portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tay...@apache.org
Subject svn commit: r770879 - in /portals/jetspeed-2/applications/j2-admin/trunk: ./ src/main/java/org/apache/jetspeed/portlets/sso/ src/webapp/WEB-INF/ src/webapp/WEB-INF/security/sso/ src/webapp/WEB-INF/velocity/
Date Sat, 02 May 2009 01:46:33 GMT
Author: taylor
Date: Sat May  2 01:46:31 2009
New Revision: 770879

URL: http://svn.apache.org/viewvc?rev=770879&view=rev
Log:
https://issues.apache.org/jira/browse/JS2-621
Final cleanup for 621 (WebContent). Im having some problems with challenge authentication,
but I will open that up as a single bug in future release

Added:
    portals/jetspeed-2/applications/j2-admin/trunk/sso-edit-prefs.vm   (with props)
Modified:
    portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOIFramePortlet.java
    portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOPortletUtil.java
    portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOProxyPortlet.java
    portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOTicketPortlet.java
    portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOWebContentPortlet.java
    portals/jetspeed-2/applications/j2-admin/trunk/src/webapp/WEB-INF/portlet.xml
    portals/jetspeed-2/applications/j2-admin/trunk/src/webapp/WEB-INF/security/sso/sso-edit-prefs.vm
    portals/jetspeed-2/applications/j2-admin/trunk/src/webapp/WEB-INF/security/sso/sso-webcontent-help.vm
    portals/jetspeed-2/applications/j2-admin/trunk/src/webapp/WEB-INF/velocity/velocity-macros.vm

Modified: portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOIFramePortlet.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOIFramePortlet.java?rev=770879&r1=770878&r2=770879&view=diff
==============================================================================
--- portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOIFramePortlet.java
(original)
+++ portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOIFramePortlet.java
Sat May  2 01:46:31 2009
@@ -30,6 +30,7 @@
 
 import org.apache.commons.codec.binary.Base64;
 import org.apache.jetspeed.security.PasswordCredential;
+import org.apache.jetspeed.security.mfa.util.SecurityHelper;
 import org.apache.jetspeed.sso.SSOException;
 import org.apache.jetspeed.sso.SSOManager;
 import org.apache.jetspeed.sso.SSOSite;
@@ -114,6 +115,8 @@
         {
             this.getContext(request).put("statusMsg", msg);            
         }                
+        this.getContext(request).put("ssoTypes", SSOWebContentPortlet.SSO_TYPES);
+        this.getContext(request).put("ssoTypeSelected", request.getPreferences().getValue("sso.type",
SSOWebContentPortlet.SSO_TYPE_BASIC));        
         super.doEdit(request, response);
     }
 
@@ -127,11 +130,7 @@
         }
         if (site == null)
         {
-            // no credentials configured in SSO store
-            // switch to SSO Configure View
-            request.setAttribute(PARAM_VIEW_PAGE, this.getPortletConfig().getInitParameter(PARAM_EDIT_PAGE));
-            setupPreferencesEdit(request, response);
-            super.doView(request, response);
+            response.getWriter().print(SSOWebContentPortlet.NO_CREDENTIALS);
             return;
         }
         try
@@ -145,18 +144,16 @@
             }
             else
             {
-                request.setAttribute(PARAM_VIEW_PAGE, this.getPortletConfig().getInitParameter(PARAM_EDIT_PAGE));
-                setupPreferencesEdit(request, response);
+                response.getWriter().print(SSOWebContentPortlet.NO_CREDENTIALS);
+                return;
             }
         }
         catch (SSOException e)
         {
             if (e.getMessage().equals(SSOException.NO_CREDENTIALS_FOR_SITE))
             {
-                // no credentials configured in SSO store
-                // switch to SSO Configure View
-                request.setAttribute(PARAM_VIEW_PAGE, this.getPortletConfig().getInitParameter(PARAM_EDIT_PAGE));
-                setupPreferencesEdit(request, response);
+                response.getWriter().print(SSOWebContentPortlet.NO_CREDENTIALS);
+                return;
             }
             else
             {
@@ -188,15 +185,18 @@
         SSOSite site = sso.getSiteByUrl(siteUrl);
         try
         {
-            if (site == null)
+            if (!SecurityHelper.isEmpty(siteUrl) && !SecurityHelper.isEmpty(ssoPrincipal)
&& !SecurityHelper.isEmpty(ssoCredential))
             {
-                site = sso.newSite(siteUrl, siteUrl);
-                sso.addSite(site);
-                SSOPortletUtil.updateUser(sso, request, site, ssoPrincipal, ssoCredential);
-            }
-            else
-            {
-                SSOPortletUtil.updateUser(sso, request, site, ssoPrincipal, ssoCredential);
+                if (site == null)
+                {
+                    site = sso.newSite(siteUrl, siteUrl);
+                    sso.addSite(site);
+                    SSOPortletUtil.updateUser(sso, request, site, ssoPrincipal, ssoCredential);
+                }
+                else
+                {
+                    SSOPortletUtil.updateUser(sso, request, site, ssoPrincipal, ssoCredential);
+                }
             }
         }
         catch (SSOException e)

