You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@archiva.apache.org by jo...@apache.org on 2006/09/19 02:39:25 UTC
svn commit: r447657 - in /maven/archiva/trunk/archiva-webapp: ./
src/main/java/org/apache/maven/archiva/web/action/admin/
src/main/java/org/apache/maven/archiva/web/interceptor/
src/main/java/org/apache/maven/archiva/web/servlet/repository/ src/main/re...
Author: joakime
Date: Mon Sep 18 17:39:24 2006
New Revision: 447657
URL: http://svn.apache.org/viewvc?view=rev&rev=447657
Log:
[MRM-137] The big plexus-security integration commit.
Removed:
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/NewUserAction.java
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/action/admin/UserManagementAction.java
maven/archiva/trunk/archiva-webapp/src/main/resources/org/apache/maven/archiva/web/action/admin/NewUserAction-validation.xml
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/findUser.jsp
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/include/registerUserForm.jspf
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/index.jsp
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/registerAdmin.jsp
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/user.jsp
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/admin/userDetails.jsp
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/login.jsp
Modified:
maven/archiva/trunk/archiva-webapp/pom.xml
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/interceptor/ConfigurationInterceptor.java
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryAccess.java
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryMapping.java
maven/archiva/trunk/archiva-webapp/src/main/resources/xwork.xml
maven/archiva/trunk/archiva-webapp/src/main/webapp/ (props changed)
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/ (props changed)
maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp
Modified: maven/archiva/trunk/archiva-webapp/pom.xml
URL: http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/pom.xml?view=diff&rev=447657&r1=447656&r2=447657
==============================================================================
--- maven/archiva/trunk/archiva-webapp/pom.xml (original)
+++ maven/archiva/trunk/archiva-webapp/pom.xml Mon Sep 18 17:39:24 2006
@@ -120,8 +120,8 @@
<groupId>plexus</groupId>
<artifactId>plexus-utils</artifactId>
</exclusion>
- </exclusions>
- </dependency>
+ </exclusions>
+ </dependency>
<!-- Plexus Security Dependencies -->
<dependency>
<groupId>org.codehaus.plexus.security</groupId>
@@ -132,6 +132,12 @@
<groupId>org.codehaus.plexus.security</groupId>
<artifactId>plexus-security-ui-web</artifactId>
<version>1.0-SNAPSHOT</version>
+ <type>war</type>
+ </dependency>
+ <dependency>
+ <groupId>org.codehaus.plexus.security</groupId>
+ <artifactId>plexus-security-ui-web-integration</artifactId>
+ <version>1.0-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.codehaus.plexus.security</groupId>
@@ -214,6 +220,52 @@
<build>
<plugins>
<plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-clean-plugin</artifactId>
+ <version>2.1.1-20060724.192148-1</version>
+ <!-- This configuration is added to cleanup from war:inplace -->
+ <configuration>
+ <filesets>
+ <fileset>
+ <directory>${basedir}/</directory>
+ <includes>
+ <include>derby.log</include>
+ </includes>
+ </fileset>
+ <fileset>
+ <directory>${basedir}/src/main/webapp</directory>
+ <includes>
+ <include>META-INF</include>
+ <include>WEB-INF/classes</include>
+ <include>WEB-INF/lib</include>
+ <include>WEB-INF/database</include>
+ <include>WEB-INF/logs</include>
+ <include>WEB-INF/temp</include>
+ <include>WEB-INF/jsp/pss</include>
+ </includes>
+ </fileset>
+ </filesets>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-war-plugin</artifactId>
+ <version>2.0.1</version>
+ <configuration>
+ <archiveClasses>true</archiveClasses>
+ <dependentWarExcludes>WEB-INF/web.xml,WEB-INF/classes/xwork.xml</dependentWarExcludes>
+ </configuration>
+ <executions>
+ <execution>
+ <phase>compile</phase>
+ <goals>
+ <!-- Needed to get the plexus-security war overlay to do its thing before jetty:run -->
+ <goal>inplace</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ <plugin>
<groupId>org.mortbay.jetty</groupId>
<artifactId>maven-jetty-plugin</artifactId>
<configuration>
@@ -284,4 +336,22 @@
<url>http://snapshots.repository.codehaus.org</url>
</repository>
</repositories>
+ <pluginRepositories>
+ <pluginRepository>
+ <id>codehaus.org</id>
+ <name>Codehaus Snapshot Development Repository</name>
+ <url>http://snapshots.repository.codehaus.org/</url>
+ <releases>
+ <enabled>false</enabled>
+ </releases>
+ </pluginRepository>
+ <pluginRepository>
+ <id>apache.org</id>
+ <name>Apache Snapshot Repository</name>
+ <url>http://people.apache.org/repo/m2-snapshot-repository</url>
