test/cuba
1
0
Fork 0
mirror of https://gitee.com/jmix/cuba.git synced 2024-12-02 19:27:57 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Remove JespaAuthProvider and Jespa dependency from the platform. #PL-2645

Browse Source
This commit is contained in:
Konstantin Krivopustov 2013-09-18 08:37:38 +00:00
parent 68c33c99e3
commit 0bfdabb1d7
4 changed files with 0 additions and 229 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
build.gradle
View File

@ -315,7 +315,6 @@ configure(webModule) {
compile(guiModule)
compile(webAuthModule)
compile(group: 'com.haulmont.thirdparty', name: 'jespa', version: '1.0.7')
compile(group: 'commons-fileupload', name: 'commons-fileupload', version: '1.2.2')
compile(group: 'org.jasig.cas', name: 'cas-client-core', version: '3.1.10')
compile(group: 'org.springframework', name: 'spring-webmvc', version: '3.1.3.RELEASE')
@ -324,8 +323,6 @@ configure(webModule) {
compile(group: 'com.haulmont.thirdparty', name: 'popupbutton', version: '2.2.1')
runtime(group: 'com.haulmont.thirdparty', name: 'jcifs', version: '1.3.10')
provided(servletApi)
}
@ -384,9 +381,6 @@ configure(webAuthModule) {
dependencies {
compile(globalModule)
compile(group: 'com.haulmont.thirdparty', name: 'jespa', version: '1.0.7')
runtime(group: 'com.haulmont.thirdparty', name: 'jcifs', version: '1.3.10')
provided(servletApi)
}
}

2
modules/global/src/cuba-credits.xml
View File

@ -155,8 +155,6 @@ included both in freemarker.jar and in the source code:
<item name="Apache HttpComponents" web="http://hc.apache.org/" license="apache-2.0"/>
<item name="jCIFS" web="http://jcifs.samba.org/" license="lgpl-2.1"/>
<item name="JGroups" web="http://www.jgroups.org/" license="lgpl-2.1"/>
<item name="JSON" web="http://json.org/java/">

218
modules/web-auth/src/com/haulmont/cuba/web/auth/JespaAuthProvider.java
View File

