initial release

5edf988a · Fabio Roberto Vitello · 24b0b77b · 5edf988a · 5edf988a · 5edf988a
Commit 5edf988a authored Apr 12, 2017 by Fabio Roberto Vitello
--- a/target/classes/com/liferay/portal/shibboleth/util/Util.class
+++ b/target/classes/com/liferay/portal/shibboleth/util/Util.class
--- a/target/classes/language.properties
+++ b/target/classes/language.properties
+shibboleth-logout-enable=Logout enable
+shibboleth-headers-enable=Extract attributes from HTTP Headers instead of environment variables (see: https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPJavaInstall , the "AJP_" prefix part)
+shibboleth-affiliation-truncate-enable=Truncate affiliation values and keep only the last segment after ':'. Useful for standard eduPersonEntilement values. ('foo:bar:baz:qux:RoleName' becomes 'RoleName')
+shibboleth-screenname-transform-enable=Transform login ID to make it valid screen name. Replace '@' to '.at.' and '_' to '-'. ('foo_bar@baz.org' becomes 'foo-bar.at.baz.org')
+import-shibboleth-users-from-ldap=Import from LDAP
+shibboleth-user-header=Shibboleth header name
+shibboleth-user-id-header=Shibboleth user ID header
+shibboleth-user-header-email=Shibboleth user email header
+shibboleth-user-header-firstname=Shibboleth user first name header
+shibboleth-user-header-surname=Shibboleth user surname header
+shibboleth-user-header-affiliation=Shibboleth user affiliation header
+auto-create-users=Auto-create users
+auto-update-users=Auto-update users
+auto-assign-user-role=Auto-assign roles to users (based on the affiliation)
+auto-assign-user-role-subtype=Role subtype for auto-assign roles
+shibboleth=Shibboleth
+shibboleth-user-header-affiliation-prefix=Shibboleth user affiliation header prefix
--- a/target/classes/portal.properties
+++ b/target/classes/portal.properties
+auto.login.hooks=com.liferay.portal.security.auth.ShibbolethAutoLogin
+shibboleth.enabled=true
+shibboleth.header=eppn
+shibboleth.header.email=eppn
+shibboleth.header.firstname=givenName
+shibboleth.header.surname=sn
+shibboleth.user.auto.create=true
+shibboleth.user.auto.update=true
+shibboleth.user.ldap.import=false
+shibboleth.logout.enabled=true
+shibboleth.headers.enabled=false
+shibboleth.affiliation.truncate.enabled=false
+shibboleth.screenname.transform.enabled=true
+shibboleth.login.url=/c/portal/login/shibboleth
+shibboleth.logout.url=/Shibboleth.sso/Logout?return=/
+company.settings.form.authentication=shibboleth
+login.form.navigation.pre=shibboleth
\ No newline at end of file
--- a/target/maven-archiver/pom.properties
+++ b/target/maven-archiver/pom.properties
+#Generated by Maven
+#Tue Jul 05 11:42:51 CEST 2016
+version=1.2
+groupId=com.github.ivan-novakov.liferay-shibboleth-plugin
+artifactId=liferay-shibboleth-plugin
--- a/target/shibboleth-plugin-hook.war
+++ b/target/shibboleth-plugin-hook.war
--- a/target/shibboleth-plugin-hook/WEB-INF/classes/com/liferay/portal/security/auth/ShibbolethAutoLogin.class
+++ b/target/shibboleth-plugin-hook/WEB-INF/classes/com/liferay/portal/security/auth/ShibbolethAutoLogin.class
--- a/target/shibboleth-plugin-hook/WEB-INF/classes/com/liferay/portal/servlet/filters/sso/shibboleth/ShibbolethFilter.class
+++ b/target/shibboleth-plugin-hook/WEB-INF/classes/com/liferay/portal/servlet/filters/sso/shibboleth/ShibbolethFilter.class
--- a/target/shibboleth-plugin-hook/WEB-INF/classes/com/liferay/portal/shibboleth/util/ShibbolethPropsKeys.class
+++ b/target/shibboleth-plugin-hook/WEB-INF/classes/com/liferay/portal/shibboleth/util/ShibbolethPropsKeys.class
--- a/target/shibboleth-plugin-hook/WEB-INF/classes/com/liferay/portal/shibboleth/util/ShibbolethPropsValues.class
+++ b/target/shibboleth-plugin-hook/WEB-INF/classes/com/liferay/portal/shibboleth/util/ShibbolethPropsValues.class
