diff --git a/pom.xml b/pom.xml
index 8716fb95079bc16a6eef98b15aef4dd0846f8d62..744ab7c60bd430c28fe3b5f3016bba4e0b47e54b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,7 +6,8 @@
<version>2.0.0-SNAPSHOT</version>
<packaging>war</packaging>
<properties>
- <spring.version>3.0.7.RELEASE</spring.version>
+ <org.springframework-version>3.1.2.RELEASE</org.springframework-version>
+ <org.springframework.security-version>3.1.0.RELEASE</org.springframework.security-version>
</properties>
<repositories>
<repository>
@@ -19,7 +20,12 @@
<name>THM Maven Mirror</name>
<url>http://maven.mni.thm.de/content/groups/public</url>
</repository>
- </repositories>
+ <repository>
+ <id>sonatype-snapshots</id>
+ <name>Sonatype Snapshot Repository</name>
+ <url>https://oss.sonatype.org/content/repositories/snapshots/</url>
+ </repository>
+ </repositories>
<dependencies>
<dependency>
<groupId>de.thm.arsnova</groupId>
@@ -33,40 +39,44 @@
<version>1.8.0</version>
<type>war</type>
</dependency>
+ <!-- Spring -->
<dependency>
- <groupId>org.springframework.security</groupId>
- <artifactId>spring-security-web</artifactId>
- <version>${spring.version}</version>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-context</artifactId>
+ <version>${org.springframework-version}</version>
+ <exclusions>
+ <!-- Exclude Commons Logging in favor of SLF4j -->
+ <exclusion>
+ <groupId>commons-logging</groupId>
+ <artifactId>commons-logging</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
- <groupId>org.springframework.security</groupId>
- <artifactId>spring-security-cas-client</artifactId>
- <version>${spring.version}</version>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-webmvc</artifactId>
+ <version>${org.springframework-version}</version>
</dependency>
+ <!-- Security -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
- <version>${spring.version}</version>
+ <version>${org.springframework.security-version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
- <artifactId>spring-security-openid</artifactId>
- <version>${spring.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springframework.social</groupId>
- <artifactId>spring-social-facebook</artifactId>
- <version>1.0.1.RELEASE</version>
+ <artifactId>spring-security-web</artifactId>
+ <version>${org.springframework.security-version}</version>
</dependency>
<dependency>
- <groupId>org.springframework.social</groupId>
- <artifactId>spring-social-twitter</artifactId>
- <version>1.0.2.RELEASE</version>
+ <groupId>org.springframework.security</groupId>
+ <artifactId>spring-security-taglibs</artifactId>
+ <version>${org.springframework.security-version}</version>
</dependency>
<dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-webmvc</artifactId>
- <version>${spring.version}</version>
+ <groupId>org.springframework.security</groupId>
+ <artifactId>spring-security-cas</artifactId>
+ <version>${org.springframework.security-version}</version>
</dependency>
<dependency>
<groupId>jstl</groupId>
@@ -113,7 +123,7 @@
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
- <version>${spring.version}</version>
+ <version>${org.springframework-version}</version>
</dependency>
<dependency>
<groupId>junit</groupId>
@@ -121,6 +131,13 @@
<version>4.10</version>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>
+ com.github.leleuj.springframework.security
+ </groupId>
+ <artifactId>spring-security-oauth-client</artifactId>
+ <version>1.0.0-SNAPSHOT</version>
+ </dependency>
</dependencies>
<build>
<plugins>
diff --git a/src/main/java/de/thm/arsnova/LoginController.java b/src/main/java/de/thm/arsnova/LoginController.java
index bf846e96495623688df96bb560c03b7b05d30cb6..da87bc2ee2ac9a31aa97e6da7f2973c88af0af71 100644
--- a/src/main/java/de/thm/arsnova/LoginController.java
+++ b/src/main/java/de/thm/arsnova/LoginController.java
@@ -18,109 +18,101 @@
*/
package de.thm.arsnova;
+import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
+import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.scribe.up.provider.impl.FacebookProvider;
+import org.scribe.up.provider.impl.Google2Provider;
+import org.scribe.up.provider.impl.TwitterProvider;
