portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rwat...@apache.org
Subject svn commit: r788615 - in /portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE: components/serializer/ components/serializer/src/java/org/apache/jetspeed/serializer/ components/serializer/src/java/org/apache/jetspeed/serializer/objects/ compon...
Date Fri, 26 Jun 2009 07:33:52 GMT
Author: rwatler
Date: Fri Jun 26 07:33:51 2009
New Revision: 788615

URL: http://svn.apache.org/viewvc?rev=788615&view=rev
Log:
JS2-1034: implement SSO import/export serialization

Added:
    portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSite.java
    portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSiteRemoteUser.java
    portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSiteRemoteUsers.java
    portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSites.java
Modified:
    portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/maven.xml
    portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/project.xml
    portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/JetspeedSerializerApplication.java
    portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/JetspeedSerializerImpl.java
    portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSeedData.java
    portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/JETSPEED-INF/ojb/sso_repository.xml
    portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java
    portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/SSOSiteImpl.java
    portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/etc/build-with-DDLUTILS.xml
    portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/etc/build.xml
    portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/installer/etc/database/build.xml
    portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/serializer/JetspeedSerializer.java
    portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOProvider.java
    portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOSite.java
    portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-archetypes/portal/build.xml
    portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-archetypes/portal/src/archetype/archetype-resources/etc/build.xml
    portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-plugin/plugin-with-DDLUTILS.jelly
    portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-plugin/plugin.jelly

Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/maven.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/maven.xml?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/maven.xml (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/maven.xml Fri Jun 26 07:33:51 2009
@@ -33,6 +33,7 @@
         <copy todir='${maven.build.dir}/assembly/' file='../../src/webapp/WEB-INF/assembly/security-spi.xml'/>
         <copy todir='${maven.build.dir}/assembly/' file='../../src/webapp/WEB-INF/assembly/security-spi-atn.xml'/>
         <copy todir='${maven.build.dir}/assembly/' file='../../src/webapp/WEB-INF/assembly/security-spi-atz.xml'/>
+        <copy todir='${maven.build.dir}/assembly/' file='../../src/webapp/WEB-INF/assembly/sso.xml'/>
         <copy todir='${maven.build.dir}/assembly/' file='../../src/webapp/WEB-INF/assembly/transaction.xml'/>        
         <copy todir='${maven.build.dir}/assembly/' file='../../src/webapp/WEB-INF/assembly/prefs.xml'/>                
         <copy todir='${maven.build.dir}/assembly/' file='../../src/webapp/WEB-INF/assembly/cache.xml'/>                        	        	

Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/project.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/project.xml?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/project.xml (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/project.xml Fri Jun 26 07:33:51 2009
@@ -83,7 +83,7 @@
     </dependency>            
 
 
-  <dependency>
+    <dependency>
       <id>org.apache.portals.jetspeed-2:jetspeed-profiler</id>
       <version>${jetspeed.version}</version>
       <properties>
@@ -91,6 +91,13 @@
       </properties>                            
     </dependency>            
 
+    <dependency>
+      <id>org.apache.portals.jetspeed-2:jetspeed-sso</id>
+      <version>${jetspeed.version}</version>
+      <properties>
+         <war.bundle>true</war.bundle>
+      </properties>                            
+    </dependency>            
 
     <dependency>
       <id>org.apache.portals.jetspeed-2:jetspeed-locator</id>

Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/JetspeedSerializerApplication.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/JetspeedSerializerApplication.java?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/JetspeedSerializerApplication.java (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/JetspeedSerializerApplication.java Fri Jun 26 07:33:51 2009
@@ -48,6 +48,7 @@
  *      PROFILE = extract/import profile settings (for export requires USER)
  *      PERMISSIONS = extract/import permissions 
  *      PREFS = extract/import  portlet preferences (ignored if any of the above is set)
+ *      SSO = extract/import sso sites
  *      
  *      NOOVERWRITE = don't overwrite existing file (for export)
  *      BACKUP = backup before process
@@ -264,6 +265,7 @@
             settings.put(JetspeedSerializer.KEY_PROCESS_CAPABILITIES, Boolean.FALSE);
             settings.put(JetspeedSerializer.KEY_PROCESS_PROFILER, Boolean.FALSE);
             settings.put(JetspeedSerializer.KEY_PROCESS_USER_PREFERENCES, Boolean.FALSE);
+            settings.put(JetspeedSerializer.KEY_PROCESS_SSO, Boolean.FALSE);
             settings.put(JetspeedSerializer.KEY_OVERWRITE_EXISTING, Boolean.TRUE);
             settings.put(JetspeedSerializer.KEY_BACKUP_BEFORE_PROCESS, Boolean.FALSE);            
             String[] optionSet = getTokens(options);
@@ -279,6 +281,7 @@
                     settings.put(JetspeedSerializer.KEY_PROCESS_CAPABILITIES, Boolean.TRUE);
                     settings.put(JetspeedSerializer.KEY_PROCESS_PROFILER, Boolean.TRUE);
                     settings.put(JetspeedSerializer.KEY_PROCESS_PERMISSIONS, Boolean.TRUE);                    
+                    settings.put(JetspeedSerializer.KEY_PROCESS_SSO, Boolean.TRUE);                    
                     settings.put(JetspeedSerializer.KEY_PROCESS_USER_PREFERENCES, Boolean.FALSE);
                     processHelper = 1;
                 }
@@ -308,6 +311,11 @@
                     settings.put(JetspeedSerializer.KEY_PROCESS_PERMISSIONS,
                             Boolean.TRUE);
                     processHelper = 1;                    
+                } else if (o.equalsIgnoreCase("SSO"))
+                {
+                    settings.put(JetspeedSerializer.KEY_PROCESS_SSO,
+                            Boolean.TRUE);
+                    processHelper = 1;                    
                 } else if (o.equalsIgnoreCase("NOOVERWRITE"))
                     settings.put(JetspeedSerializer.KEY_OVERWRITE_EXISTING,
                             Boolean.FALSE);
@@ -344,8 +352,7 @@
 			throw new IllegalArgumentException(
 					"Can't proceed without a valid database user");
 
-        
-        
+
         HashMap context = new HashMap();
  
 		context.put(SpringJNDIStarter.DATASOURCE_DRIVER, driverClass);

Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/JetspeedSerializerImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/JetspeedSerializerImpl.java?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/JetspeedSerializerImpl.java (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/JetspeedSerializerImpl.java Fri Jun 26 07:33:51 2009
@@ -50,8 +50,10 @@
 import org.apache.jetspeed.security.RoleManager;
 import org.apache.jetspeed.security.User;
 import org.apache.jetspeed.security.UserManager;
+import org.apache.jetspeed.security.om.InternalCredential;
 import org.apache.jetspeed.security.om.InternalPermission;
 import org.apache.jetspeed.security.om.InternalPrincipal;
+import org.apache.jetspeed.security.om.InternalUserPrincipal;
 import org.apache.jetspeed.security.spi.PasswordCredentialProvider;
 import org.apache.jetspeed.serializer.objects.JSCapabilities;
 import org.apache.jetspeed.serializer.objects.JSCapability;
@@ -79,12 +81,19 @@
 import org.apache.jetspeed.serializer.objects.JSRuleCriterions;
 import org.apache.jetspeed.serializer.objects.JSSeedData;
 import org.apache.jetspeed.serializer.objects.JSSnapshot;
+import org.apache.jetspeed.serializer.objects.JSSSOSite;
+import org.apache.jetspeed.serializer.objects.JSSSOSiteRemoteUser;
+import org.apache.jetspeed.serializer.objects.JSSSOSiteRemoteUsers;
+import org.apache.jetspeed.serializer.objects.JSSSOSites;
 import org.apache.jetspeed.serializer.objects.JSUser;
 import org.apache.jetspeed.serializer.objects.JSUserAttributes;
 import org.apache.jetspeed.serializer.objects.JSUserGroups;
 import org.apache.jetspeed.serializer.objects.JSUserRoles;
 import org.apache.jetspeed.serializer.objects.JSUserUsers;
 import org.apache.jetspeed.serializer.objects.JSUsers;
+import org.apache.jetspeed.sso.SSOException;
+import org.apache.jetspeed.sso.SSOProvider;
+import org.apache.jetspeed.sso.SSOSite;
 
 /**
  * Jetspeed Serializer
@@ -127,6 +136,8 @@
 
     private HashMap rulesMap = new HashMap();
 
+    private HashMap ssoSitesMap = new HashMap();
+
     int refCouter = 0;
 
  
@@ -192,6 +203,7 @@
         setSetting(JetspeedSerializer.KEY_PROCESS_CAPABILITIES, true);
         setSetting(JetspeedSerializer.KEY_PROCESS_PROFILER, true);
         setSetting(JetspeedSerializer.KEY_PROCESS_PERMISSIONS, true);
+        setSetting(JetspeedSerializer.KEY_PROCESS_SSO, true);
         setSetting(JetspeedSerializer.KEY_OVERWRITE_EXISTING, true);
         setSetting(JetspeedSerializer.KEY_BACKUP_BEFORE_PROCESS, true);
     }
@@ -926,6 +938,19 @@
         }  
     }
     
+    private void importSSO()
+    {
+        System.out.println("importSSO - processing");
+        try
+        {
+            recreateSSOSites();
+        }
+        catch (Exception e)
+        {
+            e.printStackTrace();
+        }  
+    }
+
 
     /**
      * The workhorse for importing data
@@ -971,6 +996,12 @@
             logMe("permissions, rules etc. skipped ");
             recreatePermissions();            
         }        
+
+        if (this.getSetting(JetspeedSerializer.KEY_PROCESS_SSO))        
+        {
+            logMe("importing sso");
+            this.importSSO();            
+        }        
     }
 
     /**
@@ -1019,6 +1050,13 @@
         } else
             logMe(" permissions skipped");
         
+        if (this.getSetting(JetspeedSerializer.KEY_PROCESS_SSO))
+        {
+            logMe("collecting sso sites");
+            this.getSSOSites();
+        } else
+            logMe(" sso skipped");
+        
     }
 
     /**
@@ -1067,6 +1105,11 @@
         
         binding.setAlias(JSPWAttributes.class,"credentials");
 
+        binding.setAlias(JSSSOSite.class, "Site");
+        binding.setAlias(JSSSOSiteRemoteUser.class, "RemoteUser");
+        binding.setAlias(JSSSOSiteRemoteUsers.class, "RemoteUsers");
+        binding.setAlias(JSSSOSites.class, "SSOSites");
+
         binding.setClassAttribute(null);
 
     }
@@ -1860,6 +1903,112 @@
     }
     
     /**
+     * Create the SSO Site Wrapper
+     * 
+     * @param s sso site
+     * @return sso site wrapper
+     */
+    private JSSSOSite createSSOSite(SSOSite s)
+    {
+        JSSSOSite site = new JSSSOSite();
+        site.setName(s.getName());
+        site.setSiteURL(s.getSiteURL());
+        site.setAllowUserSet(s.isAllowUserSet());
+        site.setCertificateRequired(s.isCertificateRequired());
+        site.setChallengeResponseAuthentication(s.isChallengeResponseAuthentication());
+        site.setRealm(s.getRealm());
+        site.setFormAuthentication(s.isFormAuthentication());
+        site.setFormUserField(s.getFormUserField());
+        site.setFormPwdField(s.getFormPwdField());
+
+        Iterator rupIter = s.getRemotePrincipals().iterator();
+        while (rupIter.hasNext())
+        {
+            InternalUserPrincipal rup = (InternalUserPrincipal)rupIter.next();
+            InternalCredential rupCredential = null;
+            Collection rupCredentials = rup.getCredentials();
+            if (rupCredentials != null)
+            {
+                rupCredential = (InternalCredential)rupCredentials.iterator().next();
+            }
+            if (rupCredential != null)
+            {
+                String rupPath = rup.getFullPath();
+                String rupPrincipalType = null;
+                String rupPrincipalName = null;
+                String rupName = null;
+                String [] names = null;
+                if (rupPath.startsWith("/sso/") && rupPath.contains("/user/"))
+                {
+                    rupPrincipalType = "user";
+                    names = rupPath.replaceAll("^/sso/[0-9]+/user/", "").split("/");
+                }
+                else if (rupPath.startsWith("/sso/") && rupPath.contains("/group/"))
+                {
+                    rupPrincipalType = "group";
+                    names = rupPath.replaceAll("^/sso/[0-9]+/group/", "").split("/");
+                }
+                if ((names != null) && (names.length == 2))
+                {
+                    rupPrincipalName = names[0];
+                    rupName = names[1];
+                }
+                if ((rupPrincipalType != null) && (rupPrincipalName != null) && (rupPrincipalName.length() > 0) && (rupName != null) && (rupName.length() > 0))
+                {
+                    JSSSOSiteRemoteUser siteRemoteUser = new JSSSOSiteRemoteUser();
+                    siteRemoteUser.setPrincipalName(rupPrincipalName);
+                    siteRemoteUser.setPrincipalType(rupPrincipalType);
+                    siteRemoteUser.setUserCredential(rupName, rupCredential.getValue().toCharArray());
+                    site.addRemoteUser(siteRemoteUser);
+                }
+            }
+        }
+            
+        return site;
+    }
+
+    /**
+     * extract SSO sites and save in snapshot file
+     * 
+     * @throws SerializerException
+     */
+    private void getSSOSites() throws SerializerException
+    {
+        SSOProvider ssoProvider = (SSOProvider) getCM().getComponent("org.apache.jetspeed.sso.SSOProvider");
+        if (ssoProvider == null)
+        {
+            throw new SerializerException(SerializerException.COMPONENTMANAGER_DOES_NOT_EXIST.create("org.apache.jetspeed.sso.SSOProvider"));
+        }
+
+        Iterator list = null;
+        try
+        {
+            list = ssoProvider.getSites("");
+        }
+        catch (Exception e)
+        {
+            throw new SerializerException(SerializerException.GET_EXISTING_OBJECTS.create(new String[]{"SSOSites", e.getMessage()}));
+        }
+        while (list.hasNext())
+        {
+            try
+            {
+                SSOSite s = (SSOSite) list.next();                
+                if (!(ssoSitesMap.containsKey(s.getSiteURL())))
+                {
+                    JSSSOSite site = createSSOSite(s);
+                    ssoSitesMap.put(site.getSiteURL(), site);
+                    ((JSSeedData)getSnapshot()).getSSOSites().add(site);
+                }
+            }
+            catch (Exception e)
+            {
+                throw new SerializerException(SerializerException.CREATE_SERIALIZED_OBJECT_FAILED.create(new String[]{"SSOSites", e.getMessage()}));
+            }
+        }
+    }
+    
+    /**
      * ++++++++++++++++++++++++++++++HELPERS
      * +++++++++++++++++++++++++++++++++++++++++++++
      */
@@ -2001,5 +2150,95 @@
 	    }	
 
