Apache/archiva
1
0
Fork 0
mirror of https://github.com/apache/archiva.git synced 2025-02-21 01:15:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

[MRM-915] and [MRM-926]

Browse Source 
-get the default guest users from redback config files instead of the hardcoded constant value


git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@691581 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Maria Odea B. Ching 2008-09-03 11:45:11 +00:00
parent 0f5a5fd895
commit 092a8ce4f1
10 changed files with 88 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaXworkUser.java
View File

@ -19,27 +19,38 @@
* under the License.
*/
import java.util.HashMap;
import java.util.Map;
import org.apache.maven.archiva.security.ArchivaRoleConstants;
import org.codehaus.plexus.redback.system.SecuritySession;
import org.codehaus.plexus.redback.system.SecuritySystemConstants;
import org.codehaus.plexus.redback.users.User;
import org.codehaus.plexus.registry.Registry;
/**
* ArchivaXworkUser
*
* @author <a href="mailto:joakime@apache.org">Joakim Erdfelt</a>
* @version $Id$
*
* @plexus.component role="org.apache.maven.archiva.security.ArchivaXworkUser"
*/
public class ArchivaXworkUser
{
public static String getActivePrincipal( Map<String, Object> sessionMap )
{
/**
* @plexus.requirement role-hint="commons-configuration"
*/
private Registry registry;
private static final String KEY = "org.codehaus.plexus.redback";
private static String guest;
public String getActivePrincipal( Map<String, Object> sessionMap )
{
if ( sessionMap == null )
{
return ArchivaRoleConstants.PRINCIPAL_GUEST;
return getGuest();
}
SecuritySession securitySession =
@ -52,15 +63,26 @@ public static String getActivePrincipal( Map<String, Object> sessionMap )
if ( securitySession == null )
{
return ArchivaRoleConstants.PRINCIPAL_GUEST;
return getGuest();
}
User user = securitySession.getUser();
if ( user == null )
{
return ArchivaRoleConstants.PRINCIPAL_GUEST;
return getGuest();
}
return (String) user.getPrincipal();
}
public String getGuest()
{
if( guest == null || "".equals( guest ) )
{
Registry subset = registry.getSubset( KEY );
guest = subset.getString( "redback.default.guest", ArchivaRoleConstants.PRINCIPAL_GUEST );
}
return guest;
}
}

7
archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/BrowseAction.java
View File

@ -52,6 +52,11 @@ public class BrowseAction
*/
private UserRepositories userRepositories;
/**
* @plexus.requirement
*/
private ArchivaXworkUser archivaXworkUser;
private BrowsingResults results;
private String groupId;
@ -121,7 +126,7 @@ public String browseArtifact()
private String getPrincipal()
{
return ArchivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() );
return archivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() );
}
private List<String> getObservableRepos()

7
archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/SearchAction.java
View File

@ -75,6 +75,11 @@ public class SearchAction
*/
private UserRepositories userRepositories;
/**
* @plexus.requirement
*/
private ArchivaXworkUser archivaXworkUser;
private static final String RESULTS = "results";
private static final String ARTIFACT = "artifact";
@ -195,7 +200,7 @@ public String doInput()
private String getPrincipal()
{
return ArchivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() );
return archivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() );
}
private List<String> getObservableRepos()

7
archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/ShowArtifactAction.java
View File

@ -59,6 +59,11 @@ public class ShowArtifactAction
* @plexus.requirement
*/
private UserRepositories userRepositories;
/**
* @plexus.requirement
*/
private ArchivaXworkUser archivaXworkUser;
/* .\ Input Parameters \.________________________________________ */
@ -179,7 +184,7 @@ public String dependencyTree()
private String getPrincipal()
{
return ArchivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() );
return archivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() );
}
private List<String> getObservableRepos()

7
archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/UploadAction.java
View File

