diff --git a/redback-authentication/redback-authentication-providers/redback-authentication-ldap/src/main/java/org/apache/archiva/redback/authentication/ldap/LdapBindAuthenticator.java b/redback-authentication/redback-authentication-providers/redback-authentication-ldap/src/main/java/org/apache/archiva/redback/authentication/ldap/LdapBindAuthenticator.java index 3269c1a7..bc5c7571 100644 --- a/redback-authentication/redback-authentication-providers/redback-authentication-ldap/src/main/java/org/apache/archiva/redback/authentication/ldap/LdapBindAuthenticator.java +++ b/redback-authentication/redback-authentication-providers/redback-authentication-ldap/src/main/java/org/apache/archiva/redback/authentication/ldap/LdapBindAuthenticator.java @@ -23,6 +23,7 @@ import org.apache.archiva.redback.authentication.AuthenticationConstants; import org.apache.archiva.redback.common.ldap.UserMapper; import org.apache.archiva.redback.common.ldap.connection.LdapConnectionFactory; import org.apache.archiva.redback.configuration.UserConfiguration; +import org.apache.archiva.redback.configuration.UserConfigurationKeys; import org.apache.commons.lang.StringUtils; import org.apache.archiva.redback.authentication.AuthenticationDataSource; import org.apache.archiva.redback.authentication.AuthenticationException; @@ -83,9 +84,9 @@ public class LdapBindAuthenticator { PasswordBasedAuthenticationDataSource source = (PasswordBasedAuthenticationDataSource) s; - if ( !config.getBoolean( "ldap.bind.authenticator.enabled" ) || ( - !config.getBoolean( "ldap.bind.authenticator.allowEmptyPasswords", false ) && StringUtils.isEmpty( - source.getPassword() ) ) ) + if ( !config.getBoolean( UserConfigurationKeys.LDAP_BIND_AUTHENTICATOR_ENABLED ) || ( + !config.getBoolean( UserConfigurationKeys.LDAP_BIND_AUTHENTICATOR_ALLOW_EMPTY_PASSWORDS, false ) + && StringUtils.isEmpty( source.getPassword() ) ) ) { return new AuthenticationResult( false, source.getPrincipal(), null ); } diff --git a/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/LdapUserMapper.java b/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/LdapUserMapper.java index 107e57b0..8e4f2599 100644 --- a/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/LdapUserMapper.java +++ b/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/LdapUserMapper.java @@ -35,7 +35,7 @@ import java.util.Date; /** * @author jesse */ -@Service( "userMapper#ldap" ) +@Service("userMapper#ldap") public class LdapUserMapper implements UserMapper { @@ -80,7 +80,7 @@ public class LdapUserMapper int maxResultCount = 0; @Inject - @Named( value = "userConfiguration" ) + @Named(value = "userConfiguration") private UserConfiguration userConf; @PostConstruct @@ -97,7 +97,7 @@ public class LdapUserMapper userObjectClass = userConf.getString( UserConfigurationKeys.LDAP_MAPPER_USER_ATTRIBUTE_OBJECT_CLASS, userObjectClass ); userFilter = userConf.getString( UserConfigurationKeys.LDAP_MAPPER_USER_ATTRIBUTE_FILTER, userFilter ); - maxResultCount = userConf.getInt( "ldap.config.max.result.count", maxResultCount ); + maxResultCount = userConf.getInt( UserConfigurationKeys.LDAP_MAX_RESULT_COUNT, maxResultCount ); } public Attributes getCreationAttributes( User user, boolean encodePasswordIfChanged ) diff --git a/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/connection/ConfigurableLdapConnectionFactory.java b/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/connection/ConfigurableLdapConnectionFactory.java index ebafd44f..e5438b9c 100644 --- a/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/connection/ConfigurableLdapConnectionFactory.java +++ b/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/connection/ConfigurableLdapConnectionFactory.java @@ -76,12 +76,12 @@ public class ConfigurableLdapConnectionFactory { configuration = new