roller-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gma...@apache.org
Subject svn commit: r1615269 - in /roller/trunk/app/src: main/java/org/apache/roller/weblogger/config/ main/java/org/apache/roller/weblogger/ui/core/security/ main/java/org/apache/roller/weblogger/ui/struts2/admin/ main/java/org/apache/roller/weblogger/ui/stru...
Date Fri, 01 Aug 2014 23:37:19 GMT
Author: gmazza
Date: Fri Aug  1 23:37:18 2014
New Revision: 1615269

URL: http://svn.apache.org/r1615269
Log:
Switched auth methods to a single authentication.method flag & AuthMethod enum; tested
with LDAP and regular DB; change works w/OpenID but OpenID itself needs fixing (problems unrelated
to this commit).

Added:
    roller/trunk/app/src/main/java/org/apache/roller/weblogger/config/AuthMethod.java
Modified:
    roller/trunk/app/src/main/java/org/apache/roller/weblogger/config/WebloggerConfig.java
    roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java
    roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/admin/ModifyUser.java
    roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Login.java
    roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/MainMenu.java
    roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Profile.java
    roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Register.java
    roller/trunk/app/src/main/resources/ApplicationResources.properties
    roller/trunk/app/src/main/resources/org/apache/roller/weblogger/config/roller.properties
    roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Login.jsp
    roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Profile.jsp
    roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Register.jsp
    roller/trunk/app/src/main/webapp/WEB-INF/jsps/tiles/bannerStatus.jsp
    roller/trunk/app/src/test/resources/roller-custom.properties
    roller/trunk/app/src/test/resources/roller-jettyrun.properties

Added: roller/trunk/app/src/main/java/org/apache/roller/weblogger/config/AuthMethod.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/config/AuthMethod.java?rev=1615269&view=auto
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/config/AuthMethod.java (added)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/config/AuthMethod.java Fri
Aug  1 23:37:18 2014
@@ -0,0 +1,47 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  The ASF licenses this file to You
+ * under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.  For additional information regarding
+ * copyright in this work, please see the NOTICE file in the top level
+ * directory of this distribution.
+ */
+package org.apache.roller.weblogger.config;
+
+public enum AuthMethod {
+    ROLLERDB("db"),
+    LDAP("ldap"),
+    OPENID("openid"),
+    DB_OPENID("db-openid"),
+    CMA("cma");
+
+    private final String propertyName;
+
+    AuthMethod(String propertyName) {
+        this.propertyName = propertyName;
+    }
+
+    public String getPropertyName() {
+        return propertyName;
+    }
+
+    public static AuthMethod getAuthMethod(String propertyName) {
+        for (AuthMethod test : AuthMethod.values()) {
+            if (test.getPropertyName().equals(propertyName)) {
+                return test;
+            }
+        }
+        throw new IllegalArgumentException("Unknown authentication.method property value:
"
+                + propertyName + " defined in Roller properties file.");
+    }
+
+}

Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/config/WebloggerConfig.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/config/WebloggerConfig.java?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/config/WebloggerConfig.java
(original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/config/WebloggerConfig.java
Fri Aug  1 23:37:18 2014
@@ -160,7 +160,7 @@ public final class WebloggerConfig {
     public static String getProperty(String key) {
         log.debug("Fetching property ["+key+"="+config.getProperty(key)+"]");
         String value = config.getProperty(key);
-        return value == null ? value : value.trim();
+        return value == null ? null : value.trim();
     }
     
     /**
@@ -274,5 +274,17 @@ public final class WebloggerConfig {
             config.setProperty("themes.dir", path);
         }
     }
+
+    /**
+     * Return the value of the authentication.method property as an AuthMethod
+     * enum value.  Matching is done by checking the propertyName of each AuthMethod
+     * enum object.
+     * <p />
+     * @throws IllegalArgumentException if property value defined in the properties
+     * file is missing or not the property name of any AuthMethod enum object.
+     */
+    public static AuthMethod getAuthMethod() {
+        return AuthMethod.getAuthMethod(getProperty("authentication.method"));
+    }
     
