rave-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From zh...@apache.org
Subject svn commit: r1087520 [9/35] - in /incubator/rave/donations/ogce-gadget-container: ./ config/ config/shindig-1.1-BETA5/ config/shindig-2.0.0/ db-cleaner/ examples/ examples/src/ examples/src/main/ examples/src/main/java/ examples/src/main/java/cgl/ exam...
Date Fri, 01 Apr 2011 00:29:38 GMT
Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/CallbackHandlerImpl.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/CallbackHandlerImpl.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/CallbackHandlerImpl.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/CallbackHandlerImpl.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,98 @@
+package cgl.shindig.security;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+import java.io.IOException;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import com.google.inject.Inject;
+import cgl.shindig.usermanage.UserManager;
+
+public class CallbackHandlerImpl implements CallbackHandler {
+
+    private static final Logger log = LoggerFactory.getLogger(CallbackHandlerImpl.class);
+
+    private final Credentials credentials;
+    // private final PrincipalProviderRegistry principalProviderRegistry;
+    private final String adminId;
+    private final String anonymousId;
+
+    @Inject
+    private UserManager userManager;
+
+    public CallbackHandlerImpl(Credentials credentials,
+                               UserManager userManager,
+                               // PrincipalProviderRegistry principalProviderRegistry,
+                               String adminId, String anonymousId) {
+        this.credentials = credentials;
+        // this.principalProviderRegistry = principalProviderRegistry;
+        this.adminId = adminId;
+        this.anonymousId = anonymousId;
+        this.userManager = userManager;
+    }
+
+    /**
+     * @param callbacks
+     * @throws IOException
+     * @throws UnsupportedCallbackException
+     * @see CallbackHandler#handle(Callback[])
+     */
+    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+
+        for (Callback callback : callbacks) {
+            if (callback instanceof CredentialsCallback) {
+                ((CredentialsCallback) callback).setCredentials(credentials);
+            } else if (callback instanceof PortalCallback) {
+                PortalCallback pcb = (PortalCallback) callback;
+                pcb.setAdminId(adminId);
+                pcb.setAnonymousId(anonymousId);
+                pcb.setUserManager(userManager);
+            } else if (callback instanceof OSGPortalCallback) {
+                OSGPortalCallback pcb = (OSGPortalCallback) callback;
+                pcb.setAdminId(adminId);
+                pcb.setAnonymousId(anonymousId);
+                pcb.setUserManager(userManager);
+            }else if (credentials != null && credentials instanceof SimpleCredentials) {
+                SimpleCredentials simpleCreds = (SimpleCredentials) credentials;
+                if (callback instanceof NameCallback) {
+                    String userId = simpleCreds.getUserID();
+                    ((NameCallback) callback).setName(userId);
+                } else if (callback instanceof PasswordCallback) {
+                    char[] pw = simpleCreds.getPassword();
+                    ((PasswordCallback) callback).setPassword(pw);
+                }  else {
+                    throw new UnsupportedCallbackException(callback);
+                }
+            } else {
+                throw new UnsupportedCallbackException(callback);
+            }
+        }
+    }
+}
+

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/CertBasedLoginModule.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/CertBasedLoginModule.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/CertBasedLoginModule.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/CertBasedLoginModule.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,138 @@
+package cgl.shindig.security;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+import java.io.IOException;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+
+/**
+ * Login module that simply matches name and password to perform authentication.
+ * If successful, set principal to name and credential to "admin".
+ *
+ * @author Nicolas Fränkel
+ * @since 2 avr. 2009
+ */
+public class CertBasedLoginModule implements LoginModule {
+
+    /** Callback handler to store between initialization and authentication. */
+    private CallbackHandler handler;
+
+    /** Subject to store. */
+    private Subject subject;
+
+    /** Login name. */
+    private String login;
+
+    /**
+     * This implementation always return false.
+     *
+     * @see javax.security.auth.spi.LoginModule#abort()
+     */
+    public boolean abort() throws LoginException {
+        return false;
+    }
+
+    /**
+     * This is where, should the entire authentication process succeeds,
+     * principal would be set.
+     *
+     * @see javax.security.auth.spi.LoginModule#commit()
+     */
+    public boolean commit() throws LoginException {
+        try {
+        	UserPrincipal user = new UserPrincipal(login);
+            PlainRolePrincipal role = new PlainRolePrincipal("AuthorizedUser");
+            subject.getPrincipals().add(user);
+            subject.getPrincipals().add(role);
+            return true;
+        } catch (Exception e) {
+            throw new LoginException(e.getMessage());
+        }
+    }
+
+    /**
+     * This implementation ignores both state and options.
+     *
+     * @see javax.security.auth.spi.LoginModule#initialize(javax.security.auth.Subject,
+     *      javax.security.auth.callback.CallbackHandler, java.util.Map,
+     *      java.util.Map)
+     */
+    public void initialize(Subject aSubject, CallbackHandler aCallbackHandler, Map aSharedState, Map aOptions) {
+        handler = aCallbackHandler;
+        subject = aSubject;
+    }
+
+    /**
+     * This method checks whether the name and the password are the same.
+     *
+     * @see javax.security.auth.spi.LoginModule#login()
+     */
+    public boolean login() throws LoginException {
+
+        Callback[] callbacks = new Callback[2];
+        callbacks[0] = new NameCallback("login");
+        callbacks[1] = new PasswordCallback("password", true);
+
+        try {
+            handler.handle(callbacks);
+            String name = ((NameCallback) callbacks[0]).getName();
+            String password = String.valueOf(((PasswordCallback) callbacks[1]).getPassword());
+//            if (!name.equals(password)) {
+//                throw new LoginException("Authentication failed");
+//            }
+            login = name;
+            System.out.print("Username:" + name +"; password:" + password);
+            return true;
+        } catch (IOException e) {
+            throw new LoginException(e.getMessage());
+        } catch (UnsupportedCallbackException e) {
+            throw new LoginException(e.getMessage());
+        }
+    }
+
+    /**
+     * Clears subject from principal and credentials.
+     *
+     * @see javax.security.auth.spi.LoginModule#logout()
+     */
+    public boolean logout() throws LoginException {
+        try {
+        	UserPrincipal user = new UserPrincipal(login);
+            PlainRolePrincipal role = new PlainRolePrincipal("AuthorizedUser");
+            subject.getPrincipals().remove(user);
+            subject.getPrincipals().remove(role);
+            return true;
+        } catch (Exception e) {
+            throw new LoginException(e.getMessage());
+        }
+    }
+}

