From c8affcf8362a92297a30765e069be5f59e200841 Mon Sep 17 00:00:00 2001 From: prabathabey Date: Thu, 21 May 2015 15:19:33 +0530 Subject: [PATCH 1/2] Improving the way webapp requests are authenticated --- .../framework/WebappAuthenticatorFactory.java | 2 +- .../WebappAuthenticatorFrameworkValve.java | 5 ++++- .../authenticator/OAuthAuthenticator.java | 20 +++++++++++-------- 3 files changed, 17 insertions(+), 10 deletions(-) diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFactory.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFactory.java index 02dcf44813b..aade9367428 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFactory.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFactory.java @@ -28,7 +28,7 @@ import org.wso2.carbon.webapp.authenticator.framework.authenticator.OAuthAuthent public class WebappAuthenticatorFactory { - public static WebappAuthenticator getAuthenticator(Request request) { + public static WebappAuthenticator getAuthenticator(String authScheme) { return new OAuthAuthenticator(); } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java index 66982112bd8..44af9195a9b 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java @@ -29,11 +29,14 @@ import javax.servlet.http.HttpServletResponse; public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve { + private static final String AUTHENTICATION_SCHEME = "AuthenticationScheme"; private static final Log log = LogFactory.getLog(WebappAuthenticatorFrameworkValve.class); @Override public void invoke(Request request, Response response, CompositeValve compositeValve) { - WebappAuthenticator authenticator = WebappAuthenticatorFactory.getAuthenticator(request); + String authScheme = + request.getContext().findParameter(WebappAuthenticatorFrameworkValve.AUTHENTICATION_SCHEME); + WebappAuthenticator authenticator = WebappAuthenticatorFactory.getAuthenticator(authScheme); WebappAuthenticator.Status status = authenticator.authenticate(request, response); this.processResponse(request, response, compositeValve, status); } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java index 6fc8177478c..e3fe120c3bc 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java @@ -49,8 +49,12 @@ public class OAuthAuthenticator implements WebappAuthenticator { @Override public Status authenticate(Request request, Response response) { - StringTokenizer tokenizer = new StringTokenizer(request.getRequestURI(), "/"); + String requestUri = request.getRequestURI(); + if (requestUri == null || "".equals(requestUri)) { + return Status.CONTINUE; + } + StringTokenizer tokenizer = new StringTokenizer(requestUri, "/"); String context = request.getContextPath(); if (context == null || "".equals(context)) { context = tokenizer.nextToken(); @@ -59,13 +63,13 @@ public class OAuthAuthenticator implements WebappAuthenticator { } } - boolean isContextCached = false; - if (APIUtil.getAPIContextCache().get(context) != null) { - isContextCached = Boolean.parseBoolean(APIUtil.getAPIContextCache().get(context).toString()); - } - if (!isContextCached) { - return Status.CONTINUE; - } +// boolean isContextCached = false; +// if (APIUtil.getAPIContextCache().get(context) != null) { +// isContextCached = Boolean.parseBoolean(APIUtil.getAPIContextCache().get(context).toString()); +// } +// if (!isContextCached) { +// return Status.CONTINUE; +// } try { String apiVersion = tokenizer.nextToken(); From 341abb47ab57ae69a65645c1269d4e8685138017 Mon Sep 17 00:00:00 2001 From: Dulitha Wijewantha Date: Thu, 21 May 2015 16:48:49 +0530 Subject: [PATCH 2/2] Fixes to the timestamp and filters --- .../policy/mgt/core/impl/PolicyFilterImpl.java | 14 +++++++------- .../mgt/core/mgt/impl/PolicyManagerImpl.java | 14 +++++++++++--- 2 files changed, 18 insertions(+), 10 deletions(-) diff --git a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/impl/PolicyFilterImpl.java b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/impl/PolicyFilterImpl.java index 5c0abca774b..abcaafd3f8e 100644 --- a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/impl/PolicyFilterImpl.java +++ b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/impl/PolicyFilterImpl.java @@ -60,13 +60,13 @@ public class PolicyFilterImpl implements PolicyFilter { @Override public void filterOwnershipTypeBasedPolicies(String ownershipType, List policies) { - List temp = new ArrayList(); - for (Policy policy : policies) { - if (ownershipType.equalsIgnoreCase(policy.getOwnershipType())) { - temp.add(policy); - } - } - policies = temp; +// List temp = new ArrayList(); +// for (Policy policy : policies) { +// if (ownershipType.equalsIgnoreCase(policy.getOwnershipType())) { +// temp.add(policy); +// } +// } +// policies = temp; } @Override diff --git a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/mgt/impl/PolicyManagerImpl.java b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/mgt/impl/PolicyManagerImpl.java index 8755d048f88..be03d1e8df0 100644 --- a/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/mgt/impl/PolicyManagerImpl.java +++ b/components/policy-mgt/org.wso2.carbon.policy.mgt.core/src/main/java/org/wso2/carbon/policy/mgt/core/mgt/impl/PolicyManagerImpl.java @@ -30,7 +30,9 @@ import org.wso2.carbon.policy.mgt.core.dao.*; import org.wso2.carbon.policy.mgt.core.mgt.PolicyManager; import org.wso2.carbon.policy.mgt.core.mgt.ProfileManager; +import java.sql.Timestamp; import java.util.ArrayList; +import java.util.Calendar; import java.util.List; public class PolicyManagerImpl implements PolicyManager { @@ -58,9 +60,15 @@ public class PolicyManagerImpl implements PolicyManager { try { PolicyManagementDAOFactory.beginTransaction(); if (policy.getProfile() != null && policy.getProfile().getProfileId() == 0) { - profileDAO.addProfile(policy.getProfile()); - featureDAO.addProfileFeatures(policy.getProfile().getProfileFeaturesList(), - policy.getProfile().getProfileId()); + Profile profile = policy.getProfile(); + + Timestamp currentTimestamp = new Timestamp(Calendar.getInstance().getTime().getTime()); + profile.setCreatedDate(currentTimestamp); + profile.setUpdatedDate(currentTimestamp); + + + profileDAO.addProfile(profile); + featureDAO.addProfileFeatures(profile.getProfileFeaturesList(), profile.getProfileId()); } policy = policyDAO.addPolicy(policy);