You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@archiva.apache.org by ol...@apache.org on 2012/04/06 11:59:32 UTC
svn commit: r1310268 [11/42] - in /archiva/redback/redback-core/trunk: ./
redback-authentication/ redback-authentication/redback-authentication-api/
redback-authentication/redback-authentication-api/src/
redback-authentication/redback-authentication-ap...
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-integrations-security/src/main/java/org/codehaus/redback/integration/security/role/RedbackRoleConstants.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-integrations-security/src/main/java/org/codehaus/redback/integration/security/role/RedbackRoleConstants.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-integrations-security/src/main/java/org/codehaus/redback/integration/security/role/RedbackRoleConstants.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-integrations-security/src/main/java/org/codehaus/redback/integration/security/role/RedbackRoleConstants.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,69 @@
+package org.codehaus.redback.integration.security.role;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * Inteface with role constants
+ * @author Olivier Lamy
+ * @since 1.3
+ *
+ */
+public interface RedbackRoleConstants
+{
+ public static final String ADMINISTRATOR_ACCOUNT_NAME = "admin";
+
+ // roles
+ public static final String SYSTEM_ADMINISTRATOR_ROLE = "System Administrator";
+
+ public static final String USER_ADMINISTRATOR_ROLE = "User Administrator";
+
+ public static final String REGISTERED_USER_ROLE = "Registered User";
+
+ /**
+ * @since 1.4
+ */
+ public static final String REGISTERED_USER_ROLE_ID = "registered-user";
+
+ public static final String GUEST_ROLE = "Guest";
+
+ // guest access operation
+ public static final String GUEST_ACCESS_OPERATION = "guest-access";
+
+ // operations against configuration
+ public static final String CONFIGURATION_EDIT_OPERATION = "configuration-edit";
+
+ // operations against user
+ public static final String USER_MANAGEMENT_USER_CREATE_OPERATION = "user-management-user-create";
+
+ public static final String USER_MANAGEMENT_USER_EDIT_OPERATION = "user-management-user-edit";
+
+ public static final String USER_MANAGEMENT_USER_ROLE_OPERATION = "user-management-user-role";
+
+ public static final String USER_MANAGEMENT_USER_DELETE_OPERATION = "user-management-user-delete";
+
+ public static final String USER_MANAGEMENT_USER_LIST_OPERATION = "user-management-user-list";
+
+ // operations against user assignment.
+ public static final String USER_MANAGEMENT_ROLE_GRANT_OPERATION = "user-management-role-grant";
+
+ public static final String USER_MANAGEMENT_ROLE_DROP_OPERATION = "user-management-role-drop";
+
+ // operations against rbac objects.
+ public static final String USER_MANAGEMENT_RBAC_ADMIN_OPERATION = "user-management-rbac-admin";
+
+ public static final String USER_MANAGEMENT_MANAGE_DATA = "user-management-manage-data";
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-integrations-security/src/main/java/org/codehaus/redback/integration/security/role/RedbackRoleConstants.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-integrations-security/src/main/java/org/codehaus/redback/integration/security/role/RedbackRoleConstants.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-integrations-security/src/main/resources/META-INF/redback/redback-core.xml
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-integrations-security/src/main/resources/META-INF/redback/redback-core.xml?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-integrations-security/src/main/resources/META-INF/redback/redback-core.xml (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-integrations-security/src/main/resources/META-INF/redback/redback-core.xml Fri Apr 6 09:58:14 2012
@@ -0,0 +1,213 @@
+<redback-role-model>
+ <modelVersion>1.0.0</modelVersion>
+ <applications>
+ <application>
+ <id>System</id>
+ <description>Roles that apply system-wide, across all of the applications</description>
+ <version>1.0.0</version>
+ <resources>
+ <resource>
+ <id>global</id>
+ <name>*</name>
+ <permanent>true</permanent>
+ <description>global resource implies full access for authorization</description>
+ </resource>
+ <resource>
+ <id>username</id>
+ <name>${username}</name>
+ <permanent>true</permanent>
+ <description>replaced with the username of the principal at authorization check time</description>
+ </resource>
+ </resources>
+ <operations>
+ <operation>
+ <id>configuration-edit</id>
+ <name>configuration-edit</name>
+ <description>edit configuration</description>
+ <permanent>true</permanent>
+ </operation>
+ <operation>
+ <id>user-management-user-create</id>
+ <name>user-management-user-create</name>
+ <description>create user</description>
+ <permanent>true</permanent>
+ </operation>
+ <operation>
+ <id>user-management-user-edit</id>
+ <name>user-management-user-edit</name>
+ <description>edit user</description>
+ <permanent>true</permanent>
+ </operation>
+ <operation>
+ <id>user-management-user-role</id>
+ <name>user-management-user-role</name>
+ <description>user roles</description>
+ <permanent>true</permanent>
+ </operation>
+ <operation>
+ <id>user-management-user-delete</id>
+ <name>user-management-user-delete</name>
+ <description>delete user</description>
+ <permanent>true</permanent>
+ </operation>
+ <operation>
+ <id>user-management-user-list</id>
+ <name>user-management-user-list</name>
+ <description>list users</description>
+ <permanent>true</permanent>
+ </operation>
+ <operation>
+ <id>user-management-role-grant</id>
+ <name>user-management-role-grant</name>
+ <description>grant role</description>
+ <permanent>true</permanent>
+ </operation>
+ <operation>
+ <id>user-management-role-drop</id>
+ <name>user-management-role-drop</name>
+ <description>drop role</description>
+ <permanent>true</permanent>
+ </operation>
+ <operation>
+ <id>user-management-rbac-admin</id>
+ <name>user-management-rbac-admin</name>
+ <description>administer rbac</description>
+ <permanent>true</permanent>
+ </operation>
+ <operation>
+ <id>guest-access</id>
+ <name>guest-access</name>
+ <description>access guest</description>
+ <permanent>true</permanent>
+ </operation>
+ <operation>
+ <id>user-management-manage-data</id>
+ <name>user-management-manage-data</name>
+ <description>manage data</description>
+ <permanent>true</permanent>
+ </operation>
+ </operations>
+ <roles>
+ <role>
+ <id>system-administrator</id>
+ <name>System Administrator</name>
+ <permanent>true</permanent>
+ <assignable>true</assignable>
+ <permissions>
+ <permission>
+ <id>edit-redback-configuration</id>
+ <name>Edit Redback Configuration</name>
