You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@archiva.apache.org by ol...@apache.org on 2012/04/06 11:59:32 UTC
svn commit: r1310268 [7/42] - in /archiva/redback/redback-core/trunk: ./
redback-authentication/ redback-authentication/redback-authentication-api/
redback-authentication/redback-authentication-api/src/
redback-authentication/redback-authentication-api...
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/MailtoCell.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/MailtoCell.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/MailtoCell.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/MailtoCell.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,45 @@
+package org.codehaus.redback.integration.eXc;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.commons.lang.StringUtils;
+import org.extremecomponents.table.bean.Column;
+import org.extremecomponents.table.cell.AbstractCell;
+import org.extremecomponents.table.core.TableModel;
+
+/**
+ * MailtoCell
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public class MailtoCell
+ extends AbstractCell
+{
+
+ protected String getCellValue( TableModel model, Column column )
+ {
+ String value = column.getPropertyValueAsString();
+ if ( StringUtils.isBlank( value ) )
+ {
+ return "";
+ }
+
+ return "<a href=\"mailto:" + value + "\">" + value + "</a>";
+ }
+
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/MailtoCell.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/MailtoCell.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/ProcessUserRowsCallback.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/ProcessUserRowsCallback.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/ProcessUserRowsCallback.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/ProcessUserRowsCallback.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,62 @@
+package org.codehaus.redback.integration.eXc;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import java.util.Collection;
+import java.util.Collections;
+import java.util.List;
+
+import org.codehaus.redback.integration.util.UserComparator;
+import org.extremecomponents.table.callback.ProcessRowsCallback;
+import org.extremecomponents.table.core.TableConstants;
+import org.extremecomponents.table.core.TableModel;
+import org.extremecomponents.table.limit.Sort;
+
+/**
+ * ProcessUserRowsCallback - Efficient and safe sort callback for user manager provided user lists.
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public class ProcessUserRowsCallback
+ extends ProcessRowsCallback
+{
+
+ @SuppressWarnings("unchecked")
+ public Collection sortRows( TableModel model, Collection rows )
+ throws Exception
+ {
+ boolean sorted = model.getLimit().isSorted();
+
+ if ( !sorted )
+ {
+ return rows;
+ }
+
+ Sort sort = model.getLimit().getSort();
+ String property = sort.getProperty();
+ String sortOrder = sort.getSortOrder();
+
+ System.out.println( "SORTING: " + property + " - " + sortOrder );
+
+ UserComparator comparator = new UserComparator( property, TableConstants.SORT_ASC.equals( sortOrder ) );
+ Collections.sort( (List) rows, comparator );
+
+ return rows;
+ }
+
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/ProcessUserRowsCallback.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/ProcessUserRowsCallback.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/SecurityFilterCell.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/SecurityFilterCell.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/SecurityFilterCell.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/SecurityFilterCell.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,112 @@
+package org.codehaus.redback.integration.eXc;
+
+/*
+ * Copyright 2001-2007 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.commons.lang.StringUtils;
+import org.extremecomponents.table.bean.Column;
+import org.extremecomponents.table.cell.Cell;
+import org.extremecomponents.table.core.TableConstants;
+import org.extremecomponents.table.core.TableModel;
+import org.extremecomponents.table.view.html.TableActions;
+import org.extremecomponents.util.HtmlBuilder;
+
+/**
+ * SecurityFilterCell
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public class SecurityFilterCell
+ implements Cell
+{
+ public String getExportDisplay( TableModel model, Column column )
+ {
+ return null;
+ }
+
+ public String getHtmlDisplay( TableModel model, Column column )
+ {
+ HtmlBuilder html = new HtmlBuilder();
+
+ html.td( 2 );
+
+ if ( StringUtils.isNotEmpty( column.getFilterClass() ) )
+ {
+ html.styleClass( column.getFilterClass() );
+ }
+
+ if ( StringUtils.isNotEmpty( column.getFilterStyle() ) )
+ {
+ html.style( column.getFilterStyle() );
+ }
+
+ if ( StringUtils.isNotEmpty( column.getWidth() ) )
+ {
+ html.width( column.getWidth() );
+ }
+
+ html.close();
+
+ html.div();
+ html.styleClass( "filterInputGroup" );
+ html.close();
+
+ if ( !column.isFilterable() )
+ {
+ html.append( "" );
+ }
+ else
+ {
+ html.append( input( model, column ) );
+ }
+
+ html.divEnd();
+
+ html.tdEnd();
+
+ return html.toString();
+ }
+
+ /**
+ * If the filter is specified the default is to use a <input type=text> tag.
