Integrace s google apps- přihlašování účtem google.

2014-08-26 12:44:05 +02:00
parent d886e1e4f4
commit 17deee8b21
9 changed files with 156 additions and 9 deletions
@@ -0,0 +1 @@
+gmail.restrictDomain=
@@ -272,6 +272,7 @@ Login=Přihlásit
 Loggingin=Přihlášení
 Logout=Odhlásit
 WrongNameOrPassword=Špatné jméno nebo heslo
+LoginViaGoogle=Přihlásit účtem Google


 DateFormat=dd. MM. yyyy
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:security="http://www.springframework.org/schema/security"
+	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
+
+	<bean id="gmailUserService" class="info.bukova.isspst.services.users.GmailUserService">
+		<constructor-arg ref="userService"/>
+		<constructor-arg ref="roleService"/>
+		<property name="restrictDomain" value="${gmail.restrictDomain}"/>
+	</bean>
+
+</beans>
@@ -19,12 +19,8 @@
 	</bean>
 	
 	<bean id="authenticator" class="org.springframework.security.ldap.authentication.BindAuthenticator">
-	            <constructor-arg ref="contextSource"/>
-	            <property name="userDnPatterns">
-	                <list>
-	                    <value>${ldap.userDNPattern}</value>
-	                </list>
-	            </property>
+		<constructor-arg ref="contextSource"/>
+		<property name="userDnPatterns" value="#{'${ldap.userDNPattern}'.split(';')}"/>
 	</bean>

 	<bean id="populator" class="info.bukova.isspst.security.AuthPopulator">
@@ -27,6 +27,7 @@
 				<value>/WEB-INF/jdbc.properties</value>
 				<value>/WEB-INF/ldap.properties</value>
 				<value>/WEB-INF/mail.properties</value>
+				<value>/WEB-INF/gmail.properties</value>
 			</list>
 		</property>
 	</bean>
@@ -36,7 +37,10 @@
        class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close"
        p:driverClassName="${jdbc.driverClassName}"
        p:url="${jdbc.databaseurl}" p:username="${jdbc.username}"
-        p:password="${jdbc.password}"></bean>
+        p:password="${jdbc.password}">
+        	<property name="validationQuery" value="SELECT 1"/>
+        	<property name="testOnBorrow" value="true"/>
+        </bean>
        
 	<bean id="sessionFactory"
        class="org.springframework.orm.hibernate4.LocalSessionFactoryBean">
@@ -81,16 +85,28 @@
 		<security:intercept-url pattern="/admin/permissions/**" access="hasRole('PERM_READ_PERMISSIONS')"/>
 		<security:intercept-url pattern="/admin/addressbook/**" access="hasRole('PERM_READ_ADDRESSBOOK')"/>
 		<security:intercept-url pattern="/munits/**" access="hasRole('PERM_READ_MUNITS')"/>
-		<security:form-login login-page="/login.zhtml"
+		<security:form-login login-page="/login-gmail.zhtml"
 			authentication-failure-handler-ref="loginFail"
 			authentication-success-handler-ref="loginSuccess"/>
 		<security:http-basic/>
+		
+		<security:openid-login authentication-failure-handler-ref="loginFail"
+			authentication-success-handler-ref="loginSuccess" 
+			user-service-ref="gmailUserService">
+			<security:attribute-exchange identifier-match="https://www.google.com/.*">
+                <security:openid-attribute name="email" type="http://schema.openid.net/contact/email" required="true" />
+                <security:openid-attribute name="firstName" type="http://axschema.org/namePerson/first" required="true" />
+                <security:openid-attribute name="lastName" type="http://axschema.org/namePerson/last" required="true" />
+            </security:attribute-exchange>
+		</security:openid-login>
+		
 		<security:logout invalidate-session="true"/>
 	</security:http>

 	<import resource="database-auth.xml"/>
+	<import resource="gmail-auth.xml"/>
 	<!-- <import resource="ldap-auth.xml"/> --> 
-	
+		
 	<import resource="mail-services.xml"/>

 	<bean class="org.springframework.beans.factory.config.MethodInvokingFactoryBean">