 
+    /**
+     * Construct SSO site from (JS) SSOSite.
+     * 
+     * @param ssoProvider SSO provider
+     * @param site SSO site
+     * @param s existing SSO site
+     * @return created SSO site
+     * @throws SerializerException
+     * @throws SSOException
+     */
+    private SSOSite recreateSSOSite(SSOProvider ssoProvider, JSSSOSite site, SSOSite s) throws SerializerException, SSOException
+    {
+        if (s != null)
+        {
+            ssoProvider.removeSite(s);
+        }
+        
+        ssoProvider.addSite(site.getName(), site.getSiteURL());
+        s = ssoProvider.getSite(site.getSiteURL());
+        s.setAllowUserSet(site.isAllowUserSet());
+        s.setCertificateRequired(site.isCertificateRequired());
+        s.setChallengeResponseAuthentication(site.isChallengeResponseAuthentication());
+        s.setRealm(site.getRealm());
+        s.setFormAuthentication(site.isFormAuthentication());
+        s.setFormUserField(site.getFormUserField());
+        s.setFormPwdField(site.getFormPwdField());
+
+        if (site.getRemoteUsers() != null)
+        {
+            Iterator ruIter = site.getRemoteUsers().iterator();
+            while (ruIter.hasNext())
+            {
+                JSSSOSiteRemoteUser rUser = (JSSSOSiteRemoteUser)ruIter.next();
+                if (rUser.getPassword() != null)
+                {
+                    String pName = rUser.getPrincipalName();
+                    String pFullPath = "/"+rUser.getPrincipalType()+"/"+pName;
+                    String rName = rUser.getName();
+                    String rPassword = new String(rUser.getPassword());
+                    ssoProvider.addCredentialsForSite(s, pFullPath, pName, rName, rPassword);
+                }
+            }
+        }
+        
+        return s;
+    }
+    
+    /**
+     * Create imported SSO sites.
+     * 
+     * @throws SerializerException
+     */
+    private void recreateSSOSites() throws SerializerException
+    {
+        logMe("recreateSSOSites - processing");
+        
+        SSOProvider ssoProvider = (SSOProvider) getCM().getComponent("org.apache.jetspeed.sso.SSOProvider");
+        if (ssoProvider == null)
+        {
+            throw new SerializerException(SerializerException.COMPONENTMANAGER_DOES_NOT_EXIST.create("org.apache.jetspeed.sso.SSOProvider"));
+        }
 
+        JSSSOSites sites = ((JSSeedData)getSnapshot()).getSSOSites();
+        if ((sites != null) && (sites.size() > 0))
+        {
+            Iterator sitesIter = sites.iterator();
+            while (sitesIter.hasNext())
+            {
+                JSSSOSite site = (JSSSOSite)sitesIter.next();
+                try
+                {
+                    SSOSite s = ssoProvider.getSite(site.getSiteURL());
+                    if ((s == null) || getSetting(JetspeedSerializer.KEY_OVERWRITE_EXISTING))
+                    {
+                        s = recreateSSOSite(ssoProvider, site, s);
+                        ssoProvider.updateSite(s);        
+                    }
+                }
+                catch (Exception e)
+                {
+                    throw new SerializerException(SerializerException.CREATE_OBJECT_FAILED.create("SSOSite",e.getLocalizedMessage()));
+                }
+            }
+        }
+        else
+        {
+            logMe("NO SSO SITES?????");
+        }
+        
+        logMe("recreateSSOSites - done");        
+    }   
 }