+ <operation>configuration-edit</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ <permission>
+ <id>manage-rbac-setup</id>
+ <name>User RBAC Management</name>
+ <operation>user-management-rbac-admin</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ <permission>
+ <id>manage-rbac-data</id>
+ <name>RBAC Manage Data</name>
+ <operation>user-management-manage-data</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ </permissions>
+ <childRoles>
+ <childRole>user-administrator</childRole>
+ </childRoles>
+ </role>
+ <role>
+ <id>user-administrator</id>
+ <name>User Administrator</name>
+ <permanent>true</permanent>
+ <assignable>true</assignable>
+ <permissions>
+ <permission>
+ <id>drop-roles-for-anyone</id>
+ <name>Drop Roles for Anyone</name>
+ <operation>user-management-role-drop</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ <permission>
+ <id>grant-roles-for-anyone</id>
+ <name>Grant Roles for Anyone</name>
+ <operation>user-management-role-grant</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ <permission>
+ <id>user-create</id>
+ <name>Create Users</name>
+ <operation>user-management-user-create</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ <permission>
+ <id>user-delete</id>
+ <name>Delete Users</name>
+ <operation>user-management-user-delete</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ <permission>
+ <id>user-edit</id>
+ <name>Edit Users</name>
+ <operation>user-management-user-edit</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ <permission>
+ <id>access-users-roles</id>
+ <name>Access Users Roles</name>
+ <operation>user-management-user-role</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ <permission>
+ <id>access-user-list</id>
+ <name>Access User List</name>
+ <operation>user-management-user-list</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ </permissions>
+ </role>
+ <role>
+ <id>registered-user</id>
+ <name>Registered User</name>
+ <permanent>true</permanent>
+ <assignable>true</assignable>
+ <permissions>
+ <permission>
+ <id>edit-user-by-username</id>
+ <name>Edit User Data by Username</name>
+ <operation>user-management-user-edit</operation>
+ <resource>username</resource>
+ <permanent>true</permanent>
+ </permission>
+ </permissions>
+ </role>
+ <role>
+ <id>guest</id>
+ <name>Guest</name>
+ <permanent>true</permanent>
+ <assignable>true</assignable>
+ <permissions>
+ <permission>
+ <id>guest-permission</id>
+ <name>Guest Permission</name>
+ <operation>guest-access</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ </permissions>
+ </role>
+ </roles>
+ </application>
+ </applications>
+</redback-role-model>
\ No newline at end of file
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-integrations-security/src/main/resources/META-INF/redback/redback-core.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-integrations-security/src/main/resources/META-INF/redback/redback-core.xml
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/pom.xml
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-jee/pom.xml?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-jee/pom.xml (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-jee/pom.xml Fri Apr 6 09:58:14 2012
@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ~ Copyright 2006 The Codehaus.
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ -->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.codehaus.redback</groupId>
+ <artifactId>redback-integrations</artifactId>
+ <version>1.5-SNAPSHOT</version>
+ </parent>
+ <artifactId>redback-jee</artifactId>
+ <name>Redback :: Integration :: J(2)EE</name>
+ <packaging>pom</packaging>
+
+ <modules>
+ <module>redback-jee-web-integration</module>
+ </modules>
+</project>
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/pom.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/pom.xml
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/pom.xml
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/pom.xml?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/pom.xml (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/pom.xml Fri Apr 6 09:58:14 2012
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ~ Copyright 2006 The Codehaus.
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ -->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.codehaus.redback</groupId>
+ <artifactId>redback-jee</artifactId>
+ <version>1.5-SNAPSHOT</version>
+ </parent>
+ <artifactId>redback-jee-web-integration</artifactId>
+ <name>Redback :: Integration :: J(2)EE Web Integration</name>
+ <packaging>jar</packaging>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.springframework</groupId>
+ <artifactId>spring-context-support</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>javax.annotation</groupId>
+ <artifactId>jsr250-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>servlet-api</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.codehaus.redback</groupId>
+ <artifactId>redback-system</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>commons-codec</groupId>
+ <artifactId>commons-codec</artifactId>
+ </dependency>
+ </dependencies>
+</project>
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/pom.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/pom.xml
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/HttpUtils.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/HttpUtils.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/HttpUtils.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/HttpUtils.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,77 @@
+package org.codehaus.plexus.redback.http;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import java.util.Properties;
+
+import org.codehaus.plexus.util.StringUtils;
+
+/**
+ * Collection of Utility methods useful in an Http environment.
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ * @todo should move this to plexus-utils or plexus-utils-web
+ */
+public class HttpUtils
+{
+ /**
+ * Convert typical complex header into properties.
+ * <p/>
+ * <p/>
+ * Example:
+ * </p>
+ * <p/>
+ * <code>
+ * realm="Somewhere Over The Rainbow", domain="kansas.co.us", nonce="65743ABCF"
+ * </code>
+ * <p/>
+ * <p>becomes</p>
+ * <p/>
+ * <code>
+ * Map ( "realm", "Somewhere Over The Rainbox" )
+ * Map ( "domain", "kansas.co.us" )
+ * Map ( "nonce", "65743ABCF" )
+ * </code>
+ *
+ * @param rawheader
+ * @param majorDelim
+ * @param subDelim
+ * @return
+ */
+ public static Properties complexHeaderToProperties( String rawheader, String majorDelim, String subDelim )
+ {
+ Properties ret = new Properties();
+
+ if ( StringUtils.isEmpty( rawheader ) )
+ {
+ return ret;
+ }
+
+ String array[] = StringUtils.split( rawheader, majorDelim );
+ for ( int i = 0; i < array.length; i++ )
+ {
+ // String quotes.
