From: Olivier Lamy Date: Wed, 17 Oct 2012 08:07:34 +0000 (+0000) Subject: redback-jsecurity is not used so move it to retired. X-Git-Tag: redback-2.1~289 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=0e0dea50570837289cb76618fde69ed289ca57df;p=archiva.git redback-jsecurity is not used so move it to retired. git-svn-id: https://svn.apache.org/repos/asf/archiva/redback/redback-core/trunk@1399143 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/redback-integrations/redback-jsecurity/pom.xml b/redback-integrations/redback-jsecurity/pom.xml deleted file mode 100644 index 6d0a5cbf2..000000000 --- a/redback-integrations/redback-jsecurity/pom.xml +++ /dev/null @@ -1,100 +0,0 @@ - - - - - - 4.0.0 - - - redback-integrations - org.apache.archiva.redback - 2.1-SNAPSHOT - - - redback-jsecurity - bundle - Redback :: Integration :: JSecurity Integration - - - - org.apache.archiva.redback - redback-users-api - - - org.apache.archiva.redback - redback-rbac-model - - - org.apache.archiva.redback - redback-system - - - org.jsecurity - jsecurity - 0.9.0 - - - - - org.apache.archiva.redback - redback-users-memory - test - - - org.apache.archiva.redback - redback-rbac-memory - test - - - org.hsqldb - hsqldb - test - - - org.slf4j - slf4j-simple - test - - - - - - - org.apache.felix - maven-bundle-plugin - - - - org.apache.archiva.redback.jsecurity;version=${project.version};-split-package:=merge-first - - - org.apache.archiva.redback.policy;version=${project.version}, - org.apache.archiva.redback.rbac;version=${project.version}, - org.apache.archiva.redback.users;version=${project.version}, - org.jsecurity*;version="[0.9,2)", - org.slf4j;resolution:=optional - - - - - - - - diff --git a/redback-integrations/redback-jsecurity/src/main/java/org/apache/archiva/redback/jsecurity/PrincipalLockedException.java b/redback-integrations/redback-jsecurity/src/main/java/org/apache/archiva/redback/jsecurity/PrincipalLockedException.java deleted file mode 100644 index 96a63ac8b..000000000 --- a/redback-integrations/redback-jsecurity/src/main/java/org/apache/archiva/redback/jsecurity/PrincipalLockedException.java +++ /dev/null @@ -1,41 +0,0 @@ -package org.apache.archiva.redback.jsecurity; - -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -import org.jsecurity.authc.AuthenticationException; - -public class PrincipalLockedException - extends AuthenticationException -{ - public PrincipalLockedException( String message, Throwable cause ) - { - super( message, cause ); - } - - public PrincipalLockedException( String message ) - { - super( message ); - } - - public PrincipalLockedException( Throwable cause ) - { - super( cause ); - } -} diff --git a/redback-integrations/redback-jsecurity/src/main/java/org/apache/archiva/redback/jsecurity/PrincipalPasswordChangeRequiredException.java b/redback-integrations/redback-jsecurity/src/main/java/org/apache/archiva/redback/jsecurity/PrincipalPasswordChangeRequiredException.java deleted file mode 100644 index bd7df5633..000000000 --- a/redback-integrations/redback-jsecurity/src/main/java/org/apache/archiva/redback/jsecurity/PrincipalPasswordChangeRequiredException.java +++ /dev/null @@ -1,41 +0,0 @@ -package org.apache.archiva.redback.jsecurity; - -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -import org.jsecurity.authc.AuthenticationException; - -public class PrincipalPasswordChangeRequiredException - extends AuthenticationException -{ - public PrincipalPasswordChangeRequiredException( String message, Throwable cause ) - { - super( message, cause ); - } - - public PrincipalPasswordChangeRequiredException( String message ) - { - super( message ); - } - - public PrincipalPasswordChangeRequiredException( Throwable cause ) - { - super( cause ); - } -} diff --git a/redback-integrations/redback-jsecurity/src/main/java/org/apache/archiva/redback/jsecurity/RedbackRealm.java b/redback-integrations/redback-jsecurity/src/main/java/org/apache/archiva/redback/jsecurity/RedbackRealm.java deleted file mode 100644 index 3e9c2dcd3..000000000 --- a/redback-integrations/redback-jsecurity/src/main/java/org/apache/archiva/redback/jsecurity/RedbackRealm.java +++ /dev/null @@ -1,190 +0,0 @@ -package org.apache.archiva.redback.jsecurity; - -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -import org.apache.archiva.redback.policy.AccountLockedException; -import org.apache.archiva.redback.policy.UserSecurityPolicy; -import org.apache.archiva.redback.rbac.Permission; -import org.apache.archiva.redback.rbac.RBACManager; -import org.apache.archiva.redback.rbac.RbacManagerException; -import org.apache.archiva.redback.rbac.UserAssignment; -import org.apache.archiva.redback.users.User; -import org.apache.archiva.redback.users.UserManager; -import org.apache.archiva.redback.users.UserNotFoundException; -import org.jsecurity.authc.AuthenticationException; -import