summaryrefslogtreecommitdiffstats
path: root/sca-cpp/trunk/hosting
diff options
context:
space:
mode:
authorjsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68>2012-04-02 06:23:35 +0000
committerjsdelfino <jsdelfino@13f79535-47bb-0310-9956-ffa450edef68>2012-04-02 06:23:35 +0000
commit54b61a4f65fb36be0bc3f190707aac2c4226a4a9 (patch)
tree5558f85da71d2f0a530001412f339fdc51495315 /sca-cpp/trunk/hosting
parentd28e692331d0fa5cc4a8aa010f4c715da07abf7e (diff)
Support multiple Auth modules in a single server or proxy config. Minor fixes to the OAuth2 module to comply with the spec.
git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1308244 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'sca-cpp/trunk/hosting')
-rw-r--r--sca-cpp/trunk/hosting/server/htdocs/app/index.html6
-rw-r--r--sca-cpp/trunk/hosting/server/htdocs/index.html10
-rw-r--r--sca-cpp/trunk/hosting/server/htdocs/login/index.html83
-rw-r--r--sca-cpp/trunk/hosting/server/htdocs/public/notauth/index.html5
-rw-r--r--sca-cpp/trunk/hosting/server/htdocs/public/notfound/index.html5
-rw-r--r--sca-cpp/trunk/hosting/server/htdocs/public/notyet/index.html5
-rw-r--r--sca-cpp/trunk/hosting/server/htdocs/public/oops/index.html5
-rwxr-xr-xsca-cpp/trunk/hosting/server/ssl-start52
8 files changed, 104 insertions, 67 deletions
diff --git a/sca-cpp/trunk/hosting/server/htdocs/app/index.html b/sca-cpp/trunk/hosting/server/htdocs/app/index.html
index 0b01c1d3bd..19fa7488a5 100644
--- a/sca-cpp/trunk/hosting/server/htdocs/app/index.html
+++ b/sca-cpp/trunk/hosting/server/htdocs/app/index.html
@@ -74,8 +74,12 @@ appcache.get = function(uri) {
document.head.appendChild(ui.declareCSS(appcache.get('/ui-min.css')));
})();
+</script>
+
+<script type="text/javascript">
+
// Redirect to login page if not signed in
-if (document.location.protocol == 'https:' && !ui.signedin())
+if (document.location.protocol == 'https:' && !hasauthcookie())
document.location = '/login/';
</script>
diff --git a/sca-cpp/trunk/hosting/server/htdocs/index.html b/sca-cpp/trunk/hosting/server/htdocs/index.html
index 3bc1529dbb..468461cedc 100644
--- a/sca-cpp/trunk/hosting/server/htdocs/index.html
+++ b/sca-cpp/trunk/hosting/server/htdocs/index.html
@@ -74,8 +74,11 @@ appcache.get = function(uri) {
document.head.appendChild(ui.declareCSS(appcache.get('/ui-min.css')));
})();
+</script>
+<script type="text/javascript">
+
// Redirect to login page if not signed in
-if (document.location.protocol == 'https:' && !ui.signedin())
+if (document.location.protocol == 'https:' && !hasauthcookie())
document.location = '/login/';
</script>
@@ -260,7 +263,7 @@ function showmenu(mdiv, view, appname) {
ui.menu(isNil(config.compose)? 'Composition' : config.compose, '/#view=graph&app=' + appname, '_view', view == 'graph'))),
mklist(
ui.menu('Account', '/#view=account', '_view', view == 'account'),
- ui.signedin()? ui.menufunc('Sign out', 'logout();', false) : ui.menu('Sign in', '/login/', '_self', false)));
+ hasauthcookie()? ui.menufunc('Sign out', 'logout();', false) : ui.menu('Sign in', '/login/', '_self', false)));
}
/**
@@ -434,8 +437,7 @@ window.onloginredirect = function(e) {
*/
function logout() {
// Clear session cookie and user-specific local storage entries
- var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + domainname(window.location.hostname) + '; path=/';
- document.cookie = reset;
+ clearauthcookie();
localStorage.removeItem('/r/EditWidget/accounts');
