You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@archiva.apache.org by ol...@apache.org on 2012/04/06 11:59:32 UTC
svn commit: r1310268 [23/42] - in /archiva/redback/redback-core/trunk: ./
redback-authentication/ redback-authentication/redback-authentication-api/
redback-authentication/redback-authentication-api/src/
redback-authentication/redback-authentication-ap...
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/ActionInvocationTracker.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/ActionInvocationTracker.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/ActionInvocationTracker.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/ActionInvocationTracker.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,45 @@
+package org.codehaus.plexus.redback.struts2.interceptor;
+
+/*
+ * Copyright 2006-2007 The Codehaus Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import com.opensymphony.xwork2.ActionInvocation;
+
+public interface ActionInvocationTracker
+{
+
+ static final String SESSION_KEY = ActionInvocationTracker.class.getName();
+
+ void setHistorySize( int size );
+
+ int getHistorySize();
+
+ int getHistoryCount();
+
+ SavedActionInvocation getPrevious();
+
+ SavedActionInvocation getCurrent();
+
+ SavedActionInvocation getActionInvocationAt( int index );
+
+ void addActionInvocation( ActionInvocation invocation );
+
+ void setBackTrack();
+
+ void unsetBackTrack();
+
+ boolean isBackTracked();
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/ActionInvocationTracker.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/ActionInvocationTracker.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/AutoLoginInterceptor.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/AutoLoginInterceptor.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/AutoLoginInterceptor.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/AutoLoginInterceptor.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,294 @@
+package org.codehaus.plexus.redback.struts2.interceptor;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import com.opensymphony.xwork2.ActionContext;
+import com.opensymphony.xwork2.ActionInvocation;
+import com.opensymphony.xwork2.interceptor.Interceptor;
+import org.apache.struts2.ServletActionContext;
+import org.codehaus.plexus.redback.authentication.AuthenticationException;
+import org.codehaus.plexus.redback.authentication.AuthenticationResult;
+import org.codehaus.plexus.redback.authentication.TokenBasedAuthenticationDataSource;
+import org.codehaus.plexus.redback.keys.AuthenticationKey;
+import org.codehaus.plexus.redback.policy.AccountLockedException;
+import org.codehaus.plexus.redback.policy.MustChangePasswordException;
+import org.codehaus.plexus.redback.system.SecuritySession;
+import org.codehaus.plexus.redback.system.SecuritySystem;
+import org.codehaus.plexus.redback.system.SecuritySystemConstants;
+import org.codehaus.plexus.redback.users.UserNotFoundException;
+import org.codehaus.redback.integration.util.AutoLoginCookies;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.annotation.Scope;
+import org.springframework.stereotype.Controller;
+
+import javax.inject.Inject;
+import javax.servlet.http.HttpSession;
+
+/**
+ * AutoLoginInterceptor
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ */
+@Controller( "redbackAutoLoginInterceptor" )
+@Scope( "prototype" )
+public class AutoLoginInterceptor
+ implements Interceptor
+{
+ private Logger log = LoggerFactory.getLogger( AutoLoginInterceptor.class );
+
+ static final String PASSWORD_CHANGE = "security-must-change-password";
+
+ static final String ACCOUNT_LOCKED = "security-login-locked";
+
+ /**
+ *
+ */
+ @Inject
+ private SecuritySystem securitySystem;
+
+ /**
+ *
+ */
+ @Inject
+ private AutoLoginCookies autologinCookies;
+
+ public void destroy()
+ {
+ // Ignore
+ }
+
+ public void init()
+ {
+ // Ignore
+ }
+
+ /**
+ * @noinspection ProhibitedExceptionDeclared
+ */
+ public String intercept( ActionInvocation invocation )
+ throws Exception
+ {
+ SecuritySession securitySession = getSecuritySession();
+
+ if ( securitySession != null && securitySession.isAuthenticated() )
+ {
+ // User already authenticated.
+ log.debug( "User already authenticated." );
+
+ if ( !checkCookieConsistency( securitySession ) )
+ {
+ // update single sign on cookie
+ autologinCookies.setSignonCookie( securitySession.getUser().getUsername(),
+ ServletActionContext.getResponse(),
+ ServletActionContext.getRequest() );
+ }
+ }
+ else
+ {
+ AuthenticationKey authkey =
+ autologinCookies.getSignonKey( ServletActionContext.getResponse(), ServletActionContext.getRequest() );
+
+ if ( authkey != null )
+ {
+ try
+ {
+ securitySession = checkAuthentication( authkey, invocation.getInvocationContext().getName().equals(
+ PASSWORD_CHANGE ) );
+
+ if ( securitySession != null && securitySession.isAuthenticated() )
+ {
+ ActionContext.getContext().getSession().put( SecuritySystemConstants.SECURITY_SESSION_KEY,
+ securitySession );
+ checkCookieConsistency( securitySession );
+ }
+ else
+ {
+ autologinCookies.removeSignonCookie( ServletActionContext.getResponse(),
+ ServletActionContext.getRequest() );
+ autologinCookies.removeRememberMeCookie( ServletActionContext.getResponse(),
+ ServletActionContext.getRequest() );
+ }
+ }
+ catch ( AccountLockedException e )
+ {
+ log.info( "Account Locked : Username [{}]", e.getUser().getUsername(), e );
+ autologinCookies.removeSignonCookie( ServletActionContext.getResponse(),
+ ServletActionContext.getRequest() );
+ autologinCookies.removeRememberMeCookie( ServletActionContext.getResponse(),
+ ServletActionContext.getRequest() );
+ return ACCOUNT_LOCKED;
+ }
+ catch ( MustChangePasswordException e )
+ {
+ return PASSWORD_CHANGE;
+ }
+ }
+ else if ( autologinCookies.isRememberMeEnabled() )
+ {
+ authkey = autologinCookies.getRememberMeKey( ServletActionContext.getResponse(),
+ ServletActionContext.getRequest() );
+
+ if ( authkey != null )
+ {
+ try
+ {
+ securitySession = checkAuthentication( authkey, false );
+
+ if ( securitySession == null || !securitySession.isAuthenticated() )
+ {
+ autologinCookies.removeRememberMeCookie( ServletActionContext.getResponse(),
+ ServletActionContext.getRequest() );
+ }
+ }
+ catch ( AccountLockedException e )
+ {
+ log.info( "Account Locked : Username [{}]", e.getUser().getUsername(), e );
+ autologinCookies.removeRememberMeCookie( ServletActionContext.getResponse(),
+ ServletActionContext.getRequest() );
