Menu
▾
▴
[Hyperic-hq-discuss] hq r13179 - in trunk: . src/org/hyperic/hq/bizapp/server/session src/org/hyperic/hq/ui src/org/hyperic/hq/ui/action/authentication src/org/hyperic/hq/ui/pages thirdparty/lib
Author: clee Date: 2009-05-12 20:11:48 -0700 (Tue, 12 May 2009) New Revision: 13179 URL: http://svn.hyperic.org/?view=rev&root=Hyperic+HQ&revision=13179 Removed: trunk/thirdparty/lib/cas-client-core-3.1.3.jar Modified: trunk/build.xml trunk/src/org/hyperic/hq/bizapp/server/session/AuthBossEJBImpl.java trunk/src/org/hyperic/hq/ui/AuthenticationFilter.java trunk/src/org/hyperic/hq/ui/action/authentication/LogoutAction.java trunk/src/org/hyperic/hq/ui/pages/SignIn.java Log: Revert CAS check-in to commit to separate branch Modified: trunk/build.xml =================================================================== --- trunk/build.xml 2009-05-13 01:43:34 UTC (rev 13178) +++ trunk/build.xml 2009-05-13 03:11:48 UTC (rev 13179) @@ -428,7 +428,6 @@ <include name="groovy-all-1.6.jar" /> <include name="xstream-1.2.1.jar" /> <include name="xpp3_min-1.1.3.4.O.jar" /> - <include name="cas-client-core-3.1.3.jar" /> <include name="ant.jar" /> <include name="ant-lancher.jar" /> Modified: trunk/src/org/hyperic/hq/bizapp/server/session/AuthBossEJBImpl.java =================================================================== --- trunk/src/org/hyperic/hq/bizapp/server/session/AuthBossEJBImpl.java 2009-05-13 01:43:34 UTC (rev 13178) +++ trunk/src/org/hyperic/hq/bizapp/server/session/AuthBossEJBImpl.java 2009-05-13 03:11:48 UTC (rev 13179) @@ -6,7 +6,7 @@ * normal use of the program, and does *not* fall under the heading of * "derived work". * - * Copyright (C) [2004-2009], Hyperic, Inc. + * Copyright (C) [2004, 2005, 2006], Hyperic, Inc. * This file is part of HQ. * * HQ is free software; you can redistribute it and/or modify @@ -25,19 +25,17 @@ package org.hyperic.hq.bizapp.server.session; +import java.util.Collection; import java.util.HashSet; -import java.util.Iterator; import java.util.List; +import java.util.Iterator; import javax.ejb.AccessLocalException; -import javax.ejb.CreateException; import javax.ejb.FinderException; import javax.ejb.SessionBean; import javax.ejb.SessionContext; import javax.security.auth.login.LoginException; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; import org.hyperic.hq.auth.server.session.UserAudit; import org.hyperic.hq.auth.server.session.UserLoginZevent; import org.hyperic.hq.auth.shared.SessionException; @@ -46,21 +44,16 @@ import org.hyperic.hq.auth.shared.SessionTimeoutException; import org.hyperic.hq.authz.server.session.AuthzSubject; import org.hyperic.hq.authz.shared.AuthzConstants; -import org.hyperic.hq.authz.shared.AuthzSubjectManagerLocal; import org.hyperic.hq.authz.shared.PermissionException; -import org.hyperic.hq.bizapp.shared.AuthBossLocal; -import org.hyperic.hq.bizapp.shared.AuthBossUtil; import org.hyperic.hq.common.ApplicationException; import org.hyperic.hq.common.SystemException; -import org.hyperic.hq.common.server.session.ServerConfigManagerEJBImpl; -import org.hyperic.hq.common.shared.HQConstants; -import org.hyperic.hq.zevents.ZeventListener; import org.hyperic.hq.zevents.ZeventManager; +import org.hyperic.hq.zevents.ZeventListener; +import org.hyperic.hq.bizapp.shared.AuthBossUtil; +import org.hyperic.hq.bizapp.shared.AuthBossLocal; import org.hyperic.util.ConfigPropertyException; -import org.jasig.cas.client.authentication.AttributePrincipal; -import org.jasig.cas.client.validation.Assertion; -import org.jasig.cas.client.validation.Cas20ServiceTicketValidator; -import org.jasig.cas.client.validation.TicketValidationException; +import org.apache.commons.logging.LogFactory; +import org.apache.commons.logging.Log; /** * The BizApp's interface to the Auth Subsystem @@ -154,63 +147,6 @@ } /** - * Login a user via CAS. - * @param ticket The CAS ticket. - * @param service The name of the service. - * @return An int representing the session ID of the logged-in user - * @ejb:interface-method - */ - public int loginCAS (String ticket, String service) - throws LoginException, ApplicationException { - try { - Cas20ServiceTicketValidator sv = - new Cas20ServiceTicketValidator(getCasURL()); - AttributePrincipal principal = null; - try { - Assertion a = sv.validate(ticket, service); - principal = a.getPrincipal(); - } catch (TicketValidationException e) { - _log.error("Invalid ticket " + ticket + e.getMessage(), e); - } - - final AuthzSubjectManagerLocal subjMan = getAuthzSubjectManager(); - if (principal != null) { - AuthzSubject s = subjMan.findSubjectByName(principal.getName()); - - if (s != null) { - if (s.getActive()) { - UserLoginZevent evt = new UserLoginZevent(s.getId()); - ZeventManager.getInstance().enqueueEventAfterCommit(evt); - - } - else { - throw new LoginException(s.getName() + " not active"); - } - } - else { - // Valid ticket, but user not yet registered - try { - AuthzSubject overlord = subjMan.getOverlordPojo(); - s = subjMan.createSubject(overlord, principal.getName(), - true, - HQConstants.ApplicationName, - "", "", "", "", "", "", false); - } catch (CreateException e) { - throw new ApplicationException("Unable to add user to" + - " authorization system", - e); - } - } - return manager.put(s); - } - - throw new LoginException(ticket + " CAS ticket invalid"); - } catch (AccessLocalException e) { - throw new LoginException(e.getMessage()); - } - } - - /** * Login a guest. * * @return An integer representing the session ID of the logged-in user. @@ -308,19 +244,6 @@ return getAuthManager().isUser(subject, username); } - /** - * Get CAS URL - * @ejb:interface-method - */ - public String getCasURL() { - try { - return ServerConfigManagerEJBImpl.getOne().getConfig() - .getProperty(HQConstants.CAS_URL); - } catch (ConfigPropertyException e) { - return null; - } - } - public static AuthBossLocal getOne() { try { return AuthBossUtil.getLocalHome().create(); @@ -328,7 +251,7 @@ throw new SystemException(e); } } - + /** * @ejb:create-method */ Modified: trunk/src/org/hyperic/hq/ui/AuthenticationFilter.java =================================================================== --- trunk/src/org/hyperic/hq/ui/AuthenticationFilter.java 2009-05-13 01:43:34 UTC (rev 13178) +++ trunk/src/org/hyperic/hq/ui/AuthenticationFilter.java 2009-05-13 03:11:48 UTC (rev 13179) @@ -26,7 +26,7 @@ package org.hyperic.hq.ui; import java.io.IOException; -import java.net.URLEncoder; +import java.util.Map; import java.util.StringTokenizer; import javax.servlet.FilterChain; @@ -41,11 +41,20 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.hyperic.hq.authz.server.session.AuthzSubject; +import org.hyperic.hq.authz.server.session.AuthzSubjectManagerEJBImpl; +import org.hyperic.hq.authz.shared.PermissionException; import org.hyperic.hq.bizapp.shared.AuthBoss; +import org.hyperic.hq.bizapp.shared.AuthzBoss; import org.hyperic.hq.ui.pages.SignIn; +import org.hyperic.hq.ui.server.session.DashboardManagerEJBImpl; +import org.hyperic.hq.ui.server.session.UserDashboardConfig; +import org.hyperic.hq.ui.shared.DashboardManagerLocal; import org.hyperic.hq.ui.util.ContextUtils; import org.hyperic.hq.ui.util.SessionUtils; +import org.hyperic.image.widget.ResourceTree; import org.hyperic.ui.tapestry.page.PageListing; +import org.hyperic.util.config.ConfigResponse; import org.hyperic.util.encoding.Base64; public final class AuthenticationFilter extends BaseFilter { @@ -64,7 +73,6 @@ String servletPath = request.getServletPath(), contextPath = request.getContextPath(), queryString = request.getQueryString(); - StringBuffer reqUrl = request.getRequestURL(); if (webUser == null) { // See if there is authentication information @@ -84,7 +92,7 @@ try { webUser = SignIn.loginUser(ctx, user, pass); session.setAttribute(Constants.WEBUSER_SES_ATTR, - webUser); + webUser); } catch (Exception e) { // Unsuccessful login log.error("Unsuccessful login from " + user); @@ -92,21 +100,6 @@ return; } } - } else if (queryString != null && queryString.contains("ticket")) { - // Parse the query for the ticket - String[] tokens = queryString.split("[=&]"); - String ticket = null; - for (int i = 0; i < tokens.length; i += 2) { - if ("ticket".equals(tokens[i])) { - ticket = tokens[i+1]; - } - } - - if (ticket != null) { - webUser = SignIn.loginUser(ctx, session, ticket, - reqUrl.toString()); - session.setAttribute(Constants.WEBUSER_SES_ATTR, webUser); - } } } @@ -136,18 +129,7 @@ queryString == null ? "" : queryString); setCallback(forwardURL.toString(), session); } - - AuthBoss authBoss = ContextUtils.getAuthBoss(ctx); - String casURL = authBoss.getCasURL(); - - String