Menu
▾
▴
[Openuss-svn-commits] SF.net SVN: openuss:[4839] branches/openuss-plexus-3.1-shibboleth
|
From: <pet...@us...> - 2008-10-30 01:51:38
|
Revision: 4839
http://openuss.svn.sourceforge.net/openuss/?rev=4839&view=rev
Author: peterschuh
Date: 2008-10-30 01:51:30 +0000 (Thu, 30 Oct 2008)
Log Message:
-----------
# Thread safety issues
+ Support for getUsername according to authz.tld
Modified Paths:
--------------
branches/openuss-plexus-3.1-shibboleth/framework/core/src/main/java/org/openuss/framework/web/acegi/shibboleth/ShibbolethUserDetailsImpl.java
branches/openuss-plexus-3.1-shibboleth/plexus/plexus-core/src/main/java/org/openuss/security/acegi/shibboleth/ShibbolethAuthenticationProcessingFilter.java
branches/openuss-plexus-3.1-shibboleth/plexus/plexus-core/src/test/java/org/openuss/security/acegi/shibboleth/ShibbolethAuthenticationProcessingFilterTest.java
Modified: branches/openuss-plexus-3.1-shibboleth/framework/core/src/main/java/org/openuss/framework/web/acegi/shibboleth/ShibbolethUserDetailsImpl.java
===================================================================
--- branches/openuss-plexus-3.1-shibboleth/framework/core/src/main/java/org/openuss/framework/web/acegi/shibboleth/ShibbolethUserDetailsImpl.java 2008-10-29 10:56:04 UTC (rev 4838)
+++ branches/openuss-plexus-3.1-shibboleth/framework/core/src/main/java/org/openuss/framework/web/acegi/shibboleth/ShibbolethUserDetailsImpl.java 2008-10-30 01:51:30 UTC (rev 4839)
@@ -65,6 +65,10 @@
//~ Constructors ===================================================================================================
public ShibbolethUserDetailsImpl() {}
+
+ public ShibbolethUserDetailsImpl(String username) {
+ setUsername(username);
+ }
//~ Methods ========================================================================================================
Modified: branches/openuss-plexus-3.1-shibboleth/plexus/plexus-core/src/main/java/org/openuss/security/acegi/shibboleth/ShibbolethAuthenticationProcessingFilter.java
===================================================================
--- branches/openuss-plexus-3.1-shibboleth/plexus/plexus-core/src/main/java/org/openuss/security/acegi/shibboleth/ShibbolethAuthenticationProcessingFilter.java 2008-10-29 10:56:04 UTC (rev 4838)
+++ branches/openuss-plexus-3.1-shibboleth/plexus/plexus-core/src/main/java/org/openuss/security/acegi/shibboleth/ShibbolethAuthenticationProcessingFilter.java 2008-10-30 01:51:30 UTC (rev 4839)
@@ -3,6 +3,7 @@
import java.io.IOException;
import java.util.Locale;
+import javax.naming.NamingException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
@@ -106,7 +107,7 @@
*/
protected String migrationTargetUrl = null;
- protected boolean migrationNecessary = false;
+ protected String MIGRATION_NECESSARY_KEY = "ACEGI_SHIBBOLETH_MIGRATION_NECESSARY_KEY";
/**
* Enables HTTP redirect in case of a successful authentication.</br>
@@ -279,8 +280,11 @@
// Set switch for redirect to migration page
if (isMigrationEnabled() && authentication.equals(authRequest)) {
- setMigrationNecessary(true);
+ setMigrationNecessary(true, authentication);
}
+ else {
+ setMigrationNecessary(false, authentication);
+ }
return authentication;
}
@@ -399,8 +403,8 @@
public class ShibbolethAuthenticationDetailsSource implements AuthenticationDetailsSource {
public Object buildDetails(HttpServletRequest request) {
- shibbolethUserDetails = new ShibbolethUserDetailsImpl();
- shibbolethUserDetails.getAttributes().put(ShibbolethUserDetailsImpl.USERNAME_KEY, request.getHeader(shibbolethUsernameHeaderKey));
+ shibbolethUserDetails = new ShibbolethUserDetailsImpl(request.getHeader(shibbolethUsernameHeaderKey));
+ shibbolethUserDetails.getAttributes().put(ShibbolethUserDetailsImpl.USERNAME_KEY, request.getHeader(shibbolethUsernameHeaderKey));
if (request.getHeader(shibbolethEmailHeaderKey)!=null) {
