hazza/DSpace
1
0
Fork 0
mirror of https://github.com/DSpace/DSpace.git synced 2025-10-07 01:54:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

use config service for props

Browse Source
This commit is contained in:
Terry Brady
2016-02-03 14:29:36 -08:00
parent 492d474fb7
commit 7f5e444047
1 changed files with 36 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
dspace-api/src/main/java/org/dspace/authenticate/ShibAuthentication.java
View File

@@ -21,7 +21,6 @@ import org.apache.commons.collections.ListUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.dspace.authenticate.factory.AuthenticateServiceFactory;
import org.dspace.authenticate.service.AuthenticationService;
import org.dspace.authorize.AuthorizeException;
import org.dspace.content.MetadataField;
@@ -31,12 +30,13 @@ import org.dspace.content.factory.ContentServiceFactory;
import org.dspace.content.service.MetadataFieldService;
import org.dspace.content.service.MetadataSchemaService;
import org.dspace.core.Context;
import org.dspace.core.ConfigurationManager;
import org.dspace.eperson.EPerson;
import org.dspace.eperson.Group;
import org.dspace.eperson.factory.EPersonServiceFactory;
import org.dspace.eperson.service.EPersonService;
import org.dspace.eperson.service.GroupService;
import org.dspace.services.ConfigurationService;
import org.dspace.services.factory.DSpaceServicesFactory;
/**
* Shibboleth authentication for DSpace
@@ -81,6 +81,7 @@ public class ShibAuthentication implements AuthenticationMethod
protected GroupService groupService = EPersonServiceFactory.getInstance().getGroupService();
protected MetadataFieldService metadataFieldService = ContentServiceFactory.getInstance().getMetadataFieldService();
protected MetadataSchemaService metadataSchemaService = ContentServiceFactory.getInstance().getMetadataSchemaService();
protected ConfigurationService configurationService = DSpaceServicesFactory.getInstance().getConfigurationService();
/**
@@ -169,7 +170,7 @@ public class ShibAuthentication implements AuthenticationMethod
// sword. This allows this compatibility without installing the password-based
// authentication method which has side effects such as allowing users to login
// with a username and password from the webui.
boolean swordCompatibility = ConfigurationManager.getBooleanProperty("authentication-shibboleth","sword.compatibility", true);
boolean swordCompatibility = configurationService.getBooleanProperty("authentication-shibboleth.sword.compatibility", true);
if ( swordCompatibility &&
username != null && username.length() > 0 &&
password != null && password.length() > 0 ) {
@@ -205,7 +206,7 @@ public class ShibAuthentication implements AuthenticationMethod
}
// Should we auto register new users.
boolean autoRegister = ConfigurationManager.getBooleanProperty("authentication-shibboleth","autoregister", true);
boolean autoRegister = configurationService.getBooleanProperty("authentication-shibboleth.autoregister", true);
// Four steps to authenticate a user
try {
@@ -302,10 +303,10 @@ public class ShibAuthentication implements AuthenticationMethod
}
log.debug("Starting to determine special groups");
String defaultRoles = ConfigurationManager.getProperty("authentication-shibboleth","default-roles");
String roleHeader = ConfigurationManager.getProperty("authentication-shibboleth","role-header");
boolean ignoreScope = ConfigurationManager.getBooleanProperty("authentication-shibboleth","role-header.ignore-scope", true);
boolean ignoreValue = ConfigurationManager.getBooleanProperty("authentication-shibboleth","role-header.ignore-value", false);
String defaultRoles = configurationService.getProperty("authentication-shibboleth.default-roles");
String roleHeader = configurationService.getProperty("authentication-shibboleth.role-header");
boolean ignoreScope = configurationService.getBooleanProperty("authentication-shibboleth.role-header.ignore-scope", true);
boolean ignoreValue = configurationService.getBooleanProperty("authentication-shibboleth.role-header.ignore-value", false);
if (ignoreScope && ignoreValue) {
throw new IllegalStateException("Both config parameters for ignoring an roll attributes scope and value are turned on, this is not a permissable configuration. (Note: ignore-scope defaults to true) The configuration parameters are: 'authentication.shib.role-header.ignore-scope' and 'authentication.shib.role-header.ignore-value'");
@@ -341,9 +342,9 @@ public class ShibAuthentication implements AuthenticationMethod
}
// Get the group names
String groupNames = ConfigurationManager.getProperty("authentication-shibboleth","role." + affiliation);
if (groupNames == null || groupNames.trim().length() == 0) {
groupNames = ConfigurationManager.getProperty("authentication-shibboleth","role." + affiliation.toLowerCase());
String[] groupNames = configurationService.getArrayProperty("authentication-shibboleth.role." + affiliation);
if (groupNames == null || groupNames.length == 0) {
groupNames = configurationService.getArrayProperty("authentication-shibboleth.role." + affiliation.toLowerCase());
}
if (groupNames == null) {
@@ -354,16 +355,15 @@ public class ShibAuthentication implements AuthenticationMethod
}
// Add each group to the list.
String[] names = groupNames.split(",");
for (int i = 0; i < names.length; i++) {
for (int i = 0; i < groupNames.length; i++) {
try {
Group group = groupService.findByName(context,names[i].trim());
Group group = groupService.findByName(context,groupNames[i].trim());
if (group != null)
groups.add(group);
else
log.debug("Unable to find group: '"+names[i].trim()+"'");
log.debug("Unable to find group: '"+groupNames[i].trim()+"'");
} catch (SQLException sqle) {
log.error("Exception thrown while trying to lookup affiliation role for group name: '"+names[i].trim()+"'",sqle);
log.error("Exception thrown while trying to lookup affiliation role for group name: '"+groupNames[i].trim()+"'",sqle);
}
} // for each groupNames
