Examples with IPerson org.apereo.portal.security.IPerson used on opensource projects

Example 6 with IPerson

use of org.apereo.portal.security.IPerson in project uPortal by Jasig.

the class PortletWindowRegistryImpl method storePortletWindow.

@Override
public void storePortletWindow(HttpServletRequest request, IPortletWindow portletWindow) {
    if (isDisablePersistentWindowStates(request)) {
        return;
    }
    final IUserInstance userInstance = this.userInstanceManager.getUserInstance(request);
    final IPerson person = userInstance.getPerson();
    if (person.isGuest()) {
        //Never persist things for the guest user, just rely on in-memory storage
        return;
    }
    final IStylesheetDescriptor themeStylesheetDescriptor = this.getThemeStylesheetDescriptor(request);
    final WindowState windowState = portletWindow.getWindowState();
    final IPortletEntity portletEntity = portletWindow.getPortletEntity();
    final WindowState entityWindowState = portletEntity.getWindowState(themeStylesheetDescriptor);
    //If the window and entity states are different
    if (windowState != entityWindowState && !windowState.equals(entityWindowState)) {
        final WindowState defaultWindowState = this.getDefaultWindowState(themeStylesheetDescriptor);
        //If a window state is set and is one of the persistent states set it on the entity
        if (!defaultWindowState.equals(windowState) && persistentWindowStates.contains(windowState)) {
            portletEntity.setWindowState(themeStylesheetDescriptor, windowState);
        } else //If not remove the state from the entity
        if (entityWindowState != null) {
            portletEntity.setWindowState(themeStylesheetDescriptor, null);
        }
        //Persist the modified entity
        this.portletEntityRegistry.storePortletEntity(request, portletEntity);
    }
}

Example 7 with IPerson

use of org.apereo.portal.security.IPerson in project uPortal by Jasig.

the class SimplePersonManager method getPerson.

/**
     * Retrieve an IPerson object for the incoming request
     *
     * @param request the servlet request object
     * @return the IPerson object for the incoming request
     */
public IPerson getPerson(HttpServletRequest request) throws PortalSecurityException {
    HttpSession session = request.getSession(false);
    IPerson person = null;
    // Return the person object if it exists in the user's session
    if (session != null) {
        person = (IPerson) session.getAttribute(PERSON_SESSION_KEY);
    }
    if (person == null) {
        try {
            // Create a guest person
            person = createGuestPerson(request);
        } catch (Exception e) {
            // Log the exception
            log.error("Exception creating guest person.", e);
        }
        // Add this person object to the user's session
        if (person != null && session != null) {
            session.setAttribute(PERSON_SESSION_KEY, person);
        }
    }
    return person;
}

Example 8 with IPerson

use of org.apereo.portal.security.IPerson in project uPortal by Jasig.

the class AbstractPersonManager method createGuestPerson.

/**
     * Creates a new <i>guest</i> user based on the value of the <code>
     * org.apereo.portal.security.PersonFactory.guest_user_names</code> property in
     * portal.properties and (optionally) any beans that implement {@link IGuestUsernameSelector}.
     * This approach supports pluggable, open-ended strategies for multiple guest users who may have
     * different content.
     *
     * @since 5.0
     */
protected IPerson createGuestPerson(HttpServletRequest request) throws Exception {
    // First we need to know the guest username
    // First item is the default
    String username = PersonFactory.GUEST_USERNAMES.get(0);
    // Pluggable strategy for supporting multiple guest users
    for (IGuestUsernameSelector selector : guestUsernameSelectors) {
        final String s = selector.selectGuestUsername(request);
        if (s != null) {
            username = s;
            break;
        }
    }
    // Sanity check...
    if (!PersonFactory.GUEST_USERNAMES.contains(username)) {
        final String msg = "The specified guest username is not in the configured list:  " + username;
        throw new IllegalStateException(msg);
    }
    Integer guestUserId = guestUserIds.get(username);
    if (guestUserId == null) {
        // Not yet looked up
        loadGuestUserId(username, guestUserIds);
        guestUserId = guestUserIds.get(username);
    }
    final IPerson rslt = PersonFactory.createPerson();
    rslt.setAttribute(IPerson.USERNAME, username);
    rslt.setID(guestUserId);
    rslt.setSecurityContext(InitialSecurityContextFactory.getInitialContext("root"));
    return rslt;
}

Example 9 with IPerson

use of org.apereo.portal.security.IPerson in project uPortal by Jasig.

the class ExtendedPersonManager method getPerson.

