litvinovg/vivo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Tweak the build script, so a developer can build vitro-core and it won't have any effect when they build vivoweb in the same workspace.

Browse source
This commit is contained in:
jeb228 2010-01-29 22:12:41 +00:00
commit 3f17d16d7b
68 changed files with 40148 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

BIN
contrib/FLShibboleth/includes/ShibauthAdminAuthenticate.class Executable file
View file

Binary file not shown.

253
contrib/FLShibboleth/includes/ShibauthAdminAuthenticate.java Executable file
View file

@ -0,0 +1,253 @@
package edu.cornell.mannlib.vitro.webapp.controller.edit;
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
import java.io.UnsupportedEncodingException;
import java.util.Calendar;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import com.hp.hpl.jena.ontology.OntModel;
import edu.cornell.mannlib.vedit.beans.LoginFormBean;
import edu.cornell.mannlib.vitro.webapp.beans.User;
import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
import edu.cornell.mannlib.vitro.webapp.controller.VitroHttpServlet;
import edu.cornell.mannlib.vitro.webapp.dao.UserDao;
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
import edu.cornell.mannlib.vitro.webapp.dao.jena.LoginEvent;
import edu.cornell.mannlib.vitro.webapp.dao.jena.LoginLogoutEvent;
/*
* yxl: This is a copy of Authenticate.java and modified for Shibboleth authentication
*
*/
public class ShibauthAdminAuthenticate extends VitroHttpServlet {
private static final int DEFAULT_PORTAL_ID=1;
public static final String USER_SESSION_MAP_ATTR = "userURISessionMap";
private UserDao userDao = null;
private static final Log log = LogFactory.getLog(Authenticate.class.getName());
public void doPost( HttpServletRequest request, HttpServletResponse response ) {
try {
HttpSession session = request.getSession();
if(session.isNew()){
session.setMaxInactiveInterval(300); // seconds, not milliseconds
}
userDao = ((WebappDaoFactory)session.getServletContext().getAttribute("webappDaoFactory")).getUserDao();
LoginFormBean f = (LoginFormBean) session.getAttribute( "loginHandler" );
//obtain a db connection and perform a db query
//ensuring that the username exists
// JCR 20040905 passing on portal home parameter
String portalIdStr=(portalIdStr=request.getParameter("home"))==null?String.valueOf(DEFAULT_PORTAL_ID):portalIdStr;
//request.setAttribute("home",portalIdStr);
// Build the redirect URLs
String contextPath = request.getContextPath();
String urlParams = "?home=" + portalIdStr + "&login=block";
String loginUrl = contextPath + Controllers.LOGIN + urlParams;
String siteAdminUrl = contextPath + Controllers.SITE_ADMIN + urlParams;
if (userDao==null) {
f.setErrorMsg("loginPassword","unable to get UserDao");
f.setLoginStatus("no UserDao");
response.sendRedirect(loginUrl);
return;
}
/* used for encoding cleartext passwords sent via http before store in database
String loginPassword = "";
String passwordQuery = "SELECT PASSWORD('" + f.getLoginPassword() + "')";
ResultSet ps = stmt.executeQuery( passwordQuery );
while ( ps.next() ) {
loginPassword = ps.getString(1);
}
*/
String userEnteredPasswordAfterMd5Conversion=f.getLoginPassword(); // won't be null
if ( userEnteredPasswordAfterMd5Conversion.equals("") ) { // shouldn't get through JS form verification
f.setErrorMsg( "loginPassword","please enter a password" );
f.setLoginStatus("bad_password");