+ */
+ private String input( TableModel model, Column column )
+ {
+ HtmlBuilder html = new HtmlBuilder();
+
+ html.input( "text" );
+ html.name( model.getTableHandler().prefixWithTableId() + TableConstants.FILTER + column.getAlias() );
+
+ html.title( "Filter by " + column.getTitle() );
+
+ String value = column.getValueAsString();
+ if ( StringUtils.isNotBlank( value ) )
+ {
+ html.value( value );
+ }
+
+ StringBuffer onkeypress = new StringBuffer();
+ onkeypress.append( "if (event.keyCode == 13) {" );
+ onkeypress.append( new TableActions( model ).getFilterAction() );
+ onkeypress.append( "}" );
+ html.onkeypress( onkeypress.toString() );
+
+ html.xclose();
+
+ return html.toString();
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/SecurityFilterCell.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/SecurityFilterCell.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/views/SecurityToolbar.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/views/SecurityToolbar.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/views/SecurityToolbar.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/views/SecurityToolbar.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,166 @@
+package org.codehaus.redback.integration.eXc.views;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import java.util.Iterator;
+
+import org.extremecomponents.table.bean.Export;
+import org.extremecomponents.table.core.TableModel;
+import org.extremecomponents.table.view.html.BuilderConstants;
+import org.extremecomponents.table.view.html.BuilderUtils;
+import org.extremecomponents.table.view.html.StatusBarBuilder;
+import org.extremecomponents.table.view.html.ToolbarBuilder;
+import org.extremecomponents.table.view.html.TwoColumnRowLayout;
+import org.extremecomponents.util.HtmlBuilder;
+
+/**
+ * SecurityToolbar
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public class SecurityToolbar
+ extends TwoColumnRowLayout
+{
+ public SecurityToolbar( HtmlBuilder html, TableModel model )
+ {
+ super( html, model );
+ }
+
+ protected boolean showLayout( TableModel model )
+ {
+ boolean showStatusBar = BuilderUtils.showStatusBar( model );
+ boolean filterable = BuilderUtils.filterable( model );
+ boolean showExports = BuilderUtils.showExports( model );
+ boolean showPagination = BuilderUtils.showPagination( model );
+ boolean showTitle = BuilderUtils.showTitle( model );
+ if ( !showStatusBar && !filterable && !showExports && !showPagination && !showTitle )
+ {
+ return false;
+ }
+
+ return true;
+ }
+
+ protected void columnLeft( HtmlBuilder html, TableModel model )
+ {
+ boolean showStatusBar = BuilderUtils.showStatusBar( model );
+ if ( !showStatusBar )
+ {
+ return;
+ }
+
+ html.td( 4 ).styleClass( BuilderConstants.STATUS_BAR_CSS ).close();
+
+ new StatusBarBuilder( html, model ).statusMessage();
+
+ html.tdEnd();
+ }
+
+ @SuppressWarnings("unchecked")
+ protected void columnRight( HtmlBuilder html, TableModel model )
+ {
+ boolean filterable = BuilderUtils.filterable( model );
+ boolean showPagination = BuilderUtils.showPagination( model );
+ boolean showExports = BuilderUtils.showExports( model );
+
+ ToolbarBuilder toolbarBuilder = new ToolbarBuilder( html, model );
+
+ html.td( 4 ).styleClass( BuilderConstants.COMPACT_TOOLBAR_CSS ).align( "right" ).close();
+
+ html.table( 4 ).border( "0" ).cellPadding( "1" ).cellSpacing( "2" ).close();
+ html.tr( 5 ).close();
+
+ if ( showPagination )
+ {
+ html.td( 5 ).close();
+ html.append( "Navigation:" );
+ html.tdEnd();
+
+ html.td( 5 ).close();
+ toolbarBuilder.firstPageItemAsImage();
+ html.tdEnd();
+
+ html.td( 5 ).close();
+ toolbarBuilder.prevPageItemAsImage();
+ html.tdEnd();
+
+ html.td( 5 ).close();
+ toolbarBuilder.nextPageItemAsImage();
+ html.tdEnd();
+
+ html.td( 5 ).close();
+ toolbarBuilder.lastPageItemAsImage();
+ html.tdEnd();
+
+ html.td( 5 ).close();
+ toolbarBuilder.separator();
+ html.tdEnd();
+
+ html.td( 5 ).close();
+ html.append( "Display Rows:" );
+ html.tdEnd();
+
+ html.td( 5 ).close();
+ toolbarBuilder.rowsDisplayedDroplist();
+ html.tdEnd();
+
+ if ( showExports )
+ {
+ html.td( 5 ).close();
+ toolbarBuilder.separator();
+ html.tdEnd();
+ }
+ }
+
+ if ( showExports )
+ {
+ Iterator iterator = model.getExportHandler().getExports().iterator();
+ for ( Iterator iter = iterator; iter.hasNext(); )
+ {
+ html.td( 5 ).close();
+ Export export = (Export) iter.next();
+ toolbarBuilder.exportItemAsImage( export );
+ html.tdEnd();
+ }
+ }
+
+ if ( filterable )
+ {
+ if ( showExports || showPagination )
+ {
+ html.td( 5 ).close();
+ toolbarBuilder.separator();
+ html.tdEnd();
+ }
+
+ html.td( 5 ).close();
+ toolbarBuilder.filterItemAsButton();
+ html.tdEnd();
+
+ html.td( 5 ).close();
+ toolbarBuilder.clearItemAsButton();
+ html.tdEnd();
+ }
+
+ html.trEnd( 5 );
+
+ html.tableEnd( 4 );
+
+ html.tdEnd();
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/views/SecurityToolbar.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/views/SecurityToolbar.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/views/SecurityView.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/views/SecurityView.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/views/SecurityView.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/views/SecurityView.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,64 @@
+package org.codehaus.redback.integration.eXc.views;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.extremecomponents.table.core.TableModel;
+import org.extremecomponents.table.view.AbstractHtmlView;
+import org.extremecomponents.util.HtmlBuilder;
+
+/**
+ * SecurityView
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public class SecurityView
+ extends AbstractHtmlView
+{
+ protected void beforeBodyInternal( TableModel model )
+ {
+ getTableBuilder().tableStart();
+
+ getTableBuilder().theadStart();
+
+ getTableBuilder().titleRowSpanColumns();
+
+ navigationToolbar( getHtmlBuilder(), getTableModel() );
+
+ getTableBuilder().headerRow();
+
+ getTableBuilder().theadEnd();
+
+ getTableBuilder().filterRow();
+
+ getTableBuilder().tbodyStart();
+ }
+
+ protected void afterBodyInternal( TableModel model )
+ {
+ getCalcBuilder().defaultCalcLayout();
+
+ getTableBuilder().tbodyEnd();
+
+ getTableBuilder().tableEnd();
+ }
+
+ protected void navigationToolbar( HtmlBuilder html, TableModel model )
+ {
+ new SecurityToolbar( html, model ).layout();
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/views/SecurityView.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/eXc/views/SecurityView.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/SpringServletFilter.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/SpringServletFilter.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/SpringServletFilter.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/SpringServletFilter.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,53 @@
+package org.codehaus.redback.integration.filter;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.springframework.context.ApplicationContext;
+import org.springframework.web.context.support.WebApplicationContextUtils;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+
+/**
+ * SpringServletFilter
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public abstract class SpringServletFilter
+ implements Filter
+{
+ private ApplicationContext applicationContext;
+
+ public void destroy()
+ {
+ // Do nothing here.
