rogerrut 2004/11/16 11:08:48 Added: components/sso project.properties .cvsignore locator.ent maven.xml project.xml components/sso/src/java/org/apache/jetspeed/sso/impl SSOContextImpl.java SSOPrincipalImpl.java PersistenceBrokerSSOProvider.java SSOSiteImpl.java components/sso/src/java/META-INF transaction.xml sso-dao.xml sso_repository.xml components/sso/src/test/org/apache/jetspeed/sso TestSSOComponent.java Log: Single Sign On SSO Framework The current version of SSO relies on the Jetspeed security model (storage of credentials/Principals) but for future release it can be decoupled from Jetspeed. Portlets (IFrame, perl, PHP) will be enhanced (Preference setting) so that they can enable SSO functionality. Revision Changes Path 1.1 jakarta-jetspeed-2/components/sso/project.properties Index: project.properties =================================================================== # Copyright 2004 The Apache Software Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # # $Id: project.properties,v 1.1 2004/11/16 19:08:47 rogerrut Exp $ # maven.multiproject.type=jar maven.license.licenseFile=${basedir}/../../LICENSE.TXT 1.1 jakarta-jetspeed-2/components/sso/.cvsignore Index: .cvsignore =================================================================== maven.log target 1.1 jakarta-jetspeed-2/components/sso/locator.ent Index: locator.ent =================================================================== <!-- Project dependencies -->
<!ENTITY pico-nano-groovy SYSTEM "file:../../etc/project-dependencies/spring-deps.xml"> <!ENTITY db-ojb-deps SYSTEM "file:../../etc/project-dependencies/db-ojb-deps.xml"> <!-- Project resources --> <!ENTITY db-ojb-resources SYSTEM "file:../../etc/project-resources/db-ojb-resources.xml"> <!ENTITY log4j-resources SYSTEM "file:../../etc/project-resources/log4j-resources.xml"> <!-- Project reports --> <!ENTITY j2-reports SYSTEM "file:../../etc/project-reports/j2-reports.xml"> 1.1 jakarta-jetspeed-2/components/sso/maven.xml Index: maven.xml =================================================================== <!-- Copyright 2004 The Apache Software Foundation Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> <project default="java:jar" xmlns:j="jelly:core" xmlns:define="jelly:define" xmlns:maven="jelly:maven"> <!-- Target of maven test:single test --> <property name='testcase' value='org.apache.jetspeed.sso.TestSSOComponent'/> <goal name="deployJar"> <attainGoal name="jar:install"/> <copy file="${basedir}/target/${maven.final.name}.jar" todir="${org.apache.jetspeed.deploy.war.dir}/jetspeed/WEB-INF/lib"/> </goal> </project> 1.1 jakarta-jetspeed-2/components/sso/project.xml Index: project.xml =================================================================== <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE project [ <!ENTITY % locator-entities SYSTEM "file:locator.ent"> %locator-entities; ]> <!-- Copyright 2004 The Apache Software Foundation Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> <project> <extend>${basedir}/../../project.xml</extend> <pomVersion>3</pomVersion> <id>jetspeed-sso</id> <groupId>jetspeed2</groupId> <name>Jetspeed-2 Single Sign On Components</name> <currentVersion>2.0-a1-dev</currentVersion> <package>org.apache.jetspeed</package> <description> Single Sign On SSO Components </description> <shortDescription>Single Sign On SSO Components</shortDescription> <repository> <connection>scm:cvs:pserver:[EMAIL PROTECTED]:/home/cvspublic:jakarta-jetspeed-2/components/sso</connection> <url>http://cvs.apache.org/viewcvs/jakarta-jetspeed-2/components/sso/</url> </repository> <dependencies> &pico-nano-groovy; &db-ojb-deps; <!-- Components --> <!-- Servlet API --> <dependency> <groupId>servletapi</groupId> <artifactId>servletapi</artifactId> <version>2.3</version> </dependency> <!-- Security implementation --> <dependency> <id>jetspeed-security</id> <groupId>jetspeed2</groupId> <version>2.0-a1-dev</version> <properties> <war.bundle>false</war.bundle> </properties> </dependency> <dependency> <id>jetspeed-api</id> <groupId>jetspeed2</groupId> <version>2.0-a1-dev</version> <properties> <war.bundle>true</war.bundle> </properties> </dependency> <dependency> <id>jetspeed-cm</id> <groupId>jetspeed2</groupId> <version>2.0-a1-dev</version> <properties> <war.bundle>true</war.bundle> </properties> </dependency> <dependency> <id>jetspeed-persistence</id> <groupId>jetspeed2</groupId> <version>2.0-a1-dev</version> <properties> <war.bundle>true</war.bundle> </properties> </dependency> <!