[kune-commits] r1266 - in trunk/src/main/java: cc/kune/core/client/auth cc/kune/core/public cc/kune/gspace/client cc/kune/wave cc/kune/wave/client cc/kune/wave/public cc/kune/wave/public/static cc/kune/wave/public/static/images cc/kune/wave/server org/ourproject/kune/platf/server/manager/impl
Vicente J. Ruiz Jurado
vjrj_ at ourproject.org
Mon Feb 28 13:14:26 CET 2011
Author: vjrj_
Date: 2011-02-28 13:14:26 +0100 (Mon, 28 Feb 2011)
New Revision: 1266
Added:
trunk/src/main/java/cc/kune/wave/client/WaveClientSimpleAuthenticator.java
trunk/src/main/java/cc/kune/wave/public/
trunk/src/main/java/cc/kune/wave/public/static/
trunk/src/main/java/cc/kune/wave/public/static/auth.css
trunk/src/main/java/cc/kune/wave/public/static/favicon.ico
trunk/src/main/java/cc/kune/wave/public/static/images/
trunk/src/main/java/cc/kune/wave/public/static/images/unknown.jpg
trunk/src/main/java/cc/kune/wave/public/static/logo.png
trunk/src/main/java/cc/kune/wave/server/CustomAuthenticationServlet.java
Removed:
trunk/src/main/java/cc/kune/wave/client/WaveClientTester.java
Modified:
trunk/src/main/java/cc/kune/core/client/auth/SignInNewForm.java
trunk/src/main/java/cc/kune/core/client/auth/SignInPresenter.java
trunk/src/main/java/cc/kune/core/public/ws.html
trunk/src/main/java/cc/kune/gspace/client/WsArmor.java
trunk/src/main/java/cc/kune/gspace/client/WsArmorImpl.java
trunk/src/main/java/cc/kune/gspace/client/WsArmorImpl.ui.xml
trunk/src/main/java/cc/kune/wave/KuneWave.gwt.xml
trunk/src/main/java/cc/kune/wave/server/WaveMain.java
trunk/src/main/java/org/ourproject/kune/platf/server/manager/impl/UserManagerDefault.java
Log:
NEW - # 32: WIAB Server and Kune server running together
http://kune.ourproject.org/issues/ticket/32
Modified: trunk/src/main/java/cc/kune/core/client/auth/SignInNewForm.java
===================================================================
--- trunk/src/main/java/cc/kune/core/client/auth/SignInNewForm.java 2011-02-26 19:48:11 UTC (rev 1265)
+++ trunk/src/main/java/cc/kune/core/client/auth/SignInNewForm.java 2011-02-28 12:14:26 UTC (rev 1266)
@@ -44,7 +44,7 @@
public SignInNewForm(final I18nTranslationService i18n) {
initWidget(uiBinder.createAndBindUi(this));
- nick.setFieldLabel(i18n.t("Nickname or email"));
+ nick.setFieldLabel(i18n.t("Your nickname"));
password.setFieldLabel(i18n.t("Password"));
}
Modified: trunk/src/main/java/cc/kune/core/client/auth/SignInPresenter.java
===================================================================
--- trunk/src/main/java/cc/kune/core/client/auth/SignInPresenter.java 2011-02-26 19:48:11 UTC (rev 1265)
+++ trunk/src/main/java/cc/kune/core/client/auth/SignInPresenter.java 2011-02-28 12:14:26 UTC (rev 1266)
@@ -21,6 +21,7 @@
import cc.kune.common.client.log.Log;
import cc.kune.common.client.noti.NotifyLevel;
+import cc.kune.common.client.utils.SimpleCallback;
import cc.kune.common.client.utils.TextUtils;
import cc.kune.common.client.utils.TimerWrapper;
import cc.kune.common.client.utils.TimerWrapper.Executer;
@@ -36,7 +37,7 @@
import cc.kune.core.client.state.StateManager;
import cc.kune.core.shared.dto.UserDTO;
import cc.kune.core.shared.dto.UserInfoDTO;
-import cc.kune.wave.client.WaveClientTester;
+import cc.kune.wave.client.WaveClientSimpleAuthenticator;
import com.google.gwt.event.dom.client.ClickEvent;
import com.google.gwt.event.dom.client.ClickHandler;
@@ -60,14 +61,14 @@
private final Provider<Register> registerProvider;
private final TimerWrapper timer;
private final UserServiceAsync userService;
- private final WaveClientTester waveClientTester;
+ private final WaveClientSimpleAuthenticator waveClientTester;
@Inject
public SignInPresenter(final EventBus eventBus, final SignInView view, final SignInProxy proxy,
