taylor 2004/08/11 17:33:01
Added: src/java/org/apache/jetspeed/modules/actions
JAASSessionValidator.java
Log:
start of JAASSessionValidator (nothing here yet, just a shell)
CVS: ----------------------------------------------------------------------
CVS: PR:
CVS: If this change addresses a PR in the problem report tracking
CVS: database, then enter the PR number(s) here.
CVS: Obtained from:
CVS: If this change has been taken from another system, such as NCSA,
CVS: then name the system in this line, otherwise delete it.
CVS: Submitted by:
CVS: If this code has been contributed to Apache by someone else; i.e.,
CVS: they sent us a patch or a new module, then include their name/email
CVS: address here. If this is your work then delete this line.
CVS: Reviewed by:
CVS: If we are doing pre-commit code reviews and someone else has
CVS: reviewed your changes, include their name(s) here.
CVS: If you have not had it reviewed then delete this line.
Revision Changes Path
1.1
jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/JAASSessionValidator.java
Index: JAASSessionValidator.java
===================================================================
/*
* Copyright 2000-2004 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.jetspeed.modules.actions;
import java.security.Principal;
import org.apache.jetspeed.om.security.JetspeedUser;
import org.apache.jetspeed.services.logging.JetspeedLogFactoryService;
import org.apache.jetspeed.services.logging.JetspeedLogger;
import org.apache.turbine.util.RunData;
/**
* JAAS Session validator populates the Jetspeed User via the
servlet.getUserPrincipal() call
* When using this session validator, Authentication is delegated to the Application
Server.
* Recommend disabling all user login functionality via Jetspeed, and using your
web.xml
* to protect access to all Jetspeed resources:
*
* <security-constraints>
* <resources>
* <url>/*</url>
* </resources>
* </security-constraint>
*
* @author <a href="mailto:[EMAIL PROTECTED]">David Sean Taylor </a>
* @version $Id: JAASSessionValidator.java,v 1.1 2004/08/12 00:33:01 taylor Exp $
*/
public class JAASSessionValidator extends TemplateSessionValidator
{
private static final JetspeedLogger log =
JetspeedLogFactoryService.getLogger(JAASSessionValidator.class.getName());
public void doPerform(RunData data) throws Exception
{
super.doPerform(data);
Principal principal = data.getRequest().getUserPrincipal();
// TODO: make sure logged user is same as principal
JetspeedUser user = (JetspeedUser) data.getUser();
if (!user.hasLoggedIn())
{
}
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
