View Javadoc

1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one or more
3    * contributor license agreements.  See the NOTICE file distributed with
4    * this work for additional information regarding copyright ownership.
5    * The ASF licenses this file to You under the Apache License, Version 2.0
6    * (the "License"); you may not use this file except in compliance with
7    * the License.  You may obtain a copy of the License at
8    * 
9    *      http://www.apache.org/licenses/LICENSE-2.0
10   * 
11   * Unless required by applicable law or agreed to in writing, software
12   * distributed under the License is distributed on an "AS IS" BASIS,
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   * See the License for the specific language governing permissions and
15   * limitations under the License.
16   */
17  package org.apache.jetspeed.portlet;
18  
19  import java.io.IOException;
20  import java.security.AccessControlContext;
21  import java.security.AccessController;
22  
23  import javax.portlet.ActionRequest;
24  import javax.portlet.ActionResponse;
25  import javax.portlet.PortletConfig;
26  import javax.portlet.PortletContext;
27  import javax.portlet.PortletException;
28  import javax.portlet.PortletPreferences;
29  import javax.portlet.RenderRequest;
30  import javax.portlet.RenderResponse;
31  import javax.security.auth.Subject;
32  
33  import org.apache.commons.codec.binary.Base64;
34  import org.apache.jetspeed.security.JSSubject;
35  import org.apache.jetspeed.sso.SSOContext;
36  import org.apache.jetspeed.sso.SSOException;
37  import org.apache.jetspeed.sso.SSOProvider;
38  
39  /***
40   * SSOIFramePortlet
41   * 
42   * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
43   * @version $Id: SSOIFramePortlet.java 598994 2007-11-28 13:31:43Z ate $
44   */
45  public class SSOIFramePortlet extends IFrameGenericPortlet
46  {
47      public static final String SSO_TYPE = "sso.type";
48      public static final String SSO_TYPE_URL = "url";
49      public static final String SSO_TYPE_URL_BASE64 = "url.base64";
50      public static final String SSO_TYPE_HTTP = "http";
51      public static final String SSO_TYPE_CERTIFICATE = "certificate";
52      
53      public static final String SSO_TYPE_URL_USERNAME = "sso.url.Principal";
54      public static final String SSO_TYPE_URL_PASSWORD = "sso.url.Credential";
55      
56      public static final String SSO_REQUEST_ATTRIBUTE_USERNAME = "sso.ra.username";
57      public static final String SSO_REQUEST_ATTRIBUTE_PASSWORD = "sso.ra.password";
58  
59      /*
60       * The constants must be used in your HTML form for the SSO principal and credential
61       */
62      public static final String SSO_FORM_PRINCIPAL = "ssoPrincipal";
63      public static final String SSO_FORM_CREDENTIAL = "ssoCredential";
64      
65      private PortletContext context;
66      private SSOProvider sso;
67  
68      public void init(PortletConfig config) throws PortletException
69      {
70          super.init(config);
71          context = getPortletContext();
72          sso = (SSOProvider)context.getAttribute("cps:SSO");
73          if (null == sso)
74          {
75             throw new PortletException("Failed to find SSO Provider on portlet initialization");
76          }        
77      }
78  
79      public void doEdit(RenderRequest request, RenderResponse response)
80      throws PortletException, IOException
81      {
82          try
83          {
84              Subject subject = getSubject();                 
85              String site = request.getPreferences().getValue("SRC", "");
86              SSOContext context = sso.getCredentials(subject, site);
87              getContext(request).put(SSO_FORM_PRINCIPAL, context.getRemotePrincipalName());
88              getContext(request).put(SSO_FORM_CREDENTIAL, context.getRemoteCredential());
89          }
90          catch (SSOException e)
91          {
92              if (e.getMessage().equals(SSOException.NO_CREDENTIALS_FOR_SITE))
93              {
94                  // no credentials configured in SSO store
95                  // switch to SSO Configure View
96                  getContext(request).put(SSO_FORM_PRINCIPAL, "");
97                  getContext(request).put(SSO_FORM_CREDENTIAL, "");
98              }
99              else
100             {
101                 throw new PortletException(e);
102             }
103         }        
104         
105         super.doEdit(request, response);
106     }
107         
108     public void doView(RenderRequest request, RenderResponse response)
109     throws PortletException, IOException
110     {
111         String site = request.getPreferences().getValue("SRC", null);
112         if (site == null)
113         {
114             // no credentials configured in SSO store
115             // switch to SSO Configure View
116             request.setAttribute(PARAM_VIEW_PAGE, this.getPortletConfig().getInitParameter(PARAM_EDIT_PAGE));
117             setupPreferencesEdit(request, response);
