Author: keith
Date: Fri Jan 18 23:56:46 2008
New Revision: 12502
Log:
Adding new service to authenticate for th infocard case.
Updating InfoCardHandler to use this new login service
Engaging the new security policy to the MashupLoginServiceIC
Added:
trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/LoginUtil.java
trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/MashupLoginServiceIC.java
trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/MashupLoginServiceUT.java
- copied, changed from r12459,
trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/MashupLoginService.java
Removed:
trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/MashupLoginService.java
Modified:
trunk/mashup/java/modules/admin/service/META-INF/services.xml
trunk/mashup/java/modules/core/src/org/wso2/mashup/transport/MashupServerInitializer.java
trunk/mashup/java/modules/core/src/org/wso2/mashup/utils/MashupUtils.java
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/identity/InfoCardHandler.java
Modified: trunk/mashup/java/modules/admin/service/META-INF/services.xml
==============================================================================
--- trunk/mashup/java/modules/admin/service/META-INF/services.xml
(original)
+++ trunk/mashup/java/modules/admin/service/META-INF/services.xml Fri Jan
18 23:56:46 2008
@@ -21,7 +21,7 @@
This service holds the login operation.
Once this is called user can invoke othjer operations under this
serviceGroup.
</Description>
- <parameter
name="ServiceClass">org.wso2.mashup.admin.service.MashupLoginService</parameter>
+ <parameter
name="ServiceClass">org.wso2.mashup.admin.service.MashupLoginServiceUT</parameter>
<schema schemaNamespace="http://service.admin.mashup.wso2.org/xsd"/>
</service>
<service name="MashupLoginServiceIC" scope="transportsession">
@@ -29,8 +29,11 @@
This service holds the login operation.
Once this is called user can invoke othjer operations under this
serviceGroup.
</Description>
- <parameter
name="ServiceClass">org.wso2.mashup.admin.service.MashupLoginService</parameter>
+ <parameter
name="ServiceClass">org.wso2.mashup.admin.service.MashupLoginServiceIC</parameter>
<schema schemaNamespace="http://service.admin.mashup.wso2.org/xsd"/>
+ <operation name="login">
+ <messageReceiver
class="org.apache.axis2.rpc.receivers.RPCMessageReceiver"/>
+ </operation>
</service>
<service name="MashupAdminService" scope="transportsession">
<Description>
Added:
trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/LoginUtil.java
==============================================================================
--- (empty file)
+++
trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/LoginUtil.java
Fri Jan 18 23:56:46 2008
@@ -0,0 +1,101 @@
+/*
+ * Copyright 2006,2007 WSO2, Inc. http://www.wso2.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.wso2.mashup.admin.service;
+
+import java.text.SimpleDateFormat;
+import java.util.Date;
+import java.util.Calendar;
+
+import org.wso2.wsas.persistence.dataobject.ServiceUserDO;
+import org.wso2.wsas.persistence.exception.ServiceUserNotFoundException;
+import org.wso2.wsas.persistence.PersistenceManager;
+import org.wso2.usermanager.Realm;
+import org.wso2.usermanager.UserStoreReader;
+import org.wso2.usermanager.UserManagerException;
+/*
+ * Copyright 2006,2007 WSO2, Inc. http://www.wso2.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.wso2.registry.RegistryConstants;
+import org.wso2.mashup.MashupFault;
