<multiplicity>*</multiplicity>
</association>
</field>
+ <field>
+ <name>authorizerImpls</name>
+ <description>The authorizer impls to use.</description>
+ <version>1.4.0+</version>
+ <association>
+ <type>String</type>
+ <multiplicity>*</multiplicity>
+ </association>
+ </field>
<field>
<name>ldapConfiguration</name>
<description>the ldap configuration</description>
*/
private List<String> userManagerImpls = new ArrayList<String>();
+ /**
+ * Field authorizerImpls.
+ */
+ private java.util.List<String> authorizerImpls;
+
private LdapConfiguration ldapConfiguration;
/**
this.usersCacheConfiguration = usersCacheConfiguration;
}
+ public List<String> getAuthorizerImpls()
+ {
+ return authorizerImpls;
+ }
+
+ public void setAuthorizerImpls( List<String> authorizerImpls )
+ {
+ this.authorizerImpls = authorizerImpls;
+ }
+
@Override
public String toString()
{
final StringBuilder sb = new StringBuilder();
sb.append( "RedbackRuntimeConfiguration" );
sb.append( "{userManagerImpls=" ).append( userManagerImpls );
+ sb.append( ", authorizerImpls=" ).append( authorizerImpls );
sb.append( ", ldapConfiguration=" ).append( ldapConfiguration );
sb.append( ", migratedFromRedbackConfiguration=" ).append( migratedFromRedbackConfiguration );
sb.append( ", configurationProperties=" ).append( configurationProperties );
import javax.annotation.PostConstruct;
import javax.inject.Inject;
import javax.inject.Named;
+import java.util.Collection;
+import java.util.HashSet;
import java.util.List;
+import java.util.Set;
/**
* @author Olivier Lamy
if ( !redbackRuntimeConfiguration.isMigratedFromRedbackConfiguration() )
{
// so migrate if available
- String userManagerImpl = userConfiguration.getString( UserConfigurationKeys.USER_MANAGER_IMPL );
+ String userManagerImpl =
+ userConfiguration.getConcatenatedList( UserConfigurationKeys.USER_MANAGER_IMPL, "jdo" );
if ( StringUtils.isNotEmpty( userManagerImpl ) )
{
if ( StringUtils.contains( userManagerImpl, ',' ) )
}
}
+ String authorizerImpls =
+ userConfiguration.getConcatenatedList( UserConfigurationKeys.AUTHORIZER_IMPL, "rbac" );
+
+ if ( StringUtils.isNotEmpty( authorizerImpls ) )
+ {
+ if ( StringUtils.contains( authorizerImpls, ',' ) )
+ {
+ String[] impls = StringUtils.split( authorizerImpls, ',' );
+ for ( String impl : impls )
+ {
+ redbackRuntimeConfiguration.getAuthorizerImpls().add( impl );
+ }
+ }
+ else
+ {
+ redbackRuntimeConfiguration.getAuthorizerImpls().add( userManagerImpl );
+ }
+ }
+
// now ldap
LdapConfiguration ldapConfiguration = redbackRuntimeConfiguration.getLdapConfiguration();
updateRedbackRuntimeConfiguration( redbackRuntimeConfiguration );
}
+ // we ensure authorizerImpls is not empty if so put
+ if ( redbackRuntimeConfiguration.getAuthorizerImpls().isEmpty() )
+ {
+ log.info(
+ "redbackRuntimeConfiguration with empty authorizerImpls so force at least rbac implementation !" );
+ redbackRuntimeConfiguration.getAuthorizerImpls().add( "rbac" );
+ updateRedbackRuntimeConfiguration( redbackRuntimeConfiguration );
+ }
+
boolean save = false;
// NPE free
}
return userConfiguration.getConcatenatedList( key, defaultValue );
}
+
+ public Collection<String> getKeys()
+ {
+ Collection<String> keys = userConfiguration.getKeys();
+
+ Set<String> keysSet = new HashSet<String>( keys );
+
+ keysSet.addAll( getRedbackRuntimeConfiguration().getConfigurationProperties().keySet() );
+
+ return keysSet;
+ }
}
* under the License.
*/
+import org.apache.archiva.admin.model.RepositoryAdminException;
+import org.apache.archiva.admin.model.beans.RedbackRuntimeConfiguration;
+import org.apache.archiva.admin.model.runtime.RedbackRuntimeConfigurationAdmin;
import org.apache.archiva.redback.authorization.AuthorizationDataSource;
import org.apache.archiva.redback.authorization.AuthorizationException;
import org.apache.archiva.redback.authorization.AuthorizationResult;
import org.apache.archiva.redback.authorization.Authorizer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.springframework.context.ApplicationContext;
import org.springframework.stereotype.Service;
import javax.inject.Inject;
private Logger log = LoggerFactory.getLogger( getClass() );
@Inject
- @Named( value = "authorizer#rbac" )
- private Authorizer rbacAuthorizer;
-
+ private ApplicationContext applicationContext;
@Inject
- @Named( value = "authorizer#ldap" )
- private Authorizer ldapAuthorizer;
+ private RedbackRuntimeConfigurationAdmin redbackRuntimeConfigurationAdmin;
public String getId()
{
{
log.debug( "isAuthorized source: {}", source );
- AuthorizationResult result = ldapAuthorizer.isAuthorized( source );
+ try
+ {
+ RedbackRuntimeConfiguration redbackRuntimeConfiguration =
+ redbackRuntimeConfigurationAdmin.getRedbackRuntimeConfiguration();
+
+ AuthorizationException authorizationException = null;
+
+ AuthorizationResult lastResult = null;
+
+ for ( String id : redbackRuntimeConfiguration.getAuthorizerImpls() )
+ {
+ Authorizer authorizer = getAuthorizer( id );
+ AuthorizationResult result = null;
+ try
+ {
+ result = authorizer.isAuthorized( source );
+ log.debug( "AuthorizationResult {} with id '{}", result, id );
+ }
+ catch ( AuthorizationException e )
+ {
+ log.debug( "AuthorizationException {} with id '{}", e.getMessage(), id );
+ authorizationException = e;
+ }
+ if ( result.isAuthorized() )
+ {
+ return result;
+ }
- return rbacAuthorizer.isAuthorized( source );
+ lastResult = result;
+ }
+ if ( authorizationException != null )
+ {
+ throw authorizationException;
+ }
+ return lastResult;
+ }
+ catch ( RepositoryAdminException e )
+ {
+ throw new AuthorizationException( e.getMessage(), e );
+ }
+
+ }
+
+ private Authorizer getAuthorizer( String id )
+ {
+ return applicationContext.getBean( "authorizer#" + id, Authorizer.class );
}
public boolean isFinalImplementation()
projects / archiva.git / commitdiff