incubator-photark-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a..@apache.org
Subject svn commit: r949197 - in /incubator/photark/trunk: ./ photark-security/ photark-security/src/ photark-security/src/main/ photark-security/src/main/java/ photark-security/src/main/java/org/ photark-security/src/main/java/org/apache/ photark-security/src...
Date Fri, 28 May 2010 14:58:01 GMT
Author: avd
Date: Fri May 28 14:57:59 2010
New Revision: 949197

URL: http://svn.apache.org/viewvc?rev=949197&view=rev
Log:
PHOTARK-20 Applying patch from Suhothayan Sriskandarajah.This patch adds Authentication Feature using OpenId.

Added:
    incubator/photark/trunk/photark-security/
    incubator/photark/trunk/photark-security/pom.xml
    incubator/photark/trunk/photark-security/src/
    incubator/photark/trunk/photark-security/src/main/
    incubator/photark/trunk/photark-security/src/main/java/
    incubator/photark/trunk/photark-security/src/main/java/org/
    incubator/photark/trunk/photark-security/src/main/java/org/apache/
    incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/
    incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/
    incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/
    incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/AuthorizationFilter.java
    incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/
    incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/FormAuthenticationServiceImpl.java
    incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/LogoutServiceImpl.java
    incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/OpenIDAuthenticationServiceImpl.java
    incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/
    incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/AccessManager.java
    incubator/photark/trunk/photark-security/src/main/resources/
    incubator/photark/trunk/photark-security/src/main/resources/email_resolver.properties
    incubator/photark/trunk/photark-security/src/main/resources/identifier_select.properties
    incubator/photark/trunk/photark-security/src/main/resources/openid.properties
    incubator/photark/trunk/photark-security/src/main/webapp/
    incubator/photark/trunk/photark-security/src/main/webapp/WEB-INF/
    incubator/photark/trunk/photark-security/src/main/webapp/WEB-INF/web.xml
    incubator/photark/trunk/photark-security/src/main/webapp/admin/
    incubator/photark/trunk/photark-security/src/main/webapp/admin/error.html
    incubator/photark/trunk/photark-security/src/main/webapp/admin/login.html
    incubator/photark/trunk/photark-security/src/main/webapp/home/
    incubator/photark/trunk/photark-security/src/main/webapp/home/error.html
    incubator/photark/trunk/photark-security/src/main/webapp/home/js/
    incubator/photark/trunk/photark-security/src/main/webapp/home/js/login.js
    incubator/photark/trunk/photark-security/src/main/webapp/home/login.html
Modified:
    incubator/photark/trunk/photark-ui-admin/pom.xml
    incubator/photark/trunk/photark-ui-admin/src/main/webapp/admin/upload.html
    incubator/photark/trunk/photark-ui/src/main/webapp/gallery.html
    incubator/photark/trunk/photark-webapp/pom.xml
    incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.composite
    incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.xml
    incubator/photark/trunk/pom.xml

Added: incubator/photark/trunk/photark-security/pom.xml
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/pom.xml?rev=949197&view=auto
==============================================================================
--- incubator/photark/trunk/photark-security/pom.xml (added)
+++ incubator/photark/trunk/photark-security/pom.xml Fri May 28 14:57:59 2010
@@ -0,0 +1,113 @@
+<?xml version="1.0"?>
+<!--
+    * Licensed to the Apache Software Foundation (ASF) under one
+    * or more contributor license agreements.  See the NOTICE file
+    * distributed with this work for additional information
+    * regarding copyright ownership.  The ASF licenses this file
+    * to you under the Apache License, Version 2.0 (the
+    * "License"); you may not use this file except in compliance
+    * with the License.  You may obtain a copy of the License at
+    * 
+    *   http://www.apache.org/licenses/LICENSE-2.0
+    * 
+    * Unless required by applicable law or agreed to in writing,
+    * software distributed under the License is distributed on an
+    * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    * KIND, either express or implied.  See the License for the
+    * specific language governing permissions and limitations
+    * under the License.    
+-->
+<project>
+	<modelVersion>4.0.0</modelVersion>
+	<parent>
+		<groupId>org.apache.photark</groupId>
+		<artifactId>photark-parent</artifactId>
+		<version>1.0-incubating-SNAPSHOT</version>
+		<relativePath>../pom.xml</relativePath>
+	</parent>
+	<artifactId>photark-security</artifactId>
+	<packaging>war</packaging>
+	<name>Apache PhotArk Security</name>
+
+	<dependencies>
+		<dependency>
+			<groupId>org.apache.photark</groupId>
+			<artifactId>photark</artifactId>
+			<version>1.0-incubating-SNAPSHOT</version>
+		</dependency>
+
+		<dependency>
+			<groupId>org.apache.tuscany.sca</groupId>
+			<artifactId>tuscany-data-api</artifactId>
+			<version>${tuscany.version}</version>
+		</dependency>
+
+		<dependency>
+			<groupId>org.apache.tuscany.sca</groupId>
+			<artifactId>tuscany-implementation-java-runtime</artifactId>
+			<version>${tuscany.version}</version>
+			<scope>runtime</scope>
+			<exclusions>
+				<exclusion>
+					<groupId>asm</groupId>
+					<artifactId>asm</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>cglib</groupId>
+					<artifactId>cglib</artifactId>
+				</exclusion>
+			</exclusions>
+		</dependency>
+
+		<dependency>
+			<groupId>org.apache.tuscany.sca</groupId>
+			<artifactId>tuscany-binding-jsonrpc-runtime</artifactId>
+			<version>${tuscany.version}</version>
+			<scope>runtime</scope>
+			<exclusions>
+				<exclusion>
+					<groupId>org.apache.ws.commons.axiom</groupId>
+					<artifactId>axiom-api</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>org.apache.ws.commons.axiom</groupId>
+					<artifactId>axiom-impl</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>org.slf4j</groupId>
+					<artifactId>slf4j-api</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>org.slf4j</groupId>
+					<artifactId>slf4j-log4j12</artifactId>
+				</exclusion>
+			</exclusions>
+		</dependency>
+
+		<dependency>
+			<groupId>javax.servlet</groupId>
+			<artifactId>servlet-api</artifactId>
+			<version>2.5</version>
+			<scope>provided</scope>
+		</dependency>
+
+		<dependency>
+			<groupId>com.dyuproject</groupId>
+			<artifactId>dyuproject-openid</artifactId>
+			<version>1.1.6</version>
+		</dependency>
+
+		<dependency>
+			<groupId>junit</groupId>
+			<artifactId>junit</artifactId>
+			<version>4.8.1</version>
+			<scope>test</scope>
+		</dependency>
+
+	</dependencies>
+
+	<build>
+		<finalName>${artifactId}</finalName>
+	</build>
+
+</project>

