1 |
|
|
2 |
|
|
3 |
|
|
4 |
|
|
5 |
|
|
6 |
|
|
7 |
|
|
8 |
|
|
9 |
|
|
10 |
|
|
11 |
|
|
12 |
|
|
13 |
|
|
14 |
|
|
15 |
|
|
16 |
|
|
17 |
|
package org.apache.jetspeed.login.filter; |
18 |
|
|
19 |
|
import java.io.IOException; |
20 |
|
import java.security.Principal; |
21 |
|
import java.util.HashSet; |
22 |
|
import java.util.Set; |
23 |
|
|
24 |
|
import javax.security.auth.Subject; |
25 |
|
import javax.servlet.Filter; |
26 |
|
import javax.servlet.FilterChain; |
27 |
|
import javax.servlet.FilterConfig; |
28 |
|
import javax.servlet.ServletException; |
29 |
|
import javax.servlet.ServletRequest; |
30 |
|
import javax.servlet.ServletResponse; |
31 |
|
import javax.servlet.http.HttpServletRequest; |
32 |
|
import javax.servlet.http.HttpSession; |
33 |
|
|
34 |
|
import org.apache.jetspeed.Jetspeed; |
35 |
|
import org.apache.jetspeed.PortalReservedParameters; |
36 |
|
import org.apache.jetspeed.administration.PortalAuthenticationConfiguration; |
37 |
|
import org.apache.jetspeed.administration.PortalConfiguration; |
38 |
|
import org.apache.jetspeed.audit.AuditActivity; |
39 |
|
import org.apache.jetspeed.login.LoginConstants; |
40 |
|
import org.apache.jetspeed.request.RequestContext; |
41 |
|
import org.apache.jetspeed.security.SecurityException; |
42 |
|
import org.apache.jetspeed.security.SecurityHelper; |
43 |
|
import org.apache.jetspeed.security.User; |
44 |
|
import org.apache.jetspeed.security.UserManager; |
45 |
|
import org.apache.jetspeed.security.UserPrincipal; |
46 |
|
import org.apache.jetspeed.security.impl.PrincipalsSet; |
47 |
|
import org.apache.jetspeed.security.impl.UserPrincipalImpl; |
48 |
|
import org.apache.jetspeed.security.impl.UserSubjectPrincipalImpl; |
49 |
|
|
50 |
0 |
public class PortalFilter implements Filter |
51 |
|
{ |
52 |
0 |
protected String guest = "guest"; |
53 |
|
|
54 |
|
public void init(FilterConfig filterConfig) throws ServletException |
55 |
|
{ |
56 |
0 |
PortalConfiguration config = Jetspeed.getConfiguration(); |
57 |
0 |
if (config != null) |
58 |
0 |
guest = config.getString("default.user.principal"); |
59 |
0 |
} |
60 |
|
|
61 |
|
public void doFilter(ServletRequest sRequest, |
62 |
|
ServletResponse sResponse, FilterChain filterChain) |
63 |
|
throws IOException, ServletException |
64 |
|
{ |
65 |
0 |
if (sRequest instanceof HttpServletRequest) |
66 |
|
{ |
67 |
0 |
HttpServletRequest request = (HttpServletRequest)sRequest; |
68 |
0 |
String username = request.getParameter(LoginConstants.USERNAME); |
69 |
0 |
String password = request.getParameter(LoginConstants.PASSWORD); |
70 |
0 |
if (username != null) |
71 |
|
{ |
72 |
0 |
UserManager userManager = (UserManager)Jetspeed.getComponentManager().getComponent("org.apache.jetspeed.security.UserManager"); |
73 |
0 |
AuditActivity audit = (AuditActivity)Jetspeed.getComponentManager().getComponent("org.apache.jetspeed.audit.AuditActivity"); |
74 |
0 |
boolean success = userManager.authenticate(username, password); |
75 |
0 |
if (success) |
76 |
|
{ |
77 |