@ -86,6 +86,11 @@ public class UploadAction
* @plexus.requirement
*/
private RepositoryContentConsumers consumers;
/**
* @plexus.requirement
*/
private ArchivaXworkUser archivaXworkUser;
/**
* The groupId of the artifact to be deployed.
@ -456,7 +461,7 @@ public String doUpload()
private String getPrincipal()
{
return ArchivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() );
return archivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() );
}
private void copyFile( File sourceFile, File targetPath, String targetFilename )

8
archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/rss/RssFeedServlet.java
View File

@ -40,6 +40,7 @@
import org.apache.maven.archiva.security.AccessDeniedException;
import org.apache.maven.archiva.security.ArchivaRoleConstants;
import org.apache.maven.archiva.security.ArchivaSecurityException;
import org.apache.maven.archiva.security.ArchivaXworkUser;
import org.apache.maven.archiva.security.PrincipalNotFoundException;
import org.apache.maven.archiva.security.ServletAuthenticator;
import org.apache.maven.archiva.security.UserRepositories;
@ -90,6 +91,8 @@ public class RssFeedServlet
private ServletAuthenticator servletAuth;
private HttpAuthenticator httpAuth;
private ArchivaXworkUser archivaXworkUser;
public void init( javax.servlet.ServletConfig servletConfig )
throws ServletException
@ -102,6 +105,7 @@ public void init( javax.servlet.ServletConfig servletConfig )
(ServletAuthenticator) wac.getBean( PlexusToSpringUtils.buildSpringId( ServletAuthenticator.class.getName() ) );
httpAuth =
(HttpAuthenticator) wac.getBean( PlexusToSpringUtils.buildSpringId( HttpAuthenticator.ROLE, "basic" ) );
archivaXworkUser = (ArchivaXworkUser) wac.getBean( PlexusToSpringUtils.buildSpringId( ArchivaXworkUser.class ) );
}
public void doGet( HttpServletRequest req, HttpServletResponse res )
@ -269,7 +273,7 @@ else if ( artifactId != null && groupId != null )
if ( usernamePassword == null || usernamePassword.trim().equals( "" ) )
{
repoIds = getObservableRepos( ArchivaRoleConstants.PRINCIPAL_GUEST );
repoIds = getObservableRepos( archivaXworkUser.getGuest() );
}
else
{
@ -279,7 +283,7 @@ else if ( artifactId != null && groupId != null )
}
else
{
repoIds = getObservableRepos( ArchivaRoleConstants.PRINCIPAL_GUEST );
repoIds = getObservableRepos( archivaXworkUser.getGuest() );
}
}
else

11
archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/maven/archiva/webdav/ArchivaDavResource.java
View File

@ -97,17 +97,20 @@ public class ArchivaDavResource
private final MimeTypes mimeTypes;
private List<AuditListener> auditListeners;
private ArchivaXworkUser archivaXworkUser;
public ArchivaDavResource( String localResource, String logicalResource, ManagedRepositoryConfiguration repository,
DavSession session, ArchivaDavResourceLocator locator, DavResourceFactory factory,
MimeTypes mimeTypes, List<AuditListener> auditListeners,
RepositoryContentConsumers consumers )
RepositoryContentConsumers consumers, ArchivaXworkUser archivaXworkUser )
{
this.localResource = new File( localResource );
this.logicalResource = logicalResource;
this.locator = locator;
this.factory = factory;
this.session = session;
this.archivaXworkUser = archivaXworkUser;
// TODO: push into locator as well as moving any references out of the resource factory
this.repository = repository;
@ -121,10 +124,10 @@ public ArchivaDavResource( String localResource, String logicalResource, Managed
public ArchivaDavResource( String localResource, String logicalResource, ManagedRepositoryConfiguration repository,
String remoteAddr, DavSession session, ArchivaDavResourceLocator locator,
DavResourceFactory factory, MimeTypes mimeTypes, List<AuditListener> auditListeners,
RepositoryContentConsumers consumers )
RepositoryContentConsumers consumers, ArchivaXworkUser archivaXworkUser )
{
this( localResource, logicalResource, repository, session, locator, factory, mimeTypes, auditListeners,
consumers );
consumers, archivaXworkUser );
this.remoteAddr = remoteAddr;
}
@ -614,7 +617,7 @@ private ArchivaDavResource checkDavResourceIsArchivaDavResource( DavResource res
private void triggerAuditEvent( String remoteIP, String repositoryId, String resource, String action )
{
String activePrincipal = ArchivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() );
String activePrincipal = archivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() );
AuditEvent event = new AuditEvent( repositoryId, activePrincipal, resource, action );
event.setRemoteIP( remoteIP );