+ return ACCOUNT_LOCKED;
+ }
+ catch ( MustChangePasswordException e )
+ {
+ return PASSWORD_CHANGE;
+ }
+ }
+ }
+ }
+
+ return invocation.invoke();
+ }
+
+ private boolean checkCookieConsistency( SecuritySession securitySession )
+ {
+ String username = securitySession.getUser().getUsername();
+
+ boolean failed = false;
+
+ AuthenticationKey key =
+ autologinCookies.getRememberMeKey( ServletActionContext.getResponse(), ServletActionContext.getRequest() );
+ if ( key != null )
+ {
+ if ( !key.getForPrincipal().equals( username ) )
+ {
+ log.debug( "Login invalidated: remember me cookie was for{}; but session was for {}",
+ key.getForPrincipal(), username );
+ failed = true;
+ }
+ }
+
+ if ( !failed )
+ {
+ key =
+ autologinCookies.getSignonKey( ServletActionContext.getResponse(), ServletActionContext.getRequest() );
+ if ( key != null )
+ {
+ if ( !key.getForPrincipal().equals( username ) )
+ {
+ log.debug( "Login invalidated: signon cookie was for {}; but session was for {}",
+ key.getForPrincipal(), username );
+ failed = true;
+ }
+ }
+ else
+ {
+ log.debug( "Login invalidated: signon cookie was removed" );
+ failed = true;
+ }
+ }
+
+ if ( failed )
+ {
+ removeCookiesAndSession();
+ }
+
+ return failed;
+ }
+
+ private SecuritySession checkAuthentication( AuthenticationKey authkey, boolean enforcePasswordChange )
+ throws AccountLockedException, MustChangePasswordException
+ {
+ SecuritySession securitySession = null;
+ log.debug( "Logging in with an authentication key: {}", authkey.getForPrincipal() );
+ TokenBasedAuthenticationDataSource authsource = new TokenBasedAuthenticationDataSource();
+ authsource.setPrincipal( authkey.getForPrincipal() );
+ authsource.setToken( authkey.getKey() );
+ authsource.setEnforcePasswordChange( enforcePasswordChange );
+
+ try
+ {
+ securitySession = securitySystem.authenticate( authsource );
+
+ if ( securitySession.isAuthenticated() )
+ {
+ // TODO: this should not happen if there is a password change required - but the password change action needs to log the user in on success to swap them
+ log.debug( "Login success." );
+
+ HttpSession session = ServletActionContext.getRequest().getSession( true );
+ session.setAttribute( SecuritySystemConstants.SECURITY_SESSION_KEY, securitySession );
+ log.debug( "Setting session:{} to {}", SecuritySystemConstants.SECURITY_SESSION_KEY, securitySession );
+
+ autologinCookies.setSignonCookie( authkey.getForPrincipal(), ServletActionContext.getResponse(),
+ ServletActionContext.getRequest() );
+ }
+ else
+ {
+ AuthenticationResult result = securitySession.getAuthenticationResult();
+ log.info( "Login interceptor failed against principal : {}", result.getPrincipal(),
+ result.getException() );
+ }
+
+ }
+ catch ( AuthenticationException e )
+ {
+ log.info( "Authentication Exception.", e );
+ }
+ catch ( UserNotFoundException e )
+ {
+ log.info( "User Not Found: {}", authkey.getForPrincipal(), e );
+ }
+ return securitySession;
+ }
+
+ private void removeCookiesAndSession()
+ {
+ autologinCookies.removeRememberMeCookie( ServletActionContext.getResponse(),
+ ServletActionContext.getRequest() );
+ autologinCookies.removeSignonCookie( ServletActionContext.getResponse(), ServletActionContext.getRequest() );
+
+ HttpSession session = ServletActionContext.getRequest().getSession();
+ if ( session != null )
+ {
+ session.removeAttribute( SecuritySystemConstants.SECURITY_SESSION_KEY );
+ }
+ }
+
+ private SecuritySession getSecuritySession()
+ {
+ HttpSession session = ServletActionContext.getRequest().getSession();
+ if ( session == null )
+ {
+ log.debug( "No HTTP Session exists." );
+ return null;
+ }
+
+ SecuritySession secSession =
+ (SecuritySession) session.getAttribute( SecuritySystemConstants.SECURITY_SESSION_KEY );
+ log.debug( "Returning Security Session: {}", secSession );
+ return secSession;
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/AutoLoginInterceptor.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/AutoLoginInterceptor.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/EnvironmentCheckInterceptor.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/EnvironmentCheckInterceptor.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/EnvironmentCheckInterceptor.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/EnvironmentCheckInterceptor.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,107 @@
+package org.codehaus.plexus.redback.struts2.interceptor;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import com.opensymphony.xwork2.ActionInvocation;
+import com.opensymphony.xwork2.interceptor.Interceptor;
+import org.codehaus.plexus.redback.system.check.EnvironmentCheck;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.ApplicationContext;
+import org.springframework.context.annotation.Scope;
+import org.springframework.stereotype.Controller;
+
+import javax.annotation.PostConstruct;
+import javax.inject.Inject;
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * EnvironmentCheckInterceptor
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+@Controller( "redbackEnvironmentCheckInterceptor" )
+@Scope( "prototype" )
+public class EnvironmentCheckInterceptor
+ implements Interceptor
+{
+ private static boolean checked = false;
+
+ private Logger log = LoggerFactory.getLogger( EnvironmentCheckInterceptor.class );
+
+
+ /**
+ *
+ */
+ @Inject
+ private List<EnvironmentCheck> checkers;
+
+ public void destroy()
+ {
+ // no-op
+ }
+
+ @PostConstruct
+ public void init()
+ {
+
+ if ( EnvironmentCheckInterceptor.checked )
+ {
+ // No need to check twice.
+ return;
+ }
+
+ if ( checkers != null )
+ {
+ List<String> violations = new ArrayList<String>();
+
+ for ( EnvironmentCheck check : checkers )
+ {
+ check.validateEnvironment( violations );
+ }
+
+ if ( !violations.isEmpty() )
+ {
+ StringBuffer msg = new StringBuffer();
+ msg.append( "EnvironmentCheck Failure.\n" );
+ msg.append( "======================================================================\n" );
+ msg.append( " ENVIRONMENT FAILURE !! \n" );
+ msg.append( "\n" );
+
+ for ( String v : violations )
+ {
+ msg.append( v ).append( "\n" );
+ }
+
+ msg.append( "\n" );
+ msg.append( "======================================================================" );
+ log.error( msg.toString() );
+ }
+ }
+
+ EnvironmentCheckInterceptor.checked = true;
+ }
+
+ public String intercept( ActionInvocation invocation )
+ throws Exception
+ {
+ // A no-op here. Work for this intereceptor is done in init().
