<groupId>plexus</groupId>
<artifactId>plexus-utils</artifactId>
</exclusion>
- </exclusions>
- </dependency>
+ </exclusions>
+ </dependency>
<!-- Plexus Security Dependencies -->
<dependency>
<groupId>org.codehaus.plexus.security</groupId>
<groupId>org.codehaus.plexus.security</groupId>
<artifactId>plexus-security-ui-web</artifactId>
<version>1.0-SNAPSHOT</version>
+ <type>war</type>
+ </dependency>
+ <dependency>
+ <groupId>org.codehaus.plexus.security</groupId>
+ <artifactId>plexus-security-ui-web-integration</artifactId>
+ <version>1.0-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.codehaus.plexus.security</groupId>
</dependencies>
<build>
<plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-clean-plugin</artifactId>
+ <version>2.1.1-20060724.192148-1</version>
+ <!-- This configuration is added to cleanup from war:inplace -->
+ <configuration>
+ <filesets>
+ <fileset>
+ <directory>${basedir}/</directory>
+ <includes>
+ <include>derby.log</include>
+ </includes>
+ </fileset>
+ <fileset>
+ <directory>${basedir}/src/main/webapp</directory>
+ <includes>
+ <include>META-INF</include>
+ <include>WEB-INF/classes</include>
+ <include>WEB-INF/lib</include>
+ <include>WEB-INF/database</include>
+ <include>WEB-INF/logs</include>
+ <include>WEB-INF/temp</include>
+ <include>WEB-INF/jsp/pss</include>
+ </includes>
+ </fileset>
+ </filesets>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-war-plugin</artifactId>
+ <version>2.0.1</version>
+ <configuration>
+ <archiveClasses>true</archiveClasses>
+ <dependentWarExcludes>WEB-INF/web.xml,WEB-INF/classes/xwork.xml</dependentWarExcludes>
+ </configuration>
+ <executions>
+ <execution>
+ <phase>compile</phase>
+ <goals>
+ <!-- Needed to get the plexus-security war overlay to do its thing before jetty:run -->
+ <goal>inplace</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
<plugin>
<groupId>org.mortbay.jetty</groupId>
<artifactId>maven-jetty-plugin</artifactId>
<url>http://snapshots.repository.codehaus.org</url>
</repository>
</repositories>
+ <pluginRepositories>
+ <pluginRepository>
+ <id>codehaus.org</id>
+ <name>Codehaus Snapshot Development Repository</name>
+ <url>http://snapshots.repository.codehaus.org/</url>
+ <releases>
+ <enabled>false</enabled>
+ </releases>
+ </pluginRepository>
+ <pluginRepository>
+ <id>apache.org</id>
+ <name>Apache Snapshot Repository</name>
+ <url>http://people.apache.org/repo/m2-snapshot-repository</url>
+ <releases>
+ <enabled>false</enabled>
+ </releases>
+ </pluginRepository>
+ </pluginRepositories>
</project>
+++ /dev/null
-package org.apache.maven.archiva.web.action.admin;
-
-/*
-* Copyright 2005 The Apache Software Foundation.
-*
-* Licensed under the Apache License, Version 2.0 (the "License");
-* you may not use this file except in compliance with the License.
-* You may obtain a copy of the License at
-*
-* http://www.apache.org/licenses/LICENSE-2.0
-*
-* Unless required by applicable law or agreed to in writing, software
-* distributed under the License is distributed on an "AS IS" BASIS,
-* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-* See the License for the specific language governing permissions and
-* limitations under the License.
-*/
-
-import org.apache.maven.archiva.web.util.RoleManager;
-import org.codehaus.plexus.util.StringUtils;
-import org.codehaus.plexus.xwork.action.PlexusActionSupport;
-import org.codehaus.plexus.security.system.SecuritySystem;
-import org.codehaus.plexus.security.rbac.RBACManager;
-import org.codehaus.plexus.security.user.UserManager;
-import org.codehaus.plexus.security.user.User;
-import org.codehaus.plexus.security.policy.PasswordRuleViolationException;
-import org.codehaus.plexus.security.policy.PasswordRuleViolations;
-
-import java.util.Iterator;
-import java.util.List;
-
-/**
- * LoginAction:
- *
- * @author Jesse McConnell <jmcconnell@apache.org>
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id:$
- * @plexus.component role="com.opensymphony.xwork.Action"
- * role-hint="newUser"
- */
-public class NewUserAction
- extends PlexusActionSupport
-{
-
- /**
- * @plexus.requirement
- */
- private SecuritySystem securitySystem;
-
- /**
- * @plexus.requirement
- */
- private RoleManager roleManager;
-
- /**
- * @plexus.requirement
- */
- private RBACManager rbacManager;
-
- private String username;
-
- private String password;
-
- private String passwordConfirm;
-
- private String email;
-
- private String fullName;
-
- public String createUser()
- {
- if ( username == null )
- {
- return INPUT;
- }
-
-/*
- // TODO: use commons-validator for these fields.
-
- if ( StringUtils.isEmpty( username ) )
- {
- addActionError( "User Name is required." );
- }
-
- if ( StringUtils.isEmpty( fullName ) )
- {
- addActionError( "Full Name is required." );
- }
-
- if ( StringUtils.isEmpty( email ) )
- {
- addActionError( "Email Address is required." );
- }
-
- // TODO: Validate Email Address (use commons-validator)
-
- if ( StringUtils.equals( password, passwordConfirm ) )
- {
- addActionError( "Passwords do not match." );
- }
-
- */
-
- UserManager um = securitySystem.getUserManager();
-
- if ( um.userExists( username ) )
- {
- addActionError( "User already exists!" );
- }
- else
- {
- User user = um.createUser( username, fullName, email );
-
- user.setPassword( password );
-
- try
- {
- um.addUser( user );
- }
- catch ( PasswordRuleViolationException e )
- {
- PasswordRuleViolations violations = e.getViolations();
- List violationList = violations.getLocalizedViolations();
- Iterator it = violationList.iterator();
- while ( it.hasNext() )
- {
- addActionError( (String) it.next() );
- }
- }
-
- roleManager.addUser( user.getPrincipal().toString() );
-
- addActionMessage( "user " + username + " was successfully registered!");
- }
-
- if ( hasActionErrors() )
- {
- return INPUT;
- }
-
- return SUCCESS;
- }
-
- public String createAdminUser()
- {
- if ( username == null )
- {
- return INPUT;
- }
-
- // TODO: use commons-validator for these fields.
-
- if ( StringUtils.isEmpty( username ) )
- {
- addActionError( "User Name is required." );
- }
-
- if ( StringUtils.isEmpty( fullName ) )
- {
- addActionError( "Full Name is required." );
- }
-
- if ( StringUtils.isEmpty( email ) )
- {
- addActionError( "Email Address is required." );
- }
-
- // TODO: Validate Email Address (use commons-validator)
-
- if ( StringUtils.equals( password, passwordConfirm ) )
- {
- addActionError( "Passwords do not match." );
- }
-
- UserManager um = securitySystem.getUserManager();
-
- if ( um.userExists( username ) )
- {
- addActionError( "User already exists!" );
- }
- else
- {
- User user = um.createUser( username, fullName, email );
-
- user.setPassword( password );
-
- try
- {
- um.addUser( user );
- }
- catch ( PasswordRuleViolationException e )
- {
- PasswordRuleViolations violations = e.getViolations();
- List violationList = violations.getLocalizedViolations();
- Iterator it = violationList.iterator();
- while ( it.hasNext() )
- {
- addActionError( (String) it.next() );
- }
- }
-
- roleManager.addAdminUser( user.getPrincipal().toString() );
-
- }
-
- if ( hasActionErrors() )
- {
- return INPUT;
- }
-
- return SUCCESS;
- }
-
- public String getUsername()
- {
- return username;
- }
-
- public void setUsername( String username )
- {
- this.username = username;
- }
-
- public String getPassword()
- {
- return password;
- }
-
- public void setPassword( String password )
- {
- this.password = password;
- }
-
- public String getEmail()
- {
- return email;
- }
-
- public void setEmail( String email )
- {
- this.email = email;
- }
-
- public String getFullName()
- {
- return fullName;
- }
-
- public void setFullName( String fullName )
- {
- this.fullName = fullName;
- }
-
- public String getPasswordConfirm()
- {
- return passwordConfirm;
- }
-
- public void setPasswordConfirm( String passwordConfirm )
- {
- this.passwordConfirm = passwordConfirm;
- }
-}
+++ /dev/null
-package org.apache.maven.archiva.web.action.admin;
-
-/*
-* Copyright 2005 The Apache Software Foundation.
-*
-* Licensed under the Apache License, Version 2.0 (the "License");
-* you may not use this file except in compliance with the License.
-* You may obtain a copy of the License at
-*
-* http://www.apache.org/licenses/LICENSE-2.0
-*
-* Unless required by applicable law or agreed to in writing, software
-* distributed under the License is distributed on an "AS IS" BASIS,
-* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-* See the License for the specific language governing permissions and
-* limitations under the License.
-*/
-
-import com.opensymphony.xwork.Preparable;
-import org.codehaus.plexus.security.rbac.RBACManager;
-import org.codehaus.plexus.security.rbac.Resource;
-import org.codehaus.plexus.security.system.SecuritySession;
-import org.codehaus.plexus.security.user.User;
-import org.codehaus.plexus.security.user.UserManager;
-import org.codehaus.plexus.security.user.UserNotFoundException;
-import org.codehaus.plexus.security.user.UserManagerException;
-import org.codehaus.plexus.security.authorization.rbac.web.interceptor.SecureAction;
-import org.codehaus.plexus.security.authorization.rbac.web.interceptor.SecureActionException;
-import org.codehaus.plexus.security.authorization.rbac.web.interceptor.SecureActionBundle;
-import org.codehaus.plexus.xwork.action.PlexusActionSupport;
-
-import java.util.ArrayList;
-import java.util.List;
-
-/**
- * UserManagementAction: pulled from the class of the same name in plexus-security-ui-web
- * for integrating rbac with user information
- *
- * @author Jesse McConnell <jmcconnell@apache.org>
- * @version $Id:$
- * @plexus.component role="com.opensymphony.xwork.Action"
- * role-hint="userManagement"
- */
-public class UserManagementAction
- extends PlexusActionSupport
- implements Preparable, SecureAction
-{
- /**
- * @plexus.requirement
- */
- private UserManager userManager;
-
- /**
- * @plexus.requirement
- */
- private RBACManager rbacManager;
-
- private User user;
-
- private boolean save = false;
-
- private String email;
-
- private String fullName;
-
- private String username;
-
- private String principal;
-
- private List availableRoles;
-
- private List assignedRoles;
-
- private List resources;
-
- private String resourceName;
-
- public void prepare()
- throws Exception
- {
- try
- {
- if ( username == null || "".equals( username ) )
- {
- user = userManager.findUser( (String) session.get( "MANAGED_USERNAME" ) );
- username = user.getUsername();
- }
- else
- {
- user = userManager.findUser( username );
- }
-
- session.put( "MANAGED_USERNAME", username );
-
- principal = user.getPrincipal().toString();
- fullName = user.getFullName();
- email = user.getEmail();
-
- if ( principal != null && rbacManager.userAssignmentExists( principal ) )
- {
- assignedRoles = new ArrayList( rbacManager.getAssignedRoles( principal ) );
- availableRoles = new ArrayList( rbacManager.getUnassignedRoles( principal ) );
- }
- else
- {
- assignedRoles = new ArrayList();
- availableRoles = rbacManager.getAllAssignableRoles();
- }
- }
- catch ( UserNotFoundException ne )
- {
- addActionError( "user cound not found" );
- assignedRoles = new ArrayList();
- availableRoles = new ArrayList();
- }
- catch ( UserManagerException ume )
- {
- assignedRoles = new ArrayList();
- availableRoles = new ArrayList();
- }
- }
-
- /**
- * for this method username should be populated
- *
- * @return
- */
- public String findUser()
- {
- try
- {
- if ( username != null )
- {
- user = userManager.findUser( username );
- session.put( "MANAGED_USERNAME", username );
- return SUCCESS;
- }
- else
- {
- return INPUT;
- }
- }
- catch ( UserNotFoundException ne )
- {
- addActionError( "user could not be found " + username );
- return ERROR;
- }
- }
-
- public String save()
- throws Exception
- {
- if ( !save )
- {
- return INPUT;
- }
-
- User temp = userManager.findUser( username );
-
- if ( email != null )
- {
- temp.setEmail( email );
- }
-
- if ( fullName != null )
- {
- temp.setFullName( fullName );
- }
-
- temp = userManager.updateUser( temp );
-
- // overwrite the user in the session with the saved one if and only if it is the
- // save user as the person currently logged in
- User activeUser = (User) session.get( SecuritySession.USERKEY );
- if ( temp.getPrincipal().toString().equals( activeUser.getPrincipal().toString() ) )
- {
- session.put( SecuritySession.USERKEY, temp );
- }
-
- return SUCCESS;
- }
-
-
- public SecureActionBundle getSecureActionBundle()
- throws SecureActionException
- {
- // actions are per lookup and this will only be executed once per action instance
- // so no need to cache it or convert to class field.
- SecureActionBundle bundle = new SecureActionBundle();
-
- bundle.setRequiresAuthentication( true );
- bundle.requiresAuthorization( "edit-all-users", Resource.GLOBAL);
-
- SecuritySession securitySession = (SecuritySession) session.get( SecuritySession.ROLE );
-
- if ( securitySession == null )
- {
- throw new SecureActionException( "no session, not authenticated, not allowed access" );
- }
-
- User user = securitySession.getUser();
-
- if ( user != null )
- {
- bundle.requiresAuthorization( "edit-user", user.getPrincipal().toString() );
- }
- else
- {
- throw new SecureActionException( "unable to obtain principal from users session" );
- }
-
- return bundle;
- }
-
- public String getUsername()
- {
- return username;
- }
-
- public void setUsername( String username )
- {
- this.username = username;
- }
-
- public User getUser()
- {
- return user;
- }
-
- public void setUser( User user )
- {
- this.user = user;
- }
-
- public String getEmail()
- {
- return email;
- }
-
- public void setEmail( String email )
- {
- this.email = email;
- }
-
- public String getFullName()
- {
- return fullName;
- }
-
- public void setFullName( String fullName )
- {
- this.fullName = fullName;
- }
-
- public String getPrincipal()
- {
- return principal;
- }
-
- public void setPrincipal( String principal )
- {
- this.principal = principal;
- }
-
- public List getAvailableRoles()
- {
- return availableRoles;
- }
-
- public void setAvailableRoles( List availableRoles )
- {
- this.availableRoles = availableRoles;
- }
-
- public List getAssignedRoles()
- {
- return assignedRoles;
- }
-
- public void setAssignedRoles( List assignedRoles )
- {
- this.assignedRoles = assignedRoles;
- }
-
- public List getResources()
- {
- return resources;
- }
-
- public void setResources( List resources )
- {
- this.resources = resources;
- }
-
- public String getResourceName()
- {
- return resourceName;
- }
-
- public void setResourceName( String resourceName )
- {
- this.resourceName = resourceName;
- }
-
- public boolean isSave()
- {
- return save;
- }
-
- public void setSave( boolean save )
- {
- this.save = save;
- }
-}
throws Exception
{
- if ( rbacManager.getAllUserAssignments().size() == 0 )
- {
- getLogger().info( "no accounts setup, create user account, forwarding to registration" );
- return "admin-account-needed";
- }
+// if ( rbacManager.getAllUserAssignments().size() == 0 )
+// {
+// getLogger().info( "no accounts setup, create user account, forwarding to registration" );
+// return "admin-account-needed";
+// }
Configuration configuration = configurationStore.getConfigurationFromStore();
import org.codehaus.plexus.security.authentication.AuthenticationException;
import org.codehaus.plexus.security.authentication.AuthenticationResult;
import org.codehaus.plexus.security.authorization.AuthorizationException;
+import org.codehaus.plexus.security.policy.AccountLockedException;
+import org.codehaus.plexus.security.policy.MustChangePasswordException;
import org.codehaus.plexus.security.system.SecuritySession;
import org.codehaus.plexus.security.system.SecuritySystem;
import org.codehaus.plexus.security.ui.web.filter.authentication.HttpAuthenticator;
getLogger().error( "Fatal Http Authentication Error.", e );
throw new ServletException( "Fatal Http Authentication Error.", e );
}
+ catch ( AccountLockedException e )
+ {
+ httpAuth.challenge( request, response, "Repository " + repoconfig.getName(),
+ new AuthenticationException("User account is locked") );
+ }
+ catch ( MustChangePasswordException e )
+ {
+ httpAuth.challenge( request, response, "Repository " + repoconfig.getName(),
+ new AuthenticationException("You must change your password before you can attempt this again.") );
+ }
// Authorization Tests.
if ( !isAuthorized )
{
// Issue HTTP Challenge.
- httpAuth.challenge( request, response, "Repository " + repoconfig.getName(), null );
+ httpAuth.challenge( request, response, "Repository " + repoconfig.getName(),
+ new AuthenticationException("Authorization Denied.") );
return;
}
}
message = "Resource modified";
break;
}
- logger.debug(message + ": " + this.repositoryConfiguration.getId() + " : \"" + resource.getRelativePath() + "\"");
+ logger.info(message + ": " + this.repositoryConfiguration.getId() + " : \"" + resource.getRelativePath() + "\"");
}
}
+++ /dev/null
-<?xml version="1.0" ?>
-
-<!--
- ~ Copyright 2005-2006 The Apache Software Foundation.
- ~
- ~ Licensed under the Apache License, Version 2.0 (the "License");
- ~ you may not use this file except in compliance with the License.
- ~ You may obtain a copy of the License at
- ~
- ~ http://www.apache.org/licenses/LICENSE-2.0
- ~
- ~ Unless required by applicable law or agreed to in writing, software
- ~ distributed under the License is distributed on an "AS IS" BASIS,
- ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- ~ See the License for the specific language governing permissions and
- ~ limitations under the License.
--->
-
-<!DOCTYPE validators PUBLIC "-//OpenSymphony Group//XWork Validator 1.0.2//EN"
- "http://www.opensymphony.com/xwork/xwork-validator-1.0.2.dtd">
-
-<validators>
- <field name="username">
- <field-validator type="requiredstring">
- <message>You must provide a user name.</message>
- </field-validator>
- </field>
-
- <field name="fullName">
- <field-validator type="requiredstring">
- <message>You must provide your full name.</message>
- </field-validator>
- </field>
-
- <field name="email">
- <field-validator type="required">
- <message>You must provide your email address.</message>
- </field-validator>
- <field-validator type="email">
- <message>The email address you entered is invalid.</message>
- </field-validator>
- </field>
-
- <field name="password">
- <field-validator type="expression">
- <param name="expression">!password.equals(passwordConfirm)</param>
- <message>Passwords are not the same.</message>
- </field-validator>
- </field>
-</validators>
\ No newline at end of file
<!-- Include webwork defaults (from WebWork JAR). -->
<include file="webwork-default.xml"/>
+ <!-- Include plexus-security xwork configurations. -->
+ <include file="xwork-security.xml" />
+
<package name="base" extends="webwork-default">
<interceptors>
<interceptor name="configuration" class="configurationInterceptor"/>
-<!-- commenting this out for now because some people are having CNFE for this interceptor, which I can't reproduce atm.
<interceptor name="pssSecureActions" class="pssSecureActionInterceptor"/>
--->
<interceptor-stack name="configuredStack">
<interceptor-ref name="defaultStack"/>
<interceptor-ref name="configuration"/>
-<!--
<interceptor-ref name="pssSecureActions"/>
--->
</interceptor-stack>
<interceptor-stack name="configuredPrepareParamsStack">
<interceptor-ref name="paramsPrepareParamsStack"/>
<interceptor-ref name="configuration"/>
-<!--
<interceptor-ref name="pssSecureActions"/>
--->
</interceptor-stack>
</interceptors>
<param name="namespace">/admin</param>
<param name="actionName">configure</param>
</result>
- <result name="admin-account-needed" type="redirect-action">
- <param name="namespace">/admin</param>
- <param name="actionName">registerAdminAccount</param>
- <param name="method">input</param>
- </result>
+
+ <!-- This redirect is triggered by the configuration interceptor -->
<result name="config-repository-needed" type="redirect-action">
<param name="namespace">/admin</param>
<param name="actionName">addRepository</param>
<param name="method">input</param>
</result>
- <result name="error">/WEB-INF/jsp/generalError.jsp</result>
+
+ <!-- The following security-* result names arrive from the plexus-security package -->
+ <result name="security-login-success" type="redirect-action">browse</result>
+ <result name="security-login-cancel" type="redirect-action">browse</result>
+ <result name="security-logout" type="redirect-action">browse</result>
+ <result name="security-register-success" type="redirect-action">browse</result>
+ <result name="security-register-cancel" type="redirect-action">browse</result>
+ <result name="security-account-success" type="redirect-action">browse</result>
+ <result name="security-account-cancel" type="redirect-action">browse</result>
+
+ <!-- These results are names that the SecuredActionInterceptor utilizes -->
<result name="requires-authentication">/WEB-INF/jsp/alert.jsp</result>
<result name="requires-authorization">/WEB-INF/jsp/alert.jsp</result>
+
+ <!-- Generic Catchall for those action configurations that forget to
+ include a result for 'error' -->
+ <result name="error">/WEB-INF/jsp/generalError.jsp</result>
</global-results>
</package>
<interceptor-stack name="configuredStack">
<interceptor-ref name="defaultStack"/>
<interceptor-ref name="configuration"/>
-<!--
<interceptor-ref name="pssSecureActions"/>
--->
</interceptor-stack>
</interceptors>
<!-- Default interceptor stack. -->
<default-interceptor-ref name="configuredStack"/>
+
+ <!-- This is the redirection facility for plexus-security,
+ allowing plexus-security to call out from its own set of actions
+ into the application webapp, using global result names. -->
+ <action name="pssRedirect" class="pss-redirect" method="redirect">
+ <result type="redirect-action">browse</result>
+ </action>
<action name="index" class="searchAction" method="input">
<result name="input">/WEB-INF/jsp/quickSearch.jsp</result>
</result>
<result name="notFound" type="httpheader">404</result>
</action>
-
- <!-- plexus security actions -->
- <action name="login" class="plexusSecurityLogin" method="login">
- <result name="input">/WEB-INF/jsp/login.jsp</result>
- <result name="error">/WEB-INF/jsp/login.jsp</result>
- <result name="success" type="redirect-action">browse</result>
- </action>
-
- <action name="logout" class="plexusSecurityLogin" method="logout">
- <result name="success">/WEB-INF/jsp/logout.jsp</result>
- </action>
-
- <action name="register" class="newUser" method="createUser">
- <result name="input">/WEB-INF/jsp/register.jsp</result>
- <result name="success">/WEB-INF/jsp/register.jsp</result>
- <result name="error">/WEB-INF/jsp/register.jsp</result>
- </action>
</package>
<!-- Configuration for the admin package. -->
<package name="admin" namespace="/admin" extends="base">
- <action name="registerAdminAccount" class="newUser" method="createAdminUser">
- <result name="input">/WEB-INF/jsp/admin/registerAdmin.jsp</result>
- <result name="error">/WEB-INF/jsp/admin/registerAdmin.jsp</result>
- <result type="redirect-action">index</result>
- <interceptor-ref name="defaultStack"/>
- </action>
-
+
<action name="index" class="configureAction" method="input">
<result name="input">/WEB-INF/jsp/admin/index.jsp</result>
</action>
<result name="wait" type="redirect">/admin/reports.action?reportGroup=${reportGroup}&repositoryId=${repositoryId}&filter=${filter}</result>
<result name="success" type="redirect">/admin/reports.action?reportGroup=${reportGroup}&repositoryId=${repositoryId}&filter=${filter}</result>
</action>
-
-
- <action name="user" class="userManagement">
- <result name="success">/WEB-INF/jsp/admin/user.jsp</result>
- <result name="input" type="redirect-action">userManagement</result>
- <interceptor-ref name="configuredPrepareParamsStack"/>
- </action>
-
- <!-- plexus security actions -->
- <!--
- <action name="userDetails" class="userManagement" method="save">
- <result name="input">/WEB-INF/jsp/admin/userDetails.jsp</result>
- <result name="success" type="chain">user</result>
- <interceptor-ref name="configuredPrepareParamsStack"/>
- </action>
- -->
- <action name="userManagement" class="userManagement" method="findUser">
- <result name="input">/WEB-INF/jsp/admin/findUser.jsp</result>
- <result name="success" type="redirect-action">user</result>
- </action>
-
- <action name="assignRoleToUser" class="plexusSecurityUserAssignment" method="assignRole">
- <result name="success" type="redirect-action">user</result>
- </action>
-
- <action name="removeRoleFromUser" class="plexusSecurityUserAssignment" method="removeRole">
- <result name="success" type="redirect-action">user</result>
- </action>
-
</package>
</xwork>
+++ /dev/null
-<%--
- ~ Copyright 2005-2006 The Apache Software Foundation.
- ~
- ~ Licensed under the Apache License, Version 2.0 (the "License");
- ~ you may not use this file except in compliance with the License.
- ~ You may obtain a copy of the License at
- ~
- ~ http://www.apache.org/licenses/LICENSE-2.0
- ~
- ~ Unless required by applicable law or agreed to in writing, software
- ~ distributed under the License is distributed on an "AS IS" BASIS,
- ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- ~ See the License for the specific language governing permissions and
- ~ limitations under the License.
- --%>
-
-<%@ taglib prefix="ww" uri="/webwork" %>
-<html>
-<head>
- <title>User Management - Find a User</title>
- <ww:head />
-</head>
-
-<body>
-
-
- <h1>User Management</h1>
-
- <div id="contentArea">
- <div id="searchBox">
- <div id="results">
- <ww:actionerror/>
- </div>
- <ww:form action="userManagement" method="post" namespace="/admin">
- <p>
- <ww:textfield label="Find a user" name="username"/>
- <ww:submit value="Search"/>
- </p>
- </ww:form>
- </div>
- </div>
-
-
-
- <div class="clear">
- <hr/>
- </div>
-
-
-</body>
-</html>
\ No newline at end of file
+++ /dev/null
-<%--
- ~ Copyright 2006 The Apache Software Foundation.
- ~
- ~ Licensed under the Apache License, Version 2.0 (the "License");
- ~ you may not use this file except in compliance with the License.
- ~ You may obtain a copy of the License at
- ~
- ~ http://www.apache.org/licenses/LICENSE-2.0
- ~
- ~ Unless required by applicable law or agreed to in writing, software
- ~ distributed under the License is distributed on an "AS IS" BASIS,
- ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- ~ See the License for the specific language governing permissions and
- ~ limitations under the License.
- --%>
-<%@ taglib prefix="ww" uri="/webwork" %>
-<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
-
-<ww:textfield label="Username" name="username" size="30" required="true"/>
-<ww:password label="Password" name="password" size="20" required="true"/>
-<ww:password label="Confirm Password" name="confirmPassword" size="20" required="true"/>
-<ww:textfield label="Full Name" name="fullName" size="30" required="true"/>
-<ww:textfield label="Email Address" name="email" size="50" required="true"/>
\ No newline at end of file
+++ /dev/null
-<%--
- ~ Copyright 2005-2006 The Apache Software Foundation.
- ~
- ~ Licensed under the Apache License, Version 2.0 (the "License");
- ~ you may not use this file except in compliance with the License.
- ~ You may obtain a copy of the License at
- ~
- ~ http://www.apache.org/licenses/LICENSE-2.0
- ~
- ~ Unless required by applicable law or agreed to in writing, software
- ~ distributed under the License is distributed on an "AS IS" BASIS,
- ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- ~ See the License for the specific language governing permissions and
- ~ limitations under the License.
- --%>
-
-<%@ taglib prefix="ww" uri="/webwork" %>
-<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
-<%@ taglib prefix="pss" uri="plexusSecuritySystem" %>
-
-<html>
-<head>
- <title>Administration</title>
- <ww:head/>
-</head>
-
-<body>
-
-<h1>Administration</h1>
-
-<div id="contentArea">
-<div>
- <div style="float: right">
- <%-- TODO replace with icons --%>
- <a href="<ww:url action="configure" />">Edit Configuration</a>
- </div>
- <h2>Configuration</h2>
-</div>
-
-<table class="infoTable">
- <tr>
- <th>Index Directory</th>
- <td>
- <ww:property value="indexPath"/>
- </td>
- <td></td>
- </tr>
- <tr>
- <th>Indexing Schedule</th>
- <td>
- <ww:property value="indexerCronExpression"/>
- </td>
- <%-- TODO: a "delete index and run now" operation should be here too (really clean, remove deletions that didn't get picked up) --%>
- <td>
- <pss:ifAuthorized permission="run-indexer">
- <a href="<ww:url action="runIndexer" />">Run Now</a>
- </pss:ifAuthorized>
- </td>
- </tr>
-</table>
-
-<ww:set name="proxy" value="proxy"/>
-<c:if test="${!empty(proxy.host)}">
- <h3>HTTP Proxy</h3>
-
- <table class="infoTable">
- <tr>
- <th>Host</th>
- <td>${proxy.host}</td>
- </tr>
- <tr>
- <th>Port</th>
- <td>${proxy.port}</td>
- </tr>
- <tr>
- <th>Username</th>
- <td>${proxy.username}</td>
- </tr>
- </table>
-</c:if>
-
-<div>
- <div style="float: right">
- <%-- TODO replace with icons --%>
- <pss:ifAuthorized permission="add-repository">
- <ww:url id="addRepositoryUrl" action="addRepository" method="input"/>
- <ww:a href="%{addRepositoryUrl}">Add Repository</ww:a>
- </pss:ifAuthorized>
- </div>
- <h2>Managed Repositories</h2>
-</div>
-
-<ww:set name="repositories" value="repositories"/>
-<c:if test="${empty(repositories)}">
- <strong>There are no managed repositories configured yet.</strong>
-</c:if>
-<c:forEach items="${repositories}" var="repository" varStatus="i">
- <div>
- <div style="float: right">
- <ww:url id="editRepositoryUrl" action="editRepository" method="input">
- <ww:param name="repoId" value="%{'${repository.id}'}" />
- </ww:url>
- <ww:url id="deleteRepositoryUrl" action="deleteRepository" method="input">
- <ww:param name="repoId" value="%{'${repository.id}'}" />
- </ww:url>
- <%-- TODO replace with icons --%>
- <pss:ifAuthorized permission="edit-repository" resource="${repository.id}"><ww:a href="%{editRepositoryUrl}">Edit Repository</ww:a></pss:ifAuthorized><pss:ifAuthorized permission="delete-repository" resource="${repository.id}"> <ww:a href="%{deleteRepositoryUrl}">Delete Repository</ww:a></pss:ifAuthorized>
- </div>
- <h3>${repository.name}</h3>
- <table class="infoTable">
- <tr>
- <th>Identifier</th>
- <td>
- <code>${repository.id}</code>
- </td>
- </tr>
- <tr>
- <th>Directory</th>
- <td>${repository.directory}</td>
- </tr>
- <tr>
- <th>Type</th>
- <%-- TODO: can probably just use layout appended to a key prefix in i18n to simplify this --%>
- <td>
- <c:choose>
- <c:when test="${repository.layout == 'default'}">
- Maven 2.x Repository
- </c:when>
- <c:otherwise>
- Maven 1.x Repository
- </c:otherwise>
- </c:choose>
- </td>
- </tr>
- <tr>
- <th>Snapshots Included</th>
- <td class="${repository.includeSnapshots ? 'doneMark' : 'errorMark'}"></td>
- </tr>
- <tr>
- <th>Indexed</th>
- <td class="${repository.indexed ? 'doneMark' : 'errorMark'}"></td>
- </tr>
- </table>
- </div>
-</c:forEach>
-</div>
-
-</body>
-</html>
\ No newline at end of file
+++ /dev/null
-<%--
- ~ Copyright 2005-2006 The Apache Software Foundation.
- ~
- ~ Licensed under the Apache License, Version 2.0 (the "License");
- ~ you may not use this file except in compliance with the License.
- ~ You may obtain a copy of the License at
- ~
- ~ http://www.apache.org/licenses/LICENSE-2.0
- ~
- ~ Unless required by applicable law or agreed to in writing, software
- ~ distributed under the License is distributed on an "AS IS" BASIS,
- ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- ~ See the License for the specific language governing permissions and
- ~ limitations under the License.
- --%>
-
-<%@ taglib prefix="ww" uri="/webwork" %>
-<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
-
-<html>
-<head>
- <title>Adminsitrator Registration Page</title>
- <ww:head/>
-</head>
-
-<body>
-
-<div id="contentArea">
- <div id="searchBox">
- <p>
- <ww:actionmessage/>
- <ww:actionerror/>
- </p>
-
- <h2>Setup an Administrator Account</h2>
- <ww:form action="registerAdminAccount" method="post" namespace="/admin">
- <%@ include file="/WEB-INF/jsp/admin/include/registerUserForm.jspf" %>
- <ww:submit value="Register"/>
- </ww:form>
-
- </div>
-</div>
-
-
-<div class="clear">
- <hr/>
-</div>
-
-</body>
-
-</html>
+++ /dev/null
-<%--
- ~ Copyright 2005-2006 The Apache Software Foundation.
- ~
- ~ Licensed under the Apache License, Version 2.0 (the "License");
- ~ you may not use this file except in compliance with the License.
- ~ You may obtain a copy of the License at
- ~
- ~ http://www.apache.org/licenses/LICENSE-2.0
- ~
- ~ Unless required by applicable law or agreed to in writing, software
- ~ distributed under the License is distributed on an "AS IS" BASIS,
- ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- ~ See the License for the specific language governing permissions and
- ~ limitations under the License.
- --%>
-
-<%@ taglib prefix="ww" uri="/webwork" %>
-<%@ taglib prefix="pss" uri="plexusSecuritySystem" %>
-<html>
-<head>
- <title>User Management</title>
- <ww:head />
-</head>
-
-<body>
-
- <div id="contentArea">
- <div id="searchBox">
- <div style="float: right">
- <%-- add this back in when the functionality works, or when we move to the plexus-user-management pages
- <pss:ifAnyAuthorized permissions="edit-all-users,edit-user" resource="${username}">
- <ww:url id="userDetailsUrl" action="userDetails" method="input">
- <ww:param name="username">${sessionScope.SecuritySessionUser.username}</ww:param>
- </ww:url>
- <ww:a href="%{userDetailsUrl}">Edit details</ww:a>
- </pss:ifAnyAuthorized>
- --%>
- </div>
-
- <h2>${fullName}</h2>
-
- <table class="bodyTable">
- <tr class="a">
- <th>Username</th>
-
- <td>${username}</td>
- </tr>
- <tr class="b">
- <th>Email</th>
- <td>${email}</td>
- </tr>
- </table>
-
- <h2>Currently Assigned Roles</h2>
-
- <table class="bodyTable">
- <ww:iterator id="role" value="assignedRoles">
- <tr class="a">
- <td>
- <em>${role}</em><br/>
- </td>
- </tr>
- </ww:iterator>
- </table>
-
-
- <pss:ifAnyAuthorized permissions="grant-roles,remove-roles">
- <h2>Role Management</h2>
-
- <pss:ifAuthorized permission="grant-roles">
- <h3>Grant</h3>
- <ww:form action="assignRoleToUser" method="post">
- <ww:hidden name="principal" value="${username}"/>
- <ww:hidden name="username" value="${username}"/>
- <ww:radio name="roleName" list="availableRoles" listKey="name" listValue="name" labelposition="left"/>
- <ww:submit value="Grant"/>
- </ww:form>
- </pss:ifAuthorized>
-
- <pss:ifAuthorized permission="remove-roles">
- <h3>Remove</h3>
- <ww:form action="removeRoleFromUser" method="post">
- <ww:hidden name="principal" value="${username}"/>
- <ww:hidden name="username" value="${username}"/>
- <ww:radio name="roleName" list="assignedRoles" labelposition="left"/>
- <ww:submit value="Remove"/>
- </ww:form>
- </pss:ifAuthorized>
- </pss:ifAnyAuthorized>
- </div>
- </div>
-
- <div class="clear">
- <hr/>
- </div>
-
-
-</body>
-</html>
+++ /dev/null
-<%--
- ~ Copyright 2005-2006 The Apache Software Foundation.
- ~
- ~ Licensed under the Apache License, Version 2.0 (the "License");
- ~ you may not use this file except in compliance with the License.
- ~ You may obtain a copy of the License at
- ~
- ~ http://www.apache.org/licenses/LICENSE-2.0
- ~
- ~ Unless required by applicable law or agreed to in writing, software
- ~ distributed under the License is distributed on an "AS IS" BASIS,
- ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- ~ See the License for the specific language governing permissions and
- ~ limitations under the License.
- --%>
-
-<%@ taglib prefix="ww" uri="/webwork" %>
-<html>
-<head>
- <title>User Management - User Details</title>
- <ww:head />
-</head>
-
-<body>
-
- <div id="contentArea">
- <div id="searchBox">
- <div style="float: right">
-
- </div>
-
- <h2>Modify User Details - ${username}</h2>
-
- <ww:form action="userDetails" method="post">
- <ww:textfield label="Full Name" name="fullName"/>
- <ww:textfield label="Email Address" name="email"/>
-
- <ww:checkbox label="Account Locked" name="locked"/>
-
- <ww:submit/>
- </ww:form>
- </div>
- </div>
-
-
-
- <div class="clear">
- <hr/>
- </div>
-
-</body>
-</html>
\ No newline at end of file
<div id="breadcrumbs">
<div class="xleft">
- <ww:url id="loginUrl" action="login" method="input" namespace="/" includeParams="none"/>
- <ww:url id="registerUrl" action="register" method="input" namespace="/" includeParams="none"/>
-
- <ww:if test="${sessionScope.authStatus != true}">
- <ww:a href="%{loginUrl}">Login</ww:a> - <ww:a href="%{registerUrl}">Register</ww:a>
-
- </ww:if>
- <ww:else>
- <ww:url id="logoutUrl" action="logout" namespace="/" includeParams="none"/>
- <ww:url id="manageUserUrl" action="user" namespace="/admin">
- <ww:param name="username">${sessionScope.SecuritySessionUser.username}</ww:param>
- </ww:url>
-
- Welcome, <b>${sessionScope.SecuritySessionUser.username}</b> -
- <ww:a href="%{manageUserUrl}">Settings</ww:a> -
- <ww:a href="%{logoutUrl}">Logout</ww:a>
- </ww:else>
+ <c:import url="/WEB-INF/jsp/pss/include/securityLinks.jspf" />
</div>
<div class="xright">
+++ /dev/null
-<%--
- ~ Copyright 2005-2006 The Apache Software Foundation.
- ~
- ~ Licensed under the Apache License, Version 2.0 (the "License");
- ~ you may not use this file except in compliance with the License.
- ~ You may obtain a copy of the License at
- ~
- ~ http://www.apache.org/licenses/LICENSE-2.0
- ~
- ~ Unless required by applicable law or agreed to in writing, software
- ~ distributed under the License is distributed on an "AS IS" BASIS,
- ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- ~ See the License for the specific language governing permissions and
- ~ limitations under the License.
- --%>
-
-<%@ taglib prefix="ww" uri="/webwork" %>
-<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
-
-<html>
-<head>
- <title>Login Page</title>
- <ww:head/>
-</head>
-
-<body>
-
-<div id="contentArea">
- <div id="searchBox">
-
- <div id="results">
- <%-- This is where the "Account Created Successfully" type message goes. --%>
- <div class="success">
- <ww:actionmessage />
- </div>
- <%-- This is where errors from the action and other non-form field specific errors appear. --%>
- <div class="errors">
- <ww:actionerror />
- </div>
- </div>
-
- <h2>Login</h2>
-
- <%-- You don't need a table to wrap form elements in,
- the ww:form creates the table, labels, context sensitive actionerrors, requirements indicators, etc...
- - Joakim --%>
-
- <ww:form action="login" method="post">
- <ww:textfield label="Username" name="username" size="30" required="true" />
- <ww:password label="Password" name="password" size="20" required="true" />
- <ww:submit value="Login"/>
- </ww:form>
-
- <ul class="tips">
- <li>
- Forgot your Username?
- <ww:url id="forgottenAccount" action="findAccount" />
- <ww:a href="%{forgottenAccount}">Email me my account information.</ww:a>
- </li>
- <li>
- Forgot your Password?
- <ww:url id="forgottenPassword" action="resetPassword" />
- <ww:a href="%{forgottenPassword}">Request a password reset.</ww:a>
- </li>
- <li>
- Need an Account?
- <ww:url id="registerUrl" action="register" />
- <ww:a href="%{registerUrl}">Register!</ww:a>
- </ul>
- </div>
-</div>
-
-
-<div class="clear">
- <hr/>
-</div>
-
-</body>
-
-</html>
projects / archiva.git / commitdiff