final Session session, final StateManager stateManager, final I18nUITranslationService i18n,
final UserServiceAsync userService, final Provider<Register> registerProvider,
final CookiesManager cookiesManager, final UserPassAutocompleteManager autocomplete,
- final TimerWrapper timeWrapper, final WaveClientTester waveClientTester) {
+ final TimerWrapper timeWrapper, final WaveClientSimpleAuthenticator waveClientTester) {
super(eventBus, view, proxy, session, stateManager, i18n, cookiesManager, autocomplete);
this.eventBus = eventBus;
this.userService = userService;
@@ -160,31 +161,41 @@
user.setShortName(nickOrEmail);
user.setPassword(passwd);
saveAutocompleteLoginData(nickOrEmail, passwd);
- final AsyncCallback<UserInfoDTO> callback = new AsyncCallback<UserInfoDTO>() {
+ waveClientTester.doLogin(nickOrEmail, passwd, new SimpleCallback() {
@Override
- public void onFailure(final Throwable caught) {
- getView().unMask();
- eventBus.fireEvent(new ProgressHideEvent());
- if (caught instanceof UserAuthException) {
- getView().setErrorMessage(i18n.t(CoreMessages.INCORRECT_NICKNAME_EMAIL_OR_PASSWORD),
- NotifyLevel.error);
- } else {
- getView().setErrorMessage("Error in login", NotifyLevel.error);
- Log.error("Other kind of exception in SignInPresenter/doLogin");
- }
+ public void onSuccess() {
+ final AsyncCallback<UserInfoDTO> callback = new AsyncCallback<UserInfoDTO>() {
+ @Override
+ public void onFailure(final Throwable caught) {
+ getView().unMask();
+ eventBus.fireEvent(new ProgressHideEvent());
+ if (caught instanceof UserAuthException) {
+ getView().setErrorMessage(i18n.t(CoreMessages.INCORRECT_NICKNAME_EMAIL_OR_PASSWORD),
+ NotifyLevel.error);
+ } else {
+ getView().setErrorMessage("Error in login", NotifyLevel.error);
+ Log.error("Other kind of exception in SignInPresenter/doLogin");
+ }
+ }
+
+ @Override
+ public void onSuccess(final UserInfoDTO userInfoDTO) {
+ onSignIn(userInfoDTO);
+ stateManager.restorePreviousToken();
+ getView().hide();
+ getView().unMask();
+
+ }
+ };
+ userService.login(user.getShortName(), user.getPassword(), callback);
}
@Override
- public void onSuccess(final UserInfoDTO userInfoDTO) {
- onSignIn(userInfoDTO);
- stateManager.restorePreviousToken();
- waveClientTester.doLogin(nickOrEmail, passwd);
- getView().hide();
- getView().unMask();
-
+ public void onCancel() {
+ getView().setErrorMessage("Error in login", NotifyLevel.error);
+ Log.error("SignInPresenter/doLogin fails in Wave auth");
}
- };
- userService.login(user.getShortName(), user.getPassword(), callback);
+ });
}
}
Modified: trunk/src/main/java/cc/kune/core/public/ws.html
===================================================================
--- trunk/src/main/java/cc/kune/core/public/ws.html 2011-02-26 19:48:11 UTC (rev 1265)
+++ trunk/src/main/java/cc/kune/core/public/ws.html 2011-02-28 12:14:26 UTC (rev 1266)
@@ -40,8 +40,8 @@
<script type="text/javascript" language="javascript">
var __session = {
"id" : "TK8O7UyqvT",
- "address" : "vjrj at kune.beta.iepala.es",
- "domain" : "kune.beta.iepala.es"
+ "address" : "kune at localhost",
+ "domain" : "localhost"
};
var __client_flags = {};
var __useSocketIO = true;
@@ -154,7 +154,7 @@
sites like this one, where you can <strong>communicate, share, collaborate with
others and create your web spaces easily</strong>. <a href="#signin">Join!</a>
</div>
-<div id="k-home-stats">
+<div id="k-home-stats" style="display: none;">
Latests groups created
</div>
</div>
Modified: trunk/src/main/java/cc/kune/gspace/client/WsArmor.java
===================================================================
--- trunk/src/main/java/cc/kune/gspace/client/WsArmor.java 2011-02-26 19:48:11 UTC (rev 1265)
+++ trunk/src/main/java/cc/kune/gspace/client/WsArmor.java 2011-02-28 12:14:26 UTC (rev 1266)