response.sendRedirect(loginUrl);
return;
}
User user = userDao.getUserByUsername(f.getLoginName());
if (user==null) {
f.setErrorMsg( "loginName","No user found with username " + f.getLoginName() );
f.setLoginStatus("unknown_username");
response.sendRedirect(loginUrl);
return;
}
// logic for authentication
// first check for new users (loginCount==0)
// 1) cold (have username but haven't received initial password)
// 2) initial password has been set but user mis-typed it
// 3) correctly typed initial password and oldpassword set to provided password; have to enter a different one
// 4) entered same password again
// 5) entered a new private password, and bypass this stage because logincount set to 1
// then check for users DBA has set to require changing password (md5password is null, oldpassword is not)
//
// check password; dbMd5Password is md5password from database
if (user.getLoginCount() == 0 ) { // new user
if ( user.getMd5password() == null ) { // user is known but has not been given initial password
f.setErrorMsg( "loginPassword", "Please request a username and initial password via the link below" ); // store password in database but force immediate re-entry
f.setLoginStatus("first_login_no_password");
} else if (!user.getMd5password().equals( userEnteredPasswordAfterMd5Conversion )) { // mis-typed CCRP-provided initial password
if ( user.getOldPassword() == null ) { // did not make it through match of initially supplied password
f.setErrorMsg( "loginPassword", "Please try entering provided password again" );
f.setLoginStatus("first_login_mistyped");
} else if (user.getOldPassword().equals( userEnteredPasswordAfterMd5Conversion ) ) {
f.setErrorMsg( "loginPassword", "Please pick a different password from initially provided one" );
f.setLoginStatus("changing_password_repeated_old");
} else { // successfully provided different, private password
f.setErrorMsg( "loginPassword", "Please re-enter new private password" );
user.setMd5password(userEnteredPasswordAfterMd5Conversion);
user.setLoginCount(1);
userDao.updateUser(user);
f.setLoginStatus("changing_password");
}
} else { // entered a password that matches initial md5password in database; now force them to change it
// oldpassword could be null or not null depending on number of mistries
f.setErrorMsg( "loginPassword", "Please now choose a private password" ); // store password in database but force immediate re-entry
user.setOldPassword(user.getMd5password());
userDao.updateUser(user);
f.setLoginStatus("first_login_changing_password");
}
response.sendRedirect(loginUrl);
return;
} else if ( user.getMd5password()==null ) { // DBA has forced entry of a new password for user with a loginCount > 0
if ( user.getOldPassword() != null && user.getOldPassword().equals( userEnteredPasswordAfterMd5Conversion ) ) {
f.setErrorMsg( "loginPassword", "Please pick a different password from your old one" );
f.setLoginStatus("changing_password_repeated_old");
} else {
f.setErrorMsg( "loginPassword", "Please re-enter new password" );
user.setMd5password(userEnteredPasswordAfterMd5Conversion);
userDao.updateUser(user);
f.setLoginStatus("changing_password");
}
response.sendRedirect(loginUrl);
return;
} else if (!user.getMd5password().equals( userEnteredPasswordAfterMd5Conversion )) {
/*
* yxl: comment out the following code so that Shib can login an admin user
* without using a password as long as the glid existed in the "user" table.
*/
/*
