Apache
/
archiva
mirror of https://github.com/apache/archiva.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[ARCHIVA-938] Remove harcoded guest user 

git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@752384 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Emmanuel Venisse 2009-03-11 06:12:17 +00:00
parent bf03bbad7a
commit aae839ff4b
5 changed files with 48 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaRoleConstants.java
View File

@ -36,10 +36,6 @@ public class ArchivaRoleConstants
public static final String GUEST_ROLE = "Guest"; public static final String GUEST_ROLE = "Guest";
// principals
public static final String PRINCIPAL_GUEST = "guest";
// dynamic role prefixes // dynamic role prefixes
public static final String REPOSITORY_MANAGER_ROLE_PREFIX = "Repository Manager"; public static final String REPOSITORY_MANAGER_ROLE_PREFIX = "Repository Manager";

36
archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaXworkUser.java
View File

@ -24,34 +24,25 @@ import java.util.Map;
import org.codehaus.plexus.redback.system.SecuritySession; import org.codehaus.plexus.redback.system.SecuritySession;
import org.codehaus.plexus.redback.system.SecuritySystemConstants; import org.codehaus.plexus.redback.system.SecuritySystemConstants;
import org.codehaus.plexus.redback.users.User; import org.codehaus.plexus.redback.users.User;
import org.codehaus.plexus.redback.users.UserManager;
import org.codehaus.plexus.registry.Registry; import org.codehaus.plexus.registry.Registry;
/** /**
* ArchivaXworkUser * ArchivaXworkUser
* *
* @version $Id$ * @version $Id$
*
* @plexus.component role="org.apache.maven.archiva.security.ArchivaXworkUser" * @plexus.component role="org.apache.maven.archiva.security.ArchivaXworkUser"
*/ */
public class ArchivaXworkUser public class ArchivaXworkUser
{ {
/**
* @plexus.requirement role-hint="commons-configuration"
*/
private Registry registry;
private static final String KEY = "org.codehaus.plexus.redback";
private static String guest;
public String getActivePrincipal( Map<String, Object> sessionMap ) public String getActivePrincipal( Map<String, Object> sessionMap )
{ {
if ( sessionMap == null ) if ( sessionMap == null )
{ {
return getGuest(); return getGuest();
} }
SecuritySession securitySession = SecuritySession securitySession =
(SecuritySession) sessionMap.get( SecuritySystemConstants.SECURITY_SESSION_KEY ); (SecuritySession) sessionMap.get( SecuritySystemConstants.SECURITY_SESSION_KEY );
if ( securitySession == null ) if ( securitySession == null )
@ -64,28 +55,17 @@ public class ArchivaXworkUser
return getGuest(); return getGuest();
} }
User user = securitySession.getUser(); User user = securitySession.getUser();
if ( user == null ) if ( user == null )
{ {
return getGuest(); return getGuest();
} }
return (String) user.getPrincipal(); return (String) user.getPrincipal();
} }
public String getGuest() public String getGuest()
{ {
if( guest == null || "".equals( guest ) ) return UserManager.GUEST_USERNAME;
{
Registry subset = registry.getSubset( KEY );
guest = subset.getString( "redback.default.guest", ArchivaRoleConstants.PRINCIPAL_GUEST );
}
return guest;
}
public void setGuest( String guesT )
{
guest = guesT;
} }
} }

25
archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/SecurityStartup.java
View File