Added: incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/AuthorizationFilter.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/AuthorizationFilter.java?rev=949197&view=auto
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/AuthorizationFilter.java (added)
+++ incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/AuthorizationFilter.java Fri May 28 14:57:59 2010
@@ -0,0 +1,104 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+
+package org.apache.photark.security.authentication;
+
+import java.io.IOException;
+import java.util.logging.Logger;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.photark.security.authorization.AccessManager;
+import org.oasisopen.sca.annotation.Property;
+import org.oasisopen.sca.annotation.Scope;
+import org.oasisopen.sca.annotation.Service;
+
+/**
+ * Authorization Filter. This will only allow authenticated user 
+ * to access to upload.html and redirect others to OpenID authentication
+ * 
+ * 
+ * 
+ */
+//@Service(Filter.class)
+//@Scope("COMPOSITE")
+public class AuthorizationFilter implements Filter {
+        private static final Logger logger = Logger.getLogger(AuthorizationFilter.class.getName());
+    
+	/**Default Name of the Redirect Page */
+	//private final String REDIRECT_PAGE_DEFAULT = "photark";
+
+	//@Property(name = "redirectPage", required = true)
+	private String redirectPage;
+
+    	/*@Property
+    	public void setRedirectPage(String redirectPage) {
+    	    if (redirectPage != null && !redirectPage.equals("")) {
+    		this.redirectPage = redirectPage;
+    	    } else {
+    		logger.log(Level.WARNING, "Setting Default Redirect Page to Upload.html:"
+		    + REDIRECT_PAGE_DEFAULT);
+    		this.redirectPage = REDIRECT_PAGE_DEFAULT;
+    	    }
+    	}
+
+    public String getRedirectPage() {
+	return redirectPage;
+    }
+	*/
+	/** Filter should be configured with an redirect page. */
+	public void init(FilterConfig FilterConfig) throws ServletException {
+		if (FilterConfig != null) {
+		    redirectPage = FilterConfig.getInitParameter("redirect_page");
+		}
+	}
+	
+	public void destroy() {
+		// TODO Auto-generated method stub
+	}
+	
+	public void doFilter(ServletRequest request, ServletResponse response,
+			FilterChain chain) throws ServletException, IOException {
+		
+		HttpServletRequest httpReq = (HttpServletRequest) request;
+		HttpServletResponse httpResp = (HttpServletResponse) response;
+		
+		AccessManager am = new AccessManager();
+		
+		if ((String)httpReq.getSession().getAttribute("accessList") != null && !((String)httpReq.getSession().getAttribute("accessList")).equals("")) {
+			System.err.println( (String)httpReq.getSession().getAttribute("accessList") +" Accessing Admin page");
+			chain.doFilter(request, response);
+		} else {
+			httpResp.sendRedirect(httpReq.getContextPath() + redirectPage);
+		}
+
+	}
+
+	/*public void init(FilterConfig filterConfig) throws ServletException {
+	    // TODO Auto-generated method stub
+	    
+	}*/
+}

Added: incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/FormAuthenticationServiceImpl.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/FormAuthenticationServiceImpl.java?rev=949197&view=auto
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/FormAuthenticationServiceImpl.java (added)
+++ incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/FormAuthenticationServiceImpl.java Fri May 28 14:57:59 2010
@@ -0,0 +1,86 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+
+package org.apache.photark.security.authentication.services;
+
+import java.io.IOException;
+
+import javax.servlet.Servlet;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.photark.security.authorization.AccessManager;
+import org.oasisopen.sca.annotation.Scope;
+import org.oasisopen.sca.annotation.Service;
+
+import com.dyuproject.openid.RelyingParty;
+
+/**
+ * Form Authentication Service Impl authenticates Super Admin.
+ * 
+ * 
+ */
+@Service(Servlet.class)
+@Scope("COMPOSITE")
+public class FormAuthenticationServiceImpl extends HttpServlet {
+
+    /**
+     * 
+     */
+    private static final long serialVersionUID = -6462488654757190805L;
+
+    public FormAuthenticationServiceImpl() {
+
+    }
+
+    @Override
+    public void doGet(HttpServletRequest request, HttpServletResponse response)
+	    throws IOException, ServletException {
+	doPost(request, response);
+    }
+
+    @Override
+    public void doPost(HttpServletRequest request, HttpServletResponse response)
+	    throws IOException, ServletException {
+	AccessManager am = new AccessManager();
+	
+	//check whether the Super Admin is authenticated
+	if (request.getUserPrincipal() != null) {
+	    
+	    //Invalidating the OpenID authentication
+	    RelyingParty.getInstance().invalidate(request, response);
+	    
+	    //Creating the accessList
+	    String accesList=am.creatAccessList("SuperAdmin");
+	    request.getSession().setAttribute("accessList", accesList);
+	    System.err.println("Super Admin authenticated");
+
+	    response.sendRedirect(request.getContextPath() + "/admin/upload.html");
+	    
+	} else {
+	    // if not Authenticated as Super Admin redirect to OpenID login
+	    //But this is always false
+	    response.sendRedirect(request.getContextPath() + "/home/authenticate");
+	}
+
+    }
+
+}
\ No newline at end of file

Added: incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/LogoutServiceImpl.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/LogoutServiceImpl.java?rev=949197&view=auto
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/LogoutServiceImpl.java (added)
+++ incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/LogoutServiceImpl.java Fri May 28 14:57:59 2010
@@ -0,0 +1,78 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+
+package org.apache.photark.security.authentication.services;
+
+import java.io.IOException;
+
+import javax.servlet.Servlet;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.photark.security.authorization.AccessManager;
+import org.oasisopen.sca.annotation.Scope;
+import org.oasisopen.sca.annotation.Service;
+
+import com.dyuproject.openid.RelyingParty;
+
+/**
+ * Logout Service Impl. This will logout all kind of Authenticated users
+ * 
+ * 
+ */
+@Service(Servlet.class)
+@Scope("COMPOSITE")
+public class LogoutServiceImpl extends HttpServlet {
+
+    /**
+     * 
+     */
+    private static final long serialVersionUID = 5282044123210612195L;
+
+    public LogoutServiceImpl() {
+
+    }
+
+    @Override
+    public void doGet(HttpServletRequest request, HttpServletResponse response)
+	    throws IOException, ServletException {
+	doPost(request, response);
+    }
+
+    @Override
+    public void doPost(HttpServletRequest request, HttpServletResponse response)
+	    throws IOException, ServletException {
+  
+	System.err.print((String)request.getSession().getAttribute("accessList"));
+	// Removing the AccessList
+	request.getSession().setAttribute("accessList", "");
+	// invalidating the Authenticated OpenID User
+	RelyingParty.getInstance().invalidate(request, response);
+	// invalidating the Authenticated Super Admin User
+	request.getSession().invalidate();
+	
+	System.err.println(" logged out");
+
+	// Redirect to Gallery
+	response.sendRedirect(request.getContextPath() + "/");
+    }
+
+}
\ No newline at end of file

