED_ACCOUNT_CLOSED); + } + } else { + // reset retry count + if ( userinfo.getRetryCount() != 0 ) { + userinfo.setRetryCount(0); + this.userDAO.storeUserInfo(userinfo); + } + } + } else { + // the account is disabled when the counter is zero! + if ( userinfo.getRetryCount() == 0 ) { + throw new AuthenticationException(AuthenticationException.AUTHENTICATION_FAILED_ACCOUNT_IS_CLOSED); + } + if ( !pwCorrect ) { + userinfo.setRetryCount(userinfo.getRetryCount() - 1); + this.userDAO.storeUserInfo(userinfo); + if ( userinfo.getRetryCount() == 0 ) { + throw new AuthenticationException(AuthenticationException.AUTHENTICATION_FAILED_ACCOUNT_CLOSED); + } + } else { + // reset retry count + if ( userinfo.getRetryCount() != this.defaultRetryCount ) { + userinfo.setRetryCount(this.defaultRetryCount); + this.userDAO.storeUserInfo(userinfo); + } + } + } + } + // check expires + if ( pwCorrect && this.checkExpires ) { + final Date now = new Date(); + if ( userinfo.getExpires() != null ) { + if ( userinfo.getExpires().before(now) ) { + throw new AuthenticationException(AuthenticationException.AUTHENTICATION_FAILED_PASSWORD_EXPIRED); + } + } + } + // everything still correct? + if ( !pwCorrect ) { + return null; + } + return this.userDAO.getUser(userinfo); + } + + /** + * @see org.apache.cocoon.auth.SecurityHandler#logout(java.util.Map, org.apache.cocoon.auth.User) + */ + public void logout(Map context, User user) { + // nothing to do here + } + +} Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/DAOSecurityHandler.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/DAOSecurityHandler.java ------------------------------------------------------------------------------ svn:keywords = Id Modified: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/PipelineSecurityHandler.java URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/PipelineSecurityHandler.java?view=diff&rev=496344&r1=496343&r2=496344 ============================================================================== --- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/PipelineSecurityHandler.java (original) +++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/PipelineSecurityHandler.java Mon Jan 15 06:46:28 2007 @@ -18,22 +18,24 @@ */ package org.apache.cocoon.auth.impl; +import java.io.IOException; +import java.io.UnsupportedEncodingException; import java.util.Iterator; import java.util.Map; import java.util.Properties; -import org.apache.cocoon.auth.ApplicationManager; -import org.apache.cocoon.auth.StandardUser; +import org.apache.cocoon.ProcessingException; +import org.apache.cocoon.auth.AuthenticationException; import org.apache.cocoon.auth.User; import org.apache.cocoon.components.source.util.SourceUtil; import org.apache.cocoon.util.NetUtils; import org.apache.excalibur.source.Source; -import org.apache.excalibur.source.SourceException; import org.apache.excalibur.source.SourceResolver; import org.w3c.dom.Document; import org.w3c.dom.Element; import org.w3c.dom.Node; import org.w3c.dom.NodeList; +import org.xml.sax.SAXException; /** * Verify if a user can be authenticated. @@ -116,30 +118,32 @@ /** * @see org.apache.cocoon.auth.SecurityHandler#login(java.util.Map) */ - public User login(final Map loginContext) throws Exception { + public User login(final Map loginContext) + throws AuthenticationException { String authenticationResourceName = this.authenticationResource; // append parameters - Properties p = (Properties) - loginContext.get(ApplicationManager.LOGIN_CONTEXT_PROPERTIES_KEY); - if ( p != null ) { - final StringBuffer b = new StringBuffer(authenticationResourceName); - boolean hasParams = (authenticationResourceName.indexOf('?') != -1); - final Iterator i = p.entrySet().iterator(); - while ( i.hasNext() ) { - final Map.Entry current = (Map.Entry)i.next(); - final String key = current.getKey().toString(); - final String value = current.getValue().toString(); - if ( hasParams ) { - b.append('&'); - } else { - b.append('?'); - hasParams = true; - } + final StringBuffer b = new StringBuffer(authenticationResourceName); + boolean hasParams = (authenticationResourceName.indexOf('?') != -1); + final Iterator i = loginContext.entrySet().iterator(); + while ( i.hasNext() ) { + final Map.Entry current = (Map.Entry)i.next(); + final String key = current.getKey().toString(); + final String value = current.getValue().toString(); + if ( hasParams ) { + b.append('&'); + } else { + b.append('?'); + hasParams = true; + } + try { b.append(key).append('=').append(NetUtils.encode(value, "utf-8")); + } catch (UnsupportedEncodingException ignore) { + // this can never happen } - authenticationResourceName = b.toString(); } + authenticationResourceName = b.toString(); + User user = null; Document doc = null; @@ -149,8 +153,12 @@ source = SourceUtil.getSource(authenticationResourceName, null, null, this.resolver); doc = org.apache.cocoon.components.source.SourceUtil.toDOM(source); - } catch (SourceException se) { - throw SourceUtil.handle(se); + } catch (IOException e) { + throw new AuthenticationException(e); + } catch (ProcessingException e) { + throw new AuthenticationException(e); + } catch (SAXException e) { + throw new AuthenticationException(e); } finally { this.resolver.release(source); } Modified: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/ServletSecurityHandler.java URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/ServletSecurityHandler.java?view=diff&rev=496344&r1=496343&r2=496344 ============================================================================== --- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/ServletSecurityHandler.java (original) +++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/ServletSecurityHandler.java Mon Jan 15 06:46:28 2007 @@ -24,7 +24,7 @@ import org.apache.cocoon.environment.ObjectModelHelper; import org.apache.cocoon.environment.Request; import org.apache.cocoon.processing.ProcessInfoProvider; -import org.apache.cocoon.auth.StandardUser; +import org.apache.cocoon.auth.AuthenticationException; import org.apache.cocoon.auth.User; /** @@ -57,7 +57,8 @@ /** * @see org.apache.cocoon.auth.SecurityHandler#login(java.util.Map) */ - public User login(final Map loginContext) throws Exception { + public User login(final Map loginContext) + throws AuthenticationException { final Request req = ObjectModelHelper.getRequest(this.processInfoProvider.getObjectModel()); User user = null; if ( req.getRemoteUser() != null ) { Added: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/SimpleSecurityHandler.java URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/SimpleSecurityHandler.java?view=auto&rev=496344 ============================================================================== --- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/SimpleSecurityHandler.java (added) +++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/SimpleSecurityHandler.java Mon Jan 15 06:46:28 2007 @@ -0,0 +1,91 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. + * + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.cocoon.auth.impl; + +import java.util.Iterator; +import java.util.Map; +import java.util.Properties; + +import org.apache.cocoon.auth.ApplicationManager; +import org.apache.cocoon.auth.AuthenticationException; +import org.apache.cocoon.auth.User; +import org.apache.commons.lang.StringUtils; + +/** + * The simple security handler implements the {@link SecurityHandler} interface. + * The user configuration is done through a properties object which can be configured + * in the Spring application context. + * The property file should have the following format: + * {username}={userpassword} + * + * For example: + * cziegeler=secret_password + * cocoon=apache + * + * If you want to specify additional user attributes, use this format: + * {username}.{attributename}={attributevalue} + * + * @version $Id$ + */ +public class SimpleSecurityHandler + extends AbstractSecurityHandler { + + /** The properties. */ + protected Properties userProperties; + + public void setUserProperties(Properties p) { + this.userProperties = p; + } + + /** + * @see org.apache.cocoon.auth.SecurityHandler#login(java.util.Map) + */ + public User login(final Map loginContext) + throws AuthenticationException { + // get user name and password + final String name = (String)loginContext.get(ApplicationManager.LOGIN_CONTEXT_USERNAME_KEY); + if ( name == null ) { + throw new AuthenticationException("Required user name property is missing for login."); + } + final String password = (String)loginContext.get(ApplicationManager.LOGIN_CONTEXT_PASSWORD_KEY); + // compare password + if ( !StringUtils.equals(password, this.userProperties.getProperty(name)) ) { + return null; + } + final User user = new StandardUser(name); + // check for additional attributes + final String prefix = name + '.'; + final Iterator i = this.userProperties.entrySet().iterator(); + while ( i.hasNext() ) { + final Map.Entry current = (Map.Entry)i.next(); + if ( current.getKey().toString().startsWith(prefix) ) { + final String key = current.getKey().toString().substring(prefix.length()); + user.setAttribute(key, current.getValue()); + } + } + return user; + } + + /** + * @see org.apache.cocoon.auth.SecurityHandler#logout(java.util.Map, org.apache.cocoon.auth.User) + */ + public void logout(final Map logoutContext, final User user) { + // nothing to do here + } +} Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/SimpleSecurityHandler.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/SimpleSecurityHandler.java ------------------------------------------------------------------------------ svn:keywords = Id Copied: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardApplication.java (from r496246, cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardApplication.java) URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardApplication.java?view=diff&rev=496344&p1=cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardApplication.java&r1=496246&p2=cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardApplication.java&r2=496344 ============================================================================== --- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardApplication.java (original) +++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardApplication.java Mon Jan 15 06:46:28 2007 @@ -16,12 +16,16 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.apache.cocoon.auth; +package org.apache.cocoon.auth.impl; import java.util.Collections; import java.util.HashMap; import java.util.Map; +import org.apache.cocoon.auth.Application; +import org.apache.cocoon.auth.ApplicationStore; +import org.apache.cocoon.auth.SecurityHandler; +import org.apache.cocoon.auth.User; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; Copied: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardUser.java (from r496246, cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardUser.java) URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardUser.java?view=diff&rev=496344&p1=cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardUser.java&r1=496246&p2=cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardUser.java&r2=496344 ============================================================================== --- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-api/src/main/java/org/apache/cocoon/auth/StandardUser.java (original) +++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/StandardUser.java Mon Jan 15 06:46:28 2007 @@ -16,7 +16,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.apache.cocoon.auth; +package org.apache.cocoon.auth.impl; import java.io.Serializable; import java.util.ArrayList; @@ -25,6 +25,8 @@ import java.util.List; import java.util.Map; import java.util.StringTokenizer; + +import org.apache.cocoon.auth.User; /** * This object represents the current user. Each user must have a unique Added: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserDAO.java URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserDAO.java?view=auto&rev=496344 ============================================================================== --- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserDAO.java (added) +++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserDAO.java Mon Jan 15 06:46:28 2007 @@ -0,0 +1,44 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. + * + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.cocoon.auth.impl; + +import org.apache.cocoon.auth.User; + +/** + * Interface for the user dao. + * + * @version $Id$ + */ +public interface UserDAO { + + /** + * Get a user info for the given user name. + */ + UserInfo getUserInfo(String name); + + /** + * Store or update a user info in the database. + */ + void storeUserInfo(UserInfo info); + + /** + * Get the complete user for the user info. + */ + User getUser(UserInfo info); +} Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserDAO.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserDAO.java ------------------------------------------------------------------------------ svn:keywords = Id Added: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserInfo.java URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserInfo.java?view=auto&rev=496344 ============================================================================== --- cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserInfo.java (added) +++ cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserInfo.java Mon Jan 15 06:46:28 2007 @@ -0,0 +1,71 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. + * + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.cocoon.auth.impl; + +import java.util.Date; + +/** + * A simple bean holding user information like + * - the user name + * - the user password + * - the retry count + * - an expires date + * @version $Id$ + */ +public class UserInfo { + + protected int id; + + protected String user; + protected String password; + protected int retryCount; + protected Date expires; + + public Date getExpires() { + return expires; + } + public void setExpires(Date expires) { + this.expires = expires; + } + public String getPassword() { + return password; + } + public void setPassword(String password) { + this.password = password; + } + public int getRetryCount() { + return retryCount; + } + public void setRetryCount(int retryCount) { + this.retryCount = retryCount; + } + public String getUser() { + return user; + } + public void setUser(String user) { + this.user = user; + } + public int getId() { + return id; + } + public void setId(int id) { + this.id = id; + } + +} Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserInfo.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: cocoon/trunk/blocks/cocoon-auth/cocoon-auth-impl/src/main/java/org/apache/cocoon/auth/impl/UserInfo.java ------------------------------------------------------------------------------ svn:keywords = Id Modified: cocoon/trunk/blocks/cocoon-portal/cocoon-portal-auth-impl/src/main/java/org/apache/cocoon/auth/portal/StandardPortalApplication.java URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-portal/cocoon-portal-auth-impl/src/main/java/org/apache/cocoon/auth/portal/StandardPortalApplication.java?view=diff&rev=496344&r1=496343&r2=496344 ============================================================================== --- cocoon/trunk/blocks/cocoon-portal/cocoon-portal-auth-impl/src/main/java/org/apache/cocoon/auth/portal/StandardPortalApplication.java (original) +++ cocoon/trunk/blocks/cocoon-portal/cocoon-portal-auth-impl/src/main/java/org/apache/cocoon/auth/portal/StandardPortalApplication.java Mon Jan 15 06:46:28 2007 @@ -29,8 +29,8 @@ import org.apache.cocoon.portal.event.user.UserEventUtil; import org.apache.cocoon.portal.om.PortalUser; import org.apache.cocoon.portal.profile.impl.AbstractPortalUser; -import org.apache.cocoon.auth.StandardApplication; import org.apache.cocoon.auth.User; +import org.apache.cocoon.auth.impl.StandardApplication; /** * This is a default implementation for a portal application. Modified: cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/DBSecurityHandler.java URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/DBSecurityHandler.java?view=diff&rev=496344&r1=496343&r2=496344 ============================================================================== --- cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/DBSecurityHandler.java (original) +++ cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/DBSecurityHandler.java Mon Jan 15 06:46:28 2007 @@ -19,6 +19,7 @@ import java.util.Map; import org.apache.cocoon.auth.impl.AbstractSecurityHandler; +import org.apache.cocoon.auth.AuthenticationException; import org.apache.cocoon.auth.SecurityHandler; /** @@ -31,7 +32,8 @@ /** * @see SecurityHandler#login(Map) */ - public org.apache.cocoon.auth.User login(Map loginContext) throws Exception { + public org.apache.cocoon.auth.User login(Map loginContext) + throws AuthenticationException { /* PersistenceBroker broker = PersistenceBrokerFactory.defaultPersistenceBroker(); Modified: cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/PortalUser.java URL: http://svn.apache.org/viewvc/cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/PortalUser.java?view=diff&rev=496344&r1=496343&r2=496344 ============================================================================== --- cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/PortalUser.java (original) +++ cocoon/trunk/blocks/cocoon-portal/cocoon-portal-sample/src/main/java/org/apache/cocoon/portal/security/PortalUser.java Mon Jan 15 06:46:28 2007 @@ -18,7 +18,7 @@ import java.util.ArrayList; -import org.apache.cocoon.auth.StandardUser; +import org.apache.cocoon.auth.impl.StandardUser; /** * @version $Id$