Modified: portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOPortletUtil.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOPortletUtil.java?rev=770879&r1=770878&r2=770879&view=diff
==============================================================================
--- portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOPortletUtil.java
(original)
+++ portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOPortletUtil.java
Sat May  2 01:46:31 2009
@@ -97,10 +97,10 @@
         
     }
     
-    public static PasswordCredential getCredentialsForSite(SSOManager sso, String siteName,
RenderRequest request)
+    public static PasswordCredential getCredentialsForSite(SSOManager sso, String siteUrl,
RenderRequest request)
     {
         PasswordCredential pwc = null;
-        SSOSite site = sso.getSiteByName(siteName);
+        SSOSite site = sso.getSiteByUrl(siteUrl);
         if (site != null) 
         { 
             return getCredentialsForSite(sso, site, request); 

Modified: portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOProxyPortlet.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOProxyPortlet.java?rev=770879&r1=770878&r2=770879&view=diff
==============================================================================
--- portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOProxyPortlet.java
(original)
+++ portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOProxyPortlet.java
Sat May  2 01:46:31 2009
@@ -124,45 +124,41 @@
     {
         boolean forceRefresh = Boolean.parseBoolean(request.getPreferences().getValue(FORCE_SSO_REFRESH,
"false"));
         String destinationURL = request.getPreferences().getValue(DESTINATION_URL,null);
-        String ssoSiteName = request.getPreferences().getValue(SSO_SITE,null);
+        String ssoSite = request.getPreferences().getValue(SSO_SITE,null);
         
-        if (ssoSiteName == null)
+        if (ssoSite == null)
         {
-            // No destination configured Switch to configure View
-            request.setAttribute(PARAM_VIEW_PAGE, this.getPortletConfig().getInitParameter(PARAM_EDIT_PAGE));
-            setupPreferencesEdit(request, response);
-            super.doView(request, response);
+            response.getWriter().print(SSOWebContentPortlet.NO_CREDENTIALS);
             return;
-        }
-        
+        }       
         // Set the content type
-        response.setContentType("text/html");
-        
+        response.setContentType("text/html");        
         try
         {
         	StringBuffer page= new StringBuffer();
-            // Subject subject = getSubject(); 
-            // TODO refactor
-        	// if (sso)
-        	SSOSite site = sso.getSiteByName(ssoSiteName);
-        	if (site == null){
-        		response.getWriter().println("<P>Could not find site with name "+ssoSiteName+"</P>");
+        	SSOSite site = sso.getSiteByUrl(ssoSite);
+        	if (site == null)
+        	{
+        		response.getWriter().println("<P>Could not find site with name "+ssoSite+"</P>");
         		return;
         	}
-        	if (destinationURL == null){
+        	if (destinationURL == null)
+        	{
         		destinationURL = site.getURL();
-        	}
-        	
+        	}        	
         	Principal p = request.getUserPrincipal();
-        	if (p instanceof JetspeedPrincipal){
+        	if (p instanceof JetspeedPrincipal)
+        	{
                 Collection<SSOUser> remoteUsers = sso.getRemoteUsers(site,getSubject());
-                if (remoteUsers.size() > 0){
+                if (remoteUsers.size() > 0)
+                {
                     // TODO: in case of multiple users, invent a way to choose one of them
                     //   right now, simply the first SSO user is selected
                     SSOUser remoteUser = remoteUsers.iterator().next();
                     SSOClient client = sso.getClient(site, remoteUser);
-                    if (client == null){
-                        response.getWriter().println("<P>Could not create client for
site with name "+ssoSiteName+" and user "+request.getUserPrincipal().getName()+"</P>");
+                    if (client == null)
+                    {
+                        response.getWriter().println("<P>Could not create client for
site with name " + ssoSite + " and user "+request.getUserPrincipal().getName()+"</P>");
                         return;
                     }
                     
