Permalink
Browse files

Issue #57 - Single Sign-On support and CAS SSO optional plugin

  • Loading branch information...
joshdrummond committed Jun 7, 2015
1 parent 441801c commit b87e6795e44d0dbea157baaae62d988c279ca040
View
31 pom.xml
@@ -205,6 +205,11 @@
<artifactId>groovy-all</artifactId>
<version>1.8.6</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>jstl</artifactId>
<version>1.2</version>
</dependency>
<!-- GWT dependencies (from central repo) -->
<dependency>
@@ -273,7 +278,31 @@
<version>8.1.0</version>
</dependency>
-->
<!-- CAS SSO Authentication -->
<!--
<dependency>
<groupId>org.jasig.cas.client</groupId>
<artifactId>cas-client-core</artifactId>
<version>3.3.3</version>
<exclusions>
<exclusion>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>xml-apis</groupId>
<artifactId>xml-apis</artifactId>
<version>1.4.01</version>
</dependency>
<dependency>
<groupId>org.opensaml</groupId>
<artifactId>opensaml1</artifactId>
<version>1.1</version>
</dependency>
-->
<!-- test -->
<dependency>
<groupId>junit</groupId>
@@ -1,5 +1,5 @@
/*
Copyright 2008-2012 Josh Drummond
Copyright 2008-2015 Josh Drummond
This file is part of WebPasswordSafe.
@@ -23,7 +23,7 @@
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import net.webpasswordsafe.common.model.Group;
import net.webpasswordsafe.common.dto.SystemSettings;
import net.webpasswordsafe.common.model.User;
import net.webpasswordsafe.common.util.Constants.Function;
@@ -39,10 +39,10 @@
private static final ClientSessionUtil clientSessionUtil = new ClientSessionUtil();
private User user;
private Group everyoneGroup;
private boolean isLoggedIn;
private Map<Function, Boolean> authorizations;
private List<Map<String, Object>> reports;
private SystemSettings systemSettings;
public static ClientSessionUtil getInstance()
{
@@ -105,14 +105,14 @@ public void setLoggedInUser(User user)
this.user = user;
}
public Group getEveryoneGroup()
public SystemSettings getSystemSettings()
{
return this.everyoneGroup;
return this.systemSettings;
}
public void setEveryoneGroup(Group everyoneGroup)
public void setSystemSettings(SystemSettings systemSettings)
{
this.everyoneGroup = everyoneGroup;
this.systemSettings = systemSettings;
}
}
@@ -1,5 +1,5 @@
/*
Copyright 2008-2013 Josh Drummond
Copyright 2008-2015 Josh Drummond
This file is part of WebPasswordSafe.
@@ -28,6 +28,7 @@
import net.webpasswordsafe.client.remote.ServiceHelper;
import net.webpasswordsafe.client.remote.UserService;
import net.webpasswordsafe.client.ui.*;
import net.webpasswordsafe.common.dto.SystemSettings;
import net.webpasswordsafe.common.model.AccessLevel;
import net.webpasswordsafe.common.model.Group;
import net.webpasswordsafe.common.model.Password;
@@ -59,6 +60,7 @@
import com.extjs.gxt.ui.client.widget.menu.MenuItem;
import com.google.gwt.core.client.EntryPoint;
import com.google.gwt.core.client.GWT;
import com.google.gwt.http.client.URL;
import com.google.gwt.user.client.Window;
import com.google.gwt.user.client.rpc.AsyncCallback;
import com.google.gwt.user.client.rpc.ServiceDefTarget;
@@ -594,7 +596,7 @@ private void initXsrfProtection(final LoginWindow loginWindow)
public void onSuccess(XsrfToken token)
{
ServiceHelper.setXsrfToken(token);
doGetLoggedInUser(loginWindow);
getSystemSettings(loginWindow);
}
@Override
public void onFailure(Throwable caught)
@@ -671,41 +673,23 @@ public void onSuccess(List<Map<String, Object>> result)
LoginService.Util.getInstance().getLoginReports(callback);
}
private void verifyInitialization()
{
AsyncCallback<Void> callback = new AsyncCallback<Void>()
{
@Override
public void onFailure(Throwable caught)
{
WebPasswordSafe.handleServerFailure(caught);
}
@Override
public void onSuccess(Void result)
{
getEveryoneGroup();
}
};
UserService.Util.getInstance().verifyInitialization(callback);
}
private void getEveryoneGroup()
private void getSystemSettings(final LoginWindow loginWindow)
{
AsyncCallback<Group> callback = new AsyncCallback<Group>()
AsyncCallback<SystemSettings> callback = new AsyncCallback<SystemSettings>()
{
@Override
public void onFailure(Throwable caught)
{
WebPasswordSafe.handleServerFailure(caught);
}
@Override
