SONAR-3138 Fallback to database from plugin authenticator

diff --git a/sonar-server/src/main/java/org/sonar/server/ui/AuthenticatorFactory.java b/sonar-server/src/main/java/org/sonar/server/ui/AuthenticatorFactory.java
index 17038c0975687825b5c27babca696db77ebb3ffe..66b000000cb46680f614ce4c8d1aeeffcb1c854d 100644 (file)
--- a/sonar-server/src/main/java/org/sonar/server/ui/AuthenticatorFactory.java
+++ b/sonar-server/src/main/java/org/sonar/server/ui/AuthenticatorFactory.java
@@ -53,10 +53,10 @@ public class AuthenticatorFactory implements ServerComponent {
   /**
    * Start the authenticator selected in sonar configuration. If no authentication plugin is selected, then
    * the default authentication mechanism is used and null is returned.
-   * <p/>
-   * Throws a unchecked exception if the authenticator can not be started.
+   * 
+   * @throws AuthenticatorNotFoundException if authenticator can not be found
+   * @throws RuntimeException if authenticator can not be started
    */
-
   public void start() {
     // check authentication plugin at startup
     if (StringUtils.isEmpty(classname)) {

diff --git a/sonar-server/src/main/webapp/WEB-INF/lib/need_authentication.rb b/sonar-server/src/main/webapp/WEB-INF/lib/need_authentication.rb
index 52ccec511e0c17c0b53ca2623b35f82651617d12..41b86d24bc7dd5c4c60c5b2d668bdc47eb317f89 100644 (file)
--- a/sonar-server/src/main/webapp/WEB-INF/lib/need_authentication.rb
+++ b/sonar-server/src/main/webapp/WEB-INF/lib/need_authentication.rb
@@ -51,6 +51,31 @@ class PluginAuthenticator
   end
 end
 
+#
+# Since 2.14
+# Experimental
+#
+# Use an external system to authenticate users with fallback to Sonar database.
+#
+class FallbackAuthenticator
+  def initialize(java_authenticator)
+    @java_authenticator = java_authenticator
+  end
+
+  def authenticate?(login, password)
+    return false if login.blank? || password.blank?
+    if @java_authenticator.authenticate(login, password)
+      return true
+    end
+    # Fallback to password in Sonar Database
+    user = User.find_by_login(login)
+    return user && user.authenticated?(password)
+  end
+
+  def editable_password?
+    true
+  end
+end
 
 #
 # Load the authentication system to use. The server must be restarted when configuration is changed.
@@ -62,7 +87,7 @@ class AuthenticatorFactory
     if @@authenticator.nil?
       authenticator_factory=Java::OrgSonarServerUi::JRubyFacade.new.getCoreComponentByClassname('org.sonar.server.ui.AuthenticatorFactory')
       component=authenticator_factory.getAuthenticator()
-      @@authenticator=(component ? PluginAuthenticator.new(component) : DefaultAuthenticator.new)
+      @@authenticator=(component ? FallbackAuthenticator.new(component) : DefaultAuthenticator.new)
     end
     @@authenticator
   end

diff --git a/sonar-server/src/test/java/org/sonar/server/ui/AuthenticatorFactoryTest.java b/sonar-server/src/test/java/org/sonar/server/ui/AuthenticatorFactoryTest.java
index 0943141b0f49a6eae3db572476d9eb15aff11323..c36aa0f3ddbcfe1b3b493dbab38acbb5c87a516b 100644 (file)
--- a/sonar-server/src/test/java/org/sonar/server/ui/AuthenticatorFactoryTest.java
+++ b/sonar-server/src/test/java/org/sonar/server/ui/AuthenticatorFactoryTest.java
@@ -35,6 +35,7 @@ public class AuthenticatorFactoryTest {
   public void doNotFailIfNoAuthenticationPlugins() {
     AuthenticatorFactory factory = new AuthenticatorFactory(new Settings());
     assertThat(factory.getAuthenticator(), nullValue());
+    factory.start();
   }
 
   @Test
@@ -68,6 +69,15 @@ public class AuthenticatorFactoryTest {
     factory.getAuthenticator();
   }
 
+  @Test(expected = AuthenticatorNotFoundException.class)
+  public void noAuthenticators() {
+    Settings settings = new Settings();
+    settings.setProperty(CoreProperties.CORE_AUTHENTICATOR_CLASS, "foo");
+
+    AuthenticatorFactory factory = new AuthenticatorFactory(settings, null);
+    factory.start();
+  }
+
   @Test
   public void ignoreStartupFailure() {
     Settings settings = new Settings();