roller-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From snoopd...@apache.org
Subject svn commit: r918322 - in /roller/trunk/weblogger-web/src/main/webapp/WEB-INF: jsps/core/Login.jsp security.xml
Date Wed, 03 Mar 2010 04:16:43 GMT
Author: snoopdave
Date: Wed Mar  3 04:16:42 2010
New Revision: 918322

URL: http://svn.apache.org/viewvc?rev=918322&view=rev
Log:
Fix for remember me problem. As Greg suggested the <input> name and id values were wrong,
but there was also a chunk of XML missing from the Spring Security config file security.xml.

Also, did a bit of cleanup and remove the old LDAP/CAS configuration because it does not work
with Spring Security 2. Leaving it in the file might be confusing for folks trying to figure
out how to make Roller work with LDAP.

Modified:
    roller/trunk/weblogger-web/src/main/webapp/WEB-INF/jsps/core/Login.jsp
    roller/trunk/weblogger-web/src/main/webapp/WEB-INF/security.xml

Modified: roller/trunk/weblogger-web/src/main/webapp/WEB-INF/jsps/core/Login.jsp
URL: http://svn.apache.org/viewvc/roller/trunk/weblogger-web/src/main/webapp/WEB-INF/jsps/core/Login.jsp?rev=918322&r1=918321&r2=918322&view=diff
==============================================================================
--- roller/trunk/weblogger-web/src/main/webapp/WEB-INF/jsps/core/Login.jsp (original)
+++ roller/trunk/weblogger-web/src/main/webapp/WEB-INF/jsps/core/Login.jsp Wed Mar  3 04:16:42
2010
@@ -93,7 +93,7 @@
             <tr>
                 <td width="20%"></td>
                 <td width="80%">
-                    <input type="checkbox" name="rememberMe" id="rememberMe" />
+                    <input type="checkbox" name="_spring_security_remember_me" id="_spring_security_remember_me"
/>
                     <label for="rememberMe">
                         <s:text name="loginPage.rememberMe" />
                     </label>

Modified: roller/trunk/weblogger-web/src/main/webapp/WEB-INF/security.xml
URL: http://svn.apache.org/viewvc/roller/trunk/weblogger-web/src/main/webapp/WEB-INF/security.xml?rev=918322&r1=918321&r2=918322&view=diff
==============================================================================
--- roller/trunk/weblogger-web/src/main/webapp/WEB-INF/security.xml (original)
+++ roller/trunk/weblogger-web/src/main/webapp/WEB-INF/security.xml Wed Mar  3 04:16:42 2010
@@ -21,11 +21,11 @@
              xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
              http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.1-openidfix.xsd">
 
-<!--
-             xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
-              http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.1.xsd">
+    <!--
+xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd
+http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.1.xsd">
 -->
-                 
+
     <http auto-config="false" lowercase-comparisons="true" access-decision-manager-ref="accessDecisionManager">
         <intercept-url pattern="/images/**" filters="none"/>
         <intercept-url pattern="/scripts/**" filters="none"/>
@@ -37,21 +37,45 @@
         <intercept-url pattern="/roller-ui/authoring/**" access="admin,editor"/>
         <intercept-url pattern="/roller-ui/admin/**" access="admin"/>
         <intercept-url pattern="/rewrite-status*" access="admin"/>
-        
-        <!-- Uncomment the following for LDAP/SSO configuration -->
-        <!--intercept-url pattern="/roller-ui/user.do*" access="register"/-->
-        <form-login login-page="/roller-ui/login.rol" authentication-failure-url="/roller-ui/login.rol?error=true"

-        	login-processing-url="/roller_j_security_check"/>  
-        <remember-me user-service-ref="rollerUserService" key="715F2448-3176-11DD-ABC6-9CD955D89593"/>
-    </http>    
 
+        <form-login login-page="/roller-ui/login.rol"
+                    authentication-failure-url="/roller-ui/login.rol?error=true"
+                    login-processing-url="/roller_j_security_check"/>
+
+        <remember-me user-service-ref="rollerUserService"
+                     key="715F2448-3176-11DD-ABC6-9CD955D89593"/>
+    </http>
+
+
+    <!-- Read users from Roller API -->
+    <authentication-provider user-service-ref="rollerUserService"/>
+    <beans:bean id="rollerUserService"
+                class="org.apache.roller.weblogger.ui.core.security.RollerUserDetailsService"/>
+
+    <beans:bean id="accessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
+        <beans:property name="allowIfAllAbstainDecisions" value="false"/>
+        <beans:property name="decisionVoters">
+            <beans:list>
+                <beans:ref local="roleVoter"/>
+            </beans:list>
+        </beans:property>
+    </beans:bean>
+    <beans:bean id="roleVoter" class="org.springframework.security.vote.RoleVoter">
+        <beans:property name="rolePrefix" value=""/>
+    </beans:bean>
+
+    <beans:bean id="rememberMeAuthenticationProvider" class="org.springframework.security.providers.rememberme.RememberMeAuthenticationProvider">
+        <!-- This ensures that remember-me is added as an authentication provider -->
+        <custom-authentication-provider />
+        <beans:property name="key" value="springRocks"/>
+    </beans:bean>
 
+    <!-- OpenID -->
     <authentication-manager alias='authenticationManagerAlias'/>
     <beans:bean id = "openIDAuthProvider" class="org.springframework.security.providers.openid.OpenIDAuthenticationProvider">
         <custom-authentication-provider/>
         <beans:property name="userDetailsService" ref="rollerUserService"/>
     </beans:bean>
-
     <beans:bean id="openidAuthenticationProcessingFilter" class="org.apache.roller.weblogger.ui.core.filters.CustomOpenIDAuthenticationProcessingFilter">
         <beans:property name="defaultTargetUrl" value="/roller-ui/menu.rol"/>
         <beans:property name="filterProcessesUrl" value="/roller_j_openid_security_check"/>
@@ -60,122 +84,14 @@
                 <beans:prop key="org.springframework.security.userdetails.UsernameNotFoundException">/roller-ui/register.rol
                 </beans:prop>
                 <beans:prop key="org.springframework.security.BadCredentialsException">/roller-ui/login.rol?error=true
-                </beans:prop>  
+                </beans:prop>
                 <beans:prop key="org.springframework.security.AuthenticationException">/roller-ui/login.rol?error=true
                 </beans:prop>
             </beans:props>
-        </beans:property>   
-        <beans:property name="authenticationFailureUrl" value="/roller-ui/login.rol?error=true"/>
  
+        </beans:property>
+        <beans:property name="authenticationFailureUrl" value="/roller-ui/login.rol?error=true"/>
         <beans:property name="authenticationManager" ref="authenticationManagerAlias"/>
         <custom-filter position="OPENID_PROCESSING_FILTER"/>
     </beans:bean>
-  
-
-    <authentication-provider user-service-ref="rollerUserService"/>
-   
-    
-    <!-- Read users from Roller API -->
-    <beans:bean id="rollerUserService" class="org.apache.roller.weblogger.ui.core.security.RollerUserDetailsService"/>
-
 
-	<!-- It may be possible to get rid of the following two beans in a future version of
Spring Security. -->
-	<!-- See http://jira.springframework.org/browse/SEC-840 for more information. -->
-    <beans:bean id="accessDecisionManager" class="org.springframework.security.vote.AffirmativeBased">
-        <beans:property name="allowIfAllAbstainDecisions" value="false"/>
-        <beans:property name="decisionVoters">
-            <beans:list>
-                <beans:ref local="roleVoter"/>
-            </beans:list>
-        </beans:property>
-    </beans:bean>
-    <beans:bean id="roleVoter" class="org.springframework.security.vote.RoleVoter">
-        <beans:property name="rolePrefix" value=""/>
-    </beans:bean>
-       
-    <!-- TODO MR: Modify LDAP and CAS Configuration for Spring Security 2.0.x -->
-    
-    <!-- ===================== LDAP AUTHENTICATION ==================== -->
-    <!-- BEGIN: Sample LDAP/RollerDB hybrid security configuration
-    <bean id="initialDirContextFactory" class="org.springframework.security.ldap.DefaultInitialDirContextFactory">
-        <constructor-arg value="LDAP_URL"/>
-        <property name="managerDn" value="LDAP_USERNAME"/>
-        <property name="managerPassword" value="LDAP_PASSWORD"/>
-    </bean>
-                
-    <bean id="ldapUserSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
-        <constructor-arg index="0" value=""/>
-        <constructor-arg index="1" value="uid={0}"/>
-        <constructor-arg index="2" ref="initialDirContextFactory"/>         
-        <property name="searchSubtree" value="true"/>           
-    </bean>     
-
-    <bean id="ldapAuthProvider" class="org.springframework.security.providers.ldap.LdapAuthenticationProvider">
-        <constructor-arg>
-            <bean class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator">
-                <constructor-arg ref="initialDirContextFactory"/>
-                <property name="userSearch" ref="ldapUserSearch"/>
-            </bean>
-        </constructor-arg>
-        <constructor-arg ref="jdbcAuthoritiesPopulator"/>
-        <property name="userCache" ref="userCache"/>
-    </bean>    
-      
-    <bean id="jdbcAuthoritiesPopulator" class="org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator">
-        <property name="defaultRole" value="register"/>       
-    </bean>
-     -->
-    <!-- END Sample LDAP/RollerDB hybrid security configuration -->
-
-    <!-- ======================== CENTRAL AUTHENTICATION SERVICE (CAS) =======================
-->
-    <!-- BEGIN: Sample CAS/RollerDB hybrid security configuration
-    <bean id="casProcessingFilter" class="org.springframework.security.ui.cas.CasProcessingFilter">
-        <property name="authenticationManager" ref="authenticationManager"/>
-        <property name="authenticationFailureUrl" value="/roller-ui/login.rol?error=true"/>
-        <property name="defaultTargetUrl" value="/"/>
-        <property name="filterProcessesUrl" value="/roller_j_security_check"/>
-    </bean>
-   
-    <bean id="casProcessingFilterEntryPoint" class="org.springframework.security.ui.cas.CasProcessingFilterEntryPoint">
-        <property name="loginUrl" value="https://localhost:8443/cas/login"/>
-        <property name="serviceProperties" ref="serviceProperties"/>
-    </bean>
-    
-    <bean id="casAuthenticationProvider" class="org.springframework.security.providers.cas.CasAuthenticationProvider">
-        <property name="casAuthoritiesPopulator">
-            <bean class="org.apache.roller.weblogger.ui.core.security.RollerCasPopulator">
-                <property name="userDetailsService" ref="jdbcAuthenticationDao"/>
-            </bean> 
-        </property>
-        <property name="casProxyDecider" ref="casProxyDecider"/>
-        <property name="ticketValidator" ref="casProxyTicketValidator"/>
-        <property name="statelessTicketCache" ref="statelessTicketCache"/>
-        <property name="key" value="rollerlovesacegi"/>
-    </bean>
-   
-    <bean id="casProxyTicketValidator" class="org.springframework.security.providers.cas.ticketvalidator.CasProxyTicketValidator">
-        <property name="casValidate" value="https://localhost:8443/cas/proxyValidate"/>
-        <property name="proxyCallbackUrl" value="http://localhost:8080/roller/casProxy/receptor"/>
-        <property name="serviceProperties" ref="serviceProperties"/>
-        <property name="trustStore" value="/Library/Java/Home/lib/security/cacerts"/>
-    </bean>
-    
-    <bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
-    
-    <bean id="ticketCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean">
-       <property name="cacheManager" ref="cacheManager"/>
-       <property name="cacheName" value="ticketCache"/>
-    </bean>
-    
-    <bean id="statelessTicketCache" class="org.springframework.security.providers.cas.cache.EhCacheBasedTicketCache">
-        <property name="cache" ref="ticketCacheBackend"/>
-    </bean>
-    
-    <bean id="casProxyDecider" class="org.springframework.security.providers.cas.proxy.RejectProxyTickets"/>
-    
-    <bean id="serviceProperties" class="org.springframework.security.ui.cas.ServiceProperties">
-        <property name="service" value="http://localhost:8080/roller/roller_j_security_check"/>
-        <property name="sendRenew" value="false"/>
-    </bean>
-    -->
-    <!-- END Sample CAS/RollerDB hybrid security configuration -->
 </beans:beans>



Mime
View raw message