Return-Path: Delivered-To: apmail-portals-jetspeed-dev-archive@www.apache.org Received: (qmail 9688 invoked from network); 31 Aug 2010 00:31:50 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 31 Aug 2010 00:31:50 -0000 Received: (qmail 87003 invoked by uid 500); 31 Aug 2010 00:31:49 -0000 Delivered-To: apmail-portals-jetspeed-dev-archive@portals.apache.org Received: (qmail 86929 invoked by uid 500); 31 Aug 2010 00:31:49 -0000 Mailing-List: contact jetspeed-dev-help@portals.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Jetspeed Developers List" Delivered-To: mailing list jetspeed-dev@portals.apache.org Received: (qmail 86921 invoked by uid 99); 31 Aug 2010 00:31:48 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 31 Aug 2010 00:31:48 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 31 Aug 2010 00:31:47 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id 1CBDB2388A36; Tue, 31 Aug 2010 00:30:30 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r991049 - in /portals/jetspeed-2/applications/j2-admin/trunk/src/main: java/org/apache/jetspeed/portlets/sso/SSOIFramePortlet.java webapp/WEB-INF/portlet.xml webapp/WEB-INF/security/sso/sso-iframe-form-login.jsp Date: Tue, 31 Aug 2010 00:30:30 -0000 To: jetspeed-dev@portals.apache.org From: woonsan@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20100831003030.1CBDB2388A36@eris.apache.org> Author: woonsan Date: Tue Aug 31 00:30:29 2010 New Revision: 991049 URL: http://svn.apache.org/viewvc?rev=991049&view=rev Log: JS2-1208: Supporting form-based SSO in SSOIFramePortlet Added: portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/security/sso/sso-iframe-form-login.jsp Modified: portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOIFramePortlet.java portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/portlet.xml Modified: portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOIFramePortlet.java URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOIFramePortlet.java?rev=991049&r1=991048&r2=991049&view=diff ============================================================================== --- portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOIFramePortlet.java (original) +++ portals/jetspeed-2/applications/j2-admin/trunk/src/main/java/org/apache/jetspeed/portlets/sso/SSOIFramePortlet.java Tue Aug 31 00:30:29 2010 @@ -25,8 +25,10 @@ import javax.portlet.PortletContext; import javax.portlet.PortletException; import javax.portlet.PortletMode; import javax.portlet.PortletPreferences; +import javax.portlet.PortletSession; import javax.portlet.RenderRequest; import javax.portlet.RenderResponse; +import javax.portlet.ResourceURL; import org.apache.commons.codec.binary.Base64; import org.apache.jetspeed.security.PasswordCredential; @@ -52,17 +54,30 @@ public class SSOIFramePortlet extends IF public static final String SSO_TYPE_URL_BASE64 = "url.base64"; public static final String SSO_TYPE_HTTP = "http"; public static final String SSO_TYPE_CERTIFICATE = "certificate"; + public static final String SSO_TYPE_FORM = "form"; + public static final String SSO_TYPE_FORM_GET = "form.get"; + public static final String SSO_TYPE_FORM_POST = "form.post"; + public static final String SSO_TYPE_URL_USERNAME = "sso.url.Principal"; public static final String SSO_TYPE_URL_PASSWORD = "sso.url.Credential"; + + public static final String SSO_TYPE_FORM_USERNAME = "sso.form.Principal"; + public static final String SSO_TYPE_FORM_PASSWORD = "sso.form.Credential"; + public static final String SSO_TYPE_FORM_ACTION = "sso.form.Action"; + public static final String SSO_TYPE_FORM_ARGS = "sso.form.Args"; + + public static final String SSO_TYPE_FORM_AUTH_FLAG = SSOIFramePortlet.class.getName() + ".authFlag"; + public static final String SSO_REQUEST_ATTRIBUTE_USERNAME = "sso.ra.username"; public static final String SSO_REQUEST_ATTRIBUTE_PASSWORD = "sso.ra.password"; - + /* * The constants must be used in your HTML form for the SSO principal and * credential */ public static final String SSO_FORM_PRINCIPAL = "ssoPrincipal"; public static final String SSO_FORM_CREDENTIAL = "ssoCredential"; + private PortletContext context; private SSOManager sso; @@ -255,6 +270,19 @@ public class SSOIFramePortlet extends IF return response.encodeURL(source.toString()); } + else if (type.equals(SSO_TYPE_FORM) || type.equals(SSO_TYPE_FORM_GET) || type.equals(SSO_TYPE_FORM_POST)) + { + PortletSession portletSession = request.getPortletSession(false); + + if (portletSession == null || portletSession.getAttribute(SSO_TYPE_FORM_AUTH_FLAG) == null) + { + ResourceURL ssoLoginUrl = response.createResourceURL(); + ssoLoginUrl.setResourceID("/WEB-INF/security/sso/sso-iframe-form-login.jsp"); + return ssoLoginUrl.toString(); + } + + return baseSource; + } else { return baseSource; Modified: portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/portlet.xml URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/portlet.xml?rev=991049&r1=991048&r2=991049&view=diff ============================================================================== --- portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/portlet.xml (original) +++ portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/portlet.xml Tue Aug 31 00:30:29 2010 @@ -1717,7 +1717,7 @@ portlet-icon system-software-update.png - 300 + 0 text/html EDIT @@ -1734,7 +1734,11 @@ EDITABLEPREFS - TITLE, SRC, WIDTH, HEIGHT, MAX-WIDTH, MAX-HEIGHT, SCROLLING, AUTORESIZE, VISITLASTPAGE + + TITLE, SRC, WIDTH, HEIGHT, MAX-WIDTH, MAX-HEIGHT, SCROLLING, AUTORESIZE, VISITLASTPAGE, + sso.type, sso.url.Principal, sso.url.Credential, + sso.form.Action, sso.form.Principal, sso.form.Credential, sso.form.Args + TITLE @@ -1761,16 +1765,40 @@ 100% + VISITLASTPAGE + true + + + sso.type + url.base64 + + sso.url.Principal sso-principal sso.url.Credential sso-credential - + + + sso.form.Action + + + + sso.form.Principal + USERID + + + sso.form.Credential + PASSWORD + + + sso.form.Args + Submit2=Log In;OP=;OQ=;is_continue=false + - + Includes the content of another website inside the portal without using frames. All links are rewritten back to the portal to attempt to proxy all content through the portal. Additional Single-Signon Support to automatically log on this portlet to other web sites and manage sessions. SSOWebContentPortlet Added: portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/security/sso/sso-iframe-form-login.jsp URL: http://svn.apache.org/viewvc/portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/security/sso/sso-iframe-form-login.jsp?rev=991049&view=auto ============================================================================== --- portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/security/sso/sso-iframe-form-login.jsp (added) +++ portals/jetspeed-2/applications/j2-admin/trunk/src/main/webapp/WEB-INF/security/sso/sso-iframe-form-login.jsp Tue Aug 31 00:30:29 2010 @@ -0,0 +1,124 @@ +<%-- +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +--%> +<%@ page import="java.util.*" %> +<%@ page import="javax.portlet.*" %> +<%@ page import="org.apache.commons.lang.StringUtils" %> +<%@ page import="org.apache.jetspeed.security.PasswordCredential" %> +<%@ page import="org.apache.jetspeed.sso.SSOException" %> +<%@ page import="org.apache.jetspeed.sso.SSOManager" %> +<%@ page import="org.apache.jetspeed.sso.SSOSite" %> +<%@ page import="org.apache.jetspeed.sso.SSOUser" %> +<%@ page import="org.apache.jetspeed.portlets.sso.SSOIFramePortlet" %> +<%@ page import="org.apache.jetspeed.portlets.sso.SSOPortletUtil" %> + +<%! +private PasswordCredential getRemotePasswordCredential(PortletRequest portletRequest) +{ + PortletSession portletSession = portletRequest.getPortletSession(); + + if (portletSession != null) + { + SSOManager sso = (SSOManager)portletSession.getPortletContext().getAttribute("cps:SSO"); + String siteUrl = portletRequest.getPreferences().getValue("SRC", ""); + SSOSite site = sso.getSiteByUrl(siteUrl); + + if (site != null) + { + try + { + SSOUser remoteUser = SSOPortletUtil.getRemoteUser(sso, portletRequest, site); + + if (remoteUser != null) + { + PasswordCredential pwc = sso.getCredentials(remoteUser); + return pwc; + } + } + catch (SSOException e) + { + } + } + } + + return null; +} +%> + +<% +ResourceRequest resourceRequest = (ResourceRequest) request.getAttribute("javax.portlet.request"); + +PortletPreferences prefs = resourceRequest.getPreferences(); + +String userNameParam = prefs.getValue(SSOIFramePortlet.SSO_TYPE_FORM_USERNAME, "user"); +String passwordParam = prefs.getValue(SSOIFramePortlet.SSO_TYPE_FORM_PASSWORD, "password"); + +PasswordCredential remotePwc = getRemotePasswordCredential(resourceRequest); +String userName = (remotePwc != null ? remotePwc.getUserName() : ""); +String password = (remotePwc != null ? remotePwc.getPassword() : ""); + +String formArgs = prefs.getValue(SSOIFramePortlet.SSO_TYPE_FORM_ARGS, ""); + +String formAction = prefs.getValue(SSOIFramePortlet.SSO_TYPE_FORM_ACTION, ""); +String matrixArgs = StringUtils.substringAfter(formArgs, ";"); +if (!StringUtils.isBlank(matrixArgs)) +{ + formAction += (";" + matrixArgs); +} + +String ssoType = prefs.getValue(SSOIFramePortlet.SSO_TYPE, ""); +String formMethod = ("form.get".equals(ssoType) ? "GET" : "POST"); + +Map formArgMap = new HashMap(); + +String [] args = StringUtils.split(StringUtils.substringBefore(formArgs, ";"), "&"); + +for (String arg : args) +{ + String name = ""; + String value = ""; + String [] pair = StringUtils.split(arg, "="); + + if (pair.length > 0) + { + name = StringUtils.trim(StringUtils.defaultString(pair[0], "")); + } + + if (pair.length > 1) + { + value = StringUtils.trim(StringUtils.defaultString(pair[1], "")); + } + + formArgMap.put(name, value); +} +%> + + + + +
+ + +<% for (Map.Entry entry : formArgMap.entrySet()) { %> + +<% } %> + + + + +<% +resourceRequest.getPortletSession(true).setAttribute(SSOIFramePortlet.SSO_TYPE_FORM_AUTH_FLAG, Boolean.TRUE); +%> --------------------------------------------------------------------- To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org For additional commands, e-mail: jetspeed-dev-help@portals.apache.org