+ String rawelem = StringUtils.replace( array[i], "\"", "" );
+ String parts[] = StringUtils.split( rawelem, subDelim, 2 );
+
+ ret.setProperty( StringUtils.trim( parts[0] ), StringUtils.trim( parts[1] ) );
+ }
+
+ return ret;
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/HttpUtils.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/HttpUtils.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/AbstractHttpAuthenticator.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/AbstractHttpAuthenticator.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/AbstractHttpAuthenticator.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/AbstractHttpAuthenticator.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,155 @@
+package org.codehaus.plexus.redback.http.authentication;
+
+import org.codehaus.plexus.redback.authentication.AuthenticationDataSource;
+import org.codehaus.plexus.redback.authentication.AuthenticationException;
+import org.codehaus.plexus.redback.authentication.AuthenticationResult;
+import org.codehaus.plexus.redback.policy.AccountLockedException;
+import org.codehaus.plexus.redback.policy.MustChangePasswordException;
+import org.codehaus.plexus.redback.system.SecuritySession;
+import org.codehaus.plexus.redback.system.SecuritySystem;
+import org.codehaus.plexus.redback.users.User;
+import org.codehaus.plexus.redback.users.UserNotFoundException;
+import org.codehaus.plexus.util.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.inject.Inject;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * HttpAuthenticator is the workings of an authenticator for http with the session storage abstracted
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @author Andrew Williams
+ * @version $Id$
+ */
+public abstract class AbstractHttpAuthenticator
+ implements HttpAuthenticator
+{
+ protected Logger log = LoggerFactory.getLogger( getClass() );
+
+ @Inject
+ protected SecuritySystem securitySystem;
+
+ /**
+ * The Public Face of the Authenticator.
+ *
+ * @throws org.codehaus.plexus.redback.policy.MustChangePasswordException
+ *
+ * @throws org.codehaus.plexus.redback.policy.AccountLockedException
+ *
+ */
+ protected AuthenticationResult authenticate( AuthenticationDataSource ds, Object session )
+ throws AuthenticationException, AccountLockedException, MustChangePasswordException
+ {
+ try
+ {
+ SecuritySession securitySession = securitySystem.authenticate( ds );
+
+ setSecuritySession( securitySession, session );
+
+ return securitySession.getAuthenticationResult();
+ }
+ catch ( AuthenticationException e )
+ {
+ String msg = "Unable to authenticate user: " + ds;
+ log.info( msg, e );
+ throw new HttpAuthenticationException( msg, e );
+ }
+ catch ( UserNotFoundException e )
+ {
+ log.info( "Login attempt against unknown user: {}", ds );
+ throw new HttpAuthenticationException( "User name or password invalid.", e );
+ }
+ }
+
+ /**
+ * Entry point for a Filter.
+ *
+ * @param request
+ * @param response
+ * @throws org.codehaus.plexus.redback.authentication.AuthenticationException
+ *
+ */
+ public void authenticate( HttpServletRequest request, HttpServletResponse response )
+ throws AuthenticationException
+ {
+ try
+ {
+ AuthenticationResult result = getAuthenticationResult( request, response );
+
+ if ( ( result == null ) || ( !result.isAuthenticated() ) )
+ {
+ throw new HttpAuthenticationException( "You are not authenticated." );
+ }
+ }
+ catch ( AccountLockedException e )
+ {
+ throw new HttpAuthenticationException( "Your account is locked." );
+ }
+ catch ( MustChangePasswordException e )
+ {
+ throw new HttpAuthenticationException( "You must change your password." );
+ }
+
+ }
+
+ protected abstract Object getSessionValue( Object session, String key );
+
+ protected abstract void setSessionValue( Object session, String key, Object value );
+
+ protected User getSessionUser( Object session )
+ {
+ return (User) getSessionValue( session, SecuritySession.USERKEY );
+ }
+
+ protected boolean isAlreadyAuthenticated( Object session )
+ {
+ User user = getSessionUser( session );
+
+ return ( ( user != null ) && !user.isLocked() );
+ }
+
+ protected SecuritySession getSecuritySession( Object session )
+ {
+ return (SecuritySession) getSessionValue( session, SecuritySession.SESSION_KEY );
+ }
+
+ protected void setSecuritySession( SecuritySession session, Object sessionObj )
+ {
+ setSessionValue( sessionObj, SecuritySession.SESSION_KEY, session );
+ setSessionValue( sessionObj, SecuritySession.USERKEY, session.getUser() );
+ }
+
+ protected void setSessionUser( User user, Object session )
+ {
+ setSessionValue( session, SecuritySession.SESSION_KEY, null );
+ setSessionValue( session, SecuritySession.USERKEY, user );
+ }
+
+ protected String storeDefaultUser( String principal, Object session )
+ {
+ setSessionValue( session, SecuritySession.SESSION_KEY, null );
+ setSessionValue( session, SecuritySession.USERKEY, null );
+
+ if ( StringUtils.isEmpty( principal ) )
+ {
+ return null;
+ }
+
+ try
+ {
+ User user = securitySystem.getUserManager().findUser( principal );
+ setSessionValue( session, SecuritySession.USERKEY, user );
+
+ return user.getPrincipal().toString();
+
+ }
+ catch ( UserNotFoundException e )
+ {
+ log.warn( "Default User '" + principal + "' not found.", e );
+ return null;
+ }
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/AbstractHttpAuthenticator.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/AbstractHttpAuthenticator.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/HttpAuthenticationException.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/HttpAuthenticationException.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/HttpAuthenticationException.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/HttpAuthenticationException.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,35 @@
+package org.codehaus.plexus.redback.http.authentication;
+
+import org.codehaus.plexus.redback.authentication.AuthenticationException;
+
+/**
+ * HttpAuthenticationException
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public class HttpAuthenticationException
+ extends AuthenticationException
+{
+
+ public HttpAuthenticationException()
+ {
+ super();
+ }
+
+ public HttpAuthenticationException( String message, Throwable cause )
+ {
+ super( message, cause );
+ }
+
+ public HttpAuthenticationException( String message )
+ {
+ super( message );
+ }
+
+ public HttpAuthenticationException( Throwable cause )
+ {
+ super( cause );
+ }
+
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/HttpAuthenticationException.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/HttpAuthenticationException.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/HttpAuthenticator.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/HttpAuthenticator.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/HttpAuthenticator.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/HttpAuthenticator.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,58 @@
+package org.codehaus.plexus.redback.http.authentication;
+
+import org.codehaus.plexus.redback.authentication.AuthenticationException;
+import org.codehaus.plexus.redback.authentication.AuthenticationResult;
+import org.codehaus.plexus.redback.policy.AccountLockedException;
+import org.codehaus.plexus.redback.policy.MustChangePasswordException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * HttpAuthenticator
+ *
+ * @author Andrew Williams
+ * @version $Id$
+ */
+public interface HttpAuthenticator
+{
+ /**
+ * Entry point for a Filter.
