Author: prabath
Date: Tue Mar 18 22:59:55 2008
New Revision: 14980
Log:
extending User Behavior Report with OpenID related actions.
Modified:
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/cards/CardIssuer.java
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/persistence/dataobject/ActionDO.java
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDAuthVerificationAction.java
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDCallbackAction.java
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDInfoCardSubmitAction.java
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDUserApprovalAction.java
Modified:
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/cards/CardIssuer.java
==============================================================================
---
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/cards/CardIssuer.java
(original)
+++
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/cards/CardIssuer.java
Tue Mar 18 22:59:55 2008
@@ -128,13 +128,13 @@
cardIssuerLog.debug(messages.getMessage("startCardIssue",
new String[] { "x509v3Cert", cert }));
}
-
+
//TODO : Store audit data
//TOOD : - cert, user
-
+
X509V3Credential x509Cred = new X509V3Credential();
x509Cred.setBase64EncodedThumbprintValue(cert);
-
+
UserCredential cred = new UserCredential(x509Cred);
Element cardElement = issueCard(cred, requireAppliesTo, userName);
@@ -192,9 +192,14 @@
String cardId = infoCard.getInformationCardReference().getCardId();
- ReportAdmin.record(primaryUserId,
- ActionDO.ACTION_USER_DOWNLOAD_CARD, "CardId=" + cardId);
+ if (isOpenIdInfoCard) {
+ ReportAdmin.record(primaryUserId,
+ ActionDO.ACTION_USER_DOWNLOAD_OPENID_CARD, "CardId=" +
cardId);
+ } else {
+ ReportAdmin.record(primaryUserId,
+ ActionDO.ACTION_USER_DOWNLOAD_CARD, "CardId=" +
cardId);
+ }
return elem;
} catch (CardModelException e) {
throw new IdentityProviderException("cardModelError", e);
Modified:
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/persistence/dataobject/ActionDO.java
==============================================================================
---
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/persistence/dataobject/ActionDO.java
(original)
+++
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/persistence/dataobject/ActionDO.java
Tue Mar 18 22:59:55 2008
@@ -34,6 +34,13 @@
public final static String ACTION_CARD_ISSUE_FAILURE = "Issue Card
Failure";
public final static String ACTION_TOKEN_ISSUE_FAILURE = "Issue Token
Failure";
public final static String ACTION_USER_FAILURE = "User Failure";
+ public final static String ACTION_USER_DOWNLOAD_OPENID_CARD = "Downloaded
OpenID Information Card";
+ public final static String ACTION_USER_LOG_IN_OPENID_CARD = "User Login -
OpenID Information Card";
+ public final static String ACTION_USER_LOG_IN_OPENID = "User Login -
OpenID";
+ public final static String ACTION_USER_LOG_IN_SELF_ISSUED_CARD= "User
Login - Self issued Information Card";
+ public final static String ACTION_USER_APPROVED_OPENID_RP_ALWAYS = "User
approved OpenID RP always";
+ public final static String ACTION_USER_APPROVED_OPENID_RP_ONCE = "User
approved OpenID RP once";
+ public final static String ACTION_USER_APPROVED_OPENID_RP_DENIED = "User
denied OpenID RP";
public final static String[] actions = { ACTION_USER_LOG_IN_UT,
ACTION_USER_LOG_IN_CARD,
@@ -44,6 +51,13 @@
ACTION_USER_DOWNLOAD_CARD,
ACTION_USER_FAILURE,
ACTION_CARD_ISSUE_FAILURE,
+ ACTION_USER_DOWNLOAD_OPENID_CARD,
+ ACTION_USER_LOG_IN_OPENID_CARD,
+ ACTION_USER_LOG_IN_OPENID,
+ ACTION_USER_APPROVED_OPENID_RP_ALWAYS,
+ ACTION_USER_APPROVED_OPENID_RP_ONCE,
+ ACTION_USER_APPROVED_OPENID_RP_DENIED,
+ ACTION_USER_LOG_IN_SELF_ISSUED_CARD,
ACTION_TOKEN_ISSUE_FAILURE};
Modified:
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDAuthVerificationAction.java
==============================================================================
---
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDAuthVerificationAction.java
(original)
+++
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDAuthVerificationAction.java
Tue Mar 18 22:59:55 2008
@@ -16,8 +16,10 @@
import org.wso2.solutions.identity.IdentityProviderConstants;
import org.wso2.solutions.identity.IdentityProviderException;
import org.wso2.solutions.identity.UserStore;
+import org.wso2.solutions.identity.admin.ReportAdmin;
import org.wso2.solutions.identity.openid.OpenIDUtil;
import org.wso2.solutions.identity.persistence.IPPersistenceManager;
+import org.wso2.solutions.identity.persistence.dataobject.ActionDO;
import org.wso2.solutions.identity.persistence.dataobject.OpenIDUserRPDO;
import org.wso2.solutions.identity.relyingparty.RelyingPartyException;
import org.wso2.solutions.identity.user.ui.util.UserUtil;
@@ -128,16 +130,29 @@
response.addCookie(infocardCookie);
// OpenID Provider needs to know which authentication
- // mechanism
- // the user went through while authenticating to the OP.
+ // mechanism the user went through while authenticating to the
+ // OP.
session
.setAttribute("phishingResistanceAuthentication",
"true");
if (!isRedirected) {
+
+ String message = getText("successful_for",
+ new String[] { openID });
+ ReportAdmin.record(openID,
+ ActionDO.ACTION_USER_LOG_IN_SELF_ISSUED_CARD,
+ message);
+
if (!isRequiredUserApproval(request)) {
+
+ String authMessage = getText("successful_for",
+ new String[] { openID });
+ ReportAdmin.record(openID,
+ ActionDO.ACTION_USER_APPROVED_OPENID_RP_ALWAYS,
+ authMessage);
+
// User has already agreed to accept request from this
- // RP
- // always.
