5 Replies Latest reply on Oct 23, 2007 4:59 AM by Thomas Heute

    Looking for Jar file for org.jboss.portal.identity.User

    Eric Brennan Newbie

      I have been looking through the Portal API for 2.6.2 and need to program one of my portlets against the identity API. I have not been able to find the jar file with the org.jboss.portal.identity.User class.

        • 1. Re: Looking for Jar file for org.jboss.portal.identity.User
          Burkhard Vogt Newbie

          The jar file is located in the directory:

          thirdparty/jboss-portal/modules/identity/lib


          In order to extend the identity api, does anybody know where the sources are?


          • 2. Re: Looking for Jar file for org.jboss.portal.identity.User
            Andi Newbie

            i beilive you would have to find the jbosssx.jar source.

            as an example here is an example User i created that i use with our custom Login module:

            /**
             * com.xxx.databaseUser
             */
            package com.xxx.database;
            
            import java.sql.Date;
            import java.sql.ResultSet;
            import java.sql.SQLException;
            
            /**
             *
             */
            final class User {
            
             private final long userID;
             private final String loginName;
             private final String encryptedPassword;
             private final Date fromDate;
             private final Date termDate;
             private final long loginCount;
             private final Date lastLoginDate;
             private int loginAttempts;
            
             /**
             * @param rs {@link ResultSet}
             * @throws SQLException se
             * aanderson Sep 24, 2007
             */
             User(final ResultSet rs) throws SQLException {
             this.userID = rs.getLong("USER_ID");
             this.loginName = rs.getString("LOGIN_NAME");
             this.encryptedPassword = rs.getString("PASSWORD");
             this.fromDate = rs.getDate("FROM_DATE");
             this.termDate = rs.getDate("TERM_DATE");
             this.loginCount = rs.getLong("LOGIN_CNT");
             this.lastLoginDate = rs.getDate("LAST_LOGIN_DATE");
             this.loginAttempts = rs.getInt("LOGIN_ATTEMPTS");
             }
            
             /**
             * @return the encryptedPassword
             */
             String getEncryptedPassword() {
             return this.encryptedPassword;
             }
            
             /**
             * @return the fromDate
             */
             Date getFromDate() {
             return this.fromDate;
             }
            
             /**
             * @return the lastLoginDate
             */
             Date getLastLoginDate() {
             return this.lastLoginDate;
             }
            
             /**
             * @return the loginAttempts
             */
             int getLoginAttempts() {
             return this.loginAttempts;
             }
            
             /**
             * @return the loginCount
             */
             long getLoginCount() {
             return this.loginCount;
             }
            
             /**
             * @return the loginName
             */
             String getLoginName() {
             return this.loginName;
             }
            
             /**
             * @return the termDate
             */
             Date getTermDate() {
             return this.termDate;
             }
            
             /**
             * @return the userID
             */
             long getUserID() {
             return this.userID;
             }
            
             /**
             * increments the login attempts and returns the incremented value
             * @param loginAttemptsIn int
             */
             void incrementLoginAttempts(final int loginAttemptsIn) {
             this.loginAttempts = loginAttemptsIn;
             }
            
             /**
             * @return true if this users term date is before today
             */
             boolean isUserTermed() {
             if (this.termDate == null) {
             return false;
             }
             return this.termDate.before(new java.sql.Date(System.currentTimeMillis()));
             }
            
            }
            


            • 3. Re: Looking for Jar file for org.jboss.portal.identity.User
              Andi Newbie

              the UserPrinciple:

              package com.xxx.database;
              
              import java.security.Principal;
              
              /**
               *
               */
              public final class UserPrincipal implements Principal {
              
               private final String name;
              
               /**
               * @param nameIn
               *
               */
               public UserPrincipal(final String nameIn) {
               if (nameIn == null) {
               throw new IllegalArgumentException("No null principal name accepted");
               }
               this.name = nameIn;
               }
              
               /**
               * @param o
               * Object
               * @return boolean aanderson Aug 7, 2007
               * @see java.lang.Object#equals(java.lang.Object)
               */
               @Override
               public boolean equals(final Object o) {
               if (o == this) {
               return true;
               }
               if (o instanceof Principal) {
               final Principal that = (Principal) o;
               return this.name.equals(that.getName());
               }
               return false;
               }
              
