Added special message for AUTH users

diff --git a/jboss/conf/gss.properties b/jboss/conf/gss.properties
index b0f387e..c62c750 100644 (file)
--- a/jboss/conf/gss.properties
+++ b/jboss/conf/gss.properties
@@ -42,3 +42,5 @@ baseDn=ou=people\,dc=ebs\,dc=gr
 objectClass=eduPerson, inetOrgPerson, mailRecipient, organizationalPerson, person
 # An introductory text for the coupon code page.
 couponsIntro=You may upgrade the quota for your account by entering the coupon code you received in the field below and clicking 'submit'. Please make sure that your account information displayed below is correct. Unauthorized use of coupons by other users is not permitted.
+authAnnouncement=Οι χρήστες ηλεκτρονικών υπηρεσιών του Αριστοτελείου Πανεπιστημίου Θεσσαλονίκης έχουν πρόσβαση με τον ιδρυματικό λογαριασμό <http://noc.auth.gr/services/personal/accounts/> τους σε επιπλέον προσωπικό αποθηκευτικό χώρο <http://noc.auth.gr/services/personal/personalStorage/> στο ΑΠΘ με χρήση των πρωτοκόλλων SMB/CIFS (λογισμικό Samba) και FTP. Περισσότερες πληροφορίες είναι διαθέσιμες και στον ιστοχώρο του Κέντρου Λειτουργίας Δικτύου ΑΠΘ (http://noc.auth.gr)
+authgr=auth.gr
\ No newline at end of file

diff --git a/src/gr/ebs/gss/server/Login.java b/src/gr/ebs/gss/server/Login.java
index e94ecc4..8d77930 100644 (file)
--- a/src/gr/ebs/gss/server/Login.java
+++ b/src/gr/ebs/gss/server/Login.java
@@ -92,7 +92,7 @@ public class Login extends BaseServlet {
                String[] attrs = new String[] {"REMOTE_USER", "HTTP_SHIB_INETORGPERSON_DISPLAYNAME",
                                        "HTTP_SHIB_INETORGPERSON_GIVENNAME", "HTTP_SHIB_PERSON_COMMONNAME",
                                        "HTTP_SHIB_PERSON_SURNAME", "HTTP_SHIB_INETORGPERSON_MAIL",
-                                       "HTTP_SHIB_EP_UNSCOPEDAFFILIATION", "HTTP_PERSISTENT_ID"};
+                                       "HTTP_SHIB_EP_UNSCOPEDAFFILIATION", "HTTP_PERSISTENT_ID", "HTTP_SHIB_HOMEORGANIZATION"};
                StringBuilder buf = new StringBuilder("Shibboleth Attributes\n");
                for (String attr: attrs)
                        buf.append(attr+": ").append(request.getAttribute(attr)).append('\n');
@@ -113,6 +113,7 @@ public class Login extends BaseServlet {
                Object snAttr = request.getAttribute("HTTP_SHIB_PERSON_SURNAME"); // Multi-valued
                Object mailAttr = request.getAttribute("HTTP_SHIB_INETORGPERSON_MAIL"); // Multi-valued
                Object persistentIdAttr = request.getAttribute("HTTP_PERSISTENT_ID");
+        Object homeOrganizationAttr = request.getAttribute("HTTP_SHIB_HOMEORGANIZATION");
                // Use a configured test username if found, as a shortcut for development deployments.
                String gwtServer = null;
                if (getConfiguration().getString("testUsername") != null) {
@@ -127,6 +128,7 @@ public class Login extends BaseServlet {
                        authErrorUrl += "&sn=" + (snAttr==null? "-": snAttr.toString());
                        authErrorUrl += "&cn=" + (cnAttr==null? "-": cnAttr.toString());
                        authErrorUrl += "&mail=" + (mailAttr==null? "-": mailAttr.toString());
+            authErrorUrl += "&homeOrg=" + (homeOrganizationAttr == null ? "-" : homeOrganizationAttr.toString());
                        response.sendRedirect(authErrorUrl);
                        return;
                }
@@ -165,10 +167,11 @@ public class Login extends BaseServlet {
                                idpid = persistentId.substring(bang + 1);
                        }
                }
+        String homeOrganization = homeOrganizationAttr != null ? decodeAttribute(homeOrganizationAttr.toString()) : "";
                try {
                        user = getService().findUser(username);
                        if (user == null)
-                               user = getService().createUser(username, name, mail, idp, idpid);
+                               user = getService().createUser(username, name, mail, idp, idpid, homeOrganization);
                        if (!user.isActive()) {
                                logger.info("Disabled user " + username + " tried to login.");
                                response.sendError(HttpServletResponse.SC_FORBIDDEN, "This account is disabled");
@@ -185,6 +188,7 @@ public class Login extends BaseServlet {
                        user.setEmail(mail);
                        user.setIdentityProvider(idp);
                        user.setIdentityProviderId(idpid);
+            user.setHomeOrganization(homeOrganization);
                        
                        UserLogin userLogin = new UserLogin();
                        userLogin.setLoginDate(new Date());

diff --git a/src/gr/ebs/gss/server/Registration.java b/src/gr/ebs/gss/server/Registration.java
index 75d58a2..1c7135e 100644 (file)
--- a/src/gr/ebs/gss/server/Registration.java
+++ b/src/gr/ebs/gss/server/Registration.java
@@ -196,7 +196,7 @@ public class Registration extends BaseServlet {
                        final User userDto = new TransactionHelper<User>().tryExecute(new Callable<User>() {
                                @Override
                                public User call() throws Exception {
-                                       return getService().createUser(username, firstname + " " + lastname, email, "", "");
+                                       return getService().createUser(username, firstname + " " + lastname, email, "", "", "");
                                }
 