@@ -177,9 +173,6 @@
                     // Write the page
                     response.getWriter().println(finalPage);
                 }
-        	    
-                
-
         	}
         
         }

Modified: portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOTicketPortlet.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOTicketPortlet.java?rev=770879&r1=770878&r2=770879&view=diff
==============================================================================
--- portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOTicketPortlet.java
(original)
+++ portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOTicketPortlet.java
Sat May  2 01:46:31 2009
@@ -117,13 +117,13 @@
     {
         try
         {
-                return (ParserAdaptor) adaptorHtmlClass.newInstance();
-         
+            return (ParserAdaptor) adaptorHtmlClass.newInstance();
+
         }
         catch (Exception e)
         {
             log.error("Error creating rewriter class", e);
         }
         return null;
-    }    
+    }
 }

Modified: portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOWebContentPortlet.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOWebContentPortlet.java?rev=770879&r1=770878&r2=770879&view=diff
==============================================================================
--- portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOWebContentPortlet.java
(original)
+++ portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOWebContentPortlet.java
Sat May  2 01:46:31 2009
@@ -20,6 +20,8 @@
 import java.security.AccessControlContext;
 import java.security.AccessController;
 import java.util.HashMap;
+import java.util.LinkedList;
+import java.util.List;
 import java.util.StringTokenizer;
 
 import javax.portlet.ActionRequest;
@@ -48,6 +50,7 @@
 import org.apache.jetspeed.security.PasswordCredential;
 import org.apache.jetspeed.security.SecurityException;
 import org.apache.jetspeed.security.UserManager;
+import org.apache.jetspeed.security.mfa.util.SecurityHelper;
 import org.apache.jetspeed.sso.SSOException;
 import org.apache.jetspeed.sso.SSOManager;
 import org.apache.jetspeed.sso.SSOSite;
@@ -85,6 +88,20 @@
     
     public static final String SSO_TYPE_DEFAULT = SSO_TYPE_BASIC;  // handled well even if
nothing but credentials are set (see: doRequestedAuthentication)
     
+    public static final String NO_CREDENTIALS = "<p>No credentials configured for current
user.</p>";
+    		
+    public static final String[] SSO_TYPES = 
+    {
+        SSO_TYPE_BASIC,
+        SSO_TYPE_BASIC_PREEMPTIVE,
+        SSO_TYPE_FORM,
+        SSO_TYPE_FORM_GET,
+        SSO_TYPE_FORM_POST,
+        SSO_TYPE_URL,
+        SSO_TYPE_URL_BASE64,
+        SSO_TYPE_CERTIFICATE
+    };
+    
     // ...standardized auth types
     
     public static final String BASIC_AUTH_SCHEME_NAME = (new BasicScheme()).getSchemeName();
@@ -128,7 +145,7 @@
     protected PortletContext context;
     protected SSOManager sso;
     protected UserManager userManager;
-    
+    protected List<String> ssoTypesList;
     