f.setErrorMsg( "loginPassword", "Incorrect password: try again");
f.setLoginStatus("bad_password");
f.setLoginPassword(""); // don't even reveal how many characters there were
response.sendRedirect(loginUrl);
return;
*/
}
//set the login bean properties from the database
//System.out.println("authenticated; setting login status in loginformbean");
f.setUserURI(user.getURI());
f.setLoginStatus( "authenticated" );
f.setSessionId( session.getId());
f.setLoginRole( user.getRoleURI() );
try {
int loginRoleInt = Integer.decode(f.getLoginRole());
if( (loginRoleInt>1) && (session.isNew()) ) {
session.setMaxInactiveInterval(32000); // set longer timeout for editors
}
} catch (Exception e) {}
// TODO : might be a problem in next line - no ID
f.setLoginUserId( -2 );
//f.setEmailAddress ( email );
f.setLoginPassword( "" );
f.setErrorMsg( "loginPassword", "" ); // remove any error messages
f.setErrorMsg( "loginUsername", "" );
//System.out.println("updating loginCount and modTime");
Map<String,HttpSession> userURISessionMap = getUserURISessionMapFromContext( getServletContext() );
userURISessionMap.put( user.getURI(), request.getSession() );
sendLoginNotifyEvent(new LoginEvent( user.getURI() ), getServletContext(), session);
user.setLoginCount(user.getLoginCount()+1);
userDao.updateUser(user);
if ( user.getLoginCount() == 2 ) { // first login
Calendar cal = Calendar.getInstance();
user.setFirstTime(cal.getTime());
userDao.updateUser(user);
}
/*
*If you set a postLoginRequest attribute in the session and forward to about
*then this will attempt to send the client back to the original page after the login.
*/
String forwardStr = (String) request.getSession().getAttribute("postLoginRequest");
request.getSession().removeAttribute("postLoginRequest");
if (forwardStr == null) {
String contextPostLoginRequest = (String) getServletContext().getAttribute("postLoginRequest");
if (contextPostLoginRequest != null) {
forwardStr = (contextPostLoginRequest.indexOf(":") == -1)
? request.getContextPath() + contextPostLoginRequest
: contextPostLoginRequest;
}
}
if (forwardStr != null) {
response.sendRedirect(forwardStr);
} else {
response.sendRedirect(siteAdminUrl);
//RequestDispatcher rd = getServletContext().getRequestDispatcher(url);
//rd.forward(request,response);
}
} catch (Throwable t) {
log.error( t.getMessage() );
t.printStackTrace();
}
}
public static void sendLoginNotifyEvent(LoginLogoutEvent event, ServletContext context, HttpSession session){
Object sessionOntModel = null;
if( session != null )
sessionOntModel = session.getAttribute("jenaOntModel");
Object contextOntModel = null;
if( context != null )
contextOntModel = context.getAttribute("jenaOntModel");
OntModel jenaOntModel =
( (sessionOntModel != null && sessionOntModel instanceof OntModel)
? (OntModel)sessionOntModel: (OntModel) context.getAttribute("jenaOntModel") );
if( jenaOntModel == null ){
log.error( "Unable to notify audit model of login event because no model could be found");
} else {
if( event == null ){
log.warn("Unable to notify audit model of login because a null event was passed");
}else{
jenaOntModel.getBaseModel().notifyEvent( event );
}
}
}
public static Map<String,HttpSession> getUserURISessionMapFromContext( ServletContext ctx ) {
Map<String,HttpSession> m = (Map<String,HttpSession>) ctx.getAttribute( USER_SESSION_MAP_ATTR );
if ( m == null ) {
m = new HashMap<String,HttpSession>();
ctx.setAttribute( USER_SESSION_MAP_ATTR, m );
}
return m;
}
}