Added: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSite.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSite.java?rev=788615&view=auto
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSite.java (added)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSite.java Fri Jun 26 07:33:51 2009
@@ -0,0 +1,226 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.serializer.objects;
+
+import javolution.xml.XMLFormat;
+import javolution.xml.stream.XMLStreamException;
+
+import org.apache.commons.lang.StringEscapeUtils;
+
+/**
+ * Jetspeed Serialized (JS) SSOSite
+ * 
+ * @author <a href="mailto:rwatler@apache.org">Randy Watler</a>
+ * @version $Id: $
+ */
+public class JSSSOSite
+{
+    private String name;
+
+    private String siteURL;
+
+    private boolean allowUserSet;
+
+    private boolean certificateRequired;
+    
+    private boolean challengeResponseAuthentication;
+    
+    private String realm;
+    
+    private boolean formAuthentication;
+    
+    private String formUserField;
+    
+    private String formPwdField;
+    
+    private JSSSOSiteRemoteUsers remoteUsers;
+
+    public JSSSOSite()
+    {
+    }
+
+    public String getName()
+    {
+        return name;
+    }
+
+    public void setName(String name)
+    {
+        this.name = name;
+    }
+
+    public String getSiteURL()
+    {
+        return siteURL;
+    }
+
+    public void setSiteURL(String siteURL)
+    {
+        this.siteURL = siteURL;
+    }
+
+    public boolean isAllowUserSet()
+    {
+        return allowUserSet;
+    }
+
+    public void setAllowUserSet(boolean allowUserSet)
+    {
+        this.allowUserSet = allowUserSet;
+    }
+
+    public boolean isCertificateRequired()
+    {
+        return certificateRequired;
+    }
+
+    public void setCertificateRequired(boolean certificateRequired)
+    {
+        this.certificateRequired = certificateRequired;
+    }
+
+    public boolean isChallengeResponseAuthentication()
+    {
+        return challengeResponseAuthentication;
+    }
+
+    public void setChallengeResponseAuthentication(boolean challengeResponseAuthentication)
+    {
+        this.challengeResponseAuthentication = challengeResponseAuthentication;
+    }
+
+    public String getRealm()
+    {
+        return realm;
+    }
+
+    public void setRealm(String realm)
+    {
+        this.realm = realm;
+    }
+
+    public boolean isFormAuthentication()
+    {
+        return formAuthentication;
+    }
+
+    public void setFormAuthentication(boolean formAuthentication)
+    {
+        this.formAuthentication = formAuthentication;
+    }
+
+    public String getFormUserField()
+    {
+        return formUserField;
+    }
+
+    public void setFormUserField(String formUserField)
+    {
+        this.formUserField = formUserField;
+    }
+
+    public String getFormPwdField()
+    {
+        return formPwdField;
+    }
+
+    public void setFormPwdField(String formPwdField)
+    {
+        this.formPwdField = formPwdField;
+    }
+
+    public JSSSOSiteRemoteUsers getRemoteUsers()
+    {
+        return remoteUsers;
+    }
+
+    public void setRemoteUsers(JSSSOSiteRemoteUsers remoteUsers)
+    {
+        this.remoteUsers = remoteUsers;
+    }
+
+    public void addRemoteUser(JSSSOSiteRemoteUser remoteUser)
+    {
+        if (remoteUsers == null)
+        {
+            remoteUsers = new JSSSOSiteRemoteUsers();
+        }
+        remoteUsers.add(remoteUser);
+    }
+
+    /***************************************************************************
+     * SERIALIZER
+     */
+    private static final XMLFormat XML = new XMLFormat(JSSSOSite.class)
+    {
+        public void write(Object o, OutputElement xml) throws XMLStreamException
+        {
+            try
+            {
+                JSSSOSite g = (JSSSOSite) o;
+
+                xml.setAttribute("name", g.getName());
+                xml.setAttribute("siteURL", g.getSiteURL());
+                xml.setAttribute("allowUserSet", g.isAllowUserSet());
+                xml.setAttribute("certificateRequired", g.isCertificateRequired());
+                xml.setAttribute("challengeResponseAuthentication", g.isChallengeResponseAuthentication());
+                xml.setAttribute("realm", g.getRealm());
+                xml.setAttribute("formAuthentication", g.isFormAuthentication());
+                xml.setAttribute("formUserField", g.getFormUserField());
+                xml.setAttribute("formPwdField", g.getFormPwdField());
+
+                xml.add(g.getRemoteUsers());
+            }
+            catch (Exception e)
+            {
+                e.printStackTrace();
+            }
+        }
+
+        public void read(InputElement xml, Object o)
+        {
+            try
+            {
+                JSSSOSite g = (JSSSOSite) o;
+
+                g.setName(StringEscapeUtils.unescapeHtml(xml.getAttribute("name", (String)null)));
+                g.setSiteURL(StringEscapeUtils.unescapeHtml(xml.getAttribute("siteURL", (String)null)));
+                g.setAllowUserSet(Boolean.parseBoolean(StringEscapeUtils.unescapeHtml(xml.getAttribute("allowUserSet", "false"))));
+                g.setCertificateRequired(Boolean.parseBoolean(StringEscapeUtils.unescapeHtml(xml.getAttribute("certificateRequired", "false"))));
+                g.setChallengeResponseAuthentication(Boolean.parseBoolean(StringEscapeUtils.unescapeHtml(xml.getAttribute("challengeResponseAuthentication", "false"))));
+                g.setRealm(StringEscapeUtils.unescapeHtml(xml.getAttribute("realm", (String)null)));
+                g.setFormAuthentication(Boolean.parseBoolean(StringEscapeUtils.unescapeHtml(xml.getAttribute("formAuthentication", "false"))));
+                g.setFormUserField(StringEscapeUtils.unescapeHtml(xml.getAttribute("formUserField", (String)null)));
+                g.setFormPwdField(StringEscapeUtils.unescapeHtml(xml.getAttribute("formPwdField", (String)null)));
+                
+                Object o1 = null;
+                while (xml.hasNext())
+                {
+                    o1 = xml.getNext();
+                    if (o1 instanceof JSSSOSiteRemoteUsers)
+                    {
+                        g.setRemoteUsers((JSSSOSiteRemoteUsers)o1);
+                    }
+                }
+            }
+            catch (Exception e)
+            {
+                e.printStackTrace();
+            }
+        }
+    };
+}

Added: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSiteRemoteUser.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSiteRemoteUser.java?rev=788615&view=auto
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSiteRemoteUser.java (added)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSiteRemoteUser.java Fri Jun 26 07:33:51 2009
@@ -0,0 +1,133 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.serializer.objects;
+
+import javolution.xml.XMLFormat;
+import javolution.xml.stream.XMLStreamException;
+
+import org.apache.commons.lang.StringEscapeUtils;
+
+/**
+ * Jetspeed Serialized (JS) SSORemoteUser
+ * 
+ * @author <a href="mailto:rwatler@apache.org">Randy Watler</a>
+ * @version $Id: $
+ */
+public class JSSSOSiteRemoteUser
+{
+    private String principalName;
+
+    private String principalType;
+    
+    private String name;
+    
+    private char[] password;
+
+    public JSSSOSiteRemoteUser()
+    {
+    }
+
+    public String getPrincipalName()
+    {
+        return principalName;
+    }
+
+    public void setPrincipalName(String principalName)
+    {
+        this.principalName = principalName;
+    }
+
+    public String getPrincipalType()
+    {
+        return principalType;
+    }
+
+    public void setPrincipalType(String principalType)
+    {
+        this.principalType = principalType;
+    }
+
+    public String getName()
+    {
+        return name;
+    }
+
+    public void setName(String name)
+    {
+        this.name = name;
+    }
+
+    public char[] getPassword()
+    {
+        return password;
+    }
+
+    public void setPassword(char[] password)
+    {
+        this.password = password;
+    }
+
+    public void setUserCredential(String name, char[] password)
+    {
+        setName(name);
+        setPassword(password);
+    }
+
+    /***************************************************************************
+     * SERIALIZER
+     */
+    private static final XMLFormat XML = new XMLFormat(JSSSOSiteRemoteUser.class)
+    {
+        public void write(Object o, OutputElement xml) throws XMLStreamException
+        {
+            try
+            {
+                JSSSOSiteRemoteUser g = (JSSSOSiteRemoteUser) o;
+
+                xml.setAttribute("principalName", g.getPrincipalName());
+                xml.setAttribute("principalType", g.getPrincipalType());
+                xml.setAttribute("name", g.getName());
+                if (g.getPassword() != null)
+                {
+                    xml.setAttribute("password", new String(g.getPassword()));
+                }
+            }
+            catch (Exception e)
+            {
+                e.printStackTrace();
+            }
+        }
+
+        public void read(InputElement xml, Object o)
+        {
+            try
+            {
+                JSSSOSiteRemoteUser g = (JSSSOSiteRemoteUser) o;
+
+                g.setPrincipalName(StringEscapeUtils.unescapeHtml(xml.getAttribute("principalName", (String)null)));
+                g.setPrincipalType(StringEscapeUtils.unescapeHtml(xml.getAttribute("principalType", (String)null)));
+                g.setName(StringEscapeUtils.unescapeHtml(xml.getAttribute("name", (String)null)));
+                String passwordString = StringEscapeUtils.unescapeHtml(xml.getAttribute("password", (String)null));
+                g.setPassword((passwordString != null) ? passwordString.toCharArray() : null);
+            }
+            catch (Exception e)
+            {
+                e.printStackTrace();
+            }
+        }
+    };
+}

