Apache
/
archiva-redback-core
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

redback-jsecurity is not used so move it to retired. 

git-svn-id: https://svn.apache.org/repos/asf/archiva/redback/redback-core/trunk@1399143 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Olivier Lamy 2012-10-17 08:07:34 +00:00
parent 3e9de575ac
commit 0e0dea5057
5 changed files with 0 additions and 571 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

100
redback-integrations/redback-jsecurity/pom.xml
View File

@ -1,100 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Licensed to the Apache Software Foundation (ASF) under one
~ or more contributor license agreements. See the NOTICE file
~ distributed with this work for additional information
~ regarding copyright ownership. The ASF licenses this file
~ to you under the Apache License, Version 2.0 (the
~ "License"); you may not use this file except in compliance
~ with the License. You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<artifactId>redback-integrations</artifactId>
<groupId>org.apache.archiva.redback</groupId>
<version>2.1-SNAPSHOT</version>
</parent>
<artifactId>redback-jsecurity</artifactId>
<packaging>bundle</packaging>
<name>Redback :: Integration :: JSecurity Integration</name>
<dependencies>
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-users-api</artifactId>
</dependency>
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-rbac-model</artifactId>
</dependency>
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-system</artifactId>
</dependency>
<dependency>
<groupId>org.jsecurity</groupId>
<artifactId>jsecurity</artifactId>
<version>0.9.0</version>
</dependency>
<!-- Test Dependencies -->
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-users-memory</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.archiva.redback</groupId>
<artifactId>redback-rbac-memory</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.hsqldb</groupId>
<artifactId>hsqldb</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-simple</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.felix</groupId>
<artifactId>maven-bundle-plugin</artifactId>
<configuration>
<instructions>
<Export-Package>
org.apache.archiva.redback.jsecurity;version=${project.version};-split-package:=merge-first
</Export-Package>
<Import-Package>
org.apache.archiva.redback.policy;version=${project.version},
org.apache.archiva.redback.rbac;version=${project.version},
org.apache.archiva.redback.users;version=${project.version},
org.jsecurity*;version="[0.9,2)",
org.slf4j;resolution:=optional
</Import-Package>
</instructions>
</configuration>
</plugin>
</plugins>
</build>
</project>

41
redback-integrations/redback-jsecurity/src/main/java/org/apache/archiva/redback/jsecurity/PrincipalLockedException.java
View File

@ -1,41 +0,0 @@
package org.apache.archiva.redback.jsecurity;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.jsecurity.authc.AuthenticationException;
public class PrincipalLockedException
extends AuthenticationException
{
public PrincipalLockedException( String message, Throwable cause )
{
super( message, cause );
}
public PrincipalLockedException( String message )
{
super( message );
}
public PrincipalLockedException( Throwable cause )
{
super( cause );
}
}

41
redback-integrations/redback-jsecurity/src/main/java/org/apache/archiva/redback/jsecurity/PrincipalPasswordChangeRequiredException.java
View File

@ -1,41 +0,0 @@
package org.apache.archiva.redback.jsecurity;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.jsecurity.authc.AuthenticationException;
public class PrincipalPasswordChangeRequiredException
extends AuthenticationException
{
public PrincipalPasswordChangeRequiredException( String message, Throwable cause )
{
super( message, cause );
}
public PrincipalPasswordChangeRequiredException( String message )
{
super( message );
}
public PrincipalPasswordChangeRequiredException( Throwable cause )
{
super( cause );
}
}

190
redback-integrations/redback-jsecurity/src/main/java/org/apache/archiva/redback/jsecurity/RedbackRealm.java
View File

