storing User in AuthenticationResult to avoid searching it again

git-svn-id: https://svn.apache.org/repos/asf/archiva/redback/redback-core/trunk@1412362 13f79535-47bb-0310-9956-ffa450edef68

redback-authentication/redback-authentication-api/pom.xml

@@ -63,6 +63,7 @@
               javax.annotation,
               javax.inject;version="[1,2)",
               org.apache.archiva.redback.policy;version=${project.version},
+              org.apache.archiva.redback.users;version=${project.version},
               org.apache.commons.lang;version="[2.6,3)",
               org.springframework*;version="[3,4)"
             </Import-Package>

redback-authentication/redback-authentication-api/src/main/java/org/apache/archiva/redback/authentication/AuthenticationResult.java

@@ -19,6 +19,8 @@ package org.apache.archiva.redback.authentication;
  * under the License.
  */
 
+import org.apache.archiva.redback.users.User;
+
 import java.io.Serializable;
 import java.util.Map;
 
@@ -26,7 +28,6 @@ import java.util.Map;
  * AuthenticationResult: wrapper object for information that comes back from the authentication system
  *
  * @author Jesse McConnell <jesse@codehaus.org>
- *
  */
 public class AuthenticationResult
     implements Serializable
@@ -35,10 +36,17 @@ public class AuthenticationResult
 
     private String principal;
 
+    /**
+     * as we can search the User store it here for reuse.
+     *
+     * @since 2.1
+     */
+    private User user;
+
     // TODO: why aren't these just thrown from the authenticate() method?
     private Exception exception;
 
-    private Map<String,String> exceptionsMap;
+    private Map<String, String> exceptionsMap;
 
     public AuthenticationResult()
     {
@@ -54,7 +62,8 @@ public class AuthenticationResult
         this.exception = exception;
     }
 
-    public AuthenticationResult( boolean authenticated, String principal, Exception exception, Map<String,String> exceptionsMap )
+    public AuthenticationResult( boolean authenticated, String principal, Exception exception,
+                                 Map<String, String> exceptionsMap )
     {
         isAuthenticated = authenticated;
         this.principal = principal;
@@ -77,11 +86,30 @@ public class AuthenticationResult
         return exception;
     }
 
-    public Map<String,String> getExceptionsMap()
+    public Map<String, String> getExceptionsMap()
     {
         return exceptionsMap;
     }
 
+    /**
+     * <b>can be <code>null</code></b>
+     */
+    public User getUser()
+    {
+        return user;
+    }
+
+    public void setUser( User user )
+    {
+        this.user = user;
+    }
+
+    public AuthenticationResult user( User user )
+    {
+        this.setUser( user );
+        return this;
+    }
+
     public String toString()
     {
         StringBuilder sb = new StringBuilder();

redback-integrations/redback-common-integrations/src/main/java/org/apache/archiva/redback/integration/filter/authentication/HttpAuthenticator.java

@@ -67,7 +67,7 @@ public abstract class HttpAuthenticator
 
             setSecuritySession( securitySession, httpSession );
 
-            return securitySession.getAuthenticationResult();
+            return securitySession.getAuthenticationResult().user( securitySession.getUser() );
         }
         catch ( AuthenticationException e )
         {

redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/AuthenticationInterceptor.java

@@ -20,22 +20,22 @@ package org.apache.archiva.redback.rest.services.interceptors;
  */
 
 
-import org.apache.archiva.redback.policy.MustChangePasswordException;
-import org.apache.archiva.redback.users.User;
-import org.apache.archiva.redback.users.UserManager;
-import org.apache.cxf.jaxrs.ext.RequestHandler;
-import org.apache.cxf.jaxrs.model.ClassResourceInfo;
-import org.apache.cxf.message.Message;
 import org.apache.archiva.redback.authentication.AuthenticationException;
 import org.apache.archiva.redback.authentication.AuthenticationResult;
 import org.apache.archiva.redback.authorization.RedbackAuthorization;
-import org.apache.archiva.redback.policy.AccountLockedException;
-import org.apache.archiva.redback.system.SecuritySession;
-import org.apache.archiva.redback.users.UserNotFoundException;
 import org.apache.archiva.redback.integration.filter.authentication.HttpAuthenticationException;
 import org.apache.archiva.redback.integration.filter.authentication.basic.HttpBasicAuthentication;
+import org.apache.archiva.redback.policy.AccountLockedException;
+import org.apache.archiva.redback.policy.MustChangePasswordException;
 import org.apache.archiva.redback.rest.services.RedbackAuthenticationThreadLocal;
 import org.apache.archiva.redback.rest.services.RedbackRequestInformation;
+import org.apache.archiva.redback.system.SecuritySession;
+import org.apache.archiva.redback.users.User;
+import org.apache.archiva.redback.users.UserManager;
+import org.apache.archiva.redback.users.UserNotFoundException;
+import org.apache.cxf.jaxrs.ext.RequestHandler;
+import org.apache.cxf.jaxrs.model.ClassResourceInfo;
+import org.apache.cxf.message.Message;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Service;
@@ -54,17 +54,17 @@ import javax.ws.rs.core.Response;
  * @author Olivier Lamy
  * @since 1.3
  */
-@Service( "authenticationInterceptor#rest" )
+@Service ("authenticationInterceptor#rest")
 public class AuthenticationInterceptor
     extends AbstractInterceptor
     implements RequestHandler
 {
     @Inject
-    @Named( value = "userManager#configurable" )
+    @Named (value = "userManager#configurable")
     private UserManager userManager;
 
     @Inject
-    @Named( value = "httpAuthenticator#basic" )
+    @Named (value = "httpAuthenticator#basic")
     private HttpBasicAuthentication httpAuthenticator;
 
     private Logger log = LoggerFactory.getLogger( getClass() );
@@ -108,8 +108,9 @@ public class AuthenticationInterceptor
                     {
                         return null;
                     }
-                    // FIXME this is already called previously but authenticationResult doesn't return that
+
-                    User user = userManager.findUser( (String) authenticationResult.getPrincipal() );
+                    User user = authenticationResult.getUser() == null ? userManager.findUser(
+                        authenticationResult.getPrincipal() ) : authenticationResult.getUser();
                     RedbackRequestInformation redbackRequestInformation =
                         new RedbackRequestInformation( user, request.getRemoteAddr() );
 
@@ -132,8 +133,11 @@ public class AuthenticationInterceptor
             {
                 throw new HttpAuthenticationException( "You are not authenticated." );
             }
-            // FIXME this is already called previously but authenticationResult doesn't return that
+
-            User user = userManager.findUser( (String) authenticationResult.getPrincipal() );
+            User user = authenticationResult.getUser() == null
+                ? userManager.findUser( authenticationResult.getPrincipal() )
+                : authenticationResult.getUser();
+
             RedbackRequestInformation redbackRequestInformation =
                 new RedbackRequestInformation( user, request.getRemoteAddr() );