+ return invocation.invoke();
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/EnvironmentCheckInterceptor.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/EnvironmentCheckInterceptor.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/ForceAdminUserInterceptor.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/ForceAdminUserInterceptor.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/ForceAdminUserInterceptor.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/ForceAdminUserInterceptor.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,244 @@
+package org.codehaus.plexus.redback.struts2.interceptor;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import com.opensymphony.xwork2.ActionInvocation;
+import com.opensymphony.xwork2.interceptor.Interceptor;
+import org.apache.commons.lang.StringUtils;
+import org.apache.struts2.ServletActionContext;
+import org.codehaus.plexus.redback.authentication.PasswordBasedAuthenticationDataSource;
+import org.codehaus.plexus.redback.configuration.UserConfiguration;
+import org.codehaus.plexus.redback.role.RoleManager;
+import org.codehaus.plexus.redback.role.RoleManagerException;
+import org.codehaus.plexus.redback.system.SecuritySession;
+import org.codehaus.plexus.redback.system.SecuritySystem;
+import org.codehaus.plexus.redback.system.SecuritySystemConstants;
+import org.codehaus.plexus.redback.users.User;
+import org.codehaus.plexus.redback.users.UserManager;
+import org.codehaus.plexus.redback.users.UserNotFoundException;
+import org.codehaus.redback.integration.checks.security.AdminAutoCreateCheck;
+import org.codehaus.redback.integration.util.AutoLoginCookies;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.annotation.Scope;
+import org.springframework.stereotype.Controller;
+
+import javax.inject.Inject;
+import javax.inject.Named;
+import java.io.File;
+import java.io.FileInputStream;
+import java.util.Date;
+import java.util.Map;
+import java.util.Properties;
+
+/**
+ * EnvironmentCheckInterceptor
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+@Controller( "redbackForceAdminUserInterceptor" )
+@Scope( "prototype" )
+public class ForceAdminUserInterceptor
+ implements Interceptor
+{
+ private Logger log = LoggerFactory.getLogger( getClass() );
+
+ private static final String SECURITY_ADMIN_USER_NEEDED = "security-admin-user-needed";
+
+ private static boolean checked = false;
+
+ /**
+ * role-hint="configurable"
+ */
+ @Inject
+ @Named( value = "userManager#configurable" )
+ private UserManager userManager;
+
+ /**
+ * role-hint="default"
+ */
+ @Inject
+ private RoleManager roleManager;
+
+ /**
+ * role-hint="default"
+ */
+ @Inject
+ private UserConfiguration config;
+
+ @Inject
+ protected SecuritySystem securitySystem;
+
+ @Inject
+ private AutoLoginCookies autologinCookies;
+
+ protected Map<String, Object> session;
+
+ public void destroy()
+ {
+ // no-op
+ }
+
+ public void init()
+ {
+
+ }
+
+ public String intercept( ActionInvocation invocation )
+ throws Exception
+ {
+ if ( checked )
+ {
+ return invocation.invoke();
+ }
+
+ try
+ {
+ User user = userManager.findUser( getAdminUid() );
+ if ( user == null )
+ {
+ user = useForceAdminFile();
+ if ( user == null )
+ {
+ log.info( "No admin user configured - forwarding to admin user creation page." );
+ return SECURITY_ADMIN_USER_NEEDED;
+ }
+ }
+
+ assignAdminRole( user );
+
+ checked = true;
+ log.info( "Admin user found. No need to configure admin user." );
+
+ }
+ catch ( UserNotFoundException e )
+ {
+ User user = useForceAdminFile();
+ if ( user != null )
+ {
+ assignAdminRole( user );
+
+ checked = true;
+ }
+ else
+ {
+ log.info( "No admin user found - forwarding to admin user creation page." );
+ return SECURITY_ADMIN_USER_NEEDED;
+ }
+ }
+
+ return invocation.invoke();
+ }
+
+ private User useForceAdminFile()
+ {
+ try
+ {
+ String forceAdminFilePath = System.getProperty( AdminAutoCreateCheck.FORCE_ADMIN_FILE_PATH );
+ if ( StringUtils.isBlank( forceAdminFilePath ) )
+ {
+ log.info( AdminAutoCreateCheck.FORCE_ADMIN_FILE_PATH + " system props is empty don't use an auto creation admin " );
+ return null;
+ }
+ File file = new File( forceAdminFilePath );
+ if ( !file.exists() )
+ {
+ log.warn( "file set in sysprops " + AdminAutoCreateCheck.FORCE_ADMIN_FILE_PATH + " not exists skip admin auto creation" );
+ return null;
+ }
+ Properties properties = new Properties();
+ FileInputStream fis = null;
+ try
+ {
+ properties.load( new FileInputStream( file ) );
+ }
+ catch ( Exception e )
+ {
+ log.warn( "error loading properties from file " + forceAdminFilePath + " skip admin auto creation" );
+ return null;
+ }
+
+ // ensure we have all properties
+ String password = properties.getProperty( AdminAutoCreateCheck.ADMIN_PASSWORD_KEY );
+ String email = properties.getProperty( AdminAutoCreateCheck.ADMIN_EMAIL_KEY );
+ String fullName = properties.getProperty( AdminAutoCreateCheck.ADMIN_FULL_NAME_KEY );
+
+ if ( StringUtils.isBlank( password ) )
+ {
+ log.warn( "property " + AdminAutoCreateCheck.ADMIN_PASSWORD_KEY + " not set skip auto admin creation" );
+ return null;
+ }
+
+ if ( StringUtils.isBlank( email ) )
+ {
+ log.warn( "property " + AdminAutoCreateCheck.ADMIN_EMAIL_KEY + " not set skip auto admin creation" );
+ return null;
+ }
+
+ if ( StringUtils.isBlank( fullName ) )
+ {
+ log.warn( "property " + AdminAutoCreateCheck.ADMIN_FULL_NAME_KEY + " not set skip auto admin creation" );
+ return null;
+ }
+
+ User u = userManager.createUser( getAdminUid(), fullName, email );
+
+ u.setPassword( password );
+ u.setLocked( false );
+ u.setPasswordChangeRequired( false );
+ u.setPermanent( true );
+
+ u = userManager.addUser( u );
+ u.setPassword( password );
+
+ PasswordBasedAuthenticationDataSource authdatasource = new PasswordBasedAuthenticationDataSource();
+ authdatasource.setPrincipal( u.getUsername() );
+ authdatasource.setPassword( u.getPassword() );
+ SecuritySession securitySession = securitySystem.authenticate( authdatasource );
+ if ( securitySession.getAuthenticationResult().isAuthenticated() )
+ {
+ // good add various tokens.
+ ServletActionContext.getRequest().getSession( true ).setAttribute(
+ SecuritySystemConstants.SECURITY_SESSION_KEY, securitySession );
+ autologinCookies.setSignonCookie( authdatasource.getPrincipal(), ServletActionContext.getResponse(),
+ ServletActionContext.getRequest() );
+ u = securitySession.getUser();
+ u.setLastLoginDate( new Date() );
+ securitySystem.getUserManager().updateUser( u );
+ }
+
+ return u;
+ }
+ catch ( Exception e )
+ {
+ log.warn( "failed to automatically create an admin account " + e.getMessage(), e );
+ }
+ return null;
+ }
+
+ private String getAdminUid()
+ {
+ return config.getString( "redback.default.admin" );
+ }
+
+ private void assignAdminRole( User user )
+ throws RoleManagerException
+ {
+ roleManager.assignRole( "system-administrator", user.getPrincipal().toString() );
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/ForceAdminUserInterceptor.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/ForceAdminUserInterceptor.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/PolicyEnforcementInterceptor.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/PolicyEnforcementInterceptor.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/PolicyEnforcementInterceptor.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/PolicyEnforcementInterceptor.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,221 @@
+package org.codehaus.plexus.redback.struts2.interceptor;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import java.util.Calendar;
+import java.util.Map;
+
+import javax.inject.Inject;
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.struts2.ServletActionContext;
+import org.codehaus.plexus.redback.configuration.UserConfiguration;
+import org.codehaus.plexus.redback.policy.UserSecurityPolicy;
+import org.codehaus.plexus.redback.system.DefaultSecuritySession;
+import org.codehaus.plexus.redback.system.SecuritySession;
+import org.codehaus.plexus.redback.system.SecuritySystem;
+import org.codehaus.plexus.redback.system.SecuritySystemConstants;
+import org.codehaus.plexus.redback.users.User;
+import org.codehaus.plexus.redback.users.UserManager;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.opensymphony.xwork2.ActionContext;
+import com.opensymphony.xwork2.ActionInvocation;
+import com.opensymphony.xwork2.interceptor.Interceptor;
+import org.springframework.context.annotation.Scope;
+import org.springframework.stereotype.Controller;
+
+/**
+ * Interceptor to force the user to perform actions, when required.
