litvinovg/vitro
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

NIHVIVO-1399 create a servlet and template to use in faking external authentication. Add the info to web.xml, but commented out.

Browse source
This commit is contained in:
jeb228 2010-11-28 22:35:07 +00:00
parent 7ac8b0c811
commit bdfe0d018d
3 changed files with 161 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

12
webapp/config/web.xml
View file

@ -1111,6 +1111,18 @@
<url-pattern>/unrecognizedUser</url-pattern> <url-pattern>/unrecognizedUser</url-pattern>
</servlet-mapping> </servlet-mapping>
<!--
<servlet>
<servlet-name>FakeExternalAuthController</servlet-name>
<servlet-class>edu.cornell.mannlib.vitro.webapp.controller.authenticate.FakeExternalAuthController</servlet-class>
<load-on-startup />
</servlet>
<servlet-mapping>
<servlet-name>FakeExternalAuthController</servlet-name>
<url-pattern>/admin/fakeExternalAuth</url-pattern>
</servlet-mapping>
-->
<servlet> <servlet>
<servlet-name>browsecontroller</servlet-name> <servlet-name>browsecontroller</servlet-name>
<servlet-class>edu.cornell.mannlib.vitro.webapp.controller.freemarker.BrowseController</servlet-class> <servlet-class>edu.cornell.mannlib.vitro.webapp.controller.freemarker.BrowseController</servlet-class>

130
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/FakeExternalAuthController.java Normal file
View file

@ -0,0 +1,130 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.controller.authenticate;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.FreemarkerHttpServlet;
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder;
/**
* This allows a DBA to pretend that he's logged in with an external username.
*/
public class FakeExternalAuthController extends FreemarkerHttpServlet {
private static final Log log = LogFactory
.getLog(FakeExternalAuthController.class);
private static final String URL_FAKE_CONTROLLER = "/admin/fakeExternalAuth";
private static final String URL_EXTERNAL_AUTH_RETURN = "/loginExternalAuthReturn";
private static final String TEMPLATE_DEFAULT = "fakeExternalAuth.ftl";
private static final String PARAMETER_USERNAME = "username";
private static final String PARAMETER_CANCEL = "cancel";
@Override
public void init() throws ServletException {
log.debug("storing the bean.");
ExternalAuthHelper.setBean(getServletContext(),
new FakeExternalAuthHelper(null));
}
@Override
protected String getTitle(String siteName) {
return "Fake external login " + siteName;
}
@Override
protected ResponseValues processRequest(VitroRequest vreq) {
if (isCancelRequested(vreq)) {
log.debug("cancelling.");
setFakeExternalAuthHelper(vreq, null);
return makeRedirectResponse();
} else if (isUsernameSupplied(vreq)) {
log.debug("faking as '" + getUsername(vreq) + "'");
setFakeExternalAuthHelper(vreq, getUsername(vreq));
return makeRedirectResponse();
} else {
log.debug("show the form.");
return makeShowFormResponse();
}
}
private boolean isCancelRequested(VitroRequest vreq) {
String cancelString = vreq.getParameter(PARAMETER_CANCEL);
return (cancelString != null) && (!cancelString.isEmpty());
}
private void setFakeExternalAuthHelper(HttpServletRequest req,
String username) {
ExternalAuthHelper.setBean(req.getSession().getServletContext(),
new FakeExternalAuthHelper(username));
}
private boolean isUsernameSupplied(VitroRequest vreq) {
String username = getUsername(vreq);
return ((username != null) && (!username.isEmpty()));
}
private String getUsername(VitroRequest vreq) {
return vreq.getParameter(PARAMETER_USERNAME);
}
private TemplateResponseValues makeShowFormResponse() {
Map<String, Object> body = new HashMap<String, Object>();
body.put("controllerUrl", UrlBuilder.getUrl(URL_FAKE_CONTROLLER));
return new TemplateResponseValues(TEMPLATE_DEFAULT, body);
}
private RedirectResponseValues makeRedirectResponse() {
return new RedirectResponseValues(
UrlBuilder.getUrl(URL_EXTERNAL_AUTH_RETURN));
}
/**
* This implementation of ExternalAuthHelper ignores any configuration
* properties. This controller is used as the exernal authorization server,
* and the username that is set by this controller is used as the external
* username.
*/
public static class FakeExternalAuthHelper extends ExternalAuthHelper {
private final String username;
private FakeExternalAuthHelper(String username) {
super(null, null);
this.username = username;
}
@Override
public String buildExternalAuthRedirectUrl(String returnUrl) {
int lastSlash = returnUrl.lastIndexOf("/");
String homeUrl = returnUrl.substring(0, lastSlash);
String url = homeUrl + URL_FAKE_CONTROLLER;
log.debug("externalAuth URL is '" + url + "'");
return url;
}
@Override
public String getExternalUsername(HttpServletRequest request) {
log.debug("external username is '" + username + "'");
return username;
}
@Override
public String toString() {
return "FakeExternalAuthHelper[username='" + username + "']";
}
}
}

19
webapp/web/templates/freemarker/body/fakeExternalAuth.ftl Normal file
View file

@ -0,0 +1,19 @@
<#-- $This file is distributed under the terms of the license in /doc/license.txt$ -->
<#-- Template for the Fake External Authentication page. -->
<section role="region">
<h2>Fake External Authentication</h2>
<p>
Enter the userID that you want to sign in as, or click Cancel.
</p>
<form action="${controllerUrl}">
Username:
<input type="text" name="username" />
<input type="submit" value="submit" />
<input type="submit" name="cancel" value="cancel" />
</form>
<br/>
</section>