";
+
+ logger.debug("sending:");
+ logger.debug(retString);
+ return new StringRepresentation(retString,MediaType.TEXT_HTML);
+ }
+
+
@Get("json")
- public Representation doGetHTML(Representation entity){
+ public Representation doGetJSON(Representation entity){
doOptions(entity);
Form form = getRequest().getResourceRef().getQueryAsForm();
@@ -95,7 +155,12 @@
userObject.put("id",annot.creator);
RestServer restServer = (RestServer) getApplication();
- String userName=restServer.getUserNameFromLdap(annot.creator);
+
+ String userID= annot.creator;
+ if (userID.startsWith(NS.MPIWG_PERSONS)){
+ userID=userID.replace(NS.MPIWG_PERSONS, ""); //entferne NAMESPACE
+ }
+ String userName=restServer.getUserNameFromLdap(userID);
userObject.put("name",userName);
jo.put("user",userObject);
@@ -302,6 +367,19 @@
}
}
+
+ /**
+ *
+ * @param entity should contain a form with the parameters "username", "password", "xpointer","text","uri","type"
+ *
+ * username,password is optional, if not given BasicAuthentification is used.
+ *
+ *
+ *
+ * If username given as a URI, the username will be transformed to an URI, username will be added to the MPIWG namespace defined in de.mpiwg.itgroup.annotationManager.Constants.NS
+ *
+ * @return
+ */
protected Convert.Annotation handleForm(Representation entity) {
Convert.Annotation annot;
Form form = new Form(entity);
@@ -338,6 +416,10 @@
username = authUser.getIdentifier();
}
+ //username should be a URI, if not it will set to the MPIWG namespace defined in de.mpiwg.itgroup.annotationManager.Constants.NS
+ if (!username.startsWith("http"))
+ username=NS.MPIWG_PERSONS+username;
+
annot = new Convert.Annotation(xpointer, username, null, text,
type, url);
return annot;
@@ -370,6 +452,8 @@
* be used.
* @param authUser
* user object
+ * The username will be transformed to an URI if not given already as URI, if not it will set to the MPIWG namespace defined in de.mpiwg.itgroup.annotationManager.Constants.NS
+
* @return
* @throws JSONException
*/
@@ -396,6 +480,10 @@
if (username == null)
username = authUser.getIdentifier();
+ //username should be a URI, if not it will set to the MPIWG namespace defined in de.mpiwg.itgroup.annotationManager.Constants.NS
+ if (!username.startsWith("http"))
+ username=NS.MPIWG_PERSONS+username;
+
return new Convert.Annotation(xpointer, username, null, text, type, url);
}
@@ -410,7 +498,7 @@
* basic
* authentification
* is used.
- *
+ * The username will be transformed to an URI if not given already as URI, if not it will set to the MPIWG namespace defined in de.mpiwg.itgroup.annotationManager.Constants.NS
* @param jo
* @param authUser
* @return
@@ -476,6 +564,11 @@
} else {
xpointer = url;
}
+
+ //username should be a URI, if not it will set to the MPIWG namespace defined in de.mpiwg.itgroup.annotationManager.Constants.NS
+ if (!username.startsWith("http"))
+ username=NS.MPIWG_PERSONS+username;
+
return new Convert.Annotation(xpointer, username, null, text, null);
}
diff -r f2f41d0dedf5 -r 6888ae3287b8 src/de/mpiwg/itgroup/annotationManager/restlet/RestServer.java
--- a/src/de/mpiwg/itgroup/annotationManager/restlet/RestServer.java Wed Nov 23 15:26:33 2011 +0100
+++ b/src/de/mpiwg/itgroup/annotationManager/restlet/RestServer.java Thu Nov 24 11:39:12 2011 +0100
@@ -32,6 +32,7 @@
import org.restlet.data.ChallengeScheme;
import org.restlet.data.ClientInfo;
+import org.restlet.engine.component.ChildContext;
import org.restlet.ext.jaas.JaasVerifier;
import org.restlet.routing.Router;
import org.restlet.routing.Template;
@@ -62,10 +63,6 @@
ChallengeScheme challengeScheme = ChallengeScheme.HTTP_BASIC;
String realm = "Annotation Service";
- // MapVerifier isn't very secure; see docs for alternatives
- //MapVerifier verifier = new MapVerifier();
- //verifier.getLocalSecrets().put("user", "password".toCharArray());
-
JaasVerifier verifier = new JaasVerifier("BasicJaasAuthenticationApplication");
@@ -90,11 +87,21 @@
return auth;
}
+ /**
+ * Konfiguration fŸr den Authentificator in Jaas. Pfad zum JAAS-Konfigurationsfile liegt im Context-Parameter
+ * "de.mpiwg.itgroup.annotationManager.jaas.configFilePath".
+ * @return
+ */
protected Configuration createConfiguration() {
Configuration jaasConfig;
URI confUri;
+
+ Context context = getContext();
+ String configFilePath = context.getParameters().getFirstValue("de.mpiwg.itgroup.annotationManager.jaas.configFilePath");
+
+
try {
- confUri = new URI("file:///etc/jaasAuth.conf"); //TODO shoould be configurable
+ confUri = new URI(configFilePath);
} catch (URISyntaxException e) {
e.printStackTrace();
confUri = null;
@@ -131,7 +138,13 @@
}
- public boolean authenticate(Request request, Response response) {
+ /**
+ * Authentifiziere den Benutzer aus dem Request (BasicAuthenfication)
+ * @param request
+ * @param response
+ * @return
+ */
+ public boolean authenticate(Request request, Response response) {
if (!request.getClientInfo().isAuthenticated()) {
authenticator.challenge(response, false);
return false;
@@ -142,9 +155,19 @@
authenticator.challenge(response, false);
return false;
}
+
+
return true;
}
+ /**
+ * Authentifiziere den Benutzer
+ *
+ * @param username
+ * @param password
+ * @param request
+ * @return
+ */
public boolean authenticate(String username, String password,Request request) {
LoginContext lc;
@@ -169,6 +192,11 @@
return true;
}
+ /**
+ * Hole den vollen Benutzernamen aus dem LDAP
+ * @param creator
+ * @return
+ */
public String getUserNameFromLdap(String creator) {
String retString=creator; // falls nichts gefunden wird einfach den creator zurueckgeben
Hashtable env = new Hashtable();