+ }
+
+ protected ApplicationContext getApplicationContext()
+ {
+ return applicationContext;
+ }
+
+ public void init( FilterConfig filterConfig )
+ throws ServletException
+ {
+ applicationContext = WebApplicationContextUtils.getWebApplicationContext( filterConfig.getServletContext() );
+
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/SpringServletFilter.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/SpringServletFilter.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/AbstractHttpAuthenticationFilter.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/AbstractHttpAuthenticationFilter.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/AbstractHttpAuthenticationFilter.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/AbstractHttpAuthenticationFilter.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,50 @@
+package org.codehaus.redback.integration.filter.authentication;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+
+import org.codehaus.redback.integration.filter.SpringServletFilter;
+
+/**
+ * AbstractHttpAuthenticationFilter
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public abstract class AbstractHttpAuthenticationFilter
+ extends SpringServletFilter
+{
+ private String realmName;
+
+ public void init( FilterConfig filterConfig )
+ throws ServletException
+ {
+ realmName = filterConfig.getInitParameter( "realm-name" );
+ }
+
+ public String getRealmName()
+ {
+ return realmName;
+ }
+
+ public void setRealmName( String realmName )
+ {
+ this.realmName = realmName;
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/AbstractHttpAuthenticationFilter.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/AbstractHttpAuthenticationFilter.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/HttpAuthenticationException.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/HttpAuthenticationException.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/HttpAuthenticationException.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/HttpAuthenticationException.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,51 @@
+package org.codehaus.redback.integration.filter.authentication;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.codehaus.plexus.redback.authentication.AuthenticationException;
+
+/**
+ * HttpAuthenticationException
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public class HttpAuthenticationException
+ extends AuthenticationException
+{
+
+ public HttpAuthenticationException()
+ {
+ super();
+ }
+
+ public HttpAuthenticationException( String message, Throwable cause )
+ {
+ super( message, cause );
+ }
+
+ public HttpAuthenticationException( String message )
+ {
+ super( message );
+ }
+
+ public HttpAuthenticationException( Throwable cause )
+ {
+ super( cause );
+ }
+
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/HttpAuthenticationException.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/HttpAuthenticationException.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/HttpAuthenticator.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/HttpAuthenticator.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/HttpAuthenticator.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/HttpAuthenticator.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,200 @@
+package org.codehaus.redback.integration.filter.authentication;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.codehaus.plexus.redback.authentication.AuthenticationDataSource;
+import org.codehaus.plexus.redback.authentication.AuthenticationException;
+import org.codehaus.plexus.redback.authentication.AuthenticationResult;
+import org.codehaus.plexus.redback.policy.AccountLockedException;
+import org.codehaus.plexus.redback.policy.MustChangePasswordException;
+import org.codehaus.plexus.redback.system.SecuritySession;
+import org.codehaus.plexus.redback.system.SecuritySystem;
+import org.codehaus.plexus.redback.system.SecuritySystemConstants;
+import org.codehaus.plexus.redback.users.User;
+import org.codehaus.plexus.redback.users.UserNotFoundException;
+import org.codehaus.plexus.util.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.inject.Inject;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.io.IOException;
+
+/**
+ * HttpAuthenticator
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public abstract class HttpAuthenticator
+{
+ protected Logger log = LoggerFactory.getLogger( getClass() );
+
+ @Inject
+ protected SecuritySystem securitySystem;
+
+ /**
+ * The Public Face of the Authenticator.
+ *
+ * @throws MustChangePasswordException
+ * @throws AccountLockedException
+ */
+ public AuthenticationResult authenticate( AuthenticationDataSource ds, HttpSession httpSession )
+ throws AuthenticationException, AccountLockedException, MustChangePasswordException
+ {
+ try
+ {
+ SecuritySession securitySession = securitySystem.authenticate( ds );
+
+ setSecuritySession( securitySession, httpSession );
+
+ return securitySession.getAuthenticationResult();
+ }
+ catch ( AuthenticationException e )
+ {
+ String msg = "Unable to authenticate user: " + ds;
+ log.info( msg, e );
+ throw new HttpAuthenticationException( msg, e );
+ }
+ catch ( UserNotFoundException e )
+ {
+ log.info( "Login attempt against unknown user: {}", ds );
+ throw new HttpAuthenticationException( "User name or password invalid." );
+ }
+ }
+
+ /**
+ * Entry point for a Filter.
+ *
+ * @param request
+ * @param response
+ * @throws AuthenticationException
+ */
+ public void authenticate( HttpServletRequest request, HttpServletResponse response )
+ throws AuthenticationException
+ {
+ try
+ {
+ AuthenticationResult result = getAuthenticationResult( request, response );
+
+ if ( ( result == null ) || ( !result.isAuthenticated() ) )
+ {
+ throw new HttpAuthenticationException( "You are not authenticated." );
+ }
+ }
+ catch ( AccountLockedException e )
+ {
+ throw new HttpAuthenticationException( "Your account is locked.", e );
+ }
+ catch ( MustChangePasswordException e )
+ {
+ throw new HttpAuthenticationException( "You must change your password.", e );
+ }
+
+ }
+
+ /**
+ * Issue a Challenge Response back to the HTTP Client.
+ *
+ * @param request
+ * @param response
+ * @param realmName
+ * @param exception
+ * @throws IOException
+ */
+ public abstract void challenge( HttpServletRequest request, HttpServletResponse response, String realmName,
+ AuthenticationException exception )
+ throws IOException;
+
+ /**
+ * Parse the incoming request and return an AuthenticationResult.
