Apache/archiva
1
0
Fork 0
mirror of https://github.com/apache/archiva.git synced 2025-02-22 01:44:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

[MRM-915] and [MRM-926]

Browse Source 
-get the default guest users from redback config files instead of the hardcoded constant value


git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@691581 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Maria Odea B. Ching 2008-09-03 11:45:11 +00:00
parent 0f5a5fd895
commit 092a8ce4f1
10 changed files with 88 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaXworkUser.java
View File

@ -19,27 +19,38 @@
* under the License. * under the License.
*/ */
import java.util.HashMap;
import java.util.Map; import java.util.Map;
import org.apache.maven.archiva.security.ArchivaRoleConstants; import org.apache.maven.archiva.security.ArchivaRoleConstants;
import org.codehaus.plexus.redback.system.SecuritySession; import org.codehaus.plexus.redback.system.SecuritySession;
import org.codehaus.plexus.redback.system.SecuritySystemConstants; import org.codehaus.plexus.redback.system.SecuritySystemConstants;
import org.codehaus.plexus.redback.users.User; import org.codehaus.plexus.redback.users.User;
import org.codehaus.plexus.registry.Registry;
/** /**
* ArchivaXworkUser * ArchivaXworkUser
* *
* @author <a href="mailto:joakime@apache.org">Joakim Erdfelt</a> * @author <a href="mailto:joakime@apache.org">Joakim Erdfelt</a>
* @version $Id$ * @version $Id$
*
* @plexus.component role="org.apache.maven.archiva.security.ArchivaXworkUser"
*/ */
public class ArchivaXworkUser public class ArchivaXworkUser
{ {
public static String getActivePrincipal( Map<String, Object> sessionMap ) /**
{ * @plexus.requirement role-hint="commons-configuration"
*/
private Registry registry;
private static final String KEY = "org.codehaus.plexus.redback";
private static String guest;
public String getActivePrincipal( Map<String, Object> sessionMap )
{
if ( sessionMap == null ) if ( sessionMap == null )
{ {
return ArchivaRoleConstants.PRINCIPAL_GUEST; return getGuest();
} }
SecuritySession securitySession = SecuritySession securitySession =
@ -52,15 +63,26 @@ public static String getActivePrincipal( Map<String, Object> sessionMap )
if ( securitySession == null ) if ( securitySession == null )
{ {
return ArchivaRoleConstants.PRINCIPAL_GUEST; return getGuest();
} }
User user = securitySession.getUser(); User user = securitySession.getUser();
if ( user == null ) if ( user == null )
{ {
return ArchivaRoleConstants.PRINCIPAL_GUEST; return getGuest();
} }
return (String) user.getPrincipal(); return (String) user.getPrincipal();
}
public String getGuest()
{
if( guest == null || "".equals( guest ) )
{
Registry subset = registry.getSubset( KEY );
guest = subset.getString( "redback.default.guest", ArchivaRoleConstants.PRINCIPAL_GUEST );
}
return guest;
} }
} }

7
archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/BrowseAction.java
View File

@ -52,6 +52,11 @@ public class BrowseAction
*/ */
private UserRepositories userRepositories; private UserRepositories userRepositories;
/**
* @plexus.requirement
*/
private ArchivaXworkUser archivaXworkUser;
private BrowsingResults results; private BrowsingResults results;
private String groupId; private String groupId;
@ -121,7 +126,7 @@ public String browseArtifact()
private String getPrincipal() private String getPrincipal()
{ {
return ArchivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() ); return archivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() );
} }
private List<String> getObservableRepos() private List<String> getObservableRepos()

7
archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/SearchAction.java
View File

@ -75,6 +75,11 @@ public class SearchAction
*/ */
private UserRepositories userRepositories; private UserRepositories userRepositories;
/**
* @plexus.requirement
*/
private ArchivaXworkUser archivaXworkUser;
private static final String RESULTS = "results"; private static final String RESULTS = "results";
private static final String ARTIFACT = "artifact"; private static final String ARTIFACT = "artifact";
@ -195,7 +200,7 @@ public String doInput()
private String getPrincipal() private String getPrincipal()
{ {
return ArchivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() ); return archivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() );
} }
private List<String> getObservableRepos() private List<String> getObservableRepos()

7
archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/ShowArtifactAction.java
View File