shibbolethUserDetails.getAttributes().put(ShibbolethUserDetailsImpl.EMAIL_KEY, ((String) request.getHeader(shibbolethEmailHeaderKey)).toLowerCase(Locale.ENGLISH));
}
@@ -435,6 +439,26 @@
}
}
+ protected boolean isMigrationNecessary() {
+ Boolean migrationNecessary = Boolean.FALSE;
+ try {
+ migrationNecessary = (Boolean) ((ShibbolethUserDetails) SecurityContextHolder.getContext().getAuthentication().getDetails()).getAttributes().get(MIGRATION_NECESSARY_KEY).get();
+ } catch (NamingException e) {}
+ return migrationNecessary;
+ }
+
+ protected void setMigrationNecessary(boolean migrationNecessary, Authentication authentication) {
+ ((ShibbolethUserDetails) authentication.getDetails()).getAttributes().put(MIGRATION_NECESSARY_KEY, Boolean.valueOf(migrationNecessary));
+ }
+
+ protected void setMigrationNecessary(boolean migrationNecessary) {
+ ((ShibbolethUserDetails) SecurityContextHolder.getContext().getAuthentication().getDetails()).getAttributes().put(MIGRATION_NECESSARY_KEY, Boolean.valueOf(migrationNecessary));
+ }
+
+ public boolean isProcessEachUrlEnabled() {
+ return processEachUrlEnabled;
+ }
+
public String getShibbolethUsernameHeaderKey() {
return shibbolethUsernameHeaderKey;
}
@@ -534,18 +558,6 @@
setMigrationEnabled(migrationTargetUrl == null? false : true);
}
- protected boolean isMigrationNecessary() {
- return migrationNecessary;
- }
-
- protected void setMigrationNecessary(boolean migrationNecessary) {
- this.migrationNecessary = migrationNecessary;
- }
-
- public boolean isProcessEachUrlEnabled() {
- return processEachUrlEnabled;
- }
-
public void setProcessEachUrlEnabled(boolean processEachUrlEnabled) {
this.processEachUrlEnabled = processEachUrlEnabled;
}
Modified: branches/openuss-plexus-3.1-shibboleth/plexus/plexus-core/src/test/java/org/openuss/security/acegi/shibboleth/ShibbolethAuthenticationProcessingFilterTest.java
===================================================================
--- branches/openuss-plexus-3.1-shibboleth/plexus/plexus-core/src/test/java/org/openuss/security/acegi/shibboleth/ShibbolethAuthenticationProcessingFilterTest.java 2008-10-29 10:56:04 UTC (rev 4838)
+++ branches/openuss-plexus-3.1-shibboleth/plexus/plexus-core/src/test/java/org/openuss/security/acegi/shibboleth/ShibbolethAuthenticationProcessingFilterTest.java 2008-10-30 01:51:30 UTC (rev 4839)
@@ -138,7 +138,10 @@
// Setup authentication manager
AuthenticationManager authManager = new AuthenticationManager()
{public org.acegisecurity.Authentication authenticate(org.acegisecurity.Authentication authentication) throws org.acegisecurity.AuthenticationException {
- return new UsernamePasswordAuthenticationToken(USERNAME,"protected",new GrantedAuthority[]{new GrantedAuthorityImpl(DEFAULTROLE)});}};
+ UsernamePasswordAuthenticationToken authResult = new UsernamePasswordAuthenticationToken(USERNAME,"protected",new GrantedAuthority[]{new GrantedAuthorityImpl(DEFAULTROLE)});
+ authResult.setDetails(new ShibbolethUserDetailsImpl());
+ return authResult;
+ }};
// Setup our test object, to grant access and redirect migrated user to defaultTargetUrl.
String defaultTargetUrl = "/foobar";
@@ -652,7 +655,10 @@
// Setup authentication manager
AuthenticationManager authManager = new AuthenticationManager()
{public org.acegisecurity.Authentication authenticate(org.acegisecurity.Authentication authentication) throws org.acegisecurity.AuthenticationException {
- return new UsernamePasswordAuthenticationToken(USERNAME,"protected",new GrantedAuthority[]{new GrantedAuthorityImpl(DEFAULTROLE)});}};
+ UsernamePasswordAuthenticationToken authResult = new UsernamePasswordAuthenticationToken(USERNAME,"protected",new GrantedAuthority[]{new GrantedAuthorityImpl(DEFAULTROLE)});
+ authResult.setDetails(new ShibbolethUserDetailsImpl());
+ return authResult;
+ }};
// Setup our test object, to grant access
filter.setAuthenticationManager(authManager);
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