@ -39,17 +39,16 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
/** /**
* SecurityStartup * SecurityStartup
* *
* @version $Id$ * @version $Id$
*
* @plexus.component role="org.apache.maven.archiva.security.SecurityStartup" * @plexus.component role="org.apache.maven.archiva.security.SecurityStartup"
*/ */
public class SecurityStartup public class SecurityStartup
implements RegistryListener implements RegistryListener
{ {
private Logger log = LoggerFactory.getLogger( SecurityStartup.class ); private Logger log = LoggerFactory.getLogger( SecurityStartup.class );
/** /**
* @plexus.requirement * @plexus.requirement
*/ */
@ -70,6 +69,11 @@ public class SecurityStartup
*/ */
private ArchivaConfiguration archivaConfiguration; private ArchivaConfiguration archivaConfiguration;
/**
* @plexus.requirement
*/
private ArchivaXworkUser archivaXworkUser;
public void afterConfigurationChange( Registry registry, String propertyName, Object propertyValue ) public void afterConfigurationChange( Registry registry, String propertyName, Object propertyValue )
{ {
if ( ConfigurationNames.isManagedRepositories( propertyName ) ) if ( ConfigurationNames.isManagedRepositories( propertyName ) )
@ -84,8 +88,7 @@ public class SecurityStartup
{ {
String repoId = repoConfig.getId(); String repoId = repoConfig.getId();
// TODO: Use the Redback / UserConfiguration..getString( "redback.default.guest" ) to get the right name. String principal = archivaXworkUser.getGuest();
String principal = "guest";
try try
{ {
@ -106,8 +109,8 @@ public class SecurityStartup
catch ( RbacManagerException e ) catch ( RbacManagerException e )
{ {
log.warn( log.warn(
"Unable to add role [" + ArchivaRoleConstants.toRepositoryObserverRoleName( repoId ) "Unable to add role [" + ArchivaRoleConstants.toRepositoryObserverRoleName( repoId ) + "] to " +
+ "] to " + principal + " user.", e ); principal + " user.", e );
} }
} }
} }
@ -156,8 +159,8 @@ public class SecurityStartup
{ {
if ( ( checkers == null ) || CollectionUtils.isEmpty( checkers.values() ) ) if ( ( checkers == null ) || CollectionUtils.isEmpty( checkers.values() ) )
{ {
throw new ArchivaException( "Unable to initialize the Redback Security Environment, " throw new ArchivaException(
+ "no Environment Check components found." ); "Unable to initialize the Redback Security Environment, " + "no Environment Check components found." );
} }
List<String> violations = new ArrayList<String>(); List<String> violations = new ArrayList<String>();
@ -186,8 +189,8 @@ public class SecurityStartup
msg.append( "======================================================================" ); msg.append( "======================================================================" );
log.error( msg.toString() ); log.error( msg.toString() );
throw new ArchivaException( "Unable to initialize Redback Security Environment, [" + violations.size() throw new ArchivaException( "Unable to initialize Redback Security Environment, [" + violations.size() +
+ "] violation(s) encountered, See log for details." ); "] violation(s) encountered, See log for details." );
} }
} }

45
archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/startup/SecuritySynchronization.java
View File