+ *
+ * @author Edwin Punzalan
+ */
+@Controller( "redbackPolicyEnforcementInterceptor" )
+@Scope( "prototype" )
+public class PolicyEnforcementInterceptor
+ implements Interceptor
+{
+ private Logger log = LoggerFactory.getLogger( PolicyEnforcementInterceptor.class );
+
+ private static final String SECURITY_USER_MUST_CHANGE_PASSWORD = "security-must-change-password";
+
+ /**
+ *
+ */
+ @Inject
+ private UserConfiguration config;
+
+ /**
+ *
+ */
+ @Inject
+ protected SecuritySystem securitySystem;
+
+ public void destroy()
+ {
+ //ignore
+ }
+
+ public void init()
+ {
+ //ignore
+ }
+
+ /**
+ * 1) validate that the user doesn't have to change their password, if they do then re-route accordingly
+ *
+ * @param actionInvocation
+ * @return
+ * @throws Exception
+ */
+ @SuppressWarnings("unchecked")
+ public String intercept( ActionInvocation actionInvocation )
+ throws Exception
+ {
+
+ if ( config.getBoolean( "security.policy.strict.enforcement.enabled" ) )
+ {
+ log.debug( "Enforcement: enforcing per click security policies." );
+
+
+ ActionContext context = ActionContext.getContext();
+
+ SecuritySession securitySession = null;
+
+ try
+ {
+ securitySession = (SecuritySession) context.getSession().get( SecuritySystemConstants.SECURITY_SESSION_KEY );
+ }
+ catch (IllegalStateException e)
+ {
+ log.debug("Could not get security session as the session was invalid", e);
+ }
+
+ UserSecurityPolicy policy = securitySystem.getPolicy();
+
+ if ( securitySession != null )
+ {
+ UserManager userManager = securitySystem.getUserManager();
+ User user = userManager.findUser( securitySession.getUser().getPrincipal() );
+ securitySession = new DefaultSecuritySession( securitySession.getAuthenticationResult(), user );
+ context.getSession().put( SecuritySystemConstants.SECURITY_SESSION_KEY, securitySession );
+ }
+ else
+ {
+ log.debug( "Enforcement: no user security session detected, skipping enforcement" );
+ return actionInvocation.invoke();
+ }
+
+ if ( checkForcePasswordChange( securitySession, actionInvocation ) )
+ {
+ Map<String, Object> session = ServletActionContext.getContext().getSession();
+ HttpServletRequest request = ServletActionContext.getRequest();
+
+ String queryString = request.getQueryString();
+ String targetUrl = request.getRequestURL() + ( queryString==null ? "" : "?" + queryString );
+
+ session.put( "targetUrl", targetUrl );
+
+ log.info( "storing targetUrl : {}", targetUrl );
+
+ return SECURITY_USER_MUST_CHANGE_PASSWORD;
+ }
+
+ if ( config.getBoolean( "security.policy.password.expiration.enabled" ) )
+ {
+ log.debug( "checking password expiration notification" );
+
+ UserManager userManager = securitySystem.getUserManager();
+ User user = userManager.findUser( securitySession.getUser().getPrincipal() );
+
+ Calendar expirationNotifyDate = Calendar.getInstance();
+ expirationNotifyDate.setTime( user.getLastPasswordChange() );
+ // add on the total days to expire minus the notification days
+ expirationNotifyDate.add( Calendar.DAY_OF_MONTH, policy.getPasswordExpirationDays() - config.getInt( "security.policy.password.expiration.notify.days" ) );
+
+ Calendar now = Calendar.getInstance();
+
+ if ( now.after( expirationNotifyDate ) )
+ {
+ log.debug( "setting password expiration notification" );
+
+ Calendar expirationDate = Calendar.getInstance();
+ expirationDate.setTime( user.getLastPasswordChange() );
+ expirationDate.add( Calendar.DAY_OF_MONTH, policy.getPasswordExpirationDays() );
+ Map<String, Object> session = ServletActionContext.getContext().getSession();
+ session.put( "passwordExpirationNotification", expirationDate.getTime().toString() );
+ }
+ }
+
+ return actionInvocation.invoke();
+ }
+ else
+ {
+ log.debug( "Enforcement: not processing per click security policies." );
+ return actionInvocation.invoke();
+ }
+ }
+
+ private boolean checkForcePasswordChange( SecuritySession securitySession, ActionInvocation actionInvocation )
+ {
+ /*
+ * FIXME: something less 'hackish'
+ *
+ * these two classes should not be subject to this enforcement policy and this
+ * ideally should be governed by the interceptor stacks but that just didn't work
+ * when I was trying to solve the problem that way, psquad32 recommended I just
+ * find a way to get around this interceptor in the particular case I needed to and use
+ * "One stack to rule them all
+ */
+ if ( "org.codehaus.plexus.redback.struts2.action.PasswordAction".equals( actionInvocation.getAction().getClass().getName() ) )
+ {
+ log.debug( "Enforcement: skipping force password check on password action" );
+ return false;
+ }
+
+ if ( "org.codehaus.plexus.redback.struts2.action.LoginAction".equals( actionInvocation.getAction().getClass().getName() ) )
+ {
+ log.debug( "Enforcement: skipping force password check on login action" );
+ return false;
+ }
+
+ if ( "org.codehaus.plexus.redback.struts2.action.LogoutAction".equals( actionInvocation.getAction().getClass().getName() ) )
+ {
+ log.debug( "Enforcement: skipping force password check on logout action" );
+ return false;
+ }
+
+ if ( config.getBoolean( "security.policy.strict.force.password.change.enabled" ) )
+ {
+ log.debug( "Enforcement: checking active user password change enabled" );
+
+ if ( securitySession.getUser().isPasswordChangeRequired() )
+ {
+ log.info( "Enforcement: User must change password - forwarding to change password page." );
+
+ return true;
+ }
+ else
+ {
+ log.debug( "Enforcement: User doesn't need to change password." );
+ }
+ }
+ return false;
+ }
+
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/PolicyEnforcementInterceptor.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/PolicyEnforcementInterceptor.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/SavedActionInvocation.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/SavedActionInvocation.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/SavedActionInvocation.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/SavedActionInvocation.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,65 @@
+package org.codehaus.plexus.redback.struts2.interceptor;
+
+/*
+ * Copyright 2006-2007 The Codehaus Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import com.opensymphony.xwork2.ActionInvocation;
+
+import java.util.HashMap;
+import java.util.Map;
+
+public class SavedActionInvocation
+{
+ private String namespace;
+
+ private String actionName;
+
+ private Map<String, Object> parameterMap;
+
+ private String methodName;
+
+ @SuppressWarnings("unchecked")
+ public SavedActionInvocation( ActionInvocation invocation )
+ {
+ namespace = invocation.getProxy().getNamespace();
+ actionName = invocation.getProxy().getActionName();
+ methodName = invocation.getProxy().getMethod();
+
+ parameterMap = new HashMap<String, Object>();
+
+ parameterMap.putAll( invocation.getInvocationContext().getParameters() );
+ }
+
+ public String getNamespace()
