Apache
/
archiva
mirror of https://github.com/apache/archiva.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[ARCHIVA-938] Remove harcoded guest user 

git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@752384 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Emmanuel Venisse 2009-03-11 06:12:17 +00:00
parent bf03bbad7a
commit aae839ff4b
5 changed files with 48 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaRoleConstants.java
View File

@ -36,10 +36,6 @@ public class ArchivaRoleConstants
public static final String GUEST_ROLE = "Guest";
// principals
public static final String PRINCIPAL_GUEST = "guest";
// dynamic role prefixes
public static final String REPOSITORY_MANAGER_ROLE_PREFIX = "Repository Manager";

36
archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaXworkUser.java
View File

@ -24,34 +24,25 @@ import java.util.Map;
import org.codehaus.plexus.redback.system.SecuritySession;
import org.codehaus.plexus.redback.system.SecuritySystemConstants;
import org.codehaus.plexus.redback.users.User;
import org.codehaus.plexus.redback.users.UserManager;
import org.codehaus.plexus.registry.Registry;
/**
* ArchivaXworkUser
* ArchivaXworkUser
*
* @version $Id$
*
* @plexus.component role="org.apache.maven.archiva.security.ArchivaXworkUser"
*/
public class ArchivaXworkUser
{
/**
* @plexus.requirement role-hint="commons-configuration"
*/
private Registry registry;
private static final String KEY = "org.codehaus.plexus.redback";
private static String guest;
public String getActivePrincipal( Map<String, Object> sessionMap )
{
{
if ( sessionMap == null )
{
return getGuest();
}
SecuritySession securitySession =
SecuritySession securitySession =
(SecuritySession) sessionMap.get( SecuritySystemConstants.SECURITY_SESSION_KEY );
if ( securitySession == null )
@ -64,28 +55,17 @@ public class ArchivaXworkUser
return getGuest();
}
User user = securitySession.getUser();
User user = securitySession.getUser();
if ( user == null )
{
return getGuest();
}
return (String) user.getPrincipal();
}
}
public String getGuest()
{
if( guest == null || "".equals( guest ) )
{
Registry subset = registry.getSubset( KEY );
guest = subset.getString( "redback.default.guest", ArchivaRoleConstants.PRINCIPAL_GUEST );
}
return guest;
}
public void setGuest( String guesT )
{
guest = guesT;
return UserManager.GUEST_USERNAME;
}
}

25
archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/SecurityStartup.java
View File

@ -39,17 +39,16 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* SecurityStartup
* SecurityStartup
*
* @version $Id$
*
* @plexus.component role="org.apache.maven.archiva.security.SecurityStartup"
*/
public class SecurityStartup
implements RegistryListener
{
private Logger log = LoggerFactory.getLogger( SecurityStartup.class );
/**
* @plexus.requirement
*/
@ -70,6 +69,11 @@ public class SecurityStartup
*/
private ArchivaConfiguration archivaConfiguration;
/**
* @plexus.requirement
*/
private ArchivaXworkUser archivaXworkUser;
public void afterConfigurationChange( Registry registry, String propertyName, Object propertyValue )
{
if ( ConfigurationNames.isManagedRepositories( propertyName ) )
@ -84,8 +88,7 @@ public class SecurityStartup
{
String repoId = repoConfig.getId();
// TODO: Use the Redback / UserConfiguration..getString( "redback.default.guest" ) to get the right name.
String principal = "guest";
String principal = archivaXworkUser.getGuest();
try
{
@ -106,8 +109,8 @@ public class SecurityStartup
catch ( RbacManagerException e )
{
log.warn(
"Unable to add role [" + ArchivaRoleConstants.toRepositoryObserverRoleName( repoId )
+ "] to " + principal + " user.", e );
"Unable to add role [" + ArchivaRoleConstants.toRepositoryObserverRoleName( repoId ) + "] to " +
principal + " user.", e );
}
}
}
@ -156,8 +159,8 @@ public class SecurityStartup
{
if ( ( checkers == null ) || CollectionUtils.isEmpty( checkers.values() ) )
{
throw new ArchivaException( "Unable to initialize the Redback Security Environment, "
+ "no Environment Check components found." );
throw new ArchivaException(
"Unable to initialize the Redback Security Environment, " + "no Environment Check components found." );
}
List<String> violations = new ArrayList<String>();
@ -186,8 +189,8 @@ public class SecurityStartup
msg.append( "======================================================================" );
log.error( msg.toString() );
throw new ArchivaException( "Unable to initialize Redback Security Environment, [" + violations.size()
+ "] violation(s) encountered, See log for details." );
throw new ArchivaException( "Unable to initialize Redback Security Environment, [" + violations.size() +
"] violation(s) encountered, See log for details." );
}
}

45
archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/startup/SecuritySynchronization.java
View File

