/**
* Start the authenticator selected in sonar configuration. If no authentication plugin is selected, then
* the default authentication mechanism is used and null is returned.
- * <p/>
- * Throws a unchecked exception if the authenticator can not be started.
+ *
+ * @throws AuthenticatorNotFoundException if authenticator can not be found
+ * @throws RuntimeException if authenticator can not be started
*/
-
public void start() {
// check authentication plugin at startup
if (StringUtils.isEmpty(classname)) {
end
end
+#
+# Since 2.14
+# Experimental
+#
+# Use an external system to authenticate users with fallback to Sonar database.
+#
+class FallbackAuthenticator
+ def initialize(java_authenticator)
+ @java_authenticator = java_authenticator
+ end
+
+ def authenticate?(login, password)
+ return false if login.blank? || password.blank?
+ if @java_authenticator.authenticate(login, password)
+ return true
+ end
+ # Fallback to password in Sonar Database
+ user = User.find_by_login(login)
+ return user && user.authenticated?(password)
+ end
+
+ def editable_password?
+ true
+ end
+end
#
# Load the authentication system to use. The server must be restarted when configuration is changed.
if @@authenticator.nil?
authenticator_factory=Java::OrgSonarServerUi::JRubyFacade.new.getCoreComponentByClassname('org.sonar.server.ui.AuthenticatorFactory')
component=authenticator_factory.getAuthenticator()
- @@authenticator=(component ? PluginAuthenticator.new(component) : DefaultAuthenticator.new)
+ @@authenticator=(component ? FallbackAuthenticator.new(component) : DefaultAuthenticator.new)
end
@@authenticator
end
public void doNotFailIfNoAuthenticationPlugins() {
AuthenticatorFactory factory = new AuthenticatorFactory(new Settings());
assertThat(factory.getAuthenticator(), nullValue());
+ factory.start();
}
@Test
factory.getAuthenticator();
}
+ @Test(expected = AuthenticatorNotFoundException.class)
+ public void noAuthenticators() {
+ Settings settings = new Settings();
+ settings.setProperty(CoreProperties.CORE_AUTHENTICATOR_CLASS, "foo");
+
+ AuthenticatorFactory factory = new AuthenticatorFactory(settings, null);
+ factory.start();
+ }
+
@Test
public void ignoreStartupFailure() {
Settings settings = new Settings();