-- Testing only --> <dependency> <id>jetspeed-rdbms</id> <groupId>jetspeed2</groupId> <version>2.0-a1-dev</version> <properties> <war.bundle>false</war.bundle> </properties> </dependency> <dependency> <id>commons-lang</id> <version>2.0</version> <properties> <war.bundle>true</war.bundle> </properties> </dependency> <dependency> <id>commons-logging</id> <version>1.0.3</version> <properties> <war.bundle>true</war.bundle> </properties> </dependency> <dependency> <id>commons-beanutils</id> <version>1.6.1</version> <properties> <war.bundle>true</war.bundle> </properties> </dependency> <dependency> <id>junit</id> <version>3.8.1</version> <properties> <war.bundle>false</war.bundle> </properties> </dependency> <dependency> <id>log4j</id> <version>1.2.8</version> <properties> <war.bundle>true</war.bundle> </properties> </dependency> <dependency> <id>commons-configuration</id> <version>1.0-dev</version> <properties> <war.bundle>false</war.bundle> </properties> </dependency> <dependency> <id>commons-collections</id> <version>3.0</version> <properties> <war.bundle>true</war.bundle> </properties> </dependency> <dependency> <id>commons-io</id> <version>0.1</version> <properties> <war.bundle>true</war.bundle> </properties> </dependency> <dependency> <id>commons-pool</id> <version>1.2</version> <properties> <war.bundle>true</war.bundle> </properties> </dependency> <dependency> <id>commons-dbcp</id> <version>1.2.1</version> <properties> <war.bundle>true</war.bundle> </properties> </dependency> <dependency> <id>jdbc-se</id> <jar>jdbc-se2.0.jar</jar> <properties> <war.bundle>false</war.bundle> </properties> </dependency> <dependency> <id>xerces</id> <version>2.3.0</version> <properties> <war.bundle>true</war.bundle> </properties> </dependency> <dependency> <id>xml-apis</id> <version>2.0.2</version> <properties> <war.bundle>true</war.bundle> </properties> </dependency> <dependency> <id>jdom</id> <version>b10</version> <properties> <war.bundle>true</war.bundle> </properties> </dependency> <!-- This is only a test dependency --> <dependency> <id>jetspeed-commons</id> <groupId>jetspeed2</groupId> <version>2.0-a1-dev</version> <properties> <war.bundle>false</war.bundle> </properties> </dependency> <dependency> <id>hsqldb</id> <version>1.7.1</version> <properties> <war.bundle>false</war.bundle> </properties> </dependency> <dependency> <!-- portlet-api.jar must be in %MAVEN_HOME%respository/portlet-api/jars --> <id>portlet-api</id> <version>1.0</version> <properties> <war.bundle>false</war.bundle> </properties> </dependency> <dependency> <id>jta</id> <jar>jta1.0.1.jar</jar> <properties> <war.bundle>true</war.bundle> </properties> </dependency> <dependency> <id>tyrex</id> <version>1.0.1</version> <properties> <war.bundle>true</war.bundle> </properties> </dependency> <dependency> <id>commons-codec</id> <version>1.3</version> <properties> <war.bundle>true</war.bundle> </properties> </dependency> </dependencies> <build> <sourceDirectory>src/java</sourceDirectory> <unitTestSourceDirectory>${basedir}/src/test</unitTestSourceDirectory> <unitTest> <includes> <include>**/Test*.java</include> </includes> <resources> <resource> <directory>${basedir}/src/test</directory> <excludes> <exclude>**/*.java</exclude> </excludes> </resource> <resource> <directory>${basedir}/src/java</directory> <excludes> <exclude>**/*.java</exclude> </excludes> </resource> &db-ojb-resources; &log4j-resources; </resources> </unitTest> <resources> <resource> <directory>${basedir}/src/java</directory> <excludes> <exclude>**/*.java</exclude> </excludes> </resource> </resources> </build> <reports> &j2-reports; </reports> </project> 1.1 jakarta-jetspeed-2/components/sso/src/java/org/apache/jetspeed/sso/impl/SSOContextImpl.java Index: SSOContextImpl.java =================================================================== /* * Copyright 2000-2004 The Apache Software Foundation. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.apache.jetspeed.sso.impl; import org.apache.jetspeed.sso.SSOContext; /** * SSOContextImpl * Class holding credential information * * @author <a href="mailto:[EMAIL PROTECTED]">Roger Ruttimann</a> * @version $Id: SSOContextImpl.java,v 1.1 2004/11/16 19:08:47 rogerrut Exp $ */ public class SSOContextImpl implements SSOContext { private long userID; private String password; private String userName; /** * Constructor takes all arguments since members can't be altered */ public SSOContextImpl(long userID, String userName, String pwd) { super(); this.userID = userID; this.userName = userName; this.password = pwd; } /* (non-Javadoc) * @see org.apache.jetspeed.sso.SSOContext#getUserID() */ public long getUserID() { return this.userID; } /* (non-Javadoc) * @see org.apache.jetspeed.sso.SSOContext#getUserName() */ public String getUserName() { return this.userName; } /* (non-Javadoc) * @see org.apache.jetspeed.sso.SSOContext#getPassword() */ public String getPassword() { return this.password; } } 1.1 jakarta-jetspeed-2/components/sso/src/java/org/apache/jetspeed/sso/impl/SSOPrincipalImpl.java Index: SSOPrincipalImpl.java =================================================================== /* Copyright 2004 Apache Software Foundation * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.apache.jetspeed.sso.impl; import java.sql.Timestamp; import java.util.Collection; import org.apache.jetspeed.security.om.InternalPrincipal; /** * <p> * SSOPrincipalImpl * Class used for mapping Principal information for a site. This is the short form of * the InternalPrincipalImpl * .</p> * * @author <a href="mailto:rogerrut @apache.org">Roger Ruttimann</a> */ public class SSOPrincipalImpl implements InternalPrincipal { /** The principal id. */ private long principalId; /** The class name. */ private String classname; /** The is mapping only. */ private boolean isMappingOnly = false; /** The full path. */ private String fullPath; /** The creation date. */ private Timestamp creationDate; /** The modified date. */ private Timestamp modifiedDate; /** The enabled state. */ private boolean enabled = true; /** Permissions not used by required by the interface*/ private Collection permissions; /** * <p> * The special attribute telling OJB the object's concrete type. * </p> * <p> * NOTE: this attribute MUST be called ojbConcreteClass * </p> */ protected String ojbConcreteClass; /** * <p> * InternalPrincipal implementation default constructor. * </p> */ public SSOPrincipalImpl() { } /** * <p> * InternalPrincipal constructor given a classname and name. * </p> * * @param classname The classname. * @param fullPath The full path. */ public SSOPrincipalImpl(String classname, String fullPath) { this.ojbConcreteClass = classname; this.classname = classname; this.fullPath = fullPath; this.permissions = null; // Not used this.creationDate = new Timestamp(System.currentTimeMillis()); this.modifiedDate = this.creationDate; } /** * @see org.apache.jetspeed.security.om.InternalPrincipal#getPrincipalId() */ public long getPrincipalId() { return this.principalId; } /** * @see org.apache.jetspeed.security.om.InternalPrincipal#setPrincipalId(int) */ public void setPrincipalId(long principalId) { this.principalId = principalId; } /** * @see org.apache.jetspeed.security.om.InternalPrincipal#getClassname() */ public String getClassname() { return this.classname; } /** * @see org.apache.jetspeed.security.om.InternalPrincipal#setClassname(java.lang.String) */ public void setClassname(String classname) { this.ojbConcreteClass = classname; this.classname = classname; } /** * @return Returns the isMappingOnly. */ public boolean isMappingOnly() { return isMappingOnly; } /** * @param isMappingOnly The isMappingOnly to set. */ public void setMappingOnly(boolean isMappingOnly) { this.isMappingOnly = isMappingOnly; } /** * @see org.apache.jetspeed.security.om.InternalPrincipal#getFullPath() */ public String getFullPath() { return this.fullPath; } /** * @see org.apache.jetspeed.security.om.InternalPrincipal#setFullPath(java.lang.String) */ public void setFullPath(String fullPath) { this.fullPath = fullPath; } /** * @see org.apache.jetspeed.security.om.InternalPrincipal#getPermissions() */ public Collection getPermissions() { return this.permissions; } /** * @see