Package org.jasig.portal.security

Examples of org.jasig.portal.security.IPerson

373
374
375
376
377
378
379
380
381
382
   
    /**
     * Determine if the user for the specified request is a guest as it pertains to shared portlet preferences.
     */
    protected boolean isGuestUser(final HttpServletRequest httpServletRequest) {
        final IPerson person = this.personManager.getPerson(httpServletRequest);
        return person.isGuest();
//        final ISecurityContext securityContext = person.getSecurityContext();
//        return !securityContext.isAuthenticated();
    }
View Full Code Here
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
   */
  public IPerson getPerson(HttpServletRequest request)
    throws PortalSecurityException {
    // Return the person object if it exists in the user's session
      final HttpSession session = request.getSession(false);
        IPerson person = null;
        if (session != null) {
           
            person = (IPerson) session.getAttribute(PERSON_SESSION_KEY);
            if (person != null) {
                return person;
            }
        }

    try {
      // Create a new instance of a person
      person = PersonFactory.createGuestPerson();
     
      // If the user has authenticated with the server which has implemented web authentication,
      // the REMOTE_USER environment variable will be set.     
      String remoteUser = request.getRemoteUser();

      // We don't want to ignore the security contexts which are already configured in security.properties, so we
      // retrieve the existing security contexts.  If one of the existing security contexts is a RemoteUserSecurityContext,
      // we set the REMOTE_USER field of the existing RemoteUserSecurityContext context.
      //
      // If a RemoteUserSecurityContext does not already exist, we create one and populate the REMOTE_USER field.
     
      ISecurityContext context = null;
      Enumeration subContexts = null;
      boolean remoteUserSecurityContextExists = false;
     
      // Retrieve existing security contexts.
      context = person.getSecurityContext( );     
      if ( context != null )
          subContexts = context.getSubContexts( );     
     
      if ( subContexts != null ) {               
        while ( subContexts.hasMoreElements( ) ) {
            ISecurityContext ctx = (ISecurityContext)subContexts.nextElement( );
            // Check to see if a RemoteUserSecurityContext already exists, and set the REMOTE_USER
            if ( ctx instanceof RemoteUserSecurityContext ) {
                RemoteUserSecurityContext remoteuserctx = (RemoteUserSecurityContext)ctx;
                remoteuserctx.setRemoteUser( remoteUser );
                remoteUserSecurityContextExists = true;
            }             
        }     
      }
           
      // If a RemoteUserSecurityContext doesn't alreay exist, create one. 
      // This preserves the default behavior of this class.
      if ( ! remoteUserSecurityContextExists ) {
          RemoteUserSecurityContext remoteuserctx = new RemoteUserSecurityContext(remoteUser);
        person.setSecurityContext(remoteuserctx);
      }
    }
    catch (Exception e) {
      // Log the exception
      log.error("Exception creating person for request " + request, e);
View Full Code Here
69
70
71
72
73
74
75
76
77
78
79
80
81
  @Override
  public ModelAndView handleRequestInternal(HttpServletRequest request,
    HttpServletResponse response) throws Exception {
   
    /* Make sure the user is an admin. */
    IPerson user = personManager.getPerson(request);
    if(!AdminEvaluator.isAdmin(user)) {
      throw new AuthorizationException("User " + user.getUserName() + " not an administrator.");
    }
   
    String[] entityTypes = request.getParameterValues("entityType");
    String searchTerm = request.getParameter("searchTerm");

View Full Code Here
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
  @Override
  public ModelAndView handleRequestInternal(HttpServletRequest request,
    HttpServletResponse response) throws Exception {
   
    /* Make sure the user is an admin. */
    IPerson person = personManager.getPerson(request);
   
    String entityType = request.getParameter("entityType");
    String entityId = request.getParameter("entityId");

    if(StringUtils.isBlank(entityType)) {
      return new ModelAndView("jsonView", "error", "No entityType specified.");
    }
   
    if (StringUtils.isBlank(entityId)) {
      return new ModelAndView("jsonView", "error", "No entityId specified.");
    }

    EntityIdentifier ei = person.getEntityIdentifier();
      IAuthorizationPrincipal ap = AuthorizationService.instance().newPrincipal(ei.getKey(), ei.getType());
      if (!ap.hasPermission("org.jasig.portal.channels.groupsmanager.CGroupsManager", "VIEW", entityId)) {
      throw new AuthorizationException("User " + person.getUserName() +
          " does not have view permissions on entity " + entityId);
    }


    JsonEntityBean result = groupListHelper.getEntity(entityType, entityId, true);
View Full Code Here
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
     * @see org.springframework.context.ApplicationListener#onApplicationEvent(org.springframework.context.ApplicationEvent)
     */
    public void onApplicationEvent(ApplicationEvent event) {
        if (event instanceof UserLoggedOutPortalEvent || event instanceof UserSessionDestroyedPortalEvent) {
            final PortalEvent portalEvent = (PortalEvent)event;
            final IPerson person = portalEvent.getPerson();
            //We don't want to clear out the guest layout
            if (person.isGuest()) {
                return;
            }
           
            //Try invalidating just the layout associated with the current user and profile
            final UserProfile currentUserProfile = (UserProfile)person.getAttribute(UserProfile.USER_PROFILE);
            if (currentUserProfile != null) {
                this.removeCachedLayout(person, currentUserProfile);
                return;
            }
           