+ <releases>
+ <enabled>false</enabled>
+ </releases>
+ </pluginRepository>
+ </pluginRepositories>
</project>
Modified: maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/interceptor/ConfigurationInterceptor.java
URL: http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/interceptor/ConfigurationInterceptor.java?view=diff&rev=447657&r1=447656&r2=447657
==============================================================================
--- maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/interceptor/ConfigurationInterceptor.java (original)
+++ maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/interceptor/ConfigurationInterceptor.java Mon Sep 18 17:39:24 2006
@@ -59,11 +59,11 @@
throws Exception
{
- if ( rbacManager.getAllUserAssignments().size() == 0 )
- {
- getLogger().info( "no accounts setup, create user account, forwarding to registration" );
- return "admin-account-needed";
- }
+// if ( rbacManager.getAllUserAssignments().size() == 0 )
+// {
+// getLogger().info( "no accounts setup, create user account, forwarding to registration" );
+// return "admin-account-needed";
+// }
Configuration configuration = configurationStore.getConfigurationFromStore();
Modified: maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryAccess.java
URL: http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryAccess.java?view=diff&rev=447657&r1=447656&r2=447657
==============================================================================
--- maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryAccess.java (original)
+++ maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryAccess.java Mon Sep 18 17:39:24 2006
@@ -27,6 +27,8 @@
import org.codehaus.plexus.security.authentication.AuthenticationException;
import org.codehaus.plexus.security.authentication.AuthenticationResult;
import org.codehaus.plexus.security.authorization.AuthorizationException;
+import org.codehaus.plexus.security.policy.AccountLockedException;
+import org.codehaus.plexus.security.policy.MustChangePasswordException;
import org.codehaus.plexus.security.system.SecuritySession;
import org.codehaus.plexus.security.system.SecuritySystem;
import org.codehaus.plexus.security.ui.web.filter.authentication.HttpAuthenticator;
@@ -157,6 +159,16 @@
getLogger().error( "Fatal Http Authentication Error.", e );
throw new ServletException( "Fatal Http Authentication Error.", e );
}
+ catch ( AccountLockedException e )
+ {
+ httpAuth.challenge( request, response, "Repository " + repoconfig.getName(),
+ new AuthenticationException("User account is locked") );
+ }
+ catch ( MustChangePasswordException e )
+ {
+ httpAuth.challenge( request, response, "Repository " + repoconfig.getName(),
+ new AuthenticationException("You must change your password before you can attempt this again.") );
+ }
// Authorization Tests.
@@ -179,7 +191,8 @@
if ( !isAuthorized )
{
// Issue HTTP Challenge.
- httpAuth.challenge( request, response, "Repository " + repoconfig.getName(), null );
+ httpAuth.challenge( request, response, "Repository " + repoconfig.getName(),
+ new AuthenticationException("Authorization Denied.") );
return;
}
}
Modified: maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryMapping.java
URL: http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryMapping.java?view=diff&rev=447657&r1=447656&r2=447657
==============================================================================
--- maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryMapping.java (original)
+++ maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryMapping.java Mon Sep 18 17:39:24 2006
@@ -77,6 +77,6 @@
message = "Resource modified";
break;
}
- logger.debug(message + ": " + this.repositoryConfiguration.getId() + " : \"" + resource.getRelativePath() + "\"");
+ logger.info(message + ": " + this.repositoryConfiguration.getId() + " : \"" + resource.getRelativePath() + "\"");
}
}
Modified: maven/archiva/trunk/archiva-webapp/src/main/resources/xwork.xml
URL: http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/resources/xwork.xml?view=diff&rev=447657&r1=447656&r2=447657
==============================================================================
--- maven/archiva/trunk/archiva-webapp/src/main/resources/xwork.xml (original)
+++ maven/archiva/trunk/archiva-webapp/src/main/resources/xwork.xml Mon Sep 18 17:39:24 2006
@@ -23,25 +23,22 @@
<!-- Include webwork defaults (from WebWork JAR). -->
<include file="webwork-default.xml"/>
+ <!-- Include plexus-security xwork configurations. -->
+ <include file="xwork-security.xml" />
+
<package name="base" extends="webwork-default">
<interceptors>
<interceptor name="configuration" class="configurationInterceptor"/>
-<!-- commenting this out for now because some people are having CNFE for this interceptor, which I can't reproduce atm.