+ *
+ * @param request
+ * @param response
+ * @throws AuthenticationException
+ */
+ void authenticate( HttpServletRequest request, HttpServletResponse response )
+ throws AuthenticationException;
+
+ /**
+ * Issue a Challenge Response back to the HTTP Client.
+ *
+ * @param request
+ * @param response
+ * @param realmName
+ * @param exception
+ * @throws java.io.IOException
+ */
+ void challenge( HttpServletRequest request, HttpServletResponse response, String realmName,
+ AuthenticationException exception )
+ throws IOException;
+
+ /**
+ * Parse the incoming request and return an AuthenticationResult.
+ *
+ * @param request
+ * @param response
+ * @return null if no http auth credentials, or the actual authentication result based on the credentials.
+ * @throws AuthenticationException
+ * @throws org.codehaus.plexus.redback.policy.MustChangePasswordException
+ *
+ * @throws org.codehaus.plexus.redback.policy.AccountLockedException
+ *
+ */
+ AuthenticationResult getAuthenticationResult( HttpServletRequest request, HttpServletResponse response )
+ throws AuthenticationException, AccountLockedException, MustChangePasswordException;
+
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/HttpAuthenticator.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/HttpAuthenticator.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/MapBasedHttpAuthenticator.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/MapBasedHttpAuthenticator.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/MapBasedHttpAuthenticator.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/MapBasedHttpAuthenticator.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,79 @@
+package org.codehaus.plexus.redback.http.authentication;
+
+import java.util.Map;
+
+import org.codehaus.plexus.redback.authentication.AuthenticationDataSource;
+import org.codehaus.plexus.redback.authentication.AuthenticationException;
+import org.codehaus.plexus.redback.authentication.AuthenticationResult;
+import org.codehaus.plexus.redback.policy.AccountLockedException;
+import org.codehaus.plexus.redback.policy.MustChangePasswordException;
+import org.codehaus.plexus.redback.system.SecuritySession;
+import org.codehaus.plexus.redback.users.User;
+
+/**
+ * An HttpAuthenticator using a Map for session storage
+ *
+ * @author Andrew Williams
+ * @version $Id$
+ * @since 1.0
+ */
+public abstract class MapBasedHttpAuthenticator
+ extends AbstractHttpAuthenticator
+{
+
+ protected Object getSessionValue( Object session, String key )
+ {
+ if ( !( session instanceof Map ) )
+ {
+ throw new IllegalArgumentException( "The session for a MapBasedAuthenticator must be a java.util.Map" );
+ }
+
+ return ( (Map) session ).get( key );
+ }
+
+ protected void setSessionValue( Object session, String key, Object value )
+ {
+ if ( !( session instanceof Map ) )
+ {
+ throw new IllegalArgumentException( "The session for a MapBasedAuthenticator must be a java.util.Map" );
+ }
+
+ ( (Map) session ).put( key, value );
+ }
+
+ public AuthenticationResult authenticate( AuthenticationDataSource ds, Map session )
+ throws AuthenticationException, AccountLockedException, MustChangePasswordException
+ {
+ return super.authenticate( ds, session );
+ }
+
+ public User getSessionUser( Map session )
+ {
+ return super.getSessionUser( session );
+ }
+
+ public boolean isAlreadyAuthenticated( Map session )
+ {
+ return super.isAlreadyAuthenticated( session );
+ }
+
+ public SecuritySession getSecuritySession( Map session )
+ {
+ return super.getSecuritySession( session );
+ }
+
+ public void setSecuritySession( SecuritySession session, Map sessionObj )
+ {
+ super.setSecuritySession( session, sessionObj );
+ }
+
+ public void setSessionUser( User user, Map session )
+ {
+ super.setSessionUser( user, session );
+ }
+
+ public String storeDefaultUser( String principal, Map session )
+ {
+ return super.storeDefaultUser( principal, session );
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/MapBasedHttpAuthenticator.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/MapBasedHttpAuthenticator.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/SessionBasedHttpAuthenticator.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/SessionBasedHttpAuthenticator.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/SessionBasedHttpAuthenticator.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/SessionBasedHttpAuthenticator.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,79 @@
+package org.codehaus.plexus.redback.http.authentication;
+
+import javax.servlet.http.HttpSession;
+
+import org.codehaus.plexus.redback.authentication.AuthenticationDataSource;
+import org.codehaus.plexus.redback.authentication.AuthenticationException;
+import org.codehaus.plexus.redback.authentication.AuthenticationResult;
+import org.codehaus.plexus.redback.policy.AccountLockedException;
+import org.codehaus.plexus.redback.policy.MustChangePasswordException;
+import org.codehaus.plexus.redback.system.SecuritySession;
+import org.codehaus.plexus.redback.users.User;
+
+/**
+ * An HttpAuthenticator using an HttpSession for session storage
+ *
+ * @author Andrew Williams
+ * @version $Id$
+ * @since 1.0
+ */
+public abstract class SessionBasedHttpAuthenticator
+ extends AbstractHttpAuthenticator
+{
+
+ protected Object getSessionValue( Object session, String key )
+ {
+ if ( !( session instanceof HttpSession ) )
+ {
+ throw new IllegalArgumentException( "The session for a SessionBasedAuthenticator must be a javax.servlet.http.HttpSession" );
+ }
+
+ return ( (HttpSession) session ).getAttribute( key );
+ }
+
+ protected void setSessionValue( Object session, String key, Object value )
+ {
+ if ( !( session instanceof HttpSession ) )
+ {
+ throw new IllegalArgumentException( "The session for a SessionBasedAuthenticator must be a javax.servlet.http.HttpSession" );
+ }
+
+ ( (HttpSession) session ).setAttribute( key, value );
+ }
+
+ public AuthenticationResult authenticate( AuthenticationDataSource ds, HttpSession session )
+ throws AuthenticationException, AccountLockedException, MustChangePasswordException
+ {
+ return super.authenticate( ds, session );
+ }
+
+ public User getSessionUser( HttpSession session )
+ {
+ return super.getSessionUser( session );
+ }
+
+ public boolean isAlreadyAuthenticated( HttpSession session )
+ {
+ return super.isAlreadyAuthenticated( session );
+ }
+
+ public SecuritySession getSecuritySession( HttpSession session )
+ {
+ return super.getSecuritySession( session );
+ }
+
+ public void setSecuritySession( SecuritySession session, HttpSession sessionObj )
+ {
+ super.setSecuritySession( session, sessionObj );
+ }
+
+ public void setSessionUser( User user, HttpSession session )
+ {
+ super.setSessionUser( user, session );
+ }
+
+ public String storeDefaultUser( String principal, HttpSession session )
+ {
+ return super.storeDefaultUser( principal, session );
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/SessionBasedHttpAuthenticator.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/SessionBasedHttpAuthenticator.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/basic/HttpBasicAuthentication.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/basic/HttpBasicAuthentication.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/basic/HttpBasicAuthentication.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/basic/HttpBasicAuthentication.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,116 @@