@ -59,6 +59,11 @@ public class ShowArtifactAction
* @plexus.requirement * @plexus.requirement
*/ */
private UserRepositories userRepositories; private UserRepositories userRepositories;
/**
* @plexus.requirement
*/
private ArchivaXworkUser archivaXworkUser;
/* .\ Input Parameters \.________________________________________ */ /* .\ Input Parameters \.________________________________________ */
@ -179,7 +184,7 @@ public String dependencyTree()
private String getPrincipal() private String getPrincipal()
{ {
return ArchivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() ); return archivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() );
} }
private List<String> getObservableRepos() private List<String> getObservableRepos()

7
archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/UploadAction.java
View File

@ -86,6 +86,11 @@ public class UploadAction
* @plexus.requirement * @plexus.requirement
*/ */
private RepositoryContentConsumers consumers; private RepositoryContentConsumers consumers;
/**
* @plexus.requirement
*/
private ArchivaXworkUser archivaXworkUser;
/** /**
* The groupId of the artifact to be deployed. * The groupId of the artifact to be deployed.
@ -456,7 +461,7 @@ public String doUpload()
private String getPrincipal() private String getPrincipal()
{ {
return ArchivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() ); return archivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() );
} }
private void copyFile( File sourceFile, File targetPath, String targetFilename ) private void copyFile( File sourceFile, File targetPath, String targetFilename )

8
archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/rss/RssFeedServlet.java
View File

@ -40,6 +40,7 @@
import org.apache.maven.archiva.security.AccessDeniedException; import org.apache.maven.archiva.security.AccessDeniedException;
import org.apache.maven.archiva.security.ArchivaRoleConstants; import org.apache.maven.archiva.security.ArchivaRoleConstants;
import org.apache.maven.archiva.security.ArchivaSecurityException; import org.apache.maven.archiva.security.ArchivaSecurityException;
import org.apache.maven.archiva.security.ArchivaXworkUser;
import org.apache.maven.archiva.security.PrincipalNotFoundException; import org.apache.maven.archiva.security.PrincipalNotFoundException;
import org.apache.maven.archiva.security.ServletAuthenticator; import org.apache.maven.archiva.security.ServletAuthenticator;
import org.apache.maven.archiva.security.UserRepositories; import org.apache.maven.archiva.security.UserRepositories;
@ -90,6 +91,8 @@ public class RssFeedServlet
private ServletAuthenticator servletAuth; private ServletAuthenticator servletAuth;
private HttpAuthenticator httpAuth; private HttpAuthenticator httpAuth;
private ArchivaXworkUser archivaXworkUser;
public void init( javax.servlet.ServletConfig servletConfig ) public void init( javax.servlet.ServletConfig servletConfig )
throws ServletException throws ServletException
@ -102,6 +105,7 @@ public void init( javax.servlet.ServletConfig servletConfig )
(ServletAuthenticator) wac.getBean( PlexusToSpringUtils.buildSpringId( ServletAuthenticator.class.getName() ) ); (ServletAuthenticator) wac.getBean( PlexusToSpringUtils.buildSpringId( ServletAuthenticator.class.getName() ) );
httpAuth = httpAuth =
(HttpAuthenticator) wac.getBean( PlexusToSpringUtils.buildSpringId( HttpAuthenticator.ROLE, "basic" ) ); (HttpAuthenticator) wac.getBean( PlexusToSpringUtils.buildSpringId( HttpAuthenticator.ROLE, "basic" ) );
archivaXworkUser = (ArchivaXworkUser) wac.getBean( PlexusToSpringUtils.buildSpringId( ArchivaXworkUser.class ) );
} }
public void doGet( HttpServletRequest req, HttpServletResponse res ) public void doGet( HttpServletRequest req, HttpServletResponse res )
@ -269,7 +273,7 @@ else if ( artifactId != null && groupId != null )
if ( usernamePassword == null || usernamePassword.trim().equals( "" ) ) if ( usernamePassword == null || usernamePassword.trim().equals( "" ) )
{ {
repoIds = getObservableRepos( ArchivaRoleConstants.PRINCIPAL_GUEST ); repoIds = getObservableRepos( archivaXworkUser.getGuest() );
} }
else else
{ {
@ -279,7 +283,7 @@ else if ( artifactId != null && groupId != null )
} }
else else
{ {
repoIds = getObservableRepos( ArchivaRoleConstants.PRINCIPAL_GUEST ); repoIds = getObservableRepos( archivaXworkUser.getGuest() );
} }
} }
else else

11
archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/maven/archiva/webdav/ArchivaDavResource.java
View File