+ {
+ return namespace;
+ }
+
+ public String getActionName()
+ {
+ return actionName;
+ }
+
+ public Map<String,Object> getParametersMap()
+ {
+ return parameterMap;
+ }
+
+ public String getMethodName()
+ {
+ return methodName;
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/SavedActionInvocation.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/SavedActionInvocation.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/SecureActionInterceptor.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/SecureActionInterceptor.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/SecureActionInterceptor.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/SecureActionInterceptor.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,297 @@
+package org.codehaus.plexus.redback.struts2.interceptor;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import com.google.common.collect.Lists;
+import com.opensymphony.xwork2.Action;
+import com.opensymphony.xwork2.ActionContext;
+import com.opensymphony.xwork2.ActionInvocation;
+import org.apache.commons.lang.StringUtils;
+import org.apache.commons.lang.SystemUtils;
+import org.apache.struts2.ServletActionContext;
+import org.codehaus.plexus.redback.authorization.AuthorizationResult;
+import org.codehaus.plexus.redback.system.SecuritySession;
+import org.codehaus.plexus.redback.system.SecuritySystem;
+import org.codehaus.plexus.redback.system.SecuritySystemConstants;
+import org.codehaus.redback.integration.interceptor.SecureAction;
+import org.codehaus.redback.integration.interceptor.SecureActionBundle;
+import org.codehaus.redback.integration.interceptor.SecureActionException;
+import org.springframework.context.annotation.Scope;
+import org.springframework.stereotype.Controller;
+
+import javax.inject.Inject;
+import javax.servlet.ServletContext;
+import javax.servlet.http.HttpSession;
+import java.util.List;
+
+/**
+ * SecureActionInterceptor: Interceptor that will detect webwork actions that implement the SecureAction
+ * interface and providing they do verify that the current user is authorized to execute the action
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @author Jesse McConnell <je...@codehaus.org>
+ * @version $Id$
+ */
+@Controller( "redbackSecureActionInterceptor" )
+@Scope( "prototype" )
+public class SecureActionInterceptor
+ extends AbstractHttpRequestTrackerInterceptor
+{
+ private static final String REQUIRES_AUTHORIZATION = "requires-authorization";
+
+ private static final String REQUIRES_AUTHENTICATION = "requires-authentication";
+
+ private static final String HTTP_HEADER_REFERER = "Referer";
+
+ /**
+ *
+ */
+ @Inject
+ private SecuritySystem securitySystem;
+
+ /**
+ *
+ */
+ private String trackerName = "simple";
+
+ private String enableReferrerCheck;
+
+ @Override
+ public void destroy()
+ {
+ // noop
+ }
+
+
+ /**
+ * process the action to determine if it implements SecureAction and then act
+ * accordingly
+ *
+ * @param invocation
+ * @return
+ * @throws Exception
+ */
+ @Override
+ public String intercept( ActionInvocation invocation )
+ throws Exception
+ {
+ ActionContext context = ActionContext.getContext();
+
+ Action action = (Action) context.getActionInvocation().getAction();
+
+ logger.debug( "SecureActionInterceptor: processing {}", action.getClass().getName() );
+
+ if ( Boolean.valueOf( enableReferrerCheck ) )
+ {
+ logger.debug( "Referrer security check enabled." );
+ executeReferrerSecurityCheck();
+ }
+
+ try
+ {
+ if ( action instanceof SecureAction )
+ {
+ SecureAction secureAction = (SecureAction) action;
+ SecureActionBundle bundle = secureAction.getSecureActionBundle();
+
+ if ( bundle == null )
+ {
+ logger.error( "Null bundle detected." );
+
+ // TODO: send them somewhere else?
+ return invocation.invoke();
+ }
+
+ if ( bundle == SecureActionBundle.OPEN )
+ {
+ logger.debug( "Bundle.OPEN detected." );
+
+ return invocation.invoke();
+ }
+
+ SecuritySession session =
+ (SecuritySession) context.getSession().get( SecuritySystemConstants.SECURITY_SESSION_KEY );
+
+ // check the authentication requirements
+ if ( bundle.requiresAuthentication() )
+ {
+ if ( session == null || !session.isAuthenticated() )
+ {
+ logger.debug( "not authenticated, need to authenticate for this action" );
+ return processRequiresAuthentication( invocation );
+ }
+ }
+
+ List<SecureActionBundle.AuthorizationTuple> authzTuples = bundle.getAuthorizationTuples();
+
+ // if operations are returned we need to perform authorization checks
+ if ( authzTuples != null && authzTuples.size() > 0 )
+ {
+ // authn adds a session, if there is no session they are not authorized and authn is required for
+ // authz, even if it is just a guest user
+ if ( session == null )
+ {
+ logger.debug( "session required for authorization to run" );
+ return processRequiresAuthentication( invocation );
+ }
+
+ for ( SecureActionBundle.AuthorizationTuple tuple : authzTuples )
+ {
+ logger.debug( "checking authz for {}", tuple.toString() );
+
+ AuthorizationResult authzResult =
+ securitySystem.authorize( session, tuple.getOperation(), tuple.getResource() );
+
+ logger.debug( "checking the interceptor authz {} for {}", authzResult.isAuthorized(),
+ tuple.toString() );
+
+ if ( authzResult.isAuthorized() )
+ {
+ if ( logger.isDebugEnabled() )
+ {
+ logger.debug( "{} is authorized for action {} by {}",
+ Lists.<Object>newArrayList( session.getUser().getPrincipal(),
+ secureAction.getClass().getName(),
+ tuple.toString() ) );
+ }
+ return invocation.invoke();
+ }
+ }
+
+ return processRequiresAuthorization( invocation );
+ }
+ }
+ else
+ {
+ logger.debug( "SecureActionInterceptor: {} not a secure action", action.getClass().getName() );
+ }
+ }
+ catch ( SecureActionException se )
+ {
+ logger.error( "can't generate the SecureActionBundle, deny access: " + se.getMessage() );
+ return processRequiresAuthentication( invocation );
+ }
+
+ logger.debug( "not a secure action {}", action.getClass().getName() );
+ String result = invocation.invoke();
+ logger.debug( "Passing invocation up, result is [{}] on call {}", result,
+ invocation.getAction().getClass().getName() );
+ return result;
+ }
+
+ private void executeReferrerSecurityCheck()
+ {
+ String referrer = ServletActionContext.getRequest().getHeader( HTTP_HEADER_REFERER );
+
+ logger.debug( "HTTP Referer header: {}", referrer );
+
+ String[] tokens = StringUtils.splitPreserveAllTokens( referrer, "/", 3 );
+
+ if ( tokens != null )
+ {
+ String path;
+ if ( tokens.length < 3 )
+ {
+ path = referrer;
+ }
+ else
+ {
+ path = tokens[tokens.length - 1];
+ }
+
+ logger.debug( "Calculated virtual path: {}", path );
+
+ ServletContext servletContext = ServletActionContext.getServletContext();
+
+ String realPath = servletContext.getRealPath( path );
+
+ if ( StringUtils.isNotEmpty( realPath ) )
+ {
+ // on windows realPath can return full path c:\\bla\\bla\....
