This is an automated email from the ASF dual-hosted git repository. rombert pushed a commit to annotated tag org.apache.sling.auth.form-1.0.0 in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-auth-form.git
commit a812358a966a23283ec5a1b4658ff2fbd3fe50f6 Author: Felix Meschberger <[email protected]> AuthorDate: Thu Feb 11 14:30:31 2010 +0000 SLING-1116 Ensure the FormLoginModulePlugin is actually registered as a service (otherwise authenticaiton may fail). Also the resource attribute is set in the extractRequestParameterAuthentication method to ensure a redirect takes place after successful login git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/bundles/extensions/formauth@908994 13f79535-47bb-0310-9956-ffa450edef68 --- .../sling/formauth/FormAuthenticationHandler.java | 41 +++++++++++++++ .../sling/formauth/FormLoginModulePlugin.java | 59 +++++++++++++++++++++- 2 files changed, 99 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/apache/sling/formauth/FormAuthenticationHandler.java b/src/main/java/org/apache/sling/formauth/FormAuthenticationHandler.java index 5d8ed70..eedca08 100644 --- a/src/main/java/org/apache/sling/formauth/FormAuthenticationHandler.java +++ b/src/main/java/org/apache/sling/formauth/FormAuthenticationHandler.java @@ -42,6 +42,7 @@ import org.apache.sling.commons.auth.spi.AuthenticationInfo; import org.apache.sling.commons.auth.spi.DefaultAuthenticationFeedbackHandler; import org.apache.sling.commons.osgi.OsgiUtil; import org.osgi.framework.BundleContext; +import org.osgi.framework.ServiceRegistration; import org.osgi.service.component.ComponentContext; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -224,11 +225,25 @@ public class FormAuthenticationHandler implements AuthenticationHandler, */ private long sessionTimeout; + /** + * The name of the credentials attribute which is set to the cookie data + * to validate. + */ private String attrCookieAuthData; + /** + * The {@link TokenStore} used to persist and check authentication data + */ private TokenStore tokenStore; /** + * The {@link FormLoginModulePlugin} service registration created when + * this authentication handler is registered. If the login module plugin + * cannot be created this field is set to <code>null</code>. + */ + private ServiceRegistration loginModule; + + /** * Extracts cookie/session based credentials from the request. Returns * <code>null</code> if the handler assumes HTTP Basic authentication would * be more appropriate, if no form fields are present in the request and if @@ -554,6 +569,15 @@ public class FormAuthenticationHandler implements AuthenticationHandler, if (user != null && pwd != null) { info = new AuthenticationInfo(HttpServletRequest.FORM_AUTH, user, pwd.toCharArray()); + + // if this request is providing form credentials, we have to + // make sure, that the request is redirected after successful + // authentication, otherwise the request may be processed + // as a POST request to the j_security_check page (unless + // the j_validate parameter is set) + if (getLoginResource(request) == null) { + request.setAttribute(Authenticator.LOGIN_RESOURCE, "/"); + } } } @@ -661,6 +685,23 @@ public class FormAuthenticationHandler implements AuthenticationHandler, componentContext.getBundleContext()); log.info("Storing tokens in ", tokenFile); this.tokenStore = new TokenStore(tokenFile, sessionTimeout); + + this.loginModule = null; + try { + this.loginModule = FormLoginModulePlugin.register(this, + componentContext.getBundleContext()); + } catch (Throwable t) { + log.info("Cannot register FormLoginModulePlugin. This is expected if Sling LoginModulePlugin services are not supported"); + log.debug("dump", t); + } + } + + protected void deactivate( + @SuppressWarnings("unused") ComponentContext componentContext) { + if (loginModule != null) { + loginModule.unregister(); + loginModule = null; + } } /** diff --git a/src/main/java/org/apache/sling/formauth/FormLoginModulePlugin.java b/src/main/java/org/apache/sling/formauth/FormLoginModulePlugin.java index 6e95be2..31ee174 100644 --- a/src/main/java/org/apache/sling/formauth/FormLoginModulePlugin.java +++ b/src/main/java/org/apache/sling/formauth/FormLoginModulePlugin.java @@ -19,6 +19,7 @@ package org.apache.sling.formauth; import java.security.Principal; +import java.util.Hashtable; import java.util.Map; import java.util.Set; @@ -28,12 +29,68 @@ import javax.jcr.SimpleCredentials; import javax.security.auth.callback.CallbackHandler; import org.apache.sling.jcr.jackrabbit.server.security.AuthenticationPlugin; import org.apache.sling.jcr.jackrabbit.server.security.LoginModulePlugin; +import org.osgi.framework.BundleContext; +import org.osgi.framework.Constants; +import org.osgi.framework.ServiceRegistration; +/** + * The <code>FormLoginModulePlugin</code> is a LoginModulePlugin which handles + * <code>SimpleCredentials</code> attributed with the special authentication + * data provided by the {@link FormAuthenticationHandler}. + * <p> + * This class is instantiated by the {@link FormAuthenticationHandler} calling + * the {@link #register(FormAuthenticationHandler, BundleContext)} method. If + * the OSGi framework does not provide the <code>LoginModulePlugin</code> + * interface (such as when the Sling Jackrabbit Server bundle is not used to + * provide the JCR Repository), loading this class fails, which is caught by the + * {@link FormAuthenticationHandler}. + */ final class FormLoginModulePlugin implements LoginModulePlugin { + /** + * The {@link FormAuthenticationHandler} used to validate the credentials + * and its contents. + */ private final FormAuthenticationHandler authHandler; - FormLoginModulePlugin(final FormAuthenticationHandler authHandler) { + /** + * Creates an instance of this class and registers it as a + * <code>LoginModulePlugin</code> service to handle login requests with + * <code>SimpleCredentials</code> provided by the + * {@link FormAuthenticationHandler}. + * + * @param authHandler The {@link FormAuthenticationHandler} providing + * support to validate the credentials + * @param bundleContext The <code>BundleContext</code> to register the + * service + * @return The <code>ServiceRegistration</code> of the registered service for + * the {@link FormAuthenticationHandler} to unregister the service + * on shutdown. + */ + static ServiceRegistration register( + final FormAuthenticationHandler authHandler, + final BundleContext bundleContext) { + FormLoginModulePlugin plugin = new FormLoginModulePlugin(authHandler); + + Hashtable<String, Object> properties = new Hashtable<String, Object>(); + properties.put(Constants.SERVICE_DESCRIPTION, + "LoginModulePlugin Support for FormAuthenticationHandler"); + properties.put(Constants.SERVICE_VENDOR, + bundleContext.getBundle().getHeaders().get(Constants.BUNDLE_VENDOR)); + + return bundleContext.registerService(LoginModulePlugin.class.getName(), + plugin, properties); + } + + /** + * Private constructor called from + * {@link #register(FormAuthenticationHandler, BundleContext)} to create an + * instance of this class. + * + * @param authHandler The {@link FormAuthenticationHandler} used to validate + * the credentials attribute + */ + private FormLoginModulePlugin(final FormAuthenticationHandler authHandler) { this.authHandler = authHandler; } -- To stop receiving notification emails like this one, please contact "[email protected]" <[email protected]>.