LdapConnectionConfiguration(); configuration.setHostname( userConf.getString( UserConfigurationKeys.LDAP_HOSTNAME, hostname ) ); - configuration.setPort( userConf.getInt( "ldap.config.port", port ) ); - configuration.setSsl( userConf.getBoolean( "ldap.config.ssl", ssl ) ); - configuration.setBaseDn( userConf.getConcatenatedList( "ldap.config.base.dn", baseDn ) ); + configuration.setPort( userConf.getInt( UserConfigurationKeys.LDAP_PORT, port ) ); + configuration.setSsl( userConf.getBoolean( UserConfigurationKeys.LDAP_SSL, ssl ) ); + configuration.setBaseDn( userConf.getConcatenatedList( UserConfigurationKeys.LDAP_BASEDN, baseDn ) ); configuration.setContextFactory( userConf.getString( UserConfigurationKeys.LDAP_CONTEX_FACTORY, contextFactory ) ); - configuration.setBindDn( userConf.getConcatenatedList( "ldap.config.bind.dn", bindDn ) ); + configuration.setBindDn( userConf.getConcatenatedList( UserConfigurationKeys.LDAP_BINDDN, bindDn ) ); configuration.setPassword( userConf.getString( UserConfigurationKeys.LDAP_PASSWORD, password ) ); configuration.setAuthenticationMethod( userConf.getString( UserConfigurationKeys.LDAP_AUTHENTICATION_METHOD, authenticationMethod ) ); diff --git a/redback-configuration/src/main/java/org/apache/archiva/redback/configuration/DefaultUserConfiguration.java b/redback-configuration/src/main/java/org/apache/archiva/redback/configuration/DefaultUserConfiguration.java index 1d3a8365..cf3016a1 100644 --- a/redback-configuration/src/main/java/org/apache/archiva/redback/configuration/DefaultUserConfiguration.java +++ b/redback-configuration/src/main/java/org/apache/archiva/redback/configuration/DefaultUserConfiguration.java @@ -176,7 +176,6 @@ public class DefaultUserConfiguration public String getConcatenatedList( String key, String defaultValue ) { - String concatenatedList; List list = getList( key ); if ( !list.isEmpty() ) { @@ -189,14 +188,11 @@ public class DefaultUserConfiguration } s.append( value ); } - concatenatedList = s.toString(); + log.debug( "getList for key {} return {}", key, s.toString() ); + return s.toString(); } - else - { - concatenatedList = defaultValue; - } - - return concatenatedList; + log.debug( "getList for key {} return {}", key, defaultValue ); + return defaultValue; } /** diff --git a/redback-configuration/src/main/java/org/apache/archiva/redback/configuration/UserConfigurationKeys.java b/redback-configuration/src/main/java/org/apache/archiva/redback/configuration/UserConfigurationKeys.java index ef900676..d0af5700 100644 --- a/redback-configuration/src/main/java/org/apache/archiva/redback/configuration/UserConfigurationKeys.java +++ b/redback-configuration/src/main/java/org/apache/archiva/redback/configuration/UserConfigurationKeys.java @@ -45,18 +45,30 @@ public interface UserConfigurationKeys String REMEMBER_ME_DOMAIN = "security.rememberme.domain"; + String REMEMBER_ME_ENABLED = "security.rememberme.enabled"; + String SIGNON_DOMAIN = "security.signon.domain"; String SIGNON_PATH = "security.signon.path"; + String SIGNON_TIMEOUT = "security.signon.timeout"; + String LDAP_HOSTNAME = "ldap.config.hostname"; + String LDAP_PORT = "ldap.config.port"; + + String LDAP_SSL = "ldap.config.ssl"; + String LDAP_CONTEX_FACTORY = "ldap.config.context.factory"; String LDAP_PASSWORD = "ldap.config.password"; String LDAP_AUTHENTICATION_METHOD = "ldap.config.authentication.method"; + String LDAP_BASEDN = "ldap.config.base.dn"; + + String LDAP_BINDDN = "ldap.config.bind.dn"; + String APPLICATION_URL = "application.url"; String EMAIL_URL_PATH = "email.url.path"; @@ -69,7 +81,60 @@ public interface UserConfigurationKeys String LDAP_MAPPER_USER_ATTRIBUTE_ID = "ldap.config.mapper.attribute.user.id"; - String LDAP_MAPPER_USER_ATTRIBUTE_OBJECT_CLASS = "ldap.config.mapper.attribute.user.object.class"; + String LDAP_MAPPER_USER_ATTRIBUTE_OBJECT_CLASS = "ldap.config.mapper.attribute.user.object.class"; String LDAP_MAPPER_USER_ATTRIBUTE_FILTER = "ldap.config.mapper.attribute.user.filter"; + + String LDAP_MAX_RESULT_COUNT = "ldap.config.max.result.count"; + + String LDAP_BIND_AUTHENTICATOR_ENABLED = "ldap.bind.authenticator.enabled"; + + String LDAP_BIND_AUTHENTICATOR_ALLOW_EMPTY_PASSWORDS = "ldap.bind.authenticator.allowEmptyPasswords"; + + String PASSWORD_RETENTION_COUNT = "security.policy.password.previous.count"; + + String LOGIN_ATTEMPT_COUNT = "security.policy.allowed.login.attempt"; + + String PASSWORD_EXPIRATION_ENABLED = "security.policy.password.expiration.enabled"; + + String PASSWORD_EXPIRATION = "security.policy.password.expiration.days"; + + String UNLOCKABLE_ACCOUNTS = "security.policy.unlockable.accounts"; + + String EMAIL_VALIDATION_TIMEOUT = "email.validation.timeout"; + + String EMAIL_VALIDATION_REQUIRED = "email.validation.required"; + + String REMEMBERME_TIMEOUT = "security.rememberme.timeout"; + + String ALPHA_COUNT_MIN = "security.policy.password.rule.alphacount.minimum"; + + String ALPHA_COUNT_VIOLATION = "user.password.violation.alpha"; + + String CHARACTER_LENGTH_MIN = "security.policy.password.rule.characterlength.minimum"; + + String CHARACTER_LENGTH_MAX = "security.policy.password.rule.characterlength.maximum"; + + String CHARACTER_LENGTH_MISCONFIGURED_VIOLATION = "user.password.violation.length.misconfigured"; + + String CHARACTER_LENGTH_VIOLATION = "user.password.violation.length"; + + String MINIMUM = "security.policy.password.rule.numericalcount.minimum"; + + String NUMERICAL_COUNT_VIOLATION = "user.password.violation.numeric"; + + String POLICY_PASSWORD_RULE_ALPHANUMERIC_ENABLED = "security.policy.password.rule.alphanumeric.enabled"; + + String POLICY_PASSWORD_RULE_ALPHACOUNT_ENABLED = "security.policy.password.rule.alphacount.enabled"; + + String POLICY_PASSWORD_RULE_CHARACTERLENGTH_ENABLED = "security.policy.password.rule.characterlength.enabled"; + + String POLICY_PASSWORD_RULE_MUSTHAVE_ENABLED = "security.policy.password.rule.musthave.enabled"; + + String POLICY_PASSWORD_RULE_NUMERICALCOUNT_ENABLED = "security.policy.password.rule.numericalcount.enabled"; + + String POLICY_PASSWORD_RULE_REUSE_ENABLED = "security.policy.password.rule.reuse.enabled"; + + String POLICY_PASSWORD_RULE_NOWHITTESPACE_ENABLED = "security.policy.password.rule.nowhitespace.enabled"; + } diff --git a/redback-configuration/src/test/java/org/apache/archiva/redback/configuration/DefaultUserConfigurationTest.java b/redback-configuration/src/test/java/org/apache/archiva/redback/configuration/DefaultUserConfigurationTest.java index 1d05a1e9..b3294fc9 100644 --- a/redback-configuration/src/test/java/org/apache/archiva/redback/configuration/DefaultUserConfigurationTest.java +++ b/redback-configuration/src/test/java/org/apache/archiva/redback/configuration/DefaultUserConfigurationTest.java @@ -33,7 +33,6 @@ import javax.inject.Named; * DefaultUserConfigurationTest * * @author Joakim Erdfelt - * */ @RunWith( SpringJUnit4ClassRunner.class ) @ContextConfiguration( locations = { "classpath*:/META-INF/spring-context.xml", "classpath*:/spring-context.xml" } ) @@ -41,7 +40,8 @@ public class DefaultUserConfigurationTest extends TestCase { - @Inject @Named(value = "test") + @Inject + @Named( value = "test" ) UserConfiguration config; private void assertEmpty( String str ) @@ -100,8 +100,9 @@ public class DefaultUserConfigurationTest @Test public void testConcatenatedList() { - assertEquals( "uid=brett,dc=codehaus,dc=org", config.getConcatenatedList( "ldap.bind.dn", null ) ); - assertEquals( "dc=codehaus,dc=org", config.getConcatenatedList( "ldap.base.dn", null ) ); + assertEquals( "uid=brett,dc=codehaus,dc=org", + config.getConcatenatedList( UserConfigurationKeys.LDAP_BINDDN, null ) ); + assertEquals( "dc=codehaus,dc=org", config.getConcatenatedList( UserConfigurationKeys.LDAP_BASEDN, null ) ); assertEquals( "foo", config.getConcatenatedList( "short.list", null ) ); assertEquals( "bar,baz", config.getConcatenatedList( "no.list", "bar,baz" ) ); } diff --git a/redback-policy/src/main/java/org/apache/archiva/redback/policy/DefaultUserSecurityPolicy.java b/redback-policy/src/main/java/org/apache/archiva/redback/policy/DefaultUserSecurityPolicy.java index 0ee8ab92..6fefb38f 100644 --- a/redback-policy/src/main/java/org/apache/archiva/redback/policy/DefaultUserSecurityPolicy.java +++ b/redback-policy/src/main/java/org/apache/archiva/redback/policy/DefaultUserSecurityPolicy.java @@ -41,45 +41,34 @@ import java.util.List; * * @author Joakim Erdfelt */ -@Service( "userSecurityPolicy" ) +@Service("userSecurityPolicy") public class DefaultUserSecurityPolicy implements UserSecurityPolicy { private static final String ENABLEMENT_KEY = "UserSecurityPolicy" + ":ENABLED"; - public static final String PASSWORD_RETENTION_COUNT = "security.policy.password.previous.count"; - - public static final String LOGIN_ATTEMPT_COUNT = "security.policy.allowed.login.attempt"; - - public static final String PASSWORD_EXPIRATION_ENABLED = "security.policy.password.expiration.enabled"; - - public static final String PASSWORD_EXPIRATION = "security.policy.password.expiration.days"; - - - public static final String UNLOCKABLE_ACCOUNTS = "security.policy.unlockable.accounts"; - - private static final Logger log = LoggerFactory.getLogger( DefaultUserSecurityPolicy.class ); + private Logger log = LoggerFactory.getLogger( getClass() ); private PasswordRule defaultPasswordRule = new MustHavePasswordRule(); @Inject - @Named( value = "userConfiguration" ) + @Named(value = "userConfiguration") private UserConfiguration config; @Inject - @Named( value = "passwordEncoder#sha256" ) + @Named(value = "passwordEncoder#sha256") private PasswordEncoder passwordEncoder; @Inject - @Named( value = "userValidationSettings" ) + @Named(value = "userValidationSettings") private UserValidationSettings userValidationSettings; @Inject - @Named( value = "cookieSettings#rememberMe" ) + @Named(value = "cookieSettings#rememberMe") private CookieSettings rememberMeCookieSettings; @Inject - @Named( value = "cookieSettings#signon" ) + @Named(value = "cookieSettings#signon") private CookieSettings signonCookieSettings; // TODO use something more generic to be able to do change about container @@ -107,7 +96,7 @@ public class DefaultUserSecurityPolicy // Component lifecycle // --------------------------------------- // TODO move this to constructor - @SuppressWarnings( "unchecked" ) + @SuppressWarnings("unchecked") @PostConstruct public void initialize() { @@ -141,11 +130,11 @@ public class DefaultUserSecurityPolicy private void configurePolicy() { - this.previousPasswordsCount = config.getInt( PASSWORD_RETENTION_COUNT ); - this.loginAttemptCount = config.getInt( LOGIN_ATTEMPT_COUNT ); - this.passwordExpirationEnabled = config.getBoolean( PASSWORD_EXPIRATION_ENABLED ); - this.passwordExpirationDays = config.getInt( PASSWORD_EXPIRATION ); - this.unlockableAccounts = config.getList( UNLOCKABLE_ACCOUNTS ); + this.previousPasswordsCount = config.getInt( UserConfigurationKeys.PASSWORD_RETENTION_COUNT ); + this.loginAttemptCount = config.getInt( UserConfigurationKeys.LOGIN_ATTEMPT_COUNT ); + this.passwordExpirationEnabled = config.getBoolean( UserConfigurationKeys.PASSWORD_EXPIRATION_ENABLED ); + this.passwordExpirationDays = config.getInt( UserConfigurationKeys.PASSWORD_EXPIRATION ); + this.unlockableAccounts = config.getList( UserConfigurationKeys.UNLOCKABLE_ACCOUNTS ); } diff --git a/redback-policy/src/main/java/org/apache/archiva/redback/policy/DefaultUserValidationSettings.java