Added: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSiteRemoteUsers.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSiteRemoteUsers.java?rev=788615&view=auto
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSiteRemoteUsers.java (added)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSiteRemoteUsers.java Fri Jun 26 07:33:51 2009
@@ -0,0 +1,31 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.serializer.objects;
+
+import java.util.ArrayList;
+
+
+/**
+ * Simple wrapper class for XML serialization
+ * 
+ * @author <a href="mailto:rwatler@apache.org">Randy Watler</a>
+ * @version $Id: $
+ *
+ */
+public class JSSSOSiteRemoteUsers extends ArrayList
+{
+}

Added: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSites.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSites.java?rev=788615&view=auto
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSites.java (added)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSSOSites.java Fri Jun 26 07:33:51 2009
@@ -0,0 +1,31 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jetspeed.serializer.objects;
+
+import java.util.ArrayList;
+
+
+/**
+ * Simple wrapper class for XML serialization
+ * 
+ * @author <a href="mailto:rwatler@apache.org">Randy Watler</a>
+ * @version $Id: $
+ *
+ */
+public class JSSSOSites extends ArrayList
+{
+}

Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSeedData.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSeedData.java?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSeedData.java (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/serializer/src/java/org/apache/jetspeed/serializer/objects/JSSeedData.java Fri Jun 26 07:33:51 2009
@@ -50,6 +50,8 @@
     private JSProfilingRules rules;
 
     private String defaultRule;
+    
+    private JSSSOSites ssoSites;
 
     /**
      * check the software version and subvversion against the saved
@@ -98,6 +100,7 @@
         users = new JSUsers();
         permissions = new JSPermissions();
         rules = new JSProfilingRules();
+        ssoSites = new JSSSOSites();
     }
 
  
@@ -136,6 +139,7 @@
                 xml.add(g.getPermissions());
                 xml.add(g.getRules());
 
+                xml.add(g.getSSOSites());
             } catch (Exception e)
             {
                 e.printStackTrace();
@@ -175,6 +179,8 @@
                         g.permissions = (JSPermissions) o1;
                     else if (o1 instanceof JSProfilingRules)
                         g.rules = (JSProfilingRules) o1;
+                    else if (o1 instanceof JSSSOSites)
+                        g.ssoSites = (JSSSOSites) o1;
                 }
             } catch (Exception e)
             {
@@ -377,4 +383,20 @@
         this.defaultRule = defaultRule;
     }
 
+    /**
+     * @return Returns the SSOSites.
+     */
+    public JSSSOSites getSSOSites()
+    {
+        return ssoSites;
+    }
+
+    /**
+     * @param sites
+     *            The SSO sites to set.
+     */
+    public void setSSOSites(JSSSOSites sites)
+    {
+        this.ssoSites = sites;
+    }
 }

Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/JETSPEED-INF/ojb/sso_repository.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/JETSPEED-INF/ojb/sso_repository.xml?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/JETSPEED-INF/ojb/sso_repository.xml (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/JETSPEED-INF/ojb/sso_repository.xml Fri Jun 26 07:33:51 2009
@@ -151,7 +151,7 @@
 	    </field-descriptor>
 	    
 	    <field-descriptor
-	        name="isChallangeResponseAuthentication"
+	        name="isChallengeResponseAuthentication"
 	        column="CHALLENGE_RESPONSE_AUTH"
 	        jdbc-type="INTEGER"
 	        conversion="org.apache.ojb.broker.accesslayer.conversions.Boolean2IntFieldConversion"

Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java Fri Jun 26 07:33:51 2009
@@ -448,12 +448,11 @@
 	}
 
 	/* addCredential()
-		 * Adds credentials for a user to the site. If the site doesn't exist it will be created
+	 * Adds credentials for a user to the site. If the site doesn't exist it will be created
 	 * @see org.apache.jetspeed.sso.SSOProvider#addCredentialsForSite(javax.security.auth.Subject, java.lang.String, java.lang.String)
 	 */
-	public void addCredentialsForSite(Subject subject, String remoteUser, String site, String pwd)
-			throws SSOException {
-		
+	public void addCredentialsForSite(Subject subject, String remoteUser, String site, String pwd) throws SSOException
+	{
 		// Check if an entry for the site already exists otherwise create a new one
 		SSOSite ssoSite = getSSOSiteObject(site);
 		if (ssoSite == null)
@@ -469,98 +468,17 @@
 			ssoSite.setFormAuthentication(false);
 			
 			// Store the site so that we get a valid SSOSiteID
-			try
-	         {
-	             getPersistenceBrokerTemplate().store(ssoSite);
-	          }
-	         catch (Exception e)
-	         {
-	         	e.printStackTrace();
-	            throw new SSOException(SSOException.FAILED_STORING_SITE_INFO_IN_DB + e.toString() );
-	         }
+	        updateSite(ssoSite);
 		}
 		