org.apache.jetspeed.security.om.InternalPrincipal#setPermissions(java.util.Collection) */ public void setPermissions(Collection permissions) { this.permissions = permissions; } /** * @see org.apache.jetspeed.security.om.InternalPrincipal#getCreationDate() */ public Timestamp getCreationDate() { return this.creationDate; } /** * @see org.apache.jetspeed.security.om.InternalPrincipal#setCreationDate(java.sql.Timestamp) */ public void setCreationDate(Timestamp creationDate) { this.creationDate = creationDate; } /** * @see org.apache.jetspeed.security.om.InternalPrincipal#getModifiedDate() */ public Timestamp getModifiedDate() { return this.modifiedDate; } /** * @see org.apache.jetspeed.security.om.InternalPrincipal#setModifiedDate(java.sql.Timestamp) */ public void setModifiedDate(Timestamp modifiedDate) { this.modifiedDate = modifiedDate; } /** * @see org.apache.jetspeed.security.om.InternalPrincipal#isEnabled() */ public boolean isEnabled() { return enabled; } /** * @see org.apache.jetspeed.security.om.InternalPrincipal#setEnabled(boolean) */ public void setEnabled(boolean enabled) { this.enabled = enabled; } } 1.1 jakarta-jetspeed-2/components/sso/src/java/org/apache/jetspeed/sso/impl/PersistenceBrokerSSOProvider.java Index: PersistenceBrokerSSOProvider.java =================================================================== /* * Copyright 2000-2001,2004 The Apache Software Foundation. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.apache.jetspeed.sso.impl; import java.util.Collection; import java.util.Hashtable; import java.util.Iterator; import org.apache.jetspeed.security.UserPrincipal; import javax.security.auth.Subject; import javax.servlet.http.HttpServletRequest; import org.apache.jetspeed.components.dao.InitablePersistenceBrokerDaoSupport; import org.apache.jetspeed.sso.SSOContext; import org.apache.jetspeed.sso.SSOException; import org.apache.jetspeed.sso.SSOProvider; import org.apache.jetspeed.security.SecurityHelper; import org.apache.jetspeed.security.BasePrincipal; import org.apache.jetspeed.security.om.impl.InternalCredentialImpl; import org.apache.jetspeed.security.om.impl.InternalPrincipalImpl; import org.apache.ojb.broker.query.Criteria; import org.apache.ojb.broker.query.QueryByCriteria; import org.apache.ojb.broker.query.QueryFactory; /** * <p>Utility component to handle SSO requests</p> * * @author <a href="mailto:[EMAIL PROTECTED]">Roger Ruttimann</a> */ public class PersistenceBrokerSSOProvider extends InitablePersistenceBrokerDaoSupport implements SSOProvider { private Hashtable mapSite = new Hashtable(); /** * PersitenceBrokerSSOProvider() * @param repository Location of repository mapping file. Must be available within the classpath. * @param prefsFactoryImpl <code>java.util.prefs.PreferencesFactory</code> implementation to use. * @param enablePropertyManager Whether or not we chould be suing the property manager. * @throws ClassNotFoundException if the <code>prefsFactoryImpl</code> argument does not reperesent * a Class that exists in the current classPath. */ public PersistenceBrokerSSOProvider(String repositoryPath) throws ClassNotFoundException { super(repositoryPath); } /* (non-Javadoc) * @see org.apache.jetspeed.sso.SSOProvider#hasSSOCredentials(javax.security.auth.Subject, java.lang.String) */ public boolean hasSSOCredentials(Subject subject, String site) { // Initialization SSOSiteImpl ssoSite = getSSOSiteObject(site); if ( ssoSite == null) return false; // no entry for site // Get the principal from the subject BasePrincipal principal = (BasePrincipal)SecurityHelper.getBestPrincipal(subject, UserPrincipal.class); String fullPath = principal.getFullPath(); // Filter the credentials for the given principals InternalCredentialImpl credential = getCredential(ssoSite, fullPath); if (credential == null) return false; else return true; } /* (non-Javadoc) * @see org.apache.jetspeed.sso.SSOProvider#addBasicAuthenticationForSite(javax.servlet.http.HttpServletRequest, javax.security.auth.Subject, java.lang.String) */ public void addBasicAuthenticationForSite(HttpServletRequest request, Subject subject, String site) throws SSOException { // TODO Auto-generated method stub } /* (non-Javadoc) * @see org.apache.jetspeed.sso.SSOProvider#getCredentials(javax.security.auth.Subject, java.lang.String) */ public SSOContext getCredentials(Subject subject, String site) throws SSOException { // Initialization SSOSiteImpl ssoSite = getSSOSiteObject(site); if ( ssoSite == null) throw new SSOException(SSOException.NO_CREDENTIALS_FOR_SITE); // no entry for site // Get the principal from the subject BasePrincipal principal = (BasePrincipal)SecurityHelper.getBestPrincipal(subject, UserPrincipal.class); String fullPath = principal.getFullPath(); // Filter the credentials for the given principals InternalCredentialImpl credential = getCredential(ssoSite, fullPath); if ( credential == null) throw new SSOException(SSOException.NO_CREDENTIALS_FOR_SITE); // no entry for site SSOContext context = new SSOContextImpl(credential.getPrincipalId(), principal.getName(),credential.getValue()); return context; } /* addCredential() * Adds credentials for a user to the site. If the site doesn't exist it will be created * @see org.apache.jetspeed.sso.SSOProvider#addCredentialsForSite(javax.security.auth.Subject, java.lang.String, java.lang.String) */ public void addCredentialsForSite(Subject subject, String site, String pwd) throws SSOException { // Check if the site already exists SSOSiteImpl ssoSite = getSSOSiteObject(site); if (ssoSite == null) { // Create a new site ssoSite = new SSOSiteImpl(); ssoSite.setSiteURL(site); } // Get the Principal information String fullPath = ((BasePrincipal)SecurityHelper.getBestPrincipal(subject, UserPrincipal.class)).getFullPath(); SSOPrincipalImpl principal = this.getPrincipalForPath(subject, fullPath); // New credential object InternalCredentialImpl credential = new InternalCredentialImpl(); ssoSite.addCredential(credential); // Populate the credential information credential.setValue(pwd); credential.setPrincipalId(principal.getPrincipalId()); // Update database and reset cache try { getPersistenceBrokerTemplate().store(ssoSite); } catch (Exception e) { throw new SSOException(SSOException.FAILED_STORING_SITE_INFO_IN_DB + e.toString() ); } // Clear cache this.mapSite.clear(); } /* (non-Javadoc) * @see org.apache.jetspeed.sso.SSOProvider#removeCredentialsForSite(javax.security.auth.Subject, java.lang.String) */ public void removeCredentialsForSite(Subject subject, String site) throws SSOException { // TODO Auto-generated method stub } /* * Helper utilities * */ /* * getSSOSiteObject * Obtains the Site information including the credentials for a site (url). */ private SSOSiteImpl getSSOSiteObject(String site) { //Initialization SSOSiteImpl ssoSite = null; //Check if the site is in the map if (mapSite.containsKey(site) == false ) { // Go to the database and fetch the information for this site // Find the MediaType by matching the Mimetype Criteria filter = new Criteria(); filter.addEqualTo("siteURL", site); QueryByCriteria query = QueryFactory.newQuery(SSOSiteImpl.class, filter); Collection ssoSiteCollection = getPersistenceBrokerTemplate().getCollectionByQuery(query); if ( ssoSiteCollection != null && ssoSiteCollection.isEmpty() != true) { Iterator itSite = ssoSiteCollection.iterator(); // Get the site from the collection. There should be only one entry (uniqueness) if (itSite.hasNext()) { ssoSite = (SSOSiteImpl) itSite.next(); } // Add it to the map mapSite.put(site, ssoSite); } else { // No entry for this site return null; } } else { ssoSite = (SSOSiteImpl)mapSite.get(site); } return ssoSite; } /* * getCredential * returns the credentials for a given user */ private InternalCredentialImpl getCredential(SSOSiteImpl ssoSite, String fullPath) { long principalID = -1; InternalCredentialImpl credential = null; /* Error checking * 1) should have at least one principal * 2) should have at least one credential * * If one of the above fails return null wich means that the user doesn't have credentials for that site */ if ( ssoSite.getPrincipals() == null || ssoSite.getCredentials() == null) return null; // Iterate over the principals and extract the principal id for the given full path Iterator itPrincipals = ssoSite.getPrincipals().iterator(); while (itPrincipals.hasNext() && principalID == -1 /*not found yet*/) { InternalPrincipalImpl principal = (InternalPrincipalImpl)itPrincipals.next(); if ( principal != null && principal.getFullPath().compareToIgnoreCase(fullPath) == 0) { principalID = principal.getPrincipalId(); } } if ( principalID == -1) return null; // No principal found for that site // Last lookup to see if there are credentials for that user Iterator itCredentials = ssoSite.getCredentials().iterator(); while (itCredentials.hasNext() && credential == null /*not found yet*/) { InternalCredentialImpl cred = (InternalCredentialImpl)itCredentials.next(); if ( cred != null && cred.getPrincipalId() == principalID) { // Found credentials for Orincipals credential = cred; } } return credential; } private SSOPrincipalImpl getPrincipalForPath(Subject subject, String fullPath) { Criteria filter = new Criteria(); filter.addEqualTo("fullPath", fullPath); QueryByCriteria query = QueryFactory.newQuery(SSOPrincipalImpl.class, filter); Collection principals = getPersistenceBrokerTemplate().getCollectionByQuery(query); if ( principals != null && principals.isEmpty() != true) { Iterator itPrincipals = principals.iterator(); // Get the site from the collection. There should be only one entry (uniqueness) if (itPrincipals.hasNext()) { return (SSOPrincipalImpl) itPrincipals.next(); } } // Principal for path doesn't exist return null; } } 1.1 jakarta-jetspeed-2/components/sso/src/java/org/apache/jetspeed/sso/impl/SSOSiteImpl.java Index: SSOSiteImpl.java =================================================================== /* * Copyright 2000-2004 The Apache Software Foundation. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.apache.jetspeed.sso.impl; import java.util.Collection; import org.apache.jetspeed.sso.SSOException; import org.apache.jetspeed.security.om.impl.InternalCredentialImpl; /** * SSOSiteImpl * Class holding information about the Site and credentials for Single Sign on SSO. * OJB will map the database entries into this class * * @author <a href="mailto:[EMAIL PROTECTED]">Roger Ruttimann</a> * @version $Id: SSOSiteImpl.java,v 1.1 2004/11/16 19:08:47 rogerrut Exp $ */ public class SSOSiteImpl { // Private member for OJB mapping private int siteId; private String name; private String siteURL; private boolean isAllowUserSet; private boolean isCertificateRequired; private Collection credentials; private Collection principals; /** * */ public SSOSiteImpl() { super(); } /* * Setters and getters for member variables */ /** * @return Returns the credentials. */ public Collection getCredentials() { return credentials; } /** * @param credentials The credentials to set. */ public void setCredentials(Collection credentials) { this.credentials = credentials; } /** * @return Returns the isAllowUserSet. */ public boolean isAllowUserSet() { return isAllowUserSet; } /** * @param isAllowUserSet The isAllowUserSet to set. */ public void setAllowUserSet(boolean isAllowUserSet) { this.isAllowUserSet = isAllowUserSet; } /** * @return Returns the isCertificateRequired. */ public boolean isCertificateRequired() { return isCertificateRequired; } /** * @param isCertificateRequired The isCertificateRequired to set. */ public void setCertificateRequired(boolean isCertificateRequired) { this.isCertificateRequired = isCertificateRequired; } /** * @return Returns the name. */ public String getName() { return name; } /** * @param name The name to set. */ public void setName(String name) { this.name = name; } /** * @return Returns the principals. */ public Collection getPrincipals() { return principals; } /** * @param principals The principals to set. */ public void setPrincipals(Collection principals) { this.principals = principals; } /** * @return Returns the siteId. */ public int getSiteId() { return siteId; } /** * @param siteId The siteId to set. */ public void setSiteId(int siteId) { this.siteId = siteId; } /** * @return Returns the siteURL. */ public String getSiteURL() { return siteURL; } /** * @param siteURL The siteURL to set. */ public void setSiteURL(String siteURL) { this.siteURL = siteURL; } /** * Utility functions * addCredential() * Adds the credentail to the credentials collection * */ public void addCredential(InternalCredentialImpl credential) throws SSOException { boolean bStatus = false; try { bStatus = credentials.add(credential); } catch(Exception e) { // Adding credentail to coollection