portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From roger...@apache.org
Subject svn commit: r354705 - in /portals/jetspeed-2/trunk: components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java src/webapp/WEB-INF/assembly/sso.xml
Date Wed, 07 Dec 2005 04:34:17 GMT
Author: rogerrut
Date: Tue Dec  6 20:34:10 2005
New Revision: 354705

URL: http://svn.apache.org/viewcvs?rev=354705&view=rev
Log:
Issues: JS2-192/JS2-388

Modified:
    portals/jetspeed-2/trunk/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java
    portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/sso.xml

Modified: portals/jetspeed-2/trunk/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java?rev=354705&r1=354704&r2=354705&view=diff
==============================================================================
--- portals/jetspeed-2/trunk/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java
(original)
+++ portals/jetspeed-2/trunk/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java
Tue Dec  6 20:34:10 2005
@@ -552,7 +552,7 @@
 		// New credential object for remote principal
 		 InternalCredentialImpl credential = 
             new InternalCredentialImpl(remotePrincipal.getPrincipalId(),
-            		pwd, 0, DefaultPasswordCredentialImpl.class.getName());
+            		this.scramble(pwd), 0, DefaultPasswordCredentialImpl.class.getName());
 		 
 		 if ( remotePrincipal.getCredentials() == null)
 		 	remotePrincipal.setCredentials(new ArrayList(0));
@@ -715,7 +715,7 @@
 			// New credential object
 			 if ( credential != null) 
 				// Remove credential and principal from mapping
-				 credential.setValue(pwd);
+				 credential.setValue(this.scramble(pwd));
 			
 			// Update database and reset cache
 			 try
@@ -828,7 +828,7 @@
 		//	Create new context
 		String name = stripPrincipalName(remotePrincipal.getFullPath());
 		
-		SSOContext context = new SSOContextImpl(credential.getPrincipalId(), name, credential.getValue());
+		SSOContext context = new SSOContextImpl(credential.getPrincipalId(), name, this.unscramble(credential.getValue()));
 		
 		return context;
 	}
@@ -1290,10 +1290,13 @@
 	            			
 	            			if (credential != null)
 	            			{
+	            				if (log.isInfoEnabled())
+	            					log.info("SSOComponent -- Remote Principal ["+stripPrincipalName(remotePrincipal.getFullPath())+"]
has credential ["+this.unscramble(credential.getValue())+ "]");
+	            				
 	            				client.getState().setCredentials(
 	            		    			site.getRealm(),
 	            		                urlObj.getHost(),
-	            		                new UsernamePasswordCredentials(stripPrincipalName(remotePrincipal.getFullPath()),
 credential.getValue())
+	            		                new UsernamePasswordCredentials(stripPrincipalName(remotePrincipal.getFullPath()),
 this.unscramble(credential.getValue()))
 	            		            );
 	            				
 	            				// Build URL if it's Form authentication
@@ -1302,7 +1305,7 @@
 		        				// Check if it's form based or ChallengeResponse
 	        					if (site.isFormAuthentication())
 	        					{
-	        						siteURL.append("?").append(site.getFormUserField()).append("=").append(stripPrincipalName(remotePrincipal.getFullPath())).append("&").append(site.getFormPwdField()).append("=").append(credential.getValue());
+	        						siteURL.append("?").append(site.getFormUserField()).append("=").append(stripPrincipalName(remotePrincipal.getFullPath())).append("&").append(site.getFormPwdField()).append("=").append(this.unscramble(credential.getValue()));
 	        					}
 	            				
 	            				get = new GetMethod(siteURL.toString());
@@ -1401,5 +1404,33 @@
 		get.releaseConnection();
 		
 		return bis;
+    }
+    
+    /*
+     * Simple encryption decryption routines since the API creates credentials 
+     * together with an user.
+     * TODO: re-implement when Security API is more flexible
+     */
+    static char[] scrambler ="Jestspeed-2 is getting ready for release".toCharArray();
+    
+    private String scramble(String pwd)
+    {
+    	return new String( xor(pwd.toCharArray(), scrambler));
+    }
+    
+    private String unscramble(String pwd)
+    {
+    	return new String(xor(pwd.toCharArray(),scrambler));
+    }
+    
+    private char[] xor(char[] a, char[]b)
+    {
+    	int len = Math.min(a.length, b.length);
+    	char[] result = new char[len];
+    	for(int i=0; i<len;i++)
+    	{
+    		result[i] = (char) (a[i] ^ b[i]);
+    	}
+    	return result;
     }
 }

Modified: portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/sso.xml
URL: http://svn.apache.org/viewcvs/portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/sso.xml?rev=354705&r1=354704&r2=354705&view=diff
==============================================================================
--- portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/sso.xml (original)
+++ portals/jetspeed-2/trunk/src/webapp/WEB-INF/assembly/sso.xml Tue Dec  6 20:34:10 2005
@@ -34,13 +34,12 @@
         <property name="transactionAttributes">
             <props>
                 <prop key="addSite*">PROPAGATION_REQUIRED</prop>
+                <prop key="updateSite*">PROPAGATION_REQUIRED</prop>
                 <prop key="removeSite">PROPAGATION_REQUIRED</prop>
                 <prop key="addCredentialsForSite">PROPAGATION_REQUIRED</prop>
                 <prop key="updateCredentialsForSite">PROPAGATION_REQUIRED</prop>
                 <prop key="removeCredentialsForSite">PROPAGATION_REQUIRED</prop>
-                <prop key="login">PROPAGATION_REQUIRED</prop>
-                <prop key="logout">PROPAGATION_REQUIRED</prop>
-                <prop key=" setRealmForSite">PROPAGATION_REQUIRED</prop>
+                <prop key="setRealmForSite">PROPAGATION_REQUIRED</prop>
                 <prop key="*">PROPAGATION_SUPPORTS</prop>
             </props>
         </property>



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message