+ *
+ * @param request
+ * @param response
+ * @return null if no http auth credentials, or the actual authentication result based on the credentials.
+ * @throws AuthenticationException
+ * @throws MustChangePasswordException
+ * @throws AccountLockedException
+ */
+ public abstract AuthenticationResult getAuthenticationResult( HttpServletRequest request,
+ HttpServletResponse response )
+ throws AuthenticationException, AccountLockedException, MustChangePasswordException;
+
+
+ public User getSessionUser( HttpSession httpSession )
+ {
+ return (User) httpSession.getAttribute( SecuritySession.USERKEY );
+ }
+
+ public boolean isAlreadyAuthenticated( HttpSession httpSession )
+ {
+ User user = getSessionUser( httpSession );
+
+ return ( ( user != null ) && !user.isLocked() && !user.isPasswordChangeRequired() );
+ }
+
+ public SecuritySession getSecuritySession( HttpSession httpSession )
+ {
+ SecuritySession securitySession = (SecuritySession) httpSession.getAttribute( SecuritySession.SESSION_KEY );
+ if ( securitySession != null )
+ {
+ return securitySession;
+ }
+ return (SecuritySession) httpSession.getAttribute( SecuritySystemConstants.SECURITY_SESSION_KEY );
+
+ }
+
+
+ public void setSecuritySession( SecuritySession session, HttpSession httpSession )
+ {
+ httpSession.setAttribute( SecuritySession.SESSION_KEY, session );
+ httpSession.setAttribute( SecuritySession.USERKEY, session.getUser() );
+ }
+
+ public void setSessionUser( User user, HttpSession httpSession )
+ {
+ httpSession.setAttribute( SecuritySession.SESSION_KEY, null );
+ httpSession.setAttribute( SecuritySession.USERKEY, user );
+ }
+
+ public String storeDefaultUser( String principal, HttpSession httpSession )
+ {
+ httpSession.setAttribute( SecuritySession.SESSION_KEY, null );
+ httpSession.setAttribute( SecuritySession.USERKEY, null );
+
+ if ( StringUtils.isEmpty( principal ) )
+ {
+ return null;
+ }
+
+ try
+ {
+ User user = securitySystem.getUserManager().findUser( principal );
+ httpSession.setAttribute( SecuritySession.USERKEY, user );
+
+ return user.getPrincipal().toString();
+
+ }
+ catch ( UserNotFoundException e )
+ {
+ log.warn( "Default User '" + principal + "' not found.", e );
+ return null;
+ }
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/HttpAuthenticator.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/HttpAuthenticator.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/basic/HttpBasicAuthentication.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/basic/HttpBasicAuthentication.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/basic/HttpBasicAuthentication.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/basic/HttpBasicAuthentication.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,116 @@
+package org.codehaus.redback.integration.filter.authentication.basic;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import java.io.IOException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import org.apache.commons.codec.binary.Base64;
+import org.codehaus.plexus.redback.authentication.AuthenticationException;
+import org.codehaus.plexus.redback.authentication.AuthenticationResult;
+import org.codehaus.plexus.redback.authentication.PasswordBasedAuthenticationDataSource;
+import org.codehaus.plexus.redback.policy.AccountLockedException;
+import org.codehaus.plexus.redback.policy.MustChangePasswordException;
+import org.codehaus.plexus.redback.system.SecuritySession;
+import org.codehaus.plexus.util.StringUtils;
+import org.codehaus.redback.integration.filter.authentication.HttpAuthenticator;
+import org.springframework.stereotype.Service;
+
+/**
+ * HttpBasicAuthentication
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+@Service("httpAuthenticator#basic")
+public class HttpBasicAuthentication
+ extends HttpAuthenticator
+{
+
+ public String getId()
+ {
+ return HttpBasicAuthentication.class.getName();
+ }
+
+ public AuthenticationResult getAuthenticationResult( HttpServletRequest request, HttpServletResponse response )
+ throws AuthenticationException, AccountLockedException, MustChangePasswordException
+ {
+ HttpSession httpSession = request.getSession( true );
+ SecuritySession securitySession = getSecuritySession( httpSession );
+ if ( securitySession != null )
+ {
+ return securitySession.getAuthenticationResult();
+ }
+
+ PasswordBasedAuthenticationDataSource authDataSource;
+ String header = request.getHeader( "Authorization" );
+
+ // in tomcat this is : authorization=Basic YWRtaW46TWFuYWdlMDc=
+ if ( header == null )
+ {
+ header = request.getHeader( "authorization" );
+ }
+
+ if ( ( header != null ) && header.startsWith( "Basic " ) )
+ {
+ String base64Token = header.substring( 6 );
+ String token = new String( Base64.decodeBase64( base64Token.getBytes() ) );
+
+ String username = "";
+ String password = "";
+ int delim = token.indexOf( ':' );
+
+ if ( delim != ( -1 ) )
+ {
+ username = token.substring( 0, delim );
+ password = token.substring( delim + 1 );
+ }
+
+ authDataSource = new PasswordBasedAuthenticationDataSource( username, password );
+ return super.authenticate( authDataSource, httpSession );
+ }
+ else
+ {
+ return null;
+ }
+ }
+
+ /**
+ * Return a HTTP 403 - Access Denied response.
+ *
+ * @param request the request to use.
+ * @param response the response to use.
+ * @param realmName the realm name to state.
+ * @param exception the exception to base the message off of.
+ * @throws IOException if there was a problem with the {@link HttpServletResponse#sendError(int,String)} call.