@@ -43,6 +43,8 @@
ForIsWidget getSitebar();
+ ForIsWidget getUserSpace();
+
void selectGroupSpace();
void selectHomeSpace();
@@ -50,7 +52,4 @@
void selectPublicSpace();
void selectUserSpace();
-
- void setFrameUrlForTesting(String url);
-
}
\ No newline at end of file
Modified: trunk/src/main/java/cc/kune/gspace/client/WsArmorImpl.java
===================================================================
--- trunk/src/main/java/cc/kune/gspace/client/WsArmorImpl.java 2011-02-26 19:48:11 UTC (rev 1265)
+++ trunk/src/main/java/cc/kune/gspace/client/WsArmorImpl.java 2011-02-28 12:14:26 UTC (rev 1266)
@@ -27,7 +27,6 @@
import com.google.gwt.user.client.ui.Composite;
import com.google.gwt.user.client.ui.DockLayoutPanel;
import com.google.gwt.user.client.ui.FlowPanel;
-import com.google.gwt.user.client.ui.Frame;
import com.google.gwt.user.client.ui.InsertPanel.ForIsWidget;
import com.google.gwt.user.client.ui.RootPanel;
import com.google.gwt.user.client.ui.SimplePanel;
@@ -63,8 +62,6 @@
@UiField
VerticalPanel entityToolsSouth;
@UiField
- Frame frame;
- @UiField
SplitLayoutPanel groupSpace;
@UiField
SimplePanel homeSpace;
@@ -81,7 +78,7 @@
@UiField
TabLayoutPanel tabs;
@UiField
- SimplePanel userSpace;
+ FlowPanel userSpace;
@Inject
public WsArmorImpl(final PSpacePresenter pspace) {
@@ -90,7 +87,6 @@
tabs.setStyleName("k-spaces");
homeSpace.add(RootPanel.get("k-home-wrapper"));
publicSpace.add(pspace.getWidget());
- // userSpace.add(new Label("User space"));
}
@Override
@@ -143,6 +139,10 @@
return sitebar;
}
+ public ForIsWidget getUserSpace() {
+ return userSpace;
+ }
+
@Override
public void selectGroupSpace() {
tabs.selectTab(groupSpace);
@@ -162,10 +162,4 @@
public void selectUserSpace() {
tabs.selectTab(userSpace);
}
-
- @Override
- @Deprecated
- public void setFrameUrlForTesting(final String url) {
- frame.setUrl(url);
- }
}
Modified: trunk/src/main/java/cc/kune/gspace/client/WsArmorImpl.ui.xml
===================================================================
--- trunk/src/main/java/cc/kune/gspace/client/WsArmorImpl.ui.xml 2011-02-26 19:48:11 UTC (rev 1265)
+++ trunk/src/main/java/cc/kune/gspace/client/WsArmorImpl.ui.xml 2011-02-28 12:14:26 UTC (rev 1266)
@@ -26,11 +26,11 @@
</g:tab>
<g:tab>
<g:header size='0' />
- <g:SimplePanel ui:field="userSpace" width="100%"
+ <g:FlowPanel ui:field="userSpace" width="100%"
height="100%">
- <g:Frame url="http://localhost:9898/" styleName="{style.frame}"
- ui:field="frame" width="100%" height="100%" />
- </g:SimplePanel>
+<!-- <g:Frame url="/" styleName="{style.frame}"-->
+<!-- ui:field="frame" width="100%" height="100%" />-->
+ </g:FlowPanel>
</g:tab>
<g:tab>
<g:header size='0' />
Modified: trunk/src/main/java/cc/kune/wave/KuneWave.gwt.xml
===================================================================
--- trunk/src/main/java/cc/kune/wave/KuneWave.gwt.xml 2011-02-26 19:48:11 UTC (rev 1265)
+++ trunk/src/main/java/cc/kune/wave/KuneWave.gwt.xml 2011-02-28 12:14:26 UTC (rev 1266)
@@ -3,6 +3,7 @@
<module>
<inherits name="com.google.gwt.user.User" />
<source path="client" />
+ <public path="public" />
<inherits name="com.google.common.base.Base" />
<inherits name='com.google.gwt.user.User' />
<inherits name="com.google.gwt.event.EventBase" />
Copied: trunk/src/main/java/cc/kune/wave/client/WaveClientSimpleAuthenticator.java (from rev 1265, trunk/src/main/java/cc/kune/wave/client/WaveClientTester.java)
===================================================================
--- trunk/src/main/java/cc/kune/wave/client/WaveClientSimpleAuthenticator.java (rev 0)
+++ trunk/src/main/java/cc/kune/wave/client/WaveClientSimpleAuthenticator.java 2011-02-28 12:14:26 UTC (rev 1266)
@@ -0,0 +1,63 @@
+package cc.kune.wave.client;
