source.dussan.org Git - archiva.git/blob

   1 package org.apache.archiva.redback.struts2.interceptor;
   2
   3 /*
   4  * Licensed to the Apache Software Foundation (ASF) under one
   5  * or more contributor license agreements.  See the NOTICE file
   6  * distributed with this work for additional information
   7  * regarding copyright ownership.  The ASF licenses this file
   8  * to you under the Apache License, Version 2.0 (the
   9  * "License"); you may not use this file except in compliance
  10  * with the License.  You may obtain a copy of the License at
  11  *
  12  * http://www.apache.org/licenses/LICENSE-2.0
  13  *
  14  * Unless required by applicable law or agreed to in writing,
  15  * software distributed under the License is distributed on an
  16  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  17  * KIND, either express or implied.  See the License for the
  18  * specific language governing permissions and limitations
  19  * under the License.
  20  */
  21
  22 import com.opensymphony.xwork2.ActionInvocation;
  23 import com.opensymphony.xwork2.interceptor.Interceptor;
  24 import org.apache.archiva.redback.authentication.PasswordBasedAuthenticationDataSource;
  25 import org.apache.archiva.redback.configuration.UserConfiguration;
  26 import org.apache.archiva.redback.integration.checks.security.AdminAutoCreateCheck;
  27 import org.apache.archiva.redback.integration.util.AutoLoginCookies;
  28 import org.apache.archiva.redback.role.RoleManager;
  29 import org.apache.archiva.redback.role.RoleManagerException;
  30 import org.apache.archiva.redback.system.SecuritySession;
  31 import org.apache.archiva.redback.system.SecuritySystem;
  32 import org.apache.archiva.redback.system.SecuritySystemConstants;
  33 import org.apache.archiva.redback.users.User;
  34 import org.apache.archiva.redback.users.UserManager;
  35 import org.apache.archiva.redback.users.UserNotFoundException;
  36 import org.apache.commons.io.IOUtils;
  37 import org.apache.commons.lang.StringUtils;
  38 import org.apache.struts2.ServletActionContext;
  39 import org.slf4j.Logger;
  40 import org.slf4j.LoggerFactory;
  41 import org.springframework.context.annotation.Scope;
  42 import org.springframework.stereotype.Controller;
  43
  44 import javax.inject.Inject;
  45 import javax.inject.Named;
  46 import java.io.File;
  47 import java.io.FileInputStream;
  48 import java.util.Date;
  49 import java.util.Map;
  50 import java.util.Properties;
  51
  52 /**
  53  * EnvironmentCheckInterceptor
  54  *
  55  * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
  56  */
  57 @Controller( "redbackForceAdminUserInterceptor" )
  58 @Scope( "prototype" )
  59 public class ForceAdminUserInterceptor
  60     implements Interceptor
  61 {
  62     private Logger log = LoggerFactory.getLogger( getClass() );
  63
  64     private static final String SECURITY_ADMIN_USER_NEEDED = "security-admin-user-needed";
  65
  66     private static boolean checked = false;
  67
  68     /**
  69      * role-hint="configurable"
  70      */
  71     @Inject
  72     @Named( value = "userManager#configurable" )
  73     private UserManager userManager;
  74
  75     /**
  76      * role-hint="default"
  77      */
  78     @Inject
  79     private RoleManager roleManager;
  80
  81     /**
  82      * role-hint="default"
  83      */
  84     @Inject
  85     private UserConfiguration config;
  86
  87     @Inject
  88     protected SecuritySystem securitySystem;
  89
  90     @Inject
  91     private AutoLoginCookies autologinCookies;
  92
  93     protected Map<String, Object> session;
  94
  95     public void destroy()
  96     {
  97         // no-op
  98     }
  99
 100     public void init()
 101     {
 102
 103     }
 104
 105     public String intercept( ActionInvocation invocation )
 106         throws Exception
 107     {
 108         if ( checked )
 109         {
 110             return invocation.invoke();
 111         }
 112
 113         try
 114         {
 115             User user = userManager.findUser( getAdminUid() );
 116             if ( user == null )
 117             {
 118                 user = useForceAdminFile();
 119                 if ( user == null )
 120                 {
 121                     log.info( "No admin user configured - forwarding to admin user creation page." );
 122                     return SECURITY_ADMIN_USER_NEEDED;
 123                 }
 124             }
 125
 126             assignAdminRole( user );
 127
 128             checked = true;
 129             log.info( "Admin user found. No need to configure admin user." );
 130
 131         }
 132         catch ( UserNotFoundException e )
 133         {
 134             User user = useForceAdminFile();
 135             if ( user != null )
 136             {
 137                 assignAdminRole( user );
 138
 139                 checked = true;
 140             }