            //No provided profile, invalidate all layouts for the user
            final IUserLayoutStore userLayoutStore = UserLayoutStoreFactory.getUserLayoutStoreImpl();
            final Hashtable<Integer, UserProfile> userProfiles;
            try {
                userProfiles = userLayoutStore.getUserProfileList(person);
            }
            catch (Exception e) {
                this.logger.warn("Failed to load all UserProfiles for '" + person.getUserName() + "'. The user's layouts will not be explicitly removed from the layout cache.", e);
                return;
            }
           
            for (final UserProfile userProfile : userProfiles.values()) {
                this.removeCachedLayout(person, userProfile);
View Full Code Here
260
261
262
263
264
265
266
267
268
269
270
271
      return null;
    }
   
    // get the CasSecurityContext
        final IUserInstance userInstance = userInstanceManager.getUserInstance(httpServletRequest);
        final IPerson person = userInstance.getPerson();
    final ISecurityContext context = person.getSecurityContext();
    if (context == null) {
      log.error("no security context, no proxy ticket passed to the portlet");
      return null;
    }
    ISecurityContext casContext = getCasContext(context);
View Full Code Here
198
199
200
201
202
203
204
205
206
207
208
209
    // check to see if a CAS proxy ticket is expected by this portlet
    if (isPasswordRequested(request, portletWindow)) {

          final HttpServletRequest httpServletRequest = this.portalRequestUtils.getOriginalPortletAdaptorRequest(request);
          final IUserInstance userInstance = userInstanceManager.getUserInstance(httpServletRequest);
          final IPerson person = userInstance.getPerson();
      final ISecurityContext context = person.getSecurityContext();

      // if it is, attempt to request a proxy ticket
      String password = getPassword(context);
      if (this.decryptPassword && password != null) {
        password = stringEncryptionService.decrypt(password);
View Full Code Here
292
293
294
295
296
297
298
299
300
301
302
303
        if (portletDefinition == null) {
            throw new IllegalArgumentException("No portlet defintion found for channel definition '" + channelDefinition.getId() + "'.");
        }
       
        //Determine the appropriate portlet window ID
        final IPerson person = userInstance.getPerson();
        final IPortletEntity portletEntity = this.portletEntityRegistry.getOrCreatePortletEntity(portletDefinition.getPortletDefinitionId(), portletNodeId, person.getID());
        final IPortletWindow defaultPortletWindow = this.portletWindowRegistry.createDefaultPortletWindow(request, portletEntity.getPortletEntityId());
        final IPortletWindowId portletWindowId = this.portletWindowRegistry.createTransientPortletWindowId(request, defaultPortletWindow.getPortletWindowId());
       
        return this.getPortletUrl(request, portletWindowId);
    }
View Full Code Here
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
  public void doPost(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {

      IUserInstanceManager userInstanceManager = null;
      IUserInstance ui = null;
    IPerson per = null;
    UserPreferencesManager upm = null;
    IUserLayoutManager ulm = null;

    // make sure the user has a current session
    if (request.getSession(false) == null) {
      log.warn("Attempting to use AJAX preferences as GUEST user");
      printError(response, "Your session has timed out.  Please log in again to make changes to your layout.");
      return;
    }

    try {
            final WebApplicationContext applicationContext = WebApplicationContextUtils.getRequiredWebApplicationContext(this.getServletContext());
            userInstanceManager = (IUserInstanceManager) applicationContext.getBean("userInstanceManager", IUserInstanceManager.class);

           
      // Retrieve the user's UserInstance object
      ui = userInstanceManager.getUserInstance(request);

      // Retrieve the user's IPerson object
      per = ui.getPerson();

      // ensure that the user is currently logged in
      if (per.isGuest()) {
        log.warn("Attempting to use AJAX preferences as GUEST user");
        printError(response, "Your session has timed out.  Please log in again to make changes to your layout.");
        return;
      }
View Full Code Here
42
43
44
45
46
47
48
49
50
51
52
   * @param request the servlet request object
   * @return the IPerson object for the incoming request
   */
  public IPerson getPerson (HttpServletRequest request) throws PortalSecurityException {
    HttpSession session = request.getSession(false);
    IPerson person = null;
    // Return the person object if it exists in the user's session
    if (session != null)
      person = (IPerson)session.getAttribute(PERSON_SESSION_KEY);
    if (person == null) {
      try {
View Full Code Here
TOP

Related Classes of org.jasig.portal.security.IPerson

  • org.jasig.portal.ChannelManager
  • org.jasig.portal.channels.CPersonAttributes
  • org.jasig.portal.channels.cusermanager.ChannelRuntimeDataToPersonConverterTest
  • org.jasig.portal.channels.cusermanager.CUserManager
  • org.jasig.portal.channels.cusermanager.provider.DefaultDataHandlerImpl
  • org.jasig.portal.channels.DLMUserPreferences.TabColumnPrefsState$ResetLayoutState
  • org.jasig.portal.channels.portlet.SpringPortletChannelImpl
  • org.jasig.portal.channels.portlet.SpringPortletChannelImplTest
  • org.jasig.portal.events.handlers.UserFilteringPortalEventHandlerTest
  • org.jasig.portal.groups.pags.PAGSTest
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.