1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.apache.jetspeed.portlet;
18
19 import java.io.IOException;
20 import java.security.AccessControlContext;
21 import java.security.AccessController;
22
23 import javax.portlet.ActionRequest;
24 import javax.portlet.ActionResponse;
25 import javax.portlet.PortletConfig;
26 import javax.portlet.PortletContext;
27 import javax.portlet.PortletException;
28 import javax.portlet.PortletPreferences;
29 import javax.portlet.RenderRequest;
30 import javax.portlet.RenderResponse;
31 import javax.security.auth.Subject;
32
33 import org.apache.commons.codec.binary.Base64;
34 import org.apache.jetspeed.security.JSSubject;
35 import org.apache.jetspeed.sso.SSOContext;
36 import org.apache.jetspeed.sso.SSOException;
37 import org.apache.jetspeed.sso.SSOProvider;
38
39 /***
40 * SSOIFramePortlet
41 *
42 * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
43 * @version $Id: SSOIFramePortlet.java 598994 2007-11-28 13:31:43Z ate $
44 */
45 public class SSOIFramePortlet extends IFrameGenericPortlet
46 {
47 public static final String SSO_TYPE = "sso.type";
48 public static final String SSO_TYPE_URL = "url";
49 public static final String SSO_TYPE_URL_BASE64 = "url.base64";
50 public static final String SSO_TYPE_HTTP = "http";
51 public static final String SSO_TYPE_CERTIFICATE = "certificate";
52
53 public static final String SSO_TYPE_URL_USERNAME = "sso.url.Principal";
54 public static final String SSO_TYPE_URL_PASSWORD = "sso.url.Credential";
55
56 public static final String SSO_REQUEST_ATTRIBUTE_USERNAME = "sso.ra.username";
57 public static final String SSO_REQUEST_ATTRIBUTE_PASSWORD = "sso.ra.password";
58
59
60
61
62 public static final String SSO_FORM_PRINCIPAL = "ssoPrincipal";
63 public static final String SSO_FORM_CREDENTIAL = "ssoCredential";
64
65 private PortletContext context;
66 private SSOProvider sso;
67
68 public void init(PortletConfig config) throws PortletException
69 {
70 super.init(config);
71 context = getPortletContext();
72 sso = (SSOProvider)context.getAttribute("cps:SSO");
73 if (null == sso)
74 {
75 throw new PortletException("Failed to find SSO Provider on portlet initialization");
76 }
77 }
78
79 public void doEdit(RenderRequest request, RenderResponse response)
80 throws PortletException, IOException
81 {
82 try
83 {
84 Subject subject = getSubject();
85 String site = request.getPreferences().getValue("SRC", "");
86 SSOContext context = sso.getCredentials(subject, site);
87 getContext(request).put(SSO_FORM_PRINCIPAL, context.getRemotePrincipalName());
88 getContext(request).put(SSO_FORM_CREDENTIAL, context.getRemoteCredential());
89 }
90 catch (SSOException e)
91 {
92 if (e.getMessage().equals(SSOException.NO_CREDENTIALS_FOR_SITE))
93 {
94
95
96 getContext(request).put(SSO_FORM_PRINCIPAL, "");
97 getContext(request).put(SSO_FORM_CREDENTIAL, "");
98 }
99 else
100 {
101 throw new PortletException(e);
102 }
103 }
104
105 super.doEdit(request, response);
106 }
107
108 public void doView(RenderRequest request, RenderResponse response)
109 throws PortletException, IOException
110 {
111 String site = request.getPreferences().getValue("SRC", null);
112 if (site == null)
113 {
114
115
116 request.setAttribute(PARAM_VIEW_PAGE, this.getPortletConfig().getInitParameter(PARAM_EDIT_PAGE));
117 setupPreferencesEdit(request, response);
118 super.doView(request, response);