21
archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/maven/archiva/webdav/ArchivaDavResourceFactory.java
View File

@ -174,6 +174,11 @@ public class ArchivaDavResourceFactory
* @plexus.requirement role-hint="md5";
*/
private Digester digestMd5;
/**
* @plexus.requirement
*/
private ArchivaXworkUser archivaXworkUser;
public DavResource createResource( final DavResourceLocator locator, final DavServletRequest request,
final DavServletResponse response )
@ -317,7 +322,7 @@ public DavResource createResource( final DavResourceLocator locator, final DavSe
ArchivaDavResource metadataChecksumResource =
new ArchivaDavResource( metadataChecksum.getAbsolutePath(), logicalResource.getPath(), null,
request.getRemoteAddr(), request.getDavSession(), archivaLocator, this,
mimeTypes, auditListeners, consumers );
mimeTypes, auditListeners, consumers, archivaXworkUser );
availableResources.add( 0, metadataChecksumResource );
}
}
@ -349,7 +354,7 @@ public DavResource createResource( final DavResourceLocator locator, final DavSe
ArchivaDavResource metadataResource =
new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource.getPath(), null,
request.getRemoteAddr(), request.getDavSession(), archivaLocator, this,
mimeTypes, auditListeners, consumers );
mimeTypes, auditListeners, consumers, archivaXworkUser );
availableResources.add( 0, metadataResource );
}
catch ( RepositoryMetadataException r )
@ -398,7 +403,7 @@ public DavResource createResource( final DavResourceLocator locator, final DavSe
resource =
new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource,
managedRepository.getRepository(), davSession, archivaLocator, this, mimeTypes,
auditListeners, consumers );
auditListeners, consumers, archivaXworkUser );
}
resource.addLockManager(lockManager);
return resource;
@ -423,7 +428,7 @@ private DavResource doGet( ManagedRepositoryContent managedRepository, DavServle
ArchivaDavResource resource =
new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource.getPath(),
managedRepository.getRepository(), request.getRemoteAddr(),
request.getDavSession(), locator, this, mimeTypes, auditListeners, consumers );
request.getDavSession(), locator, this, mimeTypes, auditListeners, consumers, archivaXworkUser );
if ( !resource.isCollection() )
{
@ -468,7 +473,7 @@ private DavResource doGet( ManagedRepositoryContent managedRepository, DavServle
new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource.getPath(),
managedRepository.getRepository(), request.getRemoteAddr(),
request.getDavSession(), locator, this, mimeTypes, auditListeners,
consumers );
consumers, archivaXworkUser );
}
}
return resource;
@ -497,7 +502,7 @@ private DavResource doPut( ManagedRepositoryContent managedRepository, DavServle
return new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource.getPath(),
managedRepository.getRepository(), request.getRemoteAddr(),
request.getDavSession(), locator, this, mimeTypes, auditListeners, consumers );
request.getDavSession(), locator, this, mimeTypes, auditListeners, consumers, archivaXworkUser );
}
private boolean fetchContentFromProxies( ManagedRepositoryContent managedRepository, DavServletRequest request,
@ -622,7 +627,7 @@ protected void applyServerSideRelocation( ManagedRepositoryContent managedReposi
// TODO: remove?
private void triggerAuditEvent( String remoteIP, String repositoryId, String resource, String action )
{
String activePrincipal = ArchivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() );
String activePrincipal = archivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() );
AuditEvent event = new AuditEvent( repositoryId, activePrincipal, resource, action );
event.setRemoteIP( remoteIP );
@ -769,7 +774,7 @@ private DavResource getResource( DavServletRequest request, List<String> reposit
request.getSession().getAttribute( SecuritySystemConstants.SECURITY_SESSION_KEY ) );
}
String activePrincipal = ArchivaXworkUser.getActivePrincipal( sessionMap );
String activePrincipal = archivaXworkUser.getActivePrincipal( sessionMap );
boolean allow = isAllowedToContinue( request, repositories, activePrincipal );
if( allow )