b/redback-policy/src/main/java/org/apache/archiva/redback/policy/DefaultUserValidationSettings.java index 4a220690..c16d9d9f 100644 --- a/redback-policy/src/main/java/org/apache/archiva/redback/policy/DefaultUserValidationSettings.java +++ b/redback-policy/src/main/java/org/apache/archiva/redback/policy/DefaultUserValidationSettings.java @@ -62,8 +62,8 @@ public class DefaultUserValidationSettings @PostConstruct public void initialize() { - this.emailValidationRequired = config.getBoolean( "email.validation.required" ); - this.emailValidationTimeout = config.getInt( "email.validation.timeout" ); + this.emailValidationRequired = config.getBoolean( UserConfigurationKeys.EMAIL_VALIDATION_REQUIRED ); + this.emailValidationTimeout = config.getInt( UserConfigurationKeys.EMAIL_VALIDATION_TIMEOUT ); this.emailSubject = config.getString( UserConfigurationKeys.EMAIL_VALIDATION_SUBJECT ); } } diff --git a/redback-policy/src/main/java/org/apache/archiva/redback/policy/RememberMeCookieSettings.java b/redback-policy/src/main/java/org/apache/archiva/redback/policy/RememberMeCookieSettings.java index 614fa1db..e42ca9cd 100644 --- a/redback-policy/src/main/java/org/apache/archiva/redback/policy/RememberMeCookieSettings.java +++ b/redback-policy/src/main/java/org/apache/archiva/redback/policy/RememberMeCookieSettings.java @@ -44,9 +44,9 @@ public class RememberMeCookieSettings @PostConstruct public void initialize() { - this.cookieTimeout = config.getInt( "security.rememberme.timeout" ); + this.cookieTimeout = config.getInt( UserConfigurationKeys.REMEMBERME_TIMEOUT ); this.domain = config.getString( UserConfigurationKeys.REMEMBER_ME_DOMAIN ); this.path = config.getString( UserConfigurationKeys.REMEMBER_ME_PATH ); - this.enabled = config.getBoolean( "security.rememberme.enabled" ); + this.enabled = config.getBoolean( UserConfigurationKeys.REMEMBER_ME_ENABLED ); } } diff --git a/redback-policy/src/main/java/org/apache/archiva/redback/policy/SignonCookieSettings.java b/redback-policy/src/main/java/org/apache/archiva/redback/policy/SignonCookieSettings.java index 947614cc..7ec2943e 100644 --- a/redback-policy/src/main/java/org/apache/archiva/redback/policy/SignonCookieSettings.java +++ b/redback-policy/src/main/java/org/apache/archiva/redback/policy/SignonCookieSettings.java @@ -38,7 +38,7 @@ public class SignonCookieSettings public void initialize() { // cookie timeouts in the configuration settings is labeled to be in minutes, so adjust to minutes - cookieTimeout = config.getInt( "security.signon.timeout" ) * 60; + cookieTimeout = config.getInt( UserConfigurationKeys.SIGNON_TIMEOUT ) * 60; domain = config.getString( UserConfigurationKeys.SIGNON_DOMAIN ); path = config.getString( UserConfigurationKeys.SIGNON_PATH ); } diff --git a/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/AlphaNumericPasswordRule.java b/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/AlphaNumericPasswordRule.java index 82d936b9..9fba5fbc 100644 --- a/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/AlphaNumericPasswordRule.java +++ b/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/AlphaNumericPasswordRule.java @@ -16,6 +16,7 @@ package org.apache.archiva.redback.policy.rules; * limitations under the License. */ +import org.apache.archiva.redback.configuration.UserConfigurationKeys; import org.apache.archiva.redback.policy.PasswordRuleViolations; import org.apache.archiva.redback.policy.UserSecurityPolicy; import org.apache.archiva.redback.users.User; @@ -25,7 +26,6 @@ import javax.annotation.PostConstruct; /** * Basic Password Rule. Checks that password only contains alpha-numeric characters. - * */ @Service("passwordRule#alpha-numeric") public class AlphaNumericPasswordRule @@ -56,6 +56,6 @@ public class AlphaNumericPasswordRule @PostConstruct public void initialize() { - enabled = config.getBoolean( "security.policy.password.rule.alphanumeric.enabled" ); + enabled = config.getBoolean( UserConfigurationKeys.POLICY_PASSWORD_RULE_ALPHANUMERIC_ENABLED ); } } diff --git a/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/AlphaPasswordRule.java b/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/AlphaPasswordRule.java index 8329f32f..d728d065 100644 --- a/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/AlphaPasswordRule.java +++ b/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/AlphaPasswordRule.java @@ -16,6 +16,7 @@ package org.apache.archiva.redback.policy.rules; * limitations under the License. */ +import org.apache.archiva.redback.configuration.UserConfigurationKeys; import org.apache.archiva.redback.policy.PasswordRuleViolations; import org.apache.archiva.redback.policy.UserSecurityPolicy; import org.apache.archiva.redback.users.User; @@ -29,15 +30,11 @@ import javax.annotation.PostConstruct; * alpha characters contained within. * * @author Joakim Erdfelt - * */ -@Service("passwordRule#alpha-count") +@Service( "passwordRule#alpha-count" ) public class AlphaPasswordRule extends AbstractPasswordRule { - public static final String ALPHA_COUNT_MIN = "security.policy.password.rule.alphacount.minimum"; - - public static final String ALPHA_COUNT_VIOLATION = "user.password.violation.alpha"; private int minimumCount; @@ -95,15 +92,15 @@ public class AlphaPasswordRule { if ( countAlphaCharacters( user.getPassword() ) < this.minimumCount ) { - violations.addViolation( ALPHA_COUNT_VIOLATION, - new String[]{String.valueOf( minimumCount )} ); //$NON-NLS-1$ + violations.addViolation( UserConfigurationKeys.ALPHA_COUNT_VIOLATION, + new String[]{ String.valueOf( minimumCount ) } ); //$NON-NLS-1$ } } @PostConstruct public void initialize() { - enabled = config.getBoolean( "security.policy.password.rule.alphacount.enabled" ); - this.minimumCount = config.getInt( ALPHA_COUNT_MIN ); + enabled = config.getBoolean( UserConfigurationKeys.POLICY_PASSWORD_RULE_ALPHACOUNT_ENABLED ); + this.minimumCount = config.getInt( UserConfigurationKeys.ALPHA_COUNT_MIN ); } } diff --git a/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/CharacterLengthPasswordRule.java b/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/CharacterLengthPasswordRule.java index 9aa6b221..506c7409 100644 --- a/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/CharacterLengthPasswordRule.java +++ b/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/CharacterLengthPasswordRule.java @@ -16,6 +16,7 @@ package org.apache.archiva.redback.policy.rules; * limitations under the License. */ +import org.apache.archiva.redback.configuration.UserConfigurationKeys; import org.apache.archiva.redback.policy.PasswordRuleViolations; import org.apache.archiva.redback.policy.UserSecurityPolicy; import org.apache.archiva.redback.users.User; @@ -29,20 +30,11 @@ import javax.annotation.PostConstruct; * {@link #setMaximumCharacters(int)} characters in length. * * @author Joakim Erdfelt - * */ -@Service("passwordRule#character-length") +@Service( "passwordRule#character-length" ) public class CharacterLengthPasswordRule extends AbstractPasswordRule { - public static final String CHARACTER_LENGTH_MIN = "security.policy.password.rule.characterlength.minimum"; - - public static final String CHARACTER_LENGTH_MAX = "security.policy.password.rule.characterlength.maximum"; - - public static final String CHARACTER_LENGTH_MISCONFIGURED_VIOLATION = - "user.password.violation.length.misconfigured"; - - public static final String CHARACTER_LENGTH_VIOLATION = "user.password.violation.length"; public static final int DEFAULT_CHARACTER_LENGTH_MAX = 8; @@ -81,8 +73,9 @@ public class CharacterLengthPasswordRule { /* this should caught up front during the configuration of the component */ // TODO: Throw runtime exception