     // Methods
 
@@ -146,6 +163,9 @@
         {
             throw new PortletException("Failed to find the User Manager on portlet initialization");
         }
+        ssoTypesList = new LinkedList<String>();
+        for (String s : SSO_TYPES)
+            ssoTypesList.add(s);
     }
     
     protected JetspeedPrincipal getLocalPrincipal(String localUserName){
@@ -181,39 +201,42 @@
             SSOSite site = sso.getSiteByUrl(siteUrl);
             try
             {        
-                if (site == null)
+                if (!SecurityHelper.isEmpty(siteUrl) && !SecurityHelper.isEmpty(ssoPrincipalName)
&& !SecurityHelper.isEmpty(ssoPrincipalPassword))
                 {
-                    site = sso.newSite(siteUrl, siteUrl);
-                    sso.addSite(site);
-                    SSOPortletUtil.updateUser(sso, actionRequest, site, ssoPrincipalName,
ssoPrincipalPassword);                                                
-                }
-                else
-                {
-                    SSOPortletUtil.updateUser(sso, actionRequest, site, ssoPrincipalName,
ssoPrincipalPassword);                                
+                    if (site == null)
+                    {
+                        site = sso.newSite(siteUrl, siteUrl);
+                        sso.addSite(site);
+                        SSOPortletUtil.updateUser(sso, actionRequest, site, ssoPrincipalName,
ssoPrincipalPassword);                                                
+                    }
+                    else
+                    {
+                        SSOPortletUtil.updateUser(sso, actionRequest, site, ssoPrincipalName,
ssoPrincipalPassword);                                
+                    }
                 }
             }
             catch (SSOException e)
             {
-                PortletMessaging.publish(actionRequest, "SSOIFrame", "status", new StatusMessage("Could
not add remote user: portal principal "+ actionRequest.getUserPrincipal().getName() + 
+                PortletMessaging.publish(actionRequest, "SSOWebContent", "status", new StatusMessage("Could
not add remote user: portal principal "+ actionRequest.getUserPrincipal().getName() + 
                         " is already associated with a remote user for this site!", StatusMessage.ERROR));
           
                 actionResponse.setPortletMode(PortletMode.EDIT); // stay on edit        
       
             }                
         }
     }
-    
+        
     public void doView(RenderRequest request, RenderResponse response)
     throws PortletException, IOException
     {
         String siteName = request.getPreferences().getValue("SRC", null);
         SSOSite site = null;
-        if (siteName != null){
-            site = sso.getSiteByName(siteName);
+        if (siteName != null)
+        {
+            site = sso.getSiteByUrl(siteName);
         }
         if (site == null)
         {
-            // no SRC configured in prefs / site not found - switch to SSO Configure View
-            request.setAttribute(PARAM_VIEW_PAGE, this.getPortletConfig().getInitParameter(PARAM_EDIT_PAGE));
-            setupPreferencesEdit(request, response);
+            response.getWriter().print(NO_CREDENTIALS);
+            return;
         }
         else 
         {
@@ -224,17 +247,15 @@
                 request.setAttribute(SSO_REQUEST_ATTRIBUTE_PASSWORD, pwc.getPassword());
         	} else 
         	{
-                // no credentials configured in SSO store
-                // switch to SSO Configure View
-                request.setAttribute(PARAM_VIEW_PAGE, this.getPortletConfig().getInitParameter(PARAM_EDIT_PAGE));
-                setupPreferencesEdit(request, response);    
+                response.getWriter().print(NO_CREDENTIALS);
+                return;
         	}
         }
         StatusMessage msg = (StatusMessage)PortletMessaging.consume(request, "SSOWebContent",
"status");
         if (msg != null)
         {
             this.getContext(request).put("statusMsg", msg);            
-        }                               
+        }                          
         super.doView(request, response);
     }
     
@@ -260,7 +281,9 @@
         if (msg != null)
         {
             this.getContext(request).put("statusMsg", msg);            
-        }                    	
+        }     
+        this.getContext(request).put("ssoTypes", SSO_TYPES);
+        this.getContext(request).put("ssoTypeSelected", request.getPreferences().getValue("sso.type",
SSO_TYPE_BASIC));
         super.doEdit(request, response);
     }
 