@ -97,17 +97,20 @@ public class ArchivaDavResource
private final MimeTypes mimeTypes; private final MimeTypes mimeTypes;
private List<AuditListener> auditListeners; private List<AuditListener> auditListeners;
private ArchivaXworkUser archivaXworkUser;
public ArchivaDavResource( String localResource, String logicalResource, ManagedRepositoryConfiguration repository, public ArchivaDavResource( String localResource, String logicalResource, ManagedRepositoryConfiguration repository,
DavSession session, ArchivaDavResourceLocator locator, DavResourceFactory factory, DavSession session, ArchivaDavResourceLocator locator, DavResourceFactory factory,
MimeTypes mimeTypes, List<AuditListener> auditListeners, MimeTypes mimeTypes, List<AuditListener> auditListeners,
RepositoryContentConsumers consumers ) RepositoryContentConsumers consumers, ArchivaXworkUser archivaXworkUser )
{ {
this.localResource = new File( localResource ); this.localResource = new File( localResource );
this.logicalResource = logicalResource; this.logicalResource = logicalResource;
this.locator = locator; this.locator = locator;
this.factory = factory; this.factory = factory;
this.session = session; this.session = session;
this.archivaXworkUser = archivaXworkUser;
// TODO: push into locator as well as moving any references out of the resource factory // TODO: push into locator as well as moving any references out of the resource factory
this.repository = repository; this.repository = repository;
@ -121,10 +124,10 @@ public ArchivaDavResource( String localResource, String logicalResource, Managed
public ArchivaDavResource( String localResource, String logicalResource, ManagedRepositoryConfiguration repository, public ArchivaDavResource( String localResource, String logicalResource, ManagedRepositoryConfiguration repository,
String remoteAddr, DavSession session, ArchivaDavResourceLocator locator, String remoteAddr, DavSession session, ArchivaDavResourceLocator locator,
DavResourceFactory factory, MimeTypes mimeTypes, List<AuditListener> auditListeners, DavResourceFactory factory, MimeTypes mimeTypes, List<AuditListener> auditListeners,
RepositoryContentConsumers consumers ) RepositoryContentConsumers consumers, ArchivaXworkUser archivaXworkUser )
{ {
this( localResource, logicalResource, repository, session, locator, factory, mimeTypes, auditListeners, this( localResource, logicalResource, repository, session, locator, factory, mimeTypes, auditListeners,
consumers ); consumers, archivaXworkUser );
this.remoteAddr = remoteAddr; this.remoteAddr = remoteAddr;
} }
@ -614,7 +617,7 @@ private ArchivaDavResource checkDavResourceIsArchivaDavResource( DavResource res
private void triggerAuditEvent( String remoteIP, String repositoryId, String resource, String action ) private void triggerAuditEvent( String remoteIP, String repositoryId, String resource, String action )
{ {
String activePrincipal = ArchivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() ); String activePrincipal = archivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() );
AuditEvent event = new AuditEvent( repositoryId, activePrincipal, resource, action ); AuditEvent event = new AuditEvent( repositoryId, activePrincipal, resource, action );
event.setRemoteIP( remoteIP ); event.setRemoteIP( remoteIP );

21
archiva-modules/archiva-web/archiva-webdav/src/main/java/org/apache/maven/archiva/webdav/ArchivaDavResourceFactory.java
View File