--- a/target/shibboleth-plugin-hook/WEB-INF/classes/com/liferay/portal/shibboleth/util/Util.class
+++ b/target/shibboleth-plugin-hook/WEB-INF/classes/com/liferay/portal/shibboleth/util/Util.class
--- a/target/shibboleth-plugin-hook/WEB-INF/classes/language.properties
+++ b/target/shibboleth-plugin-hook/WEB-INF/classes/language.properties
+shibboleth-logout-enable=Logout enable
+shibboleth-headers-enable=Extract attributes from HTTP Headers instead of environment variables (see: https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPJavaInstall , the "AJP_" prefix part)
+shibboleth-affiliation-truncate-enable=Truncate affiliation values and keep only the last segment after ':'. Useful for standard eduPersonEntilement values. ('foo:bar:baz:qux:RoleName' becomes 'RoleName')
+shibboleth-screenname-transform-enable=Transform login ID to make it valid screen name. Replace '@' to '.at.' and '_' to '-'. ('foo_bar@baz.org' becomes 'foo-bar.at.baz.org')
+import-shibboleth-users-from-ldap=Import from LDAP
+shibboleth-user-header=Shibboleth header name
+shibboleth-user-id-header=Shibboleth user ID header
+shibboleth-user-header-email=Shibboleth user email header
+shibboleth-user-header-firstname=Shibboleth user first name header
+shibboleth-user-header-surname=Shibboleth user surname header
+shibboleth-user-header-affiliation=Shibboleth user affiliation header
+auto-create-users=Auto-create users
+auto-update-users=Auto-update users
+auto-assign-user-role=Auto-assign roles to users (based on the affiliation)
+auto-assign-user-role-subtype=Role subtype for auto-assign roles
+shibboleth=Shibboleth
+shibboleth-user-header-affiliation-prefix=Shibboleth user affiliation header prefix
--- a/target/shibboleth-plugin-hook/WEB-INF/classes/portal.properties
+++ b/target/shibboleth-plugin-hook/WEB-INF/classes/portal.properties
+auto.login.hooks=com.liferay.portal.security.auth.ShibbolethAutoLogin
+shibboleth.enabled=true
+shibboleth.header=eppn
+shibboleth.header.email=eppn
+shibboleth.header.firstname=givenName
+shibboleth.header.surname=sn
+shibboleth.user.auto.create=true
+shibboleth.user.auto.update=true
+shibboleth.user.ldap.import=false
+shibboleth.logout.enabled=true
+shibboleth.headers.enabled=false
+shibboleth.affiliation.truncate.enabled=false
+shibboleth.screenname.transform.enabled=true
+shibboleth.login.url=/c/portal/login/shibboleth
+shibboleth.logout.url=/Shibboleth.sso/Logout?return=/
+company.settings.form.authentication=shibboleth
+login.form.navigation.pre=shibboleth
\ No newline at end of file
--- a/target/shibboleth-plugin-hook/WEB-INF/jsps/html/portlet/login/navigation/shibboleth.jsp
+++ b/target/shibboleth-plugin-hook/WEB-INF/jsps/html/portlet/login/navigation/shibboleth.jsp
+<%@ include file="/html/portlet/login/init.jsp"%>
+<%
+	final String SHIBBOLETH_ENABLED = "shibboleth.enabled";
+	final String SHIBBOLETH_LOGIN_URL = "shibboleth.login.url";
+	boolean shibbolethEnabled = GetterUtil.getBoolean(PrefsPropsUtil.getString(PortalUtil.getCompanyId(renderRequest), SHIBBOLETH_ENABLED));
+    String shibbolethLoginUrl = PrefsPropsUtil.getString(company.getCompanyId(), "shibboleth.login.url", "");
+%>
+<c:if test="<%=shibbolethEnabled%>">
+	<liferay-ui:icon
+		src="/liferay-shibboleth-plugin-hook/images/shibboleth.png"
+		url="<%= shibbolethLoginUrl %>" message="shibboleth" />
+</c:if>
--- a/target/shibboleth-plugin-hook/WEB-INF/jsps/html/portlet/portal_settings/authentication/shibboleth.jsp
+++ b/target/shibboleth-plugin-hook/WEB-INF/jsps/html/portlet/portal_settings/authentication/shibboleth.jsp
+<%@ include file="/html/portlet/portal_settings/init.jsp" %>
+<%
+    final String SHIBBOLETH_ENABLED = "shibboleth.enabled";