+ */
+ public void challenge( HttpServletRequest request, HttpServletResponse response, String realmName,
+ AuthenticationException exception )
+ throws IOException
+ {
+ response.addHeader( "WWW-Authenticate", "Basic realm=\"" + realmName + "\"" );
+ String message = "You must provide a username and password to access this resource.";
+ if ( ( exception != null ) && StringUtils.isNotEmpty( exception.getMessage() ) )
+ {
+ message = exception.getMessage();
+ }
+ response.sendError( HttpServletResponse.SC_UNAUTHORIZED, message );
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/basic/HttpBasicAuthentication.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/basic/HttpBasicAuthentication.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/basic/HttpBasicAuthenticationFilter.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/basic/HttpBasicAuthenticationFilter.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/basic/HttpBasicAuthenticationFilter.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/basic/HttpBasicAuthenticationFilter.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,81 @@
+package org.codehaus.redback.integration.filter.authentication.basic;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.codehaus.plexus.redback.authentication.AuthenticationException;
+import org.codehaus.redback.integration.filter.authentication.AbstractHttpAuthenticationFilter;
+import org.codehaus.redback.integration.filter.authentication.HttpAuthenticator;
+
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * HttpBasicAuthenticationFilter
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public class HttpBasicAuthenticationFilter
+ extends AbstractHttpAuthenticationFilter
+{
+ private HttpAuthenticator httpAuthentication;
+
+ @Override
+ public void init( FilterConfig filterConfig )
+ throws ServletException
+ {
+ super.init( filterConfig );
+
+ httpAuthentication = getApplicationContext().getBean( "httpAuthenticator#basic", HttpAuthenticator.class );
+ }
+
+ public void doFilter( ServletRequest request, ServletResponse response, FilterChain chain )
+ throws IOException, ServletException
+ {
+ if ( !( request instanceof HttpServletRequest ) )
+ {
+ throw new ServletException( "Can only process HttpServletRequest" );
+ }
+
+ if ( !( response instanceof HttpServletResponse ) )
+ {
+ throw new ServletException( "Can only process HttpServletResponse" );
+ }
+
+ HttpServletRequest httpRequest = (HttpServletRequest) request;
+ HttpServletResponse httpResponse = (HttpServletResponse) response;
+
+ try
+ {
+ httpAuthentication.authenticate( httpRequest, httpResponse );
+ }
+ catch ( AuthenticationException e )
+ {
+ HttpAuthenticator httpauthn = new HttpBasicAuthentication();
+ httpauthn.challenge( httpRequest, httpResponse, getRealmName(), e );
+ return;
+ }
+
+ chain.doFilter( request, response );
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/basic/HttpBasicAuthenticationFilter.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/basic/HttpBasicAuthenticationFilter.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/Digest.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/Digest.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/Digest.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/Digest.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,48 @@
+package org.codehaus.redback.integration.filter.authentication.digest;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
+/**
+ * Digest
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ * @todo move to plexus-utils in future
+ */
+public class Digest
+{
+ public static String md5Hex( String data )
+ {
+ MessageDigest digest = getDigest( "MD5" );
+ return Hex.encode( digest.digest( data.getBytes() ) );
+ }
+
+ public static MessageDigest getDigest( String algorithm )
+ {
+ try
+ {
+ return MessageDigest.getInstance( algorithm );
+ }
+ catch ( NoSuchAlgorithmException e )
+ {
+ throw new RuntimeException( "Error initializing MessageDigest: " + e.getMessage(), e );
+ }
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/Digest.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/Digest.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/Hex.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/Hex.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/Hex.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/Hex.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,49 @@
+package org.codehaus.redback.integration.filter.authentication.digest;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * Hex
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ * @todo should probably move this to plexus-utils or plexus-security-common
+ */
+public class Hex
+{
+ private static final byte[] DIGITS = "0123456789abcdef".getBytes();
+
+ public static String encode( byte[] data )
+ {
+ int l = data.length;
+
+ byte[] raw = new byte[l * 2];
+
+ for ( int i = 0, j = 0; i < l; i++ )
+ {
+ raw[j++] = DIGITS[( 0xF0 & data[i] ) >>> 4];
+ raw[j++] = DIGITS[0x0F & data[i]];
+ }
+
+ return new String( raw );
+ }
+
+ public static String encode( String raw )
+ {
+ return encode( raw.getBytes() );
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/Hex.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/Hex.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/HttpDigestAuthentication.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/HttpDigestAuthentication.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/HttpDigestAuthentication.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/HttpDigestAuthentication.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,211 @@
+package org.codehaus.redback.integration.filter.authentication.digest;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.commons.codec.binary.Base64;
+import org.codehaus.plexus.redback.authentication.AuthenticationException;
+import org.codehaus.plexus.redback.authentication.AuthenticationResult;
+import org.codehaus.plexus.redback.authentication.TokenBasedAuthenticationDataSource;
+import org.codehaus.plexus.redback.policy.AccountLockedException;
+import org.codehaus.plexus.redback.policy.MustChangePasswordException;
+import org.codehaus.plexus.redback.users.User;
+import org.codehaus.plexus.redback.users.UserManager;
+import org.codehaus.plexus.redback.users.UserNotFoundException;
+import org.codehaus.plexus.util.StringUtils;
+import org.codehaus.redback.integration.filter.authentication.HttpAuthenticationException;
+import org.codehaus.redback.integration.filter.authentication.HttpAuthenticator;
+import org.springframework.stereotype.Service;
+
+import javax.inject.Inject;
+import javax.inject.Named;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.io.IOException;
+
+/**
+ * HttpDigestAuthentication methods for working with <a href="http://www.faqs.org/rfcs/rfc2617.html">RFC 2617 HTTP Authentication</a>.
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+@Service("httpAuthenticator#digest")
+public class HttpDigestAuthentication
+ extends HttpAuthenticator
+{
+ @Inject
+ @Named(value="userManager#configurable")
+ private UserManager userManager;
+
+ /**
+ *
+ */
+ private int nonceLifetimeSeconds = 300;
+
+ /**
+ * NOTE: Must be alphanumeric.
