Apache
/
archiva-redback-core
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix unit test

This commit is contained in:
Olivier Lamy 2015-01-30 12:02:30 +11:00
parent 5bf9065c2f
commit 8bdcfbb8a0
4 changed files with 51 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
redback-integrations/redback-rest/redback-rest-services/pom.xml
View File

@ -32,7 +32,8 @@
<name>Redback :: Integration :: REST :: Services</name> <name>Redback :: Integration :: REST :: Services</name>
<properties> <properties>
<tomcatVersion>7.0.54</tomcatVersion> <tomcatVersion>7.0.57</tomcatVersion>
<rest.test.timeout>1000000</rest.test.timeout>
</properties> </properties>
<dependencies> <dependencies>
@ -276,6 +277,7 @@
<redback.jdbc.url>${redbackTestJdbcUrl}</redback.jdbc.url> <redback.jdbc.url>${redbackTestJdbcUrl}</redback.jdbc.url>
<redback.jdbc.driver.name>${redbackTestJdbcDriver}</redback.jdbc.driver.name> <redback.jdbc.driver.name>${redbackTestJdbcDriver}</redback.jdbc.driver.name>
<ldapPort>${ldapPort}</ldapPort> <ldapPort>${ldapPort}</ldapPort>
<rest.test.timeout>${rest.test.timeout}</rest.test.timeout>
</systemPropertyVariables> </systemPropertyVariables>
</configuration> </configuration>
</plugin> </plugin>

8
redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/AuthenticationInterceptor.java
View File

@ -156,29 +156,23 @@ public class AuthenticationInterceptor
catch ( UserNotFoundException e ) catch ( UserNotFoundException e )
{ {
log.debug( "UserNotFoundException for path {}", message.get( Message.REQUEST_URI ) ); log.debug( "UserNotFoundException for path {}", message.get( Message.REQUEST_URI ) );
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );
} }
catch ( AccountLockedException e ) catch ( AccountLockedException e )
{ {
log.debug( "account locked for path {}", message.get( Message.REQUEST_URI ) ); log.debug( "account locked for path {}", message.get( Message.REQUEST_URI ) );
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );
} }
catch ( MustChangePasswordException e ) catch ( MustChangePasswordException e )
{ {
log.debug( "must change password for path {}", message.get( Message.REQUEST_URI ) ); log.debug( "must change password for path {}", message.get( Message.REQUEST_URI ) );
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );
} }
catch ( AuthenticationException e ) catch ( AuthenticationException e )
{ {
log.debug( "failed to authenticate for path {}", message.get( Message.REQUEST_URI ) ); log.debug( "failed to authenticate for path {}", message.get( Message.REQUEST_URI ) );
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );
} }
catch ( UserManagerException e ) catch ( UserManagerException e )
{ {
log.debug( "UserManagerException: {} for path", e.getMessage(), message.get( Message.REQUEST_URI ) ); log.debug( "UserManagerException: {} for path", e.getMessage(), message.get( Message.REQUEST_URI ) );
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );
} }
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );
} }
} }

45
redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/PermissionsInterceptor.java
View File