} // foreach affiliations
@@ -488,11 +488,11 @@ public class ShibAuthentication implements AuthenticationMethod
// If this server is configured for lazy sessions then use this to
// login, otherwise default to the protected shibboleth url.
boolean lazySession = ConfigurationManager.getBooleanProperty("authentication-shibboleth","lazysession", false);
boolean lazySession = configurationService.getBooleanProperty("authentication-shibboleth.lazysession", false);
if ( lazySession ) {
String shibURL = ConfigurationManager.getProperty("authentication-shibboleth","lazysession.loginurl");
boolean forceHTTPS = ConfigurationManager.getBooleanProperty("authentication-shibboleth","lazysession.secure",true);
String shibURL = configurationService.getProperty("authentication-shibboleth.lazysession.loginurl");
boolean forceHTTPS = configurationService.getBooleanProperty("authentication-shibboleth.lazysession.secure",true);
// Shibboleth authentication initiator
if (shibURL == null || shibURL.length() == 0)
@@ -581,9 +581,9 @@ public class ShibAuthentication implements AuthenticationMethod
*/
protected EPerson findEPerson(Context context, HttpServletRequest request) throws SQLException, AuthorizeException {
boolean isUsingTomcatUser = ConfigurationManager.getBooleanProperty("authentication-shibboleth","email-use-tomcat-remote-user");
String netidHeader = ConfigurationManager.getProperty("authentication-shibboleth","netid-header");
String emailHeader = ConfigurationManager.getProperty("authentication-shibboleth","email-header");
boolean isUsingTomcatUser = configurationService.getBooleanProperty("authentication-shibboleth.email-use-tomcat-remote-user");
String netidHeader = configurationService.getProperty("authentication-shibboleth.netid-header");
String emailHeader = configurationService.getProperty("authentication-shibboleth.email-header");
EPerson eperson = null;
boolean foundNetID = false;
@@ -680,10 +680,10 @@ public class ShibAuthentication implements AuthenticationMethod
protected EPerson registerNewEPerson(Context context, HttpServletRequest request) throws SQLException, AuthorizeException {
// Header names
String netidHeader = ConfigurationManager.getProperty("authentication-shibboleth","netid-header");
String emailHeader = ConfigurationManager.getProperty("authentication-shibboleth","email-header");
String fnameHeader = ConfigurationManager.getProperty("authentication-shibboleth","firstname-header");
String lnameHeader = ConfigurationManager.getProperty("authentication-shibboleth","lastname-header");
String netidHeader = configurationService.getProperty("authentication-shibboleth.netid-header");
String emailHeader = configurationService.getProperty("authentication-shibboleth.email-header");
String fnameHeader = configurationService.getProperty("authentication-shibboleth.firstname-header");
String lnameHeader = configurationService.getProperty("authentication-shibboleth.lastname-header");
// Header values
String netid = findSingleAttribute(request,netidHeader);
@@ -769,10 +769,10 @@ public class ShibAuthentication implements AuthenticationMethod
protected void updateEPerson(Context context, HttpServletRequest request, EPerson eperson) throws SQLException, AuthorizeException {
// Header names & values
String netidHeader = ConfigurationManager.getProperty("authentication-shibboleth","netid-header");
String emailHeader = ConfigurationManager.getProperty("authentication-shibboleth","email-header");
String fnameHeader = ConfigurationManager.getProperty("authentication-shibboleth","firstname-header");
String lnameHeader = ConfigurationManager.getProperty("authentication-shibboleth","lastname-header");
String netidHeader = configurationService.getProperty("authentication-shibboleth.netid-header");
String emailHeader = configurationService.getProperty("authentication-shibboleth.email-header");
String fnameHeader = configurationService.getProperty("authentication-shibboleth.firstname-header");
String lnameHeader = configurationService.getProperty("authentication-shibboleth.lastname-header");
String netid = findSingleAttribute(request,netidHeader);
String email = findSingleAttribute(request,emailHeader);
@@ -912,11 +912,11 @@ public class ShibAuthentication implements AuthenticationMethod
HashMap<String, String> map = new HashMap<String,String>();
String mappingString = ConfigurationManager.getProperty("authentication-shibboleth","eperson.metadata");
boolean autoCreate = ConfigurationManager.getBooleanProperty("authentication-shibboleth","eperson.metadata.autocreate", true);
String[] mappingString = configurationService.getArrayProperty("authentication-shibboleth.eperson.metadata");
boolean autoCreate = configurationService.getBooleanProperty("authentication-shibboleth.eperson.metadata.autocreate", true);
// Bail out if not set, returning an empty map.
if (mappingString == null || mappingString.trim().length() == 0) {
if (mappingString == null || mappingString.length == 0) {
log.debug("No additional eperson metadata mapping found: authentication.shib.eperson.metadata");
metadataHeaderMap = map;
@@ -926,8 +926,7 @@ public class ShibAuthentication implements AuthenticationMethod
log.debug("Loading additional eperson metadata from: 'authentication.shib.eperson.metadata' = '"+mappingString+"'");
String[] metadataStringList = mappingString.split(",");
for (String metadataString : metadataStringList) {
for (String metadataString : mappingString) {
metadataString = metadataString.trim();
String[] metadataParts = metadataString.split("=>");
@@ -1052,9 +1051,8 @@ public class ShibAuthentication implements AuthenticationMethod
value = request.getHeader(name.toUpperCase());
boolean reconvertAttributes =
ConfigurationManager.getBooleanProperty(
"authentication-shibboleth",
"reconvert.attributes",
configurationService.getBooleanProperty(
"authentication-shibboleth.reconvert.attributes",
false);
if (!StringUtils.isEmpty(value) && reconvertAttributes)