BIN
contrib/FLShibboleth/includes/ajax-loader.gif Executable file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 2.5 KiB

125
contrib/FLShibboleth/includes/loginForm.jsp Executable file
View file

@ -0,0 +1,125 @@
<%-- $This file is distributed under the terms of the license in /doc/license.txt$ --%>
<%-- Included in siteAdmin_body.jsp to handle login/logout form and processing --%>
<%@ page import="edu.cornell.mannlib.vitro.webapp.beans.Portal" %>
<%@ page import="edu.cornell.mannlib.vitro.webapp.controller.Controllers" %>
<c:url var="loginJSP" value="<%= Controllers.LOGIN_JSP %>" />
<c:set var="loginFormTitle" value="<h3>Please log in</h3>" />
<%
int securityLevel = loginHandler.ANYBODY;
String loginStatus = loginHandler.getLoginStatus();
if ( loginStatus.equals("authenticated")) {
%>
<div id="logoutPanel">
<%
} else {
%>
<div id="loginPanel" class="pageBodyGroup">
<%
}
if ( loginStatus.equals("authenticated")) {
// test whether session is still valid
String currentSessionId = session.getId();
String storedSessionId = loginHandler.getSessionId();
if ( currentSessionId.equals( storedSessionId ) ) {
String currentRemoteAddrStr = request.getRemoteAddr();
String storedRemoteAddr = loginHandler.getLoginRemoteAddr();
securityLevel = Integer.parseInt( loginHandler.getLoginRole() );
if ( currentRemoteAddrStr.equals( storedRemoteAddr ) ) {
%>
<form class="logout" name="logout" action="${loginJSP}" method="post">
<input type="hidden" name="home" value="<%=portal.getPortalId()%>"/>
<em>Logged in as</em> <strong><jsp:getProperty name="loginHandler" property="loginName" /></strong>
<input type="submit" name="loginSubmitMode" value="Log out" class="logout-button button" />
</form>
<%
} else {
%>
${loginFormTitle}
<em>(IP address has changed)</em><br />
<%
loginHandler.setLoginStatus("logged out");
}
} else {
loginHandler.setLoginStatus("logged out");
%>
${loginFormTitle}
<em>(session has expired)</em><br/>
<form class="login" name="login" action="${loginJSP}" method="post" onsubmit="return isValidLogin(this) ">
<input type="hidden" name="home" value="<%=portal.getPortalId()%>" />
Username: <input type="text" name="loginName" size="10" class="form-item" /><br />
Password: <input type="password" name="loginPassword" size="10" class="form-item" /><br />
<input type="submit" name="loginSubmitMode" value="Log in" class="form-item button" />
</form>
<%
}
} else { /* not thrown out by coming from different IP address or expired session; check login status returned by authenticate.java */
%>
<h3>Please log in</strong></h3>
<%
if ( loginStatus.equals("logged out")) { %>
<em class="noticeText">(currently logged out)</em>
<% } else if ( loginStatus.equals("bad_password")) { %>
<em class="errorText">(password incorrect)</em><br/>
<% } else if ( loginStatus.equals("unknown_username")) { %>
<em class="errorText">(unknown username)</em><br/>
<% } else if ( loginStatus.equals("first_login_no_password")) { %>
<em class="noticeText">(1st login; need to request initial password below)</em>
<% } else if ( loginStatus.equals("first_login_mistyped")) { %>
<em class="noticeText">(1st login; initial password entered incorrectly)</em>
<% } else if ( loginStatus.equals("first_login_changing_password")) { %>
<em class="noticeText">(1st login; changing to new private password)</em>
<% } else if ( loginStatus.equals("changing_password_repeated_old")) { %>
<em class="noticeText">(changing to a different password)</em>
<% } else if ( loginStatus.equals("changing_password")) { %>
<em class="noticeText">(changing to new password)</em>
<% } else if ( loginStatus.equals("none")) { %>
<em class="noticeText">(new session)</em><br/>
<% } else { %>
<em class="errorText">Status unrecognized: <%=loginStatus.replace("_", " ")%></em><br/>
<% } %>
<!--<form class="old-global-form" name="login" action="${loginJSP}" method="post" onsubmit="return isValidLogin(this) ">-->
<form class="old-global-form" name="login" action="shibauth_admin_login.jsp" method="post" onsubmit="return isValidLogin(this) ">
<input type="hidden" name="home" value="<%=portal.getPortalId()%>" />
<label for="loginName">Username:</label>
<%
if ( loginStatus.equals("bad_password") || loginStatus.equals("first_login_no_password")
|| loginStatus.equals("first_login_mistyped") || loginStatus.equals("first_login_changing_password")
|| loginStatus.equals("changing_password_repeated_old") || loginStatus.equals("changing_password") ) { %>
<input id="username" type="text" name="loginName" value='<%=loginHandler.getLoginName()%>' size="10" class="form-item" /><br />
<% } else { %>
<input id="username" type="text" name="loginName" size="10" class="form-item" /><br />
<% if ( loginStatus.equals("unknown_username") ) { %>
<em class="errorText usernameError">Unknown username</em>
<% }
}
%>
<label for="loginPassword">Password:</label>
<input id="password" type="password" name="loginPassword" size="10" class="form-item" /><br />
<% String passwordError=loginHandler.getErrorMsg("loginPassword");
if (passwordError!=null && !passwordError.equals("")) {%>
<em class="errorText passwordError"><%=passwordError%></em>
<% } %>
<input type="submit" name="loginSubmitMode" value="Log in" class="form-item button" />
<br></br>
<a href="https://vivotest.ctrip.ufl.edu/Shibboleth.sso/Login?target=<%=response.encodeURL("https://vivotest.ctrip.ufl.edu/vitro/shibauth_admin_login.jsp")%>">UF Login &raquo;</a>
<br><br>
<a href="shibauth_admin_login.jsp">Test UF Login &raquo;</a>
</form>
<% } %>
</div> <!-- end loginPanel -->