@ -19,10 +19,13 @@ package org.apache.archiva.redback.rest.services.interceptors;
* under the License. * under the License.
*/ */
import org.apache.archiva.redback.authentication.AuthenticationException;
import org.apache.archiva.redback.authentication.AuthenticationResult; import org.apache.archiva.redback.authentication.AuthenticationResult;
import org.apache.archiva.redback.authorization.AuthorizationException; import org.apache.archiva.redback.authorization.AuthorizationException;
import org.apache.archiva.redback.authorization.RedbackAuthorization; import org.apache.archiva.redback.authorization.RedbackAuthorization;
import org.apache.archiva.redback.integration.filter.authentication.basic.HttpBasicAuthentication; import org.apache.archiva.redback.integration.filter.authentication.basic.HttpBasicAuthentication;
import org.apache.archiva.redback.policy.AccountLockedException;
import org.apache.archiva.redback.policy.MustChangePasswordException;
import org.apache.archiva.redback.system.SecuritySession; import org.apache.archiva.redback.system.SecuritySession;
import org.apache.archiva.redback.system.SecuritySystem; import org.apache.archiva.redback.system.SecuritySystem;
import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.StringUtils;
@ -71,7 +74,7 @@ public class PermissionsInterceptor
{ {
if ( redbackAuthorization.noRestriction() ) if ( redbackAuthorization.noRestriction() )
{ {
// we are fine this services is marked as non restrictive acces // we are fine this services is marked as non restrictive access
return; return;
} }
String[] permissions = redbackAuthorization.permissions(); String[] permissions = redbackAuthorization.permissions();
@ -80,8 +83,32 @@ public class PermissionsInterceptor
permissions[0] ) ) ) permissions[0] ) ) )
{ {
HttpServletRequest request = getHttpServletRequest( message ); HttpServletRequest request = getHttpServletRequest( message );
SecuritySession session = httpAuthenticator.getSecuritySession( request.getSession() ); SecuritySession securitySession = httpAuthenticator.getSecuritySession( request.getSession( true ) );
AuthenticationResult authenticationResult = message.get( AuthenticationResult.class ); AuthenticationResult authenticationResult = message.get( AuthenticationResult.class );
if ( authenticationResult == null )
{
try
{
authenticationResult = httpAuthenticator.getAuthenticationResult( request, getHttpServletResponse( message ) );
}
catch ( AuthenticationException e )
{
log.debug( "failed to authenticate for path {}", message.get( Message.REQUEST_URI ) );
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );
}
catch ( AccountLockedException e )
{
log.debug( "account locked for path {}", message.get( Message.REQUEST_URI ) );
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );
}
catch ( MustChangePasswordException e )
{
log.debug( "must change password for path {}", message.get( Message.REQUEST_URI ) );
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );
}
}
if ( authenticationResult != null && authenticationResult.isAuthenticated() ) if ( authenticationResult != null && authenticationResult.isAuthenticated() )
{ {
for ( String permission : permissions ) for ( String permission : permissions )
@ -92,7 +119,7 @@ public class PermissionsInterceptor
} }
try try
{ {
if ( securitySystem.isAuthorized( session, permission, if ( securitySystem.isAuthorized( securitySession, permission,
StringUtils.isBlank( redbackAuthorization.resource() ) StringUtils.isBlank( redbackAuthorization.resource() )
? null ? null
: redbackAuthorization.resource() ) ) : redbackAuthorization.resource() ) )
@ -101,8 +128,12 @@ public class PermissionsInterceptor
} }
else else
{ {
log.debug( "user {} not authorized for permission {}", session.getUser().getUsername(), if ( securitySession != null && securitySession.getUser() != null )
permission ); {
log.debug( "user {} not authorized for permission {}", //
securitySession.getUser().getUsername(), //
permission );
}
} }
} }
catch ( AuthorizationException e ) catch ( AuthorizationException e )
@ -116,9 +147,9 @@ public class PermissionsInterceptor
} }
else else
{ {
if ( session != null && session.getUser() != null ) if ( securitySession != null && securitySession.getUser() != null )
{ {
log.debug( "user {} not authenticated", session.getUser().getUsername() ); log.debug( "user {} not authenticated", securitySession.getUser().getUsername() );
} }
} }
} }

13
redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/AbstractRestServicesTest.java
View File

@ -62,6 +62,11 @@ public abstract class AbstractRestServicesTest
public String authorizationHeader = getAdminAuthzHeader(); public String authorizationHeader = getAdminAuthzHeader();
public long getTimeout()
{
return Long.getLong( "rest.test.timeout", 1000000 );
}
public static String encode( String uid, String password ) public static String encode( String uid, String password )
{ {
return "Basic " + Base64Utility.encode( ( uid + ":" + password ).getBytes() ); return "Basic " + Base64Utility.encode( ( uid + ":" + password ).getBytes() );
@ -159,7 +164,7 @@ public abstract class AbstractRestServicesTest
UserService.class, Collections.singletonList( new JacksonJaxbJsonProvider() ) ); UserService.class, Collections.singletonList( new JacksonJaxbJsonProvider() ) );
// time out for debuging purpose // time out for debuging purpose
WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( 100000 ); WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( getTimeout() );
if ( authzHeader != null ) if ( authzHeader != null )
{ {
@ -180,7 +185,7 @@ public abstract class AbstractRestServicesTest
Collections.singletonList( new JacksonJaxbJsonProvider() ) ); Collections.singletonList( new JacksonJaxbJsonProvider() ) );
// for debuging purpose // for debuging purpose
WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( 100000 ); WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( getTimeout() );
if ( authzHeader != null ) if ( authzHeader != null )
{ {
@ -200,7 +205,7 @@ public abstract class AbstractRestServicesTest
LoginService.class, Collections.singletonList( new JacksonJaxbJsonProvider() ) ); LoginService.class, Collections.singletonList( new JacksonJaxbJsonProvider() ) );
// for debuging purpose // for debuging purpose
WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( 100000 ); WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( getTimeout() );
if ( authzHeader != null ) if ( authzHeader != null )
{ {
@ -222,7 +227,7 @@ public abstract class AbstractRestServicesTest
Collections.singletonList( new JacksonJaxbJsonProvider() ) ); Collections.singletonList( new JacksonJaxbJsonProvider() ) );
// for debuging purpose // for debuging purpose
WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( 100000 ); WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( getTimeout() );
if ( authzHeader != null ) if ( authzHeader != null )
{ {