localStorage.removeItem('/r/EditWidget/dashboards');
//localStorage.clear();
diff --git a/sca-cpp/trunk/hosting/server/htdocs/login/index.html b/sca-cpp/trunk/hosting/server/htdocs/login/index.html
index 9052abe8d3..359afc1807 100644
--- a/sca-cpp/trunk/hosting/server/htdocs/login/index.html
+++ b/sca-cpp/trunk/hosting/server/htdocs/login/index.html
@@ -32,31 +32,50 @@
<h1>Sign in</h1>
-<form name="openIDForm">
+<form name="googleOpenIDForm">
<table border="0">
-<tr><td><b>Sign in with your Google account</b></td></tr>
-<tr><td><input type="button" value="Sign in" class="graybutton" style="font-weight: bold;" onclick="submitOpenIDSignin(withGoogle)"/></td></tr>
+<tr><td><b>Sign in with your Google account (using OpenID)</b></td></tr>
+<tr><td><input type="button" value="Sign in" class="graybutton" style="font-weight: bold;" onclick="submitOpenIDSignin(withGoogleOpenID)"/></td></tr>
</table>
</form>
-<form name="oauth2Form">
+<form name="facebookOAuth2Form">
<table border="0">
-<tr><td><b>Sign in with your Facebook account</b></td></tr>
-<tr><td><input type="button" value="Sign in" class="graybutton" style="font-weight: bold;" onclick="submitOAuth2Signin(withFacebook)"/></td></tr>
+<tr><td><b>Sign in with your Facebook account (using OAuth)</b></td></tr>
+<tr><td><input type="button" value="Sign in" class="graybutton" style="font-weight: bold;" onclick="submitOAuth2Signin(withFacebook)"/></td></tr>
</table>
</form>
+<form name="googleOAuth2Form">
+<table border="0">
+<tr><td><b>Sign in with your Google account (using OAuth)</b></td></tr>
+<tr><td><input type="button" value="Sign in" class="graybutton" style="font-weight: bold;" onclick="submitOAuth2Signin(withGoogleOAuth)"/></td></tr>
+</table>
+</form>
+
+<form name="formSignin" method="POST" action="/login/dologin">
+<table border="0">
+<tr><td colspan="2"><b>Sign in with your user id and password</b></td></tr>
+<tr><td>User id:</td><td><input type="text" name="httpd_username" value=""/></td></tr>
+<tr><td>Password:</td><td><input type="password" name="httpd_password" value=""/></td></tr>
+<tr><td><input type="button" class="graybutton" style="font-weight: bold;" onclick="submitFormSignin()" value="Sign in"/></td><td></td></tr>
+</table>
+</p>
+<input type="hidden" name="httpd_location" value="/"/>
+</form>
+
<form name="openIDSignin" action="/" method="GET">
<input type="hidden" name="openid_identifier" value=""/>
</form>
-<form name="oauth2Signin" action="/" method="GET">
-<input type="hidden" name="mod_oauth2_authorize" value=""/>
-<input type="hidden" name="mod_oauth2_access_token" value=""/>
-<input type="hidden" name="mod_oauth2_client_id" value=""/>
-<input type="hidden" name="mod_oauth2_info" value=""/>
-<input type="hidden" name="mod_oauth2_display" value=""/>
-<input type="hidden" name="mod_oauth2_step" value="authorize"/>
+<form name="oauth2Signin" action="/oauth2/authorize/" method="GET">
+<input type="hidden" name="oauth2_authorize" value=""/>
+<input type="hidden" name="oauth2_access_token" value=""/>
+<input type="hidden" name="oauth2_client_id" value=""/>
+<input type="hidden" name="oauth2_info" value=""/>
+<input type="hidden" name="oauth2_display" value=""/>
+<input type="hidden" name="oauth2_scope" value=""/>
+<input type="hidden" name="openauth_referrer" value=""/>
</form>
<script type="text/javascript">
@@ -85,8 +104,7 @@ function openauthReferrer() {
* Signin with OpenID.