Modified: portals/jetspeed-2/applications/j2-admin/trunk/src/webapp/WEB-INF/portlet.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/src/webapp/WEB-INF/portlet.xml?rev=770879&r1=770878&r2=770879&view=diff
==============================================================================
--- portals/jetspeed-2/applications/j2-admin/trunk/src/webapp/WEB-INF/portlet.xml (original)
+++ portals/jetspeed-2/applications/j2-admin/trunk/src/webapp/WEB-INF/portlet.xml Sat May
 2 01:46:31 2009
@@ -1511,10 +1511,6 @@
                 <value>100%</value>
             </preference>
             <preference>
-                <name>sso.type</name>
-                <value>url</value>
-            </preference>
-            <preference>
                 <name>sso.url.Principal</name>
                 <value>sso-principal</value>
             </preference>

Modified: portals/jetspeed-2/applications/j2-admin/trunk/src/webapp/WEB-INF/security/sso/sso-edit-prefs.vm
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/src/webapp/WEB-INF/security/sso/sso-edit-prefs.vm?rev=770879&r1=770878&r2=770879&view=diff
==============================================================================
--- portals/jetspeed-2/applications/j2-admin/trunk/src/webapp/WEB-INF/security/sso/sso-edit-prefs.vm
(original)
+++ portals/jetspeed-2/applications/j2-admin/trunk/src/webapp/WEB-INF/security/sso/sso-edit-prefs.vm
Sat May  2 01:46:31 2009
@@ -19,8 +19,27 @@
 <form action="$renderResponse.createActionURL()" method="post">
 <table>
 #foreach ($pref in $prefs)
+#if ($pref.Key == "sso.type")
+  <tr colspan="4" align="right">
+    <td width="5%" class="portlet-form-label" align="left">&nbsp;</td>
+    <td nowrap class="portlet-section-alternate" align="left">$pref.Key:&nbsp;</td>
+    <td class="portlet-form-input-field" align="left">
+	  <select id="$pref.Key" name="$pref.Key">
+#foreach ($ssoType in $ssoTypes)        
+#if ($ssoType == $ssoTypeSelected)
+            <option selected value="$ssoType">$ssoType</option>
+#else
+            <option value="$ssoType">$ssoType</option>
+#end
+#end            
+        </select>            
+    </td>
+    <td width="5%" class="portlet-form-label" align="left">&nbsp;</td>  
+  </tr>
+#else
 #prefField($pref.Key $pref.Value "40")
 #end
+#end
 <hr/>
 #form4ColumnCell("SSO Principal" $ssoPrincipal 30 "ssoPrincipal")
 #form4PasswordCell("SSO Credential" $ssoCredential 30 "ssoCredential")
@@ -37,3 +56,4 @@
 #end
 