+package org.codehaus.plexus.redback.http.authentication.basic;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import java.io.IOException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import org.apache.commons.codec.binary.Base64;
+import org.codehaus.plexus.redback.authentication.AuthenticationException;
+import org.codehaus.plexus.redback.authentication.AuthenticationResult;
+import org.codehaus.plexus.redback.authentication.PasswordBasedAuthenticationDataSource;
+import org.codehaus.plexus.redback.http.authentication.SessionBasedHttpAuthenticator;
+import org.codehaus.plexus.redback.policy.AccountLockedException;
+import org.codehaus.plexus.redback.policy.MustChangePasswordException;
+import org.codehaus.plexus.util.StringUtils;
+import org.springframework.stereotype.Service;
+
+/**
+ * HttpBasicAuthentication
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @author Andrew Williams
+ * @version $Id$
+ */
+@Service("httpAuthenticator#basic")
+public class HttpBasicAuthentication
+ extends SessionBasedHttpAuthenticator
+{
+
+ public String getId()
+ {
+ return HttpBasicAuthentication.class.getName();
+ }
+
+ public AuthenticationResult getAuthenticationResult( HttpServletRequest request, HttpServletResponse response )
+ throws AuthenticationException, AccountLockedException, MustChangePasswordException
+ {
+ HttpSession session = request.getSession();
+
+ if ( isAlreadyAuthenticated( session ) )
+ {
+ return getSecuritySession( session ).getAuthenticationResult();
+ }
+
+ PasswordBasedAuthenticationDataSource authDataSource;
+ String header = request.getHeader( "Authorization" );
+
+ // in tomcat this is : authorization=Basic YWRtaW46TWFuYWdlMDc=
+ if ( header == null )
+ {
+ header = request.getHeader("authorization");
+ }
+
+ if ( ( header != null ) && header.startsWith( "Basic " ) )
+ {
+ String base64Token = header.substring( 6 );
+ String token = new String( Base64.decodeBase64( base64Token.getBytes() ) );
+
+ String username = "";
+ String password = "";
+ int delim = token.indexOf( ':' );
+
+ if ( delim != ( -1 ) )
+ {
+ username = token.substring( 0, delim );
+ password = token.substring( delim + 1 );
+ }
+
+ authDataSource = new PasswordBasedAuthenticationDataSource( username, password );
+ return super.authenticate( authDataSource, session );
+ }
+ else
+ {
+ return null;
+ }
+ }
+
+ /**
+ * Return a HTTP 403 - Access Denied response.
+ *
+ * @param request the request to use.
+ * @param response the response to use.
+ * @param realmName the realm name to state.
+ * @param exception the exception to base the message off of.
+ * @throws IOException if there was a problem with the {@link HttpServletResponse#sendError(int,String)} call.
+ */
+ public void challenge( HttpServletRequest request, HttpServletResponse response, String realmName,
+ AuthenticationException exception )
+ throws IOException
+ {
+ response.addHeader( "WWW-Authenticate", "Basic realm=\"" + realmName + "\"" );
+ String message = "You must provide a username and password to access this resource.";
+ if ( ( exception != null ) && StringUtils.isNotEmpty( exception.getMessage() ) )
+ {
+ message = exception.getMessage();
+ }
+ response.sendError( HttpServletResponse.SC_UNAUTHORIZED, message );
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/basic/HttpBasicAuthentication.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/basic/HttpBasicAuthentication.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/Digest.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/Digest.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/Digest.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/Digest.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,48 @@
+package org.codehaus.plexus.redback.http.authentication.digest;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
+/**
+ * Digest
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ * @todo move to plexus-utils in future
+ */
+public class Digest
+{
+ public static String md5Hex( String data )
+ {
+ MessageDigest digest = getDigest( "MD5" );
+ return Hex.encode( digest.digest( data.getBytes() ) );
+ }
+
+ public static MessageDigest getDigest( String algorithm )
+ {
+ try
+ {
+ return MessageDigest.getInstance( algorithm );
+ }
+ catch ( NoSuchAlgorithmException e )
+ {
+ throw new RuntimeException( "Error initializing MessageDigest: " + e.getMessage(), e );
+ }
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/Digest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/Digest.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/Hex.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/Hex.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/Hex.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/Hex.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,49 @@
+package org.codehaus.plexus.redback.http.authentication.digest;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * Hex
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ * @todo should probably move this to plexus-utils or plexus-security-common
+ */
+public class Hex
+{
+ private static final byte[] DIGITS = "0123456789abcdef".getBytes();
+
+ public static String encode( byte[] data )
+ {
+ int l = data.length;
+
+ byte[] raw = new byte[l * 2];
+
+ for ( int i = 0, j = 0; i < l; i++ )
+ {
+ raw[j++] = DIGITS[( 0xF0 & data[i] ) >>> 4];
+ raw[j++] = DIGITS[0x0F & data[i]];
+ }
+
+ return new String( raw );
+ }
+
+ public static String encode( String raw )
+ {
+ return encode( raw.getBytes() );
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/Hex.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/Hex.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/HttpDigestAuthentication.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/HttpDigestAuthentication.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/HttpDigestAuthentication.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/HttpDigestAuthentication.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,209 @@
+package org.codehaus.plexus.redback.http.authentication.digest;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.commons.codec.binary.Base64;
+import org.codehaus.plexus.redback.authentication.AuthenticationException;
+import org.codehaus.plexus.redback.authentication.AuthenticationResult;
+import org.codehaus.plexus.redback.authentication.TokenBasedAuthenticationDataSource;
+import org.codehaus.plexus.redback.http.authentication.HttpAuthenticationException;
+import org.codehaus.plexus.redback.http.authentication.SessionBasedHttpAuthenticator;
+import org.codehaus.plexus.redback.policy.AccountLockedException;
+import org.codehaus.plexus.redback.policy.MustChangePasswordException;
+import org.codehaus.plexus.redback.users.User;
+import org.codehaus.plexus.redback.users.UserManager;
+import org.codehaus.plexus.redback.users.UserNotFoundException;
+import org.codehaus.plexus.util.StringUtils;
+import org.springframework.stereotype.Service;
+
+import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.io.IOException;
+
+/**
+ * HttpDigestAuthentication methods for working with <a href="http://www.faqs.org/rfcs/rfc2617.html">RFC 2617 HTTP Authentication</a>.
