*/
import org.apache.archiva.redback.users.UserManager;
-import org.codehaus.plexus.redback.keys.KeyManager;
+import org.apache.archiva.redback.keys.KeyManager;
import org.codehaus.plexus.redback.rbac.RBACManager;
import org.codehaus.plexus.redback.rbac.RbacManagerException;
import javax.xml.stream.XMLStreamException;
-import org.apache.archiva.redback.management.DataManagementTool;
+import org.apache.archiva.redback.keys.AuthenticationKey;
+import org.apache.archiva.redback.keys.KeyManager;
import org.apache.archiva.redback.users.UserManager;
-import org.codehaus.plexus.redback.keys.AuthenticationKey;
-import org.codehaus.plexus.redback.keys.KeyManager;
-import org.codehaus.plexus.redback.keys.KeyManagerException;
+import org.apache.archiva.redback.keys.KeyManagerException;
import org.codehaus.plexus.redback.keys.jdo.AuthenticationKeyDatabase;
import org.codehaus.plexus.redback.keys.jdo.io.stax.RedbackKeyManagementJdoStaxReader;
import org.codehaus.plexus.redback.keys.jdo.io.stax.RedbackKeyManagementJdoStaxWriter;
import junit.framework.TestCase;
import org.apache.archiva.redback.common.jdo.UserConfigurableJdoFactory;
-import org.apache.archiva.redback.management.DataManagementTool;
+import org.apache.archiva.redback.keys.AuthenticationKey;
+import org.apache.archiva.redback.keys.KeyManager;
import org.apache.archiva.redback.users.UserManager;
import org.apache.commons.lang.SystemUtils;
-import org.codehaus.plexus.redback.keys.AuthenticationKey;
-import org.codehaus.plexus.redback.keys.KeyManager;
-import org.codehaus.plexus.redback.keys.KeyManagerException;
+import org.apache.archiva.redback.keys.KeyManagerException;
import org.codehaus.plexus.redback.rbac.Permission;
import org.codehaus.plexus.redback.rbac.RBACManager;
import org.codehaus.plexus.redback.rbac.RbacManagerException;
* under the License.
*/
-import org.codehaus.plexus.redback.keys.AuthenticationKey;
+import org.apache.archiva.redback.keys.AuthenticationKey;
/**
* Mail generator component.
* under the License.
*/
-import org.codehaus.plexus.redback.keys.AuthenticationKey;
+import org.apache.archiva.redback.keys.AuthenticationKey;
import java.util.Collection;
import javax.mail.internet.MimeMessage;
import org.apache.archiva.redback.configuration.UserConfiguration;
-import org.codehaus.plexus.redback.keys.AuthenticationKey;
+import org.apache.archiva.redback.keys.AuthenticationKey;
import org.codehaus.plexus.redback.policy.UserSecurityPolicy;
import org.codehaus.plexus.redback.policy.UserValidationSettings;
import org.codehaus.plexus.redback.system.SecuritySystem;
* under the License.
*/
+import org.apache.archiva.redback.keys.AuthenticationKey;
import org.apache.velocity.VelocityContext;
import org.apache.velocity.app.VelocityEngine;
import org.apache.velocity.exception.MethodInvocationException;
import org.apache.velocity.exception.ParseErrorException;
import org.apache.velocity.exception.ResourceNotFoundException;
import org.apache.archiva.redback.configuration.UserConfiguration;
-import org.codehaus.plexus.redback.keys.AuthenticationKey;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.codehaus.plexus.redback.keys.AuthenticationKey;
-import org.codehaus.plexus.redback.keys.KeyManager;
-import org.codehaus.plexus.redback.keys.KeyManagerException;
-import org.codehaus.plexus.redback.keys.KeyNotFoundException;
+import org.apache.archiva.redback.keys.AuthenticationKey;
+import org.apache.archiva.redback.keys.KeyManager;
+import org.apache.archiva.redback.keys.KeyManagerException;
+import org.apache.archiva.redback.keys.KeyNotFoundException;
import org.codehaus.plexus.redback.policy.CookieSettings;
import org.codehaus.plexus.redback.system.SecuritySystem;
import org.codehaus.plexus.util.StringUtils;
import junit.framework.TestCase;
import net.sf.ehcache.CacheManager;
+import org.apache.archiva.redback.keys.AuthenticationKey;
+import org.apache.archiva.redback.keys.KeyManager;
import org.codehaus.plexus.jdo.DefaultConfigurableJdoFactory;
-import org.codehaus.plexus.jdo.JdoFactory;
-import org.codehaus.plexus.redback.keys.AuthenticationKey;
-import org.codehaus.plexus.redback.keys.KeyManager;
-import org.codehaus.plexus.redback.keys.KeyManagerException;
+import org.apache.archiva.redback.keys.KeyManagerException;
import org.codehaus.plexus.redback.policy.UserSecurityPolicy;
import org.jpox.SchemaTool;
import org.junit.Before;
* under the License.
