rogerrut 2005/01/28 14:37:51
Modified:
applications/security/src/java/org/apache/jetspeed/portlets/security/sso
SSODetails.java
Log:
SSO Update
--> Added group support. You can create an SSO entry for a group. A user will
be checked against each member of the group for a match
--> Added new API's which makes it easier to call from the UI since at that
point no subject is available.
--> Updated SSO Management portlets so that it handles groups
--> Cleanup of code and removal of unused imports
Revision Changes Path
1.9 +63 -20
jakarta-jetspeed-2/applications/security/src/java/org/apache/jetspeed/portlets/security/sso/SSODetails.java
Index: SSODetails.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed-2/applications/security/src/java/org/apache/jetspeed/portlets/security/sso/SSODetails.java,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- SSODetails.java 21 Jan 2005 22:09:22 -0000 1.8
+++ SSODetails.java 28 Jan 2005 22:37:51 -0000 1.9
@@ -74,9 +74,9 @@
throw new PortletException("Failed to find the User Manager on
portlet initialization");
}
groupManager = (GroupManager)
getPortletContext().getAttribute(SecurityResources.CPS_GROUP_MANAGER_COMPONENT);
- if (null == userManager)
+ if (null == groupManager)
{
- throw new PortletException("Failed to find the User Manager on
portlet initialization");
+ throw new PortletException("Failed to find the Group Manager on
portlet initialization");
}
}
@@ -169,7 +169,7 @@
String refresh = request.getParameter("sso.refresh");
String add = request.getParameter("sso.add");
String delete = request.getParameter("ssoDelete");
-
+
if (refresh != null)
{
this.clearBrowserIterator(request);
@@ -180,17 +180,37 @@
{
String siteName =
(String)PortletMessaging.receive(request, "site", "selectedUrl");
SSOSite site = sso.getSite(siteName);
- User user = userManager.getUser(delete);
- if (site != null && user != null)
- {
- Subject subject = user.getSubject();
- sso.removeCredentialsForSite(subject,
site.getSiteURL());
- this.clearBrowserIterator(request);
+ User user = null;
+ try
+ {
+ user = userManager.getUser(delete);
}
- }
- catch (SecurityException e)
- {
- publishStatusMessage(request, "SSODetails", "status", e,
"Could not remove credentials");
+ catch(SecurityException se)
+ {
+ // User doesn't exist -- maybe a group
+ user =null;
+ }
+
+ if ( site != null )
+ {
+ /*
+ * If the user is null try to remove a group
+ */
+ if ( user != null)
+ {
+ // Remove USER
+ Subject subject = user.getSubject();
+ sso.removeCredentialsForSite(subject,
site.getSiteURL());
+ this.clearBrowserIterator(request);
+ }
+ else
+ {
+ // Try group removal
+ String fullPath = "/group/" + delete;
+ sso.removeCredentialsForSite(fullPath,
site.getSiteURL());
+ this.clearBrowserIterator(request);
+ }
+ }
}
catch (SSOException e)
{
@@ -200,21 +220,44 @@
else if (add != null)
{
// Roger: here is the principal type
- String principalType =
request.getParameter("principal.type");
+ String principalType =
request.getParameter("principal.type"); //group user
String portalPrincipal =
request.getParameter("portal.principal");
String remotePrincipal =
request.getParameter("remote.principal");
String remoteCredential =
request.getParameter("remote.credential");
+
+ // The principal type can benull if the user just typed the
name instead of
+ // using the choosers.
+
+ if (principalType == null || principalType.length() == 0 )
+ principalType = "user";
+
if (!(isEmpty(remotePrincipal) || isEmpty(remotePrincipal)
|| isEmpty(remoteCredential)))
{
try
{
String siteName =
(String)PortletMessaging.receive(request, "site", "selectedUrl");
SSOSite site = sso.getSite(siteName);
- User user = userManager.getUser(portalPrincipal);
- if (site != null && user != null)
- {
- Subject subject = user.getSubject();
- sso.addCredentialsForSite(subject,
remotePrincipal, site.getSiteURL(), remoteCredential);
+ Subject subject = null;
+ String groupFullPath = null;
+
+ if (principalType.compareTo("user") == 0)
+ {
+ User user =
userManager.getUser(portalPrincipal);
+ subject = user.getSubject();
+ }
+ else
+ {
+ // Create fullPath
+ groupFullPath = "/group/" + portalPrincipal;
+ }
+
+ if (site != null && (subject != null ||
groupFullPath != null) )
+ {
+ if (subject != null )
+ sso.addCredentialsForSite(subject,
remotePrincipal, site.getSiteURL(), remoteCredential);
+ else
+ sso.addCredentialsForSite(groupFullPath,
remotePrincipal, site.getSiteURL(), remoteCredential);
+
this.clearBrowserIterator(request);
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
