rogerrut 2005/01/28 14:37:51 Modified: applications/security/src/java/org/apache/jetspeed/portlets/security/sso SSODetails.java Log: SSO Update --> Added group support. You can create an SSO entry for a group. A user will be checked against each member of the group for a match --> Added new API's which makes it easier to call from the UI since at that point no subject is available. --> Updated SSO Management portlets so that it handles groups --> Cleanup of code and removal of unused imports Revision Changes Path 1.9 +63 -20 jakarta-jetspeed-2/applications/security/src/java/org/apache/jetspeed/portlets/security/sso/SSODetails.java Index: SSODetails.java =================================================================== RCS file: /home/cvs/jakarta-jetspeed-2/applications/security/src/java/org/apache/jetspeed/portlets/security/sso/SSODetails.java,v retrieving revision 1.8 retrieving revision 1.9 diff -u -r1.8 -r1.9 --- SSODetails.java 21 Jan 2005 22:09:22 -0000 1.8 +++ SSODetails.java 28 Jan 2005 22:37:51 -0000 1.9 @@ -74,9 +74,9 @@ throw new PortletException("Failed to find the User Manager on portlet initialization"); } groupManager = (GroupManager) getPortletContext().getAttribute(SecurityResources.CPS_GROUP_MANAGER_COMPONENT); - if (null == userManager) + if (null == groupManager) { - throw new PortletException("Failed to find the User Manager on portlet initialization"); + throw new PortletException("Failed to find the Group Manager on portlet initialization"); } } @@ -169,7 +169,7 @@ String refresh = request.getParameter("sso.refresh"); String add = request.getParameter("sso.add"); String delete = request.getParameter("ssoDelete"); - + if (refresh != null) { this.clearBrowserIterator(request); @@ -180,17 +180,37 @@ { String siteName = (String)PortletMessaging.receive(request, "site", "selectedUrl"); SSOSite site = sso.getSite(siteName); - User user = userManager.getUser(delete); - if (site != null && user != null) - { - Subject subject = user.getSubject(); - sso.removeCredentialsForSite(subject, site.getSiteURL()); - this.clearBrowserIterator(request); + User user = null; + try + { + user = userManager.getUser(delete); } - } - catch (SecurityException e) - { - publishStatusMessage(request, "SSODetails", "status", e, "Could not remove credentials"); + catch(SecurityException se) + { + // User doesn't exist -- maybe a group + user =null; + } + + if ( site != null ) + { + /* + * If the user is null try to remove a group + */ + if ( user != null) + { + // Remove USER + Subject subject = user.getSubject(); + sso.removeCredentialsForSite(subject, site.getSiteURL()); + this.clearBrowserIterator(request); + } + else + { + // Try group removal + String fullPath = "/group/" + delete; + sso.removeCredentialsForSite(fullPath, site.getSiteURL()); + this.clearBrowserIterator(request); + } + } } catch (SSOException e) { @@ -200,21 +220,44 @@ else if (add != null) { // Roger: here is the principal type - String principalType = request.getParameter("principal.type"); + String principalType = request.getParameter("principal.type"); //group user String portalPrincipal = request.getParameter("portal.principal"); String remotePrincipal = request.getParameter("remote.principal"); String remoteCredential = request.getParameter("remote.credential"); + + // The principal type can benull if the user just typed the name instead of + // using the choosers. + + if (principalType == null || principalType.length() == 0 ) + principalType = "user"; + if (!(isEmpty(remotePrincipal) || isEmpty(remotePrincipal) || isEmpty(remoteCredential))) { try { String siteName = (String)PortletMessaging.receive(request, "site", "selectedUrl"); SSOSite site = sso.getSite(siteName); - User user = userManager.getUser(portalPrincipal); - if (site != null && user != null) - { - Subject subject = user.getSubject(); - sso.addCredentialsForSite(subject, remotePrincipal, site.getSiteURL(), remoteCredential); + Subject subject = null; + String groupFullPath = null; + + if (principalType.compareTo("user") == 0) + { + User user = userManager.getUser(portalPrincipal); + subject = user.getSubject(); + } + else + { + // Create fullPath + groupFullPath = "/group/" + portalPrincipal; + } + + if (site != null && (subject != null || groupFullPath != null) ) + { + if (subject != null ) + sso.addCredentialsForSite(subject, remotePrincipal, site.getSiteURL(), remoteCredential); + else + sso.addCredentialsForSite(groupFullPath, remotePrincipal, site.getSiteURL(), remoteCredential); + this.clearBrowserIterator(request); } }
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]