+import org.scribe.up.session.HttpUserSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.authentication.encoding.ShaPasswordEncoder;
import org.springframework.security.cas.authentication.CasAuthenticationToken;
+import org.springframework.security.cas.web.CasAuthenticationEntryPoint;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.GrantedAuthorityImpl;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.token.Sha512DigestUtils;
-import org.springframework.security.core.userdetails.User;
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.ResponseBody;
+import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;
+import de.thm.arsnova.entities.User;
+import de.thm.arsnova.services.IUserService;
+
@Controller
public class LoginController {
+
+ @Autowired
+ TwitterProvider twitterProvider;
- public static final Logger logger = LoggerFactory.getLogger(LoginController.class);
+ @Autowired
+ Google2Provider googleProvider;
- @RequestMapping(method = RequestMethod.GET, value = "/doCasLogin")
- public ModelAndView doCasLogin(HttpServletRequest request) {
- String referer = request.getHeader("referer");
- String target = "";
- if (referer != null && referer.endsWith("dojo-index.html")) {
- target = "dojo-index.html";
- }
-
- Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
- if(authentication == null) {
- return null;
- }
- User user = (User) authentication.getPrincipal();
-
- logger.info("CAS Login for: " + user.getUsername());
- return new ModelAndView("redirect:/" + target + "#auth/checkCasLogin/" + user.getUsername());
- }
+ @Autowired
+ FacebookProvider facebookProvider;
- @RequestMapping(method = RequestMethod.GET, value = "/doOpenIdLogin")
- public ModelAndView doOpenIdLogin() {
- String userHash = hashUser();
-
- logger.info("OpenID Login for user with hash " + userHash);
- return new ModelAndView("redirect:/#auth/checkCasLogin/" + userHash);
- }
+ @Autowired
+ CasAuthenticationEntryPoint casEntryPoint;
+
+ @Autowired
+ IUserService userService;
- @RequestMapping(method = RequestMethod.GET, value = "/doGuestLogin")
- public ModelAndView doGuestLogin(final HttpServletRequest request) {
- List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
- authorities.add(new GrantedAuthorityImpl("ROLE_GUEST"));
- String username = "Guest" + Sha512DigestUtils.shaHex(request.getSession().getId()).substring(0, 10);
- User user = new User(username, "", true, true, true, true, authorities);
- Authentication token = new UsernamePasswordAuthenticationToken(user, null, authorities);
-
- SecurityContextHolder.getContext().setAuthentication(token);
- request.getSession(true).setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext());
+ public static final Logger logger = LoggerFactory
+ .getLogger(LoginController.class);
- String userHash = hashUser();
- logger.info("Guest Login for user " + user);
- return new ModelAndView("redirect:/#auth/checkCasLogin/" + userHash);
+ @RequestMapping(method = RequestMethod.GET, value = "/doLogin")
+ public ModelAndView doLogin(@RequestParam("type") String type, HttpServletRequest request, HttpServletResponse response)
+ throws IOException, ServletException {
+ if("cas".equals(type)) {
+ casEntryPoint.commence(request, response, null);
+ } else if("twitter".equals(type)) {
+ String authUrl = twitterProvider.getAuthorizationUrl(new HttpUserSession(request));
+ return new ModelAndView("redirect:" + authUrl);
+ } else if("facebook".equals(type)) {
+ String authUrl = facebookProvider.getAuthorizationUrl(new HttpUserSession(request));
+ return new ModelAndView("redirect:" + authUrl);
+ } else if("google".equals(type)) {
+ String authUrl = googleProvider.getAuthorizationUrl(new HttpUserSession(request));
+ return new ModelAndView("redirect:" + authUrl);
+ } else if("guest".equals(type)) {
+ List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
+ authorities.add(new SimpleGrantedAuthority("ROLE_GUEST"));
+ String username = "Guest" + Sha512DigestUtils.shaHex(request.getSession().getId()).substring(0, 10);
+ org.springframework.security.core.userdetails.User user =
+ new org.springframework.security.core.userdetails.User(username, "", true, true, true, true, authorities);
+ Authentication token = new UsernamePasswordAuthenticationToken(user, null, authorities);