Added: incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/OpenIDAuthenticationServiceImpl.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/OpenIDAuthenticationServiceImpl.java?rev=949197&view=auto
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/OpenIDAuthenticationServiceImpl.java (added)
+++ incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authentication/services/OpenIDAuthenticationServiceImpl.java Fri May 28 14:57:59 2010
@@ -0,0 +1,238 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+
+package org.apache.photark.security.authentication.services;
+
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.net.UnknownHostException;
+import java.util.Map;
+
+import javax.servlet.Servlet;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.photark.security.authorization.AccessManager;
+import org.oasisopen.sca.annotation.Scope;
+import org.oasisopen.sca.annotation.Service;
+
+import com.dyuproject.openid.OpenIdServletFilter;
+import com.dyuproject.openid.OpenIdUser;
+import com.dyuproject.openid.RelyingParty;
+import com.dyuproject.openid.YadisDiscovery;
+import com.dyuproject.openid.ext.AxSchemaExtension;
+import com.dyuproject.openid.ext.SRegExtension;
+import com.dyuproject.util.http.UrlEncodedParameterMap;
+
+/**
+ * OpenID Authentication Service Impl. If authenticated, goes to the home page. If not, goes to the login page.
+ * 
+ * 
+ */
+@Service(Servlet.class)
+@Scope("COMPOSITE")
+public class OpenIDAuthenticationServiceImpl extends HttpServlet implements Servlet 
+{
+  
+    private static final long serialVersionUID = -5304887357860915253L;
+
+    static
+    {
+        RelyingParty.getInstance()
+        .addListener(new SRegExtension()
+            .addExchange("email")
+            .addExchange("country")
+            .addExchange("language")
+        )
+        .addListener(new AxSchemaExtension()
+            .addExchange("email")
+            .addExchange("country")
+            .addExchange("language")
+        )
+        .addListener(new RelyingParty.Listener()
+        {
+            public void onDiscovery(OpenIdUser user, HttpServletRequest request)
+            {
+                System.err.println("discovered user: " + user.getClaimedId());
+            }            
+            public void onPreAuthenticate(OpenIdUser user, HttpServletRequest request,
+                    UrlEncodedParameterMap params)
+            {
+                System.err.println("pre-authenticate user: " + user.getClaimedId());
+            }          
+
+            public void onAuthenticate(OpenIdUser user, HttpServletRequest request)
+            {
+                System.err.println("newly authenticated user: " + user.getIdentity());
+                
+            	AccessManager am= new AccessManager();
+            	
+            	//Invalidating the Super Admin user
+            	request.getSession().invalidate();
+            	//Creating the accessList for the newly authenticated user
+        	    //Creating the accessList
+        	    String accesList=am.creatAccessList(user.getIdentity());
+        	    request.getSession().setAttribute("accessList", accesList);
+
+                Map<String,String> sreg = SRegExtension.remove(user);
+                Map<String,String> axschema = AxSchemaExtension.remove(user);
+                if(sreg!=null && !sreg.isEmpty())
+                {
+                    System.err.println("sreg: " + sreg);
+                    user.setAttribute("info", sreg);
+                }
+                else if(axschema!=null && !axschema.isEmpty())
+                {                    
+                    System.err.println("axschema: " + axschema);
+                    user.setAttribute("info", axschema);
+                }          
+            }            
+            public void onAccess(OpenIdUser user, HttpServletRequest request)
+            {        
+                System.err.println("user access: " + user.getIdentity());
+                System.err.println("info: " + user.getAttribute("info"));
+            }   
+        });
+    }
+
+    RelyingParty _relyingParty = RelyingParty.getInstance();
+    
+    @Override
+    public void doGet(HttpServletRequest request, HttpServletResponse response)
+    throws IOException, ServletException
+    {
+        doPost(request, response);
+    }
+    
+    @Override
+    public void doPost(HttpServletRequest request, HttpServletResponse response)
+    throws IOException, ServletException
+    {
+        String loginWith = request.getParameter("loginWith");
+        if(loginWith!=null)
+        {
+            // If the ui supplies a LoginWithGoogle or LoginWithYahoo link/button, 
+            // this will speed up the openid process by skipping discovery. 
+            // The override is done by adding the OpenIdUser to the request attribute.
+            if(loginWith.equals("google"))
+            {
+                OpenIdUser user = OpenIdUser.populate("https://www.google.com/accounts/o8/id", 
+                        YadisDiscovery.IDENTIFIER_SELECT, 
+                        "https://www.google.com/accounts/o8/ud");
+                request.setAttribute(OpenIdUser.ATTR_NAME, user);
+                
+            }
+            else if(loginWith.equals("yahoo"))
+            {
+                OpenIdUser user = OpenIdUser.populate("http://yahoo.com/", 
+                        YadisDiscovery.IDENTIFIER_SELECT, 
+                        "https://open.login.yahooapis.com/openid/op/auth");
+                request.setAttribute(OpenIdUser.ATTR_NAME, user);
+            }
+        }
+        
+        String errorMsg = OpenIdServletFilter.DEFAULT_ERROR_MSG;
+        try
+        {
+            OpenIdUser user = _relyingParty.discover(request);
+            if(user==null)
+            {                
+                if(RelyingParty.isAuthResponse(request))
+                {
+                    // authentication timeout                    
+                    response.sendRedirect(request.getRequestURI());
+                }
+                else
+                {
+                    // set error msg if the openid_identifier is not resolved.
+                    if(request.getParameter(_relyingParty.getIdentifierParameter())!=null){
+                        request.setAttribute(OpenIdServletFilter.ERROR_MSG_ATTR, errorMsg);//TODO error pages, massage not passed to front end
+                        request.getRequestDispatcher("/home/error.html").forward(request, response);
+                    }else{
+                    // new user
+                    request.getRequestDispatcher("/home/login.html").forward(request, response);
+                    //response.sendRedirect(request.getContextPath() + "/home/login.html");
+                    }
+                }
+                return;
+            }
+            
+            if(user.isAuthenticated())
+            {
+                // user already authenticated
+               // request.getRequestDispatcher("/home/home.jsp").forward(request, response);
+            	//added by suho
+                response.sendRedirect(request.getContextPath() + "/admin/upload.html");
+               
+                return;
+            }
+            
+            if(user.isAssociated() && RelyingParty.isAuthResponse(request))
+            {
+                // verify authentication
+                if(_relyingParty.verifyAuth(user, request, response))
+                {
+                    // authenticated                    
+                    // redirect to home to remove the query params instead of doing:
+                    // request.getRequestDispatcher("/home.jsp").forward(request, response);
+                    response.sendRedirect(request.getContextPath() + "/home/authenticate");
+                }
+                else
+                {
+                    // failed verification
+                    //request.getRequestDispatcher("/home/login.jsp").forward(request, response);
+                    request.getRequestDispatcher("/home/error.html").forward(request, response);
+                }
+                return;
+            }
+            
+            // associate and authenticate user
+            StringBuffer url = request.getRequestURL();
+            String trustRoot = url.substring(0, url.indexOf("/", 9));
+            String realm = url.substring(0, url.lastIndexOf("/"));
+            String returnTo = url.toString();            
+            if(_relyingParty.associateAndAuthenticate(user, request, response, trustRoot, realm, 
+                    returnTo))
+            {
+                // successful association
+                return;
+            }          
+        }
+        catch(UnknownHostException uhe)
+        {
+            System.err.println("not found");
+            errorMsg = OpenIdServletFilter.ID_NOT_FOUND_MSG;//TODO error pages, massage not passed to front end
+        }
+        catch(FileNotFoundException fnfe)
+        {
+            System.err.println("could not be resolved");
+            errorMsg = OpenIdServletFilter.DEFAULT_ERROR_MSG;//TODO error pages, massage not passed to front end
+        }
+        catch(Exception e)
+        {
+            e.printStackTrace();
+            errorMsg = OpenIdServletFilter.DEFAULT_ERROR_MSG;//TODO error pages, massage not passed to front end
+        }
+        request.setAttribute(OpenIdServletFilter.ERROR_MSG_ATTR, errorMsg);//TODO error pages, massage not passed to front end
+        request.getRequestDispatcher("/home/login.html").forward(request, response);
+    }
+
+}

