mirrors
/
archiva
mirror of https://github.com/apache/archiva.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 70 Wiki Activity
Browse Source

[MRM-773] 

-remove archiva-security dependency to xwork-integration


git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@655233 13f79535-47bb-0310-9956-ffa450edef68
tags/archiva-r676265
Maria Odea B. Ching 16 years ago
parent
5d4435ac5e
commit
0ad838b410
6 changed files with 54 additions and 111 deletions
Split View Show Diff Stats
  1. 0
    15
      archiva-modules/archiva-web/archiva-security/pom.xml
  2. 13
    22
      archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaServletAuthenticator.java
  3. 7
    6
      archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ServletAuthenticator.java
  4. 12
    66
      archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/rss/RssFeedServlet.java
  5. 10
    0
      archiva-modules/archiva-web/archiva-webdav/pom.xml
  6. 12
    2
      archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/maven/archiva/webdav/ArchivaDavSessionProvider.java

+ 0
- 15
archiva-modules/archiva-web/archiva-security/pom.xml View File

@@ -117,20 +117,5 @@
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.codehaus.plexus.redback</groupId>
<artifactId>redback-xwork-integration</artifactId>
<exclusions>
<exclusion>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-container-default</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.derby</groupId>
<artifactId>derby</artifactId>
<scope>provided</scope>
</dependency>
</dependencies>
</project>

+ 13
- 22
archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaServletAuthenticator.java View File

@@ -30,7 +30,6 @@ import org.codehaus.plexus.redback.policy.AccountLockedException;
import org.codehaus.plexus.redback.policy.MustChangePasswordException;
import org.codehaus.plexus.redback.system.SecuritySession;
import org.codehaus.plexus.redback.system.SecuritySystem;
import org.codehaus.plexus.redback.xwork.filter.authentication.HttpAuthenticator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@@ -42,44 +41,36 @@ public class ArchivaServletAuthenticator
implements ServletAuthenticator
{
private Logger log = LoggerFactory.getLogger( ArchivaServletAuthenticator.class );
/**
* @plexus.requirement role-hint="basic"
*/
private HttpAuthenticator httpAuth;

/**
* @plexus.requirement
*/
private SecuritySystem securitySystem;
public boolean isAuthenticated( HttpServletRequest request, String repositoryId )
throws AuthenticationException, AccountLockedException, MustChangePasswordException
{
AuthenticationResult result = httpAuth.getAuthenticationResult( request, null );

public boolean isAuthenticated( HttpServletRequest request, AuthenticationResult result, String repositoryId )
throws AuthenticationException, AccountLockedException, MustChangePasswordException
{
if ( result != null && !result.isAuthenticated() )
{
throw new AuthenticationException( "User Credentials Invalid" );
}
throw new AuthenticationException( "User Credentials Invalid" );
}

return true;
}

public boolean isAuthorized( HttpServletRequest request, String repositoryId, boolean isWriteRequest )
public boolean isAuthorized( HttpServletRequest request, SecuritySession securitySession, String repositoryId,
boolean isWriteRequest )
throws AuthorizationException
{
SecuritySession securitySession = httpAuth.getSecuritySession();
{
String permission = ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS;

if ( isWriteRequest )
{
permission = ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD;
}
AuthorizationResult authzResult = securitySystem.authorize( securitySession, permission, repositoryId );
if ( !authzResult.isAuthorized() )
{
if ( authzResult.getException() != null )
@@ -87,9 +78,9 @@ public class ArchivaServletAuthenticator
log.info( "Authorization Denied [ip=" + request.getRemoteAddr() + ",isWriteRequest=" + isWriteRequest +
",permission=" + permission + ",repo=" + repositoryId + "] : " +
authzResult.getException().getMessage() );
}
}
}

return true;
}
}
}

+ 7
- 6
archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ServletAuthenticator.java View File