+
+ SecurityContextHolder.getContext().setAuthentication(token);
+ request.getSession(true).setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext());
+ return new ModelAndView("redirect:/#auth/checkLogin");
+ }
+ return null;
}
-
+
@RequestMapping(method = RequestMethod.GET, value = "/whoami")
- @ResponseBody
- public String whoami() {
- Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
- if(authentication == null || authentication.getPrincipal() == null) {
- return null;
- }
- return authentication.getPrincipal().toString();
+ public User whoami() {
+ return userService.getUser(SecurityContextHolder.getContext().getAuthentication());
}
-
+
@RequestMapping(method = RequestMethod.GET, value = "/logout")
public ModelAndView doLogout(final HttpServletRequest request) {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
request.getSession().invalidate();
- if(auth instanceof CasAuthenticationToken) {
+ if (auth instanceof CasAuthenticationToken) {
return new ModelAndView("redirect:/j_spring_cas_security_logout");
}
return new ModelAndView("redirect:/");
}
-
- private String hashUser() {
- Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
- String userHash;
- try {
- User user = (User) authentication.getPrincipal();
- userHash = new ShaPasswordEncoder(256).encodePassword(user.getUsername(), "");
- } catch (ClassCastException e) {
- // Principal is of type String
- userHash = new ShaPasswordEncoder(256).encodePassword(
- (String)authentication.getPrincipal(),
- ""
- );
- }
- return userHash;
- }
}
diff --git a/src/main/java/de/thm/arsnova/entities/User.java b/src/main/java/de/thm/arsnova/entities/User.java
new file mode 100644
index 0000000000000000000000000000000000000000..8de2f06d46f7d23cf6b696cd0be80d605451c4bb
--- /dev/null
+++ b/src/main/java/de/thm/arsnova/entities/User.java
@@ -0,0 +1,41 @@
+package de.thm.arsnova.entities;
+
+import org.jasig.cas.client.authentication.AttributePrincipal;
+import org.scribe.up.profile.facebook.FacebookProfile;
+import org.scribe.up.profile.google.Google2Profile;
+import org.scribe.up.profile.twitter.TwitterProfile;
+import org.springframework.security.authentication.AnonymousAuthenticationToken;
+
+public class User {
+
+ private String username;
+
+ public User(Google2Profile profile) {
+ setUsername(profile.getEmail());
+ }
+
+ public User(TwitterProfile profile) {
+ setUsername(profile.getScreenName());
+ }
+
+ public User(FacebookProfile profile) {
+ setUsername(profile.getLink());
+ }
+
+ public User(AttributePrincipal principal) {
+ setUsername(principal.getName());
+ }
+
+ public User(AnonymousAuthenticationToken token) {
+ setUsername("anonymous");
+ }
+
+ public String getUsername() {
+ return username;
+ }
+
+ public void setUsername(String username) {
+ this.username = username;
+ }
+
+}
diff --git a/src/main/java/de/thm/arsnova/services/IUserService.java b/src/main/java/de/thm/arsnova/services/IUserService.java
new file mode 100644
index 0000000000000000000000000000000000000000..4a5c6f5ea0dd1c479216f1f4e7abc3800073393f
--- /dev/null
+++ b/src/main/java/de/thm/arsnova/services/IUserService.java
@@ -0,0 +1,9 @@
+package de.thm.arsnova.services;
+
+import org.springframework.security.core.Authentication;
+
+import de.thm.arsnova.entities.User;
+
+public interface IUserService {
+ User getUser(Authentication authentication);
+}
diff --git a/src/main/java/de/thm/arsnova/services/UserService.java b/src/main/java/de/thm/arsnova/services/UserService.java
new file mode 100644
index 0000000000000000000000000000000000000000..e8bb017df5c361d8586e2ba759842f5a50881eab
--- /dev/null
+++ b/src/main/java/de/thm/arsnova/services/UserService.java
@@ -0,0 +1,46 @@
+package de.thm.arsnova.services;
+
+import org.scribe.up.profile.facebook.FacebookProfile;
+import org.scribe.up.profile.google.Google2Profile;
+import org.scribe.up.profile.twitter.TwitterProfile;
+import org.springframework.security.authentication.AnonymousAuthenticationToken;
+import org.springframework.security.cas.authentication.CasAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.stereotype.Service;
+
+import com.github.leleuj.ss.oauth.client.authentication.OAuthAuthenticationToken;
+
+import de.thm.arsnova.entities.User;
