jackrabbit-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ju...@apache.org
Subject svn commit: r762781 - in /jackrabbit/trunk/jackrabbit-jcr-servlet/src/main/java/org/apache/jackrabbit/servlet/login: ./ AbstractLoginFilter.java BasicLoginFilter.java ContainerLoginFilter.java NullLoginFilter.java
Date Wed, 08 Apr 2009 04:10:59 GMT
Author: jukka
Date: Tue Apr  7 14:03:27 2009
New Revision: 762781

URL: http://svn.apache.org/viewvc?rev=762781&view=rev
Log:
JCR-2043: Login filters in jackrabbit-servlet

Some basic login filters. Work in progress.

Added:
    jackrabbit/trunk/jackrabbit-jcr-servlet/src/main/java/org/apache/jackrabbit/servlet/login/
    jackrabbit/trunk/jackrabbit-jcr-servlet/src/main/java/org/apache/jackrabbit/servlet/login/AbstractLoginFilter.java
    jackrabbit/trunk/jackrabbit-jcr-servlet/src/main/java/org/apache/jackrabbit/servlet/login/BasicLoginFilter.java
    jackrabbit/trunk/jackrabbit-jcr-servlet/src/main/java/org/apache/jackrabbit/servlet/login/ContainerLoginFilter.java
    jackrabbit/trunk/jackrabbit-jcr-servlet/src/main/java/org/apache/jackrabbit/servlet/login/NullLoginFilter.java

Added: jackrabbit/trunk/jackrabbit-jcr-servlet/src/main/java/org/apache/jackrabbit/servlet/login/AbstractLoginFilter.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-jcr-servlet/src/main/java/org/apache/jackrabbit/servlet/login/AbstractLoginFilter.java?rev=762781&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-jcr-servlet/src/main/java/org/apache/jackrabbit/servlet/login/AbstractLoginFilter.java
(added)
+++ jackrabbit/trunk/jackrabbit-jcr-servlet/src/main/java/org/apache/jackrabbit/servlet/login/AbstractLoginFilter.java
Tue Apr  7 14:03:27 2009
@@ -0,0 +1,113 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.servlet.login;
+
+import java.io.IOException;
+
+import javax.jcr.AccessDeniedException;
+import javax.jcr.Credentials;
+import javax.jcr.LoginException;
+import javax.jcr.NoSuchWorkspaceException;
+import javax.jcr.Node;
+import javax.jcr.Repository;
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.jackrabbit.servlet.ServletRepository;
+
+/**
+ *
+ * @since Apache Jackrabbit 1.6
+ */
+public abstract class AbstractLoginFilter implements Filter {
+
+    private Repository repository;
+
+    private String workspace;
+
+    private String sessionAttribute;
+
+    private String nodeAttribute;
+
+    public void init(FilterConfig config) {
+        repository = new ServletRepository(config);
+        workspace = config.getInitParameter("workspace");
+
+        sessionAttribute = config.getInitParameter(Session.class.getName());
+        if (sessionAttribute == null) {
+            sessionAttribute = Session.class.getName();
+        }
+
+        nodeAttribute = config.getInitParameter(Node.class.getName());
+        if (nodeAttribute == null) {
+            nodeAttribute = Node.class.getName();
+        }
+    }
+
+    public void destroy() {
+    }
+
+    public void doFilter(
+            ServletRequest request, ServletResponse response,
+            FilterChain chain) throws IOException, ServletException {
+        HttpServletRequest httpRequest = (HttpServletRequest) request;
+        HttpServletResponse httpResponse = (HttpServletResponse) response;
+        try {
+            Credentials credentials = getCredentials(httpRequest);
+            Session session = repository.login(credentials, workspace);
+            try {
+                request.setAttribute(sessionAttribute, session);
+                request.setAttribute(nodeAttribute, session.getRootNode());
+                chain.doFilter(request, response);
+                if (session.hasPendingChanges()) {
+                    session.save();
+                }
+            } finally {
+                session.logout();
+            }
+        } catch (ServletException e) {
+            Throwable cause = e.getRootCause();
+            if (cause instanceof AccessDeniedException) {
+                httpResponse.sendError(
+                        HttpServletResponse.SC_FORBIDDEN, cause.getMessage());
+            } else {
+                throw e;
+            }
+        } catch (LoginException e) {
+            httpResponse.sendError(
+                    HttpServletResponse.SC_UNAUTHORIZED, e.getMessage());
+        } catch (NoSuchWorkspaceException e) {
+            throw new ServletException(
+                    "Workspace " + workspace
+                    + " not found in the content repository", e);
+        } catch (RepositoryException e) {
+            throw new ServletException(
+                    "Unable to access the content repository", e);
+        }
+    }
+
+    protected abstract Credentials getCredentials(HttpServletRequest request);
+
+}