@@ -22,20 +22,21 @@ package org.apache.maven.archiva.security;
import javax.servlet.http.HttpServletRequest;

import org.codehaus.plexus.redback.authentication.AuthenticationException;
import org.codehaus.plexus.redback.authentication.AuthenticationResult;
import org.codehaus.plexus.redback.authorization.AuthorizationException;
import org.codehaus.plexus.redback.policy.AccountLockedException;
import org.codehaus.plexus.redback.policy.MustChangePasswordException;
import org.codehaus.plexus.redback.system.SecuritySession;

/**
*
* @author <a href="mailto:oching@apache.org">Maria Odea Ching</a>
* @version
* @version
*/
public interface ServletAuthenticator
{
public boolean isAuthenticated( HttpServletRequest request, String repositoryId )
public boolean isAuthenticated( HttpServletRequest request, AuthenticationResult result, String repositoryId )
throws AuthenticationException, AccountLockedException, MustChangePasswordException;
public boolean isAuthorized( HttpServletRequest request, String repositoryId, boolean isWriteRequest )
throws AuthorizationException;
public boolean isAuthorized( HttpServletRequest request, SecuritySession securitySession, String repositoryId,
boolean isWriteRequest ) throws AuthorizationException;
}

+ 12
- 66
archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/rss/RssFeedServlet.java View File

@@ -42,10 +42,13 @@ import org.apache.maven.archiva.security.PrincipalNotFoundException;
import org.apache.maven.archiva.security.ServletAuthenticator;
import org.apache.maven.archiva.security.UserRepositories;
import org.codehaus.plexus.redback.authentication.AuthenticationException;
import org.codehaus.plexus.redback.authentication.AuthenticationResult;
import org.codehaus.plexus.redback.authorization.AuthorizationException;
import org.codehaus.plexus.redback.policy.AccountLockedException;
import org.codehaus.plexus.redback.policy.MustChangePasswordException;
import org.codehaus.plexus.redback.system.SecuritySession;
import org.codehaus.plexus.redback.users.UserNotFoundException;
import org.codehaus.plexus.redback.xwork.filter.authentication.HttpAuthenticator;
import org.codehaus.plexus.spring.PlexusToSpringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -83,19 +86,19 @@ public class RssFeedServlet

private ServletAuthenticator servletAuth;

private HttpAuthenticator httpAuth;

public void init( javax.servlet.ServletConfig servletConfig )
throws ServletException
{
super.init( servletConfig );
wac = WebApplicationContextUtils.getRequiredWebApplicationContext( servletConfig.getServletContext() );
// securitySystem =
// (SecuritySystem) wac.getBean( PlexusToSpringUtils.buildSpringId( SecuritySystem.class.getName() ) );
userRepositories =
(UserRepositories) wac.getBean( PlexusToSpringUtils.buildSpringId( UserRepositories.class.getName() ) );
// httpAuth =
// (HttpAuthenticator) wac.getBean( PlexusToSpringUtils.buildSpringId( HttpAuthenticator.ROLE, "basic" ) );
servletAuth =
(ServletAuthenticator) wac.getBean( PlexusToSpringUtils.buildSpringId( ServletAuthenticator.class.getName() ) );
httpAuth =
(HttpAuthenticator) wac.getBean( PlexusToSpringUtils.buildSpringId( HttpAuthenticator.ROLE, "basic" ) );
}

public void doGet( HttpServletRequest req, HttpServletResponse res )
@@ -246,7 +249,11 @@ public class RssFeedServlet
{
try
{
if ( servletAuth.isAuthenticated( req, repoId ) && servletAuth.isAuthorized( req, repoId, false ) )
AuthenticationResult result = httpAuth.getAuthenticationResult( req, null );
SecuritySession securitySession = httpAuth.getSecuritySession();

if ( servletAuth.isAuthenticated( req, result, repoId ) &&
servletAuth.isAuthorized( req, securitySession, repoId, false ) )
{
return true;
}
@@ -282,65 +289,4 @@ public class RssFeedServlet
return Collections.emptyList();
}

/*
private boolean isAuthenticated( HttpServletRequest request, String repositoryId )
{
try
{
AuthenticationResult result = httpAuth.getAuthenticationResult( request, null );

if ( result != null && !result.isAuthenticated() )
{
log.error( "User credentials is invalid." );
return false;
}
}
catch ( AuthenticationException e )
{
log.error( "User is not authenticated." );
return false;
}
catch ( AccountLockedException e )
{
log.error( "User account is locked." );
return false;
}
catch ( MustChangePasswordException e )
{
log.error( "Password must be changed." );
return false;
}

return true;
}

private boolean isAuthorized( HttpServletRequest request, String repositoryId )
{
SecuritySession securitySession = httpAuth.getSecuritySession();

try
{
String permission = ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS;

AuthorizationResult authzResult = securitySystem.authorize( securitySession, permission, repositoryId );

if ( !authzResult.isAuthorized() )
{
if ( authzResult.getException() != null )
{
log.info( "Authorization Denied [ip=" + request.getRemoteAddr() + ",permission=" + permission +
",repo=" + repositoryId + "] : " + authzResult.getException().getMessage() );
}
return false;
}
}
catch ( AuthorizationException e )
{
log.error( "Error in authorization : " + e.getMessage() );
return false;
}

return true;
}
*/
}

+ 10
- 0
archiva-modules/archiva-web/archiva-webdav/pom.xml View File

@@ -101,6 +101,16 @@
<groupId>joda-time</groupId>
<artifactId>joda-time</artifactId>
</dependency>
<dependency>
<groupId>org.codehaus.plexus.redback</groupId>
<artifactId>redback-xwork-integration</artifactId>
<exclusions>
<exclusion>
<groupId>org.codehaus.plexus</groupId>
<artifactId>plexus-container-default</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies>

<!-- Required by it.could classes -->

+ 12
- 2
archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/maven/archiva/webdav/ArchivaDavSessionProvider.java View File

@@ -27,8 +27,11 @@ import org.apache.maven.archiva.webdav.util.WebdavMethodUtil;
import org.apache.maven.archiva.webdav.util.RepositoryPathUtil;
import org.apache.maven.archiva.security.ServletAuthenticator;
import org.codehaus.plexus.redback.authentication.AuthenticationException;
import org.codehaus.plexus.redback.authentication.AuthenticationResult;
import org.codehaus.plexus.redback.policy.MustChangePasswordException;
import org.codehaus.plexus.redback.policy.AccountLockedException;
import org.codehaus.plexus.redback.system.SecuritySession;
import org.codehaus.plexus.redback.xwork.filter.authentication.HttpAuthenticator;
import org.codehaus.plexus.redback.authorization.AuthorizationException;
import org.codehaus.plexus.spring.PlexusToSpringUtils;
import org.springframework.web.context.WebApplicationContext;
@@ -45,10 +48,14 @@ public class ArchivaDavSessionProvider implements DavSessionProvider
private Logger log = LoggerFactory.getLogger(ArchivaDavSessionProvider.class);
private ServletAuthenticator servletAuth;
private HttpAuthenticator httpAuth;
public ArchivaDavSessionProvider(WebApplicationContext applicationContext)
{
servletAuth = (ServletAuthenticator) applicationContext.getBean( PlexusToSpringUtils.buildSpringId( ServletAuthenticator.class.getName() ) );
httpAuth =
(HttpAuthenticator) applicationContext.getBean( PlexusToSpringUtils.buildSpringId( HttpAuthenticator.ROLE, "basic" ) );
}

public boolean attachSession(WebdavRequest request) throws DavException
@@ -57,8 +64,11 @@ public class ArchivaDavSessionProvider implements DavSessionProvider
try
{
return servletAuth.isAuthenticated(request, repositoryId) &&
servletAuth.isAuthorized(request, repositoryId, WebdavMethodUtil.isWriteMethod( request.getMethod() ) );
AuthenticationResult result = httpAuth.getAuthenticationResult( request, null );
SecuritySession securitySession = httpAuth.getSecuritySession();
return servletAuth.isAuthenticated(request, result, repositoryId) &&
servletAuth.isAuthorized(request, securitySession, repositoryId, WebdavMethodUtil.isWriteMethod( request.getMethod() ) );
}
catch ( AuthenticationException e )
{

Write Preview
Loading…
Cancel
Save