*/
function submitOpenIDSignin(w) {
- var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + domainname(window.location.hostname) + '; path=/';
- document.cookie = reset;
+ clearauthcookie();
localStorage.removeItem('/r/EditWidget/accounts');
localStorage.removeItem('/r/EditWidget/dashboards');
//localStorage.clear();
@@ -95,7 +113,7 @@ function submitOpenIDSignin(w) {
document.openIDSignin.submit();
}
-function withGoogle() {
+function withGoogleOpenID() {
return 'https://www.google.com/accounts/o8/id';
}
@@ -104,25 +122,40 @@ function withGoogle() {
*/
function submitOAuth2Signin(w) {
parms = w();
- var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + domainname(window.location.hostname) + '; path=/';
- document.cookie = reset;
+ clearauthcookie();
localStorage.removeItem('/r/EditWidget/accounts');
localStorage.removeItem('/r/EditWidget/dashboards');
//localStorage.clear();
- document.oauth2Signin.mod_oauth2_authorize.value = parms[0];
- document.oauth2Signin.mod_oauth2_access_token.value = parms[1];
- document.oauth2Signin.mod_oauth2_client_id.value = parms[2];
- document.oauth2Signin.mod_oauth2_info.value = parms[3];
- document.oauth2Signin.mod_oauth2_display.value = parms[4];
- document.oauth2Signin.action = openauthReferrer();
+ document.oauth2Signin.oauth2_authorize.value = parms[0];
+ document.oauth2Signin.oauth2_access_token.value = parms[1];
+ document.oauth2Signin.oauth2_client_id.value = parms[2];
+ document.oauth2Signin.oauth2_info.value = parms[3];
+ document.oauth2Signin.oauth2_scope.value = parms[4];
+ document.oauth2Signin.oauth2_display.value = parms[5];
+ document.oauth2Signin.openauth_referrer.value = openauthReferrer();
+ document.oauth2Signin.action = '/oauth2/authorize/';
document.oauth2Signin.submit();
}
function withFacebook() {
- var parms = ['https://graph.facebook.com/oauth/authorize', 'https://graph.facebook.com/oauth/access_token', 'facebook.com', 'https://graph.facebook.com/me', ui.isMobile()? 'touch' : 'page'];
+ var parms = ['https://graph.facebook.com/oauth/authorize', 'https://graph.facebook.com/oauth/access_token', 'facebook.com', 'https://graph.facebook.com/me', 'email', ui.isMobile()? 'touch' : 'page'];
return parms;
}
+function withGoogleOAuth() {
+ var parms = ['https://accounts.google.com/o/oauth2/auth', 'https://accounts.google.com/o/oauth2/token', 'google.com', 'https://www.googleapis.com/oauth2/v1/userinfo', 'https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile', ''];
+ return parms;
+}
+
+/**
+ * Signin with a userid and password.
+ */
+function submitFormSignin() {
+ clearauthcookie();
+ document.formSignin.httpd_location.value = '/';
+ document.formSignin.submit();
+}
+
/**
* Handle orientation change.
*/
diff --git a/sca-cpp/trunk/hosting/server/htdocs/public/notauth/index.html b/sca-cpp/trunk/hosting/server/htdocs/public/notauth/index.html
index 21f70f8a65..0c0435d8a7 100644
--- a/sca-cpp/trunk/hosting/server/htdocs/public/notauth/index.html
+++ b/sca-cpp/trunk/hosting/server/htdocs/public/notauth/index.html
@@ -110,7 +110,7 @@ var cdiv = $('content');
function showmenu(mdiv) {
mdiv.innerHTML = ui.menubar(
mklist(ui.menu('Home', '/', '_view', false)),
- mklist(ui.signedin()? ui.menufunc('Sign out', 'logout();', false) : ui.menu('Sign in', '/login/', '_self', false)));
+ mklist(hasauthcookie()? ui.menufunc('Sign out', 'logout();', false) : ui.menu('Sign in', '/login/', '_self', false)));
}
showmenu(mdiv);
@@ -121,8 +121,7 @@ cdiv.style.top = ui.pixpos(mdiv.offsetTop + mdiv.offsetHeight);
*/
function logout() {
// Clear session cookie and user-specific local storage entries
- var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + domainname(window.location.hostname) + '; path=/';
- document.cookie = reset;
+ clearauthcookie();