-		// Get the Principal information (logged in user)
+		// Get the Principal information, (logged in user), and add
+		// principals and credentials as needed
 		String fullPath = ((BasePrincipal)SecurityHelper.getBestPrincipal(subject, UserPrincipal.class)).getFullPath();
 		String principalName = ((BasePrincipal)SecurityHelper.getBestPrincipal(subject, UserPrincipal.class)).getName();
-		
-		// Add an entry for the principal to the site if it doesn't exist
-		SSOPrincipal principal = this.getPrincipalForSite(ssoSite, fullPath);
-		
-		if (principal == null )
-		{
-		    principal = getSSOPrincipal(fullPath);
-		    ssoSite.addPrincipal(principal);
-		}
-		else
-		{
-		    // Check if the entry the user likes to update exists already
-		    Collection remoteForSite = ssoSite.getRemotePrincipals();
-		    Collection principalsForSite = ssoSite.getPrincipals();
-		    
-		    if ( remoteForSite != null && principalsForSite != null)
-		    {
-		        Collection remoteForPrincipals = this.getRemotePrincipalsForPrincipal(principalsForSite, fullPath);
-		        if ( remoteForPrincipals != null)
-		        {
-			        if (findRemoteMatch(remoteForPrincipals, remoteForSite) != null )
-			        {
-			            // Entry exists can't to an add has to call update
-			            throw new SSOException(SSOException.REMOTE_PRINCIPAL_EXISTS_CALL_UPDATE);
-			        }
-		        }
-		    }
-		}
-		
-		if (principal == null)
-			throw new SSOException(SSOException.FAILED_ADDING_PRINCIPAL_TO_MAPPING_TABLE_FOR_SITE);
-		
-		// Create a remote principal and credentials
-		InternalUserPrincipalImpl remotePrincipal = new InternalUserPrincipalImpl(remoteUser);
-		
-		/*
-		 * The RemotePrincipal (class InternalUserPrincipal) will have a fullPath that identifies the entry as an SSO credential.
-		 * The entry has to be unique for a site and principal  (GROUP -or- USER ) an therefore it needs to be encoded as following:
-		 * The convention for the path is the following: /sso/SiteID/{user|group}/{user name | group name}/remote user name
-		 */
-		if ( fullPath.indexOf("/group/") > -1)
-		    remotePrincipal.setFullPath("/sso/" + ssoSite.getSiteId() + "/group/"+  principalName + "/" + remoteUser);
-		else
-		    remotePrincipal.setFullPath("/sso/" + ssoSite.getSiteId() + "/user/"+ principalName + "/" + remoteUser);
-		
-		// New credential object for remote principal
-		 InternalCredentialImpl credential = 
-            new InternalCredentialImpl(remotePrincipal.getPrincipalId(),
-            		this.scramble(pwd), 0, DefaultPasswordCredentialImpl.class.getName());
-		 
-		 if ( remotePrincipal.getCredentials() == null)
-		 	remotePrincipal.setCredentials(new ArrayList(0));
-		 
-		remotePrincipal.getCredentials().add( credential);
-		
-		// Add it to Principals remotePrincipals list
-		principal.addRemotePrincipal(remotePrincipal);
-
-		// Update the site remotePrincipals list
-		ssoSite.getRemotePrincipals().add(remotePrincipal);
-		
+	    addCredentialsForSite(ssoSite, fullPath, principalName, remoteUser, scramble(pwd)); 
 		 	
 		// Update database and reset cache
-		 try
-         {
-             getPersistenceBrokerTemplate().store(ssoSite);
-             
-             // Persist Principal/Remote
-     		getPersistenceBrokerTemplate().store(principal);
-          }
-         catch (Exception e)
-         {
-         	e.printStackTrace();
-            throw new SSOException(SSOException.FAILED_STORING_SITE_INFO_IN_DB + e.toString() );
-         }
-         
-         // Add to site
-         this.mapSite.put(site, ssoSite);
+	    updateSite(ssoSite);
 	}
 
 	/* (non-Javadoc)
@@ -1037,7 +955,14 @@
         filter.addEqualTo("siteURL", siteUrl);
         Query query = QueryFactory.newQuery(SSOSiteImpl.class, filter);
         SSOSite site = (SSOSite) getPersistenceBrokerTemplate().getObjectByQuery(query);
-        this.mapSite.put(siteUrl, site);
+        if (site != null)
+        {    
+            this.mapSite.put(siteUrl, site);
+        }
+        else
+        {
+            this.mapSite.remove(siteUrl);            
+        }
         return site;       
     }
     
@@ -1148,7 +1073,7 @@
         try
         {
             getPersistenceBrokerTemplate().delete(site);
-            this.mapSite.remove(site);
+            this.mapSite.remove(site.getSiteURL());
 
         }
         catch (Exception e)
@@ -1437,22 +1362,31 @@
     	return result;
     }
 
-    public void addCredentialsForSite(SSOSite ssoSite, Subject subject, String remoteUser, String pwd)
-    throws SSOException 
+    /* (non-Javadoc)
+     * @see org.apache.jetspeed.sso.SSOProvider#addCredentialsForSite(org.apache.jetspeed.sso.SSOSite, javax.security.auth.Subject, java.lang.String, java.lang.String)
+     */
+    public void addCredentialsForSite(SSOSite ssoSite, Subject subject, String remoteUser, String pwd) throws SSOException 
     {
-        String fullPath = ((BasePrincipal) SecurityHelper.getBestPrincipal(
-                subject, UserPrincipal.class)).getFullPath();
-        String principalName = ((BasePrincipal) SecurityHelper
-                .getBestPrincipal(subject, UserPrincipal.class)).getName();
+        String fullPath = ((BasePrincipal) SecurityHelper.getBestPrincipal(subject, UserPrincipal.class)).getFullPath();
+        String principalName = ((BasePrincipal) SecurityHelper.getBestPrincipal(subject, UserPrincipal.class)).getName();
 
+        addCredentialsForSite(ssoSite, fullPath, principalName, remoteUser, scramble(pwd));
+    }
+
+    /* (non-Javadoc)
+     * @see org.apache.jetspeed.sso.SSOProvider#addCredentialsForSite(org.apache.jetspeed.sso.SSOSite, java.lang.String, java.lang.String, java.lang.String, java.lang.String)
+     */
+    public void addCredentialsForSite(SSOSite ssoSite, String principalFullPath, String principalName, String remoteUser, String scrambledPwd) throws SSOException 
+    {
         // Add an entry for the principal to the site if it doesn't exist
-        SSOPrincipal principal = this.getPrincipalForSite(ssoSite, fullPath);
+        SSOPrincipal principal = getPrincipalForSite(ssoSite, principalFullPath);
 
         if (principal == null)
         {
-            principal = getSSOPrincipal(fullPath);
+            principal = getSSOPrincipal(principalFullPath);
             ssoSite.addPrincipal(principal);
-        } else
+        }
+        else
         {
             // Check if the entry the user likes to update exists already
             Collection remoteForSite = ssoSite.getRemotePrincipals();
@@ -1460,28 +1394,24 @@
 