+
+import cc.kune.common.client.log.Log;
+import cc.kune.common.client.noti.NotifyUser;
+import cc.kune.common.client.utils.SimpleCallback;
+import cc.kune.common.client.utils.WindowUtils;
+import cc.kune.gspace.client.WsArmor;
+
+import com.google.gwt.http.client.Request;
+import com.google.gwt.http.client.RequestBuilder;
+import com.google.gwt.http.client.RequestCallback;
+import com.google.gwt.http.client.RequestException;
+import com.google.gwt.http.client.Response;
+import com.google.gwt.http.client.URL;
+import com.google.gwt.user.client.ui.InsertPanel.ForIsWidget;
+import com.google.inject.Inject;
+
+public class WaveClientSimpleAuthenticator {
+
+ private final WsArmor wsArmor;
+
+ @Inject
+ public WaveClientSimpleAuthenticator(final WsArmor wsArmor) {
+ this.wsArmor = wsArmor;
+ }
+
+ public void doLogin(final String userWithoutDomain, final String passwd, final SimpleCallback callback) {
+ final RequestBuilder request = new RequestBuilder(RequestBuilder.POST, "/auth/signin");
+ final StringBuffer params = new StringBuffer();
+ params.append("address=");
+ params.append(URL.encodeQueryString(userWithoutDomain));
+ params.append("&password=");
+ params.append(URL.encodeQueryString(passwd));
+ params.append("&signIn=");
+ params.append(URL.encodeQueryString("Sign in"));
+ try {
+ request.setHeader("Content-Type", "application/x-www-form-urlencoded");
+ request.sendRequest(params.toString(), new RequestCallback() {
+ @Override
+ public void onError(final Request request, final Throwable exception) {
+ NotifyUser.error(exception.getStackTrace().toString(), true);
+ callback.onCancel();
+ }
+
+ @Override
+ public void onResponseReceived(final Request request, final Response response) {
+ final String url = WindowUtils.getLocation().getHost() + "/";
+ Log.debug("Wave client url: " + url);
+ callback.onSuccess();
+ // String token =
+ // Cookies.getCookie(JETTY_SESSION_TOKEN_NAME);
+ final ForIsWidget userSpace = wsArmor.getUserSpace();
+ if (userSpace.getWidgetCount() > 0) {
+ userSpace.remove(0);
+ }
+ userSpace.add(new WebClient());
+ }
+ });
+ } catch (final RequestException e) {
+ NotifyUser.error(e.getStackTrace().toString(), true);
+ }
+ }
+}
Deleted: trunk/src/main/java/cc/kune/wave/client/WaveClientTester.java
===================================================================
--- trunk/src/main/java/cc/kune/wave/client/WaveClientTester.java 2011-02-26 19:48:11 UTC (rev 1265)
+++ trunk/src/main/java/cc/kune/wave/client/WaveClientTester.java 2011-02-28 12:14:26 UTC (rev 1266)
@@ -1,72 +0,0 @@
-package cc.kune.wave.client;
-
-import cc.kune.common.client.log.Log;
-import cc.kune.common.client.noti.NotifyUser;
-import cc.kune.common.client.utils.WindowUtils;
-import cc.kune.core.client.state.Session;
-import cc.kune.core.client.state.UserSignInEvent;
-import cc.kune.core.client.state.UserSignInEvent.UserSignInHandler;
-import cc.kune.core.client.state.UserSignOutEvent;
-import cc.kune.core.client.state.UserSignOutEvent.UserSignOutHandler;
-import cc.kune.gspace.client.WsArmor;
-
-import com.google.gwt.http.client.Request;
-import com.google.gwt.http.client.RequestBuilder;
-import com.google.gwt.http.client.RequestCallback;
-import com.google.gwt.http.client.RequestException;
-import com.google.gwt.http.client.Response;
-import com.google.gwt.http.client.URL;
-import com.google.inject.Inject;
-
-public class WaveClientTester {
-
- private final WsArmor wsarmor;
-
- @Inject
- public WaveClientTester(final WsArmor wsarmor, final Session session) {
- this.wsarmor = wsarmor;
- session.onUserSignIn(true, new UserSignInHandler() {
- @Override
- public void onUserSignIn(final UserSignInEvent event) {
- doLogin(event.getUserInfo().getChatName(), event.getUserInfo().getChatPassword());
