source.dussan.org Git - archiva.git/blob

   1 package org.apache.archiva.redback.integration.checks.security;
   2
   3 /*
   4  * Licensed to the Apache Software Foundation (ASF) under one
   5  * or more contributor license agreements.  See the NOTICE file
   6  * distributed with this work for additional information
   7  * regarding copyright ownership.  The ASF licenses this file
   8  * to you under the Apache License, Version 2.0 (the
   9  * "License"); you may not use this file except in compliance
  10  * with the License.  You may obtain a copy of the License at
  11  *
  12  * http://www.apache.org/licenses/LICENSE-2.0
  13  *
  14  * Unless required by applicable law or agreed to in writing,
  15  * software distributed under the License is distributed on an
  16  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  17  * KIND, either express or implied.  See the License for the
  18  * specific language governing permissions and limitations
  19  * under the License.
  20  */
  21
  22 import org.apache.archiva.redback.authentication.PasswordBasedAuthenticationDataSource;
  23 import org.apache.archiva.redback.configuration.UserConfiguration;
  24 import org.apache.archiva.redback.configuration.UserConfigurationKeys;
  25 import org.apache.archiva.redback.rbac.RBACManager;
  26 import org.apache.archiva.redback.role.RoleManager;
  27 import org.apache.archiva.redback.role.RoleManagerException;
  28 import org.apache.archiva.redback.system.SecuritySession;
  29 import org.apache.archiva.redback.system.SecuritySystem;
  30 import org.apache.archiva.redback.system.check.EnvironmentCheck;
  31 import org.apache.archiva.redback.users.User;
  32 import org.apache.archiva.redback.users.UserManager;
  33 import org.apache.archiva.redback.users.UserNotFoundException;
  34 import org.apache.commons.io.IOUtils;
  35 import org.apache.commons.lang.StringUtils;
  36 import org.slf4j.Logger;
  37 import org.slf4j.LoggerFactory;
  38 import org.springframework.stereotype.Service;
  39
  40 import javax.inject.Inject;
  41 import javax.inject.Named;
  42 import java.io.File;
  43 import java.io.FileInputStream;
  44 import java.util.Date;
  45 import java.util.List;
  46 import java.util.Properties;
  47
  48 /**
  49  * @author Olivier Lamy
  50  * @since 2.0
  51  */
  52 @Service( "environmentCheck#adminAutoCreateCheck" )
  53 public class AdminAutoCreateCheck
  54     implements EnvironmentCheck
  55 {
  56
  57     private Logger log = LoggerFactory.getLogger( getClass() );
  58
  59     public static final String FORCE_ADMIN_FILE_PATH = "redback.admin.creation.file";
  60
  61     public static final String ADMIN_FULL_NAME_KEY = "redback.admin.fullname";
  62
  63     public static final String ADMIN_EMAIL_KEY = "redback.admin.email";
  64
  65     public static final String ADMIN_PASSWORD_KEY = "redback.admin.password";
  66
  67     @Inject
  68     @Named( value = "userManager#configurable" )
  69     private UserManager userManager;
  70
  71     @Inject
  72     @Named( value = "userConfiguration#default" )
  73     private UserConfiguration config;
  74
  75     @Inject
  76     protected SecuritySystem securitySystem;
  77
  78     @Inject
  79     private RoleManager roleManager;
  80
  81     @Inject
  82     @Named( value = "rBACManager#cached" )
  83     private RBACManager rbacManager;
  84
  85     public void validateEnvironment( List<String> violations )
  86     {
  87         try
  88         {
  89             User user = userManager.findUser( getAdminUid() );
  90             if ( user == null )
  91             {
  92                 useForceAdminCreationFile();
  93             }
  94
  95
  96         }
  97         catch ( UserNotFoundException e )
  98         {
  99             useForceAdminCreationFile();
 100         }
 101     }
 102
 103     private void useForceAdminCreationFile()
 104     {
 105         try
 106         {
 107             String forceAdminFilePath = System.getProperty( FORCE_ADMIN_FILE_PATH );
 108             if ( StringUtils.isBlank( forceAdminFilePath ) )
 109             {
 110                 log.info( "{} system props is empty don't use an auto creation admin ", FORCE_ADMIN_FILE_PATH );
 111                 return;
 112             }
 113             File file = new File( forceAdminFilePath );
 114             if ( !file.exists() )
 115             {
 116                 log.warn( "file set in sysprops {} not exists skip admin auto creation", FORCE_ADMIN_FILE_PATH );
 117                 return;
 118             }
 119             log.debug( "user {} not found try auto creation", getAdminUid() );
 120             Properties properties = new Properties();
 121             FileInputStream fis = new FileInputStream( file );
 122             try
 123             {
 124                 properties.load( fis );
 125             }
 126             catch ( Exception e )
 127             {
 128                 log.warn( "error loading properties from file {} skip admin auto creation", forceAdminFilePath );
 129                 return;
 130             }
 131             finally
 132             {
 133                 IOUtils.closeQuietly( fis );
 134             }
 135
 136             // ensure we have all properties
 137             String password = properties.getProperty( ADMIN_PASSWORD_KEY );
 138             String email = properties.getProperty( ADMIN_EMAIL_KEY );
 139             String fullName = properties.getProperty( ADMIN_FULL_NAME_KEY );
 140
 141             if ( StringUtils.isBlank( password ) )
 142             {
 143                 log.warn( "property {} not set skip auto admin creation", ADMIN_PASSWORD_KEY );
 144                 return;
 145             }
 146
 147             if ( StringUtils.isBlank( email ) )
 148             {
 149                 log.warn( "property not set skip auto admin creation", ADMIN_EMAIL_KEY );
 150                 return;
 151             }
 152
 153             if ( StringUtils.isBlank( fullName ) )
 154             {
 155                 log.warn( "property {} not set skip auto admin creation", ADMIN_FULL_NAME_KEY );
 156                 return;
 157             }
 158
 159             User u = userManager.createUser( getAdminUid(), fullName, email );
 160
 161             u.setPassword( password );
 162             u.setLocked( false );
 163             u.setPasswordChangeRequired( false );
 164             u.setPermanent( true );
 165             u.setValidated( true );
 166
 167             u = userManager.addUser( u );
 168             u.setPassword( password );
 169
 170             PasswordBasedAuthenticationDataSource authdatasource = new PasswordBasedAuthenticationDataSource();
 171             authdatasource.setPrincipal( u.getUsername() );
 172             authdatasource.setPassword( u.getPassword() );
 173             SecuritySession securitySession = securitySystem.authenticate( authdatasource );
 174             if ( securitySession.getAuthenticationResult().isAuthenticated() )
 175             {
 176                 // good add various tokens.
 177                 u = securitySession.getUser();
 178                 u.setLastLoginDate( new Date() );
 179                 securitySystem.getUserManager().updateUser( u );
 180             }
 181             assignAdminRole( u );
 182
 183         }
 184         catch ( Exception e )
 185         {
 186             log.warn( "failed to automatically create an admin account {}", e.getMessage(), e );
 187         }
 188     }
 189
 190     private void assignAdminRole( User user )
 191         throws RoleManagerException
 192     {
 193         roleManager.assignRole( "system-administrator", user.getUsername() );
 194     }
 195
 196     private String getAdminUid()
 197     {
 198         return config.getString( UserConfigurationKeys.DEFAULT_ADMIN );
 199     }
 200 }