Added: incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/AccessManager.java
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/AccessManager.java?rev=949197&view=auto
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/AccessManager.java (added)
+++ incubator/photark/trunk/photark-security/src/main/java/org/apache/photark/security/authorization/AccessManager.java Fri May 28 14:57:59 2010
@@ -0,0 +1,40 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+
+package org.apache.photark.security.authorization;
+
+import org.oasisopen.sca.annotation.Scope;
+
+@Scope("COMPOSITE")
+public class AccessManager {
+	private static String accessList;
+
+	/*
+	 * public synchronized String getAccessList() { return accessList; }
+	 * 
+	 * 
+	 * public synchronized void setAccessList(String accessList) {
+	 * AccessManager.accessList = accessList; }
+	 */
+
+	public synchronized String creatAccessList(String accessList) {
+		AccessManager.accessList = accessList;
+		return accessList;
+	}
+}

Added: incubator/photark/trunk/photark-security/src/main/resources/email_resolver.properties
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/resources/email_resolver.properties?rev=949197&view=auto
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/resources/email_resolver.properties (added)
+++ incubator/photark/trunk/photark-security/src/main/resources/email_resolver.properties Fri May 28 14:57:59 2010
@@ -0,0 +1,2 @@
+gmail.com https://www.google.com/accounts/o8/id
+yahoo.com http://www.yahoo.com/
\ No newline at end of file

Added: incubator/photark/trunk/photark-security/src/main/resources/identifier_select.properties
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/resources/identifier_select.properties?rev=949197&view=auto
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/resources/identifier_select.properties (added)
+++ incubator/photark/trunk/photark-security/src/main/resources/identifier_select.properties Fri May 28 14:57:59 2010
@@ -0,0 +1,13 @@
+providers = google,yahoo
+
+# the identifiers must be normalized
+google.openid_server = https://www.google.com/accounts/o8/ud
+google.identifier.0 = https://google.com/accounts/o8/id
+google.identifier.1 = https://www.google.com/accounts/o8/id
+google.identifier.2 = http://www.google.com/
+google.identifier.3 = http://google.com/
+
+yahoo.openid_server = https://open.login.yahooapis.com/openid/op/auth
+yahoo.identifier.0 = http://www.yahoo.com/
+yahoo.identifier.1 = http://yahoo.com/
+yahoo.identifier.2 = http://me.yahoo.com/
\ No newline at end of file

Added: incubator/photark/trunk/photark-security/src/main/resources/openid.properties
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/resources/openid.properties?rev=949197&view=auto
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/resources/openid.properties (added)
+++ incubator/photark/trunk/photark-security/src/main/resources/openid.properties Fri May 28 14:57:59 2010
@@ -0,0 +1,37 @@
+#defaults (No extra configuration)
+#openid.identifier.parameter = openid_identifier
+#openid.discovery = com.dyuproject.openid.DefaultDiscovery
+#openid.assocation = com.dyuproject.openid.DiffieHellmanAssociation
+#openid.httpconnector = com.dyuproject.openid.SimpleHttpConnector
+#openid.authredirection = com.dyuproject.openid.SimpleRedirection
+#openid.user.manager = com.dyuproject.openid.manager.HttpSessionUserManager
+
+# when the user is redirected to his provider and he somehow navigates away from his
+# provider and returns to your site ... the relying party will do an automatic redirect
+# back to his provider for authentication
+#openid.automatic_redirect = true
+
+# when the discovery fails, use the openid_identifer as the openid server/provider url.
+#openid.identifier_as_server = false
+
+# if identifier_select.properties is found in classpath, it will be loaded to the cache
+# this is especially usefull for google, yahoo where there is a generic id.
+# this cache bypasses the discovery w/c will make the openid process faster.
+#openid.user.cache = com.dyuproject.openid.IdentifierSelectUserCache
+
+#optional (comma-or-semicolon-separated values)
+openid.identifier.resolvers = com.dyuproject.openid.ext.EmailResolver
+
+#if this is used, add dyuproject-json to the classpath and provide the required params below
+#openid.user.manager = com.dyuproject.openid.manager.CookieBasedUserManager
+
+#then these are required:
+#openid.user.manager.cookie.name = openidservlet1
+#openid.user.manager.cookie.security.secret_key = secret
+
+#and these are optional:
+#openid.user.manager.cookie.path = /
+#openid.user.manager.cookie.domain = http://www.example.com
+#openid.user.manager.cookie.security_type = md5Signed (default: encrypted)
+#openid.user.manager.cookie.max_age = 900 (default: 600 seconds) 
+#openid.user.manager.cookie.login_timeout = 90 (default: 60 seconds)
\ No newline at end of file

Added: incubator/photark/trunk/photark-security/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/webapp/WEB-INF/web.xml?rev=949197&view=auto
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/webapp/WEB-INF/web.xml (added)
+++ incubator/photark/trunk/photark-security/src/main/webapp/WEB-INF/web.xml Fri May 28 14:57:59 2010
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  * Licensed to the Apache Software Foundation (ASF) under one
+  * or more contributor license agreements.  See the NOTICE file
+  * distributed with this work for additional information
+  * regarding copyright ownership.  The ASF licenses this file
+  * to you under the Apache License, Version 2.0 (the
+  * "License"); you may not use this file except in compliance
+  * with the License.  You may obtain a copy of the License at
+  * 
+  *   http://www.apache.org/licenses/LICENSE-2.0
+  * 
+  * Unless required by applicable law or agreed to in writing,
+  * software distributed under the License is distributed on an
+  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  * KIND, either express or implied.  See the License for the
+  * specific language governing permissions and limitations
+  * under the License.    
+-->
+
+<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
+         xmlns="http://java.sun.com/xml/ns/javaee" 
+         xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" 
+         xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" 
+         id="WebApp_ID" version="2.5">
+
+  <display-name>PhotArk photo gallery web application security resources</display-name>
+
+</web-app>