- }
- });
-
- session.onUserSignOut(true, new UserSignOutHandler() {
- @Override
- public void onUserSignOut(final UserSignOutEvent event) {
- // TODO Auto-generated method stub
- }
- });
- }
-
- public void doLogin(final String userWithoutDomain, final String passwd) {
- final RequestBuilder request = new RequestBuilder(RequestBuilder.POST, "/auth/signin");
- final StringBuffer params = new StringBuffer();
- params.append("address=");
- params.append(URL.encodeQueryString(userWithoutDomain));
- params.append("&password=");
- params.append(URL.encodeQueryString(passwd));
- params.append("&signIn=");
- params.append(URL.encodeQueryString("Sign in"));
- try {
- request.setHeader("Content-Type", "application/x-www-form-urlencoded");
- request.sendRequest(params.toString(), new RequestCallback() {
- @Override
- public void onError(final Request request, final Throwable exception) {
- NotifyUser.error(exception.getStackTrace().toString(), true);
- }
-
- @Override
- public void onResponseReceived(final Request request, final Response response) {
- final String url = WindowUtils.getLocation().getHost() + "/";
- Log.debug("Wave client url: " + url);
- // wsarmor.setFrameUrlForTesting(url);
- wsarmor.setFrameUrlForTesting("/");
- }
- });
- } catch (final RequestException e) {
- NotifyUser.error(e.getStackTrace().toString(), true);
- }
- }
-}
Added: trunk/src/main/java/cc/kune/wave/public/static/auth.css
===================================================================
--- trunk/src/main/java/cc/kune/wave/public/static/auth.css (rev 0)
+++ trunk/src/main/java/cc/kune/wave/public/static/auth.css 2011-02-28 12:14:26 UTC (rev 1266)
@@ -0,0 +1,112 @@
+body {
+ background-color: #ffffff margin-top : 2;
+}
+
+body {
+ font-family: arial, sans-serif;
+}
+
+#wiab_loginform {
+ margin: 0;
+}
+
+#wiab_loginbox_td {
+ padding-right: 10px;
+}
+
+.form-noindent {
+ border: #0066cc 2px solid;
+ background-color: white;
+}
+
+.bubble {
+ background-color: #62c4fb;
+}
+
+.tl {
+ font-size: 1px;
+ padding: 0;
+ width: 4;
+ text-align: left;
+ vertical-align: top
+}
+
+.tr {
+ font-size: 1px;
+ padding: 0;
+ width: 2;
+ text-align: right;
+ vertical-align: top
+}
+
+.bl {
+ font-size: 1px;
+ padding: 0;
+ width: 4;
+ text-align: left;
+ vertical-align: bottom
+}
+
+.br {
+ font-size: 1px;
+ padding: 0;
+ width: 4;
+ text-align: right;
+ vertical-align: bottom
+}
+
+.loginBox {
+ padding: 5px 5px 20px;
+ margin: 0;
+ text-align: center;
+ background-color: #d3d4d6;
+}
+
+.loginBox td {
+ padding-bottom: 5px;
+}
+
+.loginBox td.smallfont {
+ font-size: 80%;
+}
+
+.loginBox h2 {
+ margin: 0;
+ font-weight: bold;
+ font-size: 120%;
+}
+
+.loginBox table {
+ margin: 0;
+ text-align: left;
+}
+
+.loginBox p {
+ text-align: left;
+}
+
+.alBox {
+ padding: 5px 10px;
+ margin: 0;
+}
+
+.alBox h4 {
+ margin: 0;
+ font-size: 80%;
+}
+
+.wiab.le.lbl {
+ font-family: Arial, Helvetica, sans-serif;
+ font-size: smaller;
+}
+
+.wiab.le.val {
+ font-family: Arial, Helvetica, sans-serif;
+ font-size: smaller;
+}
+
+.wiab.le.button {
+ font-family: Arial, Helvetica, sans-serif;
+ font-size: smaller;
+}
+
Added: trunk/src/main/java/cc/kune/wave/public/static/favicon.ico
===================================================================
(Binary files differ)
Property changes on: trunk/src/main/java/cc/kune/wave/public/static/favicon.ico
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: trunk/src/main/java/cc/kune/wave/public/static/images/unknown.jpg
===================================================================
(Binary files differ)
Property changes on: trunk/src/main/java/cc/kune/wave/public/static/images/unknown.jpg
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: trunk/src/main/java/cc/kune/wave/public/static/logo.png