*/
import org.apache.archiva.redback.authentication.AuthenticationException;
+import org.apache.archiva.redback.keys.KeyManager;
import org.apache.archiva.redback.users.UserNotFoundException;
import org.apache.archiva.redback.authentication.PasswordBasedAuthenticationDataSource;
-import org.codehaus.plexus.redback.keys.AuthenticationKey;
-import org.codehaus.plexus.redback.keys.KeyManager;
+import org.apache.archiva.redback.keys.AuthenticationKey;
import org.codehaus.plexus.redback.keys.jdo.JdoAuthenticationKey;
import org.codehaus.plexus.redback.keys.memory.MemoryAuthenticationKey;
import org.codehaus.plexus.redback.keys.memory.MemoryKeyManager;
import org.apache.archiva.redback.users.User;
import org.apache.commons.lang.StringUtils;
-import org.codehaus.plexus.redback.keys.AuthenticationKey;
-import org.codehaus.plexus.redback.keys.KeyManagerException;
+import org.apache.archiva.redback.keys.AuthenticationKey;
+import org.apache.archiva.redback.keys.KeyManagerException;
import org.codehaus.plexus.redback.policy.PasswordEncoder;
import org.codehaus.plexus.redback.policy.PasswordRuleViolationException;
import org.codehaus.plexus.redback.policy.PasswordRuleViolations;
import net.sf.ehcache.CacheManager;
import org.apache.archiva.redback.configuration.UserConfiguration;
+import org.apache.archiva.redback.keys.AuthenticationKey;
import org.apache.archiva.redback.users.UserManager;
import org.apache.archiva.redback.users.UserNotFoundException;
import org.apache.commons.lang.StringUtils;
import org.codehaus.plexus.cache.Cache;
import org.apache.archiva.redback.authentication.AuthenticationException;
import org.apache.archiva.redback.authentication.TokenBasedAuthenticationDataSource;
-import org.codehaus.plexus.redback.keys.AuthenticationKey;
-import org.codehaus.plexus.redback.keys.KeyManager;
-import org.codehaus.plexus.redback.keys.KeyManagerException;
-import org.codehaus.plexus.redback.keys.KeyNotFoundException;
+import org.apache.archiva.redback.keys.KeyManager;
+import org.apache.archiva.redback.keys.KeyManagerException;
+import org.apache.archiva.redback.keys.KeyNotFoundException;
import org.codehaus.plexus.redback.policy.AccountLockedException;
import org.codehaus.plexus.redback.policy.MustChangePasswordException;
import org.codehaus.plexus.redback.policy.PasswordEncoder;
* under the License.
*/
+import org.apache.archiva.redback.keys.AuthenticationKey;
import org.apache.archiva.redback.users.User;
import org.apache.struts2.ServletActionContext;
import org.apache.archiva.redback.authentication.AuthenticationConstants;
import org.apache.archiva.redback.authentication.PasswordBasedAuthenticationDataSource;
import org.apache.archiva.redback.authentication.TokenBasedAuthenticationDataSource;
import org.apache.archiva.redback.configuration.UserConfiguration;
-import org.codehaus.plexus.redback.keys.AuthenticationKey;
-import org.codehaus.plexus.redback.keys.KeyManagerException;
-import org.codehaus.plexus.redback.keys.KeyNotFoundException;
+import org.apache.archiva.redback.keys.KeyManagerException;
+import org.apache.archiva.redback.keys.KeyNotFoundException;
import org.codehaus.plexus.redback.policy.AccountLockedException;
import org.codehaus.plexus.redback.policy.MustChangePasswordException;
import org.codehaus.plexus.redback.system.SecuritySession;
* under the License.
*/
+import org.apache.archiva.redback.keys.KeyManager;
import org.apache.archiva.redback.users.UserManager;
import org.apache.archiva.redback.users.UserNotFoundException;
-import org.codehaus.plexus.redback.keys.AuthenticationKey;
-import org.codehaus.plexus.redback.keys.KeyManager;
-import org.codehaus.plexus.redback.keys.KeyManagerException;
+import org.apache.archiva.redback.keys.AuthenticationKey;
+import org.apache.archiva.redback.keys.KeyManagerException;
import org.codehaus.plexus.redback.policy.UserSecurityPolicy;
import org.codehaus.plexus.redback.system.SecuritySystem;
import org.apache.archiva.redback.users.User;
* under the License.
