]> source.dussan.org Git - archiva.git/blob
9c8e9b8d20e76e5f0c00067a776a7c13ec150546
[archiva.git] /
1 package org.codehaus.plexus.redback.struts2.interceptor;
2
3 /*
4  * Licensed to the Apache Software Foundation (ASF) under one
5  * or more contributor license agreements.  See the NOTICE file
6  * distributed with this work for additional information
7  * regarding copyright ownership.  The ASF licenses this file
8  * to you under the Apache License, Version 2.0 (the
9  * "License"); you may not use this file except in compliance
10  * with the License.  You may obtain a copy of the License at
11  *
12  * http://www.apache.org/licenses/LICENSE-2.0
13  *
14  * Unless required by applicable law or agreed to in writing,
15  * software distributed under the License is distributed on an
16  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17  * KIND, either express or implied.  See the License for the
18  * specific language governing permissions and limitations
19  * under the License.
20  */
21
22 import com.opensymphony.xwork2.ActionInvocation;
23 import com.opensymphony.xwork2.interceptor.Interceptor;
24 import org.apache.archiva.redback.integration.checks.security.AdminAutoCreateCheck;
25 import org.apache.archiva.redback.users.User;
26 import org.apache.archiva.redback.users.UserNotFoundException;
27 import org.apache.commons.lang.StringUtils;
28 import org.apache.struts2.ServletActionContext;
29 import org.apache.archiva.redback.authentication.PasswordBasedAuthenticationDataSource;
30 import org.apache.archiva.redback.configuration.UserConfiguration;
31 import org.apache.archiva.redback.role.RoleManager;
32 import org.apache.archiva.redback.role.RoleManagerException;
33 import org.apache.archiva.redback.system.SecuritySession;
34 import org.apache.archiva.redback.system.SecuritySystem;
35 import org.apache.archiva.redback.system.SecuritySystemConstants;
36 import org.apache.archiva.redback.users.UserManager;
37 import org.apache.archiva.redback.integration.util.AutoLoginCookies;
38 import org.slf4j.Logger;
39 import org.slf4j.LoggerFactory;
40 import org.springframework.context.annotation.Scope;
41 import org.springframework.stereotype.Controller;
42
43 import javax.inject.Inject;
44 import javax.inject.Named;
45 import java.io.File;
46 import java.io.FileInputStream;
47 import java.util.Date;
48 import java.util.Map;
49 import java.util.Properties;
50
51 /**
52  * EnvironmentCheckInterceptor
53  *
54  * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
55  * @version $Id$
56  */
57 @Controller( "redbackForceAdminUserInterceptor" )
58 @Scope( "prototype" )
59 public class ForceAdminUserInterceptor
60     implements Interceptor
61 {
62     private Logger log = LoggerFactory.getLogger( getClass() );
63
64     private static final String SECURITY_ADMIN_USER_NEEDED = "security-admin-user-needed";
65
66     private static boolean checked = false;
67
68     /**
69      *  role-hint="configurable"
70      */
71     @Inject
72     @Named( value = "userManager#configurable" )
73     private UserManager userManager;
74
75     /**
76      *  role-hint="default"
77      */
78     @Inject
79     private RoleManager roleManager;
80
81     /**
82      *  role-hint="default"
83      */
84     @Inject
85     private UserConfiguration config;
86
87     @Inject
88     protected SecuritySystem securitySystem;
89
90     @Inject
91     private AutoLoginCookies autologinCookies;
92
93     protected Map<String, Object> session;
94
95     public void destroy()
96     {
97         // no-op
98     }
99
100     public void init()
101     {
102
103     }
104
105     public String intercept( ActionInvocation invocation )
106         throws Exception
107     {
108         if ( checked )
109         {
110             return invocation.invoke();
111         }
112
113         try
114         {
115             User user = userManager.findUser( getAdminUid() );
116             if ( user == null )
117             {
118                 user = useForceAdminFile();
119                 if ( user == null )
120                 {
121                     log.info( "No admin user configured - forwarding to admin user creation page." );
122                     return SECURITY_ADMIN_USER_NEEDED;
123                 }
124             }
125
126             assignAdminRole( user );
127
128             checked = true;
129             log.info( "Admin user found. No need to configure admin user." );
130
131         }
132         catch ( UserNotFoundException e )
133         {
134             User user = useForceAdminFile();
135             if ( user != null )
136             {
137                 assignAdminRole( user );
138