+ *
+ *
+ */
+ private String digestKey ="OrycteropusAfer";
+
+ private String realm;
+
+ public String getId()
+ {
+ return HttpDigestAuthentication.class.getName();
+ }
+
+ public AuthenticationResult getAuthenticationResult( HttpServletRequest request, HttpServletResponse response )
+ throws AuthenticationException, AccountLockedException, MustChangePasswordException
+ {
+ HttpSession httpSession = request.getSession( true );
+ if ( isAlreadyAuthenticated( httpSession ) )
+ {
+ return getSecuritySession( httpSession ).getAuthenticationResult();
+ }
+
+ TokenBasedAuthenticationDataSource authDataSource = new TokenBasedAuthenticationDataSource();
+ String authHeader = request.getHeader( "Authorization" );
+
+ // in tomcat this is : authorization=Basic YWRtaW46TWFuYWdlMDc=
+ if ( authHeader == null )
+ {
+ authHeader = request.getHeader( "authorization" );
+ }
+
+ if ( ( authHeader != null ) && authHeader.startsWith( "Digest " ) )
+ {
+ String rawDigestHeader = authHeader.substring( 7 );
+
+ HttpDigestHeader digestHeader = new HttpDigestHeader();
+ digestHeader.parseClientHeader( rawDigestHeader, getRealm(), digestKey );
+
+ // Lookup password for presented username
+ User user = findUser( digestHeader.username );
+ authDataSource.setPrincipal( user.getPrincipal().toString() );
+
+ String serverSideHash = generateDigestHash( digestHeader, user.getPassword(), request.getMethod() );
+
+ if ( !StringUtils.equals( serverSideHash, digestHeader.response ) )
+ {
+ throw new HttpAuthenticationException( "Digest response was invalid." );
+ }
+ }
+
+ return super.authenticate( authDataSource, httpSession );
+ }
+
+ public User findUser( String username )
+ throws HttpAuthenticationException
+ {
+ try
+ {
+ return userManager.findUser( username );
+ }
+ catch ( UserNotFoundException e )
+ {
+ String msg = "Unable to find primary user '" + username + "'.";
+ log.error( msg, e );
+ throw new HttpAuthenticationException( msg, e );
+ }
+ }
+
+ /**
+ * Issue HTTP Digest Authentication Challenge
+ *
+ * @param request the request to use.
+ * @param response the response to use.
+ * @param realmName the realm name to state.
+ * @param exception the exception to base the message off of.
+ * @throws IOException if there was a problem with the {@link HttpServletResponse#sendError(int,String)} call.
+ */
+ public void challenge( HttpServletRequest request, HttpServletResponse response, String realmName,
+ AuthenticationException exception )
+ throws IOException
+ {
+ // The Challenge Header
+ StringBuilder authHeader = new StringBuilder();
+ authHeader.append( "Digest " );
+ // [REQUIRED] The name to appear in the dialog box to the user.
+ authHeader.append( "realm=\"" ).append( realmName ).append( "\"" );
+ // [OPTIONAL] We do not use the optional 'domain' header.
+ // authHeader.append( "domain=\"" ).append( domain ).append( "\"" );
+ // [REQUIRED] Nonce specification.
+ authHeader.append( ", nonce=\"" );
+ long timestamp = System.currentTimeMillis() + ( nonceLifetimeSeconds * 1000 );
+ // Not using ETag from RFC 2617 intentionally.
+ String hraw = String.valueOf( timestamp ) + ":" + digestKey;
+ String rawnonce = String.valueOf( timestamp ) + ":" + Digest.md5Hex( hraw );
+ authHeader.append( Base64.encodeBase64( rawnonce.getBytes() ) );
+ authHeader.append( "\"" );
+ // [REQUIRED] The RFC 2617 Quality of Protection.
+ // MSIE Appears to only support 'auth'
+ // Do not use 'opaque' here. (Your MSIE users will have issues)
+ authHeader.append( ", qop=\"auth\"" );
+ // [BROKEN] since we force the 'auth' qop we cannot use the opaque option.
+ // authHeader.append( ", opaque=\"").append(opaqueString).append("\"");
+
+ // [OPTIONAL] Use of the stale option is reserved for expired nonce strings.
+ if ( exception instanceof NonceExpirationException )
+ {
+ authHeader.append( ", stale=\"true\"" );
+ }
+
+ // [OPTIONAL] We do not use the optional Algorithm header.
+ // authHeader.append( ", algorithm=\"MD5\"");
+
+ response.addHeader( "WWW-Authenticate", authHeader.toString() );
+ response.sendError( HttpServletResponse.SC_UNAUTHORIZED, exception.getMessage() );
+ }
+
+ private String generateDigestHash( HttpDigestHeader digestHeader, String password, String httpMethod )
+ {
+ String a1 = Digest.md5Hex( digestHeader.username + ":" + realm + ":" + password );
+ String a2 = Digest.md5Hex( httpMethod + ":" + digestHeader.uri );
+
+ String digest;
+
+ if ( StringUtils.isEmpty( digestHeader.qop ) )
+ {
+ digest = a1 + ":" + digestHeader.nonce + ":" + a2;
+ }
+ else if ( StringUtils.equals( "auth", digestHeader.qop ) )
+ {
+ digest = a1 + ":" + digestHeader.nonce + ":" + digestHeader.nc + ":" + digestHeader.cnonce + ":"
+ + digestHeader.qop + ":" + a2;
+ }
+ else
+ {
+ throw new IllegalStateException( "Http Digest Parameter [qop] with value of [" + digestHeader.qop
+ + "] is unsupported." );
+ }
+
+ return Digest.md5Hex( digest );
+ }
+
+ public String getRealm()
+ {
+ return realm;
+ }
+
+ public void setRealm( String realm )
+ {
+ this.realm = realm;
+ }
+
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/HttpDigestAuthentication.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/HttpDigestAuthentication.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/HttpDigestAuthenticationFilter.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/HttpDigestAuthenticationFilter.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/HttpDigestAuthenticationFilter.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/HttpDigestAuthenticationFilter.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,93 @@
+package org.codehaus.redback.integration.filter.authentication.digest;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.codehaus.plexus.redback.authentication.AuthenticationException;
+import org.codehaus.redback.integration.filter.authentication.AbstractHttpAuthenticationFilter;
+import org.codehaus.redback.integration.filter.authentication.HttpAuthenticator;
+import org.codehaus.redback.integration.filter.authentication.basic.HttpBasicAuthentication;
+
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * HttpDigestAuthenticationFilter.