*/
+import org.apache.archiva.redback.keys.AuthenticationKey;
import org.apache.archiva.redback.users.User;
-import org.codehaus.plexus.redback.keys.AuthenticationKey;
-import org.codehaus.plexus.redback.keys.KeyManagerException;
+import org.apache.archiva.redback.keys.KeyManagerException;
import org.codehaus.plexus.redback.policy.UserSecurityPolicy;
import org.codehaus.plexus.redback.role.RoleManager;
import org.codehaus.plexus.redback.role.RoleManagerException;
import com.opensymphony.xwork2.Preparable;
import org.apache.commons.lang.StringUtils;
-import org.codehaus.plexus.redback.keys.KeyManager;
+import org.apache.archiva.redback.keys.KeyManager;
import org.apache.archiva.redback.management.DataManagementTool;
import org.codehaus.plexus.redback.rbac.RBACManager;
import org.codehaus.plexus.redback.rbac.Resource;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.Interceptor;
+import org.apache.archiva.redback.keys.AuthenticationKey;
import org.apache.struts2.ServletActionContext;
import org.apache.archiva.redback.authentication.AuthenticationException;
import org.apache.archiva.redback.authentication.AuthenticationResult;
import org.apache.archiva.redback.authentication.TokenBasedAuthenticationDataSource;
-import org.codehaus.plexus.redback.keys.AuthenticationKey;
import org.codehaus.plexus.redback.policy.AccountLockedException;
import org.codehaus.plexus.redback.policy.MustChangePasswordException;
import org.codehaus.plexus.redback.system.SecuritySession;
</requirements>
</component>
<component>
- <role>org.codehaus.plexus.redback.keys.KeyManager</role>
+ <role>org.apache.archiva.redback.keys.KeyManager</role>
<role-hint>cached</role-hint>
<implementation>org.codehaus.plexus.redback.keys.cached.CachedKeyManager</implementation>
<description>CachedKeyManager</description>
<requirements>
<requirement>
- <role>org.codehaus.plexus.redback.keys.KeyManager</role>
+ <role>org.apache.archiva.redback.keys.KeyManager</role>
<role-hint>memory</role-hint>
<field-name>keyImpl</field-name>
</requirement>
</requirements>
</component>
<component>
- <role>org.codehaus.plexus.redback.keys.KeyManager</role>
+ <role>org.apache.archiva.redback.keys.KeyManager</role>
<role-hint>cached</role-hint>
<implementation>org.codehaus.plexus.redback.keys.cached.CachedKeyManager</implementation>
<description>CachedKeyManager</description>
<requirements>
<requirement>
- <role>org.codehaus.plexus.redback.keys.KeyManager</role>
+ <role>org.apache.archiva.redback.keys.KeyManager</role>
<role-hint>memory</role-hint>
<field-name>keyImpl</field-name>
</requirement>
</bean>
<!--
<component>
- <role>org.codehaus.plexus.redback.keys.KeyManager</role>
+ <role>org.apache.archiva.redback.keys.KeyManager</role>
<role-hint>cached</role-hint>
<implementation>org.codehaus.plexus.redback.keys.cached.CachedKeyManager</implementation>
<description>CachedKeyManager</description>
<requirements>
<requirement>
- <role>org.codehaus.plexus.redback.keys.KeyManager</role>
+ <role>org.apache.archiva.redback.keys.KeyManager</role>
<role-hint>memory</role-hint>
<field-name>keyImpl</field-name>
</requirement>
import org.apache.archiva.redback.authentication.AuthenticationResult;
import org.apache.archiva.redback.authentication.Authenticator;
import org.apache.archiva.redback.authentication.TokenBasedAuthenticationDataSource;
-import org.codehaus.plexus.redback.keys.AuthenticationKey;
-import org.codehaus.plexus.redback.keys.KeyManager;
-import org.codehaus.plexus.redback.keys.KeyManagerException;
-import org.codehaus.plexus.redback.keys.KeyNotFoundException;
+import org.apache.archiva.redback.keys.AuthenticationKey;
+import org.apache.archiva.redback.keys.KeyManager;
+import org.apache.archiva.redback.keys.KeyManagerException;
+import org.apache.archiva.redback.keys.KeyNotFoundException;
import org.codehaus.plexus.redback.policy.AccountLockedException;
import org.codehaus.plexus.redback.policy.MustChangePasswordException;
import org.apache.archiva.redback.users.User;
--- /dev/null
+package org.apache.archiva.redback.keys;
+
+/*
+ * Copyright 2001-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.util.Calendar;
+import java.util.List;
+import java.util.Random;
+import java.util.TimeZone;
+
+import org.codehaus.plexus.digest.Hex;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * AbstractKeyManager
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public abstract class AbstractKeyManager
+ implements KeyManager
+{
+ protected Logger log = LoggerFactory.getLogger( getClass() );
+
+ private static final int KEY_LENGTH = 16;
+
+ private static final boolean SECURE = true;
+
+ private boolean randomMode = SECURE;
+
+ private SecureRandom secureRandom;
+
+ private Random random;
+
+ /**
+ * Generate a UUID using <a href="http://www.ietf.org/rfc/rfc4122.txt">RFC 4122</a> UUID generation of a
+ * type 4 or randomly generated UUID.