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/Credentials.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/Credentials.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/Credentials.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/Credentials.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,26 @@
+package cgl.shindig.security;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+public interface Credentials {
+}
+

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/CredentialsCallback.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/CredentialsCallback.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/CredentialsCallback.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/CredentialsCallback.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,51 @@
+package cgl.shindig.security;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+import javax.security.auth.callback.Callback;
+import java.io.Serializable;
+
+/**
+ * A <code>CredentialsCallback</code>
+ */
+public class CredentialsCallback implements Callback, Serializable {
+
+    private Credentials credentials;
+
+    /**
+     * Get the retrieved credentials.
+     *
+     * @return the retrieved credentials (which may be null)
+     */
+    public Credentials getCredentials() {
+        return credentials;
+    }
+
+    /**
+     * Set the retrieved credentials.
+     *
+     * @param credentials the retrieved credentials (which may be null)
+     */
+    public void setCredentials(Credentials credentials) {
+        this.credentials = credentials;
+    }
+}

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/CryptedSimpleCredentials.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/CryptedSimpleCredentials.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/CryptedSimpleCredentials.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/CryptedSimpleCredentials.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,157 @@
+package cgl.shindig.security;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+import java.io.UnsupportedEncodingException;
+import java.security.NoSuchAlgorithmException;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+import cgl.shindig.common.Text;
+
+public class CryptedSimpleCredentials implements Credentials {
+
+    private final String algorithm;
+    private final String cryptedPassword;
+    private final String userId;
+    private final Map<String, Object> attributes;
+
+    public CryptedSimpleCredentials(SimpleCredentials credentials)
+            throws NoSuchAlgorithmException, UnsupportedEncodingException {
+        userId = credentials.getUserID();
+        if (userId == null || userId.length() == 0) {
+            throw new IllegalArgumentException();
+        }
+        char[] pwd = credentials.getPassword();
+        if (pwd == null) {
+            throw new IllegalArgumentException();
+        }
+        String password = new String(pwd);
+        String algo =  getAlgorithm(password);
+        if (algo == null) {
+            // password is plain text
+            algorithm = SecurityConstants.DEFAULT_DIGEST;
+            cryptedPassword = crypt(password, algorithm);
+        } else {
+            // password is already encrypted
+            algorithm = algo;
+            cryptedPassword = password;
+        }
+
+        String[] attNames = credentials.getAttributeNames();
+        attributes = new HashMap<String, Object>(attNames.length);
+        for (String attName : attNames) {
+            attributes.put(attName, credentials.getAttribute(attName));
+        }
+    }
+
+    public CryptedSimpleCredentials(String userId, String password) throws NoSuchAlgorithmException, UnsupportedEncodingException {
+        if (userId == null || userId.length() == 0 || password == null) {
+            throw new IllegalArgumentException("Invalid userID or password. Neither may be null, the userID must have a length > 0.");
+        }
+        this.userId = userId;
+        String algo = getAlgorithm(password);
+        if (algo == null) {
+            // password is plain text
+            algorithm = SecurityConstants.DEFAULT_DIGEST;
+            cryptedPassword = crypt(password, algorithm);
+        } else {
+            // password is already encrypted
+            algorithm = algo;
+            cryptedPassword = password;
+        }
+        attributes = Collections.emptyMap();
+    }
+
+    public String getUserID() {
+        return userId;
+    }
+
+    public Object getAttribute(String name) {
+        return attributes.get(name);
+    }
+
+    public String[] getAttributeNames() {
+        return attributes.keySet().toArray(new String[attributes.size()]);
+    }
+
+    public String getAlgorithm() {
+        return algorithm;
+    }
+
+    public String getPassword() {
+        return cryptedPassword;
+    }
+
+    /**
+     * Compair this instance with an instance of SimpleCredentials.
+     * If one the other Credentials' Password is plain-text treies to encode
+     * it with the current Digest.
+     *
+     * @param credentials
+     * @return true if {@link SimpleCredentials#getUserID() UserID} and
+     * {@link SimpleCredentials#getPassword() Password} match.
+     * @throws NoSuchAlgorithmException
+     * @throws UnsupportedEncodingException
+     */
+    public boolean matches(SimpleCredentials credentials)
+            throws NoSuchAlgorithmException, UnsupportedEncodingException {
+
+        if (getUserID().matches(credentials.getUserID())) {
+            String toMatch = new String(credentials.getPassword());
+            String algr = getAlgorithm(toMatch);
+            
+            if (algr != null) {
+            	// the password in SimpleCredentials must not be encrypted.
+            	return false;
+            }
+
+            if (algr == null && algorithm != null) {
+                // uncrypted pw to match -> crypt with algorithm present here.
+                return crypt(toMatch, algorithm).equals(cryptedPassword);
+            }
+
+            // both pw to compare define a algorithm and are crypted
+            // -> simple comparison of the 2 password strings.
+            return toMatch.equals(cryptedPassword);
+        }
+        return false;
+    }
+
+    private static String crypt(String pwd, String algorithm)
+            throws NoSuchAlgorithmException, UnsupportedEncodingException {
+
+        StringBuffer password = new StringBuffer();
+        password.append("{").append(algorithm).append("}");
+        password.append(Text.digest(algorithm, pwd.getBytes("UTF-8")));
+        return password.toString();
+    }
+
+    private static String getAlgorithm(String password) {
+        int end = password.indexOf("}");
+        if (password.startsWith("{") && end > 0) {
+            return password.substring(1, end);
+        } else {
+            return null;
+        }
+    }
+}