               /**
               * @return String
               * @see java.security.Principal#getName()
               */
               public String getName() {
               return this.name;
               }
              
               /**
               * @return int
               * @see java.lang.Object#hashCode()
               */
               @Override
               public int hashCode() {
               return this.name.hashCode();
               }
              
               /**
               * @return String
               * @see java.lang.Object#toString()
               */
               @Override
               public String toString() {
               return "PortalPrincipal[" + this.name + "]";
               }
              }
              
              


              and the custom module:

              /**
               * HMIDataBaseLoginModule
               *
               */
              package com.xxx.database;
              
              import java.io.IOException;
              import java.security.acl.Group;
              import java.sql.SQLException;
              import java.util.Map;
              
              import javax.security.auth.Subject;
              import javax.security.auth.callback.Callback;
              import javax.security.auth.callback.CallbackHandler;
              import javax.security.auth.callback.NameCallback;
              import javax.security.auth.callback.UnsupportedCallbackException;
              import javax.security.auth.login.FailedLoginException;
              import javax.security.auth.login.LoginException;
              
              import org.jboss.security.auth.spi.DatabaseServerLoginModule;
              
              /**
               *
               */
              public final class HMIDataBaseLoginModule extends DatabaseServerLoginModule {
              
               private static final org.apache.log4j.Logger LOG = org.apache.log4j.Logger.getLogger(HMIDataBaseLoginModule.class);
               private String dsJndiName = "java:/OracleDS";
               // do not remove this field
               private UserPrincipal identity;
               //private long lockoutTime;;
               private int maxRetries;
              
               /**
               * @param subjectIn {@link Subject}
               * @param callbackHandlerIn {@link CallbackHandler}
               * @param sharedStateIn {@link Map}
               * @param optionsIn {@link Map}
               * @see org.jboss.security.auth.spi.DatabaseServerLoginModule#initialize(javax.security.auth.Subject, javax.security.auth.callback.CallbackHandler, java.util.Map, java.util.Map)
               */
               @Override
               public void initialize(final Subject subjectIn, final CallbackHandler callbackHandlerIn, final Map sharedStateIn, final Map optionsIn) {
               super.initialize(subjectIn, callbackHandlerIn, sharedStateIn, optionsIn);
               LOG.info("Initializing LoginModule");
               try {
               this.maxRetries = Integer.valueOf((String) optionsIn.get("maxRetries")).intValue();
               this.dsJndiName = (String) optionsIn.get("dsJndiName");
               //this.lockoutTime = Long.valueOf((String) optionsIn.get("lockTimeMillies")).longValue();
               this.callbackHandler = callbackHandlerIn;
               if (this.callbackHandler == null) {
               this.callbackHandler = new HMICallbackHandler();
               }
               } catch (final Throwable e) {
               HMIDataBaseLoginModule.LOG.error("Error initializing", e);
               }
               HMIDataBaseLoginModule.LOG.debug("LoginModule initialized");
               }
              
               /**
               * @return boolean
               * @throws LoginException le
               *
               * @see org.jboss.security.auth.spi.UsernamePasswordLoginModule#login()
               */
               @Override
               public boolean login() throws LoginException {
               HMIDataBaseLoginModule.LOG.debug("in HMIDataBaseLoginModule.login");
               if (this.callbackHandler == null) {
               throw new LoginException("No callback handler is available");
               }
               if (super.login()) {
               // do not remove this line, super implementation needs it
               final Object username = this.sharedState.get("javax.security.auth.login.name");
               }
               final String name = this.getUsername();
               User user = null;
               try {
               user = DatabaseLoginDAO.getDAO(this.dsJndiName).getThisUser(name);
               } catch (SQLException e) {
               super.loginOk = false;
               throw new FailedLoginException("Database lookup failed");
               }
               if (user == null) {
               super.loginOk = false;
               throw new FailedLoginException("No such user");
               }
               if (user.isUserTermed()) {
               super.loginOk = false;
               throw new FailedLoginException("User is Termed");
               }
               final Callback[] callbacks = new Callback[1];
               callbacks[0] = new NameCallback("hmiLogin", name);
               String named = null;
               try {
               this.callbackHandler.handle(callbacks);
               named = ((NameCallback) callbacks[0]).getName();
               } catch (final IOException ioe) {
               throw new LoginException(ioe.toString());
               } catch (final UnsupportedCallbackException ce) {
               throw new LoginException("Error: " + ce.getCallback().toString());
               }
               user = this.incrementCounter(user);
               if (this.getCounter(user) > this.maxRetries) {
               super.loginOk = false;
               throw new FailedLoginException("Account Locked, to many failed attempts");
               }
               super.loginOk = true;
               this.incrementLoginCount(user);
               LOG.info("User succesfully logged in");
               return true;
               }
              