Added: jackrabbit/trunk/jackrabbit-jcr-servlet/src/main/java/org/apache/jackrabbit/servlet/login/BasicLoginFilter.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-jcr-servlet/src/main/java/org/apache/jackrabbit/servlet/login/BasicLoginFilter.java?rev=762781&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-jcr-servlet/src/main/java/org/apache/jackrabbit/servlet/login/BasicLoginFilter.java
(added)
+++ jackrabbit/trunk/jackrabbit-jcr-servlet/src/main/java/org/apache/jackrabbit/servlet/login/BasicLoginFilter.java
Tue Apr  7 14:03:27 2009
@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.servlet.login;
+
+import javax.jcr.Credentials;
+import javax.jcr.SimpleCredentials;
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ *
+ * @since Apache Jackrabbit 1.6
+ */
+public class BasicLoginFilter extends AbstractLoginFilter {
+
+    protected Credentials getCredentials(HttpServletRequest request) {
+        String authorization = request.getHeader("Authorization");
+        if (authorization != null) {
+            return new SimpleCredentials("TODO", "TODO".toCharArray());
+        } else {
+            return null;
+        }
+    }
+
+}

Added: jackrabbit/trunk/jackrabbit-jcr-servlet/src/main/java/org/apache/jackrabbit/servlet/login/ContainerLoginFilter.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-jcr-servlet/src/main/java/org/apache/jackrabbit/servlet/login/ContainerLoginFilter.java?rev=762781&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-jcr-servlet/src/main/java/org/apache/jackrabbit/servlet/login/ContainerLoginFilter.java
(added)
+++ jackrabbit/trunk/jackrabbit-jcr-servlet/src/main/java/org/apache/jackrabbit/servlet/login/ContainerLoginFilter.java
Tue Apr  7 14:03:27 2009
@@ -0,0 +1,64 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.servlet.login;
+
+import javax.jcr.Credentials;
+import javax.jcr.SimpleCredentials;
+import javax.servlet.FilterConfig;
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * Login filter that relies on container authentication to provide the
+ * authenticated username of a request. This username is associated with
+ * a dummy password (empty by default, configurable through the init
+ * parameter "password") in a {@link SimpleCredentials} object that is
+ * used to log in to the underlying content repository. If no authenticated
+ * user is found, then <code>null</code> credentials are used.
+ * <p>
+ * It is expected that the underlying repository is configured to simply
+ * trust the given username. If the same repository is also made available
+ * for direct logins, then a special secret password that allows logins with
+ * any username could be configured just for this filter.
+ *
+ * @since Apache Jackrabbit 1.6
+ */
+public class ContainerLoginFilter extends AbstractLoginFilter {
+
+    /**
+     * The dummy password used for the repository login. Empty by default.
+     */
+    private char[] password = new char[0];
+
+    public void init(FilterConfig config) {
+        super.init(config);
+
+        String password = config.getInitParameter("password");
+        if (password != null) {
+            this.password = password.toCharArray();
+        }
+    }
+
+    protected Credentials getCredentials(HttpServletRequest request) {
+        String user = request.getRemoteUser();
+        if (user != null) {
+            return new SimpleCredentials(user, password);
+        } else {
+            return null;
+        }
+    }
+
+}

Added: jackrabbit/trunk/jackrabbit-jcr-servlet/src/main/java/org/apache/jackrabbit/servlet/login/NullLoginFilter.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-jcr-servlet/src/main/java/org/apache/jackrabbit/servlet/login/NullLoginFilter.java?rev=762781&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-jcr-servlet/src/main/java/org/apache/jackrabbit/servlet/login/NullLoginFilter.java
(added)
+++ jackrabbit/trunk/jackrabbit-jcr-servlet/src/main/java/org/apache/jackrabbit/servlet/login/NullLoginFilter.java
Tue Apr  7 14:03:27 2009
@@ -0,0 +1,43 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.servlet.login;
+
+import javax.jcr.Credentials;
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * Login filter that always uses <code>null</code> credentials for logging in
+ * to the content repository. This is useful for example for public web sites
+ * where all repository access is performed using anonymous sessions. Another
+ * use case for this login filter is when login information is made available
+ * to the content repository through JAAS or some other out-of-band mechanism.
+ *
+ * @since Apache Jackrabbit 1.6
+ */
+public class NullLoginFilter extends AbstractLoginFilter {
+
+    /**
+     * Always returns <code>null</code>.
+     *
+     * @param request ignored
+     * @return <code>null</code> credentials
+     */
+    protected Credentials getCredentials(HttpServletRequest request) {
+        return null;
+    }
+
+}



Mime
View raw message