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/DefaultLoginModule.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/DefaultLoginModule.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/DefaultLoginModule.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/DefaultLoginModule.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,85 @@
+package cgl.shindig.security;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+import java.security.Principal;
+import java.util.Map;
+
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.login.LoginException;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import cgl.shindig.usermanage.CredUser;
+import cgl.shindig.usermanage.UserManager;
+
+public class DefaultLoginModule extends AbstractLoginModule {
+
+    private static final Logger log = LoggerFactory.getLogger(DefaultLoginModule.class);
+
+    protected CredUser user;
+    private UserManager userManager;
+
+    protected void doInit(CallbackHandler callbackHandler,
+            UserManager userManager, Map options) throws LoginException {
+        try {
+            this.userManager = userManager;
+            if (this.userManager == null)
+            	log.error("userManager is null!");
+            else
+            	log.debug("- UserManager -> '" + userManager.getClass().getName() + "'");
+        } catch (Exception e) {
+            e.printStackTrace();
+            throw new LoginException("Unable to initialize LoginModule: " + e.getMessage());
+        }
+    }
+
+    protected Principal getPrincipal(Credentials credentials) {
+        Principal principal = null;
+        String userId = getUserID(credentials);
+        try {
+            user = userManager.getUser(userId);
+            principal = user.getPrincipal();
+        } catch (Exception e) {
+            // should not get here
+            log.warn("Error while retrieving principal.", e);
+        }
+        return principal;
+    }
+
+    /**
+     * @see AbstractLoginModule#getAuthentication(Principal, Credentials)
+     */
+    protected Authentication getAuthentication(Principal principal, Credentials creds)
+            throws AuthenticationException {
+        if (user != null) {
+            Authentication authentication = new SimpleCredentialsAuthentication(user);
+            if (authentication.canHandle(creds)) {
+                return authentication;
+            }
+        }
+        // no valid user or authentication could not handle the given credentials
+        return null;
+    }
+}
+

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/DefaultSecurityManager.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/DefaultSecurityManager.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/DefaultSecurityManager.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/DefaultSecurityManager.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,234 @@
+package cgl.shindig.security;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+import java.security.Principal;
+import java.util.Iterator;
+import java.util.Iterator;
+import java.util.Properties;
+
+import javax.security.auth.Subject;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import cgl.shindig.Portal;
+import cgl.shindig.config.BeanConfig;
+import cgl.shindig.config.BeanConfig;
+import cgl.shindig.config.ConfigurationException;
+import cgl.shindig.config.LoginModuleConfig;
+import cgl.shindig.config.SecurityConfig;
+import cgl.shindig.security.AdminPrincipal;
+import cgl.shindig.usermanage.NativeUserManager;
+import cgl.shindig.usermanage.OSGUserManager;
+import cgl.shindig.usermanage.User;
+import cgl.shindig.usermanage.UserManager;
+
+
+public class DefaultSecurityManager {
+
+    private static final Logger log = LoggerFactory.getLogger(DefaultSecurityManager.class);
+
+    private boolean initialized;
+
+    private Portal portal;
+
+    private UserManager systemUserManager;
+
+    protected String adminId;
+
+    private String anonymousId;
+
+    private AuthContextProvider authContextProvider;
+
+    public synchronized void init(Portal portal) throws Exception {
+        if (initialized) {
+            throw new IllegalStateException("already initialized");
+        }
+        if (!(portal instanceof Portal)) {
+            throw new Exception("Portal expected");
+        }
+        this.portal = portal;
+
+        // create the system userManager and make sure the system-users exist.
+        systemUserManager = createUserManager();
+        try {
+            createSystemUsers(systemUserManager, adminId, anonymousId);
+        } catch(Exception ex) {
+            //FIXME: Only should ignore the exception when the subsystem is 'osg'
+            log.warn("Exception was thrown during invocation of method '" +
+                    "createSystemUsers" + "'.", ex);
+        }
+
+        SecurityConfig config = this.portal.getConfig().getSecurityConfig();
+        LoginModuleConfig loginModConf = config.getLoginModuleConfig();
+
+        // build AuthContextProvider based on appName + optional LoginModuleConfig
+        authContextProvider = new AuthContextProvider(config.getAppName(), loginModConf);
+        if (authContextProvider.isLocal()) {
+            log.info("init: use Portal Login-Configuration for " + config.getAppName());
+        } else if (authContextProvider.isJAAS()) {
+            log.info("init: use JAAS login-configuration for " + config.getAppName());
+        } else {
+            String msg = "Neither JAAS nor RepositoryConfig contained a valid Configuriation for " + config.getAppName();
+            log.error(msg);
+            throw new Exception(msg);
+        }
+
+        Properties[] moduleConfig = authContextProvider.getModuleConfig();
+
+        // retrieve default-ids (admin and anonymous) from login-module-configuration.
+        for (Properties props : moduleConfig) {
+            if (props.containsKey(LoginModuleConfig.PARAM_ADMIN_ID)) {
+                adminId = props.getProperty(LoginModuleConfig.PARAM_ADMIN_ID);
+            }
+            if (props.containsKey(LoginModuleConfig.PARAM_ANONYMOUS_ID)) {
+                anonymousId = props.getProperty(LoginModuleConfig.PARAM_ANONYMOUS_ID);
+            }
+        }
+        // fallback:
+        if (adminId == null) {
+            log.debug("No adminID defined in LoginModule/JAAS config -> using default.");
+            adminId = SecurityConstants.ADMIN_ID;
+        }
+        if (anonymousId == null) {
+            log.debug("No anonymousID defined in LoginModule/JAAS config -> using default.");
+            anonymousId = SecurityConstants.ANONYMOUS_ID;
+        }
+
+        initialized = true;
+    }
+
+    protected UserManager createUserManager() {
+        // BeanConfig umc = portal.getConfig().getSecurityConfig().getSecurityManagerConfig().getUserManagerConfig();
+        // Properties config = null;
+        // if (umc != null) {
+        //     String clName = umc.getClassName();
+        //     if (clName != null && !(UserManager.class.getName().equals(clName) || clName.length() == 0)) {
+        //         log.warn("Unsupported custom UserManager implementation: '" + clName + "' -> Ignored.");
+        //     }
+        //     config = umc.getParameters();
+        // }
+        Properties config = 
+            portal.getConfig().getSecurityConfig().getSecurityManagerConfig().getUserManagerConfigProps();
+        if (config == null || config.getProperty("subsystem") == null) {
+            log.info("Native user manager is created");
+            return new NativeUserManager(adminId, config);
+        } else {
+            if (config.getProperty("subsystem").equalsIgnoreCase("native")) {
+                log.info("Native user manager is created");
+                return new NativeUserManager(adminId, config);
+            } else if (config.getProperty("subsystem").equalsIgnoreCase("osg")) {
+                log.info("OSG user manager is created");
+                return new OSGUserManager(adminId, config);
+            } else {
+                log.info("Native user manager is created");
+                return new NativeUserManager(adminId, config);
+            }
+        }
+    }
+
+    public void dispose(String workspaceName) {
+        checkInitialized();
+    }
+
+    public void close() {
+        checkInitialized();
+    }
+
+
+    public UserManager getUserManager() {
+        checkInitialized();
+        return systemUserManager;
+    }
+
+    public String getUserID(Subject subject) throws Exception {
+        checkInitialized();
+        /* shortcut if the subject contains the AdminPrincipal in which case
+           the userID is already known. */
+        if (!subject.getPrincipals(AdminPrincipal.class).isEmpty()) {
+            return adminId;
+        }
+        /*
+         Retrieve userID from the subject.
+         Since the subject may contain multiple principals and the principal
+         name must not be equals to the UserID by definition, the userID
+         may either be obtained from the login-credentials or from the
+         user manager. in the latter case the set of principals present with
+         the specified subject is used to search for the user.
+        */
+        String uid = null;
+        // try simple access to userID over SimpleCredentials first.
+        Iterator<SimpleCredentials> creds = subject.getPublicCredentials(
+                SimpleCredentials.class).iterator();
+        if (creds.hasNext()) {
+            SimpleCredentials sc = creds.next();
+            uid = sc.getUserID();
+        } else {
+            // no SimpleCredentials: retrieve authorizables corresponding to
+            // a non-group principal. the first one present is used to determine
+            // the userID.
+            for (Principal p : subject.getPrincipals()) {
+                User authorz = systemUserManager.getUser(p);
+                if (authorz != null ) {
+                    uid = authorz.getScreenname();
+                    break;
+                }
+            }
+        }
+        return uid;
+    }
+
+    public AuthContext getAuthContext(Credentials creds, 
+            UserManager userManager, Subject subject)
+            throws ConfigurationException {
+        checkInitialized();
+        return authContextProvider.getAuthContext(creds, subject, getUserManager(), adminId, anonymousId);
+    }
+
+    private static void createSystemUsers(UserManager userManager,
+            String adminId, String anonymousId)
+            throws Exception {
+        if (adminId != null) {
+            User admin = userManager.getUser(adminId);
+            if (admin == null) {
+                admin = userManager.createUser(adminId, adminId);
+                log.info("...created admin-user with id \'" + adminId + "\' ...");
+            }
+        }
+
+        if (anonymousId != null) {
+            User anonymous = userManager.getUser(anonymousId);
+            if (anonymous == null) {
+                userManager.createUser(anonymousId, "");
+                log.info("...created anonymous-user with id \'" + anonymousId + "\' ...");
+            }
+        }
+    }
+
+    private void checkInitialized() {
+        if (!initialized) {
+            throw new IllegalStateException("Not initialized");
+        }
+    }
+}
+

