예제 #1
0
 public void doView(RenderRequest request, RenderResponse response)
     throws PortletException, IOException {
   String siteName = request.getPreferences().getValue("SRC", null);
   SSOSite site = null;
   if (siteName != null) {
     site = sso.getSiteByUrl(siteName);
   }
   if (site == null) {
     response.getWriter().print(NO_CREDENTIALS);
     return;
   } else {
     PasswordCredential pwc = SSOPortletUtil.getCredentialsForSite(sso, siteName, request);
     if (pwc != null) {
       request.setAttribute(SSO_REQUEST_ATTRIBUTE_USERNAME, pwc.getUserName());
       request.setAttribute(SSO_REQUEST_ATTRIBUTE_PASSWORD, pwc.getPassword());
     } else {
       response.getWriter().print(NO_CREDENTIALS);
       return;
     }
   }
   StatusMessage msg =
       (StatusMessage) PortletMessaging.consume(request, "SSOWebContent", "status");
   if (msg != null) {
     this.getContext(request).put("statusMsg", msg);
   }
   super.doView(request, response);
 }
예제 #2
0
  public void processAction(ActionRequest actionRequest, ActionResponse actionResponse)
      throws PortletException, IOException {
    // grab parameters - they will be cleared in processing of edit response
    String webContentParameter =
        actionRequest.getParameter(WebContentRewriter.ACTION_PARAMETER_URL);
    String ssoPrincipalName = actionRequest.getParameter(SSO_EDIT_FIELD_PRINCIPAL);
    String ssoPrincipalPassword = actionRequest.getParameter(SSO_EDIT_FIELD_CREDENTIAL);

    // save the prefs
    super.processAction(actionRequest, actionResponse);

    // process credentials
    if (webContentParameter == null || actionRequest.getPortletMode() == PortletMode.EDIT) {
      // processPreferencesAction(request, actionResponse);
      // get the POST params -- requires HTML post params named above
      String siteUrl = actionRequest.getPreferences().getValue("SRC", "");
      String localUser = actionRequest.getUserPrincipal().getName();
      SSOSite site = sso.getSiteByUrl(siteUrl);
      try {
        if (!SecurityHelper.isEmpty(siteUrl)
            && !SecurityHelper.isEmpty(ssoPrincipalName)
            && !SecurityHelper.isEmpty(ssoPrincipalPassword)) {
          if (site == null) {
            site = sso.newSite(siteUrl, siteUrl);
            sso.addSite(site);
            SSOPortletUtil.updateUser(
                sso, actionRequest, site, ssoPrincipalName, ssoPrincipalPassword);
          } else {
            SSOPortletUtil.updateUser(
                sso, actionRequest, site, ssoPrincipalName, ssoPrincipalPassword);
          }
        }
      } catch (SSOException e) {
        String errorMessage =
            "Failed to add remote user for the portal principal, "
                + actionRequest.getUserPrincipal().getName()
                + ".";
        if (e.getCause() != null) {
          errorMessage += " (" + e.getCause() + ")";
        }
        StatusMessage statusMessage = new StatusMessage(errorMessage, StatusMessage.ERROR);
        PortletMessaging.publish(actionRequest, "SSOWebContent", "status", statusMessage);
        actionResponse.setPortletMode(PortletMode.EDIT); // stay on edit
      }
    }
  }
예제 #3
0
 public void doEdit(RenderRequest request, RenderResponse response)
     throws PortletException, IOException {
   String site = request.getPreferences().getValue("SRC", "");
   PasswordCredential pwc = SSOPortletUtil.getCredentialsForSite(sso, site, request);
   if (pwc != null) {
     getContext(request).put(SSO_EDIT_FIELD_PRINCIPAL, pwc.getUserName());
     getContext(request).put(SSO_EDIT_FIELD_CREDENTIAL, pwc.getPassword());
   } else {
     // no credentials configured in SSO store
     // switch to SSO Configure View
     getContext(request).put(SSO_EDIT_FIELD_PRINCIPAL, "");
     getContext(request).put(SSO_EDIT_FIELD_CREDENTIAL, "");
   }
   StatusMessage msg =
       (StatusMessage) PortletMessaging.consume(request, "SSOWebContent", "status");
   if (msg != null) {
     this.getContext(request).put("statusMsg", msg);
   }
   this.getContext(request).put("ssoTypes", SSO_TYPES);
   this.getContext(request)
       .put("ssoTypeSelected", request.getPreferences().getValue("sso.type", SSO_TYPE_BASIC));
   super.doEdit(request, response);
 }
예제 #4
0
  protected byte[] doPreemptiveAuthentication(
      HttpClient client, HttpMethod method, RenderRequest request, RenderResponse response) {
    byte[] result = super.doPreemptiveAuthentication(client, method, request, response);
    if (result != null) {
      // already handled
      return result;
    }

    // System.out.println("SSOWebContentPortlet.doPreemptiveAuthentication...");

    PortletPreferences prefs = request.getPreferences();
    String type = getSingleSignOnAuthType(prefs);

    if (type.equalsIgnoreCase(SSO_TYPE_BASIC_PREEMPTIVE)) {
      // Preemptive, basic authentication
      String userName = (String) request.getAttribute(SSO_REQUEST_ATTRIBUTE_USERNAME);
      if (userName == null) userName = "";
      String password = (String) request.getAttribute(SSO_REQUEST_ATTRIBUTE_PASSWORD);
      if (password == null) password = "";