 
+

Modified: portals/jetspeed-2/applications/j2-admin/trunk/src/webapp/WEB-INF/security/sso/sso-webcontent-help.vm
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/src/webapp/WEB-INF/security/sso/sso-webcontent-help.vm?rev=770879&r1=770878&r2=770879&view=diff
==============================================================================
--- portals/jetspeed-2/applications/j2-admin/trunk/src/webapp/WEB-INF/security/sso/sso-webcontent-help.vm
(original)
+++ portals/jetspeed-2/applications/j2-admin/trunk/src/webapp/WEB-INF/security/sso/sso-webcontent-help.vm
Sat May  2 01:46:31 2009
@@ -14,29 +14,61 @@
   See the License for the specific language governing permissions and
   limitations under the License.
 *#
-<h1>Help</h1>
+<p>The <b>sso.type</b> preference on the WebContent portlet chooses the
type of single-signon method to use. Depending on which method is selected, 
+you will need to configure more preferences. See the methods of SSO described below for specific
instructions
+</p>
+<h3>Basic authentication</h3> 
+<p>
+Basic Authentication is the default configuration method.
+This method allows the web browser, or other client program, to provide credentials Ð in
the form of a user name and password Ð 
+when making a request. One advantage of the basic access authentication is that it is supported
by all popular web browsers. 
+It is rarely used on publicly accessible Internet web sites but may be useful for quick SSO
scenarios within a company intranet.
+</p>
+<p>
+The <i>SRC</i> is a required preference to point at the website being securely
accessed.
+</p>
+<h3>Preemptive Basic Authentication</h3> 
+<p>
+Same as Basic authentication above, except credentials are sent preemptively. 
+</p>
+<h3>URL authentication</h3>
+<p>
+A username and password are sent on the URL as query parameters. Best to be used over a secure
connection.
+Requires the <i>sso.url.Principal</i> preference to be declared in your portlet.xml
and set to the name of the URL request parameter for the username.
+Alo requires the <i>sso.url.Credential</i> preference to be declared in your
portlet.xml and set to the name of the URL request parameter for the password.
+The <i>SRC</i> is a required preference to point at the website being securely
accessed.
+</p>
+<h3>Base64 URL authentication</h3>
+<p>
+Same as URL authentication with Base64 encoding.
+</p>
+<p>
+<h3>Form authentication</h3>
+<p>
+HTTP+HTML Form-based Authentication is arguably the most prevalent user authentication technique
employed on the Web today. It is the approach of choice for essentially all wikis, forums,
banking/financial websites, ecommerce websites, Web search engines, Web portals, etc.
+</p>
+<p>
+The <i>SRC</i> is a required preference to point at the website being securely
accessed.
+</p>
+Additional parameters are required:
+<ul>
+<li>sso.form.Principal - the form field input id for the username principal</li>
+<li>sso.form.Credential - the form field input id for the credential (password)</li>
+<li>sso.form.Action - the URL of the Form Action to be executed upon signing on, could
be different from SRC. This preference is not required</li>
+<li>sso.form.Args - name value pair of Form parameters. Name value pairs come in <i>name=value</i>
definitions. Multiple arguments are separated by semi-colons(;)</li>
+</ul>
+<p>
+<h3>Certificate</h3>
+<p>
+Currently not supported.
+</p>
+<h3>Credentials</h3>
 <p>
-<h3>Basic authentication</h3> is the default and can be supported effectively
without even setting <b>sso.type</b>
-Just by providing credentials for the domain. The credentials will not be sent preemptively,

-but if a 401 request is returned for Basic authentication, it will be handled properly. 
 
-Tis is equivalent to setting sso.type=basic (or sso.type=html (old - now deprecated in favor
of calling it <b>basic</b>).
-if you set sso.type=basic.preemptive, it will send the credentials preemptively.
-</p>
-<br/>
-<p>
-<h3>URL authentication</h3> (query args) is supported as <b>sso.type=url</b>
or <b>sso.type=url.base64</b>.
-By definition, this type of authentication is <quote>preemptive</quote>, so no
distinction is made 
-there.   
-</p>
-<br/>
-<p>
-<h3>Form-authentication</h3> is supported with <b>sso.type=form</b>
(which is equivalent to sso.type=form.post - you can also specify sso.type=form.get, 
-if GET protocol is used on the login form). This form also requires a bunch of other data

-( e.g. the action URL, other args, names of the fields for credentials, etc.).   
-All of this is in an example that is in the demo portlet.xml.   
-Form-based authentication is also considred "preemptive", in that it authenticates before
any other 
-content is read. However, it only does it once.  If it succeeds, all should be well.
-If it fails, the user will have to login by hand (since the initial content URL will 
-cause a redirect to the login page).
+Credentials are gathered from the Jetspeed SSO Data Store. Credentials can be configured
in the Jetspeed SSO Administrative Portlet, or in this portlet directly in edit mode.
+If you enter credentials here, they are stored only for the specific user currently logged
in. The administrative portlet allows editing credentials for users or groups of users.
+There are two credentials on this form, they are optional and will be ignored if left blank:
+<ul>
+<li>ssoPrincipal (SSO Principal): optionally sets the remote username to login to the
site configured for this portlet for the local user</li>
+<li>ssoCrendential (SSO Credential): optionally sets the remote credential (password)
to login to the site configured for this portlt for the local user</li>
+</ul>
 </p>
-<br/>

