Author: fmeschbe
Date: Thu Feb 11 14:30:31 2010
New Revision: 908994
URL: http://svn.apache.org/viewvc?rev=908994&view=rev
Log:
SLING-1116 Ensure the FormLoginModulePlugin is actually registered as a service
(otherwise authenticaiton may fail). Also the resource attribute is set in the
extractRequestParameterAuthentication method to ensure a redirect takes place
after successful login
Modified:
sling/trunk/bundles/extensions/formauth/src/main/java/org/apache/sling/formauth/FormAuthenticationHandler.java
sling/trunk/bundles/extensions/formauth/src/main/java/org/apache/sling/formauth/FormLoginModulePlugin.java
Modified:
sling/trunk/bundles/extensions/formauth/src/main/java/org/apache/sling/formauth/FormAuthenticationHandler.java
URL:
http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/formauth/src/main/java/org/apache/sling/formauth/FormAuthenticationHandler.java?rev=908994&r1=908993&r2=908994&view=diff
==============================================================================
---
sling/trunk/bundles/extensions/formauth/src/main/java/org/apache/sling/formauth/FormAuthenticationHandler.java
(original)
+++
sling/trunk/bundles/extensions/formauth/src/main/java/org/apache/sling/formauth/FormAuthenticationHandler.java
Thu Feb 11 14:30:31 2010
@@ -42,6 +42,7 @@
import org.apache.sling.commons.auth.spi.DefaultAuthenticationFeedbackHandler;
import org.apache.sling.commons.osgi.OsgiUtil;
import org.osgi.framework.BundleContext;
+import org.osgi.framework.ServiceRegistration;
import org.osgi.service.component.ComponentContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -224,11 +225,25 @@
*/
private long sessionTimeout;
+ /**
+ * The name of the credentials attribute which is set to the cookie data
+ * to validate.
+ */
private String attrCookieAuthData;
+ /**
+ * The {...@link TokenStore} used to persist and check authentication data
+ */
private TokenStore tokenStore;
/**
+ * The {...@link FormLoginModulePlugin} service registration created when
+ * this authentication handler is registered. If the login module plugin
+ * cannot be created this field is set to <code>null</code>.
+ */
+ private ServiceRegistration loginModule;
+
+ /**
* Extracts cookie/session based credentials from the request. Returns
* <code>null</code> if the handler assumes HTTP Basic authentication would
* be more appropriate, if no form fields are present in the request and if
@@ -554,6 +569,15 @@
if (user != null && pwd != null) {
info = new AuthenticationInfo(HttpServletRequest.FORM_AUTH,
user, pwd.toCharArray());
+
+ // if this request is providing form credentials, we have to
+ // make sure, that the request is redirected after successful
+ // authentication, otherwise the request may be processed
+ // as a POST request to the j_security_check page (unless
+ // the j_validate parameter is set)
+ if (getLoginResource(request) == null) {
+ request.setAttribute(Authenticator.LOGIN_RESOURCE, "/");
+ }
}
}
@@ -661,6 +685,23 @@
componentContext.getBundleContext());
log.info("Storing tokens in ", tokenFile);
this.tokenStore = new TokenStore(tokenFile, sessionTimeout);
+
+ this.loginModule = null;
+ try {
+ this.loginModule = FormLoginModulePlugin.register(this,
+ componentContext.getBundleContext());
+ } catch (Throwable t) {
+ log.info("Cannot register FormLoginModulePlugin. This is expected
if Sling LoginModulePlugin services are not supported");
+ log.debug("dump", t);
+ }
+ }
+
+ protected void deactivate(
+ @SuppressWarnings("unused") ComponentContext componentContext) {
+ if (loginModule != null) {
+ loginModule.unregister();
+ loginModule = null;
+ }
}
/**
Modified:
sling/trunk/bundles/extensions/formauth/src/main/java/org/apache/sling/formauth/FormLoginModulePlugin.java
URL:
http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/formauth/src/main/java/org/apache/sling/formauth/FormLoginModulePlugin.java?rev=908994&r1=908993&r2=908994&view=diff
==============================================================================
---
sling/trunk/bundles/extensions/formauth/src/main/java/org/apache/sling/formauth/FormLoginModulePlugin.java
(original)
+++
sling/trunk/bundles/extensions/formauth/src/main/java/org/apache/sling/formauth/FormLoginModulePlugin.java
Thu Feb 11 14:30:31 2010
@@ -19,6 +19,7 @@
package org.apache.sling.formauth;
import java.security.Principal;
+import java.util.Hashtable;
import java.util.Map;
import java.util.Set;
@@ -28,12 +29,68 @@
import javax.security.auth.callback.CallbackHandler;
import org.apache.sling.jcr.jackrabbit.server.security.AuthenticationPlugin;
import org.apache.sling.jcr.jackrabbit.server.security.LoginModulePlugin;
-
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.Constants;
+import org.osgi.framework.ServiceRegistration;
+
+/**
+ * The <code>FormLoginModulePlugin</code> is a LoginModulePlugin which handles
+ * <code>SimpleCredentials</code> attributed with the special authentication
+ * data provided by the {...@link FormAuthenticationHandler}.
+ * <p>
+ * This class is instantiated by the {...@link FormAuthenticationHandler}
calling
+ * the {...@link #register(FormAuthenticationHandler, BundleContext)} method.
If
+ * the OSGi framework does not provide the <code>LoginModulePlugin</code>
+ * interface (such as when the Sling Jackrabbit Server bundle is not used to
+ * provide the JCR Repository), loading this class fails, which is caught by
the
+ * {...@link FormAuthenticationHandler}.
+ */
final class FormLoginModulePlugin implements LoginModulePlugin {
+ /**
+ * The {...@link FormAuthenticationHandler} used to validate the
credentials
+ * and its contents.
+ */
private final FormAuthenticationHandler authHandler;
- FormLoginModulePlugin(final FormAuthenticationHandler authHandler) {
+ /**
+ * Creates an instance of this class and registers it as a
+ * <code>LoginModulePlugin</code> service to handle login requests with
+ * <code>SimpleCredentials</code> provided by the
+ * {...@link FormAuthenticationHandler}.
+ *
+ * @param authHandler The {...@link FormAuthenticationHandler} providing
+ * support to validate the credentials
+ * @param bundleContext The <code>BundleContext</code> to register the
+ * service
+ * @return The <code>ServiceRegistration</code> of the registered service
for
+ * the {...@link FormAuthenticationHandler} to unregister the
service
+ * on shutdown.
+ */
+ static ServiceRegistration register(
+ final FormAuthenticationHandler authHandler,
+ final BundleContext bundleContext) {
+ FormLoginModulePlugin plugin = new FormLoginModulePlugin(authHandler);
+
+ Hashtable<String, Object> properties = new Hashtable<String, Object>();
+ properties.put(Constants.SERVICE_DESCRIPTION,
+ "LoginModulePlugin Support for FormAuthenticationHandler");
+ properties.put(Constants.SERVICE_VENDOR,
+
bundleContext.getBundle().getHeaders().get(Constants.BUNDLE_VENDOR));
+
+ return bundleContext.registerService(LoginModulePlugin.class.getName(),
+ plugin, properties);
+ }
+
+ /**
+ * Private constructor called from
+ * {...@link #register(FormAuthenticationHandler, BundleContext)} to
create an
+ * instance of this class.
+ *
+ * @param authHandler The {...@link FormAuthenticationHandler} used to
validate
+ * the credentials attribute
+ */
+ private FormLoginModulePlugin(final FormAuthenticationHandler authHandler)
{
this.authHandler = authHandler;
}