0 |
audit.logUserActivity(username, request.getRemoteAddr(), AuditActivity.AUTHENTICATION_SUCCESS, "PortalFilter"); |
78 |
0 |
PortalAuthenticationConfiguration authenticationConfiguration = (PortalAuthenticationConfiguration) |
79 |
|
Jetspeed.getComponentManager().getComponent("org.apache.jetspeed.administration.PortalAuthenticationConfiguration"); |
80 |
0 |
if (authenticationConfiguration.isCreateNewSessionOnLogin()) |
81 |
|
{ |
82 |
0 |
request.getSession().invalidate(); |
83 |
|
} |
84 |
0 |
Subject subject = null; |
85 |
|
try |
86 |
|
{ |
87 |
|
|
88 |
0 |
User user = userManager.getUser(username); |
89 |
0 |
if ( user != null ) |
90 |
|
{ |
91 |
0 |
subject = user.getSubject(); |
92 |
|
} |
93 |
|
} |
94 |
0 |
catch (SecurityException sex) |
95 |
|
{ |
96 |
0 |
subject = null; |
97 |
0 |
} |
98 |
0 |
if (subject == null) |
99 |
|
{ |
100 |
0 |
Set principals = new PrincipalsSet(); |
101 |
0 |
subject = new Subject(true, principals, class="keyword">new HashSet(), class="keyword">new HashSet()); |
102 |
0 |
UserPrincipal userPrincipal = new UserSubjectPrincipalImpl(username, subject); |
103 |
0 |
principals.add(userPrincipal); |
104 |
|
} |
105 |
0 |
Principal principal = SecurityHelper.getPrincipal(subject, UserPrincipal.class); |
106 |
0 |
sRequest = wrapperRequest(request, subject, principal); |
107 |
0 |
request.getSession().removeAttribute(LoginConstants.ERRORCODE); |
108 |
0 |
HttpSession session = request.getSession(true); |
109 |
0 |
session.setAttribute(PortalReservedParameters.SESSION_KEY_SUBJECT, subject); |
110 |
|
|
111 |
0 |
} |
112 |
|
else |
113 |
|
{ |
114 |
0 |
audit.logUserActivity(username, request.getRemoteAddr(), AuditActivity.AUTHENTICATION_FAILURE, "PortalFilter"); |
115 |
0 |
request.getSession().setAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_INVALID_PASSWORD); |
116 |
|
} |
117 |
0 |
} |
118 |
|
else |
119 |
|
{ |
120 |
|
|
121 |
|
|
122 |
0 |
Subject subject = (Subject)request.getSession().getAttribute(PortalReservedParameters.SESSION_KEY_SUBJECT); |
123 |
0 |
if (subject != null) |
124 |
|
{ |
125 |
0 |
Principal principal = SecurityHelper.getPrincipal(subject, UserPrincipal.class); |
126 |
0 |
if (principal != null && principal.getName().equals(this.guest)) |
127 |
|
{ |
128 |
|
} |
129 |
|
else |
130 |
|
{ |
131 |
0 |
sRequest = wrapperRequest(request, subject, principal); |
132 |
|
} |
133 |
|
} |
134 |
|
} |
135 |
|
|
136 |
0 |
sRequest.setAttribute(PortalReservedParameters.PORTAL_FILTER_ATTRIBUTE, "true"); |
137 |
|
} |
138 |
|
|
139 |
0 |
if (filterChain != null) |
140 |
|
{ |
141 |
0 |
filterChain.doFilter(sRequest, sResponse); |
142 |
|
} |
143 |
0 |
} |
144 |
|
|
145 |
|
private ServletRequest wrapperRequest(HttpServletRequest request, Subject subject, Principal principal) |
146 |
|
{ |
147 |
0 |
PortalRequestWrapper wrapper = new PortalRequestWrapper(request, subject, principal); |
148 |
0 |
return wrapper; |
149 |
|
} |
150 |
|
|
151 |
|
public void destroy() |
152 |
|
{ |
153 |
0 |
} |
154 |
|
} |