                        });

diff --git a/src/gr/ebs/gss/server/domain/User.java b/src/gr/ebs/gss/server/domain/User.java
index 8585d40..69f0326 100644 (file)
--- a/src/gr/ebs/gss/server/domain/User.java
+++ b/src/gr/ebs/gss/server/domain/User.java
@@ -203,6 +203,11 @@ public class User implements Serializable {
         */
        private String webDAVPassword;
 
+    /**
+     * The HTTP_SHIB_HOMEORGANIZATION schiboleth attribute that is not used to determine the AUTH users
+     */
+    private String homeOrganization;
+
        /**
         * Retrieve the firstname.
         *
@@ -643,4 +648,11 @@ public class User implements Serializable {
                webDAVPassword = sb.toString();
        }
 
+    public String getHomeOrganization() {
+        return homeOrganization;
+    }
+
+    public void setHomeOrganization(String homeOrganization) {
+        this.homeOrganization = homeOrganization;
+    }
 }

diff --git a/src/gr/ebs/gss/server/ejb/ExternalAPI.java b/src/gr/ebs/gss/server/ejb/ExternalAPI.java
index 9d0241c..99bbbc3 100644 (file)
--- a/src/gr/ebs/gss/server/ejb/ExternalAPI.java
+++ b/src/gr/ebs/gss/server/ejb/ExternalAPI.java
@@ -788,7 +788,7 @@ public interface ExternalAPI {
         * @throws DuplicateNameException if a user with the same username already exists
         * @throws ObjectNotFoundException if no username was provided
         */
-       public User createUser(String username, String name, String mail, String idp, String idpid)
+       public User createUser(String username, String name, String mail, String idp, String idpid, String homeOrg)
                        throws DuplicateNameException, ObjectNotFoundException;
 
        /**

diff --git a/src/gr/ebs/gss/server/ejb/ExternalAPIBean.java b/src/gr/ebs/gss/server/ejb/ExternalAPIBean.java
index b77e6eb..cc65ee5 100644 (file)
--- a/src/gr/ebs/gss/server/ejb/ExternalAPIBean.java
+++ b/src/gr/ebs/gss/server/ejb/ExternalAPIBean.java
@@ -1396,7 +1396,7 @@ public class ExternalAPIBean implements ExternalAPI, ExternalAPIRemote {
 
        @Override
        public User createUser(String username, String name, String mail,
-                               String idp, String idpid) throws ObjectNotFoundException {
+                               String idp, String idpid, String homeOrg) throws ObjectNotFoundException {
                if (username == null)
                        throw new ObjectNotFoundException("No username specified");
                if (name == null)
@@ -1417,6 +1417,7 @@ public class ExternalAPIBean implements ExternalAPI, ExternalAPIRemote {
                user.generateAuthToken();
                user.generateWebDAVPassword();
                user.setUserClass(getDefaultUserClass());
+        user.setHomeOrganization(homeOrg);
                dao.create(user);
                // Make sure we get an ID in the user object.
                dao.flush();

diff --git a/src/gr/ebs/gss/server/ejb/ExternalAPIRemote.java b/src/gr/ebs/gss/server/ejb/ExternalAPIRemote.java
index 9dfe156..96fac30 100644 (file)
--- a/src/gr/ebs/gss/server/ejb/ExternalAPIRemote.java
+++ b/src/gr/ebs/gss/server/ejb/ExternalAPIRemote.java
@@ -570,7 +570,7 @@ public interface ExternalAPIRemote {
         * @throws ObjectNotFoundException if no username was provided
         */
        public User createUser(String username, String name, String mail,
-                               String idp, String idpid) throws DuplicateNameException,
+                               String idp, String idpid, String homeOrg) throws DuplicateNameException,
                                ObjectNotFoundException;
 
        /**

diff --git a/src/gr/ebs/gss/server/rest/UserHandler.java b/src/gr/ebs/gss/server/rest/UserHandler.java
index 55aca29..de8c52d 100644 (file)
--- a/src/gr/ebs/gss/server/rest/UserHandler.java
+++ b/src/gr/ebs/gss/server/rest/UserHandler.java
@@ -91,7 +91,10 @@ public class UserHandler extends RequestHandler {
                                        put("groups", parentUrl + PATH_GROUPS).put("trash", parentUrl + PATH_TRASH).
                                        put("shared", parentUrl + PATH_SHARED).put("others", parentUrl + PATH_OTHERS).
                                        put("quota", statistics).put("tags", parentUrl + PATH_TAGS);
-                       String announcement = getConfiguration().getString("announcement");
+                       String announcement = getConfiguration().getString("announcement", "");
+            String authgr = getConfiguration().getString("authgr", "auth.gr");
+            if (authgr.equals(user.getHomeOrganization()))
+                announcement += getConfiguration().getString("authAnnouncement", "");
                        if (announcement != null && !announcement.isEmpty())
                                json.put("announcement", announcement);
                        List<UserLogin> userLogins = getService().getLastUserLogins(owner.getId());                     

diff --git a/war/authenticationError.jsp b/war/authenticationError.jsp
index 45edcae..8ad86a4 100644 (file)
--- a/war/authenticationError.jsp
+++ b/war/authenticationError.jsp
@@ -47,6 +47,7 @@ along with GSS.  If not, see <http://www.gnu.org/licenses/>.
 <P>sn (person): <%= request.getParameter("sn") %><BR>
 <P>cn (person): <%= request.getParameter("cn") %><BR>
 <P>mail (inetOrgPerson): <%= request.getParameter("mail") %><BR>
+<P>homeOrg: <%= request.getParameter("homeOrg") %><BR>
 </center>
 </div>
 <div class="footer"></div>