org.jsecurity.authc.AuthenticationInfo; -import org.jsecurity.authc.AuthenticationToken; -import org.jsecurity.authc.SimpleAuthenticationInfo; -import org.jsecurity.authc.UsernamePasswordToken; -import org.jsecurity.authc.credential.CredentialsMatcher; -import org.jsecurity.authz.AuthorizationInfo; -import org.jsecurity.authz.SimpleAuthorizationInfo; -import org.jsecurity.realm.AuthorizingRealm; -import org.jsecurity.subject.PrincipalCollection; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import java.util.HashSet; -import java.util.Iterator; -import java.util.Set; - -public class RedbackRealm - extends AuthorizingRealm -{ - private Logger log = LoggerFactory.getLogger( RedbackRealm.class ); - - private final UserManager userManager; - - private final RBACManager rbacManager; - - private final UserSecurityPolicy securityPolicy; - - public RedbackRealm( UserManager userManager, RBACManager rbacManager, UserSecurityPolicy securityPolicy ) - { - this.userManager = userManager; - this.rbacManager = rbacManager; - this.securityPolicy = securityPolicy; - } - - @Override - protected AuthorizationInfo doGetAuthorizationInfo( PrincipalCollection principals ) - { - final String username = (String) principals.fromRealm( getName() ).iterator().next(); - - try - { - final UserAssignment assignment = rbacManager.getUserAssignment( username ); - final Set roleNames = new HashSet( assignment.getRoleNames() ); - final Set permissions = new HashSet(); - - for ( Iterator it = rbacManager.getAssignedPermissions( username ).iterator(); it.hasNext(); ) - { - Permission permission = it.next(); - permissions.add( permission.getName() ); - } - - SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo( roleNames ); - authorizationInfo.setStringPermissions( permissions ); - - return authorizationInfo; - } - catch ( RbacManagerException e ) - { - log.error( "Could not authenticate against data source", e ); - } - - return null; - } - - @Override - protected AuthenticationInfo doGetAuthenticationInfo( AuthenticationToken token ) - throws AuthenticationException - { - if ( token == null ) - { - throw new AuthenticationException( "AuthenticationToken cannot be null" ); - } - - final UsernamePasswordToken passwordToken = (UsernamePasswordToken) token; - - User user = null; - try - { - user = userManager.findUser( passwordToken.getUsername() ); - } - catch ( UserNotFoundException e ) - { - log.error( "Could not find user " + passwordToken.getUsername() ); - } - - if ( user == null ) - { - return null; - } - - if ( user.isLocked() && !user.isPasswordChangeRequired() ) - { - throw new PrincipalLockedException( "User " + user.getPrincipal() + " is locked." ); - } - - if ( user.isPasswordChangeRequired() ) - { - throw new PrincipalPasswordChangeRequiredException( - "Password change is required for user " + user.getPrincipal() ); - } - - return new RedbackAuthenticationInfo( user, getName() ); - } - - @Override - public CredentialsMatcher getCredentialsMatcher() - { - return new CredentialsMatcher() - { - public boolean doCredentialsMatch( AuthenticationToken token, AuthenticationInfo info ) - { - final String credentials = new String( (char[]) token.getCredentials() ); - final boolean match = securityPolicy.getPasswordEncoder().encodePassword( credentials ).equals( - (String) info.getCredentials() ); - if ( !match ) - { - User user = ( (RedbackAuthenticationInfo) info ).getUser(); - try - { - securityPolicy.extensionExcessiveLoginAttempts( user ); - } - catch ( AccountLockedException e ) - { - log.info( "User{} has been locked", user.getUsername(), e ); - } - finally - { - try - { - userManager.updateUser( user ); - } - catch ( UserNotFoundException e ) - { - log.error( "The user to be updated could not be found", e ); - } - } - } - return match; - } - }; - } - - final class RedbackAuthenticationInfo - extends SimpleAuthenticationInfo - { - private final User user; - - public RedbackAuthenticationInfo( User user, String realmName ) - { - super( user.getPrincipal(), user.getEncodedPassword(), realmName ); - this.user = user; - } - - public User getUser() - { - return user; - } - } -} diff --git a/redback-integrations/redback-jsecurity/src/test/java/org/apache/archiva/redback/jsecurity/RedbackRealmTest.java b/redback-integrations/redback-jsecurity/src/test/java/org/apache/archiva/redback/jsecurity/RedbackRealmTest.java deleted file mode 100644 index e2b75bd67..000000000 --- a/redback-integrations/redback-jsecurity/src/test/java/org/apache/archiva/redback/jsecurity/RedbackRealmTest.java +++ /dev/null @@ -1,199 +0,0 @@ -package org.apache.archiva.redback.jsecurity; - -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -import junit.framework.TestCase; -import org.apache.archiva.redback.jsecurity.PrincipalLockedException; -import org.apache.archiva.redback.jsecurity.PrincipalPasswordChangeRequiredException; -import