268
contrib/FLShibboleth/includes/shibauth_admin_login.jsp Executable file
View file

@ -0,0 +1,268 @@
<%@ taglib prefix="form" uri="http://vitro.mannlib.cornell.edu/edit/tags" %>
<%@ page import="edu.cornell.mannlib.vitro.webapp.beans.Portal" %>
<%@ page import="edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory" %>
<%@page import="edu.cornell.mannlib.vitro.webapp.dao.jena.pellet.PelletListener"%>
<jsp:useBean id="loginHandler" class="edu.cornell.mannlib.vedit.beans.LoginFormBean" scope="session" />
<%@ taglib uri="http://java.sun.com/jstl/core" prefix="c" %><%/* this odd thing points to something in web.xml */ %>
<%@ page errorPage="/error.jsp"%>
<%
Portal portal = (Portal) request.getAttribute("portalBean");
final String DEFAULT_SEARCH_METHOD = "fulltext"; /* options are fulltext/termlike */
String loginD = (loginD = request.getParameter("login")) == null ? "block" : loginD.equals("null") || loginD.equals("") ? "block" : loginD;
%>
<html>
<!--<meta http-equiv="Refresh" content="10;url=uf_login_process.jsp">-->
<head>
<style type="text/css"><!--
#LoadingDiv{
margin: 0px 0px 0px 0px;
position: fixed;
height: 100%;
z-index: 9999;
padding-top: 300px;
padding-left: 50px;
width: 100%;
clear: none;
text-align: center;
font-weight: bolder;
font-size: 18px;
background: url('images/transbg50.png');
}
#LoadingDivWhite {
margin: 0 auto;
width: 250px;
color:#305882;
height: 50px;
border: 5px solid #305882;
background-color: #f3f3f3;
padding: 10px;
font-size:10pt;
}
--></style>
</head>
<script>
<!--
function submitUFform()
{
// this is needed for the the loading display/double click prevention
var ldiv = document.getElementById('LoadingDiv');
ldiv.style.display = 'block';
document.login.submit();
}
//-->
</script>
<body onLoad="submitUFform()">
<c:set var='themeDir' ><c:out value='<%=portal.getThemeDir()%>' default='themes/default/'/></c:set>
<script type="text/javascript">
// Give initial focus to the password or username field
$(document).ready(function(){
if ($("em.passwordError").length > 0) {
$("input#password").focus();
} else {
$("input#username").focus();
}
});
</script>
<div id="LoadingDiv" style="display:none;">
<div class="LoadingDivWhite">
<em>Loading.....</em><br />
<img src='images/ajax-loader.gif' />
</div>
</div>
<div id="content">
<!-- ############################################################# start left block ########################################################### -->
<% if (loginHandler.getLoginStatus().equals("authenticated")) { %>
<div class="column span-6 loggedIn">
<% } else { %>
<div class="column span-6">
<% } %>
<div onclick="switchGroupDisplay('loginarea','loginSw','${themeDir}site_icons')" title="click to toggle login fields on or off" class="headerlink" onmouseover="onMouseOverHeading(this)" onmouseout="onMouseOutHeading(this)">
</div>
<% if (loginHandler.getLoginStatus().equals("authenticated")) { %>
<div id="loginarea" class="pageGroupBody" style="display:block">
<% } else { %>
<div id="loginarea" class="pageGroupBody" style="display:<%=loginD%>">
<% } %>
<% if ( loginHandler.getLoginStatus().equals("authenticated")) {
/* test if session is still valid */
String currentSessionId = session.getId();
String storedSessionId = loginHandler.getSessionId();
if ( currentSessionId.equals( storedSessionId ) ) {
String currentRemoteAddrStr = request.getRemoteAddr();
String storedRemoteAddr = loginHandler.getLoginRemoteAddr();