===================================================================
(Binary files differ)
Property changes on: trunk/src/main/java/cc/kune/wave/public/static/logo.png
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Added: trunk/src/main/java/cc/kune/wave/server/CustomAuthenticationServlet.java
===================================================================
--- trunk/src/main/java/cc/kune/wave/server/CustomAuthenticationServlet.java (rev 0)
+++ trunk/src/main/java/cc/kune/wave/server/CustomAuthenticationServlet.java 2011-02-28 12:14:26 UTC (rev 1266)
@@ -0,0 +1,247 @@
+package cc.kune.wave.server;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.net.URLDecoder;
+import java.nio.ByteBuffer;
+import java.nio.CharBuffer;
+import java.nio.charset.CharacterCodingException;
+import java.nio.charset.Charset;
+import java.nio.charset.CharsetDecoder;
+import java.nio.charset.CodingErrorAction;
+import java.security.Principal;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.login.Configuration;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import org.eclipse.jetty.util.MultiMap;
+import org.eclipse.jetty.util.UrlEncoded;
+import org.waveprotocol.box.server.CoreSettings;
+import org.waveprotocol.box.server.authentication.HttpRequestBasedCallbackHandler;
+import org.waveprotocol.box.server.authentication.ParticipantPrincipal;
+import org.waveprotocol.box.server.authentication.SessionManager;
+import org.waveprotocol.box.server.gxp.AuthenticationPage;
+import org.waveprotocol.box.server.rpc.BaseUrlHelper;
+import org.waveprotocol.wave.model.wave.InvalidParticipantAddress;
+import org.waveprotocol.wave.model.wave.ParticipantId;
+import org.waveprotocol.wave.util.logging.Log;
+
+import com.google.common.base.Preconditions;
+import com.google.common.base.Strings;
+import com.google.gxp.base.GxpContext;
+import com.google.inject.Inject;
+import com.google.inject.name.Named;
+
+/**
+ * A servlet for authenticating a user's password and giving them a token via a
+ * cookie.
+ *
+ * @author josephg at gmail.com (Joseph Gentle)
+ */
+public class CustomAuthenticationServlet extends HttpServlet {
+ private static final String DEFAULT_REDIRECT_URL = "/";
+ public static final String RESPONSE_STATUS_NONE = "NONE";
+ public static final String RESPONSE_STATUS_FAILED = "FAILED";
+ public static final String RESPONSE_STATUS_SUCCESS = "SUCCESS";
+
+ private static final Log LOG = Log.get(CustomAuthenticationServlet.class);
+
+ private final Configuration configuration;
+ private final SessionManager sessionManager;
+ private final String domain;
+ private final String baseUrl;
+
+ @Inject
+ public CustomAuthenticationServlet(Configuration configuration, SessionManager sessionManager,
+ @Named(CoreSettings.WAVE_SERVER_DOMAIN) String domain, @Named(CoreSettings.HTTP_BASE_URL) String baseUrl) {
+ Preconditions.checkNotNull(configuration, "Configuration is null");
+ Preconditions.checkNotNull(sessionManager, "Session manager is null");
+ this.configuration = configuration;
+ this.sessionManager = sessionManager;
+ this.domain = domain.toLowerCase();
+ this.baseUrl = BaseUrlHelper.removeLastSlash(baseUrl);
+ }
+
+ @SuppressWarnings("unchecked")
+ public LoginContext login(BufferedReader body) throws IOException, LoginException {
+ try {
+ Subject subject = new Subject();
+
+ String parametersLine = body.readLine();
+ // Throws UnsupportedEncodingException.
+ byte[] utf8Bytes = parametersLine.getBytes("UTF-8");
+
+ CharsetDecoder utf8Decoder = Charset.forName("UTF-8").newDecoder();
+ utf8Decoder.onMalformedInput(CodingErrorAction.IGNORE);
+ utf8Decoder.onUnmappableCharacter(CodingErrorAction.IGNORE);
+
+ // Throws CharacterCodingException.
