source.dussan.org Git - archiva.git/blob

   1 package org.apache.archiva.redback.struts2.interceptor;
   2
   3 /*
   4  * Licensed to the Apache Software Foundation (ASF) under one
   5  * or more contributor license agreements.  See the NOTICE file
   6  * distributed with this work for additional information
   7  * regarding copyright ownership.  The ASF licenses this file
   8  * to you under the Apache License, Version 2.0 (the
   9  * "License"); you may not use this file except in compliance
  10  * with the License.  You may obtain a copy of the License at
  11  *
  12  * http://www.apache.org/licenses/LICENSE-2.0
  13  *
  14  * Unless required by applicable law or agreed to in writing,
  15  * software distributed under the License is distributed on an
  16  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  17  * KIND, either express or implied.  See the License for the
  18  * specific language governing permissions and limitations
  19  * under the License.
  20  */
  21
  22 import com.opensymphony.xwork2.ActionInvocation;
  23 import com.opensymphony.xwork2.interceptor.Interceptor;
  24 import org.apache.archiva.redback.integration.checks.security.AdminAutoCreateCheck;
  25 import org.apache.archiva.redback.users.User;
  26 import org.apache.archiva.redback.users.UserNotFoundException;
  27 import org.apache.commons.lang.StringUtils;
  28 import org.apache.struts2.ServletActionContext;
  29 import org.apache.archiva.redback.authentication.PasswordBasedAuthenticationDataSource;
  30 import org.apache.archiva.redback.configuration.UserConfiguration;
  31 import org.apache.archiva.redback.role.RoleManager;
  32 import org.apache.archiva.redback.role.RoleManagerException;
  33 import org.apache.archiva.redback.system.SecuritySession;
  34 import org.apache.archiva.redback.system.SecuritySystem;
  35 import org.apache.archiva.redback.system.SecuritySystemConstants;
  36 import org.apache.archiva.redback.users.UserManager;
  37 import org.apache.archiva.redback.integration.util.AutoLoginCookies;
  38 import org.slf4j.Logger;
  39 import org.slf4j.LoggerFactory;
  40 import org.springframework.context.annotation.Scope;
  41 import org.springframework.stereotype.Controller;
  42
  43 import javax.inject.Inject;
  44 import javax.inject.Named;
  45 import java.io.File;
  46 import java.io.FileInputStream;
  47 import java.util.Date;
  48 import java.util.Map;
  49 import java.util.Properties;
  50
  51 /**
  52  * EnvironmentCheckInterceptor
  53  *
  54  * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
  55  * @version $Id$
  56  */
  57 @Controller( "redbackForceAdminUserInterceptor" )
  58 @Scope( "prototype" )
  59 public class ForceAdminUserInterceptor
  60     implements Interceptor
  61 {
  62     private Logger log = LoggerFactory.getLogger( getClass() );
  63
  64     private static final String SECURITY_ADMIN_USER_NEEDED = "security-admin-user-needed";
  65
  66     private static boolean checked = false;
  67
  68     /**
  69      *  role-hint="configurable"
  70      */
  71     @Inject
  72     @Named( value = "userManager#configurable" )
  73     private UserManager userManager;
  74
  75     /**
  76      *  role-hint="default"
  77      */
  78     @Inject
  79     private RoleManager roleManager;
  80
  81     /**
  82      *  role-hint="default"
  83      */
  84     @Inject
  85     private UserConfiguration config;
  86
  87     @Inject
  88     protected SecuritySystem securitySystem;
  89
  90     @Inject
  91     private AutoLoginCookies autologinCookies;
  92
  93     protected Map<String, Object> session;
  94
  95     public void destroy()
  96     {
  97         // no-op
  98     }
  99
 100     public void init()
 101     {
 102
 103     }
 104
 105     public String intercept( ActionInvocation invocation )
 106         throws Exception
 107     {
 108         if ( checked )
 109         {
 110             return invocation.invoke();
 111         }
 112
 113         try
 114         {
 115             User user = userManager.findUser( getAdminUid() );
 116             if ( user == null )
 117             {
 118                 user = useForceAdminFile();
 119                 if ( user == null )
 120                 {
 121                     log.info( "No admin user configured - forwarding to admin user creation page." );
 122                     return SECURITY_ADMIN_USER_NEEDED;
 123                 }
 124             }
 125
 126             assignAdminRole( user );
 127
 128             checked = true;
 129             log.info( "Admin user found. No need to configure admin user." );
 130
 131         }
 132         catch ( UserNotFoundException e )
 133         {
 134             User user = useForceAdminFile();
 135             if ( user != null )
 136             {
 137                 assignAdminRole( user );
 138
 139                 checked = true;
 140             }
 141             else
 142             {
 143                 log.info( "No admin user found - forwarding to admin user creation page." );
 144                 return SECURITY_ADMIN_USER_NEEDED;
 145             }
 146         }
 147
 148         return invocation.invoke();
 149     }
 150
 151     private User useForceAdminFile()
 152     {
 153         try
 154         {
 155             String forceAdminFilePath = System.getProperty( AdminAutoCreateCheck.FORCE_ADMIN_FILE_PATH );
 156             if ( StringUtils.isBlank( forceAdminFilePath ) )
 157             {
 158                 log.info( AdminAutoCreateCheck.FORCE_ADMIN_FILE_PATH + " system props is empty don't use an auto creation admin " );
 159                 return null;
 160             }
 161             File file = new File( forceAdminFilePath );
 162             if ( !file.exists() )
 163             {
 164                 log.warn( "file set in sysprops " + AdminAutoCreateCheck.FORCE_ADMIN_FILE_PATH + " not exists skip admin auto creation" );
 165                 return null;
 166             }
 167             Properties properties = new Properties();
 168             FileInputStream fis = null;
 169             try
 170             {
 171                 properties.load( new FileInputStream( file ) );
 172             }
 173             catch ( Exception e )
 174             {
 175                 log.warn( "error loading properties from file " + forceAdminFilePath + " skip admin auto creation" );
 176                 return null;
 177             }
 178
 179             // ensure we have all properties
 180             String password = properties.getProperty( AdminAutoCreateCheck.ADMIN_PASSWORD_KEY );
 181             String email = properties.getProperty( AdminAutoCreateCheck.ADMIN_EMAIL_KEY );
 182             String fullName = properties.getProperty( AdminAutoCreateCheck.ADMIN_FULL_NAME_KEY );
 183
 184             if ( StringUtils.isBlank( password ) )
 185             {
 186                 log.warn( "property " + AdminAutoCreateCheck.ADMIN_PASSWORD_KEY + " not set skip auto admin creation" );
 187                 return null;
 188             }
 189
 190             if ( StringUtils.isBlank( email ) )
 191             {
 192                 log.warn( "property " + AdminAutoCreateCheck.ADMIN_EMAIL_KEY + " not set skip auto admin creation" );
 193                 return null;
 194             }
 195
 196             if ( StringUtils.isBlank( fullName ) )
 197             {
 198                 log.warn( "property " + AdminAutoCreateCheck.ADMIN_FULL_NAME_KEY + " not set skip auto admin creation" );
 199                 return null;
 200             }
 201
 202             User u = userManager.createUser( getAdminUid(), fullName, email );
 203
 204             u.setPassword( password );
 205             u.setLocked( false );
 206             u.setPasswordChangeRequired( false );
 207             u.setPermanent( true );
 208
 209             u = userManager.addUser( u );
 210             u.setPassword( password );
 211
 212             PasswordBasedAuthenticationDataSource authdatasource = new PasswordBasedAuthenticationDataSource();
 213             authdatasource.setPrincipal( u.getUsername() );
 214             authdatasource.setPassword( u.getPassword() );
 215             SecuritySession securitySession = securitySystem.authenticate( authdatasource );
 216             if ( securitySession.getAuthenticationResult().isAuthenticated() )
 217             {
 218                 // good add various tokens.
 219                 ServletActionContext.getRequest().getSession( true ).setAttribute(
 220                     SecuritySystemConstants.SECURITY_SESSION_KEY, securitySession );
 221                 autologinCookies.setSignonCookie( authdatasource.getPrincipal(), ServletActionContext.getResponse(),
 222                                                   ServletActionContext.getRequest() );
 223                 u = securitySession.getUser();
 224                 u.setLastLoginDate( new Date() );
 225                 securitySystem.getUserManager().updateUser( u );
 226             }
 227
 228             return u;
 229         }
 230         catch ( Exception e )
 231         {
 232             log.warn( "failed to automatically create an admin account " + e.getMessage(), e );
 233         }
 234         return null;
 235     }
 236
 237     private String getAdminUid()
 238     {
 239         return config.getString( "redback.default.admin" );
 240     }
 241
 242     private void assignAdminRole( User user )
 243         throws RoleManagerException
 244     {
 245         roleManager.assignRole( "system-administrator", user.getPrincipal().toString() );
 246     }
 247 }