+    final String SHIBBOLETH_HEADER = "shibboleth.header";
+    final String SHIBBOLETH_USER_LDAP_IMPORT = "shibboleth.user.ldap.import";
+    final String SHIBBOLETH_LOGOUT_ENABLE = "shibboleth.logout.enabled";
+    final String SHIBBOLETH_LOGOUT_URL = "shibboleth.logout.url";
+    final String SHIBBOLETH_LOGIN_URL = "shibboleth.login.url";
+    final String SHIBBOLETH_HEADERS_ENABLE = "shibboleth.headers.enabled";
+    final String SHIBBOLETH_AFFILIATION_TRUNCATE_ENABLE = "shibboleth.affiliation.truncate.enabled";
+    final String SHIBBOLETH_SCREENNAME_TRANSFORM_ENABLE = "shibboleth.screenname.transform.enabled";
+    final String SHIBBOLETH_HEADER_EMAIL = "shibboleth.header.email";
+    final String SHIBBOLETH_HEADER_FIRSTNAME = "shibboleth.header.firstname";
+    final String SHIBBOLETH_HEADER_SURNAME = "shibboleth.header.surname";
+    final String SHIBBOLETH_HEADER_AFFILIATION = "shibboleth.header.affiliation";
+    final String SHIBBOLETH_USER_AUTO_CREATE  = "shibboleth.user.auto.create";
+    final String SHIBBOLETH_USER_AUTO_UPDATE = "shibboleth.user.auto.update";
+    final String SHIBBOLETH_USER_ROLE_AUTO_ASSIGN = "shibboleth.user.role.auto.assign";
+    final String SHIBBOLETH_USER_ROLE_AUTO_ASSIGN_SUBTYPE = "shibboleth.user.role.auto.assign.subtype";
+    final String SHIBBOLETH_HEADER_AFFILIATION_PREFIX = "shibboleth.header.affiliation.prefix";
+    final String SHIBBOLETH_USER_ROLE_AUTO_CREATE = "shibboleth.user.role.auto.create";
+    String shibbolethEnabled = PrefsPropsUtil.getString(company.getCompanyId(), SHIBBOLETH_ENABLED, "false");
+    String shibbolethHeader = PrefsPropsUtil.getString(company.getCompanyId(), SHIBBOLETH_HEADER, "");
+    String shibbolethUserLdapImport = PrefsPropsUtil.getString(company.getCompanyId(), SHIBBOLETH_USER_LDAP_IMPORT, "false");
+    String shibbolethLogoutEnabled = PrefsPropsUtil.getString(company.getCompanyId(), SHIBBOLETH_LOGOUT_ENABLE, "false");
+    String shibbolethLogoutUrl = PrefsPropsUtil.getString(company.getCompanyId(), SHIBBOLETH_LOGOUT_URL, "");
+    String shibbolethLoginUrl = PrefsPropsUtil.getString(company.getCompanyId(), SHIBBOLETH_LOGIN_URL, "");
+    String shibbolethHeadersEnabled = PrefsPropsUtil.getString(company.getCompanyId(), SHIBBOLETH_HEADERS_ENABLE, "false");
+    String shibbolethAffiliationTruncateEnabled = PrefsPropsUtil.getString(company.getCompanyId(), SHIBBOLETH_AFFILIATION_TRUNCATE_ENABLE, "false");
+    String shibbolethScreenNameTransformEnabled = PrefsPropsUtil.getString(company.getCompanyId(), SHIBBOLETH_SCREENNAME_TRANSFORM_ENABLE, "false");
+    String shibbolethHeaderEmail = PrefsPropsUtil.getString(company.getCompanyId(), SHIBBOLETH_HEADER_EMAIL, "mail");
+    String shibbolethHeaderFirtsname = PrefsPropsUtil.getString(company.getCompanyId(), SHIBBOLETH_HEADER_FIRSTNAME, "givenname");
+    String shibbolethHeaderSurname = PrefsPropsUtil.getString(company.getCompanyId(), SHIBBOLETH_HEADER_SURNAME, "sn");
+    String shibbolethHeaderAffiliation = PrefsPropsUtil.getString(company.getCompanyId(), SHIBBOLETH_HEADER_AFFILIATION, "affiliation");
+    String shibbolethUserAutoCreate = PrefsPropsUtil.getString(company.getCompanyId(), SHIBBOLETH_USER_AUTO_CREATE, "false");
+    String shibbolethUserAutoUpdate = PrefsPropsUtil.getString(company.getCompanyId(), SHIBBOLETH_USER_AUTO_UPDATE, "false");
+    String shibbolethUserRoleAutoAssign = PrefsPropsUtil.getString(company.getCompanyId(), SHIBBOLETH_USER_ROLE_AUTO_ASSIGN, "false");
+    String shibbolethUserRoleAutoAssignSubtype = PrefsPropsUtil.getString(company.getCompanyId(), SHIBBOLETH_USER_ROLE_AUTO_ASSIGN_SUBTYPE, "");
+    String shibbolethHeaderAffiliationPrefix = PrefsPropsUtil.getString(company.getCompanyId(), SHIBBOLETH_HEADER_AFFILIATION_PREFIX, "");