+
+@Service
+public class UserService implements IUserService {
+
+ @Override
+ public User getUser(Authentication authentication) {
+ if (authentication == null || authentication.getPrincipal() == null) {
+ return null;
+ }
+
+ if(authentication instanceof OAuthAuthenticationToken) {
+ OAuthAuthenticationToken token = (OAuthAuthenticationToken) authentication;
+ if(token.getUserProfile() instanceof Google2Profile) {
+ Google2Profile profile = (Google2Profile) token.getUserProfile();
+ return new User(profile);
+ } else if(token.getUserProfile() instanceof TwitterProfile) {
+ TwitterProfile profile = (TwitterProfile) token.getUserProfile();
+ return new User(profile);
+ } else if(token.getUserProfile() instanceof FacebookProfile) {
+ FacebookProfile profile = (FacebookProfile) token.getUserProfile();
+ return new User(profile);
+ }
+ } else if (authentication instanceof CasAuthenticationToken) {
+ CasAuthenticationToken token = (CasAuthenticationToken) authentication;
+ return new User(token.getAssertion().getPrincipal());
+ } else if(authentication instanceof AnonymousAuthenticationToken){
+ AnonymousAuthenticationToken token = (AnonymousAuthenticationToken) authentication;
+ return new User(token);
+ }
+ return null;
+ }
+
+}
diff --git a/src/main/webapp/WEB-INF/api-servlet.xml b/src/main/webapp/WEB-INF/api-servlet.xml
index a68df8e7c73862ec8305cad8211546766a324694..b7865697175d00f1f3a08b1aa6d059e90777b0cf 100644
--- a/src/main/webapp/WEB-INF/api-servlet.xml
+++ b/src/main/webapp/WEB-INF/api-servlet.xml
@@ -3,10 +3,10 @@
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:mvc="http://www.springframework.org/schema/mvc"
- xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd
- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.4.xsd
- http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
+ xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd
+ http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd">
<context:component-scan base-package="de.thm.arsnova" />
<context:annotation-config />
diff --git a/src/main/webapp/WEB-INF/arsnova-servlet.xml b/src/main/webapp/WEB-INF/arsnova-servlet.xml
index cee82e47414033b84e985bfe1f5f9ca94a2680b8..1c79a718e925e751bcc9b2a483d5f9c162162f24 100644
--- a/src/main/webapp/WEB-INF/arsnova-servlet.xml
+++ b/src/main/webapp/WEB-INF/arsnova-servlet.xml
@@ -5,10 +5,10 @@
xmlns:security="http://www.springframework.org/schema/security"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:p="http://www.springframework.org/schema/p"
- xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.0.xsd
- http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.4.xsd
- http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
+ xsi:schemaLocation="http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd
+ http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd">
<context:component-scan base-package="de.thm.arsnova" />
<context:annotation-config />
diff --git a/src/main/webapp/WEB-INF/spring/spring-main.xml b/src/main/webapp/WEB-INF/spring/spring-main.xml
index 2c8fa638b68c365ae8fa5c95aa019f5ddc023a68..cdb1ae9ab3883585845c3513d3641c2c131a7dfb 100644
--- a/src/main/webapp/WEB-INF/spring/spring-main.xml
+++ b/src/main/webapp/WEB-INF/spring/spring-main.xml
@@ -3,12 +3,13 @@
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:p="http://www.springframework.org/schema/p"
- xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
+ xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd">
<bean id="propertyPlaceholderConfigurer"
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"
- p:ignoreUnresolvablePlaceholders="false">
+ p:ignoreUnresolvablePlaceholders="false"
+ p:ignoreResourceNotFound="true">
<property name="locations" >
<list>
<value>config.properties.example</value>
@@ -22,19 +23,4 @@
<context:component-scan base-package="de.thm.arsnova" />
<context:annotation-config />
- <bean id="connectionFactoryLocator"
- class="org.springframework.social.connect.support.ConnectionFactoryRegistry">
- <property name="connectionFactories">
- <list>
- <bean
- class="org.springframework.social.facebook.connect.FacebookConnectionFactory">
- <!-- constructor-arg value="${facebook.clientId}" />