Added: incubator/photark/trunk/photark-security/src/main/webapp/admin/error.html
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/webapp/admin/error.html?rev=949197&view=auto
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/webapp/admin/error.html (added)
+++ incubator/photark/trunk/photark-security/src/main/webapp/admin/error.html Fri May 28 14:57:59 2010
@@ -0,0 +1,54 @@
+<!--
+    * Licensed to the Apache Software Foundation (ASF) under one
+    * or more contributor license agreements.  See the NOTICE file
+    * distributed with this work for additional information
+    * regarding copyright ownership.  The ASF licenses this file
+    * to you under the Apache License, Version 2.0 (the
+    * "License"); you may not use this file except in compliance
+    * with the License.  You may obtain a copy of the License at
+    *
+    *   http://www.apache.org/licenses/LICENSE-2.0
+    *
+    * Unless required by applicable law or agreed to in writing,
+    * software distributed under the License is distributed on an
+    * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    * KIND, either express or implied.  See the License for the
+    * specific language governing permissions and limitations
+    * under the License.
+-->
+<!DOCTYPE html>
+<html>
+  <head>
+    <title>Super Admin Login</title>
+	<style type="text/css">
+	    #container {
+	      padding: 1em;      
+	    }
+	</style>
+   </head>
+   <body>
+	<div id="container">
+  <div style="float:right;width:50%;font-size:0.8em;text-align:right;">
+     <div><span><a href="../">Gallery</a></span></div>
+  </div>
+    <div style="clear:both"></div>
+    <div style="color:red;font-size:1.4em">&nbsp; The username or password you entered is incorrect. </div>
+    <p>Login as <span style="color:green">Super Admin</span></p>
+    <form method="post" action="j_security_check">
+      <table cellspacing="3">
+        <tr>
+          <th align="right">Username:</th>
+          <td align="left"><input type="text" name="j_username"/></td>
+        </tr>
+        <tr>
+          <th align="right">Password:</th>
+          <td align="left"><input type="password" name="j_password"/></td>
+        </tr>
+        <tr>
+          <th align="right">&nbsp;</th>
+          <td align="left"><input type="submit" value="Log In"/></td>
+        </tr>
+      </table>
+    </form>
+  </body>
+</html>
\ No newline at end of file

Added: incubator/photark/trunk/photark-security/src/main/webapp/admin/login.html
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/webapp/admin/login.html?rev=949197&view=auto
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/webapp/admin/login.html (added)
+++ incubator/photark/trunk/photark-security/src/main/webapp/admin/login.html Fri May 28 14:57:59 2010
@@ -0,0 +1,53 @@
+<!--
+    * Licensed to the Apache Software Foundation (ASF) under one
+    * or more contributor license agreements.  See the NOTICE file
+    * distributed with this work for additional information
+    * regarding copyright ownership.  The ASF licenses this file
+    * to you under the Apache License, Version 2.0 (the
+    * "License"); you may not use this file except in compliance
+    * with the License.  You may obtain a copy of the License at
+    *
+    *   http://www.apache.org/licenses/LICENSE-2.0
+    *
+    * Unless required by applicable law or agreed to in writing,
+    * software distributed under the License is distributed on an
+    * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    * KIND, either express or implied.  See the License for the
+    * specific language governing permissions and limitations
+    * under the License.
+-->
+<!DOCTYPE html>
+<html>
+  <head>
+    <title>Super Admin Login</title>
+<style type="text/css">
+    #container {
+      padding: 1em;      
+    }
+</style>
+</head>
+<body>
+<div id="container">
+  <div style="float:right;width:50%;font-size:0.8em;text-align:right;">
+     <div><span><a href="../">Gallery</a></span></div>
+  </div>
+  <div style="clear:both"></div>
+   <p>Login as <span style="color:green">Super Admin</span></p>
+    <form method="post" action="j_security_check">
+      <table cellspacing="3">
+        <tr>
+          <th align="right">Username:</th>
+          <td align="left"><input type="text" name="j_username"/></td>
+        </tr>
+        <tr>
+          <th align="right">Password:</th>
+          <td align="left"><input type="password" name="j_password"/></td>
+        </tr>
+        <tr>
+          <th align="right">&nbsp;</th>
+          <td align="left"><input type="submit" value="Log In"/></td>
+        </tr>
+      </table>
+    </form>
+  </body>
+</html>
\ No newline at end of file

Added: incubator/photark/trunk/photark-security/src/main/webapp/home/error.html
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/webapp/home/error.html?rev=949197&view=auto
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/webapp/home/error.html (added)
+++ incubator/photark/trunk/photark-security/src/main/webapp/home/error.html Fri May 28 14:57:59 2010
@@ -0,0 +1,70 @@
+  <!--
+    * Licensed to the Apache Software Foundation (ASF) under one
+    * or more contributor license agreements.  See the NOTICE file
+    * distributed with this work for additional information
+    * regarding copyright ownership.  The ASF licenses this file
+    * to you under the Apache License, Version 2.0 (the
+    * "License"); you may not use this file except in compliance
+    * with the License.  You may obtain a copy of the License at
+    *
+    *   http://www.apache.org/licenses/LICENSE-2.0
+    *
+    * Unless required by applicable law or agreed to in writing,
+    * software distributed under the License is distributed on an
+    * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    * KIND, either express or implied.  See the License for the
+    * specific language governing permissions and limitations
+    * under the License.
+-->
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+<title>Login</title>
+
+ <script type="text/javascript" src="js/login.js"></script>
+
+<style type="text/css">
+    #container {
+      padding: 1em;      
+    }
+    
+    #container p {
+      font-size: 1.2em;
+      font-family: Tahoma,Verdana;
+    }
+    
+    #openid_identifier {
+      background-image: url(images/openid.ico);
+      background-position: 3px 2px;
+      background-repeat: no-repeat;
+      margin: 0;
+      padding: 0.2em 0.2em 0.2em 20px;
+      vertical-align: middle;
+      width: 400px;
+    }
+</style>
+</head>
+<body onload="initOpenIDPage();">
+<div id="container">
+  <div style="float:right;width:50%;font-size:0.8em;text-align:right;">
+     <div><span><a href="../">Gallery</a></span></div>
+  </div>
+  <div style="clear:both"></div>
+   <div style="color:red;font-size:1.4em">&nbsp; Your openid could not be resolved.</div>
+  <p>Login with your <span style="color:orange">openid</span></p>
+  <form method="POST">
+    <input id="openid_identifier" name="openid_identifier" type="text" size=80/>
+    <input class="btn" type="submit" value="send"/>
+  </form>
+  <br>
+   <div style="float:left;font-size:0.8em;text-align:left;">
+   <div id="provider_space" style="width:430px"></div>
+     
+  <!-- <p><span style="color:green;font-size:1em">https://www.google.com/accounts/o8/id</span><span> for google accounts</span></p>
+  <p>or enter <span style="color:green;font-size:1em">your_username@gmail.com</span></p> -->
+  </div>
+ 
+  </div>
+</body>
+</html>
+  
\ No newline at end of file