localStorage.removeItem('/r/EditWidget/accounts');
localStorage.removeItem('/r/EditWidget/dashboards');
//localStorage.clear();
diff --git a/sca-cpp/trunk/hosting/server/htdocs/public/notfound/index.html b/sca-cpp/trunk/hosting/server/htdocs/public/notfound/index.html
index 839cc3395b..0b364b1753 100644
--- a/sca-cpp/trunk/hosting/server/htdocs/public/notfound/index.html
+++ b/sca-cpp/trunk/hosting/server/htdocs/public/notfound/index.html
@@ -111,7 +111,7 @@ var cdiv = $('content');
function showmenu(mdiv) {
mdiv.innerHTML = ui.menubar(
mklist(ui.menu('Home', '/', '_view', false)),
- mklist(ui.signedin()? ui.menufunc('Sign out', 'logout();', false) : ui.menu('Sign in', '/login/', '_self', false)));
+ mklist(hasauthcookie()? ui.menufunc('Sign out', 'logout();', false) : ui.menu('Sign in', '/login/', '_self', false)));
}
showmenu(mdiv);
@@ -122,8 +122,7 @@ cdiv.style.top = ui.pixpos(mdiv.offsetTop + mdiv.offsetHeight);
*/
function logout() {
// Clear session cookie and user-specific local storage entries
- var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + domainname(window.location.hostname) + '; path=/';
- document.cookie = reset;
+ clearauthcookie();
localStorage.removeItem('/r/EditWidget/accounts');
localStorage.removeItem('/r/EditWidget/dashboards');
//localStorage.clear();
diff --git a/sca-cpp/trunk/hosting/server/htdocs/public/notyet/index.html b/sca-cpp/trunk/hosting/server/htdocs/public/notyet/index.html
index c014c7266e..11d25eedef 100644
--- a/sca-cpp/trunk/hosting/server/htdocs/public/notyet/index.html
+++ b/sca-cpp/trunk/hosting/server/htdocs/public/notyet/index.html
@@ -111,7 +111,7 @@ var cdiv = $('content');
function showmenu(mdiv) {
mdiv.innerHTML = ui.menubar(
mklist(ui.menu('Home', '/', '_view', false)),
- mklist(ui.signedin()? ui.menufunc('Sign out', 'logout();', false) : ui.menu('Sign in', '/login/', '_self', false)));
+ mklist(hasauthcookie()? ui.menufunc('Sign out', 'logout();', false) : ui.menu('Sign in', '/login/', '_self', false)));
}
showmenu(mdiv);
@@ -122,8 +122,7 @@ cdiv.style.top = ui.pixpos(mdiv.offsetTop + mdiv.offsetHeight);
*/
function logout() {
// Clear session cookie and user-specific local storage entries
- var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + domainname(window.location.hostname) + '; path=/';
- document.cookie = reset;
+ clearauthcookie();
localStorage.removeItem('/r/EditWidget/accounts');
localStorage.removeItem('/r/EditWidget/dashboards');
//localStorage.clear();
diff --git a/sca-cpp/trunk/hosting/server/htdocs/public/oops/index.html b/sca-cpp/trunk/hosting/server/htdocs/public/oops/index.html
index 2ef7754919..8d27c498d2 100644
--- a/sca-cpp/trunk/hosting/server/htdocs/public/oops/index.html
+++ b/sca-cpp/trunk/hosting/server/htdocs/public/oops/index.html
@@ -110,7 +110,7 @@ var cdiv = $('content');
function showmenu(mdiv) {
mdiv.innerHTML = ui.menubar(
mklist(ui.menu('Home', '/', '_view', false)),
- mklist(ui.signedin()? ui.menufunc('Sign out', 'logout();', false) : ui.menu('Sign in', '/login/', '_self', false)));
+ mklist(hasauthcookie()? ui.menufunc('Sign out', 'logout();', false) : ui.menu('Sign in', '/login/', '_self', false)));
}
showmenu(mdiv);
@@ -121,8 +121,7 @@ cdiv.style.top = ui.pixpos(mdiv.offsetTop + mdiv.offsetHeight);
*/
function logout() {
// Clear session cookie and user-specific local storage entries
- var reset = 'TuscanyOpenAuth=; expires=' + new Date(1970,01,01).toGMTString() + '; domain=.' + domainname(window.location.hostname) + '; path=/';
- document.cookie = reset;
+ clearauthcookie();
localStorage.removeItem('/r/EditWidget/accounts');
localStorage.removeItem('/r/EditWidget/dashboards');
//localStorage.clear();
diff --git a/sca-cpp/trunk/hosting/server/ssl-start b/sca-cpp/trunk/hosting/server/ssl-start