- <constructor-arg value="${facebook.clientSecret}" /-->
- <constructor-arg value="clientId" />
- <constructor-arg value="clientSecret" />
- </bean>
- </list>
- </property>
- </bean>
-
</beans>
diff --git a/src/main/webapp/WEB-INF/spring/spring-security.xml b/src/main/webapp/WEB-INF/spring/spring-security.xml
index 1bba18ac7dc5517efb4d23f143d656ded11bc828..1e630afbac3934ca77b4d73c75dd8a2800e342e2 100644
--- a/src/main/webapp/WEB-INF/spring/spring-security.xml
+++ b/src/main/webapp/WEB-INF/spring/spring-security.xml
@@ -1,35 +1,96 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xmlns:sec="http://www.springframework.org/schema/security"
+ xmlns:security="http://www.springframework.org/schema/security"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:p="http://www.springframework.org/schema/p"
- xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd
- http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
- http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.0.xsd
- http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
+ xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
+ http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-3.1.xsd
+ http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd">
<context:component-scan base-package="de.thm.arsnova" />
<context:annotation-config />
+
+
+ <security:authentication-manager alias="authenticationManager">
+ <security:authentication-provider ref="facebookAuthProvider" />
+ <security:authentication-provider ref="twitterAuthProvider" />
+ <security:authentication-provider ref="googleAuthProvider" />
+ <security:authentication-provider ref="casAuthenticationProvider" />
+ </security:authentication-manager>
- <sec:http entry-point-ref="casEntryPoint" disable-url-rewriting="true">
- <sec:intercept-url pattern="/j_spring_security_check"
- access="IS_AUTHENTICATED_ANONYMOUSLY" />
- <sec:intercept-url pattern="/doCasLogin" access="ROLE_USER" />
- <sec:custom-filter ref="casAuthenticationFilter" position="CAS_FILTER" />
- <sec:openid-login user-service-ref="openidUserDetailsService"
- default-target-url="${security.openid-target-url}" />
- <sec:custom-filter ref="singleSignOutFilter" before="CAS_FILTER"/>
- <sec:custom-filter ref="requestSingleLogoutFilter" before="LOGOUT_FILTER"/>
- </sec:http>
+ <security:http entry-point-ref="facebookEntryPoint">
+ <security:custom-filter ref="facebookFilter" before="CAS_FILTER" />
+ <security:custom-filter ref="twitterFilter" after="CAS_FILTER" />
+ <security:custom-filter ref="googleFilter" before="FORM_LOGIN_FILTER" />
+
+ <security:custom-filter ref="casAuthenticationFilter" position="CAS_FILTER" />
+ <security:custom-filter ref="requestSingleLogoutFilter" before="LOGOUT_FILTER" />
+ </security:http>
- <sec:authentication-manager alias="authenticationManager">
- <sec:authentication-provider ref="casAuthenticationProvider" />
- </sec:authentication-manager>
-
- <bean id="casAuthenticationFilter"
+ <!-- ######################### FACEBOOK ######################### -->
+ <bean id="facebookEntryPoint" class="com.github.leleuj.ss.oauth.client.web.OAuthAuthenticationEntryPoint"
+ p:provider-ref="facebookProvider" />
+
+ <bean id="facebookProvider" class="org.scribe.up.provider.impl.FacebookProvider"
+ p:key="${security.facebook.key}"
+ p:secret="${security.facebook.secret}"
+ p:callbackUrl="${security.arsnova-url}/j_spring_facebook_security_check" />
+
+ <bean id="facebookFilter" class="com.github.leleuj.ss.oauth.client.web.OAuthAuthenticationFilter"
+ p:filterProcessesUrl="/j_spring_facebook_security_check"
+ p:provider-ref="facebookProvider"
+ p:authenticationManager-ref="authenticationManager"
+ p:authenticationFailureHandler-ref="failureHandler"
+ p:authenticationSuccessHandler-ref="successHandler" />
+
+ <bean id="facebookAuthProvider" class="com.github.leleuj.ss.oauth.client.authentication.OAuthAuthenticationProvider"
+ p:provider-ref="facebookProvider" />
+
+ <!-- ######################### TWITTER ######################### -->
+ <bean id="twitterProvider" class="org.scribe.up.provider.impl.TwitterProvider"
+ p:key="${security.twitter.key}"
+ p:secret="${security.twitter.secret}"
+ p:callbackUrl="${security.arsnova-url}/j_spring_twitter_security_check" />