+import org.apache.axis2.context.MessageContext;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+public class LoginUtil {
+
+ private static final Log log = LogFactory.getLog(LoginUtil.class);
+
+ public static void updateDB(MessageContext msgCtx, String username) throws
MashupFault {
+ PersistenceManager pm = new PersistenceManager();
+ SimpleDateFormat date = new SimpleDateFormat("'['yyyy-MM-dd
HH:mm:ss,SSSS']'");
+ Date currentTime = Calendar.getInstance().getTime();
+ ServiceUserDO user = pm.getUser(username);
+ String remoteIP = (String)
msgCtx.getProperty(MessageContext.REMOTE_ADDR);
+
+ Realm realm = (Realm)
msgCtx.getConfigurationContext().getAxisConfiguration()
+ .getParameterValue(RegistryConstants.REGISTRY_REALM);
+ boolean isAdmin = false;
+ try {
+ UserStoreReader storeReader = realm.getUserStoreReader();
+ String[] userRoles = storeReader.getUserRoles(username);
+ for (int i = 0; i < userRoles.length; i++) {
+ if (RegistryConstants.ADMIN_ROLE.equals(userRoles[i])) {
+ isAdmin = true;
+ }
+ }
+ } catch (UserManagerException e) {
+ throw new MashupFault("Cannot get role details of user " +
username + " from database", e);
+ }
+
+ if (isAdmin) {
+ log.info("Administrator \'" + username + "' logged in at " +
date.format(currentTime) +
+ " from IP address " + remoteIP);
+ } else {
+ log.info("User \'" + username + "' logged in at " +
date.format(currentTime) +
+ " from IP address " + remoteIP);
+ }
+
+ if (user.getLastLoggedIn() != null) {
+ log.info("Last successful login at " +
date.format(user.getLastLoggedIn()) +
+ " from IP Address " + user.getLastLoginIP());
+ }
+ if (user.getLastFailedLogIn() != null) {
+ log.info("Last failed login at " +
date.format(user.getLastFailedLogIn()) +
+ " from IP Address " + user.getLastFailedLoginIP());
+ }
+ user.setLastLoggedIn(currentTime);
+ user.setLastLoginIP(remoteIP);
+ try {
+ pm.updateUser(user);
+ } catch (ServiceUserNotFoundException e) {
+ throw new MashupFault("Cannot find user " + username + " details
in database", e);
+ }
+ }
+}
Added:
trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/MashupLoginServiceIC.java
==============================================================================
--- (empty file)
+++
trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/MashupLoginServiceIC.java
Fri Jan 18 23:56:46 2008
@@ -0,0 +1,46 @@
+package org.wso2.mashup.admin.service;
+
+import org.apache.axis2.context.MessageContext;
+import org.apache.axis2.context.ServiceGroupContext;
+import org.apache.axis2.engine.AxisConfiguration;
+import org.wso2.mashup.MashupConstants;
+import org.wso2.mashup.MashupFault;
+import org.wso2.registry.RegistryConstants;
+import org.wso2.usermanager.Realm;
+import org.wso2.usermanager.UserManagerException;
+import org.wso2.usermanager.UserStoreReader;
+
+public class MashupLoginServiceIC {
+
+ public String login(String ppid) throws MashupFault {
+
+ MessageContext msgCtx = MessageContext.getCurrentMessageContext();
+
+ ServiceGroupContext sgCtx = msgCtx.getServiceGroupContext();
+
+ String username = null;
+ AxisConfiguration configuration =
msgCtx.getConfigurationContext().getAxisConfiguration();
+
+ Realm realm = (Realm)
configuration.getParameterValue(RegistryConstants.REGISTRY_REALM);
+ try {
+ UserStoreReader storeReader = realm.getUserStoreReader();
+ // Null for key gets all users with the PPID - there can be only
one.
+ String[] userNames =
storeReader.getUserNamesWithPropertyValue(null, ppid);
+
+ // If a name is returned, instantiate a secure registry for user.
