Apache
/
archiva-redback-core
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Improving response of permission interceptor

This commit is contained in:
Martin Stockhammer 2021-05-30 10:55:29 +02:00
parent ec89237419
commit 8a45cf5519
2 changed files with 19 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
redback-authorization/redback-authorization-api/src/main/java/org/apache/archiva/redback/authorization/RedbackAuthorization.java
View File

@ -49,7 +49,9 @@ public @interface RedbackAuthorization
* The resource is used to restrict access by using information from * The resource is used to restrict access by using information from
* the method parameters or call environment. * the method parameters or call environment.
* Resource annotations have to be in line with the defined permissions. * Resource annotations have to be in line with the defined permissions.
* @return the redback ressource karma needed * Parameters have to be given in the form <code>{parameterName}</code> and are extracted from the URIInfo (path- and
* query-parameters)
* @return the redback resource karma needed
*/ */
String resource() default ( "" ); String resource() default ( "" );
@ -65,7 +67,7 @@ public @interface RedbackAuthorization
boolean noRestriction() default false; boolean noRestriction() default false;
/** /**
* @return if this service need only authentication and not special karma * @return True, if this service need only authentication and not special karma
*/ */
boolean noPermission() default false; boolean noPermission() default false;
} }

16
redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/PermissionsInterceptor.java
View File

@ -66,6 +66,9 @@ public class PermissionsInterceptor
@Named( value = "httpAuthenticator#basic" ) @Named( value = "httpAuthenticator#basic" )
private HttpBasicAuthentication httpAuthenticator; private HttpBasicAuthentication httpAuthenticator;
private static final String DEFAULT_AUTHENTICATION_REALM = "archiva";
private String authenticationRealm = DEFAULT_AUTHENTICATION_REALM;
@Context @Context
private ResourceInfo resourceInfo; private ResourceInfo resourceInfo;
@ -172,7 +175,9 @@ public class PermissionsInterceptor
return; return;
} else { } else {
log.debug( "Path {} is protected and needs authentication. User not authenticated.", requestPath ); log.debug( "Path {} is protected and needs authentication. User not authenticated.", requestPath );
containerRequestContext.abortWith( Response.status( Response.Status.UNAUTHORIZED ).build() ); containerRequestContext.abortWith( Response.status( Response.Status.UNAUTHORIZED )
.header( "WWW-Authenticate", "Bearer realm=\""+getAuthenticationRealm()+"\"" )
.build() );
return; return;
} }
} }
@ -204,4 +209,13 @@ public class PermissionsInterceptor
} }
public String getAuthenticationRealm( )
{
return authenticationRealm;
}
public void setAuthenticationRealm( String authenticationRealm )
{
this.authenticationRealm = authenticationRealm;
}
} }