Modified: portals/jetspeed-2/applications/j2-admin/trunk/src/webapp/WEB-INF/velocity/velocity-macros.vm
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/src/webapp/WEB-INF/velocity/velocity-macros.vm?rev=770879&r1=770878&r2=770879&view=diff
==============================================================================
--- portals/jetspeed-2/applications/j2-admin/trunk/src/webapp/WEB-INF/velocity/velocity-macros.vm
(original)
+++ portals/jetspeed-2/applications/j2-admin/trunk/src/webapp/WEB-INF/velocity/velocity-macros.vm
Sat May  2 01:46:31 2009
@@ -114,7 +114,7 @@
 #macro (form4CheckBoxCell $label $value $id)
    <tr colspan="4" align="right">
     <td width="5%" class="portlet-form-label" align="left">&nbsp;</td>
-    <td nowrap class="portlet-form-field-label" align="right">&nbsp;</td>
+    <td nowrap class="portlet-form-field-label" align="left">&nbsp;</td>
     <td class="portlet-form-input-field" align="left">
       <input type="checkbox" name="$id" #if ($value=="true") checked=1 #end>&nbsp;$label</input>
     </td>
@@ -200,3 +200,4 @@
   </tr>
 #end
 
+ 
\ No newline at end of file

Added: portals/jetspeed-2/applications/j2-admin/trunk/sso-edit-prefs.vm
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/sso-edit-prefs.vm?rev=770879&view=auto
==============================================================================
--- portals/jetspeed-2/applications/j2-admin/trunk/sso-edit-prefs.vm (added)
+++ portals/jetspeed-2/applications/j2-admin/trunk/sso-edit-prefs.vm Sat May  2 01:46:31 2009
@@ -0,0 +1,59 @@
+#*
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+*#
+<h2 class="portlet-section-header">Edit Preferences</h2>
+
+<form action="$renderResponse.createActionURL()" method="post">
+<table>
+#foreach ($pref in $prefs)
+#if ($pref.Key == "sso.type")
+  <tr colspan="4" align="right">
+    <td width="5%" class="portlet-form-label" align="left">&nbsp;</td>
+    <td nowrap class="portlet-section-alternate" align="left">$pref.Key:&nbsp;</td>
+    <td class="portlet-form-input-field" align="left">
+	  <select id="$pref.Key" name="$pref.Key">
+#foreach ($ssoType in $ssoTypes)        
+#if ($ssoType == $ssoTypeSelected)
+            <option selected value="$ssoType">$ssoType</option>
+#else
+            <option value="$ssoType">$ssoType</option>
+#end
+#end            
+        </select>            
+    </td>
+    <td width="5%" class="portlet-form-label" align="left">&nbsp;</td>  
+  </tr>
+#else
+#prefField($pref.Key $pref.Value "40")
+#end
+#end
+<hr/>
+#form4ColumnCell("SSO Principal" $ssoPrincipal 30 "ssoPrincipal")
+#form4PasswordCell("SSO Credential" $ssoCredential 30 "ssoCredential")
+</table>
+<input type="submit" name="Save" value="Save" />
+</form>
+
+#if ($statusMsg)
+<table width="100%" cellpadding="0" cellspacing="0" border="0">
+<tr>
+	<div class="$statusMsg.Type">$statusMsg.Text</div>
+</tr>
+</table>
+#end
+
+
+

Propchange: portals/jetspeed-2/applications/j2-admin/trunk/sso-edit-prefs.vm
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: portals/jetspeed-2/applications/j2-admin/trunk/sso-edit-prefs.vm
------------------------------------------------------------------------------
    svn:keywords = Id



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message