+ if (userNames.length == 1) {
+ username = userNames[0];
+ }
+ } catch (UserManagerException e) {
+ throw new MashupFault("Exception while processing ppid : " + ppid,
e);
+ }
+
+ if (username == null) {
+ throw new MashupFault("User cannot be found for the ppid : " +
ppid);
+ }
+
+ LoginUtil.updateDB(msgCtx, username);
+ sgCtx.setProperty(MashupConstants.USER_LOGGED_IN, "true");
+ return username;
+ }
+}
Copied:
trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/MashupLoginServiceUT.java
(from r12459,
trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/MashupLoginService.java)
==============================================================================
---
trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/MashupLoginService.java
(original)
+++
trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/MashupLoginServiceUT.java
Fri Jan 18 23:56:46 2008
@@ -18,30 +18,15 @@
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.context.ServiceGroupContext;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.handler.WSHandlerResult;
import org.wso2.mashup.MashupConstants;
import org.wso2.mashup.MashupFault;
-import org.wso2.wsas.persistence.PersistenceManager;
-import org.wso2.wsas.persistence.dataobject.ServiceUserDO;
-import org.wso2.wsas.persistence.exception.ServiceUserNotFoundException;
-import org.wso2.usermanager.Realm;
-import org.wso2.usermanager.UserStoreReader;
-import org.wso2.usermanager.UserManagerException;
-import org.wso2.registry.RegistryConstants;
-
-import java.text.SimpleDateFormat;
-import java.util.Calendar;
-import java.util.Date;
-import java.util.Vector;
-public class MashupLoginService {
+import java.util.Vector;
- private static final Log log = LogFactory.getLog(MashupLoginService.class);
- private PersistenceManager pm = new PersistenceManager();
+public class MashupLoginServiceUT {
/**
* This is the operation that should be called in order to login to the
mashup server. This operation requires the
@@ -77,50 +62,8 @@
throw new MashupFault("Username not present in the request
results");
}
- SimpleDateFormat date = new SimpleDateFormat("'['yyyy-MM-dd
HH:mm:ss,SSSS']'");
- Date currentTime = Calendar.getInstance().getTime();
- ServiceUserDO user = pm.getUser(username);
- String remoteIP = (String)
msgCtx.getProperty(MessageContext.REMOTE_ADDR);
+ LoginUtil.updateDB(msgCtx, username);
sgCtx.setProperty(MashupConstants.USER_LOGGED_IN, "true");
-
- Realm realm = (Realm)
msgCtx.getConfigurationContext().getAxisConfiguration()
- .getParameterValue(RegistryConstants.REGISTRY_REALM);
- boolean isAdmin = false;
- try {
- UserStoreReader storeReader = realm.getUserStoreReader();
- String[] userRoles = storeReader.getUserRoles(username);
- for (int i = 0; i < userRoles.length; i++) {
- if (RegistryConstants.ADMIN_ROLE.equals(userRoles[i])) {
- isAdmin = true;
- }
- }
- } catch (UserManagerException e) {
- throw new MashupFault("Cannot get role details of user " +
username + " from database", e);
- }
-
- if (isAdmin) {
- log.info("Administrator \'" + username + "' logged in at " +
date.format(currentTime) +
- " from IP address " + remoteIP);
- } else {
- log.info("User \'" + username + "' logged in at " +
date.format(currentTime) +
- " from IP address " + remoteIP);
- }
-
- if (user.getLastLoggedIn() != null) {
- log.info("Last successful login at " +
date.format(user.getLastLoggedIn()) +
- " from IP Address " + user.getLastLoginIP());
- }
- if (user.getLastFailedLogIn() != null) {
- log.info("Last failed login at " +
date.format(user.getLastFailedLogIn()) +
- " from IP Address " + user.getLastFailedLoginIP());
- }
- user.setLastLoggedIn(currentTime);
- user.setLastLoginIP(remoteIP);
- try {
- pm.updateUser(user);
- } catch (ServiceUserNotFoundException e) {
- throw new MashupFault("Cannot find user " + username + " details
in database", e);
- }
return true;
}
Modified:
trunk/mashup/java/modules/core/src/org/wso2/mashup/transport/MashupServerInitializer.java
==============================================================================
---
trunk/mashup/java/modules/core/src/org/wso2/mashup/transport/MashupServerInitializer.java
(original)
+++
trunk/mashup/java/modules/core/src/org/wso2/mashup/transport/MashupServerInitializer.java
Fri Jan 18 23:56:46 2008
@@ -93,6 +93,11 @@
new String[] { },
new String[] {
MashupConstants.MASHUP_USER_ROLE });
+
admin.assignUsersAndRolesAndKeyStores(MashupConstants.MASHUP_LOGIN_SERVICEIC,
null, "scenario22",
+ new String [] {keyStoreName}, keyStoreName,
+ new String[] { },
+ new String[] {
MashupConstants.MASHUP_USER_ROLE });
+
// Delete wsas-created 'admin' user, as a primary user is
explicitly created.
UserStoreAdmin userStoreAdmin = realm.getUserStoreAdmin();
if (userStoreAdmin.isExistingUser(RegistryConstants.ADMIN_USER) &&
Modified:
trunk/mashup/java/modules/core/src/org/wso2/mashup/utils/MashupUtils.java
==============================================================================
--- trunk/mashup/java/modules/core/src/org/wso2/mashup/utils/MashupUtils.java
(original)
+++ trunk/mashup/java/modules/core/src/org/wso2/mashup/utils/MashupUtils.java
Fri Jan 18 23:56:46 2008
@@ -16,6 +16,7 @@
package org.wso2.mashup.utils;
import org.apache.axiom.om.impl.builder.StAXOMBuilder;
+import org.apache.axiom.om.OMElement;
import org.apache.axis2.AxisFault;
import org.apache.axis2.addressing.EndpointReference;
import org.apache.axis2.client.Options;
@@ -24,6 +25,7 @@
import org.apache.axis2.context.ConfigurationContextFactory;
import org.apache.axis2.deployment.DeploymentEngine;
import org.apache.axis2.description.AxisService;
+import org.apache.axis2.rpc.client.RPCServiceClient;
import org.apache.axis2.transport.http.HTTPConstants;
import org.apache.axis2.transport.http.util.URIEncoderDecoder;
import org.apache.axis2.util.XMLChar;
@@ -46,6 +48,7 @@
import javax.management.*;
import javax.xml.stream.XMLStreamException;
+import javax.xml.namespace.QName;
import java.io.*;
import java.util.ArrayList;
import java.util.Hashtable;
@@ -399,6 +402,45 @@
}
}
+ public static String login(String ppid, String cookieSting) throws
MashupFault {
+ try {
+ ServerManager serverManager = ServerManager.getInstance();
+ ConfigurationContext context = serverManager.configContext;
+ ConfigurationContext defaultConfigurationContext =
+
ConfigurationContextFactory.createDefaultConfigurationContext();
+
defaultConfigurationContext.setAxisConfiguration(context.getAxisConfiguration());
+ RPCServiceClient client = new
RPCServiceClient(defaultConfigurationContext, null);
+ client.engageModule("rampart");
+ client.engageModule("addressing");
+ Options options = client.getOptions();
+ options.setAction("urn:login");
+ options.setTo(new EndpointReference("http://localhost:"; +
serverManager.getHttpPort() +
+ context.getContextRoot() + context.getServicePath() +
"/MashupLoginServiceIC/login"));
+ options.setProperty(HTTPConstants.COOKIE_STRING, "JSESSIONID=" +
cookieSting);
+ options.setManageSession(true);
+ client.setOptions(options);
+ String wso2wsasHome = System.getProperty("wso2wsas.home");
+ Policy stsPolicy = loadPolicy(wso2wsasHome + File.separator +
+ "conf" + File.separator + "rampart" + File.separator +
"scenario22-policy.xml");
+
client.getServiceContext().setProperty(RampartMessageData.KEY_RAMPART_POLICY,
stsPolicy);
+ QName opAddEntry = new
QName("http://service.admin.mashup.wso2.org/xsd";, "login");
+
+ // parameters to the service ServiceName string, service file name,
+ // dataHandler of the bundled archive
+ Object[] opAddEntryArgs = new Object[] {ppid};
+ OMElement omElement = client.invokeBlocking(opAddEntry,
opAddEntryArgs);
+ OMElement returnElement = omElement.getFirstChildWithName(new
QName(
+ "http://service.admin.mashup.wso2.org/xsd";, "return"));
+ return returnElement.getText();
+ } catch (AxisFault axisFault) {
+ throw new MashupFault(axisFault);
+ } catch (XMLStreamException e) {
+ throw new MashupFault(e);
+ } catch (Exception e) {
+ throw new MashupFault(e);
+ }
+ }
+
private static Policy loadPolicy(String xmlPath) throws XMLStreamException,
FileNotFoundException {
Modified:
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/identity/InfoCardHandler.java
==============================================================================
