1 package org.apache.archiva.redback.integration.checks.security;
4 * Licensed to the Apache Software Foundation (ASF) under one
5 * or more contributor license agreements. See the NOTICE file
6 * distributed with this work for additional information
7 * regarding copyright ownership. The ASF licenses this file
8 * to you under the Apache License, Version 2.0 (the
9 * "License"); you may not use this file except in compliance
10 * with the License. You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17 * KIND, either express or implied. See the License for the
18 * specific language governing permissions and limitations
22 import org.apache.archiva.redback.rbac.RBACManager;
23 import org.apache.archiva.redback.role.RoleManagerException;
24 import org.apache.archiva.redback.users.UserNotFoundException;
25 import org.apache.commons.lang.StringUtils;
26 import org.apache.archiva.redback.authentication.PasswordBasedAuthenticationDataSource;
27 import org.apache.archiva.redback.configuration.UserConfiguration;
28 import org.apache.archiva.redback.rbac.RbacManagerException;
29 import org.apache.archiva.redback.rbac.Role;
30 import org.apache.archiva.redback.role.RoleManager;
31 import org.apache.archiva.redback.system.SecuritySession;
32 import org.apache.archiva.redback.system.SecuritySystem;
33 import org.apache.archiva.redback.system.check.EnvironmentCheck;
34 import org.apache.archiva.redback.users.User;
35 import org.apache.archiva.redback.users.UserManager;
36 import org.codehaus.plexus.util.IOUtil;
37 import org.slf4j.Logger;
38 import org.slf4j.LoggerFactory;
39 import org.springframework.stereotype.Service;
41 import javax.inject.Inject;
42 import javax.inject.Named;
44 import java.io.FileInputStream;
45 import java.util.Collection;
46 import java.util.Date;
47 import java.util.List;
48 import java.util.Properties;
51 * @author Olivier Lamy
54 @Service( "environmentCheck#adminAutoCreateCheck" )
55 public class AdminAutoCreateCheck
56 implements EnvironmentCheck
59 private Logger log = LoggerFactory.getLogger( getClass() );
61 public static final String FORCE_ADMIN_FILE_PATH = "redback.admin.creation.file";
63 public static final String ADMIN_FULL_NAME_KEY = "redback.admin.fullname";
65 public static final String ADMIN_EMAIL_KEY = "redback.admin.email";
67 public static final String ADMIN_PASSWORD_KEY = "redback.admin.password";
70 @Named( value = "userManager#configurable" )
71 private UserManager userManager;
74 private UserConfiguration config;
77 protected SecuritySystem securitySystem;
80 private RoleManager roleManager;
83 @Named( value = "rBACManager#cached" )
84 private RBACManager rbacManager;
86 public void validateEnvironment( List<String> violations )
90 User user = userManager.findUser( getAdminUid() );
93 useForceAdminCreationFile();
98 catch ( UserNotFoundException e )
100 useForceAdminCreationFile();
104 private void checkAdminKarma( User u )
108 Collection<Role> roles = rbacManager.getEffectivelyAssignedRoles( getAdminUid() );
109 boolean adminRole = false;
110 for ( Role role : roles )
112 if ( StringUtils.equals( "system-administrator", role.getName() ) )
119 assignAdminRole( u );
122 catch ( RbacManagerException e )
124 log.warn( "fail to checkAdminKarma {}", e, e.getMessage() );
126 catch ( RoleManagerException e )
128 log.warn( "fail to assignAdmin role {}", e, e.getMessage() );
132 private void useForceAdminCreationFile()
136 String forceAdminFilePath = System.getProperty( FORCE_ADMIN_FILE_PATH );
137 if ( StringUtils.isBlank( forceAdminFilePath ) )
139 log.info( FORCE_ADMIN_FILE_PATH + " system props is empty don't use an auto creation admin " );
142 File file = new File( forceAdminFilePath );
143 if ( !file.exists() )
145 log.warn( "file set in sysprops " + FORCE_ADMIN_FILE_PATH + " not exists skip admin auto creation" );
148 log.debug( "user {} not found try auto creation" );
149 Properties properties = new Properties();
150 FileInputStream fis = new FileInputStream( file );
153 properties.load( fis );
155 catch ( Exception e )
157 log.warn( "error loading properties from file " + forceAdminFilePath + " skip admin auto creation" );
165 // ensure we have all properties
166 String password = properties.getProperty( ADMIN_PASSWORD_KEY );
167 String email = properties.getProperty( ADMIN_EMAIL_KEY );
168 String fullName = properties.getProperty( ADMIN_FULL_NAME_KEY );
170 if ( StringUtils.isBlank( password ) )
172 log.warn( "property " + ADMIN_PASSWORD_KEY + " not set skip auto admin creation" );
176 if ( StringUtils.isBlank( email ) )
178 log.warn( "property " + ADMIN_EMAIL_KEY + " not set skip auto admin creation" );
182 if ( StringUtils.isBlank( fullName ) )
184 log.warn( "property " + ADMIN_FULL_NAME_KEY + " not set skip auto admin creation" );
188 User u = userManager.createUser( getAdminUid(), fullName, email );
190 u.setPassword( password );
191 u.setLocked( false );
192 u.setPasswordChangeRequired( false );
193 u.setPermanent( true );
194 u.setValidated( true );
196 u = userManager.addUser( u );
197 u.setPassword( password );
199 PasswordBasedAuthenticationDataSource authdatasource = new PasswordBasedAuthenticationDataSource();
200 authdatasource.setPrincipal( u.getUsername() );
201 authdatasource.setPassword( u.getPassword() );
202 SecuritySession securitySession = securitySystem.authenticate( authdatasource );
203 if ( securitySession.getAuthenticationResult().isAuthenticated() )
205 // good add various tokens.
206 u = securitySession.getUser();
207 u.setLastLoginDate( new Date() );
208 securitySystem.getUserManager().updateUser( u );
210 assignAdminRole( u );
213 catch ( Exception e )
215 log.warn( "failed to automatically create an admin account " + e.getMessage(), e );
219 private void assignAdminRole( User user )
220 throws RoleManagerException
222 roleManager.assignRole( "system-administrator", user.getPrincipal().toString() );
225 private String getAdminUid()
227 return config.getString( "redback.default.admin" );