 141             else
 142             {
 143                 log.info( "No admin user found - forwarding to admin user creation page." );
 144                 return SECURITY_ADMIN_USER_NEEDED;
 145             }
 146         }
 147
 148         return invocation.invoke();
 149     }
 150
 151     private User useForceAdminFile()
 152     {
 153         try
 154         {
 155             String forceAdminFilePath = System.getProperty( AdminAutoCreateCheck.FORCE_ADMIN_FILE_PATH );
 156             if ( StringUtils.isBlank( forceAdminFilePath ) )
 157             {
 158                 log.info( AdminAutoCreateCheck.FORCE_ADMIN_FILE_PATH
 159                               + " system props is empty don't use an auto creation admin " );
 160                 return null;
 161             }
 162             File file = new File( forceAdminFilePath );
 163             if ( !file.exists() )
 164             {
 165                 log.warn( "file set in sysprops " + AdminAutoCreateCheck.FORCE_ADMIN_FILE_PATH
 166                               + " not exists skip admin auto creation" );
 167                 return null;
 168             }
 169             Properties properties = new Properties();
 170             FileInputStream fis = new FileInputStream( file );
 171             try
 172             {
 173                 properties.load( fis );
 174             }
 175             catch ( Exception e )
 176             {
 177                 log.warn( "error loading properties from file " + forceAdminFilePath + " skip admin auto creation" );
 178                 return null;
 179             }
 180             finally
 181             {
 182                 IOUtils.closeQuietly( fis );
 183             }
 184
 185             // ensure we have all properties
 186             String password = properties.getProperty( AdminAutoCreateCheck.ADMIN_PASSWORD_KEY );
 187             String email = properties.getProperty( AdminAutoCreateCheck.ADMIN_EMAIL_KEY );
 188             String fullName = properties.getProperty( AdminAutoCreateCheck.ADMIN_FULL_NAME_KEY );
 189
 190             if ( StringUtils.isBlank( password ) )
 191             {
 192                 log.warn( "property " + AdminAutoCreateCheck.ADMIN_PASSWORD_KEY + " not set skip auto admin creation" );
 193                 return null;
 194             }
 195
 196             if ( StringUtils.isBlank( email ) )
 197             {
 198                 log.warn( "property " + AdminAutoCreateCheck.ADMIN_EMAIL_KEY + " not set skip auto admin creation" );
 199                 return null;
 200             }
 201
 202             if ( StringUtils.isBlank( fullName ) )
 203             {
 204                 log.warn(
 205                     "property " + AdminAutoCreateCheck.ADMIN_FULL_NAME_KEY + " not set skip auto admin creation" );
 206                 return null;
 207             }
 208
 209             User u = userManager.createUser( getAdminUid(), fullName, email );
 210
 211             u.setPassword( password );
 212             u.setLocked( false );
 213             u.setPasswordChangeRequired( false );
 214             u.setPermanent( true );
 215
 216             u = userManager.addUser( u );
 217             u.setPassword( password );
 218
 219             PasswordBasedAuthenticationDataSource authdatasource = new PasswordBasedAuthenticationDataSource();
 220             authdatasource.setPrincipal( u.getUsername() );
 221             authdatasource.setPassword( u.getPassword() );
 222             SecuritySession securitySession = securitySystem.authenticate( authdatasource );
 223             if ( securitySession.getAuthenticationResult().isAuthenticated() )
 224             {
 225                 // good add various tokens.
 226                 ServletActionContext.getRequest().getSession( true ).setAttribute(
 227                     SecuritySystemConstants.SECURITY_SESSION_KEY, securitySession );
 228                 autologinCookies.setSignonCookie( authdatasource.getPrincipal(), ServletActionContext.getResponse(),
 229                                                   ServletActionContext.getRequest() );
 230                 u = securitySession.getUser();
 231                 u.setLastLoginDate( new Date() );
 232                 securitySystem.getUserManager().updateUser( u );
 233             }
 234
 235             return u;
 236         }
 237         catch ( Exception e )
 238         {
 239             log.warn( "failed to automatically create an admin account " + e.getMessage(), e );
 240         }
 241         return null;
 242     }
 243
 244     private String getAdminUid()
 245     {
 246         return config.getString( "redback.default.admin" );
 247     }
 248
 249     private void assignAdminRole( User user )
 250         throws RoleManagerException
 251     {
 252         roleManager.assignRole( "system-administrator", user.getPrincipal().toString() );
 253     }
 254 }