             if (remoteForSite != null && principalsForSite != null)
             {
-                Collection remoteForPrincipals = this
-                        .getRemotePrincipalsForPrincipal(principalsForSite,
-                                fullPath);
+                Collection remoteForPrincipals = getRemotePrincipalsForPrincipal(principalsForSite, principalFullPath);
                 if (remoteForPrincipals != null)
                 {
                     if (findRemoteMatch(remoteForPrincipals, remoteForSite) != null)
                     {
                         // Entry exists can't to an add has to call update
-                        throw new SSOException(
-                                SSOException.REMOTE_PRINCIPAL_EXISTS_CALL_UPDATE);
+                        throw new SSOException(SSOException.REMOTE_PRINCIPAL_EXISTS_CALL_UPDATE);
                     }
                 }
             }
         }
-
         if (principal == null)
-            throw new SSOException(
-                    SSOException.FAILED_ADDING_PRINCIPAL_TO_MAPPING_TABLE_FOR_SITE);
+        {
+            throw new SSOException(SSOException.FAILED_ADDING_PRINCIPAL_TO_MAPPING_TABLE_FOR_SITE);
+        }
 
         // Create a remote principal and credentials
-        InternalUserPrincipalImpl remotePrincipal = new InternalUserPrincipalImpl(
-                remoteUser);
+        InternalUserPrincipalImpl remotePrincipal = new InternalUserPrincipalImpl(remoteUser);
 
         /*
          * The RemotePrincipal (class InternalUserPrincipal) will have a
@@ -1491,21 +1421,21 @@
          * path is the following: /sso/SiteID/{user|group}/{user name | group
          * name}/remote user name
          */
-        if (fullPath.indexOf("/group/") > -1)
-            remotePrincipal.setFullPath("/sso/" + ssoSite.getSiteId()
-                    + "/group/" + principalName + "/" + remoteUser);
+        if (principalFullPath.indexOf("/group/") > -1)
+        {
+            remotePrincipal.setFullPath("/sso/" + ssoSite.getSiteId() + "/group/" + principalName + "/" + remoteUser);
+        }
         else
-            remotePrincipal.setFullPath("/sso/" + ssoSite.getSiteId()
-                    + "/user/" + principalName + "/" + remoteUser);
+        {
+            remotePrincipal.setFullPath("/sso/" + ssoSite.getSiteId() + "/user/" + principalName + "/" + remoteUser);
+        }
 
         // New credential object for remote principal
-        InternalCredentialImpl credential = new InternalCredentialImpl(
-                remotePrincipal.getPrincipalId(), this.scramble(pwd), 0,
-                DefaultPasswordCredentialImpl.class.getName());
-
+        InternalCredentialImpl credential = new InternalCredentialImpl(remotePrincipal.getPrincipalId(), scrambledPwd, 0, DefaultPasswordCredentialImpl.class.getName());
         if (remotePrincipal.getCredentials() == null)
+        {
             remotePrincipal.setCredentials(new ArrayList(0));
-
+        }
         remotePrincipal.getCredentials().add(credential);
 
         // Add it to Principals remotePrincipals list
@@ -1514,7 +1444,7 @@
         // Update the site remotePrincipals list
         ssoSite.getRemotePrincipals().add(remotePrincipal);
 
-        // Update database and reset cache
+        // Update principal in database, (defer site update)
         try
         {
             getPersistenceBrokerTemplate().store(principal);
@@ -1522,8 +1452,7 @@
         catch (Exception e)
         {
             e.printStackTrace();
-            throw new SSOException(SSOException.FAILED_STORING_SITE_INFO_IN_DB
-                    + e.toString());
+            throw new SSOException(SSOException.FAILED_STORING_SITE_INFO_IN_DB + e.toString());
         }
     }
 

Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/SSOSiteImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/SSOSiteImpl.java?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/SSOSiteImpl.java (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/components/sso/src/java/org/apache/jetspeed/sso/impl/SSOSiteImpl.java Fri Jun 26 07:33:51 2009
@@ -43,7 +43,7 @@
 	private boolean	isAllowUserSet;
 	private boolean isCertificateRequired;
 	
-	private boolean	isChallangeResponseAuthentication;
+	private boolean	isChallengeResponseAuthentication;
 	
 	/* Realm used to do ChallengeResponse Authentication */
 	private String	realm;
@@ -260,13 +260,13 @@
 		this.formUserField = formUserField;
 	}
 
-	public boolean isChallangeResponseAuthentication() {
-		return isChallangeResponseAuthentication;
+	public boolean isChallengeResponseAuthentication() {
+		return isChallengeResponseAuthentication;
 	}
 
 	public void setChallengeResponseAuthentication(
-			boolean isChallangeResponseAuthentication) {
-		this.isChallangeResponseAuthentication = isChallangeResponseAuthentication;
+			boolean isChallengeResponseAuthentication) {
+		this.isChallengeResponseAuthentication = isChallengeResponseAuthentication;
 	}
 
 	public boolean isFormAuthentication() {

Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/etc/build-with-DDLUTILS.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/etc/build-with-DDLUTILS.xml?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/etc/build-with-DDLUTILS.xml (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/etc/build-with-DDLUTILS.xml Fri Jun 26 07:33:51 2009
@@ -590,6 +590,7 @@
             <include name="capabilities.xml"/>           
             <include name="prefs.xml"/>           
             <include name="profiler.xml"/>  
+            <include name="sso.xml"/>  
             <include name="jetspeed-spring.xml"/>  
             <include name="registry.xml"/>       
             <include name="transaction.xml"/>           
@@ -632,6 +633,9 @@
             <dependency groupId="${org.apache.jetspeed.deploy.groupid}"
                         artifactId="jetspeed-profiler"
                         version="${org.apache.jetspeed.deploy.version}"/>
+            <dependency groupId="${org.apache.jetspeed.deploy.groupid}"
+                        artifactId="jetspeed-sso"
+                        version="${org.apache.jetspeed.deploy.version}"/>
             <dependency groupId="portlet-api"
                  		artifactId="portlet-api"
                  		version="${portlet-api.version}"/>
@@ -1693,6 +1697,7 @@
 +            <include name="profiler.xml"/>           
 +            <include name="jetspeed-spring.xml"/>  
 +            <include name="registry.xml"/>       
++            <include name="sso.xml"/>       
 +            <include name="transaction.xml"/>           
 +          </fileset>
 +         </copy>

Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/etc/build.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/etc/build.xml?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/etc/build.xml (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/etc/build.xml Fri Jun 26 07:33:51 2009
@@ -476,6 +476,7 @@
             <include name="capabilities.xml"/>           
             <include name="prefs.xml"/>           
             <include name="profiler.xml"/>        
+            <include name="sso.xml"/>        
             <include name="transaction.xml"/> 
           	<include name="cache.xml" />
           </fileset>
@@ -528,6 +529,9 @@
                         artifactId="jetspeed-profiler"
                         version="${org.apache.jetspeed.deploy.version}"/>
             <dependency groupId="${org.apache.jetspeed.deploy.groupid}"
+                        artifactId="jetspeed-sso"
+                        version="${org.apache.jetspeed.deploy.version}"/>
+            <dependency groupId="${org.apache.jetspeed.deploy.groupid}"
                         artifactId="jetspeed-registry"
                         version="${org.apache.jetspeed.deploy.version}"/>
             <dependency groupId="${org.apache.jetspeed.deploy.groupid}"

Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/installer/etc/database/build.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/installer/etc/database/build.xml?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/installer/etc/database/build.xml (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/installer/etc/database/build.xml Fri Jun 26 07:33:51 2009
@@ -339,6 +339,7 @@
         <include name="capabilities.xml" />
         <include name="prefs.xml" />
         <include name="profiler.xml" />
+        <include name="sso.xml" />
         <include name="transaction.xml" />
         <include name="cache.xml" />
       </fileset>

Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/serializer/JetspeedSerializer.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/serializer/JetspeedSerializer.java?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/serializer/JetspeedSerializer.java (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/serializer/JetspeedSerializer.java Fri Jun 26 07:33:51 2009
@@ -87,6 +87,9 @@
     public final static String KEY_BACKUP_BEFORE_PROCESS = "backup_before_process"
             .intern();
 
+    public final static String KEY_PROCESS_SSO = "process_sso"
+        .intern();
+
     /** export/import instructions secondary*/
     public final static String KEY_PROCESS_ENTITIES = "process_entities".intern();
     public final static String KEY_PROCESS_PREFERENCES = "process_preferences".intern();

Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOProvider.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOProvider.java?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOProvider.java (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOProvider.java Fri Jun 26 07:33:51 2009
@@ -138,6 +138,18 @@
      */
     public void addCredentialsForSite(SSOSite ssoSite, Subject subject, String remoteUser, String pwd) 
     throws SSOException;
+
+    /**
+     * Add credentials inside a transaction using existing ssoSite for specified principal
+     * @param ssoSite
+     * @param principalFullPath
+     * @param principalName
+     * @param remoteUser
+     * @param scrambledPwd
+     * @throws SSOException
+     */
+    public void addCredentialsForSite(SSOSite ssoSite, String principalFullPath, String principalName, String remoteUser, String scrambledPwd)
+    throws SSOException; 
     
     /**
      * removeCredentialsForSite()

Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOSite.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOSite.java?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOSite.java (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/jetspeed-api/src/java/org/apache/jetspeed/sso/SSOSite.java Fri Jun 26 07:33:51 2009
@@ -130,7 +130,7 @@
      */
     public void setChallengeResponseAuthentication(boolean isChallengeResponseAuthentication);
     
-    public boolean isChallangeResponseAuthentication();
+    public boolean isChallengeResponseAuthentication();
 	public boolean isFormAuthentication();
 
 	public String getFormPwdField();

Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-archetypes/portal/build.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-archetypes/portal/build.xml?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-archetypes/portal/build.xml (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-archetypes/portal/build.xml Fri Jun 26 07:33:51 2009
@@ -120,6 +120,7 @@
             <include name="capabilities.xml"/>           
             <include name="prefs.xml"/>           
             <include name="profiler.xml"/>    
+            <include name="sso.xml"/>  
             <include name="cache.xml"/>  
             <include name="transaction.xml"/>           
           </fileset>

Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-archetypes/portal/src/archetype/archetype-resources/etc/build.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-archetypes/portal/src/archetype/archetype-resources/etc/build.xml?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-archetypes/portal/src/archetype/archetype-resources/etc/build.xml (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-archetypes/portal/src/archetype/archetype-resources/etc/build.xml Fri Jun 26 07:33:51 2009
@@ -477,6 +477,7 @@
             <include name="capabilities.xml"/>           
             <include name="prefs.xml"/>           
             <include name="profiler.xml"/>           
+            <include name="sso.xml"/>           
             <include name="transaction.xml"/>           
           </fileset>
          </copy>
@@ -536,6 +537,9 @@
              <dependency groupId="${org.apache.jetspeed.deploy.groupid}"
                          artifactId="jetspeed-portal"
                          version="${org.apache.jetspeed.deploy.version}"/>
+             <dependency groupId="${org.apache.jetspeed.deploy.groupid}"
+                         artifactId="jetspeed-sso"
+                         version="${org.apache.jetspeed.deploy.version}"/>
              <dependency groupId="portlet-api"
                   		artifactId="portlet-api"
                   		version="${portlet-api.version}"/>
@@ -580,4 +584,4 @@
      
    </target>
     
-</project>
\ No newline at end of file
+</project>

Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-plugin/plugin-with-DDLUTILS.jelly
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-plugin/plugin-with-DDLUTILS.jelly?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-plugin/plugin-with-DDLUTILS.jelly (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-plugin/plugin-with-DDLUTILS.jelly Fri Jun 26 07:33:51 2009
@@ -920,6 +920,7 @@
 				<include name="prefs.xml"/>           
 				<include name="profiler.xml"/>   
 				<include name="registry.xml"/>       
+				<include name="sso.xml"/>       
 				<include name="transaction.xml"/>           
 		      </fileset>
 		     </copy>
@@ -1780,6 +1781,7 @@
 +				<include name="prefs.xml"/>           
 +				<include name="profiler.xml"/>         
 +	            <include name="registry.xml"/>       
++	            <include name="sso.xml"/>       
 +  				<include name="transaction.xml"/>           
 +		      </fileset>
 +		     </copy>

Modified: portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-plugin/plugin.jelly
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-plugin/plugin.jelly?rev=788615&r1=788614&r2=788615&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-plugin/plugin.jelly (original)
+++ portals/jetspeed-2/portal/branches/JETSPEED-2.1.3-POSTRELEASE/maven-plugin/plugin.jelly Fri Jun 26 07:33:51 2009
@@ -1098,6 +1098,7 @@
 		<include name="capabilities.xml"/>           
 		<include name="prefs.xml"/>           
 		<include name="profiler.xml"/>      
+		<include name="sso.xml"/>       
 		<include name="transaction.xml"/>       
 		<include name="cache.xml"/>    
       </fileset>



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message