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/GuestCredentials.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/GuestCredentials.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/GuestCredentials.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/GuestCredentials.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,26 @@
+package cgl.shindig.security;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+public class GuestCredentials implements Credentials {
+}
+

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/JAASAuthContext.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/JAASAuthContext.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/JAASAuthContext.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/JAASAuthContext.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,75 @@
+package cgl.shindig.security;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+
+/**
+ * Implements the common {@link AuthContext} interface for the JAAS environment.
+ *
+ * @see AuthContext
+ */
+public class JAASAuthContext implements AuthContext {
+
+    private LoginContext context;
+
+    /**
+     * @param appName   application name in JAAS Login-Configuration to use
+     * @param cbHandler CallbackHandler for login-modules
+     * @param subject   to extend authentication
+     */
+    protected JAASAuthContext(String appName, CallbackHandler cbHandler,
+                              Subject subject) {
+
+        // make sure we are using our own context class loader when we
+        // instantiate a LoginContext. See bug# 14329.
+        Thread current = Thread.currentThread();
+        ClassLoader orig = current.getContextClassLoader();
+        try {
+            current.setContextClassLoader(JAASAuthContext.class.getClassLoader());
+            if (null == subject) {
+                context = new LoginContext(appName, cbHandler);
+            } else {
+                context = new LoginContext(appName, subject, cbHandler);
+            }
+        } catch (LoginException e) {
+            //all cases it is thrown are checked -> ignore
+        } finally {
+            current.setContextClassLoader(orig);
+        }
+    }
+
+    public void login() throws LoginException {
+        context.login();
+    }
+
+    public Subject getSubject() {
+        return context.getSubject();
+    }
+
+    public void logout() throws LoginException {
+        context.logout();
+    }
+}

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/LocalAuthContext.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/LocalAuthContext.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/LocalAuthContext.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/LocalAuthContext.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,117 @@
+package cgl.shindig.security;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.login.FailedLoginException;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import cgl.shindig.config.ConfigurationException;
+import cgl.shindig.config.LoginModuleConfig;
+
+/**
+ * Provide AuthContext interface, for a JAAS-LoginModule not running in
+ * a {@link javax.security.auth.login.LoginContext}
+ *
+ * @see AuthContext
+ */
+public class LocalAuthContext implements AuthContext {
+
+    private static final Logger log = LoggerFactory.getLogger(LocalAuthContext.class);
+
+    private Subject subject;
+
+    private LoginModuleConfig config;
+
+    private LoginModule module;
+
+    private final CallbackHandler cbHandler;
+
+    /**
+     * Create Context and set Subject to extend its authentication
+     *
+     * @param config    Condiguration to be used for the LoginModule
+     * @param cbHandler CallbackHandler for the LoginModule
+     * @param subject   Subject if a pre-authenticated exists
+     */
+    protected LocalAuthContext(LoginModuleConfig config,
+                               CallbackHandler cbHandler,
+                               Subject subject) {
+        this.config = config;
+        this.cbHandler = cbHandler;
+        this.subject = (null == subject) ? new Subject() : subject;
+    }
+
+    public void login() throws LoginException {
+        try {
+            module = config.getLoginModule();
+        } catch (ConfigurationException e) {
+            throw new LoginException(e.getMessage());
+        }
+
+        Map<String, Object> state = new HashMap<String, Object>();
+        Map<String, String> options = new HashMap<String, String>();
+        Properties parameters = config.getParameters();
+        Enumeration< ? > names = parameters.propertyNames();
+        while (names.hasMoreElements()) {
+            String name = (String) names.nextElement();
+            options.put(name, parameters.getProperty(name));
+        }
+        module.initialize(subject, cbHandler, state, options);
+
+        try {
+            if (!(module.login() && module.commit())) {
+                throw new FailedLoginException("LoginModule ignored Credentials");
+            }
+        } catch (LoginException le) {
+            module.abort();
+            throw le;
+        } catch (Exception e) {
+            module.abort();
+            LoginException le = new LoginException("LoginModule could not perform authentication: " +
+                    e.getMessage());
+            le.initCause(e);
+            log.debug("Login failed to runtime-exception: ", e);
+            throw le;
+        }
+    }
+
+    public Subject getSubject() {
+        return subject;
+    }
+
+    public void logout() throws LoginException {
+        if (subject != null) {
+            module.logout();
+        }
+    }
+}