/**
     * Retrieve an IPerson object for the incoming request
     *
     * @param request the servlet request object
     * @return the IPerson object for the incoming request
     * @throws PortalSecurityException
     */
public IPerson getPerson(HttpServletRequest request) throws PortalSecurityException {
    HttpSession session = request.getSession(false);
    IPerson person = null;
    // Return the person object if it exists in the user's session
    if (session != null)
        person = (IPerson) session.getAttribute(PERSON_SESSION_KEY);
    if (person == null) {
        try {
            // Create a guest person
            person = createGuestPerson(request);
            merger.mergeAttributes(person.getAttributeMap(), descriptors.getAttributes());
        } catch (Exception e) {
            // Log the exception
            log.error("Exception creating guest person.", e);
        }
        // Add this person object to the user's session
        if (person != null && session != null)
            session.setAttribute(PERSON_SESSION_KEY, person);
    }
    return person;
}

Example 10 with IPerson

use of org.apereo.portal.security.IPerson in project uPortal by Jasig.

the class LoginController method service.

/**
     * Process the incoming HttpServletRequest. Note that this processing occurs after
     * PortalPreAuthenticatedProcessingFilter has run and performed pre-processing.
     *
     * @param request
     * @param response
     * @exception ServletException
     * @exception IOException
     */
@RequestMapping
public void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    response.setHeader("Pragma", "no-cache");
    response.setHeader("Cache-Control", "no-cache");
    response.setDateHeader("Expires", 0);
    // create the redirect URL, adding fname and args parameters if necessary
    String redirectTarget = null;
    final String refUrl = request.getParameter(REFERER_URL_PARAM);
    final URL redirectLocation = parseLocalRefUrl(request, refUrl);
    if (redirectLocation != null) {
        redirectTarget = redirectLocation.toString();
    }
    if (redirectTarget == null) {
        /* Grab the target functional name, if any, off the login request.
             * Also any arguments for the target. We will pass them  along after authentication.
             */
        String targetFname = request.getParameter("uP_fname");
        if (targetFname == null) {
            final IPortalUrlBuilder defaultUrl = this.portalUrlProvider.getDefaultUrl(request);
            redirectTarget = defaultUrl.getUrlString();
        } else {
            try {
                final IPortalUrlBuilder urlBuilder = this.portalUrlProvider.getPortalUrlBuilderByPortletFName(request, targetFname, UrlType.RENDER);
                Enumeration<String> e = request.getParameterNames();
                while (e.hasMoreElements()) {
                    String paramName = e.nextElement();
                    if (!paramName.equals("uP_fname")) {
                        urlBuilder.addParameter(paramName, request.getParameterValues(paramName));
                    }
                }
                redirectTarget = urlBuilder.getUrlString();
            } catch (IllegalArgumentException e) {
                final IPortalUrlBuilder defaultUrl = this.portalUrlProvider.getDefaultUrl(request);
                redirectTarget = defaultUrl.getUrlString();
            }
        }
    }
    IPerson person = null;
    final Object authError = request.getSession(false).getAttribute(LoginController.AUTH_ERROR_KEY);
    if (authError == null || !((Boolean) authError)) {
        person = this.personManager.getPerson(request);
    }
    if (person == null || !person.getSecurityContext().isAuthenticated()) {
        if (request.getMethod().equals("POST"))
            request.getSession(false).setAttribute(AUTH_ATTEMPTED_KEY, "true");
        // Preserve the attempted username so it can be redisplayed to the user
        String attemptedUserName = request.getParameter("userName");
        if (attemptedUserName != null)
            request.getSession(false).setAttribute(ATTEMPTED_USERNAME_KEY, request.getParameter("userName"));
    }
    final String encodedRedirectURL = response.encodeRedirectURL(redirectTarget);
    if (log.isDebugEnabled()) {
        log.debug("Redirecting to " + redirectTarget);
    }
    response.sendRedirect(encodedRedirectURL);
}