int securityLevel = Integer.parseInt( loginHandler.getLoginRole() );
if ( currentRemoteAddrStr.equals( storedRemoteAddr ) ) {%>
<em>Logged in as:</em> <strong><jsp:getProperty name="loginHandler" property="loginName" /></strong>
<form class="old-global-form" name="logout" action="login_process.jsp" method="post">
<input type="hidden" name="home" value="<%=portal.getPortalId()%>"/>
<input type="submit" name="loginSubmitMode" value="Log Out" class="logout-button button" />
</form>
(<em>${languageModeStr}</em>)
<%
Object plObj = getServletContext().getAttribute("pelletListener");
if ( (plObj != null) && (plObj instanceof PelletListener) ) {
PelletListener pelletListener = (PelletListener) plObj;
if (!pelletListener.isConsistent()) {
%>
<p class="notice">
INCONSISTENT ONTOLOGY: reasoning halted.
</p>
<p class="notice">
Cause: <%=pelletListener.getExplanation()%>
</p>
<%
}
}
%>
<ul class="adminLinks">
<li><a href="listTabs?home=<%=portal.getPortalId()%>">Tabs</a></li>
<li><a href="listGroups?home=<%=portal.getPortalId()%>">Class groups</a></li>
<li><a href="listPropertyGroups?home=<%=portal.getPortalId()%>">Property groups</a></li>
<li><a href="showClassHierarchy?home=<%=portal.getPortalId()%>">Root classes</a></li>
<li><a href="showObjectPropertyHierarchy?home=${portalBean.portalId}&amp;iffRoot=true">Root object properties</a></li>
<li><a href="showDataPropertyHierarchy?home=<%=portal.getPortalId()%>">Root data properties</a></li>
<li><a href="listOntologies?home=<%=portal.getPortalId()%>">Ontologies</a></li>
<li>
<form class="old-global-form" action="editForm" method="get">
<select id="VClassURI" name="VClassURI" class="form-item span-23">
<form:option name="VClassId"/>
</select>
<input type="submit" class="add-action-button" value="Add Individual of This Type"/>
<input type="hidden" name="home" value="<%=portal.getPortalId()%>" />
<input type="hidden" name="controller" value="Entity"/>
</form>
</li>
<% if (securityLevel>=4) { %>
<li><a href="editForm?home=<%=portal.getPortalId()%>&amp;controller=Portal&amp;id=<%=portal.getPortalId()%>">Edit Current Portal</a></li>
<li><a href="listPortals?home=<%=portal.getPortalId()%>">All Portals</a></li>
<% }
if (securityLevel>=5) { %>
<li><a href="listUsers?home=<%=portal.getPortalId()%>">Administer User Accounts</a></li>
<c:if test="${verbosePropertyListing == true}">
<li><a href="about?verbose=false">Turn off Verbose Property Display</a></li>
</c:if>
<c:if test="${empty verbosePropertyListing || verbosePropertyListing == false}">
<li><a href="about?verbose=true">Turn on Verbose Property Display</a></li>
</c:if>
<% }
if (securityLevel>=50) { %>
<li><a href="uploadRDFForm?home=<%=portal.getPortalId()%>">Add/Remove RDF Data</a></li>
<li><a href="export?home=<%=portal.getPortalId()%>">Export to RDF</a></li>
<%-- <li><a href="refactorOp?home=<%=portal.getPortalId()%>&amp;modeStr=fixDataTypes">Realign Datatype Literals</a></li> --%>
<li><a href="admin/sparqlquery">SPARQL Query</a></li>
<li><a href="ingest">Ingest Tools</a></li>
</ul>
<% } %>
<% } else { %>
<em>(IP address has changed)</em><br>
<% loginHandler.setLoginStatus("logged out");
}
} else {
loginHandler.setLoginStatus("logged out"); %>
<em>(session has expired)</em><br/>
<form class="old-global-form" name="login" action="login_process.jsp" method="post" onsubmit="return isValidLogin(this) ">
<input type="hidden" name="home" value="<%=portal.getPortalId()%>" />
Username:<input type="text" name="loginName" size="10" class="form-item" /><br />