@ -1,218 +0,0 @@
/*
* Copyright (c) 2008-2013 Haulmont. All rights reserved.
* Use is subject to license terms, see http://www.cuba-platform.com/license for details.
*/
package com.haulmont.cuba.web.auth;
import com.haulmont.cuba.core.global.*;
import com.haulmont.cuba.core.sys.AppContext;
import com.haulmont.cuba.security.global.LoginException;
import jespa.http.HttpSecurityService;
import jespa.ntlm.NtlmSecurityProvider;
import jespa.security.PasswordCredential;
import jespa.security.SecurityProviderException;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import javax.inject.Inject;
import javax.servlet.*;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
/**
* @author artamonov
* @version $Id$
*/
@SuppressWarnings("unused")
public class JespaAuthProvider extends HttpSecurityService implements CubaAuthProvider {
private static class DomainInfo {
private String bindStr;
private String acctName;
private String acctPassword;
private DomainInfo(String bindStr, String acctName, String acctPassword) {
this.acctName = acctName;
this.acctPassword = acctPassword;
this.bindStr = bindStr;
}
}
private static Map<String, DomainInfo> domains = new HashMap<>();
private static String defaultDomain;
private Log log = LogFactory.getLog(getClass());
@Inject
private Configuration configuration;
@Inject
private Messages messages;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
initDomains();
Map<String, String> properties = new HashMap<>();
properties.put("jespa.bindstr", getBindStr());
properties.put("jespa.service.acctname", getAcctName());
properties.put("jespa.service.password", getAcctPassword());
properties.put("jespa.account.canonicalForm", "3");
properties.put("jespa.log.path", configuration.getConfig(GlobalConfig.class).getLogDir() + "/jespa.log");
fillFromSystemProperties(properties);
try {
super.init(properties);
} catch (SecurityProviderException e) {
throw new ServletException(e);
}
}
@Override
public void destroy() {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
log.debug("NTLM auth");
super.doFilter(request, response, chain);
}
@Override
public void authenticate(String login, String password, Locale loc) throws LoginException {
DomainAliasesResolver aliasesResolver = AppBeans.get(DomainAliasesResolver.NAME);
String domain;
String userName;
int atSignPos = login.indexOf("@");
if (atSignPos >= 0) {
String domainAlias = login.substring(atSignPos + 1);
domain = aliasesResolver.getDomainName(domainAlias).toUpperCase();
userName = login.substring(0, atSignPos);
} else {
int slashPos = login.indexOf('\\');
if (slashPos <= 0) {
throw new LoginException(
messages.getMessage(ActiveDirectoryHelper.class, "activeDirectory.invalidName", loc),
login
);
}
String domainAlias = login.substring(0, slashPos);
domain = aliasesResolver.getDomainName(domainAlias).toUpperCase();
userName = login.substring(slashPos + 1);
}
DomainInfo domainInfo = domains.get(domain);
if (domainInfo == null) {
throw new LoginException(
messages.getMessage(ActiveDirectoryHelper.class, "activeDirectory.unknownDomain", loc),
domain
);
}
Map<String, String> params = new HashMap<>();
params.put("bindstr", domainInfo.bindStr);
params.put("service.acctname", domainInfo.acctName);
params.put("service.password", domainInfo.acctPassword);
params.put("account.canonicalForm", "3");
fillFromSystemProperties(params);
NtlmSecurityProvider provider = new NtlmSecurityProvider(params);
try {
PasswordCredential credential = new PasswordCredential(userName, password.toCharArray());
provider.authenticate(credential);
} catch (SecurityProviderException e) {
throw new LoginException(
messages.getMessage(ActiveDirectoryHelper.class, "activeDirectory.authenticationError", loc),
e.getMessage()
);
}
}
@Override
public boolean needAuth(ServletRequest request) {
return true;
}
@Override
public boolean authSupported(HttpSession session) {
return true;
}
private void initDomains() {
WebAuthConfig webConfig = configuration.getConfig(WebAuthConfig.class);
String domainsStr = webConfig.getActiveDirectoryDomains();
if (!StringUtils.isBlank(domainsStr)) {
String[] strings = domainsStr.split(";");
for (int i = 0; i < strings.length; i++) {
String domain = strings[i];
domain = domain.trim();
if (!StringUtils.isBlank(domain)) {
String[] parts = domain.split("\\|");
if (parts.length != 4) {
log.error("Invalid ActiveDirectory domain definition: " + domain);
break;
} else {
domains.put(parts[0], new DomainInfo(parts[1], parts[2], parts[3]));
if (i == 0)
defaultDomain = parts[0];
}
}
}
}
}
public String getDefaultDomain() {
return defaultDomain != null ? defaultDomain : "";
}
public String getBindStr() {
return getBindStr(getDefaultDomain());
}
public String getBindStr(String domain) {
initDomains();
DomainInfo domainInfo = domains.get(domain);
return domainInfo != null ? domainInfo.bindStr : "";
}
public String getAcctName() {
return getAcctName(getDefaultDomain());
}
public String getAcctName(String domain) {
initDomains();
DomainInfo domainInfo = domains.get(domain);
return domainInfo != null ? domainInfo.acctName : "";
}
public String getAcctPassword() {
return getAcctPassword(getDefaultDomain());
}
public String getAcctPassword(String domain) {
initDomains();
DomainInfo domainInfo = domains.get(domain);
return domainInfo != null ? domainInfo.acctPassword : "";
}
public void fillFromSystemProperties(Map<String, String> params) {
for (String name : AppContext.getPropertyNames()) {
if (name.startsWith("jespa.")) {
params.put(name, AppContext.getProperty(name));
}
}
}
}

3
modules/web/src/cuba-web-app.properties
View File

@ -79,9 +79,6 @@ cuba.web.kerberosAuthModule=AUTH.HAULMONT.COM
cuba.web.loginDialogDefaultUser=admin
cuba.web.loginDialogDefaultPassword=admin
# Jespa logging level (ActiveDirectory integration)
jespa.log.level=3
###############################################################################
# Presentation #
###############################################################################