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/OSGPortalCallback.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/OSGPortalCallback.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/OSGPortalCallback.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/OSGPortalCallback.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,79 @@
+package cgl.shindig.security;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+// import org.apache.jackrabbit.core.security.principal.PrincipalProviderRegistry;
+
+import javax.security.auth.callback.Callback;
+
+import cgl.shindig.usermanage.UserManager;
+
+
+public class OSGPortalCallback implements Callback {
+
+    // private Session session;
+    // private PrincipalProviderRegistry principalProviderRegistry;
+    private String adminId;
+    private String anonymousId;
+    private UserManager userManager;
+
+    public UserManager getUserManager(){
+        return this.userManager;
+    }
+
+    public void setUserManager(UserManager userManager) {
+        this.userManager=userManager;
+    }
+
+    // public void setSession(Session session) {
+    //     this.session = session;
+    // }
+
+    // public Session getSession() {
+    //     return session;
+    // }
+
+    // public void setPrincipalProviderRegistry(PrincipalProviderRegistry principalProviderRegistry) {
+    //     this.principalProviderRegistry = principalProviderRegistry;
+    // }
+
+    // public PrincipalProviderRegistry getPrincipalProviderRegistry() {
+    //     return principalProviderRegistry;
+    // }
+
+    public String getAdminId() {
+        return adminId;
+    }
+
+    public void setAdminId(String adminId) {
+        this.adminId = adminId;
+    }
+
+    public String getAnonymousId() {
+        return anonymousId;
+    }
+
+    public void setAnonymousId(String anonymousId) {
+        this.anonymousId = anonymousId;
+    }
+}
+

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/PlainRolePrincipal.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/PlainRolePrincipal.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/PlainRolePrincipal.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/PlainRolePrincipal.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,55 @@
+package cgl.shindig.security;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+import java.security.Principal;
+
+public class PlainRolePrincipal implements Principal {
+
+	String roleName;
+	
+	public PlainRolePrincipal(String name) {
+		roleName = name;
+	}
+	public String getName() {
+		return roleName;
+	}
+	
+    public String toString() {
+        return ("RolePrincipal: " + roleName);
+    }
+
+    public boolean equals(Object obj) {
+        if (this == obj) {
+            return true;
+        }
+        if (obj instanceof PlainRolePrincipal) {
+        	PlainRolePrincipal other = (PlainRolePrincipal) obj;
+            return roleName.equals(other.roleName);
+        }
+        return false;
+    }
+
+    public int hashCode() {
+        return roleName.hashCode();
+    }
+}

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/PortalCallback.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/PortalCallback.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/PortalCallback.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/PortalCallback.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,59 @@
+package cgl.shindig.security;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+import javax.security.auth.callback.Callback;
+
+import cgl.shindig.usermanage.UserManager;
+
+
+public class PortalCallback implements Callback {
+
+    private String adminId;
+    private String anonymousId;
+    private UserManager userManager;
+
+    public UserManager getUserManager(){
+        return this.userManager;
+    }
+
+    public void setUserManager(UserManager userManager) {
+        this.userManager=userManager;
+    }
+
+    public String getAdminId() {
+        return adminId;
+    }
+
+    public void setAdminId(String adminId) {
+        this.adminId = adminId;
+    }
+
+    public String getAnonymousId() {
+        return anonymousId;
+    }
+
+    public void setAnonymousId(String anonymousId) {
+        this.anonymousId = anonymousId;
+    }
+}
+

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/SecurityConstants.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/SecurityConstants.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/SecurityConstants.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/SecurityConstants.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,49 @@
+package cgl.shindig.security;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+/**
+ * This interface defines miscellaneous security related constants.
+ */
+public interface SecurityConstants {
+
+    /**
+     * The default principal name of the administrators group
+     */
+    String ADMINISTRATORS_NAME = "administrators";
+
+    /**
+     * The default userID of the administrator.
+     */
+    String ADMIN_ID = "admin";
+
+    /**
+     * The default userID for anonymous login
+     */
+    String ANONYMOUS_ID = "anonymous";
+
+    /**
+     * To be used for the encryption. E.g. for passwords in
+     * {@link SimpleCredentials#getPassword()}  SimpleCredentials}
+     */
+    String DEFAULT_DIGEST = "sha1";
+}

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/SimpleCredentials.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/SimpleCredentials.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/SimpleCredentials.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/SimpleCredentials.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,64 @@
+package cgl.shindig.security;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+import java.util.Map;
+import java.util.HashMap;
+import java.util.Set;
+
+public class SimpleCredentials implements Credentials {
+
+    private String userID = "";
+    private char[] password = null;
+    private Map<String, Object> attributes = new HashMap<String, Object>();
+
+    public SimpleCredentials(String userID, char[] password) {
+        this.userID = userID;
+        this.password = password;
+    }
+
+    public Object getAttribute(String name) {
+        return attributes.get(name);
+    }
+
+    public String[] getAttributeNames() {
+        Set<String> keys = attributes.keySet();
+        return keys.toArray(new String[0]);
+    }
+
+    public char[] getPassword() {
+        return password;
+    }
+
+    public String getUserID() {
+        return userID;
+    }
+
+    public void removeAttribute(String name) {
+        attributes.remove(name);
+    }
+
+    public void setAttribute(String name, Object value) {
+        attributes.put(name, value);
+    }
+}
+

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/SimpleCredentialsAuthentication.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/SimpleCredentialsAuthentication.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/SimpleCredentialsAuthentication.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/SimpleCredentialsAuthentication.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,103 @@
+package cgl.shindig.security;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import cgl.shindig.usermanage.CredUser;
+
+import java.io.UnsupportedEncodingException;
+import java.security.NoSuchAlgorithmException;
+
+class SimpleCredentialsAuthentication implements Authentication {
+
+    private static final Logger log = LoggerFactory.getLogger(SimpleCredentialsAuthentication.class);
+
+    private final CryptedSimpleCredentials creds;
+
+    /**
+     * Create an Authentication for this User
+     *
+     * @param user to create the Authentication for
+     */
+    SimpleCredentialsAuthentication(CredUser user) throws AuthenticationException {
+        Credentials creds = user.getCredentials();
+        if (creds instanceof CryptedSimpleCredentials) {
+            this.creds = (CryptedSimpleCredentials) creds;
+        } else if (creds instanceof SimpleCredentials) {
+            try {
+                this.creds = new CryptedSimpleCredentials((SimpleCredentials) creds);
+            } catch (NoSuchAlgorithmException e) {
+                throw new AuthenticationException(e);
+            } catch (UnsupportedEncodingException e) {
+                throw new AuthenticationException(e);
+            }
+        } else {
+            log.warn("No Credentials found with user " + user.getID());
+            this.creds = null;
+        }
+    }
+
+    //------------------------------------------------< Authentication >--------
+    /**
+     * This Authentication is able to handle the validation of SimpleCredentials.
+     *
+     * @param credentials to test
+     * @return <code>true</code> if the given Credentials are of type
+     *         {@link javax.jcr.SimpleCredentials SimpleCredentials} and if the
+     *         <code>User</code> used to construct this <code>Autentication</code>
+     *         has any SimpleCredentials
+     * @see Authentication#canHandle(Credentials)
+     */
+    public boolean canHandle(Credentials credentials) {
+        return creds != null && credentials instanceof SimpleCredentials;
+    }
+
+    /**
+     * Compairs any of the <code>SimpleCredentials</code> of the <code>User</code>
+     * with the one given.<br>
+     * If both, UserID and Password of the credentials are equal, the authentication
+     * succeded and <code>true</code> is returned;
+     *
+     * @param credentials Credentials to be used for the authentication.
+     * @return true if the given Credentials' UserID/Password pair match any
+     * of the credentials attached to the user this SimpleCredentialsAuthentication has
+     * been built for.
+     * @throws AuthenticationException
+     */
+    public boolean authenticate(Credentials credentials) throws AuthenticationException {
+        if (!(credentials instanceof SimpleCredentials)) {
+            throw new AuthenticationException("SimpleCredentials expected. Cannot handle " + credentials.getClass().getName());
+        }
+        try {
+            if (creds != null && creds.matches((SimpleCredentials) credentials)) {
+                return true;
+            }
+        } catch (NoSuchAlgorithmException e) {
+            log.debug("Failed to verify Credentials with {}: {} -> test next", credentials.toString(), e);
+        } catch (UnsupportedEncodingException e) {
+            log.debug("Failed to verify Credentials with {}: {} -> test next", credentials.toString(), e);
+        }
+        return false;
+    }
+}
+

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/UserPrincipal.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/UserPrincipal.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/UserPrincipal.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/security/UserPrincipal.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,74 @@
+package cgl.shindig.security;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+import java.io.Serializable;
+import java.security.Principal;
+
+/**
+ * A <code>UserPrincipal</code> ...
+ */
+public class UserPrincipal implements Principal, Serializable {
+
+    private final String name;
+    private static final long serialVersionUID = 384040549033267805L;
+
+    /**
+     * Creates a <code>UserPrincipal</code> with the given name.
+     *
+     * @param name the name of this principal
+     * @throws IllegalArgumentException if <code>name</code> is <code>null</code>.
+     */
+    public UserPrincipal(String name) throws IllegalArgumentException {
+        if (name == null || name.length() == 0) {
+            throw new IllegalArgumentException("name can not be null");
+        }
+        this.name = name;
+    }
+
+    public String toString() {
+        return ("UserPrincipal: " + name);
+    }
+
+    public boolean equals(Object obj) {
+        if (this == obj) {
+            return true;
+        }
+        if (obj instanceof UserPrincipal) {
+            UserPrincipal other = (UserPrincipal) obj;
+            return name.equals(other.name);
+        }
+        return false;
+    }
+
+    public int hashCode() {
+        return name.hashCode();
+    }
+
+    //------------------------------------------------------------< Principal >
+    /**
+     * {@inheritDoc}
+     */
+    public String getName() {
+        return name;
+    }
+}

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/sharing/servlet/PasteBinProxyServlet.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/sharing/servlet/PasteBinProxyServlet.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/sharing/servlet/PasteBinProxyServlet.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/sharing/servlet/PasteBinProxyServlet.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,169 @@
+package cgl.shindig.sharing.servlet;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+import java.net.URL;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Set;
+import java.util.logging.Logger;
+
+import javax.servlet.*;
+import javax.servlet.http.*;
+
+import org.apache.commons.httpclient.methods.PostMethod;
+
+import cgl.shindig.layoutmanager.servlet.ProxyServlet;
+import cgl.shindig.usermanage.*;
+
+/** 
+ * Post text to pastebin.
+ */
+public class PasteBinProxyServlet extends ProxyServlet {
+
+  private static Logger logger = Logger.getLogger(PasteBinProxyServlet.class.getName());
+
+  private static final String PASTEBIN_DOMAIN = "pastebin.com";
+  private static final String TARGET_URL_KEY = "targeturl";
+
+  private static final Set<String> allowedDomains = new HashSet<String>();
+  static {
+    allowedDomains.add(PASTEBIN_DOMAIN);
+  }
+
+  @Override
+  public void init(ServletConfig servletConfig) { // Get the proxy host
+  }
+
+  /**
+   * Check whether the authority is allowed.
+   */
+  private static boolean isAllowed (String authority) {
+    if (authority == null) return false;
+    for (Iterator<String> it = allowedDomains.iterator();
+        it.hasNext();) {
+      String domain = it.next();
+      if (authority.indexOf(domain) != -1)
+        return true;
+    }
+    return false;
+  }
+
+  private String proxyQueryString;
+
+  public String getProxyQueryString() {
+    return proxyQueryString;
+  }
+  public void setProxyQueryString(String queryString) {
+    this.proxyQueryString = queryString;
+  }
+
+  private void preprocess (HttpServletRequest req, HttpServletResponse resp) 
+      throws Exception {
+    String targetUrl = req.getParameter(TARGET_URL_KEY);
+    URL url = new URL(targetUrl);
+    if (!isAllowed(url.getAuthority()))
+      throw new Exception("Authority " + url.getAuthority() + " is not allowed");
+    String proxyHost = url.getProtocol() + "://" + url.getAuthority();
+    this.setProxyHost(proxyHost);
+    if (url.getPort() == -1)
+      this.setProxyPort(url.getDefaultPort());
+    else
+      this.setProxyPort(url.getPort());
+    this.setProxyPath(url.getPath());
+    this.setProxyQueryString(url.getQuery());
+
+    /**
+    logger.info("Proxy:" + "host:" + getProxyHost() + ";port:" +
+        getProxyPort() + ";path:" + getProxyPath());
+    */
+  }
+
+  @Override
+  public void doPost(HttpServletRequest httpRequest, 
+      HttpServletResponse httpResponse) {
+    try {
+      preprocess(httpRequest, httpResponse);
+    } catch(Exception ex) {
+      httpResponse.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+      try {
+        httpResponse.getWriter().write(ex.getMessage());
+      } catch(Exception e) { }
+      return;
+    }
+    try {
+      super.doPost(httpRequest, httpResponse);
+    } catch(Exception ex) {
+      httpResponse.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+      try {
+      httpResponse.getWriter().write(ex.getMessage());
+      } catch(Exception e) { }
+    }
+  }
+
+  @Override
+  public void doGet(HttpServletRequest httpRequest, 
+      HttpServletResponse httpResponse) {
+    try {
+      preprocess(httpRequest, httpResponse);
+    } catch(Exception ex) {
+      httpResponse.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+      try{
+        httpResponse.getWriter().write(ex.getMessage());
+      } catch(Exception e) { }
+      return;
+    }
+
+    try {
+      super.doGet(httpRequest, httpResponse);
+    } catch(Exception ex) {
+      httpResponse.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+      try{
+        httpResponse.getWriter().write(ex.getMessage());
+      } catch(Exception e) { }
+    }
+  }
+
+
+  @Override
+  protected String getProxyURL(HttpServletRequest httpServletRequest) {
+    // Set the protocol to HTTP
+    // String stringProxyURL = "http://" + this.getProxyHostAndPort();
+    String stringProxyURL = this.getProxyHostAndPort();
+    // Check if we are proxying to a path other that the document root
+    if(!this.getProxyPath().equalsIgnoreCase("")){
+      stringProxyURL += this.getProxyPath();
+    }
+    if (getProxyQueryString() != null && !getProxyQueryString().equals(""))
+      stringProxyURL += "?" + getProxyQueryString(); 
+    System.out.println("url!!!" + stringProxyURL);
+    return stringProxyURL;
+  }
+
+
+  @Override
+  protected void processPostBody (PostMethod postMethodProxyRequest,
+      HttpServletRequest httpServletRequest) {
+    handleStandardPost(postMethodProxyRequest, httpServletRequest);
+  }
+}
+