@ -174,6 +174,11 @@ public class ArchivaDavResourceFactory
* @plexus.requirement role-hint="md5"; * @plexus.requirement role-hint="md5";
*/ */
private Digester digestMd5; private Digester digestMd5;
/**
* @plexus.requirement
*/
private ArchivaXworkUser archivaXworkUser;
public DavResource createResource( final DavResourceLocator locator, final DavServletRequest request, public DavResource createResource( final DavResourceLocator locator, final DavServletRequest request,
final DavServletResponse response ) final DavServletResponse response )
@ -317,7 +322,7 @@ public DavResource createResource( final DavResourceLocator locator, final DavSe
ArchivaDavResource metadataChecksumResource = ArchivaDavResource metadataChecksumResource =
new ArchivaDavResource( metadataChecksum.getAbsolutePath(), logicalResource.getPath(), null, new ArchivaDavResource( metadataChecksum.getAbsolutePath(), logicalResource.getPath(), null,
request.getRemoteAddr(), request.getDavSession(), archivaLocator, this, request.getRemoteAddr(), request.getDavSession(), archivaLocator, this,
mimeTypes, auditListeners, consumers ); mimeTypes, auditListeners, consumers, archivaXworkUser );
availableResources.add( 0, metadataChecksumResource ); availableResources.add( 0, metadataChecksumResource );
} }
} }
@ -349,7 +354,7 @@ public DavResource createResource( final DavResourceLocator locator, final DavSe
ArchivaDavResource metadataResource = ArchivaDavResource metadataResource =
new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource.getPath(), null, new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource.getPath(), null,
request.getRemoteAddr(), request.getDavSession(), archivaLocator, this, request.getRemoteAddr(), request.getDavSession(), archivaLocator, this,
mimeTypes, auditListeners, consumers ); mimeTypes, auditListeners, consumers, archivaXworkUser );
availableResources.add( 0, metadataResource ); availableResources.add( 0, metadataResource );
} }
catch ( RepositoryMetadataException r ) catch ( RepositoryMetadataException r )
@ -398,7 +403,7 @@ public DavResource createResource( final DavResourceLocator locator, final DavSe
resource = resource =
new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource, new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource,
managedRepository.getRepository(), davSession, archivaLocator, this, mimeTypes, managedRepository.getRepository(), davSession, archivaLocator, this, mimeTypes,
auditListeners, consumers ); auditListeners, consumers, archivaXworkUser );
} }
resource.addLockManager(lockManager); resource.addLockManager(lockManager);
return resource; return resource;
@ -423,7 +428,7 @@ private DavResource doGet( ManagedRepositoryContent managedRepository, DavServle
ArchivaDavResource resource = ArchivaDavResource resource =
new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource.getPath(), new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource.getPath(),
managedRepository.getRepository(), request.getRemoteAddr(), managedRepository.getRepository(), request.getRemoteAddr(),
request.getDavSession(), locator, this, mimeTypes, auditListeners, consumers ); request.getDavSession(), locator, this, mimeTypes, auditListeners, consumers, archivaXworkUser );
if ( !resource.isCollection() ) if ( !resource.isCollection() )
{ {
@ -468,7 +473,7 @@ private DavResource doGet( ManagedRepositoryContent managedRepository, DavServle
new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource.getPath(), new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource.getPath(),
managedRepository.getRepository(), request.getRemoteAddr(), managedRepository.getRepository(), request.getRemoteAddr(),
request.getDavSession(), locator, this, mimeTypes, auditListeners, request.getDavSession(), locator, this, mimeTypes, auditListeners,
consumers ); consumers, archivaXworkUser );
} }
} }
return resource; return resource;
@ -497,7 +502,7 @@ private DavResource doPut( ManagedRepositoryContent managedRepository, DavServle
return new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource.getPath(), return new ArchivaDavResource( resourceFile.getAbsolutePath(), logicalResource.getPath(),
managedRepository.getRepository(), request.getRemoteAddr(), managedRepository.getRepository(), request.getRemoteAddr(),
request.getDavSession(), locator, this, mimeTypes, auditListeners, consumers ); request.getDavSession(), locator, this, mimeTypes, auditListeners, consumers, archivaXworkUser );
} }
private boolean fetchContentFromProxies( ManagedRepositoryContent managedRepository, DavServletRequest request, private boolean fetchContentFromProxies( ManagedRepositoryContent managedRepository, DavServletRequest request,
@ -622,7 +627,7 @@ protected void applyServerSideRelocation( ManagedRepositoryContent managedReposi
// TODO: remove? // TODO: remove?
private void triggerAuditEvent( String remoteIP, String repositoryId, String resource, String action ) private void triggerAuditEvent( String remoteIP, String repositoryId, String resource, String action )
{ {
String activePrincipal = ArchivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() ); String activePrincipal = archivaXworkUser.getActivePrincipal( ActionContext.getContext().getSession() );
AuditEvent event = new AuditEvent( repositoryId, activePrincipal, resource, action ); AuditEvent event = new AuditEvent( repositoryId, activePrincipal, resource, action );
event.setRemoteIP( remoteIP ); event.setRemoteIP( remoteIP );
@ -769,7 +774,7 @@ private DavResource getResource( DavServletRequest request, List<String> reposit
request.getSession().getAttribute( SecuritySystemConstants.SECURITY_SESSION_KEY ) ); request.getSession().getAttribute( SecuritySystemConstants.SECURITY_SESSION_KEY ) );
} }
String activePrincipal = ArchivaXworkUser.getActivePrincipal( sessionMap ); String activePrincipal = archivaXworkUser.getActivePrincipal( sessionMap );
boolean allow = isAllowedToContinue( request, repositories, activePrincipal ); boolean allow = isAllowedToContinue( request, repositories, activePrincipal );
if( allow ) if( allow )