      // System.out.println("...performing preemptive basic authentication with userName:
      // "+userName+", and password: "******"");
        if (formAction == null || formAction.length() == 0) {
          log.warn(
              "sso.type specified as 'form', but no: "
                  + SSO_TYPE_FORM_ACTION_URL
                  + ", action was specified - unable to preemptively authenticate by form.");
          return null;
        }
        String userNameField = prefs.getValue(SSO_TYPE_FORM_USERNAME_FIELD, "");
        if (userNameField == null || userNameField.length() == 0) {
          log.warn(
              "sso.type specified as 'form', but no: "
                  + SSO_TYPE_FORM_USERNAME_FIELD
                  + ", username field was specified - unable to preemptively authenticate by form.");
          return null;
        }
        String passwordField = prefs.getValue(SSO_TYPE_FORM_PASSWORD_FIELD, "password");
        if (passwordField == null || passwordField.length() == 0) {
          log.warn(
              "sso.type specified as 'form', but no: "
                  + SSO_TYPE_FORM_PASSWORD_FIELD
                  + ", password field was specified - unable to preemptively authenticate by form.");
          return null;
        }

        String userName = (String) request.getAttribute(SSO_REQUEST_ATTRIBUTE_USERNAME);
        if (userName == null) userName = "";
        String password = (String) request.getAttribute(SSO_REQUEST_ATTRIBUTE_PASSWORD);
        if (password == null) password = "";

        // get submit method
        int i = type.indexOf('.');
        boolean isPost =
            i > 0
                ? type.substring(i + 1).equalsIgnoreCase("post")
                : true; // default to post, since it is a form

        // get parameter map
        HashMap formParams = new HashMap();
        formParams.put(userNameField, new String[] {userName});
        formParams.put(passwordField, new String[] {password});
        String formArgs = prefs.getValue(SSO_TYPE_FORM_ACTION_ARGS, "");
        if (formArgs != null && formArgs.length() > 0) {
          StringTokenizer iter = new StringTokenizer(formArgs, ";");
          while (iter.hasMoreTokens()) {
            String pair = iter.nextToken();
            i = pair.indexOf('=');
            if (i > 0) formParams.put(pair.substring(0, i), new String[] {pair.substring(i + 1)});
          }
        }

        // resuse client - in case new cookies get set - but create a new method (for the
        // formAction)
        String formMethod = (isPost) ? FORM_POST_METHOD : FORM_GET_METHOD;
        method =
            getHttpMethod(
                client,
                getURLSource(formAction, formParams, request, response),
                formParams,
                formMethod,
                request);
        // System.out.println("...posting credentials");
        result = doHttpWebContent(client, method, 0, request, response);
        // System.out.println("Result of attempted authorization: "+success);
        PortletMessaging.publish(request, FORM_AUTH_STATE, Boolean.valueOf(result != null));
        return result;
      } catch (Exception ex) {
        // bad
        log.error("Form-based authentication failed", ex);
      }
    } else if (type.equalsIgnoreCase(SSO_TYPE_URL) || type.equalsIgnoreCase(SSO_TYPE_URL_BASE64)) {
      // set user name and password parameters in the HttpMethod
      String userNameParam = prefs.getValue(SSO_TYPE_URL_USERNAME_PARAM, "");
      if (userNameParam == null || userNameParam.length() == 0) {
        log.warn(
            "sso.type specified as 'url', but no: "
                + SSO_TYPE_URL_USERNAME_PARAM
                + ", username parameter was specified - unable to preemptively authenticate by URL.");
        return null;
      }
      String passwordParam = prefs.getValue(SSO_TYPE_URL_PASSWORD_PARAM, "");
      if (passwordParam == null || passwordParam.length() == 0) {
        log.warn(
            "sso.type specified as 'url', but no: "
                + SSO_TYPE_URL_PASSWORD_PARAM
                + ", password parameter was specified - unable to preemptively authenticate by URL.");
        return null;
      }
      String userName = (String) request.getAttribute(SSO_REQUEST_ATTRIBUTE_USERNAME);
      if (userName == null) userName = "";
      String password = (String) request.getAttribute(SSO_REQUEST_ATTRIBUTE_PASSWORD);
      if (password == null) password = "";
      if (type.equalsIgnoreCase(SSO_TYPE_URL_BASE64)) {
        Base64 encoder = new Base64();
        userName = new String(encoder.encode(userName.getBytes()));
        password = new String(encoder.encode(password.getBytes()));
      }

      // GET and POST accept args differently
      if (method instanceof PostMethod) {
        // add POST data
        PostMethod postMethod = (PostMethod) method;
        postMethod.addParameter(userNameParam, userName);
        postMethod.addParameter(passwordParam, password);
      } else {
        // augment GET query string
        NameValuePair[] authPairs =
            new NameValuePair[] {
              new NameValuePair(userNameParam, userName), new NameValuePair(passwordParam, password)
            };
        String existingQuery = method.getQueryString();
        method.setQueryString(authPairs);
        if (existingQuery != null && existingQuery.length() > 0) {
          // augment existing query with new auth query
          existingQuery = existingQuery + '&' + method.getQueryString();
          method.setQueryString(existingQuery);
        }
      }

      return result;
    }
    // else System.out.println("...sso.type: "+type+", no pre-emptive authentication");

    // not handled
    return null;
  }