+ * <p/>
+ * Uses RFC 2617 and RFC 2069 to perform Digest authentication against the incoming client.
+ * <p/>
+ * <ul>
+ * <li><a href="http://www.faqs.org/rfcs/rfc2617.html">RFC 2617</a> - HTTP Authentication: Basic and Digest Access Authentication</li>
+ * <li><a href="http://www.faqs.org/rfcs/rfc2069.html">RFC 2069</a> - An Extension to HTTP : Digest Access Authentication</li>
+ * </ul>
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public class HttpDigestAuthenticationFilter
+ extends AbstractHttpAuthenticationFilter
+{
+ private HttpDigestAuthentication httpAuthentication;
+
+ @Override
+ public void init( FilterConfig filterConfig )
+ throws ServletException
+ {
+ super.init( filterConfig );
+
+ httpAuthentication =
+ getApplicationContext().getBean( "httpAuthenticator#digest", HttpDigestAuthentication.class );
+
+ }
+
+ public void doFilter( ServletRequest request, ServletResponse response, FilterChain chain )
+ throws IOException, ServletException
+ {
+ if ( !( request instanceof HttpServletRequest ) )
+ {
+ throw new ServletException( "Can only process HttpServletRequest" );
+ }
+
+ if ( !( response instanceof HttpServletResponse ) )
+ {
+ throw new ServletException( "Can only process HttpServletResponse" );
+ }
+
+ HttpServletRequest httpRequest = (HttpServletRequest) request;
+ HttpServletResponse httpResponse = (HttpServletResponse) response;
+
+ try
+ {
+ httpAuthentication.setRealm( getRealmName() );
+ httpAuthentication.authenticate( httpRequest, httpResponse );
+ }
+ catch ( AuthenticationException e )
+ {
+ HttpAuthenticator httpauthn = new HttpBasicAuthentication();
+ httpauthn.challenge( httpRequest, httpResponse, getRealmName(), e );
+ return;
+ }
+
+ chain.doFilter( request, response );
+ }
+
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/HttpDigestAuthenticationFilter.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/HttpDigestAuthenticationFilter.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/HttpDigestHeader.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/HttpDigestHeader.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/HttpDigestHeader.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/HttpDigestHeader.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,145 @@
+package org.codehaus.redback.integration.filter.authentication.digest;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+
+import org.apache.commons.codec.binary.Base64;
+import org.codehaus.plexus.util.StringUtils;
+import org.codehaus.redback.integration.HttpUtils;
+import org.codehaus.redback.integration.filter.authentication.HttpAuthenticationException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.annotation.Scope;
+import org.springframework.stereotype.Service;
+
+import java.util.Properties;
+
+/**
+ * HttpDigestHeader
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+@Service( "httpClientHeader" )
+@Scope( "prototype" )
+public class HttpDigestHeader
+{
+ private Logger log = LoggerFactory.getLogger( HttpDigestHeader.class );
+
+ public String username;
+
+ public String realm;
+
+ public String nonce;
+
+ public String uri;
+
+ public String response;
+
+ public String qop;
+
+ public String nc;
+
+ public String cnonce;
+
+ public void parseClientHeader( String rawHeader, String expectedRealm, String digestKey )
+ throws HttpAuthenticationException
+ {
+ Properties authHeaderProps = HttpUtils.complexHeaderToProperties( rawHeader, ",", "=" );
+
+ username = authHeaderProps.getProperty( "username" );
+ realm = authHeaderProps.getProperty( "realm" );
+ nonce = authHeaderProps.getProperty( "nonce" );
+ uri = authHeaderProps.getProperty( "uri" );
+ response = authHeaderProps.getProperty( "response" );
+ qop = authHeaderProps.getProperty( "qop" );
+ nc = authHeaderProps.getProperty( "nc" );
+ cnonce = authHeaderProps.getProperty( "cnonce" );
+
+ // [RFC 2067] Validate all required values
+ if ( StringUtils.isEmpty( username ) || StringUtils.isEmpty( realm ) || StringUtils.isEmpty( nonce )
+ || StringUtils.isEmpty( uri ) || StringUtils.isEmpty( response ) )
+ {
+ log.debug( "Missing mandatory fields: Raw Digest Header : [{}]", rawHeader );
+
+ throw new HttpAuthenticationException( "Missing mandatory digest fields per RFC2069." );
+ }
+
+ // [RFC 2617] Validate realm.
