diff --git a/jetty-jaspi/src/main/java/org/eclipse/jetty/security/jaspi/modules/FormAuthModule.java b/jetty-jaspi/src/main/java/org/eclipse/jetty/security/jaspi/modules/FormAuthModule.java index 9215eddaf00..cc87cedff8e 100644 --- a/jetty-jaspi/src/main/java/org/eclipse/jetty/security/jaspi/modules/FormAuthModule.java +++ b/jetty-jaspi/src/main/java/org/eclipse/jetty/security/jaspi/modules/FormAuthModule.java @@ -33,7 +33,6 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; -import org.eclipse.jetty.security.CrossContextPsuedoSession; import org.eclipse.jetty.security.authentication.DeferredAuthentication; import org.eclipse.jetty.security.authentication.LoginCallbackImpl; import org.eclipse.jetty.security.authentication.SessionAuthentication; @@ -79,7 +78,6 @@ public class FormAuthModule extends BaseAuthModule private String _formLoginPath; - private CrossContextPsuedoSession ssoSource; public FormAuthModule() { @@ -92,17 +90,6 @@ public class FormAuthModule extends BaseAuthModule setErrorPage(errorPage); } - /** - * @deprecated - */ - public FormAuthModule(CallbackHandler callbackHandler, CrossContextPsuedoSession ssoSource, - String loginPage, String errorPage) - { - super(callbackHandler); - this.ssoSource = ssoSource; - setLoginPage(loginPage); - setErrorPage(errorPage); - } @Override public void initialize(MessagePolicy requestPolicy, MessagePolicy responsePolicy, @@ -112,7 +99,6 @@ public class FormAuthModule extends BaseAuthModule super.initialize(requestPolicy, responsePolicy, handler, options); setLoginPage((String) options.get(LOGIN_PAGE_KEY)); setErrorPage((String) options.get(ERROR_PAGE_KEY)); - ssoSource = (CrossContextPsuedoSession) options.get(SSO_SOURCE_KEY); } private void setLoginPage(String path) @@ -231,17 +217,7 @@ public class FormAuthModule extends BaseAuthModule return AuthStatus.SUCCESS; } - else if (ssoSource != null) - { - UserInfo userInfo = ssoSource.fetch(request); - if (userInfo != null) - { - boolean success = tryLogin(messageInfo, clientSubject, response, session, userInfo.getUserName(), new Password(new String(userInfo.getPassword()))); - if (success) { return AuthStatus.SUCCESS; } - } - } - // if we can't send challenge if (DeferredAuthentication.isDeferred(response)) @@ -310,12 +286,6 @@ public class FormAuthModule extends BaseAuthModule } } - // Sign-on to SSO mechanism - if (ssoSource != null) - { - UserInfo userInfo = new UserInfo(username, pwdChars); - ssoSource.store(userInfo, response); - } return true; } return false; diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/CrossContextPsuedoSession.java b/jetty-security/src/main/java/org/eclipse/jetty/security/CrossContextPsuedoSession.java deleted file mode 100644 index a67eb96d6fc..00000000000 --- a/jetty-security/src/main/java/org/eclipse/jetty/security/CrossContextPsuedoSession.java +++ /dev/null @@ -1,37 +0,0 @@ -// -// ======================================================================== -// Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd. -// ------------------------------------------------------------------------ -// All rights reserved. This program and the accompanying materials -// are made available under the terms of the Eclipse Public License v1.0 -// and Apache License v2.0 which accompanies this distribution. -// -// The Eclipse Public License is available at -// http://www.eclipse.org/legal/epl-v10.html -// -// The Apache License v2.0 is available at -// http://www.opensource.org/licenses/apache2.0.php -// -// You may elect to redistribute this code under either of these licenses. -// ======================================================================== -// - -package org.eclipse.jetty.security; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -/** - * @version $Rev: 4466 $ $Date: 2009-02-10 23:42:54 +0100 (Tue, 10 Feb 2009) $ - * @deprecated - */ -public interface CrossContextPsuedoSession -{ - - T fetch(HttpServletRequest request); - - void store(T data, HttpServletResponse response); - - void clear(HttpServletRequest request); - -} diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/HashCrossContextPsuedoSession.java b/jetty-security/src/main/java/org/eclipse/jetty/security/HashCrossContextPsuedoSession.java deleted file mode 100644 index 2f94908acb3..00000000000 --- a/jetty-security/src/main/java/org/eclipse/jetty/security/HashCrossContextPsuedoSession.java +++ /dev/null @@ -1,100 +0,0 @@ -// -// ======================================================================== -// Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd. -// ------------------------------------------------------------------------ -// All rights reserved. This program and the accompanying materials -// are made available under the terms of the Eclipse Public License v1.0 -// and Apache License v2.0 which accompanies this distribution. -// -// The Eclipse Public License is available at -// http://www.eclipse.org/legal/epl-v10.html -// -// The Apache License v2.0 is available at -// http://www.opensource.org/licenses/apache2.0.php -// -// You may elect to redistribute this code under either of these licenses. -// ======================================================================== -// - -package org.eclipse.jetty.security; - -import java.security.SecureRandom; -import java.util.HashMap; -import java.util.Map; -import java.util.Random; - -import javax.servlet.http.Cookie; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -/** - * @version $Rev: 4660 $ $Date: 2009-02-25 17:29:53 +0100 (Wed, 25 Feb 2009) $ - * @deprecated - */ -public class HashCrossContextPsuedoSession implements CrossContextPsuedoSession -{ - private final String _cookieName; - - private final String _cookiePath; - - private final Random _random = new SecureRandom(); - - private final Map _data = new HashMap(); - - public HashCrossContextPsuedoSession(String cookieName, String cookiePath) - { - this._cookieName = cookieName; - this._cookiePath = cookiePath == null ? "/" : cookiePath; - } - - public T fetch(HttpServletRequest request) - { - Cookie[] cookies = request.getCookies(); - if (cookies == null) - return null; - - for (Cookie cookie : cookies) - { - if (_cookieName.equals(cookie.getName())) - { - String key = cookie.getValue(); - return _data.get(key); - } - } - return null; - } - - public void store(T datum, HttpServletResponse response) - { - String key; - - synchronized (_data) - { - // Create new ID - while (true) - { - key = Long.toString(Math.abs(_random.nextLong()), 30 + (int) (System.currentTimeMillis() % 7)); - if (!_data.containsKey(key)) break; - } - - _data.put(key, datum); - } - - Cookie cookie = new Cookie(_cookieName, key); - cookie.setPath(_cookiePath); - response.addCookie(cookie); - } - - public void clear(HttpServletRequest request) - { - for (Cookie cookie : request.getCookies()) - { - if (_cookieName.equals(cookie.getName())) - { - String key = cookie.getValue(); - _data.remove(key); - break; - } - } - } -}