redirectURL; - if (casURL != null) { - redirectURL = casURL + "/login?service=" + - URLEncoder.encode(reqUrl.toString(), "UTF-8"); - } - else { - redirectURL = contextPath + PageListing.SIGN_IN_URL; - } + String redirectURL = contextPath + PageListing.SIGN_IN_URL; response.sendRedirect(redirectURL); return; } Modified: trunk/src/org/hyperic/hq/ui/action/authentication/LogoutAction.java =================================================================== --- trunk/src/org/hyperic/hq/ui/action/authentication/LogoutAction.java 2009-05-13 01:43:34 UTC (rev 13178) +++ trunk/src/org/hyperic/hq/ui/action/authentication/LogoutAction.java 2009-05-13 03:11:48 UTC (rev 13179) @@ -74,12 +74,6 @@ session.removeAttribute(Constants.WEBUSER_SES_ATTR); session.invalidate(); - final String casURL = authBoss.getCasURL(); - if (casURL != null) { - response.sendRedirect(casURL + "/logout"); - return null; - } - return mapping.findForward("success"); } Modified: trunk/src/org/hyperic/hq/ui/pages/SignIn.java =================================================================== --- trunk/src/org/hyperic/hq/ui/pages/SignIn.java 2009-05-13 01:43:34 UTC (rev 13178) +++ trunk/src/org/hyperic/hq/ui/pages/SignIn.java 2009-05-13 03:11:48 UTC (rev 13179) @@ -6,7 +6,7 @@ * normal use of the program, and does *not* fall under the heading of * "derived work". * - * Copyright (C) [2004 - 2009], Hyperic, Inc. + * Copyright (C) [2004 - 2008], Hyperic, Inc. * This file is part of HQ. * * HQ is free software; you can redistribute it and/or modify @@ -154,9 +154,9 @@ } //clone ConfigResponse.merge - cannot change its method signature - private static boolean mergeValues(ConfigResponse config, - ConfigResponse other, - boolean overWrite) { + private boolean mergeValues(ConfigResponse config, + ConfigResponse other, + boolean overWrite) { boolean updated = true; Set entrySet = other.toProperties().entrySet(); for (Iterator i = entrySet.iterator(); i.hasNext();) { @@ -172,8 +172,8 @@ return updated; } - private static void loadDashboard(ServletContext ctx, WebUser webUser, - AuthzBoss authzBoss) { + private void loadDashboard(ServletContext ctx, WebUser webUser, + AuthzBoss authzBoss) { try { DashboardManagerLocal dashManager = DashboardManagerEJBImpl.getOne(); @@ -274,58 +274,6 @@ return new WebUser(subject, sessionId, preferences, hasPrincipal); } - public static WebUser loginUser(ServletContext ctx, HttpSession session, - String ticket, String service) { - try { - AuthzBoss authzBoss = ContextUtils.getAuthzBoss(ctx); - AuthBoss authBoss = ContextUtils.getAuthBoss(ctx); - boolean needsRegistration = false; - // authenticate the credentials - int sid = authBoss.loginCAS(ticket, service); - Integer sessionId = new Integer(sid); - if (log.isTraceEnabled()) { - log.trace("Logged in as with session id [" + sessionId + "]"); - } - // look up the subject record - AuthzSubject subjPojo = authzBoss.getCurrentSubject(sid); - AuthzSubjectValue subject = subjPojo.getAuthzSubjectValue(); - needsRegistration = subjPojo.getEmailAddress() == null || - subjPojo.getEmailAddress().length() == 0; - - // figure out if the user has a principal - boolean hasPrincipal = authBoss.isUser(sessionId.intValue(), - subject.getName()); - - ConfigResponse preferences = - needsRegistration ? new ConfigResponse() : - getUserPrefs(ctx, sessionId, subject.getId(), authzBoss); - - WebUser webUser = new WebUser(subject, sessionId, preferences, - hasPrincipal); - Map userOpsMap = new HashMap(); - - if (webUser.getPreferences().getKeys().size() == 0) { - // will be cleaned out during registration - session.setAttribute(Constants.PASSWORD_SES_ATTR, ""); - session.setAttribute(Constants.NEEDS_REGISTRATION, Boolean.TRUE); - } - else { - userOpsMap = loadUserPermissions(webUser.getSessionId(), - authzBoss); - } - - session.setAttribute(Constants.USER_OPERATIONS_ATTR, userOpsMap); - - loadDashboard(ctx, webUser, authzBoss); - setXlibFlag(session); - - return webUser; - } catch (Exception e) { - // No user account available - return null; - } - - } public static WebUser loginGuest(ServletContext ctx, HttpServletRequest request) { AuthBoss authBoss = ContextUtils.getAuthBoss(ctx); Deleted: trunk/thirdparty/lib/cas-client-core-3.1.3.jar =================================================================== (Binary files differ) |