+ if ( !StringUtils.equals( expectedRealm, realm ) )
+ {
+ log.debug( "Realm name is invalid: expected [{}] but got [{}]", expectedRealm, realm );
+
+ throw new HttpAuthenticationException( "Response realm does not match expected realm." );
+ }
+
+ // [RFC 2617] Validate "auth" qop
+ if ( StringUtils.equals( "auth", qop ) )
+ {
+ if ( StringUtils.isEmpty( nc ) || StringUtils.isEmpty( cnonce ) )
+ {
+ log.debug( "Missing mandatory qop fields: nc [{}] cnonce [{}]", nc, cnonce );
+
+ throw new HttpAuthenticationException( "Missing mandatory qop digest fields per RFC2617." );
+ }
+ }
+
+ // [RFC 2617] Validate nonce
+ if ( !Base64.isArrayByteBase64( nonce.getBytes() ) )
+ {
+ log.debug( "Nonce is not encoded in Base64: nonce [{}]", nonce );
+
+ throw new HttpAuthenticationException( "Response nonce is not encoded in Base64." );
+ }
+
+ // Decode nonce
+ String decodedNonce = new String( Base64.decodeBase64( nonce.getBytes() ) );
+ String nonceTokens[] = StringUtils.split( decodedNonce, ":" );
+
+ // Validate nonce format
+ if ( nonceTokens.length != 2 )
+ {
+ log.debug( "Nonce format expected [2] elements, but got [{}] instead. Decoded nonce [{}]",
+ nonceTokens.length, decodedNonce );
+
+ throw new HttpAuthenticationException(
+ "Nonce format is invalid. " + "Received an unexpected number of sub elements." );
+ }
+
+ // Extract nonce timestamp
+ long nonceTimestamp = 0;
+
+ try
+ {
+ nonceTimestamp = Long.parseLong( nonceTokens[0] );
+ }
+ catch ( NumberFormatException e )
+ {
+ throw new HttpAuthenticationException( "Unexpected nonce timestamp." );
+ }
+
+ // Extract nonce signature
+ String expectedSignature = Digest.md5Hex( nonceTimestamp + ":" + digestKey );
+
+ if ( !StringUtils.equals( expectedSignature, nonceTokens[1] ) )
+ {
+ log.error( "Nonce parameter has been compromised." );
+
+ throw new HttpAuthenticationException( "Nonce parameter has been compromised." );
+ }
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/HttpDigestHeader.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/HttpDigestHeader.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/NonceExpirationException.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/NonceExpirationException.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/NonceExpirationException.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/NonceExpirationException.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,50 @@
+package org.codehaus.redback.integration.filter.authentication.digest;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.codehaus.redback.integration.filter.authentication.HttpAuthenticationException;
+
+/**
+ * NonceExpirationException
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public class NonceExpirationException
+ extends HttpAuthenticationException
+{
+
+ public NonceExpirationException()
+ {
+ super();
+ }
+
+ public NonceExpirationException( String message, Throwable cause )
+ {
+ super( message, cause );
+ }
+
+ public NonceExpirationException( String message )
+ {
+ super( message );
+ }
+
+ public NonceExpirationException( Throwable cause )
+ {
+ super( cause );
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/NonceExpirationException.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authentication/digest/NonceExpirationException.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authorization/SimpleAuthorizationFilter.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authorization/SimpleAuthorizationFilter.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authorization/SimpleAuthorizationFilter.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authorization/SimpleAuthorizationFilter.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,128 @@
+package org.codehaus.redback.integration.filter.authorization;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.codehaus.plexus.redback.authorization.AuthorizationException;
+import org.codehaus.plexus.redback.system.SecuritySession;
+import org.codehaus.plexus.redback.system.SecuritySystem;
+import org.codehaus.plexus.util.StringUtils;
+import org.codehaus.redback.integration.filter.SpringServletFilter;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * SimpleAuthorizationFilter
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public class SimpleAuthorizationFilter
+ extends SpringServletFilter
+{
+
+ private Logger logger = LoggerFactory.getLogger( getClass() );
+
+ private String permission;
+
+ private String resource;
+
+ private String accessDeniedLocation;
+
+ public void init( FilterConfig filterConfig )
+ throws ServletException
+ {
+ super.init( filterConfig );
+
+ permission = filterConfig.getInitParameter( "permission" );
+ resource = filterConfig.getInitParameter( "resource" );
+ accessDeniedLocation = filterConfig.getInitParameter( "accessDeniedLocation" );
+
+ if ( StringUtils.isEmpty( accessDeniedLocation ) )
+ {
+ throw new ServletException(
+ "Missing parameter 'accessDeniedLocation' from " + SimpleAuthorizationFilter.class.getName()
+ + " configuration." );
+ }
+ }
+
+ public void doFilter( ServletRequest request, ServletResponse response, FilterChain chain )
+ throws IOException, ServletException
+ {
+ SecuritySession securitySession = getApplicationContext().getBean( "securitySession", SecuritySession.class );
+
+ if ( securitySession == null )
+ {
+ logger.warn( "Security Session is null." );
+ return;
+ }
+
+ SecuritySystem securitySystem = getApplicationContext().getBean( "securitySystem", SecuritySystem.class );
+
+ boolean isAuthorized = false;
+
+ try
+ {
+ if ( StringUtils.isEmpty( resource ) )
+ {
+ isAuthorized = securitySystem.isAuthorized( securitySession, permission );
+ }
+ else
+ {
+ isAuthorized = securitySystem.isAuthorized( securitySession, permission, resource );
+ }
+ if ( isAuthorized )
+ {
+ chain.doFilter( request, response );
+ }
+ else
+ {
+ accessDenied( response );
+ }
+ }
+ catch ( AuthorizationException e )
+ {
+ accessDenied( response );
+ }
+ }
+
+ protected void accessDenied( ServletResponse response )
+ throws IOException
+ {
+ String newlocation = accessDeniedLocation;
+
+ if ( newlocation.indexOf( '?' ) == ( -1 ) )
+ {
+ newlocation += "?";
+ }
+ else
+ {
+ newlocation += "&";
+ }
+ newlocation += "resource=" + resource;
+
+ ( (HttpServletResponse) response ).sendRedirect( newlocation );
+ }
+
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authorization/SimpleAuthorizationFilter.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/filter/authorization/SimpleAuthorizationFilter.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/interceptor/SecureAction.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/interceptor/SecureAction.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/interceptor/SecureAction.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/interceptor/SecureAction.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,34 @@
+package org.codehaus.redback.integration.interceptor;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * SecureAction
+ *
+ * @author Jesse McConnell <je...@codehaus.org>
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public interface SecureAction
+{
+ /**
+ * get an authorization bundle to process for authn and authz
+ */
+ SecureActionBundle getSecureActionBundle()
+ throws SecureActionException;
+
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/interceptor/SecureAction.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/codehaus/redback/integration/interceptor/SecureAction.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision