import org.apache.maven.archiva.repository.audit.AuditEvent;
import org.apache.maven.archiva.repository.audit.AuditListener;
import org.apache.maven.archiva.repository.scanner.RepositoryContentConsumers;
-import org.apache.maven.archiva.security.ArchivaXworkUser;
import org.apache.maven.archiva.webdav.util.IndexWriter;
import org.apache.maven.archiva.webdav.util.MimeTypes;
import org.joda.time.DateTime;
import org.joda.time.format.DateTimeFormatter;
import org.joda.time.format.ISODateTimeFormat;
-import com.opensymphony.xwork2.ActionContext;
-
/**
*/
public class ArchivaDavResource
private final MimeTypes mimeTypes;
private List<AuditListener> auditListeners;
-
- private ArchivaXworkUser archivaXworkUser;
+ private String principal;
+
public static final String COMPLIANCE_CLASS = "1, 2";
public ArchivaDavResource( String localResource, String logicalResource, ManagedRepositoryConfiguration repository,
DavSession session, ArchivaDavResourceLocator locator, DavResourceFactory factory,
MimeTypes mimeTypes, List<AuditListener> auditListeners,
- RepositoryContentConsumers consumers, ArchivaXworkUser archivaXworkUser )
+ RepositoryContentConsumers consumers )
{
this.localResource = new File( localResource );
this.logicalResource = logicalResource;
this.locator = locator;
this.factory = factory;
this.session = session;
- this.archivaXworkUser = archivaXworkUser;
// TODO: push into locator as well as moving any references out of the resource factory
this.repository = repository;
}
public ArchivaDavResource( String localResource, String logicalResource, ManagedRepositoryConfiguration repository,
- String remoteAddr, DavSession session, ArchivaDavResourceLocator locator,
+ String remoteAddr, String principal, DavSession session, ArchivaDavResourceLocator locator,
DavResourceFactory factory, MimeTypes mimeTypes, List<AuditListener> auditListeners,
- RepositoryContentConsumers consumers, ArchivaXworkUser archivaXworkUser )
+ RepositoryContentConsumers consumers )
{
this( localResource, logicalResource, repository, session, locator, factory, mimeTypes, auditListeners,
- consumers, archivaXworkUser );
+ consumers );
this.remoteAddr = remoteAddr;
+ this.principal = principal;
}
public String getComplianceClass()
private void triggerAuditEvent( String remoteIP, String repositoryId, String resource, String action )
{
- String activePrincipal = archivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() );
- AuditEvent event = new AuditEvent( repositoryId, activePrincipal, resource, action );
+ AuditEvent event = new AuditEvent( repositoryId, principal, resource, action );
event.setRemoteIP( remoteIP );
for ( AuditListener listener : auditListeners )
import java.io.FileReader;
import java.io.IOException;
import java.util.ArrayList;
-import java.util.HashMap;
import java.util.List;
-import java.util.Map;
import javax.servlet.http.HttpServletResponse;
import org.apache.maven.archiva.repository.metadata.RepositoryMetadataReader;
import org.apache.maven.archiva.repository.metadata.RepositoryMetadataWriter;
import org.apache.maven.archiva.repository.scanner.RepositoryContentConsumers;
-import org.apache.maven.archiva.security.ArchivaXworkUser;
import org.apache.maven.archiva.security.ServletAuthenticator;
import org.apache.maven.archiva.webdav.util.MimeTypes;
import org.apache.maven.archiva.webdav.util.RepositoryPathUtil;
import org.codehaus.plexus.redback.policy.MustChangePasswordException;
import org.codehaus.plexus.redback.system.SecuritySession;
import org.codehaus.plexus.redback.system.SecuritySystemConstants;
+import org.codehaus.plexus.redback.users.User;
+import org.codehaus.plexus.redback.users.UserManager;
import org.codehaus.plexus.util.xml.pull.XmlPullParserException;
import org.codehaus.redback.integration.filter.authentication.HttpAuthenticator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import com.opensymphony.xwork2.ActionContext;
-
/**
* @plexus.component role="org.apache.maven.archiva.webdav.ArchivaDavResourceFactory"
*/
* @plexus.requirement role-hint="md5";
*/
private Digester digestMd5;
-
- /**
- * @plexus.requirement
- */
- private ArchivaXworkUser archivaXworkUser;
public DavResource createResource( final DavResourceLocator locator, final DavServletRequest request,