@ -30,6 +30,7 @@ import org.apache.maven.archiva.configuration.ArchivaConfiguration;
import org.apache.maven.archiva.configuration.ConfigurationNames;
import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration;
import org.apache.maven.archiva.security.ArchivaRoleConstants;
import org.apache.maven.archiva.security.ArchivaXworkUser;
import org.codehaus.plexus.redback.rbac.RBACManager;
import org.codehaus.plexus.redback.rbac.RbacManagerException;
import org.codehaus.plexus.redback.rbac.UserAssignment;
@ -45,7 +46,6 @@ import org.slf4j.LoggerFactory;
* ConfigurationSynchronization
*
* @version $Id$
*
* @plexus.component role="org.apache.maven.archiva.web.startup.SecuritySynchronization"
* role-hint="default"
*/
@ -53,7 +53,7 @@ public class SecuritySynchronization
implements RegistryListener
{
private Logger log = LoggerFactory.getLogger( SecuritySynchronization.class );
/**
* @plexus.requirement role-hint="default"
*/
@ -74,6 +74,11 @@ public class SecuritySynchronization
*/
private ArchivaConfiguration archivaConfiguration;
/**
* @plexus.requirement
*/
private ArchivaXworkUser archivaXworkUser;
public void afterConfigurationChange( Registry registry, String propertyName, Object propertyValue )
{
if ( ConfigurationNames.isManagedRepositories( propertyName ) )
@ -96,18 +101,18 @@ public class SecuritySynchronization
// manage roles for repositories
try
{
if ( !roleManager.templatedRoleExists( ArchivaRoleConstants.TEMPLATE_REPOSITORY_OBSERVER, repoConfig
.getId() ) )
if ( !roleManager.templatedRoleExists( ArchivaRoleConstants.TEMPLATE_REPOSITORY_OBSERVER,
repoConfig.getId() ) )
{
roleManager.createTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_OBSERVER, repoConfig
.getId() );
roleManager.createTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_OBSERVER,
repoConfig.getId() );
}
if ( !roleManager.templatedRoleExists( ArchivaRoleConstants.TEMPLATE_REPOSITORY_MANAGER, repoConfig
.getId() ) )
if ( !roleManager.templatedRoleExists( ArchivaRoleConstants.TEMPLATE_REPOSITORY_MANAGER,
repoConfig.getId() ) )
{
roleManager.createTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_MANAGER, repoConfig
.getId() );
roleManager.createTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_MANAGER,
repoConfig.getId() );
}
}
catch ( RoleManagerException e )
@ -137,8 +142,8 @@ public class SecuritySynchronization
{
if ( ( checkers == null ) || CollectionUtils.isEmpty( checkers.values() ) )
{
throw new ArchivaException( "Unable to initialize the Redback Security Environment, "
+ "no Environment Check components found." );
throw new ArchivaException(
"Unable to initialize the Redback Security Environment, " + "no Environment Check components found." );
}
List<String> violations = new ArrayList<String>();
@ -172,8 +177,8 @@ public class SecuritySynchronization
msg.append( "======================================================================" );
log.error( msg.toString() );
throw new ArchivaException( "Unable to initialize Redback Security Environment, [" + violations.size()
+ "] violation(s) encountered, See log for details." );
throw new ArchivaException( "Unable to initialize Redback Security Environment, [" + violations.size() +
"] violation(s) encountered, See log for details." );
}
}
@ -182,10 +187,9 @@ public class SecuritySynchronization
for ( ManagedRepositoryConfiguration repoConfig : repos )
{
String repoId = repoConfig.getId();
// TODO: Use the Redback / UserConfiguration..getString( "redback.default.guest" ) to get the right name.
String principal = "guest";
String principal = archivaXworkUser.getGuest();
try
{
UserAssignment ua;
@ -204,8 +208,9 @@ public class SecuritySynchronization
}
catch ( RbacManagerException e )
{
log.warn( "Unable to add role [" + ArchivaRoleConstants.toRepositoryObserverRoleName( repoId )
+ "] to " + principal + " user.", e );
log.warn(
"Unable to add role [" + ArchivaRoleConstants.toRepositoryObserverRoleName( repoId ) + "] to " +
principal + " user.", e );
}
}
}

5
archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/RepositoryServletSecurityTest.java
View File

@ -85,8 +85,6 @@ public class RepositoryServletSecurityTest
private HttpAuthenticator httpAuth;
private ArchivaXworkUser archivaXworkUser;
private RepositoryServlet servlet;
public void setUp()
@ -125,8 +123,7 @@ public class RepositoryServletSecurityTest
httpAuthControl.setDefaultMatcher( MockControl.ALWAYS_MATCHER );
httpAuth = (HttpAuthenticator) httpAuthControl.getMock();
archivaXworkUser = new ArchivaXworkUser();
archivaXworkUser.setGuest( "guest" );
ArchivaXworkUser archivaXworkUser = (ArchivaXworkUser) lookup( ArchivaXworkUser.class );
davSessionProvider = new ArchivaDavSessionProvider( servletAuth, httpAuth, archivaXworkUser );
}