+ // so transforming \\ to /
+ if ( SystemUtils.IS_OS_WINDOWS )
+ {
+ realPath = StringUtils.replace( realPath, "\\", "/" );
+ }
+ if ( !realPath.endsWith( path ) )
+ {
+ String errorMsg = "Failed referrer security check: Request did not come from the same server. "
+ + "Detected HTTP Referer header is '" + referrer + "'.";
+ logger.error( errorMsg );
+ throw new RuntimeException( errorMsg );
+ }
+ else
+ {
+ logger.debug( "HTTP Referer header path found in server." );
+ }
+ }
+ }
+ else
+ {
+ logger.warn( "HTTP Referer header is null." );
+ }
+ }
+
+ protected String processRequiresAuthorization( ActionInvocation invocation )
+ {
+ addActionInvocation( invocation ).setBackTrack();
+ return REQUIRES_AUTHORIZATION;
+ }
+
+ protected String processRequiresAuthentication( ActionInvocation invocation )
+ {
+ HttpSession session = ServletActionContext.getRequest().getSession();
+
+ if ( session != null )
+ {
+ session.removeAttribute( SecuritySystemConstants.SECURITY_SESSION_KEY );
+ }
+
+ addActionInvocation( invocation ).setBackTrack();
+ return REQUIRES_AUTHENTICATION;
+ }
+
+ public SecuritySystem getSecuritySystem()
+ {
+ return securitySystem;
+ }
+
+ public void setSecuritySystem( SecuritySystem securitySystem )
+ {
+ this.securitySystem = securitySystem;
+ }
+
+ protected String getTrackerName()
+ {
+ return trackerName;
+ }
+
+ public String getEnableReferrerCheck()
+ {
+ return enableReferrerCheck;
+ }
+
+ public void setEnableReferrerCheck( String enableReferrerCheck )
+ {
+ this.enableReferrerCheck = enableReferrerCheck;
+ }
+
+ public void setTrackerName( String trackerName )
+ {
+ this.trackerName = trackerName;
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/SecureActionInterceptor.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/SecureActionInterceptor.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/SimpleActionInvocationTracker.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/SimpleActionInvocationTracker.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/SimpleActionInvocationTracker.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/SimpleActionInvocationTracker.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,124 @@
+package org.codehaus.plexus.redback.struts2.interceptor;
+
+/*
+ * Copyright 2006-2007 The Codehaus Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import com.opensymphony.xwork2.ActionInvocation;
+import org.springframework.context.annotation.Scope;
+import org.springframework.stereotype.Controller;
+
+import java.util.Stack;
+
+/**
+ *
+ */
+@Controller( "simple" )
+@Scope( "prototype" )
+public class SimpleActionInvocationTracker
+ implements ActionInvocationTracker
+{
+ /**
+ *
+ */
+ private int historySize = 5;
+
+ private boolean backTrack;
+
+ private Stack<SavedActionInvocation> actionInvocationStack = new Stack<SavedActionInvocation>();
+
+ public void setHistorySize( int size )
+ {
+ this.historySize = size;
+ }
+
+ public int getHistorySize()
+ {
+ return this.historySize;
+ }
+
+ public int getHistoryCount()
+ {
+ return actionInvocationStack.size();
+ }
+
+ /**
+ * returns the previous actioninvocation and dropping the current one
+ */
+ public SavedActionInvocation getPrevious()
+ {
+ if ( actionInvocationStack.size() > 1 )
+ {
+ // drop the current SavedActionInvocation
+ actionInvocationStack.pop();
+ return (SavedActionInvocation) actionInvocationStack.pop();
+ }
+
+ return null;
+ }
+
+ /**
+ * return the current action invocation
+ */
+ public SavedActionInvocation getCurrent()
+ {
+ if ( actionInvocationStack.size() > 0 )
+ {
+ return (SavedActionInvocation) actionInvocationStack.pop();
+ }
+
+ return null;
+ }
+
+ /**
+ * returns the actioninvocation at the specified index, preserving
+ * the actioninvocation list
+ */
+ public SavedActionInvocation getActionInvocationAt( int index )
+ {
+ if ( actionInvocationStack.size() >= index )
+ {
+ return (SavedActionInvocation) actionInvocationStack.get( index );
+ }
+
+ return null;
+ }
+
+ public void addActionInvocation( ActionInvocation invocation )
+ {
+ actionInvocationStack.push( new SavedActionInvocation( invocation ) );
+
+ // remove oldest action invocation
+ if ( actionInvocationStack.size() > historySize )
+ {
+ actionInvocationStack.remove( 0 );
+ }
+ }
+
+ public void setBackTrack()
+ {
+ backTrack = true;
+ }
+
+ public void unsetBackTrack()
+ {
+ backTrack = false;
+ }
+
+ public boolean isBackTracked()
+ {
+ return backTrack;
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/SimpleActionInvocationTracker.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/interceptor/SimpleActionInvocationTracker.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/model/ApplicationRoleDetails.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/model/ApplicationRoleDetails.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/model/ApplicationRoleDetails.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/model/ApplicationRoleDetails.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,242 @@
+package org.codehaus.plexus.redback.struts2.model;
+/*
+ * Copyright 2008 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.codehaus.plexus.redback.rbac.Role;
+import org.codehaus.plexus.redback.role.model.ModelApplication;
+import org.codehaus.plexus.redback.role.model.ModelRole;
+import org.codehaus.plexus.redback.role.model.ModelTemplate;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Set;
+
+/**
+ * @todo incredibly ugly population of the table, needs to be more concise
+ */
+public class ApplicationRoleDetails
+{
+ private String name;
+
+ private String description;
+
+ private List<String> assignedRoles;
+
+ private List<String> availableRoles;
+
+ private List<ModelTemplate> tableHeader;
+
+ private List<List<RoleTableCell>> table;
+
+ @SuppressWarnings("unchecked")
+ public ApplicationRoleDetails( ModelApplication application, Collection<Role> effectivelyAssignedRoles,
+ Collection<Role> allAssignedRoles, List<Role> assignableRoles )
+ {
+ name = application.getId();
+ description = application.getDescription();
+
+ List<ModelTemplate> templates = application.getTemplates();
+ List<ModelRole> roles = application.getRoles();
+
+ tableHeader = new LinkedList<ModelTemplate>( templates );
+
+ computeRoles( roles, assignableRoles, effectivelyAssignedRoles, allAssignedRoles );
+
+ computeTable( gatherResources( templates, assignableRoles ), effectivelyAssignedRoles, allAssignedRoles );
+ }
+
+ public String getName()
+ {
+ return name;
+ }
+
+ public String getDescription()
+ {
+ return description;
+ }
+
+ public List<String> getAssignedRoles()
+ {
+ return assignedRoles;
+ }
+
+ public List<String> getAvailableRoles()
+ {
+ return availableRoles;
+ }
+
+ public List<ModelTemplate> getTableHeader()
+ {
+ return tableHeader;
+ }
+
+ public List<List<RoleTableCell>> getTable()
+ {
+ return table;
+ }
+
+ private void computeRoles( Collection<ModelRole> applicationRoles, Collection<Role> assignableRoles,