11
archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/DavResourceTest.java
View File

@ -20,7 +20,6 @@
*/ */
import java.io.File; import java.io.File;
import java.util.List;
import org.apache.commons.io.FileUtils; import org.apache.commons.io.FileUtils;
import org.apache.jackrabbit.webdav.DavException; import org.apache.jackrabbit.webdav.DavException;
@ -37,12 +36,11 @@
import org.apache.jackrabbit.webdav.lock.SimpleLockManager; import org.apache.jackrabbit.webdav.lock.SimpleLockManager;
import org.apache.jackrabbit.webdav.lock.Type; import org.apache.jackrabbit.webdav.lock.Type;
import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration; import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration;
import org.apache.maven.archiva.repository.audit.AuditListener;
import org.apache.maven.archiva.repository.scanner.RepositoryContentConsumers; import org.apache.maven.archiva.repository.scanner.RepositoryContentConsumers;
import org.apache.maven.archiva.security.ArchivaXworkUser;
import org.apache.maven.archiva.webdav.util.MimeTypes; import org.apache.maven.archiva.webdav.util.MimeTypes;
import org.codehaus.plexus.spring.PlexusInSpringTestCase; import org.codehaus.plexus.spring.PlexusInSpringTestCase;
import org.codehaus.plexus.spring.PlexusToSpringUtils; import org.codehaus.plexus.spring.PlexusToSpringUtils;
import org.easymock.MockControl;
import edu.emory.mathcs.backport.java.util.Collections; import edu.emory.mathcs.backport.java.util.Collections;
@ -69,6 +67,8 @@ public class DavResourceTest extends PlexusInSpringTestCase
private RepositoryContentConsumers consumers; private RepositoryContentConsumers consumers;
private ManagedRepositoryConfiguration repository = new ManagedRepositoryConfiguration(); private ManagedRepositoryConfiguration repository = new ManagedRepositoryConfiguration();
private ArchivaXworkUser archivaXworkUser;
@Override @Override
protected void setUp() protected void setUp()
@ -87,6 +87,7 @@ protected void setUp()
lockManager = new SimpleLockManager(); lockManager = new SimpleLockManager();
resource.addLockManager(lockManager); resource.addLockManager(lockManager);
consumers = new RepositoryContentConsumers(); consumers = new RepositoryContentConsumers();
archivaXworkUser = (ArchivaXworkUser) getApplicationContext().getBean( PlexusToSpringUtils.buildSpringId( ArchivaXworkUser.class ) );
} }
@Override @Override
@ -101,7 +102,7 @@ protected void tearDown()
private DavResource getDavResource(String logicalPath, File file) private DavResource getDavResource(String logicalPath, File file)
{ {
return new ArchivaDavResource( file.getAbsolutePath(), logicalPath, repository, session, resourceLocator, return new ArchivaDavResource( file.getAbsolutePath(), logicalPath, repository, session, resourceLocator,
resourceFactory, mimeTypes, Collections.emptyList(), consumers ); resourceFactory, mimeTypes, Collections.emptyList(), consumers, archivaXworkUser );
} }
public void testDeleteNonExistantResourceShould404() public void testDeleteNonExistantResourceShould404()
@ -302,7 +303,7 @@ public DavResource createResource(DavResourceLocator locator, DavServletRequest
public DavResource createResource(DavResourceLocator locator, DavSession session) throws DavException { public DavResource createResource(DavResourceLocator locator, DavSession session) throws DavException {
return new ArchivaDavResource( baseDir.getAbsolutePath(), "/", repository, session, resourceLocator, return new ArchivaDavResource( baseDir.getAbsolutePath(), "/", repository, session, resourceLocator,
resourceFactory, mimeTypes, Collections.emptyList(), consumers ); resourceFactory, mimeTypes, Collections.emptyList(), consumers, archivaXworkUser );
} }
} }
} }

4
archiva-modules/archiva-web/archiva-webdav/src/test/resources/org/apache/maven/archiva/webdav/RepositoryServletTest.xml
View File

@ -165,6 +165,10 @@
<role>org.codehaus.plexus.digest.Digester</role> <role>org.codehaus.plexus.digest.Digester</role>
<role-hint>md5</role-hint> <role-hint>md5</role-hint>
<field-name>digestMd5</field-name> <field-name>digestMd5</field-name>
</requirement>
<requirement>
<role>org.apache.maven.archiva.security.ArchivaXworkUser</role>
<field-name>archivaXworkUser</field-name>
</requirement> </requirement>
</requirements> </requirements>
</component> </component>