Password:<input type="password" name="loginPassword" size="10" class="form-item" /><br />
<input type="submit" name="loginSubmitMode" value="Log In" class="form-item button" />
</form>
<% }
} else { /* not thrown out by coming from different IP address or expired session; check login status returned by authenticate.java */ %>
<% if ( loginHandler.getLoginStatus().equals("logged out")) { %>
<em class="noticeText">(currently logged out)</em>
<% } else if ( loginHandler.getLoginStatus().equals("bad_password")) { %>
<em class="errorText">(password incorrect)</em><br/>
<% } else if ( loginHandler.getLoginStatus().equals("first_login_no_password")) { %>
<em class="noticeText">(1st login; need to request initial password below)</em>
<% } else if ( loginHandler.getLoginStatus().equals("first_login_mistyped")) { %>
<em class="noticeText">(1st login; initial password entered incorrectly)</em>
<% } else if ( loginHandler.getLoginStatus().equals("first_login_changing_password")) { %>
<em class="noticeText">(1st login; changing to new private password)</em>
<% } else if ( loginHandler.getLoginStatus().equals("changing_password_repeated_old")) { %>
<em class="noticeText">(changing to a different password)</em>
<% } else if ( loginHandler.getLoginStatus().equals("changing_password")) { %>
<em class="noticeText">(changing to new password)</em>
<% } else if ( loginHandler.getLoginStatus().equals("none")) { %>
<!--<em class="noticeText">(new session)</em><br/>-->
<% } else { %>
<em class="errorText">status unrecognized: <%=loginHandler.getLoginStatus()%></em><br/>
<% } %>
<form id="ufform" class="old-global-form" name="login" action="shibauth_admin_login_process.jsp" method="post" onsubmit="return isValidLogin(this) ">
<input type="hidden" name="home" value="<%=portal.getPortalId()%>" />
<!--<label for="loginName">Username:</label>-->
<% String status= loginHandler.getLoginStatus();
if ( status.equals("bad_password") || status.equals("first_login_no_password")
|| status.equals("first_login_mistyped") || status.equals("first_login_changing_password")
|| status.equals("changing_password_repeated_old") || status.equals("changing_password") ) { %>
<input id="username" type="text" name="loginName" value='<%=loginHandler.getLoginName()%>' size="10" class="form-item" /><br />
<% } else { %>
<!--<input id="username" type="text" name="loginName" size="10" class="form-item" /><br />-->
<input type="hidden" name="loginName" value="" />
<% } %>
<!--
<label for="loginPassword">Password:</label>
<input id="password" type="password" name="loginPassword" size="10" class="form-item" /><br />
-->
<input type="hidden" name="password" value="" />
<% String passwordError=loginHandler.getErrorMsg("loginPassword");
if (passwordError!=null && !passwordError.equals("")) {%>
<em class="errorText passwordError"><%=passwordError%></em>
<% } %>
<!--<input type="submit" name="loginSubmitMode" value="Log In" class="form-item button" />-->
</form>
<% } %>
</div>
</div><%-- span-6 --%>
<div class="column span-17">
<% String aboutText=portal.getAboutText();
if (aboutText!=null && !aboutText.equals("")) {%>
<div class="pageGroupBody"><%=aboutText%></div>
<% }%>
<% String ackText=portal.getAcknowledgeText();
if (ackText!=null && !ackText.equals("")) {%>
<div class="pageGroupBody"><%=ackText%></div>
<% }%>
</div><%-- span-17 --%>
<!--<hr class="clear" />-->
</div> <!-- content -->
</body>
</html>