+ Collection<Role> effectivelyAssignedRoles, Collection<Role> allAssignedRoles )
+ {
+ assignedRoles = new ArrayList<String>();
+ availableRoles = new ArrayList<String>();
+ for ( Iterator<ModelRole> i = applicationRoles.iterator(); i.hasNext(); )
+ {
+ ModelRole role = i.next();
+
+ if ( isInList( role.getName(), allAssignedRoles ) )
+ {
+ if ( role.isAssignable() )
+ {
+ assignedRoles.add( role.getName() );
+ }
+ }
+ else if ( isInList( role.getName(), effectivelyAssignedRoles ) )
+ {
+ // nothing
+ }
+ else if ( isInList( role.getName(), assignableRoles ) )
+ {
+ if ( role.isAssignable() )
+ {
+ availableRoles.add( role.getName() );
+ }
+ }
+ }
+
+ Collections.sort( assignedRoles, String.CASE_INSENSITIVE_ORDER );
+ Collections.sort( availableRoles, String.CASE_INSENSITIVE_ORDER );
+ }
+
+ private Set<String> gatherResources( List<ModelTemplate> applicationTemplates, List<Role> roles )
+ {
+ Set<String> resources = new HashSet<String>();
+ for ( ModelTemplate modelTemplate : applicationTemplates )
+ {
+ for ( Role role : roles )
+ {
+ String roleName = role.getName();
+ if ( roleName.startsWith( modelTemplate.getNamePrefix() ) )
+ {
+ String delimiter = modelTemplate.getDelimiter();
+ resources.add( roleName.substring( roleName.indexOf( delimiter ) + delimiter.length() ) );
+ }
+ }
+ }
+ return resources;
+ }
+
+ private void computeTable( Collection<String> resources, Collection<Role> effectivelyAssignedRoles,
+ Collection<Role> allAssignedRoles )
+ {
+ table = new LinkedList<List<RoleTableCell>>();
+
+ List<String> resourcesList = new ArrayList<String>( resources );
+ Collections.sort( resourcesList, String.CASE_INSENSITIVE_ORDER );
+
+ for ( String resource : resourcesList )
+ {
+ LinkedList<RoleTableCell> tableRow = new LinkedList<RoleTableCell>();
+
+ RoleTableCell resourceCell = new RoleTableCell();
+ resourceCell.setName( resource );
+ resourceCell.setLabel( true );
+ tableRow.add( resourceCell );
+
+ for ( ModelTemplate modelTemplate : tableHeader )
+ {
+ RoleTableCell cell = new RoleTableCell();
+
+ cell.setName( modelTemplate.getNamePrefix() + modelTemplate.getDelimiter() + resource );
+ cell.setEffectivelyAssigned( isInList( cell.getName(), effectivelyAssignedRoles ) );
+ cell.setAssigned( isInList( cell.getName(), allAssignedRoles ) );
+ cell.setLabel( false );
+
+ tableRow.add( cell );
+ }
+
+ table.add( tableRow );
+ }
+ }
+
+ private boolean isInList( String roleName, Collection<Role> effectivelyAssignedRoles )
+ {
+ for ( Role role : effectivelyAssignedRoles )
+ {
+ if ( roleName.equals( role.getName() ) )
+ {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ public class RoleTableCell
+ {
+ private String name;
+
+ private boolean effectivelyAssigned;
+
+ private boolean assigned;
+
+ private boolean label;
+
+ public String getName()
+ {
+ return name;
+ }
+
+ public void setName( String name )
+ {
+ this.name = name;
+ }
+
+ public boolean isEffectivelyAssigned()
+ {
+ return effectivelyAssigned;
+ }
+
+ public void setEffectivelyAssigned( boolean effectivelyAssigned )
+ {
+ this.effectivelyAssigned = effectivelyAssigned;
+ }
+
+ public boolean isAssigned()
+ {
+ return assigned;
+ }
+
+ public void setAssigned( boolean assigned )
+ {
+ this.assigned = assigned;
+ }
+
+ public boolean isLabel()
+ {
+ return label;
+ }
+
+ public void setLabel( boolean label )
+ {
+ this.label = label;
+ }
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/model/ApplicationRoleDetails.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/model/ApplicationRoleDetails.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/result/AbstractBackTrackingResult.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/result/AbstractBackTrackingResult.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/result/AbstractBackTrackingResult.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/result/AbstractBackTrackingResult.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,106 @@
+package org.codehaus.plexus.redback.struts2.result;
+
+/*
+ * Copyright 2006-2007 The Codehaus Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import java.util.Map;
+import java.util.Set;
+
+import org.apache.struts2.dispatcher.ServletActionRedirectResult;
+import org.codehaus.plexus.redback.struts2.interceptor.ActionInvocationTracker;
+import org.codehaus.plexus.redback.struts2.interceptor.SavedActionInvocation;
+import com.opensymphony.xwork2.ActionInvocation;
+
+@SuppressWarnings("serial")
+public class AbstractBackTrackingResult
+ extends ServletActionRedirectResult
+{
+ public static final int PREVIOUS = 1;
+
+ public static final int CURRENT = 2;
+
+ protected boolean setupBackTrackPrevious( ActionInvocation invocation )
+ {
+ return setupBackTrack( invocation, PREVIOUS );
+ }
+
+ protected boolean setupBackTrackCurrent( ActionInvocation invocation )
+ {
+ return setupBackTrack( invocation, CURRENT );
+ }
+
+ @SuppressWarnings("unchecked")
+ protected boolean setupBackTrack( ActionInvocation invocation, int order )
+ {
+ Map session = invocation.getInvocationContext().getSession();
+ ActionInvocationTracker tracker = (ActionInvocationTracker) session.get( ActionInvocationTracker.SESSION_KEY );
+
+ if ( tracker != null && tracker.isBackTracked() )
+ {
+ SavedActionInvocation savedInvocation;
+
+ if ( order == PREVIOUS )
+ {
+ savedInvocation = tracker.getPrevious();
+ }
+ else
+ {
+ savedInvocation = tracker.getCurrent();
+ }
+
+ if ( savedInvocation != null )
+ {
+ setNamespace( savedInvocation.getNamespace() );
+ setActionName( savedInvocation.getActionName() );
+ setMethod( savedInvocation.getMethodName() );
+
+ invocation.getInvocationContext().getParameters().clear();
+ invocation.getInvocationContext().getParameters().putAll( savedInvocation.getParametersMap() );
+
+ // hack for REDBACK-188
+ String resultCode = invocation.getResultCode();
+
+ if( resultCode != null )
+ {
+ // hack for REDBACK-262
+ // set this to null so the ResultConfig parameters won't be added in the ServletActionRedirectResult
+ // because we can't clear the parameters of ResultConfig since it's read-only
+ invocation.setResultCode( null );
+
+ Set<String> keys = savedInvocation.getParametersMap().keySet();
+
+ for( String key : keys )
+ {
+ if ( !getProhibitedResultParams().contains( key ) )
+ {
+ String value = ( (String[]) savedInvocation.getParametersMap().get( key ) )[0];
+ if ( value != null && value.length() > 0 )
+ {
+ addParameter( key, conditionalParse( value, invocation ) );
+ }
+ }
+ }
+ }
+
+ tracker.unsetBackTrack();
+ }
+
+ return true;
+ }
+
+ return false;
+ }
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/result/AbstractBackTrackingResult.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/result/AbstractBackTrackingResult.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/result/SecurityExternalResult.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/result/SecurityExternalResult.java?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/result/SecurityExternalResult.java (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/result/SecurityExternalResult.java Fri Apr 6 09:58:14 2012