 }

Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java
(original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java
Fri Aug  1 23:37:18 2014
@@ -26,6 +26,7 @@ import javax.naming.directory.Attribute;
 import javax.naming.directory.Attributes;
 import javax.servlet.http.HttpServletRequest;
 
+import org.apache.roller.weblogger.config.AuthMethod;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.UserDetails;
@@ -58,9 +59,9 @@ public class CustomUserRegistry {
 
     public static User getUserDetailsFromAuthentication(HttpServletRequest request) {
 
-        boolean usingSSO = WebloggerConfig.getBooleanProperty("users.sso.enabled");
-        if(!usingSSO) {
-            LOG.info("SSO is not enabled. Skipping CustomUserRegistry functionality.");
+        boolean usingLDAP = WebloggerConfig.getAuthMethod() == AuthMethod.LDAP;
+        if (!usingLDAP) {
+            LOG.info("LDAP is not enabled. Skipping CustomUserRegistry functionality.");
             return null;
         }
         

Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/admin/ModifyUser.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/admin/ModifyUser.java?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/admin/ModifyUser.java
(original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/admin/ModifyUser.java
Fri Aug  1 23:37:18 2014
@@ -27,6 +27,7 @@ import org.apache.commons.logging.LogFac
 import org.apache.roller.weblogger.WebloggerException;
 import org.apache.roller.weblogger.business.WebloggerFactory;
 import org.apache.roller.weblogger.business.UserManager;
+import org.apache.roller.weblogger.config.AuthMethod;
 import org.apache.roller.weblogger.config.WebloggerConfig;
 import org.apache.roller.weblogger.pojos.GlobalPermission;
 import org.apache.roller.weblogger.pojos.User;
@@ -42,8 +43,6 @@ public class ModifyUser extends UIAction
     
     private static Log log = LogFactory.getLog(ModifyUser.class);
 
-    private static final boolean IS_CMA = WebloggerConfig.getBooleanProperty("authentication.cma.enabled");
-    
     // user we are modifying
     private User user = new User();
     
@@ -51,8 +50,7 @@ public class ModifyUser extends UIAction
     private CreateUserBean bean = new CreateUserBean();
     
     private String userName = null;
-    
-    
+
     public ModifyUser() {
         this.actionName = "modifyUser";
         this.desiredMenu = "admin";
@@ -164,7 +162,7 @@ public class ModifyUser extends UIAction
                     
                 }
             
-                if (!IS_CMA) {
+                if (!AuthMethod.CMA.equals(WebloggerConfig.getAuthMethod())) {
                     RollerContext.flushAuthenticationUserCache(getUser().getUserName());
                 }
 

Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Login.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Login.java?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Login.java
(original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Login.java
Fri Aug  1 23:37:18 2014
@@ -18,6 +18,7 @@
 
 package org.apache.roller.weblogger.ui.struts2.core;
 
+import org.apache.roller.weblogger.config.AuthMethod;
 import org.apache.roller.weblogger.config.WebloggerConfig;
 import org.apache.roller.weblogger.ui.struts2.util.UIAction;
 
@@ -36,6 +37,8 @@ public class Login extends UIAction {
     
     private String error = null;
 
+    private AuthMethod authMethod = WebloggerConfig.getAuthMethod();
+
     public Login() {
         this.pageTitle = "loginPage.title";
     }
@@ -50,10 +53,10 @@ public class Login extends UIAction {
         return false;
     }
 
-    public String getOpenIdConfiguration() {
-        return WebloggerConfig.getProperty("authentication.openid");
+    public String getAuthMethod() {
+        return authMethod.name();
     }
-    
+
     public String execute() {
         
         // set action error message if there was login error

Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/MainMenu.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/MainMenu.java?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/MainMenu.java
(original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/MainMenu.java
Fri Aug  1 23:37:18 2014
@@ -65,8 +65,6 @@ public class MainMenu extends UIAction {
             UserManager umgr = WebloggerFactory.getWeblogger().getUserManager();
             WeblogManager wmgr = WebloggerFactory.getWeblogger().getWeblogManager();
             Weblog weblog = wmgr.getWeblog(getInviteId());      
-            // TODO ROLLER_2.0: notify inviter that invitee has accepted invitation
-            // TODO EXCEPTIONS: better exception handling
             umgr.confirmWeblogPermission(weblog, getAuthenticatedUser());
             WebloggerFactory.getWeblogger().flush();
 

Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Profile.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Profile.java?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Profile.java
(original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Profile.java
Fri Aug  1 23:37:18 2014
@@ -23,6 +23,7 @@ import org.apache.commons.logging.LogFac
 import org.apache.roller.weblogger.WebloggerException;
 import org.apache.roller.weblogger.business.WebloggerFactory;
 import org.apache.roller.weblogger.business.UserManager;
+import org.apache.roller.weblogger.config.AuthMethod;
 import org.apache.roller.weblogger.config.WebloggerConfig;
 import org.apache.roller.weblogger.pojos.User;
 import org.apache.roller.weblogger.pojos.UserAttribute;
@@ -38,12 +39,8 @@ public class Profile extends UIAction {
     private static Log log = LogFactory.getLog(Profile.class);
     
     private ProfileBean bean = new ProfileBean();
-    private String openIdConfiguration = 
-        WebloggerConfig.getProperty("authentication.openid");
-    private boolean usingSso = 
-        WebloggerConfig.getBooleanProperty("users.sso.enabled");
-            
-    
+    private AuthMethod authMethod = WebloggerConfig.getAuthMethod();
+
     public Profile() {
         this.pageTitle = "yourProfile.title";
     }
@@ -140,7 +137,6 @@ public class Profile extends UIAction {
         return INPUT;
     }
 
-    
     public void myValidate() {
         // check that passwords match if they were specified (w/StringUtils.equals, null
== null)
         if (!StringUtils.equals(getBean().getPasswordText(), getBean().getPasswordConfirm()))
{
@@ -148,8 +144,8 @@ public class Profile extends UIAction {
         }
     }
 
-    public String getOpenIdConfiguration() {
-        return openIdConfiguration;
+    public String getAuthMethod() {
+        return authMethod.name();
     }
     
     public ProfileBean getBean() {
@@ -159,8 +155,4 @@ public class Profile extends UIAction {
     public void setBean(ProfileBean bean) {
         this.bean = bean;
     }
-    
-    public boolean getUsingSso() {
-        return this.usingSso;
-    }
 }

Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Register.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Register.java?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Register.java
(original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Register.java
Fri Aug  1 23:37:18 2014
@@ -29,6 +29,7 @@ import org.apache.commons.logging.LogFac
 import org.apache.roller.weblogger.WebloggerException;
 import org.apache.roller.weblogger.business.WebloggerFactory;
 import org.apache.roller.weblogger.business.UserManager;
+import org.apache.roller.weblogger.config.AuthMethod;
 import org.apache.roller.weblogger.config.WebloggerConfig;
 import org.apache.roller.weblogger.config.WebloggerRuntimeConfig;
 import org.apache.roller.weblogger.pojos.User;
@@ -58,8 +59,9 @@ public class Register extends UIAction i
 
     // this is a no-no, we should not need this
     private HttpServletRequest servletRequest = null;
-    
-    private boolean fromSSO = false;
+
+    private AuthMethod authMethod = WebloggerConfig.getAuthMethod();
+
     private String activationStatus = null;
     
     private String activationCode = null;
@@ -79,10 +81,10 @@ public class Register extends UIAction i
         return false;
     }
     
-    public String getOpenIdConfiguration() {
-        return WebloggerConfig.getProperty("authentication.openid");
+    public String getAuthMethod() {
+        return authMethod.name();
     }
-    
+
     @SkipValidation
     public String execute() {
         
@@ -139,21 +141,19 @@ public class Register extends UIAction i
             
         try {
 
-            boolean usingSSO = WebloggerConfig.getBooleanProperty("users.sso.enabled");
-            if (usingSSO) {
+            if (WebloggerConfig.getAuthMethod() == AuthMethod.LDAP) {
                 // See if user is already logged in via Spring Security
                 User fromSSOUser = CustomUserRegistry.getUserDetailsFromAuthentication(getServletRequest());
                 if (fromSSOUser != null) {
                     // Copy user details from Spring Security, including LDAP attributes
                     getBean().copyFrom(fromSSOUser);
-                    setFromSSO(true);
                 }
+            } else if (WebloggerConfig.getAuthMethod() == AuthMethod.CMA) {
                 // See if user is already logged in via CMA
-                else if (getServletRequest().getUserPrincipal() != null) {
+                if (getServletRequest().getUserPrincipal() != null) {
                     // Only detail we get is username, sadly no LDAP attributes
                     getBean().setUserName(getServletRequest().getUserPrincipal().getName());
                     getBean().setScreenName(getServletRequest().getUserPrincipal().getName());
-                    setFromSSO(true);
                 }
             }
             
@@ -274,7 +274,7 @@ public class Register extends UIAction i
 
             } catch (WebloggerException ex) {
                 log.error("Error adding new user", ex);
-                addError("Error adding new user");
+                addError("generic.system.error");
             }
         }
         
@@ -326,8 +326,7 @@ public class Register extends UIAction i
     public void myValidate() {
         
         // if usingSSO, we don't want to error on empty password/username from HTML form.
-        setFromSSO(false);
-        boolean usingSSO = WebloggerConfig.getBooleanProperty("users.sso.enabled");
+        boolean usingSSO = authMethod == AuthMethod.LDAP || authMethod == AuthMethod.CMA;
         if (usingSSO) {
             boolean storePassword = WebloggerConfig.getBooleanProperty("users.sso.passwords.save");
             String password = WebloggerConfig.getProperty("users.sso.passwords.defaultValue",
"<unknown>");
@@ -341,7 +340,6 @@ public class Register extends UIAction i
                 getBean().setPasswordText(password);
                 getBean().setPasswordConfirm(password);
                 getBean().setUserName(fromSSOUser.getUserName());
-                setFromSSO(true);
             }
 
             // Preserve username and password, CMA case             
@@ -349,7 +347,6 @@ public class Register extends UIAction i
                 getBean().setUserName(getServletRequest().getUserPrincipal().getName());
                 getBean().setPasswordText(password);
                 getBean().setPasswordConfirm(password);
-                setFromSSO(true);
             }
         }
         
@@ -365,14 +362,15 @@ public class Register extends UIAction i
         }
         
         // check password, it is required if OpenID and SSO are disabled
-        if (getOpenIdConfiguration().equals("disabled") && !getFromSSO()
+        if (AuthMethod.ROLLERDB.name().equals(getAuthMethod())
                 && StringUtils.isEmpty(getBean().getPasswordText())) {
                 addError("error.add.user.passwordEmpty");
                 return;
         }
         
         // User.password does not allow null, so generate one
-        if (getOpenIdConfiguration().equals("only")) {
+        if (getAuthMethod().equals(AuthMethod.OPENID.name()) ||
+                (getAuthMethod().equals(AuthMethod.DB_OPENID.name()) && !StringUtils.isEmpty(getBean().getOpenIdUrl())))
{
             String randomString = RandomStringUtils.randomAlphanumeric(255);
             getBean().setPasswordText(randomString);
             getBean().setPasswordConfirm(randomString);
@@ -380,7 +378,7 @@ public class Register extends UIAction i
         
         // check that passwords match 
         if (!getBean().getPasswordText().equals(getBean().getPasswordConfirm())) {
-            addError("Register.error.passowordMismatch");
+            addError("userRegister.error.mismatchedPasswords");
         }
         
         // check that username is not taken
@@ -394,7 +392,7 @@ public class Register extends UIAction i
                 }
             } catch (WebloggerException ex) {
                 log.error("error checking for user", ex);
-                addError("Unexpected error checking user -- check Roller logs");
+                addError("generic.system.error");
             }
         }
     }
@@ -416,14 +414,6 @@ public class Register extends UIAction i
         this.bean = bean;
     }
 
-    public boolean getFromSSO() {
-        return fromSSO;
-    }
-
-    public void setFromSSO(boolean fromSSO) {
-        this.fromSSO = fromSSO;
-    }
-
     public String getActivationStatus() {
         return activationStatus;
     }

Modified: roller/trunk/app/src/main/resources/ApplicationResources.properties
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/resources/ApplicationResources.properties?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/resources/ApplicationResources.properties (original)
+++ roller/trunk/app/src/main/resources/ApplicationResources.properties Fri Aug  1 23:37:18
2014
@@ -1392,8 +1392,8 @@ userRegister.tip.openid.disabled=Enter a
 and confirm that password by entering it a second time.
 
 userRegister.tip.openid.hybrid=You can choose to login via username/password or \
-OpenID.  For more information about OpenID see \
-<a href=\"http://openid.net\">http://openid.net</a>.
+<a href=\"http://openid.net\">OpenID</a>.  If you choose the latter, leave \
+the password fields blank.
 
 userRegister.tip.openid.only=This site uses only OpenID for logins, so please \
 specify your OpenID identifier below. For more information about OpenID see \

Modified: roller/trunk/app/src/main/resources/org/apache/roller/weblogger/config/roller.properties
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/resources/org/apache/roller/weblogger/config/roller.properties?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/resources/org/apache/roller/weblogger/config/roller.properties
(original)
+++ roller/trunk/app/src/main/resources/org/apache/roller/weblogger/config/roller.properties
Fri Aug  1 23:37:18 2014
@@ -322,19 +322,21 @@ cache.salt.timeout=3600
 # Security settings
 #-----------------------------------------------------------------------------
 
+# Top-level authentication declaration for Apache Roller.  Introduced in Roller 5.1,
+# replaces authentication.cma.enabled, authentication.openid, and users.sso.enabled
+# from earlier versions.  Must be one of the following values:
+# db:  use Roller database to store usernames and passwords
+# ldap: use external LDAP to authenticate (must configure Roller security.xml,
+#       see Roller Wiki for more details)
+# openid: users must use OpenID to authenticate
+# db-openid: users may choose to authenticate via Roller DB or OpenID but not both.
+# cma: container-managed authentication (e.g., Tomcat tomcat-users.xml file).  Currently
+#      unusable, not fully implemented.
+authentication.method=db
+
 # Enables HTTPS for login page only
 securelogin.enabled=false
 
-# Enable container managed authentication
-authentication.cma.enabled=false
-
-# Enable/disable OpenID (requires Spring Security, will not work with CMA)
-# This can be set to one of three values:
-# - disabled: no OpenID support, no evidence of OpenID in the Web UI
-# - hybrid:   allow users to use either password or OpenID
-# - only:     users must use OpenID only, no password allowed
-authentication.openid=disabled
-
 # Password security settings
 passwds.encryption.enabled=true
 passwds.encryption.algorithm=SHA
@@ -376,17 +378,13 @@ salt.ignored.urls=mediaFileAdd!save.rol,
 #----------------------------------
 # Single-Sign-On (LDAP)
 
-# Enables Roller to behave differently when registering new users
-# in an SSO-enabled environment. You must configure WEB-INF/security.xml appropriately.
-users.sso.enabled=false
-
 # Set these properties for a custom LDAP schema (optional)
 #users.sso.registry.ldap.attributes.name=cn
 #users.sso.registry.ldap.attributes.email=mail
 #users.sso.registry.ldap.attributes.locale=locale
 #users.sso.registry.ldap.attributes.timezone=timezone
 
-# If you don't want user credentials from LDAP/etc to be stored in Roller
+# If you don't want user credentials from LDAP to be stored in Roller
 # (possibly in clear-text) leave this alone, otherwise set to true.
 # i.e. you would like a backup auth mechanism in case LDAP is down.
 users.sso.passwords.save=false

Modified: roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Login.jsp
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Login.jsp?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Login.jsp (original)
+++ roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Login.jsp Fri Aug  1 23:37:18 2014
@@ -18,11 +18,12 @@
 
 <%-- Body of the login page, invoked from login.jsp --%>
 <%@ page import="org.apache.roller.weblogger.config.WebloggerConfig" %>
+<%@ page import="org.apache.roller.weblogger.config.AuthMethod" %>
 <%@ include file="/WEB-INF/jsps/taglibs-struts2.jsp" %>
 