               /**
               * Subclass to use the PortalPrincipal to make the username easier to retrieve by the portal.
               * @param username String
               * @return {@link UserPrincipal}
               * @throws Exception e
               * @see org.jboss.security.auth.spi.AbstractServerLoginModule#createIdentity(java.lang.String)
               */
               @Override
               protected UserPrincipal createIdentity(final String username) throws Exception {
               HMIDataBaseLoginModule.LOG.debug("LoginModule.createIdentity(" + username + ")");
               return new UserPrincipal(username);
               }
              
               /**
               * @return Group[]
               * @throws LoginException le
               * @see org.jboss.security.auth.spi.DatabaseServerLoginModule#getRoleSets()
               */
               @Override
               protected Group[] getRoleSets() throws LoginException {
               HMIDataBaseLoginModule.LOG.debug("LoginModule.getRoleSets");
               return DatabaseLoginDAO.getDAO(this.dsJndiName).getRoleSets(this.getUsername());
               }
              
               /**
               * this method must be maintained do to super implementation
               * @return String the users password
               * @throws LoginException le
               * @see org.jboss.security.auth.spi.DatabaseServerLoginModule#getUsersPassword()
               */
               @Override
               protected String getUsersPassword() throws LoginException {
               HMIDataBaseLoginModule.LOG.debug("LoginModule.getUsersPassword");
               return DatabaseLoginDAO.getDAO(this.dsJndiName).getUsersPassword(this.getUsername());
               }
              
               /**
               * @param inputPassword String
               * @param expectedPassword String
               * @return boolean
               * @see org.jboss.security.auth.spi.UsernamePasswordLoginModule#validatePassword(java.lang.String, java.lang.String)
               */
               @Override
               protected boolean validatePassword(final String inputPassword, final String expectedPassword) {
               return super.validatePassword(PasswordEncrypter.encrypt(inputPassword), expectedPassword);
               }
              
               private int getCounter(final User user) {
               return user.getLoginAttempts();
               }
              
               private User incrementCounter(final User user) {
               HMIDataBaseLoginModule.LOG.debug("LoginModule.incrementCounter");
               try {
               return DatabaseLoginDAO.getDAO(this.dsJndiName).incrementLoginAttempts(user);
               } catch (final SQLException e) {
               HMIDataBaseLoginModule.LOG.error("Query failed" + e.getMessage());
               }
               // don't ask why
               return user;
               }
              
               private void incrementLoginCount(final User user) {
               HMIDataBaseLoginModule.LOG.debug("LoginModule.incrementLoginCount");
               DatabaseLoginDAO.getDAO(this.dsJndiName).incrementLoginCount(user);
               }
              
              }
              


              • 4. Re: Looking for Jar file for org.jboss.portal.identity.User
                cpage cpage Novice

                the sources are here :
                http://anonsvn.jboss.org/repos/portal/modules/identity

                i guess i have to take tag version 1_0_0 with my 2.6.2 tag of JBP ?

                and i guess that these modules projects have to be in the "global" JBP project to be build, according to what i've seen in build.xml (references to others projects with ../)

                i just didn't found any documentation concerning this new packaging of the source code ^^

                • 5. Re: Looking for Jar file for org.jboss.portal.identity.User
                  Thomas Heute Master

                  We talked about it on the wiki, in the design forums and on the blog,

                  Those modules are independent, with a different lifecycle. They can be built independently

                  Yes 2.6.2 use the 1.0.0 versions of all the modules.