Author: ajaquith
Date: Tue Apr 7 11:53:11 2009
New Revision: 762712
URL: http://svn.apache.org/viewvc?rev=762712&view=rev
Log:
As a result of the additional callback support for LoginModules used with
integrated authentication, AuthenticationManager gains a new method,
login(WikiSession,HttpServletRequest,String,String). Please use this instead of
login(WikiSession,String,String), which is now deprecated. This change has been
forward-ported to the (3.0) trunk.
Modified:
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/auth/AuthenticationManager.java
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/auth/user/DefaultUserProfile.java
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/auth/user/UserProfile.java
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/xmlrpc/MetaWeblogHandler.java
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/webdocs/Login.jsp
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/tests/com/ecyrd/jspwiki/TestEngine.java
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/tests/com/ecyrd/jspwiki/WikiSessionTest.java
Modified:
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/auth/AuthenticationManager.java
URL:
http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/auth/AuthenticationManager.java?rev=762712&r1=762711&r2=762712&view=diff
==============================================================================
---
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/auth/AuthenticationManager.java
(original)
+++
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/auth/AuthenticationManager.java
Tue Apr 7 11:53:11 2009
@@ -195,7 +195,7 @@
catch (ClassNotFoundException e)
{
e.printStackTrace();
- throw new WikiException(e.getMessage());
+ throw new WikiException( "Could not instantiate LoginModule
class.", e );
}
// Initialize the LoginModule options
@@ -330,6 +330,25 @@
/**
* Attempts to perform a WikiSession login for the given username/password
+ * combination using JSPWiki's custom authentication mode. This method is
identical to
+ * {...@link #login(WikiSession, String, String)}, except that user's HTTP
request is not made available
+ * to LoginModules via the {...@link
com.ecyrd.jspwiki.auth.login.HttpRequestCallback}.
+ * @param session the current wiki session; may not be <code>null</code>.
+ * @param username The user name. This is a login name, not a WikiName. In
+ * most cases they are the same, but in some cases, they might
+ * not be.
+ * @param password the password
+ * @return true, if the username/password is valid
+ * @throws com.ecyrd.jspwiki.auth.WikiSecurityException if the Authorizer
or UserManager cannot be obtained
+ * @deprecated use {...@link #login(WikiSession, HttpServletRequest,
String, String)} instead
+ */
+ public final boolean login( WikiSession session, String username, String
password ) throws WikiSecurityException
+ {
+ return login( session, null, username, password );
+ }
+
+ /**
+ * Attempts to perform a WikiSession login for the given username/password
* combination using JSPWiki's custom authentication mode. In order to log
in,
* the JAAS LoginModule supplied by the WikiEngine property {...@link
#PROP_LOGIN_MODULE}
* will be instantiated, and its
@@ -338,7 +357,9 @@
* class will be used. When the LoginModule's <code>initialize</code>
method is invoked,
* an options Map populated by properties keys prefixed by {...@link
#PREFIX_LOGIN_MODULE_OPTIONS}
* will be passed as a parameter.
- * @param session the current wiki session; may not be null.
+ * @param session the current wiki session; may not be <code>null</code>.
+ * @param request the user's HTTP request. This parameter may be
<code>null</code>, but the configured
+ * LoginModule will not have access to the HTTP request in this case.
* @param username The user name. This is a login name, not a WikiName. In
* most cases they are the same, but in some cases, they might
* not be.
@@ -346,7 +367,7 @@
* @return true, if the username/password is valid
* @throws com.ecyrd.jspwiki.auth.WikiSecurityException if the Authorizer
or UserManager cannot be obtained
*/
- public final boolean login( WikiSession session, String username, String
password ) throws WikiSecurityException
+ public final boolean login( WikiSession session, HttpServletRequest
request, String username, String password ) throws WikiSecurityException
{
if ( session == null )
{
@@ -360,9 +381,9 @@
delayLogin(username);
}
- UserManager userMgr = m_engine.getUserManager();
CallbackHandler handler = new WikiCallbackHandler(
- userMgr.getUserDatabase(),
+ m_engine,
+ null,
username,
password );
@@ -530,11 +551,11 @@
}
catch (InstantiationException e)
{
- throw new WikiSecurityException(e.getMessage());
+ throw new WikiSecurityException(e.getMessage(), e );
}
catch (IllegalAccessException e)
{
- throw new WikiSecurityException(e.getMessage());
+ throw new WikiSecurityException(e.getMessage(), e );
}
// Initialize the LoginModule
Modified:
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/auth/user/DefaultUserProfile.java
URL:
http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/auth/user/DefaultUserProfile.java?rev=762712&r1=762711&r2=762712&view=diff
==============================================================================
---
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/auth/user/DefaultUserProfile.java
(original)
+++
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/auth/user/DefaultUserProfile.java
Tue Apr 7 11:53:11 2009
@@ -232,7 +232,7 @@
/**
* Sets the name by which the user logs in. The login name is used as the
* username for custom authentication (see
- * {...@link
com.ecyrd.jspwiki.auth.AuthenticationManager#login(WikiSession, String,
String)}).
+ * {...@link
com.ecyrd.jspwiki.auth.AuthenticationManager#login(WikiSession,HttpServletRequest,
String, String)}).
* The login name is typically a short name ("jannej"). In contrast, the
* wiki name is typically of type FirstnameLastName ("JanneJalkanen").
* @param name the login name
Modified:
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/auth/user/UserProfile.java
URL:
http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/auth/user/UserProfile.java?rev=762712&r1=762711&r2=762712&view=diff
==============================================================================
---
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/auth/user/UserProfile.java
(original)
+++
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/auth/user/UserProfile.java
Tue Apr 7 11:53:11 2009
@@ -164,7 +164,7 @@
/**
* Sets the name by which the user logs in. The login name is used as the
* username for custom authentication (see
- * {...@link
com.ecyrd.jspwiki.auth.AuthenticationManager#login(WikiSession, String,
String)},
+ * {...@link
com.ecyrd.jspwiki.auth.AuthenticationManager#login(WikiSession,HttpServletRequest,
String, String)},
* {...@link com.ecyrd.jspwiki.auth.login.UserDatabaseLoginModule}). The
login
* name is typically a short name ("jannej"). In contrast, the wiki name is
* typically of type FirstnameLastName ("JanneJalkanen").
Modified:
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/xmlrpc/MetaWeblogHandler.java
URL:
http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/xmlrpc/MetaWeblogHandler.java?rev=762712&r1=762711&r2=762712&view=diff
==============================================================================
---
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/xmlrpc/MetaWeblogHandler.java
(original)
+++
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/com/ecyrd/jspwiki/xmlrpc/MetaWeblogHandler.java
Tue Apr 7 11:53:11 2009
@@ -87,7 +87,7 @@
AuthenticationManager amm =
m_context.getEngine().getAuthenticationManager();
AuthorizationManager mgr =
m_context.getEngine().getAuthorizationManager();
- if( amm.login( m_context.getWikiSession(), username, password ) )
+ if( amm.login( m_context.getWikiSession(),
m_context.getHttpRequest(), username, password ) )
{
if( !mgr.checkPermission( m_context.getWikiSession(),
PermissionFactory.getPagePermission( page, permission ) ))
{
Modified: incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/webdocs/Login.jsp
URL:
http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/webdocs/Login.jsp?rev=762712&r1=762711&r2=762712&view=diff
==============================================================================
--- incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/webdocs/Login.jsp
(original)
+++ incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/src/webdocs/Login.jsp Tue Apr
7 11:53:11 2009
@@ -99,7 +99,7 @@
log.debug( "Attempting to authenticate user " + uid );
// Log the user in!
- if ( mgr.login( wikiSession, uid, passwd ) )
+ if ( mgr.login( wikiSession, request, uid, passwd ) )
{
log.info( "Successfully authenticated user " + uid + " (custom
auth)" );
}
@@ -138,7 +138,7 @@
// If user logged in, set the user cookie with the wiki principal's name.
// redirect to wherever we're supposed to go. If login.jsp
// was called without parameters, this will be the front page. Otherwise,
- // there's probably a 'page' parameter telling us where to go.
+ // there's probably a 'redirect' parameter telling us where to go.
if( wikiSession.isAuthenticated() )
{
Modified:
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/tests/com/ecyrd/jspwiki/TestEngine.java
URL:
http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/tests/com/ecyrd/jspwiki/TestEngine.java?rev=762712&r1=762711&r2=762712&view=diff
==============================================================================
---
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/tests/com/ecyrd/jspwiki/TestEngine.java
(original)
+++
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/tests/com/ecyrd/jspwiki/TestEngine.java
Tue Apr 7 11:53:11 2009
@@ -43,7 +43,7 @@
// Set up long-running admin session
HttpServletRequest request = newHttpRequest();
m_adminWikiSession = WikiSession.getWikiSession( this, request );
- this.getAuthenticationManager().login( m_adminWikiSession,
+ this.getAuthenticationManager().login( m_adminWikiSession, request,
Users.ADMIN,
Users.ADMIN_PASS );
}
@@ -79,7 +79,7 @@
// Set up a test Janne session
HttpServletRequest request = newHttpRequest();
m_janneWikiSession = WikiSession.getWikiSession( this, request );
- this.getAuthenticationManager().login( m_janneWikiSession,
+ this.getAuthenticationManager().login( m_janneWikiSession, request,
Users.JANNE,
Users.JANNE_PASS );
}
@@ -298,7 +298,7 @@
// Build new request and associate our admin session
MockHttpServletRequest request = newHttpRequest();
WikiSession wikiSession = SessionMonitor.getInstance( this ).find(
request.getSession() );
- this.getAuthenticationManager().login( wikiSession,
+ this.getAuthenticationManager().login( wikiSession, request,
Users.ADMIN,
Users.ADMIN_PASS );
@@ -314,7 +314,7 @@
// Build new request and associate our Janne session
MockHttpServletRequest request = newHttpRequest();
WikiSession wikiSession = SessionMonitor.getInstance( this ).find(
request.getSession() );
- this.getAuthenticationManager().login( wikiSession,
+ this.getAuthenticationManager().login( wikiSession, request,
Users.JANNE,
Users.JANNE_PASS );
Modified:
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/tests/com/ecyrd/jspwiki/WikiSessionTest.java
URL:
http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/tests/com/ecyrd/jspwiki/WikiSessionTest.java?rev=762712&r1=762711&r2=762712&view=diff
==============================================================================
---
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/tests/com/ecyrd/jspwiki/WikiSessionTest.java
(original)
+++
incubator/jspwiki/branches/JSPWIKI_2_8_BRANCH/tests/com/ecyrd/jspwiki/WikiSessionTest.java
Tue Apr 7 11:53:11 2009
@@ -280,7 +280,7 @@
// Log in the user with credentials
WikiSession session = WikiSession.getWikiSession( engine, request );
- engine.getAuthenticationManager().login( session, id, password );
+ engine.getAuthenticationManager().login( session, request, id,
password );
// Make sure the user is actually authenticated
if ( !session.isAuthenticated() )
