1 package org.apache.archiva.webdav;
4 * Licensed to the Apache Software Foundation (ASF) under one
5 * or more contributor license agreements. See the NOTICE file
6 * distributed with this work for additional information
7 * regarding copyright ownership. The ASF licenses this file
8 * to you under the Apache License, Version 2.0 (the
9 * "License"); you may not use this file except in compliance
10 * with the License. You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17 * KIND, either express or implied. See the License for the
18 * specific language governing permissions and limitations
22 import org.apache.archiva.redback.authentication.AuthenticationException;
23 import org.apache.archiva.redback.keys.KeyManager;
24 import org.apache.archiva.redback.policy.AccountLockedException;
25 import org.apache.archiva.redback.policy.UserSecurityPolicy;
26 import org.apache.archiva.redback.users.UserManager;
27 import org.apache.archiva.redback.authentication.AuthenticationDataSource;
28 import org.apache.archiva.redback.authentication.AuthenticationResult;
29 import org.apache.archiva.redback.authorization.AuthorizationException;
30 import org.apache.archiva.redback.authorization.AuthorizationResult;
31 import org.apache.archiva.redback.keys.memory.MemoryKeyManager;
32 import org.apache.archiva.redback.policy.DefaultUserSecurityPolicy;
33 import org.codehaus.plexus.redback.system.DefaultSecuritySession;
34 import org.codehaus.plexus.redback.system.DefaultSecuritySystem;
35 import org.codehaus.plexus.redback.system.SecuritySession;
36 import org.codehaus.plexus.redback.system.SecuritySystem;
37 import org.apache.archiva.redback.users.UserNotFoundException;
38 import org.apache.archiva.redback.users.memory.MemoryUserManager;
39 import org.springframework.stereotype.Service;
42 * BypassSecuritySystem - used to bypass the security system for testing reasons and allow
43 * for every request to respond as success / true.
47 @Service("securitySystem#bypass")
48 public class BypassSecuritySystem
49 extends DefaultSecuritySystem
50 implements SecuritySystem
52 private KeyManager bypassKeyManager;
53 private UserSecurityPolicy bypassPolicy;
54 private UserManager bypassUserManager;
56 public BypassSecuritySystem()
58 bypassKeyManager = new MemoryKeyManager();
59 bypassPolicy = new DefaultUserSecurityPolicy();
60 bypassUserManager = new MemoryUserManager();
63 public SecuritySession authenticate( AuthenticationDataSource source )
64 throws AuthenticationException, UserNotFoundException, AccountLockedException
66 AuthenticationResult result = new AuthenticationResult( true, source.getPrincipal(), null );
67 return new DefaultSecuritySession( result );
70 public AuthorizationResult authorize( SecuritySession session, Object permission )
71 throws AuthorizationException
73 return new AuthorizationResult( true, session.getUser(), null );
76 public AuthorizationResult authorize( SecuritySession session, Object permission, Object resource )
77 throws AuthorizationException
79 return new AuthorizationResult( true, session.getUser(), null );
82 public String getAuthenticatorId()
84 return "bypass-authenticator";
87 public String getAuthorizerId()
89 return "bypass-authorizer";
92 public KeyManager getKeyManager()
94 return bypassKeyManager;
97 public UserSecurityPolicy getPolicy()
102 public String getUserManagementId()
104 return "bypass-managementid";
107 public UserManager getUserManager()
109 return bypassUserManager;
112 public boolean isAuthenticated( AuthenticationDataSource source )
113 throws AuthenticationException, UserNotFoundException, AccountLockedException
119 public boolean isAuthorized( SecuritySession session, Object permission )
120 throws AuthorizationException
126 public boolean isAuthorized( SecuritySession session, Object permission, Object resource )
127 throws AuthorizationException