org.apache.archiva.redback.jsecurity.RedbackRealm; -import org.apache.archiva.redback.policy.UserSecurityPolicy; -import org.apache.archiva.redback.rbac.Operation; -import org.apache.archiva.redback.rbac.Permission; -import org.apache.archiva.redback.rbac.RBACManager; -import org.apache.archiva.redback.rbac.Resource; -import org.apache.archiva.redback.rbac.Role; -import org.apache.archiva.redback.rbac.UserAssignment; -import org.apache.archiva.redback.users.User; -import org.apache.archiva.redback.users.UserManager; -import org.jsecurity.authc.IncorrectCredentialsException; -import org.jsecurity.authc.UsernamePasswordToken; -import org.jsecurity.mgt.DefaultSecurityManager; -import org.jsecurity.subject.PrincipalCollection; -import org.jsecurity.subject.SimplePrincipalCollection; -import org.jsecurity.subject.Subject; -import org.junit.After; -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; - -import javax.inject.Inject; -import javax.inject.Named; - - -@RunWith( SpringJUnit4ClassRunner.class ) -@ContextConfiguration( locations = { "classpath*:/META-INF/spring-context.xml", "classpath*:/spring-context.xml" } ) -public class RedbackRealmTest - extends TestCase -{ - private DefaultSecurityManager securityManager; - - private RedbackRealm realm; - - @Inject - @Named( value = "userManager#memory" ) - private UserManager userManager; - - @Inject - @Named( value = "rBACManager#memory" ) - private RBACManager rbacManager; - - @Inject - private UserSecurityPolicy userSecurityPolicy; - - private User user; - - @Before - public void setUp() - throws Exception - { - super.setUp(); - securityManager = new DefaultSecurityManager(); - - realm = new RedbackRealm( userManager, rbacManager, userSecurityPolicy ); - securityManager.setRealm( realm ); - - user = userManager.createUser( "test1", "John Tester", "jtester@redback.codehaus.org" ); - user.setPassword( "password1" ); - userManager.addUser( user ); - userManager.updateUser( user ); - } - - @After - public void tearDown() - throws Exception - { - super.tearDown(); - securityManager.destroy(); - securityManager = null; - realm = null; - } - - protected String getPlexusConfigLocation() - { - return "plexus.xml"; - } - - public void testThrowsExceptionIfUserAccountLocked() - throws Exception - { - user.setLocked( true ); - userManager.updateUser( user ); - try - { - securityManager.login( new UsernamePasswordToken( "test1", "password1" ) ); - fail( "Should not be able to login" ); - } - catch ( PrincipalLockedException e ) - { - assertTrue( true ); - } - } - - @Test - public void testThrowsExceptionIfUserAccountNeedsPasswordChange() - throws Exception - { - user.setPasswordChangeRequired( true ); - userManager.updateUser( user ); - try - { - securityManager.login( new UsernamePasswordToken( "test1", "password1" ) ); - fail( "Should not be able to login" ); - } - catch ( PrincipalPasswordChangeRequiredException e ) - { - assertTrue( true ); - } - } - - @Test - public void testUnsuccessfullAuthAttemptsLockAccount() - throws Exception - { - assertFalse( user.isLocked() ); - userSecurityPolicy.setLoginAttemptCount( 2 ); - try - { - securityManager.login( new UsernamePasswordToken( "test1", "incorrectpassowrd" ) ); - fail( "password should be incorrect" ); - } - catch ( IncorrectCredentialsException e ) - { - assertFalse( user.isLocked() ); - } - - try - { - securityManager.login( new UsernamePasswordToken( "test1", "incorrectpassowrd" ) ); - fail( "password should be incorrect" ); - } - catch ( IncorrectCredentialsException e ) - { - assertTrue( user.isLocked() ); - } - } - - @Test - public void testBasic() - throws Exception - { - assertEquals( 1, userManager.getUsers().size() ); - - Role role1 = rbacManager.createRole( "role1" ); - Permission permission = rbacManager.createPermission( "Allowed to write to repository" ); - Operation operation = rbacManager.createOperation( "myop" ); - Resource resource = rbacManager.createResource( "filesystem" ); - - permission.setOperation( operation ); - permission.setPermanent( false ); - permission.setResource( resource ); - - role1.addPermission( permission ); - rbacManager.savePermission( permission ); - rbacManager.saveRole( role1 ); - - Role role2 = rbacManager.createRole( "role2" ); - - UserAssignment assignment = rbacManager.createUserAssignment( user.getUsername() ); - assignment.addRoleName( "role1" ); - rbacManager.saveUserAssignment( assignment ); - - Subject subject = securityManager.login( new UsernamePasswordToken( "test1", "password1" ) ); - assertTrue( subject.isAuthenticated() ); - assertTrue( subject.hasRole( "role1" ) ); - assertFalse( subject.hasRole( "role2" ) ); - - PrincipalCollection principals = new SimplePrincipalCollection( "test1", realm.getName() ); - - assertTrue( securityManager.isPermitted( principals, "Allowed to write to repository" ) ); - } -}