93
contrib/FLShibboleth/includes/shibauth_admin_login_process.jsp Executable file
View file

@ -0,0 +1,93 @@
<%@ page isThreadSafe="false" %>
<%@ page import="java.util.*" %>
<%@ page import="javax.servlet.*" %>
<%@ page import="javax.servlet.http.*" %>
<% final int DEFAULT_PORTAL_ID=1;
String portalIdStr=(portalIdStr=(String)request.getAttribute("home"))==null ?
((portalIdStr=request.getParameter("home"))==null?String.valueOf(DEFAULT_PORTAL_ID):portalIdStr):portalIdStr;
//int incomingPortalId=Integer.parseInt(portalIdStr); %>
<jsp:useBean id="loginHandler" class="edu.cornell.mannlib.vedit.beans.LoginFormBean" scope="session">
<jsp:setProperty name="loginHandler" property="*"/>
</jsp:useBean>
<%
// Get shib_idp and glid from the shib returned header information
//////////////////////////////////////////////////////////////////////
// Change both variables to empty string when shib works
//////////////////////////////////////////////////////////////////////
String shib_idp = "";
String glid = "";
Enumeration headerNames = request.getHeaderNames();
while(headerNames.hasMoreElements()) {
String headerName = (String)headerNames.nextElement();
if (headerName.equals("shib-identity-provider")) {
shib_idp = request.getHeader(headerName);
}
if (headerName.equals("glid")) {
glid = request.getHeader(headerName);
}
//out.println("<br>" + headerName + ":" + request.getHeader(headerName));
}
//out.println("<br>shib_idp:" + shib_idp);
//out.println("<br>glid:" + glid);
if (shib_idp.equals("https://login.ufl.edu/idp/shibboleth")) {
//out.println("<br>portalIdStr:" + portalIdStr);
%>
<%
String submitModeStr = request.getParameter("loginSubmitMode");
//out.println("<br>loginSubmitMode:" + submitModeStr);
if ( submitModeStr == null )
submitModeStr = "Log In";
//out.println("<br>loginSubmitMode:" + submitModeStr);
if ( submitModeStr == null )
submitModeStr = "unknown";
if ( submitModeStr.equals("Log Out")) {
%>
<jsp:forward page="/logout" >
<jsp:param name="home" value="<%=portalIdStr%>" />
</jsp:forward>
<%
} else if ( submitModeStr.equals("Log In")) {
//out.println("<br>Log In 1");
//String loginNameStr = request.getParameter("loginName");
String loginNameStr = glid;
String loginPasswordStr = "sia#ia*9"; //request.getParameter("loginPassword"); %>
<jsp:setProperty name="loginHandler" property="loginName" value="<%=loginNameStr%>" />
<jsp:setProperty name="loginHandler" property="loginPassword" value="<%=loginPasswordStr%>" />
<jsp:setProperty name="loginHandler" property="loginRemoteAddr" value="<%=request.getRemoteAddr()%>" />
<%
//if ( loginHandler.validateLoginForm() ) {
if ( loginNameStr != "" ) {
//out.println("<br>Log In 2");
%>
<jsp:forward page="/shibauthenticate" >
<jsp:param name="home" value="<%=portalIdStr%>" />
</jsp:forward>
<%
} else {
//out.println("<br>Log In 3");
String redirectURL="/vitro/about?home="+portalIdStr+"&amp;login=block";
response.sendRedirect(redirectURL);
}
}
%>
<%
} else {
out.println("<br>Wrong IDP<br>");
}
%>

BIN
contrib/FLShibboleth/includes/transbg50.png Executable file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 46 KiB

1180
contrib/FLShibboleth/includes/web.xml Executable file
View file

File diff suppressed because it is too large Load diff