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @author Andrew Williams
+ * @version $Id$
+ */
+@Service( "attpAuthenticator#digest" )
+public class HttpDigestAuthentication
+ extends SessionBasedHttpAuthenticator
+{
+ @Resource( name = "userManager#configurable" )
+ private UserManager userManager;
+
+ /**
+ *
+ */
+ private int nonceLifetimeSeconds = 300;
+
+ /**
+ * NOTE: Must be alphanumeric.
+ */
+ private String digestKey = "OrycteropusAfer";
+
+ private String realm;
+
+ public String getId()
+ {
+ return HttpDigestAuthentication.class.getName();
+ }
+
+ public AuthenticationResult getAuthenticationResult( HttpServletRequest request, HttpServletResponse response )
+ throws AuthenticationException, AccountLockedException, MustChangePasswordException
+ {
+ HttpSession session = request.getSession();
+
+ if ( isAlreadyAuthenticated( session ) )
+ {
+ return getSecuritySession( session ).getAuthenticationResult();
+ }
+
+ TokenBasedAuthenticationDataSource authDataSource = new TokenBasedAuthenticationDataSource();
+ String authHeader = request.getHeader( "Authorization" );
+
+ // in tomcat this is : authorization=Basic YWRtaW46TWFuYWdlMDc=
+ if ( authHeader == null )
+ {
+ authHeader = request.getHeader( "authorization" );
+ }
+
+ if ( ( authHeader != null ) && authHeader.startsWith( "Digest " ) )
+ {
+ String rawDigestHeader = authHeader.substring( 7 );
+
+ HttpDigestHeader digestHeader = new HttpDigestHeader();
+ digestHeader.parseClientHeader( rawDigestHeader, getRealm(), digestKey );
+
+ // Lookup password for presented username
+ User user = findUser( digestHeader.username );
+ authDataSource.setPrincipal( user.getPrincipal().toString() );
+
+ String serverSideHash = generateDigestHash( digestHeader, user.getPassword(), request.getMethod() );
+
+ if ( !StringUtils.equals( serverSideHash, digestHeader.response ) )
+ {
+ throw new HttpAuthenticationException( "Digest response was invalid." );
+ }
+ }
+
+ return super.authenticate( authDataSource, session );
+ }
+
+ public User findUser( String username )
+ throws HttpAuthenticationException
+ {
+ try
+ {
+ return userManager.findUser( username );
+ }
+ catch ( UserNotFoundException e )
+ {
+ String msg = "Unable to find primary user '" + username + "'.";
+ log.error( msg, e );
+ throw new HttpAuthenticationException( msg, e );
+ }
+ }
+
+ /**
+ * Issue HTTP Digest Authentication Challenge
+ *
+ * @param request the request to use.
+ * @param response the response to use.
+ * @param realmName the realm name to state.
+ * @param exception the exception to base the message off of.
+ * @throws IOException if there was a problem with the {@link HttpServletResponse#sendError(int, String)} call.
+ */
+ public void challenge( HttpServletRequest request, HttpServletResponse response, String realmName,
+ AuthenticationException exception )
+ throws IOException
+ {
+ // The Challenge Header
+ StringBuilder authHeader = new StringBuilder();
+ authHeader.append( "Digest " );
+ // [REQUIRED] The name to appear in the dialog box to the user.
+ authHeader.append( "realm=\"" ).append( realmName ).append( "\"" );
+ // [OPTIONAL] We do not use the optional 'domain' header.
+ // authHeader.append( "domain=\"" ).append( domain ).append( "\"" );
+ // [REQUIRED] Nonce specification.
+ authHeader.append( ", nonce=\"" );
+ long timestamp = System.currentTimeMillis() + ( nonceLifetimeSeconds * 1000 );
+ // Not using ETag from RFC 2617 intentionally.
+ String hraw = String.valueOf( timestamp ) + ":" + digestKey;
+ String rawnonce = String.valueOf( timestamp ) + ":" + Digest.md5Hex( hraw );
+ authHeader.append( Base64.encodeBase64( rawnonce.getBytes() ) );
+ authHeader.append( "\"" );
+ // [REQUIRED] The RFC 2617 Quality of Protection.
+ // MSIE Appears to only support 'auth'
+ // Do not use 'opaque' here. (Your MSIE users will have issues)
+ authHeader.append( ", qop=\"auth\"" );
+ // [BROKEN] since we force the 'auth' qop we cannot use the opaque option.
+ // authHeader.append( ", opaque=\"").append(opaqueString).append("\"");
+
+ // [OPTIONAL] Use of the stale option is reserved for expired nonce strings.
+ if ( exception instanceof NonceExpirationException )
+ {
+ authHeader.append( ", stale=\"true\"" );
+ }
+
+ // [OPTIONAL] We do not use the optional Algorithm header.