<interceptor name="pssSecureActions" class="pssSecureActionInterceptor"/>
--->
<interceptor-stack name="configuredStack">
<interceptor-ref name="defaultStack"/>
<interceptor-ref name="configuration"/>
-<!--
<interceptor-ref name="pssSecureActions"/>
--->
</interceptor-stack>
<interceptor-stack name="configuredPrepareParamsStack">
<interceptor-ref name="paramsPrepareParamsStack"/>
<interceptor-ref name="configuration"/>
-<!--
<interceptor-ref name="pssSecureActions"/>
--->
</interceptor-stack>
</interceptors>
@@ -55,19 +52,30 @@
<param name="namespace">/admin</param>
<param name="actionName">configure</param>
</result>
- <result name="admin-account-needed" type="redirect-action">
- <param name="namespace">/admin</param>
- <param name="actionName">registerAdminAccount</param>
- <param name="method">input</param>
- </result>
+
+ <!-- This redirect is triggered by the configuration interceptor -->
<result name="config-repository-needed" type="redirect-action">
<param name="namespace">/admin</param>
<param name="actionName">addRepository</param>
<param name="method">input</param>
</result>
- <result name="error">/WEB-INF/jsp/generalError.jsp</result>
+
+ <!-- The following security-* result names arrive from the plexus-security package -->
+ <result name="security-login-success" type="redirect-action">browse</result>
+ <result name="security-login-cancel" type="redirect-action">browse</result>
+ <result name="security-logout" type="redirect-action">browse</result>
+ <result name="security-register-success" type="redirect-action">browse</result>
+ <result name="security-register-cancel" type="redirect-action">browse</result>
+ <result name="security-account-success" type="redirect-action">browse</result>
+ <result name="security-account-cancel" type="redirect-action">browse</result>
+
+ <!-- These results are names that the SecuredActionInterceptor utilizes -->
<result name="requires-authentication">/WEB-INF/jsp/alert.jsp</result>
<result name="requires-authorization">/WEB-INF/jsp/alert.jsp</result>
+
+ <!-- Generic Catchall for those action configurations that forget to
+ include a result for 'error' -->
+ <result name="error">/WEB-INF/jsp/generalError.jsp</result>
</global-results>
</package>
@@ -78,14 +86,19 @@
<interceptor-stack name="configuredStack">
<interceptor-ref name="defaultStack"/>
<interceptor-ref name="configuration"/>
-<!--
<interceptor-ref name="pssSecureActions"/>
--->
</interceptor-stack>
</interceptors>
<!-- Default interceptor stack. -->
<default-interceptor-ref name="configuredStack"/>
+
+ <!-- This is the redirection facility for plexus-security,
+ allowing plexus-security to call out from its own set of actions
+ into the application webapp, using global result names. -->
+ <action name="pssRedirect" class="pss-redirect" method="redirect">
+ <result type="redirect-action">browse</result>
+ </action>
<action name="index" class="searchAction" method="input">
<result name="input">/WEB-INF/jsp/quickSearch.jsp</result>
@@ -147,34 +160,11 @@
</result>
<result name="notFound" type="httpheader">404</result>
</action>
-
- <!-- plexus security actions -->
- <action name="login" class="plexusSecurityLogin" method="login">
- <result name="input">/WEB-INF/jsp/login.jsp</result>
- <result name="error">/WEB-INF/jsp/login.jsp</result>
- <result name="success" type="redirect-action">browse</result>
- </action>
-
- <action name="logout" class="plexusSecurityLogin" method="logout">
- <result name="success">/WEB-INF/jsp/logout.jsp</result>
- </action>
-
- <action name="register" class="newUser" method="createUser">
- <result name="input">/WEB-INF/jsp/register.jsp</result>
- <result name="success">/WEB-INF/jsp/register.jsp</result>
- <result name="error">/WEB-INF/jsp/register.jsp</result>