public void onSuccess(Group result)
public void onSuccess(SystemSettings result)
{
ClientSessionUtil.getInstance().setEveryoneGroup(result);
displayLoginDialog();
clientSessionUtil.setSystemSettings(result);
doGetLoggedInUser(loginWindow);
}
};
UserService.Util.getInstance().getEveryoneGroup(callback);
LoginService.Util.getInstance().getSystemSettings(callback);
}
private void doLogout()
@@ -724,8 +708,16 @@ public void onSuccess(Boolean result)
{
clientSessionUtil.getLoggedInUser().setUsername("");
clientSessionUtil.setLoggedIn(false);
refreshLoginStatus();
displayLoginDialog();
String logoutUrl = clientSessionUtil.getSystemSettings().getLogoutUrl();
if (logoutUrl.equals(""))
{
Window.Location.reload();
}
else
{
logoutUrl = logoutUrl.replace("$1", URL.encodeQueryString(GWT.getHostPageBaseURL()));
Window.Location.replace(logoutUrl);
}
}
}
};
@@ -757,7 +749,17 @@ public void doGetLoginSuccess()
@Override
public void doGetLoginFailure()
{
verifyInitialization();
String bypassSSO = Window.Location.getParameter("bypassSSO");
bypassSSO = (bypassSSO == null) ? "false" : bypassSSO;
if (clientSessionUtil.getSystemSettings().isSsoEnabled() && !bypassSSO.equals("true"))
{
// sso enabled and not bypass, redirect to sso filtered page
Window.Location.replace(GWT.getHostPageBaseURL()+"sso");
}
else
{
displayLoginDialog();
}
}
private void doShowAbout()
@@ -1,5 +1,5 @@
/*
Copyright 2008-2013 Josh Drummond
Copyright 2008-2015 Josh Drummond
This file is part of WebPasswordSafe.
@@ -22,6 +22,7 @@
import java.util.List;
import java.util.Map;
import java.util.Set;
import net.webpasswordsafe.common.dto.SystemSettings;
import net.webpasswordsafe.common.model.User;
import net.webpasswordsafe.common.util.Constants.AuthenticationStatus;
import net.webpasswordsafe.common.util.Constants.Function;
@@ -40,6 +41,8 @@
@NoXsrfProtect
public boolean ping();
public AuthenticationStatus checkSsoLogin();
public SystemSettings getSystemSettings();
public AuthenticationStatus login(String principal, String[] credentials);
public boolean logout();
public User getLogin();
@@ -1,5 +1,5 @@
/*
Copyright 2008-2013 Josh Drummond
Copyright 2008-2015 Josh Drummond
This file is part of WebPasswordSafe.
@@ -22,6 +22,7 @@
import java.util.List;
import java.util.Map;
import java.util.Set;
import net.webpasswordsafe.common.dto.SystemSettings;
import net.webpasswordsafe.common.model.User;
import net.webpasswordsafe.common.util.Constants.AuthenticationStatus;
import net.webpasswordsafe.common.util.Constants.Function;
@@ -36,6 +37,8 @@
public interface LoginServiceAsync {
public void ping(AsyncCallback<Boolean> callback);
public void checkSsoLogin(AsyncCallback<AuthenticationStatus> callback);
public void getSystemSettings(AsyncCallback<SystemSettings> callback);
public void login(String principal, String[] credentials, AsyncCallback<AuthenticationStatus> callback);
public void logout(AsyncCallback<Boolean> callback);
public void getLogin(AsyncCallback<User> callback);
@@ -0,0 +1,61 @@
/*
Copyright 2015 Josh Drummond
This file is part of WebPasswordSafe.
WebPasswordSafe is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
WebPasswordSafe is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with WebPasswordSafe; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
package net.webpasswordsafe.common.dto;
import java.io.Serializable;
import net.webpasswordsafe.common.model.Group;
/**
*
* @author Josh Drummond
*
*/
public class SystemSettings implements Serializable
{
private static final long serialVersionUID = 2669369473714925351L;
private boolean isSsoEnabled;
private String logoutUrl;
private Group everyoneGroup;
public SystemSettings()
{
}
public boolean isSsoEnabled() {
return isSsoEnabled;
}
public void setSsoEnabled(boolean isSsoEnabled) {
this.isSsoEnabled = isSsoEnabled;
}
public String getLogoutUrl() {
return logoutUrl;
}
public void setLogoutUrl(String logoutUrl) {
this.logoutUrl = logoutUrl;
}
public Group getEveryoneGroup() {
return everyoneGroup;
}
public void setEveryoneGroup(Group everyoneGroup) {
this.everyoneGroup = everyoneGroup;
}
}
Oops, something went wrong.

0 comments on commit b87e679

Please sign in to comment.