139                 checked = true;
140             }
141             else
142             {
143                 log.info( "No admin user found - forwarding to admin user creation page." );
144                 return SECURITY_ADMIN_USER_NEEDED;
145             }
146         }
147
148         return invocation.invoke();
149     }
150
151     private User useForceAdminFile()
152     {
153         try
154         {
155             String forceAdminFilePath = System.getProperty( AdminAutoCreateCheck.FORCE_ADMIN_FILE_PATH );
156             if ( StringUtils.isBlank( forceAdminFilePath ) )
157             {
158                 log.info( AdminAutoCreateCheck.FORCE_ADMIN_FILE_PATH + " system props is empty don't use an auto creation admin " );
159                 return null;
160             }
161             File file = new File( forceAdminFilePath );
162             if ( !file.exists() )
163             {
164                 log.warn( "file set in sysprops " + AdminAutoCreateCheck.FORCE_ADMIN_FILE_PATH + " not exists skip admin auto creation" );
165                 return null;
166             }
167             Properties properties = new Properties();
168             FileInputStream fis = null;
169             try
170             {
171                 properties.load( new FileInputStream( file ) );
172             }
173             catch ( Exception e )
174             {
175                 log.warn( "error loading properties from file " + forceAdminFilePath + " skip admin auto creation" );
176                 return null;
177             }
178
179             // ensure we have all properties
180             String password = properties.getProperty( AdminAutoCreateCheck.ADMIN_PASSWORD_KEY );
181             String email = properties.getProperty( AdminAutoCreateCheck.ADMIN_EMAIL_KEY );
182             String fullName = properties.getProperty( AdminAutoCreateCheck.ADMIN_FULL_NAME_KEY );
183
184             if ( StringUtils.isBlank( password ) )
185             {
186                 log.warn( "property " + AdminAutoCreateCheck.ADMIN_PASSWORD_KEY + " not set skip auto admin creation" );
187                 return null;
188             }
189
190             if ( StringUtils.isBlank( email ) )
191             {
192                 log.warn( "property " + AdminAutoCreateCheck.ADMIN_EMAIL_KEY + " not set skip auto admin creation" );
193                 return null;
194             }
195
196             if ( StringUtils.isBlank( fullName ) )
197             {
198                 log.warn( "property " + AdminAutoCreateCheck.ADMIN_FULL_NAME_KEY + " not set skip auto admin creation" );
199                 return null;
200             }
201
202             User u = userManager.createUser( getAdminUid(), fullName, email );
203
204             u.setPassword( password );
205             u.setLocked( false );
206             u.setPasswordChangeRequired( false );
207             u.setPermanent( true );
208
209             u = userManager.addUser( u );
210             u.setPassword( password );
211
212             PasswordBasedAuthenticationDataSource authdatasource = new PasswordBasedAuthenticationDataSource();
213             authdatasource.setPrincipal( u.getUsername() );
214             authdatasource.setPassword( u.getPassword() );
215             SecuritySession securitySession = securitySystem.authenticate( authdatasource );
216             if ( securitySession.getAuthenticationResult().isAuthenticated() )
217             {
218                 // good add various tokens.
219                 ServletActionContext.getRequest().getSession( true ).setAttribute(
220                     SecuritySystemConstants.SECURITY_SESSION_KEY, securitySession );
221                 autologinCookies.setSignonCookie( authdatasource.getPrincipal(), ServletActionContext.getResponse(),
222                                                   ServletActionContext.getRequest() );
223                 u = securitySession.getUser();
224                 u.setLastLoginDate( new Date() );
225                 securitySystem.getUserManager().updateUser( u );
226             }
227
228             return u;
229         }
230         catch ( Exception e )
231         {
232             log.warn( "failed to automatically create an admin account " + e.getMessage(), e );
233         }
234         return null;
235     }
236
237     private String getAdminUid()
238     {
239         return config.getString( "redback.default.admin" );
240     }
241
242     private void assignAdminRole( User user )
243         throws RoleManagerException
244     {
245         roleManager.assignRole( "system-administrator", user.getPrincipal().toString() );
246     }
247 }