- </action>
</package>
<!-- Configuration for the admin package. -->
<package name="admin" namespace="/admin" extends="base">
- <action name="registerAdminAccount" class="newUser" method="createAdminUser">
- <result name="input">/WEB-INF/jsp/admin/registerAdmin.jsp</result>
- <result name="error">/WEB-INF/jsp/admin/registerAdmin.jsp</result>
- <result type="redirect-action">index</result>
- <interceptor-ref name="defaultStack"/>
- </action>
-
+
<action name="index" class="configureAction" method="input">
<result name="input">/WEB-INF/jsp/admin/index.jsp</result>
</action>
@@ -269,35 +259,6 @@
<result name="wait" type="redirect">/admin/reports.action?reportGroup=${reportGroup}&repositoryId=${repositoryId}&filter=${filter}</result>
<result name="success" type="redirect">/admin/reports.action?reportGroup=${reportGroup}&repositoryId=${repositoryId}&filter=${filter}</result>
</action>
-
-
- <action name="user" class="userManagement">
- <result name="success">/WEB-INF/jsp/admin/user.jsp</result>
- <result name="input" type="redirect-action">userManagement</result>
- <interceptor-ref name="configuredPrepareParamsStack"/>
- </action>
-
- <!-- plexus security actions -->
- <!--
- <action name="userDetails" class="userManagement" method="save">
- <result name="input">/WEB-INF/jsp/admin/userDetails.jsp</result>
- <result name="success" type="chain">user</result>
- <interceptor-ref name="configuredPrepareParamsStack"/>
- </action>
- -->
- <action name="userManagement" class="userManagement" method="findUser">
- <result name="input">/WEB-INF/jsp/admin/findUser.jsp</result>
- <result name="success" type="redirect-action">user</result>
- </action>
-
- <action name="assignRoleToUser" class="plexusSecurityUserAssignment" method="assignRole">
- <result name="success" type="redirect-action">user</result>
- </action>
-
- <action name="removeRoleFromUser" class="plexusSecurityUserAssignment" method="removeRole">
- <result name="success" type="redirect-action">user</result>
- </action>
-
</package>
</xwork>
Propchange: maven/archiva/trunk/archiva-webapp/src/main/webapp/
------------------------------------------------------------------------------
--- svn:ignore (original)
+++ svn:ignore Mon Sep 18 17:39:24 2006
@@ -1 +1,2 @@
-archiva-applet.jar
+META-INF
+archiva-*.jar
Propchange: maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Mon Sep 18 17:39:24 2006
@@ -0,0 +1 @@
+pss
Modified: maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp
URL: http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp?view=diff&rev=447657&r1=447656&r2=447657
==============================================================================
--- maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp (original)
+++ maven/archiva/trunk/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp Mon Sep 18 17:39:24 2006
@@ -59,23 +59,7 @@
<div id="breadcrumbs">
<div class="xleft">
- <ww:url id="loginUrl" action="login" method="input" namespace="/" includeParams="none"/>
- <ww:url id="registerUrl" action="register" method="input" namespace="/" includeParams="none"/>
-
- <ww:if test="${sessionScope.authStatus != true}">
- <ww:a href="%{loginUrl}">Login</ww:a> - <ww:a href="%{registerUrl}">Register</ww:a>
-
- </ww:if>
- <ww:else>
- <ww:url id="logoutUrl" action="logout" namespace="/" includeParams="none"/>
- <ww:url id="manageUserUrl" action="user" namespace="/admin">
- <ww:param name="username">${sessionScope.SecuritySessionUser.username}</ww:param>
- </ww:url>
-
- Welcome, <b>${sessionScope.SecuritySessionUser.username}</b> -
- <ww:a href="%{manageUserUrl}">Settings</ww:a> -
- <ww:a href="%{logoutUrl}">Logout</ww:a>
- </ww:else>
+ <c:import url="/WEB-INF/jsp/pss/include/securityLinks.jspf" />
</div>
<div class="xright">