---
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/identity/InfoCardHandler.java
(original)
+++
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/identity/InfoCardHandler.java
Fri Jan 18 23:56:46 2008
@@ -18,8 +18,9 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.mashup.MashupConstants;
+import org.wso2.mashup.MashupFault;
+import org.wso2.mashup.utils.MashupUtils;
import org.wso2.mashup.webapp.utils.RegistryUtils;
-import org.wso2.registry.Registry;
import org.wso2.registry.RegistryConstants;
import org.wso2.registry.RegistryException;
import org.wso2.registry.jdbc.JDBCRegistry;
@@ -29,10 +30,10 @@
import org.wso2.usermanager.Realm;
import org.wso2.usermanager.UserManagerException;
import org.wso2.usermanager.UserStoreAdmin;
-import org.wso2.usermanager.UserStoreReader;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
import java.util.Map;
/**
@@ -47,43 +48,31 @@
* @param request Servlet request object, contains the attributes supplied
by the infocard.
* @return true if values have been retrieved successfully.
*/
- public static boolean signIn(HttpServletRequest request) {
+ public static boolean signIn(HttpServletRequest request) throws
MashupFault {
log.debug("Signing in using info card.");
boolean success = false;
// If infocard has been successfully used, proceed.
String auth = (String)
request.getAttribute(TokenVerifierConstants.SERVLET_ATTR_STATE);
if (TokenVerifierConstants.STATE_SUCCESS.equals(auth)) {
- // Get the ppid attribute supplied by info card.
- String ppid = (String)
request.getAttribute(IdentityConstants.CLAIM_PPID);
-
- // If the ppid has been retrieved, proceed with ppid validation.
- if (ppid != null) {
- ServletContext context =
request.getSession().getServletContext();
- JDBCRegistry jdbcRegistry =
+ HttpSession session = request.getSession();
+ ServletContext context = session.getServletContext();
+ JDBCRegistry jdbcRegistry =
(JDBCRegistry)
context.getAttribute(RegistryConstants.REGISTRY);
Realm realm = (Realm)
context.getAttribute(RegistryConstants.REGISTRY_REALM);
- try {
- UserStoreReader storeReader = realm.getUserStoreReader();
- // Null for key gets all users with the PPID - there can
be only one.
- String[] userNames =
storeReader.getUserNamesWithPropertyValue(null, ppid);
-
- // If a name is returned, instantiate a secure registry
for user.
- if (userNames.length == 1) {
- SecureRegistry secureRegistry = new
SecureRegistry(userNames[0],
-
jdbcRegistry, realm);
-
request.getSession().setAttribute(MashupConstants.USER_REGISTRY,
+ String ppid = (String)
request.getAttribute(IdentityConstants.CLAIM_PPID);
+ String userName = MashupUtils.login(ppid, session.getId());
+ SecureRegistry secureRegistry = null;
+ try {
+ secureRegistry = new SecureRegistry(userName,
+
jdbcRegistry, realm);
+ } catch (RegistryException e) {
+ log.error("Cannot get secureRegistry for user " + userName);
+ throw new MashupFault("Cannot get secureRegistry for user " +
userName, e);
+ }
+ request.getSession().setAttribute(MashupConstants.USER_REGISTRY,
secureRegistry);
success = true;
- }
- } catch (UserManagerException e) {
- log.error("Error retrieving user associated with info
card", e);
- } catch (RegistryException e) {
- log.error("Error getting secure registry instance for
user", e);
- }
- } else {
- log.error("Required parameters not provided by info card");
- }
} else {
String reason =
(String)
request.getAttribute(TokenVerifierConstants.FAILURE_REASON);
_______________________________________________
Mashup-dev mailing list
[email protected]
http://www.wso2.org/cgi-bin/mailman/listinfo/mashup-dev
