mirrors
/
archiva
zrcadlo https://github.com/apache/archiva.git
Sledovat 1
Oblíbit 0
Rozštěpit 0
Zdrojový kód Úkoly 0 Vydání 70 Wiki Aktivita
Nelze vybrat více než 25 témat Téma musí začínat písmenem nebo číslem, může obsahovat pomlčky („-“) a může být dlouhé až 35 znaků.
2560 Revize
73 Větve
Strom: 6681581426
Větve Značky
${ item.name }
Vytvořit větev ${ searchTerm }
z „6681581426“
${ noResults }
archiva/archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/maven/archiva/webdav/ArchivaDavSessionProvider.java

ArchivaDavSessionProvider.java 4.3KB
Surový Blame Historie

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113 
  1. package org.apache.maven.archiva.webdav;

  2. 

  3. /*

  4.  * Licensed to the Apache Software Foundation (ASF) under one

  5.  * or more contributor license agreements.  See the NOTICE file

  6.  * distributed with this work for additional information

  7.  * regarding copyright ownership.  The ASF licenses this file

  8.  * to you under the Apache License, Version 2.0 (the

  9.  * "License"); you may not use this file except in compliance

  10.  * with the License.  You may obtain a copy of the License at

  11.  *

  12.  *  http://www.apache.org/licenses/LICENSE-2.0

  13.  *

  14.  * Unless required by applicable law or agreed to in writing,

  15.  * software distributed under the License is distributed on an

  16.  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY

  17.  * KIND, either express or implied.  See the License for the

  18.  * specific language governing permissions and limitations

  19.  * under the License.

  20.  */

  21. 

  22. import org.apache.jackrabbit.webdav.DavException;

  23. import org.apache.jackrabbit.webdav.DavServletRequest;

  24. import org.apache.jackrabbit.webdav.DavSessionProvider;

  25. import org.apache.jackrabbit.webdav.WebdavRequest;

  26. import org.apache.maven.archiva.security.ServletAuthenticator;

  27. import org.apache.maven.archiva.webdav.util.RepositoryPathUtil;

  28. import org.apache.maven.archiva.webdav.util.WebdavMethodUtil;

  29. import org.codehaus.plexus.redback.authentication.AuthenticationException;

  30. import org.codehaus.plexus.redback.authentication.AuthenticationResult;

  31. import org.codehaus.plexus.redback.authorization.UnauthorizedException;

  32. import org.codehaus.plexus.redback.policy.AccountLockedException;

  33. import org.codehaus.plexus.redback.policy.MustChangePasswordException;

  34. import org.codehaus.plexus.redback.users.UserManager;

  35. import org.codehaus.redback.integration.filter.authentication.HttpAuthenticator;

  36. 

  37. /**

  38.  */

  39. public class ArchivaDavSessionProvider

  40.     implements DavSessionProvider

  41. {

  42.     private ServletAuthenticator servletAuth;

  43. 

  44.     private HttpAuthenticator httpAuth;

  45.     

  46.     public ArchivaDavSessionProvider( ServletAuthenticator servletAuth, HttpAuthenticator httpAuth )

  47.     {

  48.         this.servletAuth = servletAuth;

  49.         this.httpAuth = httpAuth;

  50.     }

  51. 

  52.     public boolean attachSession( WebdavRequest request )

  53.         throws DavException

  54.     {    

  55.         final String repositoryId = RepositoryPathUtil.getRepositoryName( removeContextPath( request ) );

  56.         

  57.         try

  58.         {

  59.             AuthenticationResult result = httpAuth.getAuthenticationResult( request, null );

  60.             

  61.             //Create a dav session

  62.             request.setDavSession(new ArchivaDavSession());

  63.             

  64.             return servletAuth.isAuthenticated( request, result );

  65.         }

  66.         catch ( AuthenticationException e )

  67.         {   

  68.             // safety check for MRM-911            

  69.             String guest = UserManager.GUEST_USERNAME;

  70.             try

  71.             {

  72.                 if ( servletAuth.isAuthorized( guest,

  73.                                                ( (ArchivaDavResourceLocator) request.getRequestLocator() ).getRepositoryId(),

  74.                                                WebdavMethodUtil.getMethodPermission( request.getMethod() ) ) )

  75.                 {

  76.                     request.setDavSession( new ArchivaDavSession() );

  77.                     return true;

  78.                 }

  79.             }

  80.             catch ( UnauthorizedException ae )

  81.             {

  82.                 throw new UnauthorizedDavException( repositoryId,

  83.                     "You are not authenticated and authorized to access any repository." );

  84.             }

  85.             

  86.             throw new UnauthorizedDavException( repositoryId, "You are not authenticated." );            

  87.         }

  88.         catch ( MustChangePasswordException e )

  89.         {         

  90.             throw new UnauthorizedDavException( repositoryId, "You must change your password." );

  91.         }

  92.         catch ( AccountLockedException e )

  93.         {         

  94.             throw new UnauthorizedDavException( repositoryId, "User account is locked." );

  95.         }        

  96.     }

  97. 

  98.     public void releaseSession( WebdavRequest request )

  99.     {

  100.         request.setDavSession(null);

  101.     }

  102.     

  103.     private String removeContextPath( final DavServletRequest request )

  104.     {

  105.         String path = request.getRequestURI();

  106.         String ctx = request.getContextPath();

  107.         if ( path.startsWith( ctx ) )

  108.         {

  109.             path = path.substring( ctx.length() );

  110.         }

  111.         return path;

  112.     }    

  113. }