 <%!
 String securityCheckUrl = null;
-boolean cmaEnabled = WebloggerConfig.getBooleanProperty("authentication.cma.enabled");
+boolean cmaEnabled = "CMA".equals(WebloggerConfig.getAuthMethod());
 %>
 
 <%
@@ -33,8 +34,7 @@ if (cmaEnabled) {
 }
 %>
 
-
-<s:if test="openIdConfiguration != 'disabled'">
+<s:if test="authMethod == 'OPENID' || authMethod == 'DB_OPENID'">
     
     <p><s:text name="loginPage.openIdPrompt" /></p>
     
@@ -52,22 +52,22 @@ if (cmaEnabled) {
             <tr>
                 <td width="20%"></td>
                 <td width="80%">
-                    <input type="submit" name="submit" id="submit" value="<s:text name="loginPage.loginOpenID"
/>" />
+                    <input type="submit" name="submit" id="submit" value="<s:text name='loginPage.loginOpenID'/>"
/>
                 </td>
             </tr>
         </table> 
     </form>
 </s:if>
 
-<s:if test="openIdConfiguration != 'only'">
+<s:if test="authMethod != 'OPENID'">
 
-    <s:if test="openIdConfiguration == 'hybrid'">
+    <s:if test="authMethod == 'DB_OPENID'">
         <p><s:text name="loginPage.openIdHybridPrompt" /></p>
     </s:if>
     
-    <s:if test="openIdConfiguration == 'disabled'">
+    <s:else>
         <p><s:text name="loginPage.prompt" /></p>
-    </s:if>
+    </s:else>
     
     <form method="post" id="loginForm" 
           action="<c:url value="<%= securityCheckUrl %>"/>"
@@ -104,8 +104,8 @@ if (cmaEnabled) {
             <tr>
                 <td width="20%"></td>
                 <td width="80%">
-                    <input type="submit" name="login" id="login" value="<s:text name="loginPage.login"
/>" />
-                    <input type="reset" name="reset" id="reset" value="<s:text name="loginPage.reset"
/>" 
+                    <input type="submit" name="login" id="login" value="<s:text name='loginPage.login'
/>" />
+                    <input type="reset" name="reset" id="reset" value="<s:text name='loginPage.reset'
/>"
                         onclick="document.getElementById('j_username').focus()" />
                 </td>
             </tr>        
@@ -115,8 +115,7 @@ if (cmaEnabled) {
 </s:if>
 
 <script>
-<!--
-<s:if test="openIdConfiguration != 'disabled'">
+<s:if test="authMethod == 'OPENID' || authMethod == 'DB_OPENID'">
 function focusToOpenidForm() {
     return (document.getElementById && document.getElementById("j_username") ===
null) ||
         getCookie("favorite_authentication_method") !== "username";
@@ -139,7 +138,7 @@ function saveOpenidIdentifier(theForm) {
 }
 </s:if>
 
-<s:if test="openIdConfiguration != 'only'">
+<s:if test="authMethod != 'OPENID'">
 function focusToUsernamePasswordForm() {
     return (document.getElementById && document.getElementById("openid_identifier")
=== null) ||
         getCookie("favorite_authentication_method") === "username";
@@ -165,5 +164,4 @@ function saveUsername(theForm) {
     setCookie("favorite_authentication_method", "username");
 }
 </s:if>
-//-->
 </script>
\ No newline at end of file

Modified: roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Profile.jsp
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Profile.jsp?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Profile.jsp (original)
+++ roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Profile.jsp Fri Aug  1 23:37:18 2014
@@ -48,7 +48,7 @@
             <td class="description"><s:text name="userRegister.tip.email" /></td>
         </tr>
         
-        <s:if test="openIdConfiguration != 'only' && !usingSso">
+        <s:if test="authMethod == 'ROLLERDB' || authMethod == 'DB_OPENID'">
             <tr>
                 <td class="label"><label for="passwordText" /><s:text name="userSettings.password"
/></label></td>
                 <td class="field">

Modified: roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Register.jsp
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Register.jsp?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Register.jsp (original)
+++ roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Register.jsp Fri Aug  1 23:37:18 2014
@@ -32,7 +32,7 @@
         </td>
     </tr>
         
-    <s:if test="fromSSO">
+    <s:if test="authMethod == 'LDAP'">
         <tr>
             <td class="label"><label for="userName" /><s:text name="userSettings.username"
/></label></td>
             <td class="field"><strong><s:property value="bean.userName" /></strong></td>
@@ -65,26 +65,26 @@
         <td class="description"><s:text name="userRegister.tip.email" /></td>
     </tr>
 
-    <s:if test="!fromSSO">
+    <s:if test="authMethod != 'LDAP'">
         <tr>
             <td colspan="3">
                 <h2><s:text name="userRegister.heading.authentication" /></h2>
 
-                <s:if test="openIdConfiguration == 'disabled'">
+                <s:if test="authMethod == 'ROLLERDB'">
                 <p><s:text name="userRegister.tip.openid.disabled" /></p>
                   
                 </s:if>
 
-                <s:if test="openIdConfiguration == 'hybrid'">
+                <s:if test="authMethod == 'DB_OPENID'">
                 <p><s:text name="userRegister.tip.openid.hybrid" /></p>
                   
                 </s:if>
 
-                <s:if test="openIdConfiguration == 'only'">
+                <s:if test="authMethod == 'OPENID'">
                 <p><s:text name="userRegister.tip.openid.only" /></p> 
                  
                 </s:if>
             </td>
         </tr>
         
-        <s:if test="openIdConfiguration != 'only'">
+        <s:if test="authMethod != 'OPENID'">
         <tr>
             <td class="label"><label for="passwordText" /><s:text name="userSettings.password"
/></label></td>
             <td class="field">
@@ -107,10 +107,10 @@
         </s:else>
     
 
-        <s:if test="openIdConfiguration != 'disabled'">
+        <s:if test="authMethod == 'OPENID' || authMethod == 'DB_OPENID'">
             <tr>
                 <td class="label"><label for="openIdUrl" /><s:text name="userSettings.openIdUrl"
/></label></td>
-                <td class="field"><s:textfield name="bean.openIdUrl" size="40" maxlength="255"
id="f_openid_identifier"  onkeyup="onChange()"/></td>
+                <td class="field"><s:textfield name="bean.openIdUrl" size="40" maxlength="255"
id="f_openid_identifier" onkeyup="onChange()"/></td>
                 <td class="description"><s:text name="userRegister.tip.openIdUrl"
/></td>
             </tr>  
         </s:if> 
@@ -157,36 +157,35 @@
 <script>
 function onChange() {
     var disabled = true;
-    var openIdConfig    = '<s:property value="openIdConfiguration" />';
-    var ssoEnabled      = <s:property value="fromSSO" />;
+    var authMethod    = "<s:property value='authMethod' />";
     var emailAddress    = document.register['bean.emailAddress'].value;
     var userName = passwordText = passwordConfirm = openIdUrl = "";
 
-    if (ssoEnabled) {
+    if (authMethod == 'LDAP') {
         userName = '<s:property value="bean.userName" />';
     } else {
         userName = document.register['bean.userName'].value;
     }
 
-    if (ssoEnabled == false && openIdConfig != 'only') {
+    if (authMethod == "ROLLERDB" || authMethod == "DB_OPENID") {
         passwordText    = document.register['bean.passwordText'].value;
         passwordConfirm = document.register['bean.passwordConfirm'].value;
     }
-    if (openIdConfig != 'disabled') {
+    if (authMethod == "OPENID" || authMethod == "DB_OPENID") {
         openIdUrl = document.register['bean.openIdUrl'].value;
     }
 
-    if (ssoEnabled) {
+    if (authMethod == "LDAP") {
         if (emailAddress) disabled = false;
-    } else if (openIdConfig == 'disabled') {
+    } else if (authMethod == "ROLLERDB") {
         if (emailAddress && userName && passwordText && passwordConfirm)
disabled = false;
-    } else if (openIdConfig == 'only') {
+    } else if (authMethod == "OPENID") {
         if (emailAddress && openIdUrl) disabled = false;
-    } else if (openIdConfig == 'hybrid') {
+    } else if (authMethod == "DB_OPENID") {
         if (emailAddress && ((passwordText && passwordConfirm) || (openIdUrl))
) disabled = false;
     }
 
-    if (!ssoEnabled) {
+    if (authMethod != 'LDAP') {
         if ((passwordText || passwordConfirm) && !(passwordText == passwordConfirm))
{
             document.getElementById('readytip').innerHTML = '<s:text name="userRegister.error.mismatchedPasswords"
/>';
             disabled = true;

Modified: roller/trunk/app/src/main/webapp/WEB-INF/jsps/tiles/bannerStatus.jsp
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/webapp/WEB-INF/jsps/tiles/bannerStatus.jsp?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/webapp/WEB-INF/jsps/tiles/bannerStatus.jsp (original)
+++ roller/trunk/app/src/main/webapp/WEB-INF/jsps/tiles/bannerStatus.jsp Fri Aug  1 23:37:18
2014
@@ -41,18 +41,18 @@
             
             <td class="bannerRight">
                 
-                <a href="<s:url value="/"/>"><s:property value="getProp('site.shortName')"/></a>
+                <a href="<s:url value='/'/>"><s:property value="getProp('site.shortName')"/></a>
                 
-                | <a href="<s:url action="menu" namespace="/roller-ui" />"><s:text
name="mainPage.mainMenu" /></a>
+                | <a href="<s:url action='menu' namespace='/roller-ui' />"><s:text
name="mainPage.mainMenu" /></a>
                 
                 <s:if test="authenticatedUser != null">
-                    | <a href="<s:url action="logout" namespace="/roller-ui" />"><s:text
name="navigationBar.logout"/></a>
+                    | <a href="<s:url action='logout' namespace='/roller-ui' />"><s:text
name="navigationBar.logout"/></a>
                 </s:if>
                 <s:else>
-                    | <a href="<s:url action="login-redirect" namespace="/roller-ui"
/>"><s:text name="navigationBar.login"/></a>
+                    | <a href="<s:url action='login-redirect' namespace='/roller-ui'
/>"><s:text name="navigationBar.login"/></a>
                     
-                    <s:if test="getBooleanProp('users.registration.enabled') &&
!getBooleanProp('users.sso.enabled')">
-                        | <a href="<s:url action="register" namespace="/roller-ui"
/>"><s:text name="navigationBar.register"/></a>
+                    <s:if test="getBooleanProp('users.registration.enabled') &&
getProp('authentication.method') != 'ldap'">
+                        | <a href="<s:url action='register' namespace='/roller-ui'
/>"><s:text name="navigationBar.register"/></a>
                     </s:if>
                     <s:elseif test="getProp('users.registration.url') != null &&
getProp('users.registration.url') > 0">
                         | <a href="<s:property value="getProp('users.registration.url')"/>"><s:text
name="navigationBar.register"/></a>

Modified: roller/trunk/app/src/test/resources/roller-custom.properties
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/test/resources/roller-custom.properties?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/test/resources/roller-custom.properties (original)
+++ roller/trunk/app/src/test/resources/roller-custom.properties Fri Aug  1 23:37:18 2014
@@ -13,8 +13,6 @@ hibernate.dialect=org.hibernate.dialect.
 hibernate.transaction.factory_class=org.hibernate.transaction.JDBCTransactionFactory
 
 # turn off transaction manager during JUnit testing (TODO: find way to activate for JUnit
tests)
-# use CMA authentication to work around Spring init issues in UI tests
-authentication.cma.enabled=true
 
 # use plain text passwords in testing
 passwds.encryption.enabled=false

Modified: roller/trunk/app/src/test/resources/roller-jettyrun.properties
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/test/resources/roller-jettyrun.properties?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/test/resources/roller-jettyrun.properties (original)
+++ roller/trunk/app/src/test/resources/roller-jettyrun.properties Fri Aug  1 23:37:18 2014
@@ -3,9 +3,6 @@
 installation.type=auto
 planet.aggregator.enabled=true
 
-# openid options: disabled, hybrid and only
-authentication.openid=disabled
-
 database.configurationType=jdbc
 database.jdbc.driverClass=org.apache.derby.jdbc.ClientDriver
 # In-memory Derby database activated via "startdb" execution in app/pom.xml



Mime
View raw message