source.dussan.org Git - archiva.git/blob

   1 package org.apache.archiva.webdav;
   2
   3 /*
   4  * Licensed to the Apache Software Foundation (ASF) under one
   5  * or more contributor license agreements.  See the NOTICE file
   6  * distributed with this work for additional information
   7  * regarding copyright ownership.  The ASF licenses this file
   8  * to you under the Apache License, Version 2.0 (the
   9  * "License"); you may not use this file except in compliance
  10  * with the License.  You may obtain a copy of the License at
  11  *
  12  *  http://www.apache.org/licenses/LICENSE-2.0
  13  *
  14  * Unless required by applicable law or agreed to in writing,
  15  * software distributed under the License is distributed on an
  16  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  17  * KIND, either express or implied.  See the License for the
  18  * specific language governing permissions and limitations
  19  * under the License.
  20  */
  21
  22 import org.apache.archiva.redback.authentication.AuthenticationException;
  23 import org.apache.archiva.security.ServletAuthenticator;
  24 import org.apache.jackrabbit.webdav.DavException;
  25 import org.apache.jackrabbit.webdav.DavServletRequest;
  26 import org.apache.jackrabbit.webdav.DavSessionProvider;
  27 import org.apache.jackrabbit.webdav.WebdavRequest;
  28 import org.apache.archiva.webdav.util.RepositoryPathUtil;
  29 import org.apache.archiva.webdav.util.WebdavMethodUtil;
  30 import org.apache.archiva.redback.authentication.AuthenticationResult;
  31 import org.codehaus.plexus.redback.authorization.UnauthorizedException;
  32 import org.codehaus.plexus.redback.policy.AccountLockedException;
  33 import org.codehaus.plexus.redback.policy.MustChangePasswordException;
  34 import org.apache.archiva.redback.users.UserManager;
  35 import org.codehaus.redback.integration.filter.authentication.HttpAuthenticator;
  36
  37 /**
  38  */
  39 public class ArchivaDavSessionProvider
  40     implements DavSessionProvider
  41 {
  42     private ServletAuthenticator servletAuth;
  43
  44     private HttpAuthenticator httpAuth;
  45
  46     public ArchivaDavSessionProvider( ServletAuthenticator servletAuth, HttpAuthenticator httpAuth )
  47     {
  48         this.servletAuth = servletAuth;
  49         this.httpAuth = httpAuth;
  50     }
  51
  52     public boolean attachSession( WebdavRequest request )
  53         throws DavException
  54     {
  55         final String repositoryId = RepositoryPathUtil.getRepositoryName( removeContextPath( request ) );
  56
  57         try
  58         {
  59             AuthenticationResult result = httpAuth.getAuthenticationResult( request, null );
  60
  61             //Create a dav session
  62             request.setDavSession( new ArchivaDavSession() );
  63
  64             return servletAuth.isAuthenticated( request, result );
  65         }
  66         catch ( AuthenticationException e )
  67         {
  68             // safety check for MRM-911
  69             String guest = UserManager.GUEST_USERNAME;
  70             try
  71             {
  72                 if ( servletAuth.isAuthorized( guest,
  73                                                ( (ArchivaDavResourceLocator) request.getRequestLocator() ).getRepositoryId(),
  74                                                WebdavMethodUtil.getMethodPermission( request.getMethod() ) ) )
  75                 {
  76                     request.setDavSession( new ArchivaDavSession() );
  77                     return true;
  78                 }
  79             }
  80             catch ( UnauthorizedException ae )
  81             {
  82                 throw new UnauthorizedDavException( repositoryId,
  83                                                     "You are not authenticated and authorized to access any repository." );
  84             }
  85
  86             throw new UnauthorizedDavException( repositoryId, "You are not authenticated." );
  87         }
  88         catch ( MustChangePasswordException e )
  89         {
  90             throw new UnauthorizedDavException( repositoryId, "You must change your password." );
  91         }
  92         catch ( AccountLockedException e )
  93         {
  94             throw new UnauthorizedDavException( repositoryId, "User account is locked." );
  95         }
  96     }
  97
  98     public void releaseSession( WebdavRequest request )
  99     {
 100         request.setDavSession( null );
 101     }
 102
 103     private String removeContextPath( final DavServletRequest request )
 104     {
 105         String path = request.getRequestURI();
 106         String ctx = request.getContextPath();
 107         if ( path.startsWith( ctx ) )
 108         {
 109             path = path.substring( ctx.length() );
 110         }
 111         return path;
 112     }
 113 }