final DavServletResponse response )
LogicalResource logicalResource =
new LogicalResource( RepositoryPathUtil.getLogicalResource( locator.getResourcePath() ) );
+ String activePrincipal = getActivePrincipal( request );
+
ArchivaDavResource metadataChecksumResource =
- new ArchivaDavResource( metadataChecksum.getAbsolutePath(), logicalResource.getPath(), null,
- request.getRemoteAddr(), request.getDavSession(), archivaLocator, this,
- mimeTypes, auditListeners, consumers, archivaXworkUser );
+ new ArchivaDavResource( metadataChecksum.getAbsolutePath(), logicalResource.getPath(),
+ null, request.getRemoteAddr(), activePrincipal,
+ request.getDavSession(), archivaLocator, this, mimeTypes,
+ auditListeners, consumers );
availableResources.add( 0, metadataChecksumResource );
}
}
LogicalResource logicalResource =
new LogicalResource( RepositoryPathUtil.getLogicalResource( locator.getResourcePath() ) );
+ String activePrincipal = getActivePrincipal( request );
+
ArchivaDavResource metadataResource =
new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource.getPath(), null,
- request.getRemoteAddr(), request.getDavSession(), archivaLocator, this,
- mimeTypes, auditListeners, consumers, archivaXworkUser );
+ request.getRemoteAddr(), activePrincipal, request.getDavSession(),
+ archivaLocator, this, mimeTypes, auditListeners, consumers );
availableResources.add( 0, metadataResource );
}
catch ( RepositoryMetadataException r )
resource =
new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource,
managedRepository.getRepository(), davSession, archivaLocator, this, mimeTypes,
- auditListeners, consumers, archivaXworkUser );
+ auditListeners, consumers );
}
resource.addLockManager(lockManager);
return resource;
}
}
+ String activePrincipal = getActivePrincipal( request );
+
ArchivaDavResource resource =
new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource.getPath(),
- managedRepository.getRepository(), request.getRemoteAddr(),
- request.getDavSession(), locator, this, mimeTypes, auditListeners, consumers, archivaXworkUser );
+ managedRepository.getRepository(), request.getRemoteAddr(), activePrincipal,
+ request.getDavSession(), locator, this, mimeTypes, auditListeners, consumers );
if ( !resource.isCollection() )
{
{
String repositoryId = locator.getRepositoryId();
String event = ( previouslyExisted ? AuditEvent.MODIFY_FILE : AuditEvent.CREATE_FILE ) + PROXIED_SUFFIX;
- triggerAuditEvent( request.getRemoteAddr(), repositoryId, logicalResource.getPath(), event );
+ triggerAuditEvent( request.getRemoteAddr(), repositoryId, logicalResource.getPath(), event,
+ activePrincipal );
}
if ( !resourceFile.exists() )
resource =
new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource.getPath(),
managedRepository.getRepository(), request.getRemoteAddr(),
- request.getDavSession(), locator, this, mimeTypes, auditListeners,
- consumers, archivaXworkUser );
+ activePrincipal, request.getDavSession(), locator, this, mimeTypes,
+ auditListeners, consumers );
}
}
return resource;
File rootDirectory = new File( managedRepository.getRepoRoot() );
File destDir = new File( rootDirectory, logicalResource.getPath() ).getParentFile();
+ String activePrincipal = getActivePrincipal( request );
+
if ( request.getMethod().equals(HTTP_PUT_METHOD) && !destDir.exists() )
{
destDir.mkdirs();
String relPath = PathUtil.getRelative( rootDirectory.getAbsolutePath(), destDir );
- triggerAuditEvent( request.getRemoteAddr(), logicalResource.getPath(), relPath, AuditEvent.CREATE_DIR );
+ triggerAuditEvent( request.getRemoteAddr(), logicalResource.getPath(), relPath, AuditEvent.CREATE_DIR,
+ activePrincipal );
}
File resourceFile = new File( managedRepository.getRepoRoot(), logicalResource.getPath() );
return new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource.getPath(),
- managedRepository.getRepository(), request.getRemoteAddr(),
- request.getDavSession(), locator, this, mimeTypes, auditListeners, consumers, archivaXworkUser );
+ managedRepository.getRepository(), request.getRemoteAddr(), activePrincipal,
+ request.getDavSession(), locator, this, mimeTypes, auditListeners, consumers );
}
private boolean fetchContentFromProxies( ManagedRepositoryContent managedRepository, DavServletRequest request,
}
// TODO: remove?