11
archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/DavResourceTest.java
View File

@ -20,7 +20,6 @@
*/
import java.io.File;
import java.util.List;
import org.apache.commons.io.FileUtils;
import org.apache.jackrabbit.webdav.DavException;
@ -37,12 +36,11 @@
import org.apache.jackrabbit.webdav.lock.SimpleLockManager;
import org.apache.jackrabbit.webdav.lock.Type;
import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration;
import org.apache.maven.archiva.repository.audit.AuditListener;
import org.apache.maven.archiva.repository.scanner.RepositoryContentConsumers;
import org.apache.maven.archiva.security.ArchivaXworkUser;
import org.apache.maven.archiva.webdav.util.MimeTypes;
import org.codehaus.plexus.spring.PlexusInSpringTestCase;
import org.codehaus.plexus.spring.PlexusToSpringUtils;
import org.easymock.MockControl;
import edu.emory.mathcs.backport.java.util.Collections;
@ -69,6 +67,8 @@ public class DavResourceTest extends PlexusInSpringTestCase
private RepositoryContentConsumers consumers;
private ManagedRepositoryConfiguration repository = new ManagedRepositoryConfiguration();
private ArchivaXworkUser archivaXworkUser;
@Override
protected void setUp()
@ -87,6 +87,7 @@ protected void setUp()
lockManager = new SimpleLockManager();
resource.addLockManager(lockManager);
consumers = new RepositoryContentConsumers();
archivaXworkUser = (ArchivaXworkUser) getApplicationContext().getBean( PlexusToSpringUtils.buildSpringId( ArchivaXworkUser.class ) );
}
@Override
@ -101,7 +102,7 @@ protected void tearDown()
private DavResource getDavResource(String logicalPath, File file)
{
return new ArchivaDavResource( file.getAbsolutePath(), logicalPath, repository, session, resourceLocator,
resourceFactory, mimeTypes, Collections.emptyList(), consumers );
resourceFactory, mimeTypes, Collections.emptyList(), consumers, archivaXworkUser );
}
public void testDeleteNonExistantResourceShould404()
@ -302,7 +303,7 @@ public DavResource createResource(DavResourceLocator locator, DavServletRequest
public DavResource createResource(DavResourceLocator locator, DavSession session) throws DavException {
return new ArchivaDavResource( baseDir.getAbsolutePath(), "/", repository, session, resourceLocator,
resourceFactory, mimeTypes, Collections.emptyList(), consumers );
resourceFactory, mimeTypes, Collections.emptyList(), consumers, archivaXworkUser );
}
}
}

4
archiva-modules/archiva-web/archiva-webdav/src/test/resources/org/apache/maven/archiva/webdav/RepositoryServletTest.xml
View File

@ -165,6 +165,10 @@
<role>org.codehaus.plexus.digest.Digester</role>
<role-hint>md5</role-hint>
<field-name>digestMd5</field-name>
</requirement>
<requirement>
<role>org.apache.maven.archiva.security.ArchivaXworkUser</role>
<field-name>archivaXworkUser</field-name>
</requirement>
</requirements>
</component>