+ *
+ * @return the 32 character long UUID string.
+ * @throws KeyManagerException
+ */
+ protected String generateUUID()
+ throws KeyManagerException
+ {
+ byte vfour[] = new byte[KEY_LENGTH];
+
+ if ( isRandomMode() == SECURE )
+ {
+ if ( secureRandom == null )
+ {
+ try
+ {
+ secureRandom = SecureRandom.getInstance( "SHA1PRNG" );
+ }
+ catch ( NoSuchAlgorithmException e )
+ {
+ setRandomMode( !SECURE );
+ log.warn( "Unable to use SecureRandom", e );
+ }
+ }
+
+ if ( isRandomMode() == SECURE )
+ {
+ secureRandom.nextBytes( vfour );
+ }
+ }
+
+ if ( isRandomMode() != SECURE )
+ {
+ if ( random == null )
+ {
+ random = new Random();
+ }
+
+ random.nextBytes( vfour );
+ }
+
+ vfour[6] &= 0x0F;
+ vfour[6] |= ( 4 << 4 );
+ vfour[8] &= 0x3F;
+ vfour[8] |= 0x80;
+
+ return Hex.encode( vfour );
+ }
+
+ /**
+ * Tests the key to see if it is expired or not.
+ *
+ * If the key is expired, a call to {@link #removeExpiredKey(AuthenticationKey)} is issued,
+ * and a {@link KeyNotFoundException} is thrown.
+ *
+ * @param authkey the key to test.
+ * @throws KeyNotFoundException if the key is expired.
+ * @throws KeyManagerException if there was a problem removing the key.
+ */
+ protected void assertNotExpired( AuthenticationKey authkey )
+ throws KeyNotFoundException, KeyManagerException
+ {
+ if ( authkey.getDateExpires() == null )
+ {
+ // No expiration means a permanent entry.
+ return;
+ }
+
+ // Test for expiration.
+ Calendar now = getNowGMT();
+ Calendar expiration = getNowGMT();
+ expiration.setTime( authkey.getDateExpires() );
+
+ if ( now.after( expiration ) )
+ {
+ deleteKey( authkey );
+ throw new KeyNotFoundException( "Key [" + authkey.getKey() + "] has expired." );
+ }
+ }
+
+ protected Calendar getNowGMT()
+ {
+ return Calendar.getInstance( TimeZone.getTimeZone( "GMT" ) );
+ }
+
+ public void setRandomMode( boolean randomMode )
+ {
+ this.randomMode = randomMode;
+ }
+
+ public boolean isRandomMode()
+ {
+ return randomMode;
+ }
+
+ public void removeExpiredKeys()
+ throws KeyManagerException
+ {
+ List<AuthenticationKey> allKeys = getAllKeys();
+
+ Calendar now = getNowGMT();
+ Calendar expiration = getNowGMT();
+
+ log.info( "Removing expired keys." );
+ for ( AuthenticationKey authkey : allKeys )
+ {
+ if ( authkey.getDateExpires() != null )
+ {
+ expiration.setTime( authkey.getDateExpires() );
+
+ if ( now.after( expiration ) )
+ {
+ deleteKey( authkey );
+ }
+ }
+ }
+ log.info( "Expired keys removed." );
+ }
+}
--- /dev/null
+package org.apache.archiva.redback.keys;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import java.util.Date;
+
+/**
+ * AuthenticationKey is an object representing a key established to
+ * automatically authenticate a user without the user providing typical
+ * login credentials.
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public interface AuthenticationKey
+{
+ Date getDateCreated();
+
+ Date getDateExpires();
+
+ String getForPrincipal();
+
+ String getKey();
+
+ /**
+ * A String representation of what the purpose of existence is for this key.
+ * <p/>
+ * Examples: "selfservice password reset", "inter system communications", "remember me"
+ *
+ * @return
+ */
+ String getPurpose();
+
+ void setDateCreated( Date dateCreated );
+
+ void setDateExpires( Date dateExpires );
+
+ void setForPrincipal( String forPrincipal );
+
+ void setKey( String key );
+
+ void setPurpose( String requestedFrom );
+}
--- /dev/null
+package org.apache.archiva.redback.keys;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import java.util.List;
+
+/**
+ * KeyManager
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public interface KeyManager
+{
+
+
+ /**
+ * String identifying the key manager implementation.
+ *
+ * @return the key manager implementation id.
+ */
+ String getId();
+
+ /**
+ * Attempt to find a specific key in the store.
+ * <p/>
+ * NOTE: Implementations of this interface should never return an expired key.
+ *
+ * @param key the key to find.
+ * @return the actual key found.
+ * @throws KeyNotFoundException when the requested, unexpired, key cannot be found.
+ * @throws KeyManagerException when there is a fundamental problem with the KeyManager implementation.