+    String shibbolethUserRoleAutoCreate = PrefsPropsUtil.getString(company.getCompanyId(), SHIBBOLETH_USER_ROLE_AUTO_CREATE, "false");
+%>
+<aui:fieldset>
+        <aui:input label="enabled" name='<%="settings--" + SHIBBOLETH_ENABLED + "--" %>' type="checkbox"
+                   value="<%= shibbolethEnabled %>"/>
+        <aui:input cssCLass="lfr-input-text-container" label="login-url"
+                   name='<%= "settings--" + SHIBBOLETH_LOGIN_URL + "--" %>' type="text"
+                   value="<%= shibbolethLoginUrl %>"/>
+        <aui:input cssClass="lfr-input-text-container" label="shibboleth-user-id-header"
+                   name='<%= "settings--" + SHIBBOLETH_HEADER + "--" %>' type="text" value="<%= shibbolethHeader %>"/>
+        <aui:input label="shibboleth-screenname-transform-enable" name='<%= "settings--" + SHIBBOLETH_SCREENNAME_TRANSFORM_ENABLE + "--" %>'
+                   type="checkbox" value="<%= shibbolethScreenNameTransformEnabled %>"/>
+        <aui:input cssClass="lfr-input-text-container" label="shibboleth-user-header-email"
+                   name='<%= "settings--" + SHIBBOLETH_HEADER_EMAIL + "--" %>' type="text" value="<%= shibbolethHeaderEmail %>"/>    
+        <aui:input cssClass="lfr-input-text-container" label="shibboleth-user-header-firstname"
+                   name='<%= "settings--" + SHIBBOLETH_HEADER_FIRSTNAME + "--" %>' type="text" value="<%= shibbolethHeaderFirtsname %>"/>  
+        <aui:input cssClass="lfr-input-text-container" label="shibboleth-user-header-surname"
+                   name='<%= "settings--" + SHIBBOLETH_HEADER_SURNAME + "--" %>' type="text" value="<%= shibbolethHeaderSurname %>"/>    
+        <aui:input cssClass="lfr-input-text-container" label="shibboleth-user-header-affiliation"
+                   name='<%= "settings--" + SHIBBOLETH_HEADER_AFFILIATION + "--" %>' type="text" value="<%= shibbolethHeaderAffiliation %>"/>        
+        <aui:input label="shibboleth-affiliation-truncate-enable" name='<%= "settings--" + SHIBBOLETH_AFFILIATION_TRUNCATE_ENABLE + "--" %>'
+                   type="checkbox" value="<%= shibbolethAffiliationTruncateEnabled %>"/>
+        <aui:input label="auto-create-users"
+                   name='<%= "settings--" + SHIBBOLETH_USER_AUTO_CREATE + "--" %>' type="checkbox"
+                   value="<%= shibbolethUserAutoCreate %>"/>
+        <aui:input label="auto-update-users"
+                   name='<%= "settings--" + SHIBBOLETH_USER_AUTO_UPDATE + "--" %>' type="checkbox"
+                   value="<%= shibbolethUserAutoUpdate %>"/>
+        <aui:input label="import-shibboleth-users-from-ldap"
+                   name='<%= "settings--" + SHIBBOLETH_USER_LDAP_IMPORT + "--" %>' type="checkbox"
+                   value="<%= shibbolethUserLdapImport %>"/>
+        <aui:input label="auto-create-user-role"
+                   name='<%= "settings--" + SHIBBOLETH_USER_ROLE_AUTO_CREATE + "--" %>' type="checkbox"
+                   value="<%= shibbolethUserRoleAutoCreate %>"/>
+        <aui:input label="auto-assign-user-role"
+                   name='<%= "settings--" + SHIBBOLETH_USER_ROLE_AUTO_ASSIGN + "--" %>' type="checkbox"
+                   value="<%= shibbolethUserRoleAutoAssign %>"/>
+        <aui:input cssClass="lfr-input-text-container" label="auto-assign-user-role-subtype"
+                   name='<%= "settings--" + SHIBBOLETH_USER_ROLE_AUTO_ASSIGN_SUBTYPE + "--" %>' type="text"
+                   value="<%= shibbolethUserRoleAutoAssignSubtype %>"/>             
+        <aui:input label="shibboleth-logout-enable" name='<%= "settings--" + SHIBBOLETH_LOGOUT_ENABLE + "--" %>'