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/urltemplate/URLTemplate.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/urltemplate/URLTemplate.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/urltemplate/URLTemplate.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/urltemplate/URLTemplate.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,71 @@
+package cgl.shindig.urltemplate;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+import java.util.Collection;
+import java.net.URL;
+import cgl.shindig.common.UriBuilder;
+
+public class URLTemplate {
+    /* raw template string */
+    private String rawTemplateString;
+
+    // private URLTemplate
+    /** 
+     * Substitute  
+     * 
+     * @param params 
+     */
+    private void substitute (Collection<String> params) {
+    }
+
+	/**
+	 * get the value of rawTemplateString
+	 * @return the value of rawTemplateString
+	 */
+	public String getRawTemplateString(){
+		return this.rawTemplateString;
+	}
+	/**
+	 * set a new value to rawTemplateString
+	 * @param rawTemplateString the new value to be used
+	 */
+	public void setRawTemplateString(String rawTemplateString) {
+		this.rawTemplateString=rawTemplateString;
+	}
+}
+
+class URLTemplateRep {
+    private UriBuilder uriBuilder = new UriBuilder();
+
+    public URLTemplateRep (String urlText) {
+        uriBuilder = uriBuilder.parse(urlText);
+    }
+
+    public void substitute() {
+    }
+    public void substituteAuthority() {
+    }
+    public void substitutePath() {
+    }
+}
+

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/usermanage/AdminUser.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/usermanage/AdminUser.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/usermanage/AdminUser.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/usermanage/AdminUser.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,78 @@
+package cgl.shindig.usermanage;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+import java.util.Arrays;
+
+
+/** Bean which represents a admin user.
+  * Fields of the user structure are based on OpenID Simple Registration Extension.
+  */
+public class AdminUser{
+    private int     id;
+    private String  screenname;
+    private String  password;
+
+    public int      getId( ){ return id; }
+    public void     setId( int id ){ this.id = id; }
+    public String   getScreenname( ){ return this.screenname; }
+    public void     setScreenname( String sn ){ this.screenname = sn; }
+    public String   getPassword(){ return this.password; }
+    public void     setPassword( String password ){ this.password = password; }
+
+    public AdminUser(){}
+    public AdminUser( String sn, String pwd){
+        this.setScreenname(sn);
+        this.setPassword(pwd);
+    }
+
+    private boolean equalsString(String str1, String str2) {
+        if (str1 == null)
+            return str2 == null;
+        else
+            return str1.equals(str2);
+    }
+
+    private boolean equalsPassword(AdminUser user2) {
+        return equalsString(this.getPassword(), user2.getPassword());
+    }
+    private boolean equalsScreenName(AdminUser user2) {
+        return equalsString(this.getScreenname(), user2.getScreenname());
+    }
+
+    public boolean equals(Object obj) {
+        if (this == obj) return true;
+        if (obj instanceof AdminUser) {
+            AdminUser user2 = (AdminUser)obj;
+            return equalsScreenName(user2) && equalsPassword(user2);
+        } else {
+            return false;
+        }
+    }
+
+    public int hashCode() {
+        return Arrays.hashCode(new Object[]{
+            this.getScreenname(), this.getPassword()
+        });
+    }
+}
+