index 4689566176..49d2b424b9 100755
--- a/sca-cpp/trunk/hosting/server/ssl-start
+++ b/sca-cpp/trunk/hosting/server/ssl-start
@@ -17,15 +17,15 @@
# specific language governing permissions and limitations
# under the License.
-# For this module to work, add the example.com domain to your /etc/hosts as follows:
-# 127.0.0.1 example.com
+# For this module to work, add the www.example.com domain to your /etc/hosts as follows:
+# 127.0.0.1 www.example.com
here=`echo "import os; print os.path.realpath('$0')" | python`; here=`dirname $here`
jsprefix=`echo "import os; print os.path.realpath('$here/../../modules/js')" | python`
# Create SSL certificates
-../../modules/http/ssl-ca-conf tmp example.com
-../../modules/http/ssl-cert-conf tmp example.com server
+../../modules/http/ssl-ca-conf tmp www.example.com
+../../modules/http/ssl-cert-conf tmp www.example.com server
# Configure and start logging
if [ -x ../../components/log/scribe-cat ]; then
@@ -40,31 +40,32 @@ fi
../../components/cache/memcached-start tmp 11212
# Configure server
-../../modules/http/httpd-conf tmp example.com 8090 htdocs
+../../modules/http/httpd-conf tmp www.example.com 8090 htdocs
../../modules/http/httpd-event-conf tmp
../../modules/http/httpd-ssl-conf tmp 8453
-# Configure password authentication
-#../../modules/http/open-auth-conf tmp
-#../../modules/http/passwd-auth-conf tmp john john
-#../../modules/http/passwd-auth-conf tmp jane jane
-#../../modules/http/passwd-auth-conf tmp admin admin
+# Configure OpenID step2 authentication
+../../modules/openid/openid-conf tmp
+../../modules/openid/openid-step2-conf tmp
+../../modules/openid/openid-memcached-conf tmp localhost 11212
# Configure OAuth authentication
# Configure your OAuth app keys here
../../modules/oauth/oauth-conf tmp
../../modules/oauth/oauth-memcached-conf tmp localhost 11212
../../modules/oauth/oauth2-appkey-conf tmp facebook.com 12345 67890
+../../modules/oauth/oauth2-appkey-conf tmp google.com 12345 67890
-# Configure OpenID step2 authentication
-../../modules/openid/openid-conf tmp
-../../modules/openid/openid-step2-conf tmp
-../../modules/openid/openid-memcached-conf tmp localhost 11212
+# Configure password authentication
+../../modules/http/open-auth-conf tmp
+../../modules/http/passwd-auth-conf tmp john john
+../../modules/http/passwd-auth-conf tmp jane jane
+../../modules/http/passwd-auth-conf tmp admin admin
# Configure authorized users
-#../../modules/http/group-auth-conf tmp john
-#../../modules/http/group-auth-conf tmp jane
-#../../modules/http/group-auth-conf tmp admin
+../../modules/http/group-auth-conf tmp john
+../../modules/http/group-auth-conf tmp jane
+../../modules/http/group-auth-conf tmp admin
# Configure the email addresses associated with your OpenID and OAuth ids here
../../modules/http/group-auth-conf tmp john@example.com
../../modules/http/group-auth-conf tmp jane@example.com
@@ -91,11 +92,11 @@ CustomLog "|$here/../../components/log/scribe-cat server" sslcombined
EOF
- cat >tmp/conf/mod-security-log.conf <<EOF
+# cat >tmp/conf/mod-security-log.conf <<EOF
# Generated by: ssl-start $*
-SecAuditLog "|$here/../../components/log/scribe-cat secaudit"
-
-EOF
+#SecAuditLog "|$here/../../components/log/scribe-cat secaudit"
+#
+#EOF
else
cat >tmp/conf/log.conf <<EOF
@@ -111,11 +112,11 @@ CustomLog $here/tmp/logs/ssl_access_log sslcombined
EOF
- cat >tmp/conf/mod-security-log.conf <<EOF
+# cat >tmp/conf/mod-security-log.conf <<EOF
# Generated by: ssl-start $*
-SecAuditLog $here/tmp/logs/secaudit_log secaudit
-
-EOF
+#SecAuditLog $here/tmp/logs/secaudit_log
+#
+#EOF
fi
@@ -180,5 +181,6 @@ AliasMatch /v/([^/]+)(.*)$ $here/htdocs/app\$2
EOF
# Start server
+#../../modules/http/httpd-loglevel-conf tmp debug
../../modules/http/httpd-start tmp