@ -1,190 +0,0 @@
package org.apache.archiva.redback.jsecurity;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import org.apache.archiva.redback.policy.AccountLockedException;
import org.apache.archiva.redback.policy.UserSecurityPolicy;
import org.apache.archiva.redback.rbac.Permission;
import org.apache.archiva.redback.rbac.RBACManager;
import org.apache.archiva.redback.rbac.RbacManagerException;
import org.apache.archiva.redback.rbac.UserAssignment;
import org.apache.archiva.redback.users.User;
import org.apache.archiva.redback.users.UserManager;
import org.apache.archiva.redback.users.UserNotFoundException;
import org.jsecurity.authc.AuthenticationException;
import org.jsecurity.authc.AuthenticationInfo;
import org.jsecurity.authc.AuthenticationToken;
import org.jsecurity.authc.SimpleAuthenticationInfo;
import org.jsecurity.authc.UsernamePasswordToken;
import org.jsecurity.authc.credential.CredentialsMatcher;
import org.jsecurity.authz.AuthorizationInfo;
import org.jsecurity.authz.SimpleAuthorizationInfo;
import org.jsecurity.realm.AuthorizingRealm;
import org.jsecurity.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
public class RedbackRealm
extends AuthorizingRealm
{
private Logger log = LoggerFactory.getLogger( RedbackRealm.class );
private final UserManager userManager;
private final RBACManager rbacManager;
private final UserSecurityPolicy securityPolicy;
public RedbackRealm( UserManager userManager, RBACManager rbacManager, UserSecurityPolicy securityPolicy )
{
this.userManager = userManager;
this.rbacManager = rbacManager;
this.securityPolicy = securityPolicy;
}
@Override
protected AuthorizationInfo doGetAuthorizationInfo( PrincipalCollection principals )
{
final String username = (String) principals.fromRealm( getName() ).iterator().next();
try
{
final UserAssignment assignment = rbacManager.getUserAssignment( username );
final Set<String> roleNames = new HashSet<String>( assignment.getRoleNames() );
final Set<String> permissions = new HashSet<String>();
for ( Iterator<Permission> it = rbacManager.getAssignedPermissions( username ).iterator(); it.hasNext(); )
{
Permission permission = it.next();
permissions.add( permission.getName() );
}
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo( roleNames );
authorizationInfo.setStringPermissions( permissions );
return authorizationInfo;
}
catch ( RbacManagerException e )
{
log.error( "Could not authenticate against data source", e );
}
return null;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo( AuthenticationToken token )
throws AuthenticationException
{
if ( token == null )
{
throw new AuthenticationException( "AuthenticationToken cannot be null" );
}
final UsernamePasswordToken passwordToken = (UsernamePasswordToken) token;
User user = null;
try
{
user = userManager.findUser( passwordToken.getUsername() );
}
catch ( UserNotFoundException e )
{
log.error( "Could not find user " + passwordToken.getUsername() );
}
if ( user == null )
{
return null;
}
if ( user.isLocked() && !user.isPasswordChangeRequired() )
{
throw new PrincipalLockedException( "User " + user.getPrincipal() + " is locked." );
}
if ( user.isPasswordChangeRequired() )
{
throw new PrincipalPasswordChangeRequiredException(
"Password change is required for user " + user.getPrincipal() );
}
return new RedbackAuthenticationInfo( user, getName() );
}
@Override
public CredentialsMatcher getCredentialsMatcher()
{
return new CredentialsMatcher()
{
public boolean doCredentialsMatch( AuthenticationToken token, AuthenticationInfo info )
{
final String credentials = new String( (char[]) token.getCredentials() );
final boolean match = securityPolicy.getPasswordEncoder().encodePassword( credentials ).equals(
(String) info.getCredentials() );
if ( !match )
{
User user = ( (RedbackAuthenticationInfo) info ).getUser();
try
{
securityPolicy.extensionExcessiveLoginAttempts( user );
}
catch ( AccountLockedException e )
{
log.info( "User{} has been locked", user.getUsername(), e );
}
finally
{
try
{
userManager.updateUser( user );
}
catch ( UserNotFoundException e )
{
log.error( "The user to be updated could not be found", e );
}
}
}
return match;
}
};
}
final class RedbackAuthenticationInfo
extends SimpleAuthenticationInfo
{
private final User user;
public RedbackAuthenticationInfo( User user, String realmName )
{
super( user.getPrincipal(), user.getEncodedPassword(), realmName );
this.user = user;
}
public User getUser()
{
return user;
}
}
}

199
redback-integrations/redback-jsecurity/src/test/java/org/apache/archiva/redback/jsecurity/RedbackRealmTest.java
View File