+ // RP always.
response
.sendRedirect("server?_action=complete&authenticatedAndApproved=true");
}
@@ -162,6 +177,10 @@
}
}
+ String message = getText("invalid_user_password");
+ ReportAdmin.record(openID, ActionDO.ACTION_USER_FAILURE,
+ message);
+
this.addErrorMessage(getText("invalid_card_login"));
return ERROR;
}
@@ -211,7 +230,19 @@
response.addCookie(passwordCookie);
}
+ String message = getText("successful_for",
+ new String[] { openID });
+ ReportAdmin.record(openID, ActionDO.ACTION_USER_LOG_IN_OPENID,
+ message);
+
if (!isRequiredUserApproval(request)) {
+
+ String authMessage = getText("successful_for",
+ new String[] { openID });
+ ReportAdmin.record(openID,
+ ActionDO.ACTION_USER_APPROVED_OPENID_RP_ALWAYS,
+ authMessage);
+
// User has already agreed to accept request from this RP
// always.
response
@@ -220,6 +251,9 @@
return SUCCESS;
} else {
+ String message = getText("invalid_user_password");
+ ReportAdmin.record(openID, ActionDO.ACTION_USER_FAILURE,
+ message);
this.addErrorMessage(getText("invalid_user_password"));
return ERROR;
}
Modified:
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDCallbackAction.java
==============================================================================
---
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDCallbackAction.java
(original)
+++
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDCallbackAction.java
Tue Mar 18 22:59:55 2008
@@ -8,6 +8,8 @@
import com.opensymphony.xwork2.ActionSupport;
import org.wso2.solutions.identity.IdentityConstants;
+import org.wso2.solutions.identity.admin.ReportAdmin;
+import org.wso2.solutions.identity.persistence.dataobject.ActionDO;
import org.wso2.solutions.identity.relyingparty.RelyingPartyException;
import org.wso2.solutions.identity.user.ui.UIConstants;
import org.wso2.solutions.identity.user.ui.util.UserUtil;
@@ -46,6 +48,9 @@
// Set the logged in user's id.
map.put(UIConstants.USER, userID);
+
+ String message = getText("successful_for", new String[] {userID});
+ ReportAdmin.record(userID, ActionDO.ACTION_USER_LOG_IN_OPENID,
message);
} catch (RelyingPartyException e) {
return ERROR;
Modified:
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDInfoCardSubmitAction.java
==============================================================================
---
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDInfoCardSubmitAction.java
(original)
+++
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDInfoCardSubmitAction.java
Tue Mar 18 22:59:55 2008
@@ -6,6 +6,8 @@
import org.apache.struts2.StrutsStatics;
import org.wso2.solutions.identity.IdentityConstants;
+import org.wso2.solutions.identity.admin.ReportAdmin;
+import org.wso2.solutions.identity.persistence.dataobject.ActionDO;
import org.wso2.solutions.identity.user.ui.UIConstants;
import org.wso2.solutions.identity.user.ui.util.UserUtil;
@@ -43,6 +45,9 @@
// Set the logged in user's id.
map.put(UIConstants.USER, userID);
+
+ String message = getText("successful_for", new String[] {userID});
+ ReportAdmin.record(userID,
ActionDO.ACTION_USER_LOG_IN_OPENID_CARD, message);
} catch (Exception e) {
return ERROR;
Modified:
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDUserApprovalAction.java
==============================================================================
---
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDUserApprovalAction.java
(original)
+++
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDUserApprovalAction.java
Tue Mar 18 22:59:55 2008
@@ -8,7 +8,9 @@
import org.openid4java.message.ParameterList;
import org.wso2.solutions.identity.IdentityConstants;
import org.wso2.solutions.identity.admin.RelyingPartyAdmin;
+import org.wso2.solutions.identity.admin.ReportAdmin;
import org.wso2.solutions.identity.persistence.IPPersistenceManager;
+import org.wso2.solutions.identity.persistence.dataobject.ActionDO;
import org.wso2.solutions.identity.persistence.dataobject.OpenIDUserRPDO;
import org.wso2.solutions.identity.user.ui.util.UserUtil;
@@ -72,13 +74,25 @@
OpenIDUserRPDO rpdo = null;
rpdo = new OpenIDUserRPDO();
+ String message = null;
+
if (action.equalsIgnoreCase(IdentityConstants.OpenId.COMPLETE)) {
Date date = new Date();
if (authenticatedAndApproved.equalsIgnoreCase("once")) {
rpdo.setIsTrustedAlways(false);
+ message = getText("successful_for",
+ new String[] { userName });
+ ReportAdmin.record(userName,
+ ActionDO.ACTION_USER_APPROVED_OPENID_RP_ONCE,
+ message);
} else if
(authenticatedAndApproved.equalsIgnoreCase("always")) {
+ message = getText("successful_for",
+ new String[] { userName });
+ ReportAdmin.record(userName,
+ ActionDO.ACTION_USER_APPROVED_OPENID_RP_ALWAYS,
+ message);
rpdo.setIsTrustedAlways(true);
}
@@ -88,6 +102,11 @@
rpdo.setDefaultProfileName(profileName);
} else {
+ message = getText("successful_for", new String[] { userName });
+ ReportAdmin
+ .record(userName,
+ ActionDO.ACTION_USER_APPROVED_OPENID_RP_DENIED,
+ message);
return ERROR;
}
_______________________________________________
Identity-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/identity-dev