Added: incubator/photark/trunk/photark-security/src/main/webapp/home/js/login.js
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/webapp/home/js/login.js?rev=949197&view=auto
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/webapp/home/js/login.js (added)
+++ incubator/photark/trunk/photark-security/src/main/webapp/home/js/login.js Fri May 28 14:57:59 2010
@@ -0,0 +1,117 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+
+var provider= [	[["Google","google",,,"https://www.google.com/accounts/o8/id",""],["Yahoo!","yahoo",,,"http://yahoo.com/",""],["AOL","aol","http://openid.aol.com/",,,"America Online/AIM screenname:"]],
+				[["Blogger","blogger","http://",".blogspot.com/",,"Google Blogger blog name:"],["Flickr","flickr",,,"http://www.flickr.com/",""],["Livejournal","lj","http://",".livejournal.com/",,"Livejournal username:"]],
+				[["myOpenID","myopenid","http://",".myopenid.com/",,"myOpenID username:"],["Verisign","verisign","http://",".pip.verisignlabs.com/",,"Verisign PIP username:"],["Vidoop","vidoop","http://",".myvidoop.com/",,"Vidoop username:"]],
+				[["claimID","claimid","http://claimid.com/",,,"claimID username:"],["Technorati","technorati","http://technorati.com/people/technorati/",,,"Technorati username:"],["Vox","vox","http://",".vox.com/",,"Vox username:"]],
+				[["Other OpenID","openid",,,"http://",]]
+			  ];
+
+var bgcolor = "#ffffff";
+var change_color = "#A4D1AA"
+var active_color= "#42A44F";
+
+var active_cell=null;
+var active_cell_row=null;
+var active_cell_col=null;
+var username="username";
+var openid_input=null;
+var input_info="";
+
+function initOpenIDPage(){
+openid_input=document.getElementById("openid_identifier");
+providerSpace=document.getElementById("provider_space");
+username_input="<span style=\"color:green;font-size:1em\">Sign in using;</span><br><div id=\"input_space\" style=\"float: right;\">"+input_info+"<input id =\"input_field\"type=\"text\" size=\"20\" style=\"vertical-align: middle; padding: 2px 2px 2px 20px; background-repeat: no-repeat; background-position: 2px 2px; background-image: url(&quot;images/"+provider[4][0][1]+".ico&quot;);\" onchange=\"enter_username(this);\"onkeyup=\"enter_username(this);\" value=\"username\"></input></div><br>";
+provider_table= "<table border=\"0\" style=\"background-color: rgb(224,238,238); width: 100%; border: 0 solid rgb(110, 145, 175);\">";
+for(var i =0; i<4;i++){
+provider_table+="<tr>";
+for(var j =0; j<3;j++){
+provider_table+="<td style=\"background-color: rgb(255,255,255);font-weight: bold; padding: 4px; vertical-align: middle; cursor: pointer;\" onclick=\"click(this,"+i+","+j+")\" onmouseover=\"mover(this);\"  onmouseout=\"mout(this);\"><img src=\"images/"+provider[i][j][1]+".ico\" style=\"width: 16px; height: 16px; vertical-align: middle;\">"+provider[i][j][0]+"</td>";
+}
+provider_table+="</tr>";
+}
+provider_table+="<tr>\
+				<td colspan=\"3\" style=\"background-color: rgb(255,255,255);font-weight: bold; padding: 4px; vertical-align: middle; cursor: pointer;\" onclick=\"click(this,"+4+","+0+")\" onmouseover=\"mover(this);\"  onmouseout=\"mout(this);\"><img src=\"images/"+provider[4][0][1]+".ico\" style=\"width: 16px; height: 16px; vertical-align: middle;\">"+provider[4][0][0]+"</td>\
+				</tr>\
+				</table>";
+
+providerSpace.innerHTML=username_input+provider_table;
+document.getElementById("input_space").style.display = "none";
+};
+
+function click(cell,row,col) {
+	active_cell_row=row;
+	active_cell_col=col;
+	
+	if (active_cell!==null){
+		active_cell.style.backgroundColor = bgcolor;
+	}
+	
+	cell.style.backgroundColor = active_color;
+	active_cell=cell;
+	
+document.getElementById("input_space").innerHTML=provider[active_cell_row][active_cell_col][5]+"<input id =\"input_field\" type=\"text\" size=\"20\" style=\"vertical-align: middle; padding: 2px 2px 2px 20px; background-repeat: no-repeat; background-position: 2px 2px; background-image: url(&quot;images/"+provider[active_cell_row][active_cell_col][1]+".ico&quot;);\" onchange=\"enter_username(this);\"onkeyup=\"enter_username(this);\" value="+username+"></input>";
+	if(provider[row][col][4]!=undefined){
+		openid_input.value=provider[row][col][4];
+		document.getElementById("input_space").style.display = "none";
+		document.getElementById("openid_identifier").focus();
+	}else {
+		formet_input_name(row,col);
+		document.getElementById("input_space").style.display = "";	
+		document.getElementById("input_field").focus();
+    	document.getElementById("input_field").select();	
+	}
+	
+
+	
+};
+
+function formet_input_name(row,col){
+		if(provider[row][col][2]!=undefined){
+			openid_input.value=provider[row][col][2];
+		}
+		if(username!=""){
+		openid_input.value+=username;
+		}else {
+		openid_input.value+="username";
+		}
+		if(provider[row][col][3]!=undefined){
+			openid_input.value+=provider[row][col][3];
+		}
+};
+
+function mover(cell) {
+	if(cell!==active_cell){
+		cell.style.backgroundColor = change_color;
+	}
+};
+
+function mout(cell) {
+	if(cell!==active_cell){
+	 	cell.style.backgroundColor = bgcolor;
+	}
+};
+
+function enter_username(cell){
+	username=cell.value;
+    formet_input_name(active_cell_row,active_cell_col);
+};
\ No newline at end of file

