portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tay...@apache.org
Subject svn commit: r619716 - in /portals/jetspeed-2/branches/JETSPEED-2.1.2-POSTRELEASE: components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java jetspeed-api/src/java/org/apache/jetspeed/sso/SSOProvider.java
Date Fri, 08 Feb 2008 00:58:34 GMT
Author: taylor
Date: Thu Feb  7 16:58:32 2008
New Revision: 619716

URL: http://svn.apache.org/viewvc?rev=619716&view=rev
Log:
add transactional support to SSO addCredentials
the other signature had serious performance issues storing the Site everytime

Modified:
    portals/jetspeed-2/branches/JETSPEED-2.1.2-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java
    portals/jetspeed-2/branches/JETSPEED-2.1.2-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOProvider.java

Modified: portals/jetspeed-2/branches/JETSPEED-2.1.2-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/branches/JETSPEED-2.1.2-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java?rev=619716&r1=619715&r2=619716&view=diff
==============================================================================
--- portals/jetspeed-2/branches/JETSPEED-2.1.2-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java
(original)
+++ portals/jetspeed-2/branches/JETSPEED-2.1.2-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java
Thu Feb  7 16:58:32 2008
@@ -562,6 +562,7 @@
          // Add to site
          this.mapSite.put(site, ssoSite);
 	}
+    
 
 	/* (non-Javadoc)
 	 * @see org.apache.jetspeed.sso.SSOProvider#removeCredentialsForSite(javax.security.auth.Subject,
java.lang.String)
@@ -1031,7 +1032,7 @@
         SSOSite site = (SSOSite) getPersistenceBrokerTemplate().getObjectByQuery(query);
         return site;       
     }
-    
+        
     public void updateSite(SSOSite site)
     throws SSOException
     {
@@ -1427,4 +1428,97 @@
     	}
     	return result;
     }
+    
+    public void addCredentialsForSite(SSOSite ssoSite, Subject subject, String remoteUser,
String pwd)
+    throws SSOException 
+    {
+        String fullPath = ((BasePrincipal) SecurityHelper.getBestPrincipal(
+                subject, UserPrincipal.class)).getFullPath();
+        String principalName = ((BasePrincipal) SecurityHelper
+                .getBestPrincipal(subject, UserPrincipal.class)).getName();
+
+        // Add an entry for the principal to the site if it doesn't exist
+        SSOPrincipal principal = this.getPrincipalForSite(ssoSite, fullPath);
+
+        if (principal == null)
+        {
+            principal = getSSOPrincipal(fullPath);
+            ssoSite.addPrincipal(principal);
+        } else
+        {
+            // Check if the entry the user likes to update exists already
+            Collection remoteForSite = ssoSite.getRemotePrincipals();
+            Collection principalsForSite = ssoSite.getPrincipals();
+
+            if (remoteForSite != null && principalsForSite != null)
+            {
+                Collection remoteForPrincipals = this
+                        .getRemotePrincipalsForPrincipal(principalsForSite,
+                                fullPath);
+                if (remoteForPrincipals != null)
+                {
+                    if (findRemoteMatch(remoteForPrincipals, remoteForSite) != null)
+                    {
+                        // Entry exists can't to an add has to call update
+                        throw new SSOException(
+                                SSOException.REMOTE_PRINCIPAL_EXISTS_CALL_UPDATE);
+                    }
+                }
+            }
+        }
+
+        if (principal == null)
+            throw new SSOException(
+                    SSOException.FAILED_ADDING_PRINCIPAL_TO_MAPPING_TABLE_FOR_SITE);
+
+        // Create a remote principal and credentials
+        InternalUserPrincipalImpl remotePrincipal = new InternalUserPrincipalImpl(
+                remoteUser);
+
+        /*
+         * The RemotePrincipal (class InternalUserPrincipal) will have a
+         * fullPath that identifies the entry as an SSO credential. The entry
+         * has to be unique for a site and principal (GROUP -or- USER ) an
+         * therefore it needs to be encoded as following: The convention for the
+         * path is the following: /sso/SiteID/{user|group}/{user name | group
+         * name}/remote user name
+         */
+        if (fullPath.indexOf("/group/") > -1)
+            remotePrincipal.setFullPath("/sso/" + ssoSite.getSiteId()
+                    + "/group/" + principalName + "/" + remoteUser);
+        else
+            remotePrincipal.setFullPath("/sso/" + ssoSite.getSiteId()
+                    + "/user/" + principalName + "/" + remoteUser);
+
+        // New credential object for remote principal
+        InternalCredentialImpl credential = new InternalCredentialImpl(
+                remotePrincipal.getPrincipalId(), this.scramble(pwd), 0,
+                DefaultPasswordCredentialImpl.class.getName());
+
+        if (remotePrincipal.getCredentials() == null)
+            remotePrincipal.setCredentials(new ArrayList(0));
+
+        remotePrincipal.getCredentials().add(credential);
+
+        // Add it to Principals remotePrincipals list
+        principal.addRemotePrincipal(remotePrincipal);
+
+        // Update the site remotePrincipals list
+        ssoSite.getRemotePrincipals().add(remotePrincipal);
+
+        // Update database and reset cache
+        try
+        {
+            getPersistenceBrokerTemplate().store(ssoSite);
+
+            // Persist Principal/Remote
+            getPersistenceBrokerTemplate().store(principal);
+        } catch (Exception e)
+        {
+            e.printStackTrace();
+            throw new SSOException(SSOException.FAILED_STORING_SITE_INFO_IN_DB
+                    + e.toString());
+        }
+    }
+    
 }

Modified: portals/jetspeed-2/branches/JETSPEED-2.1.2-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOProvider.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/branches/JETSPEED-2.1.2-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOProvider.java?rev=619716&r1=619715&r2=619716&view=diff
==============================================================================
--- portals/jetspeed-2/branches/JETSPEED-2.1.2-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOProvider.java
(original)
+++ portals/jetspeed-2/branches/JETSPEED-2.1.2-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOProvider.java
Thu Feb  7 16:58:32 2008
@@ -126,6 +126,18 @@
      * @throws SSOException
      */
     void addCredentialsForSite(String fullPath, String remoteUser, String site, String pwd)
throws SSOException;
+
+    /**
+     * Add credentials inside a transaction using existing ssoSite
+     * 
+     * @param ssoSite
+     * @param subject
+     * @param remoteUser
+     * @param pwd
+     * @throws SSOException
+     */
+    public void addCredentialsForSite(SSOSite ssoSite, Subject subject, String remoteUser,
String pwd) 
+    throws SSOException;
     
     /**
      * removeCredentialsForSite()
@@ -169,4 +181,5 @@
      */
     public void addSiteFormAuthenticated(String siteName, String siteUrl, String realm, String
userField, String pwdField) throws SSOException;
     
+
 }



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message