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/usermanage/CredUser.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/usermanage/CredUser.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/usermanage/CredUser.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/usermanage/CredUser.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,91 @@
+package cgl.shindig.usermanage;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+import java.io.UnsupportedEncodingException;
+import java.security.NoSuchAlgorithmException;
+import java.security.Principal;
+
+import cgl.shindig.security.Credentials;
+import cgl.shindig.security.CryptedSimpleCredentials;
+import cgl.shindig.security.SimpleCredentials;
+import cgl.shindig.security.UserPrincipal;
+
+public class CredUser extends User {
+
+    private Principal principal = null;
+    private Credentials credentials = null;
+    private String subSystem = "native";
+
+    public CredUser() {}
+
+    public CredUser(User user) {
+        this.setId(user.getId());
+        this.setFirstname(user.getFirstname());
+        this.setLastname(user.getLastname());
+        this.setDob(user.getDob());
+        this.setLastname(user.getLanguage());
+        this.setTimezone(user.getTimezone());
+        this.setEmail(user.getEmail());
+        this.setGender(user.getGender());
+        this.setPostcode(user.getPostcode());
+        this.setOpenid(user.getOpenid());
+        this.setNickname(user.getNickname());
+        this.setCountry(user.getCountry());
+        this.setScreenname(user.getScreenname());
+        this.setPassword(user.getPassword());
+    }
+
+    public Principal getPrincipal() {
+        if (principal == null) {
+            principal = new UserPrincipal(this.getScreenname());
+        }
+        return principal;
+    }
+
+    public Credentials getCredentials() {
+        if (credentials == null) { 
+			credentials = new SimpleCredentials(this.getScreenname(), this.getPassword().toCharArray());
+		}
+        return credentials;
+    }
+    
+    public String getID() {
+        return this.getScreenname();
+    }
+
+    /**
+     * get the value of subSystem
+     * @return the value of subSystem
+     */
+    public String getSubSystem(){
+        return this.subSystem;
+    }
+    /**
+     * set a new value to subSystem
+     * @param subSystem the new value to be used
+     */
+    public void setSubSystem(String subSystem) {
+        this.subSystem=subSystem;
+    }
+}
+

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/usermanage/GadgetUserPref.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/usermanage/GadgetUserPref.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/usermanage/GadgetUserPref.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/usermanage/GadgetUserPref.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,99 @@
+package cgl.shindig.usermanage;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+public class GadgetUserPref {
+    // this gadget belongs to which user
+    private String username;
+
+    // url of source of this gadget
+    private String gadgetsrc;
+
+    // user preference of this gadget
+    private String prefs;
+
+    // module id. One gadget can be added for multiple times by the same user.
+    private String moduleId;
+
+
+	/**
+	 * get the value of username
+	 * @return the value of username
+	 */
+	public String getUsername(){
+		return this.username;
+	}
+	/**
+	 * set a new value to username
+	 * @param username the new value to be used
+	 */
+	public void setUsername(String username) {
+		this.username=username;
+	}
+	/**
+	 * get the value of gadgetsrc
+	 * @return the value of gadgetsrc
+	 */
+	public String getGadgetsrc(){
+		return this.gadgetsrc;
+	}
+	/**
+	 * set a new value to gadgetsrc
+	 * @param gadgetsrc the new value to be used
+	 */
+	public void setGadgetsrc(String gadgetsrc) {
+		this.gadgetsrc=gadgetsrc;
+	}
+	/**
+	 * get the value of prefs
+	 * @return the value of prefs
+	 */
+	public String getPrefs(){
+		return this.prefs;
+	}
+	/**
+	 * set a new value to prefs
+	 * @param prefs the new value to be used
+	 */
+	public void setPrefs(String prefs) {
+		this.prefs=prefs;
+	}
+
+	/**
+	 * get the value of moduleId
+	 * @return the value of moduleId
+	 */
+	public String getModuleId(){
+		return this.moduleId;
+	}
+	/**
+	 * set a new value to moduleId
+	 * @param moduleId the new value to be used
+	 */
+	public void setModuleId(String moduleId) {
+		this.moduleId=moduleId;
+	}
+
+    // public abstract UserPrefEntry[] getUserPrefEntries();
+    // public abstract UserPrefEntry   getUserPrefEntry(String prefName);
+}
+

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/usermanage/GadgetUserPrefJSON.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/usermanage/GadgetUserPrefJSON.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/usermanage/GadgetUserPrefJSON.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/usermanage/GadgetUserPrefJSON.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,35 @@
+package cgl.shindig.usermanage;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+// import org.json.JSONObject;
+
+public class GadgetUserPrefJSON extends GadgetUserPref {
+    public UserPrefEntry[] getUserPrefEntries() {
+        return null;
+    }
+
+    public  UserPrefEntry   getUserPrefEntry(String prefName) {
+        return null;
+    }
+}
+

Added: incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/usermanage/NativeUserManager.java
URL: http://svn.apache.org/viewvc/incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/usermanage/NativeUserManager.java?rev=1087520&view=auto
==============================================================================
--- incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/usermanage/NativeUserManager.java (added)
+++ incubator/rave/donations/ogce-gadget-container/ishindig-webapp/src/main/java/cgl/shindig/usermanage/NativeUserManager.java Fri Apr  1 00:29:22 2011
@@ -0,0 +1,89 @@
+package cgl.shindig.usermanage;
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+
+import java.security.Principal;
+import java.util.List;
+import java.util.Properties;
+
+import cgl.shindig.usermanage.servlet.SignUp;
+
+import com.google.inject.Singleton;
+
+// @Singleton
+public class NativeUserManager implements UserManager {
+    private String adminID;
+
+    public NativeUserManager (String adminID, Properties configProps) {
+        this.adminID = adminID;
+    }
+
+    public CredUser getUser (String userid) throws Exception {
+        User user = UserDBMgr.getUserBySN(userid);
+        if (user == null)
+            return null;
+            // throw new Exception("could not find a user with id "+userid);
+        return new CredUser(user);
+    }
+
+    public CredUser getUserByEmail (String email) throws Exception {
+        User user = UserDBMgr.getUserByEmail(email);
+        if (user == null)
+            return null;
+            // throw new Exception("could not find a user with email " + email);
+        return new CredUser(user);
+    }
+
+    public CredUser getUser (Principal principal) throws Exception {
+        return getUser(principal.getName());
+    }
+    
+    public List<User> getAllUsers() throws Exception {
+        return UserDBMgr.getAllUsers();
+    }
+
+    public User createUser (String userId, String passwd) throws Exception {
+        User user = new User();
+        user.setFirstname("anonymous");
+        user.setLastname("anonymous");
+        user.setScreenname(userId);
+        user.setPassword(passwd);
+
+        if (false == UserDBMgr.insertUser(user)) {
+            throw new Exception("Cannot create new user " + userId + "/" +
+                    passwd);
+        } else {
+            return user;
+        }
+    }
+
+	public void insertUser(User user) throws Exception {
+		boolean succ = UserDBMgr.insertUser( user );
+		if( succ == true ){
+            // UserDBMgr.insertUILayout(new UILayout(user.getScreenname(), "[]"));
+            UserDBMgr.insertUILayout(new UILayout(user.getScreenname(), SignUp.defaultLayoutData));
+		} else {
+			
+		}
+	}
+}
+



Mime
View raw message