+ // authHeader.append( ", algorithm=\"MD5\"");
+
+ response.addHeader( "WWW-Authenticate", authHeader.toString() );
+ response.sendError( HttpServletResponse.SC_UNAUTHORIZED, exception.getMessage() );
+ }
+
+ private String generateDigestHash( HttpDigestHeader digestHeader, String password, String httpMethod )
+ {
+ String a1 = Digest.md5Hex( digestHeader.username + ":" + realm + ":" + password );
+ String a2 = Digest.md5Hex( httpMethod + ":" + digestHeader.uri );
+
+ String digest;
+
+ if ( StringUtils.isEmpty( digestHeader.qop ) )
+ {
+ digest = a1 + ":" + digestHeader.nonce + ":" + a2;
+ }
+ else if ( StringUtils.equals( "auth", digestHeader.qop ) )
+ {
+ digest = a1 + ":" + digestHeader.nonce + ":" + digestHeader.nc + ":" + digestHeader.cnonce + ":"
+ + digestHeader.qop + ":" + a2;
+ }
+ else
+ {
+ throw new IllegalStateException(
+ "Http Digest Parameter [qop] with value of [" + digestHeader.qop + "] is unsupported." );
+ }
+
+ return Digest.md5Hex( digest );
+ }
+
+ public String getRealm()
+ {
+ return realm;
+ }
+
+ public void setRealm( String realm )
+ {
+ this.realm = realm;
+ }
+
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/HttpDigestAuthentication.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/HttpDigestAuthentication.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/HttpDigestHeader.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/HttpDigestHeader.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/HttpDigestHeader.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/HttpDigestHeader.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,145 @@
+package org.codehaus.plexus.redback.http.authentication.digest;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.commons.codec.binary.Base64;
+import org.codehaus.plexus.redback.http.HttpUtils;
+import org.codehaus.plexus.redback.http.authentication.HttpAuthenticationException;
+import org.codehaus.plexus.util.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.annotation.Scope;
+import org.springframework.stereotype.Service;
+
+import java.util.Properties;
+
+/**
+ * HttpDigestHeader
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+@Service( "httpClientHeader" )
+@Scope( "protype" )
+class HttpDigestHeader
+{
+
+ private Logger log = LoggerFactory.getLogger( getClass() );
+
+ public String username;
+
+ public String realm;
+
+ public String nonce;
+
+ public String uri;
+
+ public String response;
+
+ public String qop;
+
+ public String nc;
+
+ public String cnonce;
+
+ public void parseClientHeader( String rawHeader, String expectedRealm, String digestKey )
+ throws HttpAuthenticationException
+ {
+ Properties authHeaderProps = HttpUtils.complexHeaderToProperties( rawHeader, ",", "=" );
+
+ username = authHeaderProps.getProperty( "username" );
+ realm = authHeaderProps.getProperty( "realm" );
+ nonce = authHeaderProps.getProperty( "nonce" );
+ uri = authHeaderProps.getProperty( "uri" );
+ response = authHeaderProps.getProperty( "response" );
+ qop = authHeaderProps.getProperty( "qop" );
+ nc = authHeaderProps.getProperty( "nc" );
+ cnonce = authHeaderProps.getProperty( "cnonce" );
+
+ // [RFC 2067] Validate all required values
+ if ( StringUtils.isEmpty( username ) || StringUtils.isEmpty( realm ) || StringUtils.isEmpty( nonce )
+ || StringUtils.isEmpty( uri ) || StringUtils.isEmpty( response ) )
+ {
+ log.debug( "Missing mandatory fields: Raw Digest Header : [{}]", rawHeader );
+
+ throw new HttpAuthenticationException( "Missing mandatory digest fields per RFC2069." );
+ }
+
+ // [RFC 2617] Validate realm.
+ if ( !StringUtils.equals( expectedRealm, realm ) )
+ {
+ log.debug( "Realm name is invalid: expected [{}] but got [{}]", expectedRealm, realm );
+
+ throw new HttpAuthenticationException( "Response realm does not match expected realm." );
+ }
+
+ // [RFC 2617] Validate "auth" qop
+ if ( StringUtils.equals( "auth", qop ) )
+ {
+ if ( StringUtils.isEmpty( nc ) || StringUtils.isEmpty( cnonce ) )
+ {
+ log.debug( "Missing mandatory qop fields: nc [{}] cnonce [{}]", nc, cnonce );
+
+ throw new HttpAuthenticationException( "Missing mandatory qop digest fields per RFC2617." );
+ }
+ }
+
+ // [RFC 2617] Validate nonce
+ if ( !Base64.isArrayByteBase64( nonce.getBytes() ) )
+ {
+ log.debug( "Nonce is not encoded in Base64: nonce [{}]", nonce );
+
+ throw new HttpAuthenticationException( "Response nonce is not encoded in Base64." );
+ }
+
+ // Decode nonce
+ String decodedNonce = new String( Base64.decodeBase64( nonce.getBytes() ) );
+ String nonceTokens[] = StringUtils.split( decodedNonce, ":" );
+
+ // Validate nonce format
+ if ( nonceTokens.length != 2 )
+ {
+ log.debug( "Nonce format expected [2] elements, but got [{}] instead. Decoded nonce [{}]",
+ nonceTokens.length, decodedNonce );
+
+ throw new HttpAuthenticationException(
+ "Nonce format is invalid. " + "Received an unexpected number of sub elements." );
+ }
+
+ // Extract nonce timestamp
+ long nonceTimestamp = 0;
+
+ try
+ {
+ nonceTimestamp = Long.parseLong( nonceTokens[0] );
+ }
+ catch ( NumberFormatException e )
+ {
+ throw new HttpAuthenticationException( "Unexpected nonce timestamp." );
+ }
+
+ // Extract nonce signature
+ String expectedSignature = Digest.md5Hex( nonceTimestamp + ":" + digestKey );
+
+ if ( !StringUtils.equals( expectedSignature, nonceTokens[1] ) )
+ {
+ log.error( "Nonce parameter has been compromised." );
+
+ throw new HttpAuthenticationException( "Nonce parameter has been compromised." );
+ }
+ }
+}
\ No newline at end of file
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/HttpDigestHeader.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/HttpDigestHeader.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/NonceExpirationException.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/NonceExpirationException.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/NonceExpirationException.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/NonceExpirationException.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,50 @@
+package org.codehaus.plexus.redback.http.authentication.digest;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.codehaus.plexus.redback.http.authentication.HttpAuthenticationException;
+
+/**
+ * NonceExpirationException
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public class NonceExpirationException
+ extends HttpAuthenticationException
+{
+
+ public NonceExpirationException()
+ {
+ super();
+ }
+
+ public NonceExpirationException( String message, Throwable cause )
+ {
+ super( message, cause );
+ }
+
+ public NonceExpirationException( String message )
+ {
+ super( message );
+ }
+
+ public NonceExpirationException( Throwable cause )
+ {
+ super( cause );
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/NonceExpirationException.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/java/org/codehaus/plexus/redback/http/authentication/digest/NonceExpirationException.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/resources/META-INF/spring-context.xml