Added: incubator/photark/trunk/photark-security/src/main/webapp/home/login.html
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-security/src/main/webapp/home/login.html?rev=949197&view=auto
==============================================================================
--- incubator/photark/trunk/photark-security/src/main/webapp/home/login.html (added)
+++ incubator/photark/trunk/photark-security/src/main/webapp/home/login.html Fri May 28 14:57:59 2010
@@ -0,0 +1,69 @@
+<!--
+    * Licensed to the Apache Software Foundation (ASF) under one
+    * or more contributor license agreements.  See the NOTICE file
+    * distributed with this work for additional information
+    * regarding copyright ownership.  The ASF licenses this file
+    * to you under the Apache License, Version 2.0 (the
+    * "License"); you may not use this file except in compliance
+    * with the License.  You may obtain a copy of the License at
+    *
+    *   http://www.apache.org/licenses/LICENSE-2.0
+    *
+    * Unless required by applicable law or agreed to in writing,
+    * software distributed under the License is distributed on an
+    * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    * KIND, either express or implied.  See the License for the
+    * specific language governing permissions and limitations
+    * under the License.
+-->
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+<title>Login</title>
+
+ <script type="text/javascript" src="js/login.js"></script>
+
+<style type="text/css">
+    #container {
+      padding: 1em;      
+    }
+    
+    #container p {
+      font-size: 1.2em;
+      font-family: Tahoma,Verdana;
+    }
+    
+    #openid_identifier {
+      background-image: url(images/openid.ico);
+      background-position: 3px 2px;
+      background-repeat: no-repeat;
+      margin: 0;
+      padding: 0.2em 0.2em 0.2em 20px;
+      vertical-align: middle;
+      width: 400px;
+    }
+</style>
+</head>
+<body onload="initOpenIDPage();">
+<div id="container">
+  <div style="float:right;width:50%;font-size:0.8em;text-align:right;">
+     <div><span><a href="../">Gallery</a></span></div>
+  </div>
+  <div style="clear:both"></div>
+ <!--  <div style="color:red;font-size:1.4em">&nbsp; Your openid could not be resolved.</div>-->
+  <p>Login with your <span style="color:orange">openid</span></p>
+  <form method="POST">
+    <input id="openid_identifier" name="openid_identifier" type="text" size=80/>
+    <input class="btn" type="submit" value="send"/>
+  </form>
+  <br>
+   <div style="float:left;font-size:0.8em;text-align:left;">
+   <div id="provider_space" style="width:430px"></div>
+     
+  <!-- <p><span style="color:green;font-size:1em">https://www.google.com/accounts/o8/id</span><span> for google accounts</span></p>
+  <p>or enter <span style="color:green;font-size:1em">your_username@gmail.com</span></p> -->
+  </div>
+ 
+  </div>
+</body>
+</html>

Modified: incubator/photark/trunk/photark-ui-admin/pom.xml
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-ui-admin/pom.xml?rev=949197&r1=949196&r2=949197&view=diff
==============================================================================
--- incubator/photark/trunk/photark-ui-admin/pom.xml (original)
+++ incubator/photark/trunk/photark-ui-admin/pom.xml Fri May 28 14:57:59 2010
@@ -89,8 +89,8 @@
             <artifactId>servlet-api</artifactId>
             <version>2.5</version>
             <scope>provided</scope>
-        </dependency>        
-
+        </dependency>    
+            
         <dependency>
             <groupId>junit</groupId>
             <artifactId>junit</artifactId>

Modified: incubator/photark/trunk/photark-ui-admin/src/main/webapp/admin/upload.html
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-ui-admin/src/main/webapp/admin/upload.html?rev=949197&r1=949196&r2=949197&view=diff
==============================================================================
--- incubator/photark/trunk/photark-ui-admin/src/main/webapp/admin/upload.html (original)
+++ incubator/photark/trunk/photark-ui-admin/src/main/webapp/admin/upload.html Fri May 28 14:57:59 2010
@@ -35,9 +35,14 @@
 </head>
 
 <body>
+
     <div id="newAlbum">
 	  <fieldset id="newAlbumDetails" style="text-align:left;">
 		  <legend>Album Details</legend>
+  <div style="float:right;width:50%;font-size:0.8em;text-align:right;">
+    <div><span><a href="../">Gallery</a></span>&nbsp;&nbsp;<span><a href="../logout/">Logout</a></span></div>
+  </div>
+  <div style="clear:both"></div>
 		  <ol>
 			  <li>
 				  <label id="selectAlbumLabel" for="selectAlbum">Select Album:</label>

Modified: incubator/photark/trunk/photark-ui/src/main/webapp/gallery.html
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-ui/src/main/webapp/gallery.html?rev=949197&r1=949196&r2=949197&view=diff
==============================================================================
--- incubator/photark/trunk/photark-ui/src/main/webapp/gallery.html (original)
+++ incubator/photark/trunk/photark-ui/src/main/webapp/gallery.html Fri May 28 14:57:59 2010
@@ -20,7 +20,7 @@
 <html>
 <head>
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
-    
+ 
     <title>Apache PhotArk - Photo Gallery</title>
 
     <link href="css/styles.css" rel="stylesheet">
@@ -31,6 +31,11 @@
 </head>
 
 <body onload="initGallery()">
+  <div style="float:right;width:50%;font-size:1em;text-align:right;">
+   <div>&nbsp;</div>
+      <div><span><a href="./admin/authenticate"><u>Super Admin</u></a></span>&nbsp;&nbsp;<span><a href="./home/authenticate"><u>login</u></a></span>&nbsp;&nbsp;<span><a href="./logout/"><u>logout</u></a></span></div>
+  </div>
+  <div style="clear:both"></div>
     <div>
         <h1>Apache PhotArk Gallery</h1>
     </div>

Modified: incubator/photark/trunk/photark-webapp/pom.xml
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-webapp/pom.xml?rev=949197&r1=949196&r2=949197&view=diff
==============================================================================
--- incubator/photark/trunk/photark-webapp/pom.xml (original)
+++ incubator/photark/trunk/photark-webapp/pom.xml Fri May 28 14:57:59 2010
@@ -63,6 +63,14 @@
 			<version>1.0-incubating-SNAPSHOT</version>
 			<type>war</type>
 		</dependency>
+		
+		<dependency>
+			<groupId>org.apache.photark</groupId>
+			<artifactId>photark-security</artifactId>
+			<version>1.0-incubating-SNAPSHOT</version>
+			<type>war</type>
+		</dependency>
+
 
 		<dependency>
 			<groupId>org.apache.tuscany.sca</groupId>
@@ -167,6 +175,14 @@
 			<version>2.5</version>
 			<scope>provided</scope>
 		</dependency>
+		
+	<!--<dependency>
+        	<groupId>org.mortbay.jetty</groupId>
+        	<artifactId>jsp-2.1</artifactId>
+        	<version>7.0.0pre2</version>
+        	<type>jar</type>
+        	<scope>runtime</scope>
+        </dependency>-->
 