instead? - violations.addViolation( CHARACTER_LENGTH_MISCONFIGURED_VIOLATION, new String[]{ - String.valueOf( minimumCharacters ), String.valueOf( maximumCharacters )} ); //$NON-NLS-1$ + violations.addViolation( UserConfigurationKeys.CHARACTER_LENGTH_MISCONFIGURED_VIOLATION, + new String[]{ String.valueOf( minimumCharacters ), + String.valueOf( maximumCharacters ) } ); //$NON-NLS-1$ } String password = user.getPassword(); @@ -90,16 +83,17 @@ public class CharacterLengthPasswordRule if ( StringUtils.isEmpty( password ) || password.length() < minimumCharacters || password.length() > maximumCharacters ) { - violations.addViolation( CHARACTER_LENGTH_VIOLATION, new String[]{String.valueOf( minimumCharacters ), - String.valueOf( maximumCharacters )} ); //$NON-NLS-1$ + violations.addViolation( UserConfigurationKeys.CHARACTER_LENGTH_VIOLATION, + new String[]{ String.valueOf( minimumCharacters ), + String.valueOf( maximumCharacters ) } ); //$NON-NLS-1$ } } @PostConstruct public void initialize() { - enabled = config.getBoolean( "security.policy.password.rule.characterlength.enabled" ); - this.minimumCharacters = config.getInt( CHARACTER_LENGTH_MIN ); - this.maximumCharacters = config.getInt( CHARACTER_LENGTH_MAX ); + enabled = config.getBoolean( UserConfigurationKeys.POLICY_PASSWORD_RULE_CHARACTERLENGTH_ENABLED ); + this.minimumCharacters = config.getInt( UserConfigurationKeys.CHARACTER_LENGTH_MIN ); + this.maximumCharacters = config.getInt( UserConfigurationKeys.CHARACTER_LENGTH_MAX ); } } diff --git a/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/MustHavePasswordRule.java b/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/MustHavePasswordRule.java index 818f7d31..6784bf9f 100644 --- a/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/MustHavePasswordRule.java +++ b/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/MustHavePasswordRule.java @@ -16,6 +16,7 @@ package org.apache.archiva.redback.policy.rules; * limitations under the License. */ +import org.apache.archiva.redback.configuration.UserConfigurationKeys; import org.apache.archiva.redback.policy.PasswordRuleViolations; import org.apache.archiva.redback.policy.UserSecurityPolicy; import org.apache.archiva.redback.users.User; @@ -28,7 +29,6 @@ import javax.annotation.PostConstruct; * Basic Password Rule, Checks for non-empty Passwords in non guest users. * * @author Joakim Erdfelt - * */ @Service("passwordRule#must-have") public class MustHavePasswordRule @@ -52,6 +52,6 @@ public class MustHavePasswordRule @PostConstruct public void initialize() { - enabled = config.getBoolean( "security.policy.password.rule.musthave.enabled" ); + enabled = config.getBoolean( UserConfigurationKeys.POLICY_PASSWORD_RULE_MUSTHAVE_ENABLED ); } } diff --git a/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/NumericalPasswordRule.java b/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/NumericalPasswordRule.java index 5bde337a..0c335eb6 100644 --- a/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/NumericalPasswordRule.java +++ b/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/NumericalPasswordRule.java @@ -16,6 +16,7 @@ package org.apache.archiva.redback.policy.rules; * limitations under the License. */ +import org.apache.archiva.redback.configuration.UserConfigurationKeys; import org.apache.archiva.redback.users.User; import org.apache.archiva.redback.policy.PasswordRuleViolations; import org.apache.archiva.redback.policy.UserSecurityPolicy; @@ -29,15 +30,11 @@ import javax.annotation.PostConstruct; * numerical characters contained within. * * @author Joakim Erdfelt - * */ -@Service("passwordRule#numerical-count") +@Service( "passwordRule#numerical-count" ) public class NumericalPasswordRule extends AbstractPasswordRule { - public static final String MINIMUM = "security.policy.password.rule.numericalcount.minimum"; - - public