failed -- notify caller with SSOException throw new SSOException(SSOException.FAILED_ADDING_CREDENTIALS_FOR_SITE + e.getMessage()); } if ( bStatus == false) throw new SSOException(SSOException.FAILED_ADDING_CREDENTIALS_FOR_SITE ); } /** * removeCredential() * removes a credentail from the credentials collection * */ public void removeCredential(InternalCredentialImpl credential) throws SSOException { boolean bStatus = false; try { bStatus = credentials.remove(credential); } catch(Exception e) { // Adding credentail to coollection failed -- notify caller with SSOException throw new SSOException(SSOException.FAILED_REMOVING_CREDENTIALS_FOR_SITE + e.getMessage()); } if ( bStatus == false) throw new SSOException(SSOException.FAILED_REMOVING_CREDENTIALS_FOR_SITE ); } } 1.1 jakarta-jetspeed-2/components/sso/src/java/META-INF/transaction.xml Index: transaction.xml =================================================================== <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"> <!-- - Application context definition for PortletRegistry using Apache OJB. --> <beans> <!-- Transaction manager for a single OJB PersistenceBroker (alternative to JTA) --> <bean id="transactionManager" class="org.springframework.orm.ojb.PersistenceBrokerTransactionManager"/> <!-- Transaction manager that delegates to JTA (for a transactional JNDI DataSource) --> <!-- <bean id="transactionManager" class="org.springframework.transaction.jta.JtaTransactionManager"/> --> <!-- - A parent bean definition which is a base definition for transaction proxies. - It is markes as abstract, since it is never supposed to be instantiated itself. - We set shared transaction attributes here, following our naming patterns. - The attributes can still be overridden in child bean definitions. --> <bean id="baseTransactionProxy" class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean" abstract="true"> <property name="transactionManager"><ref bean="transactionManager"/></property> <property name="transactionAttributes"> <props> <prop key="*">PROPAGATION_REQUIRED</prop> </props> </property> </bean> </beans> 1.1 jakarta-jetspeed-2/components/sso/src/java/META-INF/sso-dao.xml Index: sso-dao.xml =================================================================== <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd"> <!-- - Application context definition for PortletRegistry using Apache OJB. --> <beans> <!-- ========================= BUSINESS OBJECT DEFINITIONS ========================= --> <!-- SSO Implementation --> <bean id="PersistenceBrokerSSOProvider" class="org.apache.jetspeed.sso.impl.PersistenceBrokerSSOProvider" init-method="init" > <constructor-arg index="0"><value>META-INF/sso_repository.xml</value></constructor-arg> </bean> <bean id="org.apache.jetspeed.sso.SSOProvider" parent="baseTransactionProxy" name="ssoProvider" > <property name="proxyInterfaces"> <value>org.apache.jetspeed.sso.SSOProvider</value> </property> <property name="target"> <ref bean="PersistenceBrokerSSOProvider"/> </property> </bean> </beans> 1.1 jakarta-jetspeed-2/components/sso/src/java/META-INF/sso_repository.xml Index: sso_repository.xml =================================================================== <!-- Copyright 2004 The Apache Software Foundation Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> <descriptor-repository version="1.0"> <!-- - S E C U R I T Y P R I N C I P A L (Short version for SSO lookup) --> <class-descriptor class="org.apache.jetspeed.sso.impl.SSOPrincipalImpl" proxy="dynamic" table="SECURITY_PRINCIPAL" > <documentation>Represents a user principal.</documentation> <field-descriptor name="principalId" column="principal_id" jdbc-type="BIGINT" primarykey="true" indexed="true" autoincrement="true" > </field-descriptor> <field-descriptor name="classname" column="classname" jdbc-type="VARCHAR" nullable="false" length="254" > </field-descriptor> <field-descriptor name="isMappingOnly" column="is_mapping_only" jdbc-type="BIT" nullable="false" > </field-descriptor> <field-descriptor name="fullPath" column="full_path" jdbc-type="VARCHAR" nullable="false" length="254" > </field-descriptor> <field-descriptor name="creationDate" column="creation_date" jdbc-type="TIMESTAMP" nullable="false" > </field-descriptor> <field-descriptor name="modifiedDate" column="modified_date" jdbc-type="TIMESTAMP" nullable="false" > </field-descriptor> <field-descriptor name="enabled" column="is_enabled" jdbc-type="BIT" nullable="false" > </field-descriptor> </class-descriptor> <!