 		<dependency>
 			<groupId>junit</groupId>

Modified: incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.composite
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.composite?rev=949197&r1=949196&r2=949197&view=diff
==============================================================================
--- incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.composite (original)
+++ incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.composite Fri May 28 14:57:59 2010
@@ -59,5 +59,43 @@
     <component name="RepositoryManager">
 		<implementation.java class="org.apache.photark.jcr.JCRRepositoryManager"/>
 		<property name="repositoryHome">photark</property>
-	</component> 	    
+	</component> 	
+	
+	<!-- Component responsible for providing OpenID Authentication for PhotArk -->
+    <component name="OpenIdAuthenticationServiceComponent">
+		<implementation.java class="org.apache.photark.security.authentication.services.OpenIDAuthenticationServiceImpl"/>
+		<service name="Servlet">
+			<tuscany:binding.http uri="/home/authenticate"/>
+		</service>  	  	
+	</component> 
+	
+    <!-- Component responsible for providing FORM Authentication for PhotArk -->
+    <component name="FormAuthenticationServiceComponent">
+		<implementation.java class="org.apache.photark.security.authentication.services.FormAuthenticationServiceImpl"/>
+		<service name="Servlet">
+			<tuscany:binding.http uri="/admin/authenticate"/>
+		</service>  	  	
+	</component> 
+	
+	<!-- Component responsible for providing logging out from the active user-->
+    <component name="LogoutAuthenticationServiceComponent">
+		<implementation.java class="org.apache.photark.security.authentication.services.LogoutServiceImpl"/>
+		<service name="Servlet">
+			<tuscany:binding.http uri="/logout"/>
+		</service>  	  	
+	</component> 
+	
+    <!-- Component responsible for providing filter support for uploading -->
+    <!--<component name="UploadFilterAuthenticationServiceComponent">
+		<implementation.java class="org.apache.photark.security.authentication.AuthorizationFilter"/>
+		<service name="Filter">
+			<tuscany:binding.http uri="/admin/upload"/>
+		</service>  	  	
+		<property name="redirectPage">/home/authenticate</property>
+	</component> -->
+	
+	<!-- Component responsible for providing Access Management for gallery/album -->
+    <component name="AccessManager">
+		<implementation.java class="org.apache.photark.security.authorization.AccessManager"/>
+	</component>    
 </composite>

Modified: incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.xml?rev=949197&r1=949196&r2=949197&view=diff
==============================================================================
--- incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.xml (original)
+++ incubator/photark/trunk/photark-webapp/src/main/webapp/WEB-INF/web.xml Fri May 28 14:57:59 2010
@@ -41,24 +41,67 @@
 		<welcome-file>gallery.html</welcome-file>
 	</welcome-file-list>
 
-    <security-role>
-	    <description>Administrator</description>
-	    <role-name>photark-admin</role-name>
-	</security-role>
+ 	<security-constraint>
+ 		<web-resource-collection>
+ 			<web-resource-name>Areas with authentication required</web-resource-name>
+			<web-resource-name>Secured Area</web-resource-name>
+			<url-pattern>/admin/login.html</url-pattern>
+			<url-pattern>/admin/error.html</url-pattern>
+			<url-pattern>/admin/authenticate</url-pattern>
+ 		</web-resource-collection>
+ 		<auth-constraint>
+ 			<role-name>photark-admin</role-name>
+        </auth-constraint>
+    </security-constraint>
 
-	<security-constraint>
-		<web-resource-collection>
-			<web-resource-name>Areas with authentication required</web-resource-name>
-			<url-pattern>/admin/*</url-pattern>
-			<http-method>GET</http-method>
-		</web-resource-collection>
-		<auth-constraint>
-			<role-name>photark-admin</role-name>
-		</auth-constraint>
-	</security-constraint>
-
-	<login-config>
-		<auth-method>BASIC</auth-method>
-		<realm-name>photark-admin-realm</realm-name>
+ 	<login-config>
+		<auth-method>FORM</auth-method>
+		<realm-name>Secured Application Area</realm-name>
+		<form-login-config>
+			<form-login-page>/admin/login.html</form-login-page>
+			<form-error-page>/admin/error.html</form-error-page>
+		</form-login-config>
 	</login-config>
+
+	<security-role>
+		<role-name>photark-admin</role-name>
+	</security-role>
+
+	<error-page>
+		<error-code>403</error-code>
+		<location>/admin/error.html</location>
+	</error-page>
+
+	<filter>
+	     <filter-name>login-Filter</filter-name>
+	     <filter-class>org.apache.photark.security.authentication.AuthorizationFilter</filter-class>
+	     <description>This Filter authorizes user access to application
+	                  components based upon request URI.</description>
+	     <init-param>
+	        <param-name>redirect_page</param-name>
+	        <param-value>/home/authenticate</param-value>
+	     </init-param>
+	</filter>
+	
+	<filter-mapping>
+	     <filter-name>login-Filter</filter-name>
+	     <url-pattern>/admin/upload.html</url-pattern>
+	</filter-mapping>
+
+	<filter>
+		<filter-name>openid-filter</filter-name>
+		<filter-class>com.dyuproject.openid.OpenIdServletFilter</filter-class>
+		<load-on-startup>1</load-on-startup>
+		<init-param>
+			<param-name>forwardUri</param-name>
+			<param-value>/login.html</param-value>
+		</init-param>
+	</filter>
+
+	<filter-mapping>
+		<filter-name>openid-filter</filter-name>
+		<url-pattern>/home/login.html</url-pattern>
+		<url-pattern>/home/error.html</url-pattern>
+	</filter-mapping>
+
 </web-app>

Modified: incubator/photark/trunk/pom.xml
URL: http://svn.apache.org/viewvc/incubator/photark/trunk/pom.xml?rev=949197&r1=949196&r2=949197&view=diff
==============================================================================
--- incubator/photark/trunk/pom.xml (original)
+++ incubator/photark/trunk/pom.xml Fri May 28 14:57:59 2010
@@ -90,7 +90,7 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
         <tuscany.version>2.0-M4</tuscany.version>
-     </properties>
+    </properties>
     
     
 
@@ -112,6 +112,11 @@
                 <enabled>false</enabled>
             </snapshots>
         </repository>
+        <repository>
+           <id>dyuproject-repo</id>
+     	   <name>dyuproject-repo</name>      
+           <url>http://dyuproject.googlecode.com/svn/repos/maven2</url>
+        </repository>
     </repositories>
     
     <!-- ====================================================================== -->
@@ -189,6 +194,7 @@
                 <module>photark</module>
                 <module>photark-filesystem</module>                
                 <module>photark-jcr</module>
+				<module>photark-security</module>
                 <module>photark-ui</module>
                 <module>photark-ui-admin</module>
                 <module>photark-appengine-webapp</module>                
@@ -206,6 +212,7 @@
                 <module>photark</module>
                 <module>photark-filesystem</module>                
                 <module>photark-jcr</module>
+				<module>photark-security</module>
                 <module>photark-ui</module>
                 <module>photark-ui-admin</module>
                 <module>photark-appengine-webapp</module>                
@@ -223,6 +230,7 @@
                 <module>photark</module>
                 <module>photark-filesystem</module>                
                 <module>photark-jcr</module>
+				<module>photark-security</module>
                 <module>photark-ui</module>
                 <module>photark-ui-admin</module>
                 <module>photark-ui-test</module>                
@@ -407,4 +415,4 @@
             </plugins>
         </pluginManagement>
     </build>
-</project>
\ No newline at end of file
+</project>



Mime
View raw message