+ CharBuffer parsed = utf8Decoder.decode(ByteBuffer.wrap(utf8Bytes));
+ parametersLine = parsed.toString();
+
+ MultiMap<String> parameters = new UrlEncoded(parametersLine);
+ CallbackHandler callbackHandler = new HttpRequestBasedCallbackHandler(parameters);
+
+ LoginContext context = new LoginContext("Wave", subject, callbackHandler, configuration);
+
+ // If authentication fails, login() will throw a LoginException.
+ context.login();
+ return context;
+ } catch (CharacterCodingException cce) {
+ throw new LoginException("Character coding exception (not utf-8): "
+ + cce.getLocalizedMessage());
+ } catch (UnsupportedEncodingException uee) {
+ throw new LoginException("ad character encoding specification: " + uee.getLocalizedMessage());
+ }
+ }
+
+ /**
+ * The POST request should have all the fields required for authentication.
+ */
+ @Override
+ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+ req.setCharacterEncoding("UTF-8");
+ LoginContext context;
+ try {
+ context = login(req.getReader());
+ } catch (LoginException e) {
+ String message = "The username or password you entered is incorrect.";
+ String responseType = RESPONSE_STATUS_FAILED;
+ LOG.info("User authentication failed: " + e.getLocalizedMessage());
+ resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
+ AuthenticationPage.write(resp.getWriter(), new GxpContext(req.getLocale()), domain, baseUrl, message,
+ responseType);
+ return;
+ }
+
+ Subject subject = context.getSubject();
+
+ ParticipantId loggedInAddress;
+ try {
+ loggedInAddress = getLoggedInUser(subject);
+ } catch (InvalidParticipantAddress e1) {
+ throw new IllegalStateException(
+ "The user provided valid authentication information, but the username"
+ + " isn't a valid user address.");
+ }
+
+ if (loggedInAddress == null) {
+ try {
+ context.logout();
+ } catch (LoginException e) {
+ // Logout failed. Absorb the error, since we're about to throw an
+ // illegal state exception anyway.
+ }
+ throw new IllegalStateException(
+ "The user provided valid authentication information, but we don't "
+ + "know how to map their identity to a wave user address.");
+ }
+
+ HttpSession session = req.getSession(true);
+ sessionManager.setLoggedInUser(session, loggedInAddress);
+ // The context needs to be notified when the user logs out.
+ session.setAttribute("context", context);
+ LOG.info("Authenticated user " + loggedInAddress);
+
+ redirectLoggedInUser(req, resp);
+ }
+
+ /**
+ * Get the participant id of the given subject.
+ *
+ * The subject is searched for compatible principals. When other
+ * authentication types are added, this method will need to be updated to
+ * support their principal types.
+ *
+ * @throws InvalidParticipantAddress The subject's address is invalid
+ */
+ private ParticipantId getLoggedInUser(Subject subject) throws InvalidParticipantAddress {
+ String address = null;
+
+ for (Principal p : subject.getPrincipals()) {
+ // TODO(josephg): When we support other authentication types (LDAP, etc),
+ // this method will need to read the address portion out of the other principal types.
+ if (p instanceof ParticipantPrincipal) {
+ address = ((ParticipantPrincipal) p).getName();
+ break;
+ }
+ }
+
+ return address == null ? null : ParticipantId.of(address);
+ }
+
+ /**
+ * On GET, present a login form if the user isn't authenticated.
+ */
+ @Override
+ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+ // If the user is already logged in, we'll try to redirect them immediately.
+ resp.setCharacterEncoding("UTF-8");
+ req.setCharacterEncoding("UTF-8");
+ HttpSession session = req.getSession(false);
+ ParticipantId user = sessionManager.getLoggedInUser(session);
+
+ if (user != null) {
+ redirectLoggedInUser(req, resp);
+ } else {
+ resp.setStatus(HttpServletResponse.SC_OK);
+ resp.setContentType("text/html;charset=utf-8");
+ AuthenticationPage.write(resp.getWriter(), new GxpContext(req.getLocale()), domain, baseUrl, "",
+ RESPONSE_STATUS_NONE);
+ }
+ }
+
+ /**
+ * Redirect the user back to DEFAULT_REDIRECT_URL, unless a custom redirect
+ * URL has been specified in the query string; in which case redirect there.
+ *
+ * Only redirects to local URLs are allowed.