@ -1,199 +0,0 @@
package org.apache.archiva.redback.jsecurity;
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import junit.framework.TestCase;
import org.apache.archiva.redback.jsecurity.PrincipalLockedException;
import org.apache.archiva.redback.jsecurity.PrincipalPasswordChangeRequiredException;
import org.apache.archiva.redback.jsecurity.RedbackRealm;
import org.apache.archiva.redback.policy.UserSecurityPolicy;
import org.apache.archiva.redback.rbac.Operation;
import org.apache.archiva.redback.rbac.Permission;
import org.apache.archiva.redback.rbac.RBACManager;
import org.apache.archiva.redback.rbac.Resource;
import org.apache.archiva.redback.rbac.Role;
import org.apache.archiva.redback.rbac.UserAssignment;
import org.apache.archiva.redback.users.User;
import org.apache.archiva.redback.users.UserManager;
import org.jsecurity.authc.IncorrectCredentialsException;
import org.jsecurity.authc.UsernamePasswordToken;
import org.jsecurity.mgt.DefaultSecurityManager;
import org.jsecurity.subject.PrincipalCollection;
import org.jsecurity.subject.SimplePrincipalCollection;
import org.jsecurity.subject.Subject;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import javax.inject.Inject;
import javax.inject.Named;
@RunWith( SpringJUnit4ClassRunner.class )
@ContextConfiguration( locations = { "classpath*:/META-INF/spring-context.xml", "classpath*:/spring-context.xml" } )
public class RedbackRealmTest
extends TestCase
{
private DefaultSecurityManager securityManager;
private RedbackRealm realm;
@Inject
@Named( value = "userManager#memory" )
private UserManager userManager;
@Inject
@Named( value = "rBACManager#memory" )
private RBACManager rbacManager;
@Inject
private UserSecurityPolicy userSecurityPolicy;
private User user;
@Before
public void setUp()
throws Exception
{
super.setUp();
securityManager = new DefaultSecurityManager();
realm = new RedbackRealm( userManager, rbacManager, userSecurityPolicy );
securityManager.setRealm( realm );
user = userManager.createUser( "test1", "John Tester", "jtester@redback.codehaus.org" );
user.setPassword( "password1" );
userManager.addUser( user );
userManager.updateUser( user );
}
@After
public void tearDown()
throws Exception
{
super.tearDown();
securityManager.destroy();
securityManager = null;
realm = null;
}
protected String getPlexusConfigLocation()
{
return "plexus.xml";
}
public void testThrowsExceptionIfUserAccountLocked()
throws Exception
{
user.setLocked( true );
userManager.updateUser( user );
try
{
securityManager.login( new UsernamePasswordToken( "test1", "password1" ) );
fail( "Should not be able to login" );
}
catch ( PrincipalLockedException e )
{
assertTrue( true );
}
}
@Test
public void testThrowsExceptionIfUserAccountNeedsPasswordChange()
throws Exception
{
user.setPasswordChangeRequired( true );
userManager.updateUser( user );
try
{
securityManager.login( new UsernamePasswordToken( "test1", "password1" ) );
fail( "Should not be able to login" );
}
catch ( PrincipalPasswordChangeRequiredException e )
{
assertTrue( true );
}
}
@Test
public void testUnsuccessfullAuthAttemptsLockAccount()
throws Exception
{
assertFalse( user.isLocked() );
userSecurityPolicy.setLoginAttemptCount( 2 );
try
{
securityManager.login( new UsernamePasswordToken( "test1", "incorrectpassowrd" ) );
fail( "password should be incorrect" );
}
catch ( IncorrectCredentialsException e )
{
assertFalse( user.isLocked() );
}
try
{
securityManager.login( new UsernamePasswordToken( "test1", "incorrectpassowrd" ) );
fail( "password should be incorrect" );
}
catch ( IncorrectCredentialsException e )
{
assertTrue( user.isLocked() );
}
}
@Test
public void testBasic()
throws Exception
{
assertEquals( 1, userManager.getUsers().size() );
Role role1 = rbacManager.createRole( "role1" );
Permission permission = rbacManager.createPermission( "Allowed to write to repository" );
Operation operation = rbacManager.createOperation( "myop" );
Resource resource = rbacManager.createResource( "filesystem" );
permission.setOperation( operation );
permission.setPermanent( false );
permission.setResource( resource );
role1.addPermission( permission );
rbacManager.savePermission( permission );
rbacManager.saveRole( role1 );
Role role2 = rbacManager.createRole( "role2" );
UserAssignment assignment = rbacManager.createUserAssignment( user.getUsername() );
assignment.addRoleName( "role1" );
rbacManager.saveUserAssignment( assignment );
Subject subject = securityManager.login( new UsernamePasswordToken( "test1", "password1" ) );
assertTrue( subject.isAuthenticated() );
assertTrue( subject.hasRole( "role1" ) );
assertFalse( subject.hasRole( "role2" ) );
PrincipalCollection principals = new SimplePrincipalCollection( "test1", realm.getName() );
assertTrue( securityManager.isPermitted( principals, "Allowed to write to repository" ) );
}
}