static final String NUMERICAL_COUNT_VIOLATION = "user.password.violation.numeric"; private int minimumCount; @@ -95,15 +92,15 @@ public class NumericalPasswordRule { if ( countDigitCharacters( user.getPassword() ) < this.minimumCount ) { - violations.addViolation( NUMERICAL_COUNT_VIOLATION, - new String[]{String.valueOf( minimumCount )} ); //$NON-NLS-1$ + violations.addViolation( UserConfigurationKeys.NUMERICAL_COUNT_VIOLATION, + new String[]{ String.valueOf( minimumCount ) } ); //$NON-NLS-1$ } } @PostConstruct public void initialize() { - enabled = config.getBoolean( "security.policy.password.rule.numericalcount.enabled" ); - this.minimumCount = config.getInt( MINIMUM ); + enabled = config.getBoolean( UserConfigurationKeys.POLICY_PASSWORD_RULE_NUMERICALCOUNT_ENABLED ); + this.minimumCount = config.getInt( UserConfigurationKeys.MINIMUM ); } } diff --git a/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/ReusePasswordRule.java b/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/ReusePasswordRule.java index 2a4b2b53..48275b1d 100644 --- a/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/ReusePasswordRule.java +++ b/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/ReusePasswordRule.java @@ -16,6 +16,7 @@ package org.apache.archiva.redback.policy.rules; * limitations under the License. */ +import org.apache.archiva.redback.configuration.UserConfigurationKeys; import org.apache.archiva.redback.policy.PasswordRuleViolations; import org.apache.archiva.redback.policy.UserSecurityPolicy; import org.apache.archiva.redback.users.User; @@ -30,7 +31,6 @@ import java.util.Iterator; * the {@link User#getPreviousEncodedPasswords()} to ensure that a password is not reused. * * @author Joakim Erdfelt - * */ @Service("passwordRule#reuse") public class ReusePasswordRule @@ -108,13 +108,13 @@ public class ReusePasswordRule if ( hasReusedPassword( user, password ) ) { violations.addViolation( REUSE_VIOLATION, - new String[]{String.valueOf( getPreviousPasswordCount() )} ); //$NON-NLS-1$ + new String[]{ String.valueOf( getPreviousPasswordCount() ) } ); //$NON-NLS-1$ } } @PostConstruct public void initialize() { - enabled = config.getBoolean( "security.policy.password.rule.reuse.enabled" ); + enabled = config.getBoolean( UserConfigurationKeys.POLICY_PASSWORD_RULE_REUSE_ENABLED ); } } diff --git a/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/WhitespacePasswordRule.java b/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/WhitespacePasswordRule.java index 086c7047..2be5a860 100644 --- a/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/WhitespacePasswordRule.java +++ b/redback-policy/src/main/java/org/apache/archiva/redback/policy/rules/WhitespacePasswordRule.java @@ -16,6 +16,7 @@ package org.apache.archiva.redback.policy.rules; * limitations under the License. */ +import org.apache.archiva.redback.configuration.UserConfigurationKeys; import org.apache.archiva.redback.policy.PasswordRuleViolations; import org.apache.archiva.redback.policy.UserSecurityPolicy; import org.apache.archiva.redback.users.User; @@ -25,8 +26,6 @@ import javax.annotation.PostConstruct; /** * Basic Password Rule. Checks that password does not have whitespaces in it. - * - * */ @Service("passwordRule#no-whitespaces") public class WhitespacePasswordRule @@ -44,7 +43,7 @@ public class WhitespacePasswordRule if ( user.getPassword() != null ) { char[] password = user.getPassword().toCharArray(); - + for ( int i = 0; i < password.length; i++ ) { if ( Character.isWhitespace( password[i] ) ) @@ -59,6 +58,6 @@ public class WhitespacePasswordRule @PostConstruct public void initialize() { - enabled = config.getBoolean( "security.policy.password.rule.nowhitespace.enabled" ); + enabled = config.getBoolean( UserConfigurationKeys.POLICY_PASSWORD_RULE_NOWHITTESPACE_ENABLED ); } }