@ -30,6 +30,7 @@ import org.apache.maven.archiva.configuration.ArchivaConfiguration;
import org.apache.maven.archiva.configuration.ConfigurationNames; import org.apache.maven.archiva.configuration.ConfigurationNames;
import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration; import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration;
import org.apache.maven.archiva.security.ArchivaRoleConstants; import org.apache.maven.archiva.security.ArchivaRoleConstants;
import org.apache.maven.archiva.security.ArchivaXworkUser;
import org.codehaus.plexus.redback.rbac.RBACManager; import org.codehaus.plexus.redback.rbac.RBACManager;
import org.codehaus.plexus.redback.rbac.RbacManagerException; import org.codehaus.plexus.redback.rbac.RbacManagerException;
import org.codehaus.plexus.redback.rbac.UserAssignment; import org.codehaus.plexus.redback.rbac.UserAssignment;
@ -45,7 +46,6 @@ import org.slf4j.LoggerFactory;
* ConfigurationSynchronization * ConfigurationSynchronization
* *
* @version $Id$ * @version $Id$
*
* @plexus.component role="org.apache.maven.archiva.web.startup.SecuritySynchronization" * @plexus.component role="org.apache.maven.archiva.web.startup.SecuritySynchronization"
* role-hint="default" * role-hint="default"
*/ */
@ -53,7 +53,7 @@ public class SecuritySynchronization
implements RegistryListener implements RegistryListener
{ {
private Logger log = LoggerFactory.getLogger( SecuritySynchronization.class ); private Logger log = LoggerFactory.getLogger( SecuritySynchronization.class );
/** /**
* @plexus.requirement role-hint="default" * @plexus.requirement role-hint="default"
*/ */
@ -74,6 +74,11 @@ public class SecuritySynchronization
*/ */
private ArchivaConfiguration archivaConfiguration; private ArchivaConfiguration archivaConfiguration;
/**
* @plexus.requirement
*/
private ArchivaXworkUser archivaXworkUser;
public void afterConfigurationChange( Registry registry, String propertyName, Object propertyValue ) public void afterConfigurationChange( Registry registry, String propertyName, Object propertyValue )
{ {
if ( ConfigurationNames.isManagedRepositories( propertyName ) ) if ( ConfigurationNames.isManagedRepositories( propertyName ) )
@ -96,18 +101,18 @@ public class SecuritySynchronization
// manage roles for repositories // manage roles for repositories
try try
{ {
if ( !roleManager.templatedRoleExists( ArchivaRoleConstants.TEMPLATE_REPOSITORY_OBSERVER, repoConfig if ( !roleManager.templatedRoleExists( ArchivaRoleConstants.TEMPLATE_REPOSITORY_OBSERVER,
.getId() ) ) repoConfig.getId() ) )
{ {
roleManager.createTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_OBSERVER, repoConfig roleManager.createTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_OBSERVER,
.getId() ); repoConfig.getId() );
} }
if ( !roleManager.templatedRoleExists( ArchivaRoleConstants.TEMPLATE_REPOSITORY_MANAGER, repoConfig if ( !roleManager.templatedRoleExists( ArchivaRoleConstants.TEMPLATE_REPOSITORY_MANAGER,
.getId() ) ) repoConfig.getId() ) )
{ {
roleManager.createTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_MANAGER, repoConfig roleManager.createTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_MANAGER,
.getId() ); repoConfig.getId() );
} }
} }
catch ( RoleManagerException e ) catch ( RoleManagerException e )
@ -137,8 +142,8 @@ public class SecuritySynchronization
{ {
if ( ( checkers == null ) || CollectionUtils.isEmpty( checkers.values() ) ) if ( ( checkers == null ) || CollectionUtils.isEmpty( checkers.values() ) )
{ {
throw new ArchivaException( "Unable to initialize the Redback Security Environment, " throw new ArchivaException(
+ "no Environment Check components found." ); "Unable to initialize the Redback Security Environment, " + "no Environment Check components found." );
} }
List<String> violations = new ArrayList<String>(); List<String> violations = new ArrayList<String>();
@ -172,8 +177,8 @@ public class SecuritySynchronization
msg.append( "======================================================================" ); msg.append( "======================================================================" );
log.error( msg.toString() ); log.error( msg.toString() );
throw new ArchivaException( "Unable to initialize Redback Security Environment, [" + violations.size() throw new ArchivaException( "Unable to initialize Redback Security Environment, [" + violations.size() +
+ "] violation(s) encountered, See log for details." ); "] violation(s) encountered, See log for details." );
} }
} }
@ -182,10 +187,9 @@ public class SecuritySynchronization
for ( ManagedRepositoryConfiguration repoConfig : repos ) for ( ManagedRepositoryConfiguration repoConfig : repos )
{ {
String repoId = repoConfig.getId(); String repoId = repoConfig.getId();
// TODO: Use the Redback / UserConfiguration..getString( "redback.default.guest" ) to get the right name. String principal = archivaXworkUser.getGuest();
String principal = "guest";
try try
{ {
UserAssignment ua; UserAssignment ua;
@ -204,8 +208,9 @@ public class SecuritySynchronization
} }
catch ( RbacManagerException e ) catch ( RbacManagerException e )
{ {
log.warn( "Unable to add role [" + ArchivaRoleConstants.toRepositoryObserverRoleName( repoId ) log.warn(
+ "] to " + principal + " user.", e ); "Unable to add role [" + ArchivaRoleConstants.toRepositoryObserverRoleName( repoId ) + "] to " +
principal + " user.", e );
} }
} }
} }

5
archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/RepositoryServletSecurityTest.java
View File

@ -85,8 +85,6 @@ public class RepositoryServletSecurityTest
private HttpAuthenticator httpAuth; private HttpAuthenticator httpAuth;
private ArchivaXworkUser archivaXworkUser;
private RepositoryServlet servlet; private RepositoryServlet servlet;
public void setUp() public void setUp()
@ -125,8 +123,7 @@ public class RepositoryServletSecurityTest
httpAuthControl.setDefaultMatcher( MockControl.ALWAYS_MATCHER ); httpAuthControl.setDefaultMatcher( MockControl.ALWAYS_MATCHER );
httpAuth = (HttpAuthenticator) httpAuthControl.getMock(); httpAuth = (HttpAuthenticator) httpAuthControl.getMock();
archivaXworkUser = new ArchivaXworkUser(); ArchivaXworkUser archivaXworkUser = (ArchivaXworkUser) lookup( ArchivaXworkUser.class );
archivaXworkUser.setGuest( "guest" );
davSessionProvider = new ArchivaDavSessionProvider( servletAuth, httpAuth, archivaXworkUser ); davSessionProvider = new ArchivaDavSessionProvider( servletAuth, httpAuth, archivaXworkUser );
} }