+
+ <bean id="twitterFilter" class="com.github.leleuj.ss.oauth.client.web.OAuthAuthenticationFilter"
+ p:filterProcessesUrl="/j_spring_twitter_security_check"
+ p:provider-ref="twitterProvider"
+ p:authenticationManager-ref="authenticationManager"
+ p:authenticationFailureHandler-ref="failureHandler"
+ p:authenticationSuccessHandler-ref="successHandler" />
+
+ <bean id="twitterAuthProvider" class="com.github.leleuj.ss.oauth.client.authentication.OAuthAuthenticationProvider"
+ p:provider-ref="twitterProvider" />
+
+ <!-- ######################### GOOGLE ######################### -->
+ <bean id="googleProvider" class="org.scribe.up.provider.impl.Google2Provider"
+ p:key="${security.google.key}"
+ p:secret="${security.google.secret}"
+ p:scope-ref="googleScope"
+ p:callbackUrl="${security.arsnova-url}/j_spring_google_security_check" />
+
+ <bean id="googleScope" class="org.scribe.up.provider.impl.Google2Provider.Google2Scope" factory-method="valueOf">
+ <constructor-arg index="0" value="EMAIL" />
+ </bean>
+
+ <bean id="googleFilter" class="com.github.leleuj.ss.oauth.client.web.OAuthAuthenticationFilter"
+ p:filterProcessesUrl="/j_spring_google_security_check"
+ p:provider-ref="googleProvider"
+ p:authenticationManager-ref="authenticationManager"
+ p:authenticationFailureHandler-ref="failureHandler"
+ p:authenticationSuccessHandler-ref="successHandler" />
+
+ <bean id="googleAuthProvider" class="com.github.leleuj.ss.oauth.client.authentication.OAuthAuthenticationProvider"
+ p:provider-ref="googleProvider" />
+
+ <!-- ######################### CAS ######################### -->
+ <bean id="casAuthenticationFilter"
class="org.springframework.security.cas.web.CasAuthenticationFilter"
- p:authenticationManager-ref="authenticationManager" />
+ p:authenticationManager-ref="authenticationManager"
+ p:authenticationFailureHandler-ref="failureHandler"
+ p:authenticationSuccessHandler-ref="successHandler" />
<bean id="casEntryPoint"
class="org.springframework.security.cas.web.CasAuthenticationEntryPoint"
@@ -38,7 +99,7 @@
<bean id="casServiceProperties"
class="org.springframework.security.cas.ServiceProperties"
- p:service="${security.cas-check-url}"
+ p:service="${security.arsnova-url}/j_spring_cas_security_check"
p:sendRenew="false" />
<bean id="casAuthenticationProvider"
@@ -52,8 +113,7 @@
<bean id="casTicketValidator" class="org.jasig.cas.client.validation.Cas20ProxyTicketValidator">
<constructor-arg value="${security.cas-server-url}" />
</bean>
-
- <bean id="singleSignOutFilter" class="org.jasig.cas.client.session.SingleSignOutFilter" />
+
<bean id="requestSingleLogoutFilter"
class="org.springframework.security.web.authentication.logout.LogoutFilter"
p:filterProcessesUrl="/j_spring_cas_security_logout" >
@@ -63,4 +123,13 @@
"org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/>
</constructor-arg>
</bean>
+
+ <bean id="successHandler" class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler"
+ p:alwaysUseDefaultTargetUrl="false"
+ p:defaultTargetUrl="/#auth/checkLogin"/>
+
+ <bean id="failureHandler"
+ class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
+ <property name="defaultFailureUrl" value="/login.jsp" />
+ </bean>
</beans>
diff --git a/src/main/webapp/config.properties.example b/src/main/webapp/config.properties.example
index 6ab0e10511dee073070bd66a8ae5331d54993255..5fa3434ce1631994ec94b3b6ca6fa7a7dbf2792a 100644
--- a/src/main/webapp/config.properties.example
+++ b/src/main/webapp/config.properties.example
@@ -1,8 +1,16 @@
security.arsnova-url=http://localhost:8080/arsnova-war
-security.openid-target-url=http://localhost:8080/arsnova-war/doOpenIdLogin
-security.cas-check-url=http://localhost:8080/arsnova-war/j_spring_cas_security_check
security.cas-server-url=https://cas.thm.de/cas
+security.facebook.key=318531508227494
+security.facebook.secret=e3f38cfc72bb63e35641b637081a6177
+
+security.twitter.key=bmk6i12UPjxEUPwtxAuQ
+security.twitter.secret=k3E52IJIYEUoeTWAakGldoyFYAS0OIEtDj050UzBrFw
+
+security.google.key=110959746118.apps.googleusercontent.com
+security.google.secret=CkzUJZswY8rjWCCYnHVovyGA
+
+
couchdb.host=localhost
couchdb.port=5984
couchdb.name=arsnova
\ No newline at end of file