+ */
+ AuthenticationKey findKey( String key )
+ throws KeyNotFoundException, KeyManagerException;
+
+ /**
+ * Create a key (and save it to the store) for the specified principal.
+ *
+ * @param principal the principal to generate the key for.
+ * @param purpose the purpose of the key. (Example: "selfservice password reset", "new user validation",
+ * "remember me") This is a purely informational field .
+ * @param expirationMinutes the amount in minutes until this key expires. (-1 means no expiration)
+ * @return the key created
+ * @throws KeyManagerException if there is a fundamental problem with the KeyManager implementation.
+ */
+ AuthenticationKey createKey( String principal, String purpose, int expirationMinutes )
+ throws KeyManagerException;
+
+ /**
+ * Delete a key from the underlying store.
+ *
+ * @param key the key to delete.
+ */
+ void deleteKey( AuthenticationKey key )
+ throws KeyManagerException;
+
+ /**
+ * Delete a key from the underlying store.
+ *
+ * @param key the key to delete.
+ */
+ void deleteKey( String key )
+ throws KeyManagerException;
+
+ List<AuthenticationKey> getAllKeys();
+
+ AuthenticationKey addKey( AuthenticationKey key );
+
+ void eraseDatabase();
+
+ /**
+ * Remove all keys that are expired.
+ */
+ void removeExpiredKeys()
+ throws KeyManagerException;
+}
--- /dev/null
+package org.apache.archiva.redback.keys;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * KeyManagerException
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public class KeyManagerException
+ extends Exception
+{
+
+ public KeyManagerException()
+ {
+ super();
+ }
+
+ public KeyManagerException( String message, Throwable cause )
+ {
+ super( message, cause );
+ }
+
+ public KeyManagerException( String message )
+ {
+ super( message );
+ }
+
+ public KeyManagerException( Throwable cause )
+ {
+ super( cause );
+ }
+
+}
--- /dev/null
+package org.apache.archiva.redback.keys;
+
+/*
+ * Copyright 2001-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.archiva.redback.keys.KeyManagerException;
+
+/**
+ * KeyNotFoundException
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public class KeyNotFoundException
+ extends KeyManagerException
+{
+ public KeyNotFoundException()
+ {
+ super();
+ }
+
+ public KeyNotFoundException( String message, Throwable cause )
+ {
+ super( message, cause );
+ }
+
+ public KeyNotFoundException( String message )
+ {
+ super( message );
+ }
+
+ public KeyNotFoundException( Throwable cause )
+ {
+ super( cause );
+ }
+
+}
+++ /dev/null
-package org.codehaus.plexus.redback.keys;
-
-/*
- * Copyright 2001-2006 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
-import java.util.Calendar;
-import java.util.List;
-import java.util.Random;
-import java.util.TimeZone;
-
-import org.codehaus.plexus.digest.Hex;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * AbstractKeyManager
- *
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- */
-public abstract class AbstractKeyManager
- implements KeyManager
-{
- protected Logger log = LoggerFactory.getLogger( getClass() );
-
- private static final int KEY_LENGTH = 16;
-
- private static final boolean SECURE = true;
-
- private boolean randomMode = SECURE;
-
- private SecureRandom secureRandom;
-
- private Random random;
-
- /**
- * Generate a UUID using <a href="http://www.ietf.org/rfc/rfc4122.txt">RFC 4122</a> UUID generation of a
- * type 4 or randomly generated UUID.
- *
- * @return the 32 character long UUID string.
- * @throws KeyManagerException
- */
- protected String generateUUID()
- throws KeyManagerException
- {
- byte vfour[] = new byte[KEY_LENGTH];
-
- if ( isRandomMode() == SECURE )
- {
- if ( secureRandom == null )
- {
- try
- {
- secureRandom = SecureRandom.getInstance( "SHA1PRNG" );
- }
- catch ( NoSuchAlgorithmException e )
- {
- setRandomMode( !SECURE );
- log.warn( "Unable to use SecureRandom", e );
- }
- }
-
- if ( isRandomMode() == SECURE )
- {
- secureRandom.nextBytes( vfour );
- }
- }
-
- if ( isRandomMode() != SECURE )
- {
- if ( random == null )
- {
- random = new Random();
- }
-
- random.nextBytes( vfour );
- }
-
- vfour[6] &= 0x0F;
- vfour[6] |= ( 4 << 4 );
- vfour[8] &= 0x3F;
- vfour[8] |= 0x80;
-
- return Hex.encode( vfour );
- }
-
- /**
- * Tests the key to see if it is expired or not.
- *
- * If the key is expired, a call to {@link #removeExpiredKey(AuthenticationKey)} is issued,
- * and a {@link KeyNotFoundException} is thrown.
- *
- * @param authkey the key to test.
- * @throws KeyNotFoundException if the key is expired.
- * @throws KeyManagerException if there was a problem removing the key.