119 return;
120 }
121
122 try
123 {
124 Subject subject = getSubject();
125 SSOContext context = sso.getCredentials(subject, site);
126 request.setAttribute(SSO_REQUEST_ATTRIBUTE_USERNAME, context.getRemotePrincipalName());
127 request.setAttribute(SSO_REQUEST_ATTRIBUTE_PASSWORD, context.getRemoteCredential());
128 }
129 catch (SSOException e)
130 {
131 if (e.getMessage().equals(SSOException.NO_CREDENTIALS_FOR_SITE))
132 {
133
134
135 request.setAttribute(PARAM_VIEW_PAGE, this.getPortletConfig().getInitParameter(PARAM_EDIT_PAGE));
136 setupPreferencesEdit(request, response);
137 }
138 else
139 {
140 throw new PortletException(e);
141 }
142 }
143
144 super.doView(request, response);
145 }
146
147 public void processAction(ActionRequest request, ActionResponse actionResponse)
148 throws PortletException, IOException
149 {
150
151 super.processAction(request, actionResponse);
152
153
154
155 String ssoPrincipal = request.getParameter(SSO_FORM_PRINCIPAL);
156 String ssoCredential = request.getParameter(SSO_FORM_CREDENTIAL);
157
158
159
160
161
162
163
164 String site = request.getPreferences().getValue("SRC", "");
165 try
166 {
167 Subject subject = getSubject();
168 if (sso.hasSSOCredentials(subject, site))
169 {
170 SSOContext context = sso.getCredentials(subject, site);
171 if (!context.getRemotePrincipalName().equals(ssoPrincipal))
172 {
173 sso.removeCredentialsForSite(subject, site);
174 sso.addCredentialsForSite(subject, ssoPrincipal, site, ssoCredential);
175 }
176 else
177 {
178 sso.updateCredentialsForSite(subject, ssoPrincipal, site, ssoCredential);
179 }
180 }
181 else
182 {
183 sso.addCredentialsForSite(subject, ssoPrincipal, site, ssoCredential);
184 }
185 }
186 catch (SSOException e)
187 {
188 throw new PortletException(e);
189 }
190
191 }
192
193 public String getURLSource(RenderRequest request, RenderResponse response, PortletPreferences prefs)
194 {
195 String baseSource = super.getURLSource(request, response, prefs);
196 String type = prefs.getValue(SSO_TYPE, SSO_TYPE_URL);
197 if (type.equals(SSO_TYPE_URL) || type.equals(SSO_TYPE_URL_BASE64))
198 {
199 String userNameParam = prefs.getValue(SSO_TYPE_URL_USERNAME, "user");
200 String passwordParam = prefs.getValue(SSO_TYPE_URL_PASSWORD, "password");
201 StringBuffer source = new StringBuffer(baseSource);
202 if (baseSource.indexOf("?") == -1)
203 {
204 source.append("?");
205 }
206 else
207 {
208 source.append("&");
209 }
210 source.append(userNameParam);
211 source.append("=");
212
213 String userName = (String)request.getAttribute(SSO_REQUEST_ATTRIBUTE_USERNAME);
214 if (userName == null) userName = "";
215 String password = (String)request.getAttribute(SSO_REQUEST_ATTRIBUTE_PASSWORD);
216 if (password == null) password = "";
217
218 if (type.equals(SSO_TYPE_URL_BASE64))
219 {
220 Base64 encoder = new Base64() ;
221 userName = new String(encoder.encode(userName.getBytes()));
222 password = new String(encoder.encode(password.getBytes()));
223 }
224
225 source.append(userName);
226 source.append("&");
227 source.append(passwordParam);
228 source.append("=");
229 source.append(password);
230
231 return response.encodeURL(source.toString());
232 }
233 else
234 {
235 return baseSource;
236 }
237 }
238
239 private Subject getSubject()
240 {
241 AccessControlContext context = AccessController.getContext();
242 return JSSubject.getSubject(context);
243 }
244
245 }