+ *
+ * @throws IOException
+ */
+ private void redirectLoggedInUser(HttpServletRequest req, HttpServletResponse resp)
+ throws IOException {
+ Preconditions.checkState(sessionManager.getLoggedInUser(req.getSession(false)) != null,
+ "The user is not logged in");
+ String query = req.getQueryString();
+
+ // Not using req.getParameter() for this because calling that method might parse the password
+ // sitting in POST data into a String, where it could be read by another process after the
+ // string is garbage collected.
+ if (query == null || !query.startsWith("r=")) {
+ resp.sendRedirect(baseUrl + DEFAULT_REDIRECT_URL);
+ return;
+ }
+
+ String encoded_url = query.substring("r=".length());
+ String path = URLDecoder.decode(encoded_url, "UTF-8");
+
+ // The URL must not be an absolute URL to prevent people using this as a
+ // generic redirection service.
+ URI uri;
+ try {
+ uri = new URI(path);
+ } catch (URISyntaxException e) {
+ // The redirect URL is invalid.
+ resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+ return;
+ }
+
+ if (Strings.isNullOrEmpty(uri.getHost()) == false) {
+ // The URL includes a host component. Disallow it.
+ resp.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+ } else {
+ resp.sendRedirect(path);
+ }
+ }
+}
Modified: trunk/src/main/java/cc/kune/wave/server/WaveMain.java
===================================================================
--- trunk/src/main/java/cc/kune/wave/server/WaveMain.java 2011-02-26 19:48:11 UTC (rev 1265)
+++ trunk/src/main/java/cc/kune/wave/server/WaveMain.java 2011-02-28 12:14:26 UTC (rev 1266)
@@ -39,7 +39,6 @@
import org.waveprotocol.box.server.robots.dataapi.DataApiServlet;
import org.waveprotocol.box.server.robots.passive.RobotsGateway;
import org.waveprotocol.box.server.rpc.AttachmentServlet;
-import org.waveprotocol.box.server.rpc.AuthenticationServlet;
import org.waveprotocol.box.server.rpc.FetchServlet;
import org.waveprotocol.box.server.rpc.SignOutServlet;
import org.waveprotocol.box.server.waveserver.WaveBus;
@@ -124,7 +123,7 @@
private static void initializeServlets(final Injector injector, final CustomServerRpcProvider server) {
server.addServlet("/attachment/*", injector.getInstance(AttachmentServlet.class));
- server.addServlet(SessionManager.SIGN_IN_URL, injector.getInstance(AuthenticationServlet.class));
+ server.addServlet(SessionManager.SIGN_IN_URL, injector.getInstance(CustomAuthenticationServlet.class));
server.addServlet("/auth/signout", injector.getInstance(SignOutServlet.class));
server.addServlet("/auth/register", injector.getInstance(CustomUserRegistrationServlet.class));
Modified: trunk/src/main/java/org/ourproject/kune/platf/server/manager/impl/UserManagerDefault.java
===================================================================
--- trunk/src/main/java/org/ourproject/kune/platf/server/manager/impl/UserManagerDefault.java 2011-02-26 19:48:11 UTC (rev 1265)
+++ trunk/src/main/java/org/ourproject/kune/platf/server/manager/impl/UserManagerDefault.java 2011-02-28 12:14:26 UTC (rev 1266)
@@ -19,6 +19,9 @@
*/
package org.ourproject.kune.platf.server.manager.impl;
+import java.io.IOException;
+import java.net.HttpCookie;
+import java.net.MalformedURLException;
import java.util.Collection;
import java.util.List;
import java.util.TimeZone;
@@ -38,7 +41,10 @@
import org.ourproject.kune.platf.server.manager.I18nLanguageManager;
import org.ourproject.kune.platf.server.manager.UserManager;
import org.ourproject.kune.platf.server.properties.ChatProperties;
+import org.waveprotocol.box.consoleclient.ClientAuthenticator;
+import org.waveprotocol.box.server.CoreSettings;
import org.waveprotocol.box.server.authentication.PasswordDigest;
+import org.waveprotocol.box.server.authentication.SessionManager;
import cc.kune.core.client.errors.I18nNotFoundException;
import cc.kune.core.client.errors.UserRegistrationException;
@@ -53,6 +59,7 @@
import com.google.inject.Inject;
import com.google.inject.Provider;
import com.google.inject.Singleton;
+import com.google.inject.name.Named;
@Singleton
public class UserManagerDefault extends DefaultManager<User, Long> implements UserManager {
More information about the kune-commits
mailing list