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/resources/META-INF/spring-context.xml?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/resources/META-INF/spring-context.xml (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/resources/META-INF/spring-context.xml Fri Apr 6 09:58:14 2012
@@ -0,0 +1,33 @@
+<?xml version="1.0"?>
+
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
+ http://www.springframework.org/schema/context
+ http://www.springframework.org/schema/context/spring-context-2.5.xsd"
+ default-lazy-init="true">
+
+ <context:annotation-config />
+ <context:component-scan base-package="org.codehaus.plexus.redback.http.authentication"/>
+
+</beans>
\ No newline at end of file
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/resources/META-INF/spring-context.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/main/resources/META-INF/spring-context.xml
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/test/java/org/codehaus/plexus/redback/http/authentication/digest/HexTest.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/test/java/org/codehaus/plexus/redback/http/authentication/digest/HexTest.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/test/java/org/codehaus/plexus/redback/http/authentication/digest/HexTest.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/test/java/org/codehaus/plexus/redback/http/authentication/digest/HexTest.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,40 @@
+package org.codehaus.plexus.redback.http.authentication.digest;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import junit.framework.TestCase;
+
+public class HexTest
+ extends TestCase
+{
+ public void testEncoding()
+ {
+ String raw = "Lenore\nLenore";
+ String lenoreHex = "4c656e6f7265";
+ String expected = lenoreHex + "0a" + lenoreHex;
+
+ assertEquals( expected, Hex.encode( raw ) );
+ }
+
+ public void testTheRaven()
+ {
+ String raw = "Quoth the Raven, \"Nevermore.\"";
+ String expected = "51756f74682074686520526176656e2c20224e657665726d6f72652e22";
+
+ assertEquals( expected, Hex.encode( raw.getBytes() ) );
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/test/java/org/codehaus/plexus/redback/http/authentication/digest/HexTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jee/redback-jee-web-integration/src/test/java/org/codehaus/plexus/redback/http/authentication/digest/HexTest.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-jsecurity/pom.xml
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-jsecurity/pom.xml?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-jsecurity/pom.xml (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-jsecurity/pom.xml Fri Apr 6 09:58:14 2012
@@ -0,0 +1,54 @@
+<?xml version="1.0"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <artifactId>redback-integrations</artifactId>
+ <groupId>org.codehaus.redback</groupId>
+ <version>1.5-SNAPSHOT</version>
+ </parent>
+ <groupId>org.codehaus.redback</groupId>
+ <artifactId>redback-jsecurity</artifactId>
+ <version>1.5-SNAPSHOT</version>
+ <name>Redback :: Integration :: JSecurity Integration</name>
+ <dependencies>
+ <dependency>
+ <groupId>org.codehaus.redback</groupId>
+ <artifactId>redback-users-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.codehaus.redback</groupId>
+ <artifactId>redback-rbac-model</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.codehaus.redback</groupId>
+ <artifactId>redback-system</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.jsecurity</groupId>
+ <artifactId>jsecurity</artifactId>
+ <version>0.9.0-RC2</version>
+ </dependency>
+
+ <!-- Test Dependencies -->
+ <dependency>
+ <groupId>org.codehaus.redback</groupId>
+ <artifactId>redback-users-memory</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.codehaus.redback</groupId>
+ <artifactId>redback-rbac-memory</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.hsqldb</groupId>
+ <artifactId>hsqldb</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-simple</artifactId>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+</project>
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jsecurity/pom.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jsecurity/pom.xml
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-jsecurity/src/main/java/org/codehaus/redback/jsecurity/PrincipalLockedException.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-jsecurity/src/main/java/org/codehaus/redback/jsecurity/PrincipalLockedException.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-jsecurity/src/main/java/org/codehaus/redback/jsecurity/PrincipalLockedException.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-jsecurity/src/main/java/org/codehaus/redback/jsecurity/PrincipalLockedException.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,40 @@
+package org.codehaus.redback.jsecurity;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import org.jsecurity.authc.AuthenticationException;
+
+public class PrincipalLockedException extends AuthenticationException
+{
+ public PrincipalLockedException(String message, Throwable cause)
+ {
+ super(message, cause);
+ }
+
+ public PrincipalLockedException(String message)
+ {
+ super(message);
+ }
+
+ public PrincipalLockedException(Throwable cause)
+ {
+ super(cause);
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jsecurity/src/main/java/org/codehaus/redback/jsecurity/PrincipalLockedException.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jsecurity/src/main/java/org/codehaus/redback/jsecurity/PrincipalLockedException.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-jsecurity/src/main/java/org/codehaus/redback/jsecurity/PrincipalPasswordChangeRequiredException.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-jsecurity/src/main/java/org/codehaus/redback/jsecurity/PrincipalPasswordChangeRequiredException.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-jsecurity/src/main/java/org/codehaus/redback/jsecurity/PrincipalPasswordChangeRequiredException.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-jsecurity/src/main/java/org/codehaus/redback/jsecurity/PrincipalPasswordChangeRequiredException.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,40 @@
+package org.codehaus.redback.jsecurity;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import org.jsecurity.authc.AuthenticationException;
+
+public class PrincipalPasswordChangeRequiredException extends AuthenticationException
+{
+ public PrincipalPasswordChangeRequiredException(String message, Throwable cause)
+ {
+ super(message, cause);
+ }
+
+ public PrincipalPasswordChangeRequiredException(String message)
+ {
+ super(message);
+ }
+
+ public PrincipalPasswordChangeRequiredException(Throwable cause)
+ {
+ super(cause);
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jsecurity/src/main/java/org/codehaus/redback/jsecurity/PrincipalPasswordChangeRequiredException.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-jsecurity/src/main/java/org/codehaus/redback/jsecurity/PrincipalPasswordChangeRequiredException.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision