Uploaded image for project: 'atlassian-seraph'
  1. atlassian-seraph
  2. SER-135

Give LoginUrlStrategy access to the current HttpServletRequest

XMLWordPrintable

    • Icon: Improvement Improvement
    • Resolution: Unresolved
    • Icon: Medium Medium
    • None
    • 0.38.3
    • None
    • true

      LoginUrlStrategy is a good idea, but implementations are limited to evaluating the SecurityConfig. If implementations had access to the HttpServletRequest, a wider range of strategies could be implemented.

      For this particular usecase (probably handled/addressed with Crowd) we need Jira/Confluence to allow logins via our institutions' single sign on (Siteminder) and the local Jira database. Allowing LoginUrlStrategy access to the HttpServletRequest gives us the ability to redirect users to the correct login/logout links, and allows access to two different login servlets (the SecurityFilter grants access to the login servlet if the requested URL matches the login url).

      Patch attached, unit tests pass.

        1. LoginStrategy.patch
          19 kB
        2. SiteminderLoginUrlStrategy.java
          3 kB
        3. SiteminderLoginUrlStrategy.java
          4 kB
        4. seraph-config.xml
          2 kB
        5. SiteminderLoginUrlStrategyTest.java
          4 kB

            [SER-135] Give LoginUrlStrategy access to the current HttpServletRequest

            Elliot Metsger added a comment -

            No love yet for this guy???

            Just a nudge, we are upgrading to Confluence 5.7.4 (which uses Seraph 3.0.1) and we still desire this modification to the LoginUrlStrategy interface.

            Elliot Metsger added a comment - No love yet for this guy??? Just a nudge, we are upgrading to Confluence 5.7.4 (which uses Seraph 3.0.1) and we still desire this modification to the LoginUrlStrategy interface.
            Elliot Metsger made changes -
            Attachment New: SiteminderLoginUrlStrategyTest.java [ 31975 ]

            Elliot Metsger added a comment -

            Attaching SiteminderLoginUrlStrategy unit tests

            Elliot Metsger added a comment - Attaching SiteminderLoginUrlStrategy unit tests
            Elliot Metsger made changes -
            Attachment Original: AtlassianSiteminderUtilsTest.java [ 31974 ]
            Elliot Metsger made changes -
            Attachment New: AtlassianSiteminderUtilsTest.java [ 31974 ]

            Elliot Metsger added a comment -

            Unit tests for SiteminderLoginUrlStrategy

            Elliot Metsger added a comment - Unit tests for SiteminderLoginUrlStrategy
            Elliot Metsger made changes -
            Attachment New: SiteminderLoginUrlStrategy.java [ 31972 ]
            Attachment New: seraph-config.xml [ 31973 ]

            Elliot Metsger added a comment -

            Attaching an updated SiteminderLoginUrlStrategy.java that uses the init parameters to get the login urls. Attaching an example Seraph config with the custom <login-url-strategy>.

            Elliot Metsger added a comment - Attaching an updated SiteminderLoginUrlStrategy.java that uses the init parameters to get the login urls. Attaching an example Seraph config with the custom <login-url-strategy>.
            Elliot Metsger made changes -
            Attachment New: SiteminderLoginUrlStrategy.java [ 31532 ]

            Elliot Metsger added a comment -

            Here is an example of how we're using the modified LoginUrlStrategy (attached as SiteminderLoginUrlStrategy)

            Elliot Metsger added a comment - Here is an example of how we're using the modified LoginUrlStrategy (attached as SiteminderLoginUrlStrategy)

              Unassigned Unassigned
              f17c49c9bf6b Elliot Metsger
              Votes:
              1 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                10 years, 4 weeks, 1 day ago