+                   type="checkbox" value="<%= shibbolethLogoutEnabled %>"/>
+        <aui:input cssClass="lfr-input-text-container" label="logout-url"
+                   name='<%= "settings--" + SHIBBOLETH_LOGOUT_URL + "--" %>' type="text"
+                   value="<%= shibbolethLogoutUrl %>"/>
+        <aui:input cssClass="lfr-input-text-container" label="shibboleth-user-header-affiliation-prefix"
+                   name='<%= "settings--" + SHIBBOLETH_HEADER_AFFILIATION_PREFIX + "--" %>' type="text"
+                   value="<%= shibbolethHeaderAffiliationPrefix %>"/>   
+        <aui:input label="shibboleth-headers-enable" name='<%= "settings--" + SHIBBOLETH_HEADERS_ENABLE + "--" %>'
+                   type="checkbox" value="<%= shibbolethHeadersEnabled %>"/>
+</aui:fieldset>
--- a/target/shibboleth-plugin-hook/WEB-INF/liferay-hook.xml
+++ b/target/shibboleth-plugin-hook/WEB-INF/liferay-hook.xml
+<?xml version="1.0"?>
+<!DOCTYPE hook PUBLIC "-//Liferay//DTD Hook 6.2.0//EN" "http://www.liferay.com/dtd/liferay-hook_6_2_0.dtd">
+<hook>
+    <portal-properties>portal.properties</portal-properties>
+    <language-properties>language.properties</language-properties>
+    <custom-jsp-dir>/WEB-INF/jsps</custom-jsp-dir>
+    <servlet-filter>
+        <servlet-filter-name>shibboleth</servlet-filter-name>
+        <servlet-filter-impl>com.liferay.portal.servlet.filters.sso.shibboleth.ShibbolethFilter</servlet-filter-impl>
+    </servlet-filter>
+    <servlet-filter-mapping>
+        <servlet-filter-name>shibboleth</servlet-filter-name>
+        <after-filter>Auto Login Filter</after-filter>
+        <url-pattern>/c/portal/login</url-pattern>
+        <url-pattern>/c/portal/logout</url-pattern>
+        <dispatcher>FORWARD</dispatcher>
+        <dispatcher>REQUEST</dispatcher>
+    </servlet-filter-mapping>
+</hook>
\ No newline at end of file
--- a/target/shibboleth-plugin-hook/WEB-INF/liferay-plugin-package.properties
+++ b/target/shibboleth-plugin-hook/WEB-INF/liferay-plugin-package.properties
+name=Shibboleth Plugin
+module-group-id=liferay 7.1.1
+module-incremental-version=1
+tags=
+short-description=
+change-log=
+page-url=https://github.com/ivan-novakov/liferay-shibboleth-plugin
+author=Ivan Novakov ivan.novakov@debug.cz
+page-url=http://code.google.com/p/liferay-shibboleth-plugin/
+author=Romeo Sheshi rsheshi@gmail.com
--- a/target/shibboleth-plugin-hook/WEB-INF/liferay-plugin-package.xml
+++ b/target/shibboleth-plugin-hook/WEB-INF/liferay-plugin-package.xml
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plugin-package PUBLIC "-//Liferay//DTD Plugin Package 6.2.0//EN"
+        "http://www.liferay.com/dtd/liferay-plugin-package_6_2_0.dtd">
+<plugin-package>
+    <name>Shibboleth Plugin</name>
+    <module-id>com.github.ivan-novakov.liferay-shibboleth-plugin/liferay-shibboleth-plugin/1.2/war</module-id>
+    <types>
+        <type>portlets</type>
+    </types>
+    <tags>
+        <tag>shibboleth</tag>
+    </tags>
+    <short-description/>
+    <change-log/>
+    <page-url>https://github.com/ivan-novakov/liferay-shibboleth-plugin</page-url>
+    <author>Ivan Novakov ivan.novakov@debug.cz</author>
+    <licenses>
+        <license osi-approved="true">LGPL</license>
+    </licenses>
+    <liferay-versions>
+        <liferay-version>6.2.0+</liferay-version>
+    </liferay-versions>
+</plugin-package>
\ No newline at end of file
--- a/target/shibboleth-plugin-hook/WEB-INF/web.xml
+++ b/target/shibboleth-plugin-hook/WEB-INF/web.xml
+<?xml version="1.0"?>
+<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
+</web-app>
\ No newline at end of file
--- a/target/shibboleth-plugin-hook/images/shibboleth.png
+++ b/target/shibboleth-plugin-hook/images/shibboleth.png