roller-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gma...@apache.org
Subject svn commit: r1516294 - in /roller/trunk: app/src/main/java/org/apache/roller/weblogger/ui/core/filters/ app/src/main/java/org/apache/roller/weblogger/ui/core/security/ app/src/main/resources/ app/src/main/webapp/WEB-INF/ app/src/test/resources/ docs/
Date Wed, 21 Aug 2013 20:23:03 GMT
Author: gmazza
Date: Wed Aug 21 20:23:02 2013
New Revision: 1516294

URL: http://svn.apache.org/r1516294
Log:
OpenID now working again on trunk (at least using only option, haven't checked hybrid OpenID/username
& password yet) updated Section 3.2 of User's Guide with a paragraph showing how to use
OpenID with a GooglePlus OpenID account.

Modified:
    roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/filters/CustomOpenIDAuthenticationProcessingFilter.java
    roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetailsService.java
    roller/trunk/app/src/main/resources/ApplicationResources.properties
    roller/trunk/app/src/main/webapp/WEB-INF/security.xml
    roller/trunk/app/src/test/resources/roller-jettyrun.properties
    roller/trunk/docs/roller-user-guide.odt

Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/filters/CustomOpenIDAuthenticationProcessingFilter.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/filters/CustomOpenIDAuthenticationProcessingFilter.java?rev=1516294&r1=1516293&r2=1516294&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/filters/CustomOpenIDAuthenticationProcessingFilter.java
(original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/filters/CustomOpenIDAuthenticationProcessingFilter.java
Wed Aug 21 20:23:02 2013
@@ -57,10 +57,11 @@ public class CustomOpenIDAuthenticationP
         // Processing standard OpenId user authentication    
         auth = (OpenIDAuthenticationToken) super.attemptAuthentication(req, rsp);
 
+        // auth will be null on the first pass of super.attemptAuthentication()
         if (auth != null) {
             GrantedAuthority ga = (GrantedAuthority) auth.getAuthorities().toArray()[0];
 
-            if (ga.getAuthority().equals("openidLogin")) {
+            if (ga.getAuthority().equals("rollerOpenidLogin")) {
 
                 /* TODO: when Spring Security 2.1 is released, we can uncomment
                  * this code, which will allow us to pre-populate the new user
@@ -79,13 +80,7 @@ public class CustomOpenIDAuthenticationP
                     sREGAttributesList);
                 */
 
-            } else {
-                // route user to new user registration page.
-                throw new UsernameNotFoundException("ERROR no user: openid authority not
found");
             }
-        } else {
-            // route user to new user registration page.
-            throw new UsernameNotFoundException("ERROR no user: openid authentication failed");
         }
         return auth;
     }

Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetailsService.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetailsService.java?rev=1516294&r1=1516293&r2=1516294&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetailsService.java
(original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/RollerUserDetailsService.java
Wed Aug 21 20:23:02 2013
@@ -31,14 +31,15 @@ public class RollerUserDetailsService im
             roller = WebloggerFactory.getWeblogger();
         } catch (Exception e) {
             // Should only happen in case of 1st time startup, setup required
-            log.debug("Ignorabale error getting Roller instance", e);
-            // Thowing a "soft" exception here allows setup to procede
+            log.debug("Ignorable error getting Roller instance", e);
+            // Thowing a "soft" exception here allows setup to proceed
             throw new UsernameNotFoundException("User info not available yet.");
         }
         try {
             UserManager umgr = roller.getUserManager();
             User userData = null;  
-            if (userName.startsWith("http://")) {
+            // OpenID user
+            if (userName.startsWith("http://") || userName.startsWith("https://")) {
                 if (userName.endsWith("/")) {
                     userName = userName.substring(0, userName.length() -1 );
                 }
@@ -54,11 +55,11 @@ public class RollerUserDetailsService im
                 ArrayList<SimpleGrantedAuthority> authorities;
                 
                 // We are not throwing UsernameNotFound exception in case of 
-                // openid authentication in order to recieve user SREG attributes 
-                // from the authentication filter and save them                
+                // openid authentication in order to receive OpenID Simple Registration (SREG)
+                // attributes from the authentication filter and save them
                 if (userData == null) {
                      authorities = new ArrayList<SimpleGrantedAuthority>(1);
-                     SimpleGrantedAuthority g = new SimpleGrantedAuthority("openidLogin");
+                     SimpleGrantedAuthority g = new SimpleGrantedAuthority("rollerOpenidLogin");
                      authorities.add(g);
                      name = "openid";
                      password = "openid";
@@ -72,6 +73,7 @@ public class RollerUserDetailsService im
                 return  usr;
                 
             } else {
+                // standard username/password auth
                 try {
                     userData = umgr.getUserByUserName(userName);
                 } catch (WebloggerException ex) {

Modified: roller/trunk/app/src/main/resources/ApplicationResources.properties
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/resources/ApplicationResources.properties?rev=1516294&r1=1516293&r2=1516294&view=diff
==============================================================================
--- roller/trunk/app/src/main/resources/ApplicationResources.properties (original)
+++ roller/trunk/app/src/main/resources/ApplicationResources.properties Wed Aug 21 20:23:02
2013
@@ -569,8 +569,7 @@ error.trackbackNotAllowed=Error sending 
 does not permit sending tracbacks to the URL you specified.
 
 error.title.403=Access Denied
-error.text.403=You do not have the privilege necessary to access the page you \
-requested.
+error.text.403=You do not have the privileges necessary to access the requested page.
 
 error.title.404=Sorry! We couldn''t find your document
 error.text.404=The file that you requested could not be found on this server. 
@@ -1916,9 +1915,8 @@ userRegister.heading.authentication=How 
 userRegister.tip.openid.disabled=Enter a password to be used when you login \
 and confirm that password by entering it a second time.
 
-userRegister.tip.openid.hybrid=You can choose to login via password only you \
-can by OpenID only, or you can specify both if you would to be able to login \
-both ways. For more information about OpenID see \
+userRegister.tip.openid.hybrid=You can choose to login via username/password or \
+OpenID.  For more information about OpenID see \
 <a href=\"http://openid.net\">http://openid.net</a>.
 
 userRegister.tip.openid.only=This site uses only OpenID for logins, so please \
@@ -1929,7 +1927,6 @@ userRegister.tip.password=Your password.
 userRegister.tip.passwordConfirm=Confirm your password.
 userRegister.tip.openIdUrl=Your OpenID identifier (in the form of a URL).
 
-
 userRegister.heading.locale=What are your locale and timezone settings?
 
 userRegister.tip.localeAndTimeZone=We have attempted to guess your preferred \

Modified: roller/trunk/app/src/main/webapp/WEB-INF/security.xml
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/webapp/WEB-INF/security.xml?rev=1516294&r1=1516293&r2=1516294&view=diff
==============================================================================
--- roller/trunk/app/src/main/webapp/WEB-INF/security.xml (original)
+++ roller/trunk/app/src/main/webapp/WEB-INF/security.xml Wed Aug 21 20:23:02 2013
@@ -55,14 +55,15 @@
             </beans:list>
         </beans:property>
     </beans:bean>
+
     <beans:bean id="roleVoter" class="org.springframework.security.access.vote.RoleVoter">
         <beans:property name="rolePrefix" value=""/>
     </beans:bean>
 
     <!-- Read users from Roller API -->
     <authentication-manager alias='rollerAuthenticationManager'>
-        <authentication-provider user-service-ref="rollerUserService"/>
         <authentication-provider ref="rememberMeAuthenticationProvider"/>
+        <authentication-provider user-service-ref="rollerUserService"/>
         <authentication-provider ref="openIDAuthProvider"/>
     </authentication-manager>
 
@@ -80,7 +81,6 @@
 
     <beans:bean id="openidAuthenticationProcessingFilter"
                 class="org.apache.roller.weblogger.ui.core.filters.CustomOpenIDAuthenticationProcessingFilter">
-        <beans:property name="claimedIdentityFieldName" value="openid_identifier"/>
         <beans:property name="filterProcessesUrl" value="/roller_j_openid_security_check"/>
         <beans:property name="authenticationManager" ref="rollerAuthenticationManager"/>
         <beans:property name="authenticationSuccessHandler" ref="myAuthenticationSuccessHandler"/>

Modified: roller/trunk/app/src/test/resources/roller-jettyrun.properties
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/test/resources/roller-jettyrun.properties?rev=1516294&r1=1516293&r2=1516294&view=diff
==============================================================================
--- roller/trunk/app/src/test/resources/roller-jettyrun.properties (original)
+++ roller/trunk/app/src/test/resources/roller-jettyrun.properties Wed Aug 21 20:23:02 2013
@@ -3,7 +3,7 @@
 installation.type=auto
 planet.aggregator.enabled=true
 
-# hybrid and only are other options
+# openid options: disabled, hybrid and only
 authentication.openid=disabled
 
 database.configurationType=jdbc

Modified: roller/trunk/docs/roller-user-guide.odt
URL: http://svn.apache.org/viewvc/roller/trunk/docs/roller-user-guide.odt?rev=1516294&r1=1516293&r2=1516294&view=diff
==============================================================================
Binary files - no diff available.



Mime
View raw message