1 |
|
|
2 |
|
|
3 |
|
|
4 |
|
|
5 |
|
|
6 |
|
|
7 |
|
|
8 |
|
|
9 |
|
|
10 |
|
|
11 |
|
|
12 |
|
|
13 |
|
|
14 |
|
|
15 |
|
|
16 |
|
|
17 |
|
package org.apache.jetspeed.login.filter; |
18 |
|
|
19 |
|
import java.io.IOException; |
20 |
|
import java.security.Principal; |
21 |
|
import java.util.HashSet; |
22 |
|
import java.util.Set; |
23 |
|
|
24 |
|
import javax.security.auth.Subject; |
25 |
|
import javax.servlet.Filter; |
26 |
|
import javax.servlet.FilterChain; |
27 |
|
import javax.servlet.FilterConfig; |
28 |
|
import javax.servlet.ServletException; |
29 |
|
import javax.servlet.ServletRequest; |
30 |
|
import javax.servlet.ServletResponse; |
31 |
|
import javax.servlet.http.HttpServletRequest; |
32 |
|
import javax.servlet.http.HttpSession; |
33 |
|
|
34 |
|
import org.apache.jetspeed.Jetspeed; |
35 |
|
import org.apache.jetspeed.PortalReservedParameters; |
36 |
|
import org.apache.jetspeed.administration.PortalAuthenticationConfiguration; |
37 |
|
import org.apache.jetspeed.administration.PortalConfiguration; |
38 |
|
import org.apache.jetspeed.audit.AuditActivity; |
39 |
|
import org.apache.jetspeed.login.LoginConstants; |
40 |
|
import org.apache.jetspeed.security.SecurityException; |
41 |
|
import org.apache.jetspeed.security.SecurityHelper; |
42 |
|
import org.apache.jetspeed.security.User; |
43 |
|
import org.apache.jetspeed.security.UserManager; |
44 |
|
import org.apache.jetspeed.security.UserPrincipal; |
45 |
|
import org.apache.jetspeed.security.impl.PrincipalsSet; |
46 |
|
import org.apache.jetspeed.security.impl.UserSubjectPrincipalImpl; |
47 |
|
|
48 |
0 |
public class PortalFilter implements Filter |
49 |
|
{ |
50 |
0 |
protected String guest = "guest"; |
51 |
|
|
52 |
|
public void init(FilterConfig filterConfig) throws ServletException |
53 |
|
{ |
54 |
0 |
PortalConfiguration config = Jetspeed.getConfiguration(); |
55 |
0 |
if (config != null) |
56 |
0 |
guest = config.getString("default.user.principal"); |
57 |
0 |
} |
58 |
|
|
59 |
|
public void doFilter(ServletRequest sRequest, |
60 |
|
ServletResponse sResponse, FilterChain filterChain) |
61 |
|
throws IOException, ServletException |
62 |
|
{ |
63 |
0 |
if (sRequest instanceof HttpServletRequest) |
64 |
|
{ |
65 |
0 |
HttpServletRequest request = (HttpServletRequest)sRequest; |
66 |
0 |
String username = request.getParameter(LoginConstants.USERNAME); |
67 |
0 |
String password = request.getParameter(LoginConstants.PASSWORD); |
68 |
0 |
if (username != null) |
69 |
|
{ |
70 |
0 |
UserManager userManager = (UserManager)Jetspeed.getComponentManager().getComponent("org.apache.jetspeed.security.UserManager"); |
71 |
0 |
AuditActivity audit = (AuditActivity)Jetspeed.getComponentManager().getComponent("org.apache.jetspeed.audit.AuditActivity"); |
72 |
0 |
boolean success = userManager.authenticate(username, password); |
73 |
0 |
if (success) |
74 |
|
{ |
75 |
0 |
audit.logUserActivity(username, request.getRemoteAddr(), AuditActivity.AUTHENTICATION_SUCCESS, "PortalFilter"); |
76 |
0 |
PortalAuthenticationConfiguration authenticationConfiguration = (PortalAuthenticationConfiguration) |
77 |
|
Jetspeed.getComponentManager().getComponent("org.apache.jetspeed.administration.PortalAuthenticationConfiguration"); |
78 |
0 |
if (authenticationConfiguration.isCreateNewSessionOnLogin()) |
79 |
|
{ |
80 |
0 |
request.getSession().invalidate(); |
81 |
|
} |
82 |
0 |
Subject subject = null; |
83 |
|
try |
84 |
|
{ |
85 |
|
|
86 |
0 |
User user = userManager.getUser(username); |
87 |
0 |
if ( user != null ) |
88 |
|
{ |
89 |
0 |
subject = user.getSubject(); |
90 |
|
} |
91 |
|
} |
92 |
0 |
catch (SecurityException sex) |
93 |
|
{ |
94 |
0 |
} |
95 |
0 |
if (subject == null) |
96 |
|
{ |
97 |
0 |
Set principals = new PrincipalsSet(); |
98 |
0 |
UserSubjectPrincipalImpl userPrincipal = new UserSubjectPrincipalImpl(username); |
99 |
0 |
principals.add(userPrincipal); |
100 |
0 |
subject = new Subject(true, principals, class="keyword">new HashSet(), class="keyword">new HashSet()); |
101 |
0 |
userPrincipal.setSubject(subject); |
102 |
|
} |
103 |
0 |
Principal principal = SecurityHelper.getPrincipal(subject, UserPrincipal.class); |
104 |
0 |
sRequest = wrapperRequest(request, subject, principal); |
105 |
0 |
request.getSession().removeAttribute(LoginConstants.ERRORCODE); |
106 |
0 |
HttpSession session = request.getSession(true); |
107 |
0 |
session.setAttribute(PortalReservedParameters.SESSION_KEY_SUBJECT, subject); |
108 |
|
|
109 |
0 |
} |
110 |
|
else |
111 |
|
{ |
112 |
0 |
audit.logUserActivity(username, request.getRemoteAddr(), AuditActivity.AUTHENTICATION_FAILURE, "PortalFilter"); |
113 |
0 |
request.getSession().setAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_INVALID_PASSWORD); |
114 |
|
} |
115 |
0 |
} |
116 |
|
else |
117 |
|
{ |
118 |
|
|
119 |
|
|
120 |
0 |
Subject subject = (Subject)request.getSession().getAttribute(PortalReservedParameters.SESSION_KEY_SUBJECT); |
121 |
0 |
if (subject != null) |
122 |
|
{ |
123 |
0 |
Principal principal = SecurityHelper.getPrincipal(subject, UserPrincipal.class); |
124 |
0 |
if (principal != null && principal.getName().equals(this.guest)) |
125 |
|
{ |
126 |
|
} |
127 |
|
else |
128 |
|
{ |
129 |
0 |
sRequest = wrapperRequest(request, subject, principal); |
130 |
|
} |
131 |
|
} |
132 |
|
} |
133 |
|
|
134 |
0 |
sRequest.setAttribute(PortalReservedParameters.PORTAL_FILTER_ATTRIBUTE, "true"); |
135 |
|
} |
136 |
|
|
137 |
0 |
if (filterChain != null) |
138 |
|
{ |
139 |
0 |
filterChain.doFilter(sRequest, sResponse); |
140 |
|
} |
141 |
0 |
} |
142 |
|
|
143 |
|
private ServletRequest wrapperRequest(HttpServletRequest request, Subject subject, Principal principal) |
144 |
|
{ |
145 |
0 |
PortalRequestWrapper wrapper = new PortalRequestWrapper(request, subject, principal); |
146 |
0 |
return wrapper; |
147 |
|
} |
148 |
|
|
149 |
|
public void destroy() |
150 |
|
{ |
151 |
0 |
} |
152 |
|
} |