-- - S I T E --> <class-descriptor class="org.apache.jetspeed.sso.impl.SSOSiteImpl" proxy="dynamic" table="SSOSite" > <documentation>Represents the single sign on site</documentation> <field-descriptor name="siteId" column="SITE_ID" jdbc-type="INTEGER" primarykey="true" indexed="true" autoincrement="true" > </field-descriptor> <field-descriptor name="name" column="NAME" jdbc-type="VARCHAR" nullable="false" length="254" > </field-descriptor> <field-descriptor name="siteURL" column="URL" jdbc-type="VARCHAR" nullable="false" length="254" > </field-descriptor> <field-descriptor name="isAllowUserSet" column="ALLOW_USER_SET" jdbc-type="BIT" nullable="false" > </field-descriptor> <field-descriptor name="isRequireCertificate" column="REQUIRE_CERTIFICATE" jdbc-type="BIT" nullable="false" > </field-descriptor> <collection-descriptor name="credentials" element-class-ref="org.apache.jetspeed.security.om.impl.InternalCredentialImpl" proxy="true" refresh="true" auto-retrieve="true" auto-update="link" auto-delete="link" indirection-table="SSO_SITE_TO_CREDENTIALS" > <documentation>This is the reference to credentials.</documentation> <fk-pointing-to-this-class column="SITE_ID"/> <fk-pointing-to-element-class column="CREDENTIAL_ID"/> <fk-pointing-to-element-class column="PRINCIPAL_ID"/> </collection-descriptor> <collection-descriptor name="principals" element-class-ref="org.apache.jetspeed.sso.impl.SSOPrincipalImpl" proxy="true" refresh="true" auto-retrieve="true" auto-update="link" auto-delete="link" indirection-table="SSO_SITE_TO_CREDENTIALS" > <documentation>This is the reference to credentials.</documentation> <fk-pointing-to-this-class column="SITE_ID"/> <fk-pointing-to-element-class column="PRINCIPAL_ID"/> </collection-descriptor> </class-descriptor> </descriptor-repository> 1.1 jakarta-jetspeed-2/components/sso/src/test/org/apache/jetspeed/sso/TestSSOComponent.java Index: TestSSOComponent.java =================================================================== /* Copyright 2004 Apache Software Foundation * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.apache.jetspeed.sso; import java.util.HashMap; import java.util.Map; import org.apache.jetspeed.sso.impl.PersistenceBrokerSSOProvider; import org.apache.jetspeed.sso.SSOProvider; import org.apache.jetspeed.sso.impl.SSOSiteImpl; import javax.security.auth.Subject; import junit.framework.Test; import junit.framework.TestSuite; import org.apache.jetspeed.components.util.DatasourceEnabledSpringTestCase; /** * <p> * Unit testing for [EMAIL PROTECTED] Preferences}. * </p> * * @author <a href="[EMAIL PROTECTED]">Roger Ruttimann</a> */ public class TestSSOComponent extends DatasourceEnabledSpringTestCase { /** The property manager. */ private static PersistenceBrokerSSOProvider ssoBroker = null; /** * @see junit.framework.TestCase#setUp() */ public void setUp() throws Exception { super.setUp(); try { //ssoBroker = (PersistenceBrokerSSOProvider) ctx.getBean("ssoProvider"); Object o = (Object) ctx.getBean("ssoProvider"); if (o == null) System.out.println("Returned bean is null!!"); else System.out.println("Bean is instance of:" + o.toString()); } catch(Exception ex) { ex.printStackTrace(); throw new Exception("Exception while setup SSO TEST"); } } /** * @see junit.framework.TestCase#tearDown() */ public void tearDown() throws Exception { clean(); // super.tearDown(); } public static Test suite() { // All methods starting with "test" will be executed in the test suite. return new TestSuite(TestSSOComponent.class); } /** * <p> * Test user root. * </p> */ public void testSSO() { // TODO: Test cases } /** * <p> * Clean properties. * </p> */ protected void clean() throws Exception { // Cleanup any credentails added during the test /* try { } catch (SSOException ex) { System.out.println("SSOException" + ex); } */ } protected String[] getConfigurations() { return new String[]{"META-INF/sso-dao.xml", "META-INF/transaction.xml"}; } } --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]