- */
- protected void assertNotExpired( AuthenticationKey authkey )
- throws KeyNotFoundException, KeyManagerException
- {
- if ( authkey.getDateExpires() == null )
- {
- // No expiration means a permanent entry.
- return;
- }
-
- // Test for expiration.
- Calendar now = getNowGMT();
- Calendar expiration = getNowGMT();
- expiration.setTime( authkey.getDateExpires() );
-
- if ( now.after( expiration ) )
- {
- deleteKey( authkey );
- throw new KeyNotFoundException( "Key [" + authkey.getKey() + "] has expired." );
- }
- }
-
- protected Calendar getNowGMT()
- {
- return Calendar.getInstance( TimeZone.getTimeZone( "GMT" ) );
- }
-
- public void setRandomMode( boolean randomMode )
- {
- this.randomMode = randomMode;
- }
-
- public boolean isRandomMode()
- {
- return randomMode;
- }
-
- public void removeExpiredKeys()
- throws KeyManagerException
- {
- List<AuthenticationKey> allKeys = getAllKeys();
-
- Calendar now = getNowGMT();
- Calendar expiration = getNowGMT();
-
- log.info( "Removing expired keys." );
- for ( AuthenticationKey authkey : allKeys )
- {
- if ( authkey.getDateExpires() != null )
- {
- expiration.setTime( authkey.getDateExpires() );
-
- if ( now.after( expiration ) )
- {
- deleteKey( authkey );
- }
- }
- }
- log.info( "Expired keys removed." );
- }
-}
+++ /dev/null
-package org.codehaus.plexus.redback.keys;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import java.util.Date;
-
-/**
- * AuthenticationKey is an object representing a key established to
- * automatically authenticate a user without the user providing typical
- * login credentials.
- *
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- */
-public interface AuthenticationKey
-{
- public Date getDateCreated();
- public Date getDateExpires();
- public String getForPrincipal();
- public String getKey();
-
- /**
- * A String representation of what the purpose of existence is for this key.
- *
- * Examples: "selfservice password reset", "inter system communications", "remember me"
- *
- * @return
- */
- public String getPurpose();
-
- public void setDateCreated( Date dateCreated );
- public void setDateExpires( Date dateExpires );
- public void setForPrincipal( String forPrincipal );
- public void setKey( String key );
- public void setPurpose( String requestedFrom );
-}
+++ /dev/null
-package org.codehaus.plexus.redback.keys;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import java.util.List;
-
-/**
- * KeyManager
- *
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- */
-public interface KeyManager
-{
-
-
- /**
- * String identifying the key manager implementation.
- *
- * @return the key manager implementation id.
- */
- String getId();
-
- /**
- * Attempt to find a specific key in the store.
- * <p/>
- * NOTE: Implementations of this interface should never return an expired key.
- *
- * @param key the key to find.
- * @return the actual key found.
- * @throws KeyNotFoundException when the requested, unexpired, key cannot be found.
- * @throws KeyManagerException when there is a fundamental problem with the KeyManager implementation.
- */
- AuthenticationKey findKey( String key )
- throws KeyNotFoundException, KeyManagerException;
-
- /**
- * Create a key (and save it to the store) for the specified principal.
- *
- * @param principal the principal to generate the key for.
- * @param purpose the purpose of the key. (Example: "selfservice password reset", "new user validation",
- * "remember me") This is a purely informational field .
- * @param expirationMinutes the amount in minutes until this key expires. (-1 means no expiration)
- * @return the key created
- * @throws KeyManagerException if there is a fundamental problem with the KeyManager implementation.
- */
- AuthenticationKey createKey( String principal, String purpose, int expirationMinutes )
- throws KeyManagerException;
-
- /**
- * Delete a key from the underlying store.
- *
- * @param key the key to delete.
- */
- void deleteKey( AuthenticationKey key )
- throws KeyManagerException;
-
- /**
- * Delete a key from the underlying store.
- *
- * @param key the key to delete.
- */
- void deleteKey( String key )
- throws KeyManagerException;
-
- List<AuthenticationKey> getAllKeys();
-
- AuthenticationKey addKey( AuthenticationKey key );
-
- void eraseDatabase();
-
- /**
- * Remove all keys that are expired.
- */
- void removeExpiredKeys()
- throws KeyManagerException;
-}
+++ /dev/null
-package org.codehaus.plexus.redback.keys;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-/**
- * KeyManagerException
- *
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- */
-public class KeyManagerException
- extends Exception
-{
-
- public KeyManagerException()
- {
- super();
- }
-
- public KeyManagerException( String message, Throwable cause )
- {
- super( message, cause );
- }
-
- public KeyManagerException( String message )
- {
- super( message );
- }
-
- public KeyManagerException( Throwable cause )
- {
- super( cause );
- }
-
-}
+++ /dev/null
-package org.codehaus.plexus.redback.keys;
-
-/*
- * Copyright 2001-2006 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/**
- * KeyNotFoundException
- *
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- */
-public class KeyNotFoundException
- extends KeyManagerException
-{
- public KeyNotFoundException()
- {
- super();
- }
-
- public KeyNotFoundException( String message, Throwable cause )
- {
- super( message, cause );
- }
-
- public KeyNotFoundException( String message )
- {
- super( message );
- }
-
- public KeyNotFoundException( Throwable cause )
- {
- super( cause );
- }
-
-}
--- /dev/null
+package org.apache.archiva.redback.keys;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import java.util.List;
+
+import junit.framework.TestCase;
+import org.apache.archiva.redback.keys.AbstractKeyManager;
+import org.apache.archiva.redback.keys.AuthenticationKey;
+import org.apache.archiva.redback.keys.KeyManagerException;
+import org.apache.archiva.redback.keys.KeyNotFoundException;
+
+public class KeyManagerTest
+ extends TestCase
+{
+ private final class AbstractKeyManagerExtension
+ extends AbstractKeyManager
+ {
+ public AuthenticationKey addKey( AuthenticationKey key )
+ {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public AuthenticationKey createKey( String principal, String purpose, int expirationMinutes )
+ throws KeyManagerException
+ {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public void deleteKey( AuthenticationKey key )
+ throws KeyManagerException
+ {
+ // TODO Auto-generated method stub
+
+ }
+
+ public void deleteKey( String key )
+ throws KeyManagerException
+ {
+ // TODO Auto-generated method stub
+
+ }
+
+ public void eraseDatabase()
+ {
+ // TODO Auto-generated method stub
+
+ }
+
+ public AuthenticationKey findKey( String key )
+ throws KeyNotFoundException, KeyManagerException
+ {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public List<AuthenticationKey> getAllKeys()
+ {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ public String getId()
+ {
+ // TODO Auto-generated method stub
+ return null;
+ }
+ }
+
+ public void testUUID()
+ throws KeyManagerException
+ {
+ AbstractKeyManager manager = new AbstractKeyManagerExtension();
+
+ // verifies we can get the provider after change not to require Sun one
+ assertNotNull( manager.generateUUID() );
+ assertTrue( manager.isRandomMode() );
+ }
+}
+++ /dev/null
-package org.codehaus.plexus.redback.keys;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import java.util.List;
-
-import junit.framework.TestCase;
-
-public class KeyManagerTest
- extends TestCase
-{
- private final class AbstractKeyManagerExtension
- extends AbstractKeyManager
- {
- public AuthenticationKey addKey( AuthenticationKey key )
- {
- // TODO Auto-generated method stub
- return null;
- }
-
- public AuthenticationKey createKey( String principal, String purpose, int expirationMinutes )
- throws KeyManagerException
- {
- // TODO Auto-generated method stub
- return null;
- }
-
- public void deleteKey( AuthenticationKey key )
- throws KeyManagerException
- {
- // TODO Auto-generated method stub
-
- }
-
- public void deleteKey( String key )
- throws KeyManagerException
- {
- // TODO Auto-generated method stub
-
- }
-
- public void eraseDatabase()
- {
- // TODO Auto-generated method stub
-
- }
-
- public AuthenticationKey findKey( String key )
- throws KeyNotFoundException, KeyManagerException
- {
- // TODO Auto-generated method stub
- return null;
- }
-
- public List<AuthenticationKey> getAllKeys()
- {
- // TODO Auto-generated method stub
- return null;
- }
-
- public String getId()
- {
- // TODO Auto-generated method stub
- return null;
- }
- }
-
- public void testUUID()
- throws KeyManagerException
- {
- AbstractKeyManager manager = new AbstractKeyManagerExtension();
-
- // verifies we can get the provider after change not to require Sun one
- assertNotNull( manager.generateUUID() );
- assertTrue( manager.isRandomMode() );
- }
-}
import java.util.List;
-import javax.annotation.Resource;
import javax.inject.Inject;
import javax.inject.Named;
import org.codehaus.plexus.cache.Cache;
-import org.codehaus.plexus.redback.keys.AbstractKeyManager;
-import org.codehaus.plexus.redback.keys.AuthenticationKey;
-import org.codehaus.plexus.redback.keys.KeyManager;
-import org.codehaus.plexus.redback.keys.KeyManagerException;
-import org.codehaus.plexus.redback.keys.KeyNotFoundException;
+import org.apache.archiva.redback.keys.AbstractKeyManager;
+import org.apache.archiva.redback.keys.AuthenticationKey;
+import org.apache.archiva.redback.keys.KeyManager;
+import org.apache.archiva.redback.keys.KeyManagerException;
+import org.apache.archiva.redback.keys.KeyNotFoundException;
import org.springframework.stereotype.Service;
/**
*/
import net.sf.ehcache.CacheManager;
-import org.codehaus.plexus.redback.keys.KeyManager;
+import org.apache.archiva.redback.keys.KeyManager;
import org.codehaus.plexus.redback.keys.KeyManagerTestCase;
import org.junit.Before;
* under the License.
*/
+import org.apache.archiva.redback.keys.AuthenticationKey;
import org.codehaus.plexus.jdo.JdoFactory;
import org.codehaus.plexus.jdo.PlexusJdoUtils;
import org.codehaus.plexus.jdo.PlexusObjectNotFoundException;
import org.codehaus.plexus.jdo.PlexusStoreException;
-import org.codehaus.plexus.redback.keys.AbstractKeyManager;
-import org.codehaus.plexus.redback.keys.AuthenticationKey;
-import org.codehaus.plexus.redback.keys.KeyManagerException;
-import org.codehaus.plexus.redback.keys.KeyNotFoundException;
+import org.apache.archiva.redback.keys.AbstractKeyManager;
+import org.apache.archiva.redback.keys.KeyManagerException;
+import org.apache.archiva.redback.keys.KeyNotFoundException;
import org.codehaus.plexus.util.StringUtils;
import org.jpox.PersistenceManagerFactoryImpl;
import org.springframework.stereotype.Service;
<name>JdoAuthenticationKey</name>
<version>1.0.0+</version>
<interfaces>
- <interface>org.codehaus.plexus.redback.keys.AuthenticationKey</interface>
+ <interface>org.apache.archiva.redback.keys.AuthenticationKey</interface>
</interfaces>
<description>
- @plexus.component role="org.codehaus.plexus.redback.keys.AuthenticationKey"
+ @plexus.component role="org.apache.archiva.redback.keys.AuthenticationKey"
role-hint="jdo"
</description>
<fields>
* under the License.
*/
+import org.apache.archiva.redback.keys.KeyManager;
import org.codehaus.plexus.jdo.DefaultConfigurableJdoFactory;
-import org.codehaus.plexus.redback.keys.KeyManager;
import org.codehaus.plexus.redback.keys.KeyManagerTestCase;
import org.jpox.SchemaTool;
import org.junit.Before;
* under the License.
*/
-import org.codehaus.plexus.redback.keys.AuthenticationKey;
+import org.apache.archiva.redback.keys.AuthenticationKey;
import java.util.Date;
* under the License.
*/
-import org.codehaus.plexus.redback.keys.AbstractKeyManager;
-import org.codehaus.plexus.redback.keys.AuthenticationKey;
-import org.codehaus.plexus.redback.keys.KeyManagerException;
-import org.codehaus.plexus.redback.keys.KeyNotFoundException;
+import org.apache.archiva.redback.keys.AbstractKeyManager;
+import org.apache.archiva.redback.keys.AuthenticationKey;
+import org.apache.archiva.redback.keys.KeyManagerException;
+import org.apache.archiva.redback.keys.KeyNotFoundException;
import org.codehaus.plexus.util.StringUtils;
import org.springframework.stereotype.Service;
* under the License.
*/
-import org.codehaus.plexus.redback.keys.KeyManager;
+import org.apache.archiva.redback.keys.KeyManager;
import org.codehaus.plexus.redback.keys.KeyManagerTestCase;
import org.junit.Before;
*/
import junit.framework.TestCase;
+import org.apache.archiva.redback.keys.AuthenticationKey;
+import org.apache.archiva.redback.keys.KeyManager;
+import org.apache.archiva.redback.keys.KeyManagerException;
+import org.apache.archiva.redback.keys.KeyNotFoundException;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.test.context.ContextConfiguration;
* under the License.
*/
+import org.apache.archiva.redback.keys.KeyManager;
import org.apache.archiva.redback.users.User;
import org.apache.archiva.redback.users.UserManager;
import org.apache.archiva.redback.users.UserNotFoundException;
import org.apache.archiva.redback.authorization.AuthorizationException;
import org.apache.archiva.redback.authorization.AuthorizationResult;
import org.apache.archiva.redback.authorization.Authorizer;
-import org.codehaus.plexus.redback.keys.KeyManager;
import org.codehaus.plexus.redback.policy.AccountLockedException;
import org.codehaus.plexus.redback.policy.MustChangePasswordException;
import org.codehaus.plexus.redback.policy.UserSecurityPolicy;
import org.apache.archiva.redback.authentication.AuthenticationException;
import org.apache.archiva.redback.authorization.AuthorizationException;
import org.apache.archiva.redback.authorization.AuthorizationResult;
-import org.codehaus.plexus.redback.keys.KeyManager;
+import org.apache.archiva.redback.keys.KeyManager;
import org.codehaus.plexus.redback.policy.AccountLockedException;
import org.codehaus.plexus.redback.policy.MustChangePasswordException;
import org.codehaus.plexus.redback.policy.UserSecurityPolicy;
projects / archiva.git / commitdiff