- private void triggerAuditEvent( String remoteIP, String repositoryId, String resource, String action )
+ private void triggerAuditEvent( String remoteIP, String repositoryId, String resource, String action,
+ String principal )
{
- String activePrincipal = archivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() );
- AuditEvent event = new AuditEvent( repositoryId, activePrincipal, resource, action );
+ AuditEvent event = new AuditEvent( repositoryId, principal, resource, action );
event.setRemoteIP( remoteIP );
for ( AuditListener listener : auditListeners )
boolean isPut = WebdavMethodUtil.isWriteMethod( request.getMethod() );
// safety check for MRM-911
- String guest = archivaXworkUser.getGuest();
+ String guest = UserManager.GUEST_USERNAME;
try
{
if( servletAuth.isAuthorized( guest,
// browse the repo group but displaying only the repositories which the user has permission to access.
// otherwise, prompt for authentication.
- // put the current session in the session map which will be passed to ArchivaXworkUser
- Map<String, Object> sessionMap = new HashMap<String, Object>();
- if( request.getSession().getAttribute( SecuritySystemConstants.SECURITY_SESSION_KEY ) != null )
- {
- sessionMap.put( SecuritySystemConstants.SECURITY_SESSION_KEY,
- request.getSession().getAttribute( SecuritySystemConstants.SECURITY_SESSION_KEY ) );
- }
-
- String activePrincipal = archivaXworkUser.getActivePrincipal( sessionMap );
+ String activePrincipal = getActivePrincipal( request );
+
boolean allow = isAllowedToContinue( request, repositories, activePrincipal );
if( allow )
return resource;
}
+ private String getActivePrincipal( DavServletRequest request )
+ {
+ User sessionUser = httpAuth.getSessionUser( request.getSession() );
+ return sessionUser != null ? sessionUser.getUsername() : UserManager.GUEST_USERNAME;
+ }
+
private void getResource( ArchivaDavResourceLocator locator, List<File> mergedRepositoryContents,
LogicalResource logicalResource, String repository )
throws DavException
import org.codehaus.plexus.redback.authorization.UnauthorizedException;
import org.codehaus.plexus.redback.system.DefaultSecuritySession;
import org.codehaus.plexus.redback.system.SecuritySession;
+import org.codehaus.plexus.redback.users.memory.SimpleUser;
import org.codehaus.plexus.spring.PlexusInSpringTestCase;
import org.codehaus.redback.integration.filter.authentication.HttpAuthenticator;
import org.codehaus.redback.integration.filter.authentication.basic.HttpBasicAuthentication;
servletAuthControl.expectAndThrow( servletAuth.isAuthenticated( null, result ),
new AuthenticationException( "Authentication error" ) );
+ httpAuthControl.expectAndReturn( httpAuth.getSessionUser( ic.getRequest().getSession() ), null );
+
// check if guest has write access
servletAuth.isAuthorized( "guest", "internal", true );
servletAuthControl.setMatcher( MockControl.EQUALS_MATCHER );
SecuritySession session = new DefaultSecuritySession();
httpAuthControl.expectAndReturn( httpAuth.getAuthenticationResult( null, null ), result );
httpAuthControl.expectAndReturn( httpAuth.getSecuritySession( ic.getRequest().getSession( true ) ), session );
+ httpAuthControl.expectAndReturn( httpAuth.getSessionUser( ic.getRequest().getSession() ), new SimpleUser() );
servletAuthControl.expectAndReturn( servletAuth.isAuthenticated( null, result ), true );
servletAuthControl.expectAndReturn( servletAuth.isAuthorized( null, session, "internal", true ), true );
SecuritySession session = new DefaultSecuritySession();
httpAuthControl.expectAndReturn( httpAuth.getAuthenticationResult( null, null ), result );
httpAuthControl.expectAndReturn( httpAuth.getSecuritySession( ic.getRequest().getSession( true ) ), session );
+ httpAuthControl.expectAndReturn( httpAuth.getSessionUser( ic.getRequest().getSession() ), null );
servletAuthControl.expectAndReturn( servletAuth.isAuthenticated( null, result ), true );
servletAuthControl.expectAndReturn( servletAuth.isAuthorized( null, session, "internal", true ), true );
SecuritySession session = new DefaultSecuritySession();
httpAuthControl.expectAndReturn( httpAuth.getAuthenticationResult( null, null ), result );
httpAuthControl.expectAndReturn( httpAuth.getSecuritySession( ic.getRequest().getSession( true ) ), session );
+ httpAuthControl.expectAndReturn( httpAuth.getSessionUser( ic.getRequest().getSession() ), new SimpleUser() );
servletAuthControl.expectAndReturn( servletAuth.isAuthenticated( null, result ), true );
servletAuthControl.expectAndReturn( servletAuth.isAuthorized( null, session, "internal", true ), true );
projects / archiva.git / commitdiff