118             super.doView(request, response);
119             return;
120         }
121         
122         try
123         {
124             Subject subject = getSubject();                 
125             SSOContext context = sso.getCredentials(subject, site);
126             request.setAttribute(SSO_REQUEST_ATTRIBUTE_USERNAME, context.getRemotePrincipalName());
127             request.setAttribute(SSO_REQUEST_ATTRIBUTE_PASSWORD, context.getRemoteCredential());
128         }
129         catch (SSOException e)
130         {
131             if (e.getMessage().equals(SSOException.NO_CREDENTIALS_FOR_SITE))
132             {
133                 // no credentials configured in SSO store
134                 // switch to SSO Configure View
135                 request.setAttribute(PARAM_VIEW_PAGE, this.getPortletConfig().getInitParameter(PARAM_EDIT_PAGE));
136                 setupPreferencesEdit(request, response);                
137             }
138             else
139             {
140                 throw new PortletException(e);
141             }
142         }        
143         
144         super.doView(request, response);
145     }
146     
147     public void processAction(ActionRequest request, ActionResponse actionResponse)
148     throws PortletException, IOException
149     {
150         // save the prefs
151         super.processAction(request, actionResponse);
152         
153         // get the POST params -- requires HTML post params named
154         // ssoUserName 
155         String ssoPrincipal = request.getParameter(SSO_FORM_PRINCIPAL);
156         String ssoCredential = request.getParameter(SSO_FORM_CREDENTIAL);        
157         /*
158         if (ssoPrincipal == null || ssoCredential == null)
159         {
160             
161             actionResponse.setPortletMode(PortletMode.EDIT); // stay on edit
162         }
163         */
164         String site = request.getPreferences().getValue("SRC", "");
165         try
166         {
167             Subject subject = getSubject();
168             if (sso.hasSSOCredentials(subject, site))
169             {
170             	SSOContext context = sso.getCredentials(subject, site);
171             	if (!context.getRemotePrincipalName().equals(ssoPrincipal))
172             	{
173             		sso.removeCredentialsForSite(subject, site);
174             		sso.addCredentialsForSite(subject, ssoPrincipal, site, ssoCredential);
175             	}
176             	else
177             	{
178             		sso.updateCredentialsForSite(subject, ssoPrincipal, site, ssoCredential);
179             	}
180             }
181             else
182             {
183                 sso.addCredentialsForSite(subject, ssoPrincipal, site, ssoCredential);
184             }
185         }
186         catch (SSOException e)
187         {
188             throw new PortletException(e);
189         }
190         
191     }
192     
193     public String getURLSource(RenderRequest request, RenderResponse response, PortletPreferences prefs)
194     {
195         String baseSource = super.getURLSource(request, response, prefs);
196         String type = prefs.getValue(SSO_TYPE, SSO_TYPE_URL);
197         if (type.equals(SSO_TYPE_URL) || type.equals(SSO_TYPE_URL_BASE64))
198         {
199             String userNameParam = prefs.getValue(SSO_TYPE_URL_USERNAME, "user");
200             String passwordParam = prefs.getValue(SSO_TYPE_URL_PASSWORD, "password");
201             StringBuffer source = new StringBuffer(baseSource);
202             if (baseSource.indexOf("?") == -1)
203             {
204                 source.append("?");
205             }            
206             else
207             {
208                 source.append("&");
209             }
210             source.append(userNameParam);
211             source.append("=");
212             
213             String userName = (String)request.getAttribute(SSO_REQUEST_ATTRIBUTE_USERNAME);
214             if (userName == null) userName = "";
215             String password = (String)request.getAttribute(SSO_REQUEST_ATTRIBUTE_PASSWORD);
216             if (password == null) password = "";
217 
218             if (type.equals(SSO_TYPE_URL_BASE64))
219             {
220                 Base64 encoder = new Base64() ;
221                 userName = new String(encoder.encode(userName.getBytes()));
222                 password = new String(encoder.encode(password.getBytes()));
223             }            
224             
225             source.append(userName);
226             source.append("&");
227             source.append(passwordParam);
228             source.append("=");
229             source.append(password);
230             
231             return response.encodeURL(source.toString());
232         }
233         else
234         {
235             return baseSource;
236         }
237     }
238     
239     private Subject getSubject()
240     {
241         AccessControlContext context = AccessController.getContext();
242         return JSSubject.getSubject(context);         
243     }
244     
245 }