@@ -0,0 +1,68 @@
+package org.codehaus.plexus.redback.struts2.result;
+
+/*
+ * Copyright 2005-2006 The Codehaus.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import com.opensymphony.xwork2.ActionInvocation;
+import org.springframework.context.annotation.Scope;
+import org.springframework.stereotype.Controller;
+
+
+/**
+ * SecurityExternalResult
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+@SuppressWarnings( "serial" )
+@Controller( "securityExternalResult" )
+@Scope( "prototype" )
+public class SecurityExternalResult
+ extends AbstractBackTrackingResult
+{
+ /**
+ *
+ */
+ private String externalActionName = "redbackRedirect";
+
+ private String externalResult;
+
+ @Override
+ public void execute( ActionInvocation invocation )
+ throws Exception
+ {
+ // the login redirection is not captured by the http request
+ // tracker, so we backtrack to the current request
+ if ( !setupBackTrackCurrent( invocation ) )
+ {
+ setNamespace( "/" );
+ setActionName( externalActionName );
+ }
+
+ super.execute( invocation );
+ }
+
+ public String getExternalResult()
+ {
+ return externalResult;
+ }
+
+ public void setExternalResult( String externalResult )
+ {
+ this.externalResult = externalResult;
+ }
+
+}
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/result/SecurityExternalResult.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/java/org/codehaus/plexus/redback/struts2/result/SecurityExternalResult.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/resources/META-INF/spring-context.xml
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/resources/META-INF/spring-context.xml?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/resources/META-INF/spring-context.xml (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/resources/META-INF/spring-context.xml Fri Apr 6 09:58:14 2012
@@ -0,0 +1,34 @@
+<?xml version="1.0"?>
+
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans
+ http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
+ http://www.springframework.org/schema/context
+ http://www.springframework.org/schema/context/spring-context-3.0.xsd"
+ default-lazy-init="true">
+
+ <context:annotation-config />
+ <context:component-scan
+ base-package="org.codehaus.plexus.redback.struts2"/>
+
+</beans>
\ No newline at end of file
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/resources/META-INF/spring-context.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/resources/META-INF/spring-context.xml
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/resources/org/codehaus/plexus/redback/struts2/action/NewUserAction-validation.xml
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/resources/org/codehaus/plexus/redback/struts2/action/NewUserAction-validation.xml?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/resources/org/codehaus/plexus/redback/struts2/action/NewUserAction-validation.xml (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/resources/org/codehaus/plexus/redback/struts2/action/NewUserAction-validation.xml Fri Apr 6 09:58:14 2012
@@ -0,0 +1,50 @@
+<?xml version="1.0" ?>
+
+<!--
+ ~ Copyright 2005-2006 The Codehaus.
+ ~
+ ~ Licensed under the Apache License, Version 2.0 (the "License");
+ ~ you may not use this file except in compliance with the License.
+ ~ You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing, software
+ ~ distributed under the License is distributed on an "AS IS" BASIS,
+ ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ ~ See the License for the specific language governing permissions and
+ ~ limitations under the License.
+ -->
+
+<!DOCTYPE validators PUBLIC "-//OpenSymphony Group//XWork Validator 1.0.2//EN"
+ "http://www.opensymphony.com/xwork/xwork-validator-1.0.2.dtd">
+
+<validators>
+ <field name="username">
+ <field-validator type="requiredstring">
+ <message>You must provide a user name.</message>
+ </field-validator>
+ </field>
+
+ <field name="fullName">
+ <field-validator type="requiredstring">
+ <message>You must provide your full name.</message>
+ </field-validator>
+ </field>
+
+ <field name="email">
+ <field-validator type="required">
+ <message>You must provide your email address.</message>
+ </field-validator>
+ <field-validator type="email">
+ <message>The email address you entered is invalid.</message>
+ </field-validator>
+ </field>
+
+ <field name="password">
+ <field-validator type="expression">
+ <param name="expression">passaword.equals(passwordConfirm)</param>
+ <message>Passwords are not the same.</message>
+ </field-validator>
+ </field>
+</validators>
\ No newline at end of file
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/resources/org/codehaus/plexus/redback/struts2/action/NewUserAction-validation.xml
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/resources/org/codehaus/plexus/redback/struts2/action/NewUserAction-validation.xml
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
Added: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/resources/org/extremecomponents/table/resource/extremetableResourceBundle_fr_FR.properties
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/resources/org/extremecomponents/table/resource/extremetableResourceBundle_fr_FR.properties?rev=1310268&view=auto
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/resources/org/extremecomponents/table/resource/extremetableResourceBundle_fr_FR.properties (added)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/resources/org/extremecomponents/table/resource/extremetableResourceBundle_fr_FR.properties Fri Apr 6 09:58:14 2012
@@ -0,0 +1,31 @@
+statusbar.resultsFound={0} résultats trouvés, affichage de {1} à {2}
+statusbar.noResultsFound=Aucun résultat n'a été trouvé.
+
+toolbar.tooltip.firstPage=Première Page
+toolbar.tooltip.lastPage=Dernière Page
+toolbar.tooltip.prevPage=Page précédente
+toolbar.tooltip.nextPage=Page suivante
+toolbar.tooltip.filter=Filtrer
+toolbar.tooltip.clear=Effacer
+
+column.headercell.tooltip.sort=Trier par
+
+
+toolbar.tooltip.xls=Export XLS
+toolbar.tooltip.pdf=Export PDF
+toolbar.tooltip.csv=Export CSV
+toolbar.tooltip.xml=Export XML
+
+toolbar.text.firstPage=Premi\u00e8re
+toolbar.text.lastPage=Derni\u00e8re
+toolbar.text.nextPage=Suivante
+toolbar.text.prevPage=Pr\u00e9c\u00e9dente
+toolbar.text.filter=Filter
+toolbar.text.clear=Effacer
+toolbar.text.xls=XLS
+toolbar.text.pdf=PDF
+toolbar.text.csv=CSV
+toolbar.text.xml=XML
+
+column.calc.total=Total
+column.calc.average=Moyenne
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/resources/org/extremecomponents/table/resource/extremetableResourceBundle_fr_FR.properties
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: archiva/redback/redback-core/trunk/redback-integrations/redback-struts2/redback-struts2-integration/src/main/resources/org/extremecomponents/table/resource/extremetableResourceBundle_fr_FR.properties
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision