You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@archiva.apache.org by ol...@apache.org on 2013/01/08 23:46:30 UTC
svn commit: r1430601 - in /archiva/redback/redback-core/trunk:
redback-authentication/redback-authentication-providers/redback-authentication-ldap/src/test/resources/
redback-authorization/redback-authorization-providers/redback-authorization-ldap/
red...
Author: olamy
Date: Tue Jan 8 22:46:30 2013
New Revision: 1430601
URL: http://svn.apache.org/viewvc?rev=1430601&view=rev
Log:
[MRM-1736] map roles to ldap groups
Modified:
archiva/redback/redback-core/trunk/redback-authentication/redback-authentication-providers/redback-authentication-ldap/src/test/resources/security.properties
archiva/redback/redback-core/trunk/redback-authorization/redback-authorization-providers/redback-authorization-ldap/pom.xml
archiva/redback/redback-core/trunk/redback-authorization/redback-authorization-providers/redback-authorization-ldap/src/main/java/org/apache/archiva/redback/authorization/ldap/LdapAuthorizer.java
archiva/redback/redback-core/trunk/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/DefaultLdapRoleMapper.java
archiva/redback/redback-core/trunk/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/LdapRoleMapper.java
archiva/redback/redback-core/trunk/redback-common/redback-common-test-resources/src/main/resources/org/apache/archiva/redback/config-defaults.properties
archiva/redback/redback-core/trunk/redback-configuration/src/main/java/org/apache/archiva/redback/configuration/UserConfigurationKeys.java
archiva/redback/redback-core/trunk/redback-configuration/src/main/resources/org/apache/archiva/redback/config-defaults.properties
archiva/redback/redback-core/trunk/redback-data-management/src/test/resources/org/apache/archiva/redback/config-defaults.properties
archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/apache/archiva/redback/integration/checks/security/GuestUserEnvironmentCheck.java
archiva/redback/redback-core/trunk/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/DefaultUserService.java
archiva/redback/redback-core/trunk/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/AbstractRBACManager.java
Modified: archiva/redback/redback-core/trunk/redback-authentication/redback-authentication-providers/redback-authentication-ldap/src/test/resources/security.properties
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-authentication/redback-authentication-providers/redback-authentication-ldap/src/test/resources/security.properties?rev=1430601&r1=1430600&r2=1430601&view=diff
==============================================================================
--- archiva/redback/redback-core/trunk/redback-authentication/redback-authentication-providers/redback-authentication-ldap/src/test/resources/security.properties (original)
+++ archiva/redback/redback-core/trunk/redback-authentication/redback-authentication-providers/redback-authentication-ldap/src/test/resources/security.properties Tue Jan 8 22:46:30 2013
@@ -17,4 +17,5 @@
user.manager.impl=ldap
ldap.bind.authenticator.enabled=true
redback.default.admin=adminuser
+redback.default.guest=guest
security.policy.password.expiration.enabled=false
Modified: archiva/redback/redback-core/trunk/redback-authorization/redback-authorization-providers/redback-authorization-ldap/pom.xml
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-authorization/redback-authorization-providers/redback-authorization-ldap/pom.xml?rev=1430601&r1=1430600&r2=1430601&view=diff
==============================================================================
--- archiva/redback/redback-core/trunk/redback-authorization/redback-authorization-providers/redback-authorization-ldap/pom.xml (original)
+++ archiva/redback/redback-core/trunk/redback-authorization/redback-authorization-providers/redback-authorization-ldap/pom.xml Tue Jan 8 22:46:30 2013
@@ -37,6 +37,10 @@
<artifactId>redback-authorization-api</artifactId>
</dependency>
<dependency>
+ <groupId>org.apache.archiva.redback</groupId>
+ <artifactId>redback-rbac-model</artifactId>
+ </dependency>
+ <dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context-support</artifactId>
</dependency>
@@ -62,7 +66,13 @@
</Export-Package>
<Import-Package>
org.apache.archiva.redback.authorization;version=${project.version},
- org.springframework.stereotype;version="[3,4)"
+ org.springframework.stereotype;version="[3,4)",
+ javax.inject,
+ org.apache.archiva.redback.common.ldap,
+ org.apache.archiva.redback.common.ldap.role,
+ org.apache.archiva.redback.rbac,
+ org.apache.commons.lang,
+ org.slf4j
</Import-Package>
</instructions>
</configuration>
Modified: archiva/redback/redback-core/trunk/redback-authorization/redback-authorization-providers/redback-authorization-ldap/src/main/java/org/apache/archiva/redback/authorization/ldap/LdapAuthorizer.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-authorization/redback-authorization-providers/redback-authorization-ldap/src/main/java/org/apache/archiva/redback/authorization/ldap/LdapAuthorizer.java?rev=1430601&r1=1430600&r2=1430601&view=diff
==============================================================================
--- archiva/redback/redback-core/trunk/redback-authorization/redback-authorization-providers/redback-authorization-ldap/src/main/java/org/apache/archiva/redback/authorization/ldap/LdapAuthorizer.java (original)
+++ archiva/redback/redback-core/trunk/redback-authorization/redback-authorization-providers/redback-authorization-ldap/src/main/java/org/apache/archiva/redback/authorization/ldap/LdapAuthorizer.java Tue Jan 8 22:46:30 2013
@@ -22,8 +22,33 @@ import org.apache.archiva.redback.author
import org.apache.archiva.redback.authorization.AuthorizationException;
import org.apache.archiva.redback.authorization.AuthorizationResult;
import org.apache.archiva.redback.authorization.Authorizer;
+import org.apache.archiva.redback.common.ldap.MappingException;
+import org.apache.archiva.redback.common.ldap.role.LdapRoleMapper;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.RbacObjectNotFoundException;
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.users.UserManagerException;
+import org.apache.archiva.redback.users.UserNotFoundException;
+import org.apache.commons.lang.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
+import javax.inject.Inject;
+import javax.inject.Named;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
/**
* @author Olivier Lamy
* @since 2.1
@@ -32,6 +57,17 @@ import org.springframework.stereotype.Se
public class LdapAuthorizer
implements Authorizer
{
+
+ private Logger log = LoggerFactory.getLogger( getClass() );
+
+ @Inject
+ @Named( value = "rbacManager#cached" )
+ private RBACManager rbacManager;
+
+ @Inject
+ private LdapRoleMapper ldapRoleMapper;
+
+
public String getId()
{
return "ldap";
@@ -40,7 +76,232 @@ public class LdapAuthorizer
public AuthorizationResult isAuthorized( AuthorizationDataSource source )
throws AuthorizationException
{
+
+ String userName = StringUtils.isEmpty( source.getPrincipal() ) ? "guest" : source.getPrincipal();
+ String operation = source.getPermission();
+ String resource = source.getResource();
+ try
+ {
+ List<String> ldapGroups = ldapRoleMapper.getGroups( userName );
+
+ List<String> roles = mapLdapGroups( ldapGroups );
+
+ Map<String, List<Permission>> permissionMap = getAssignedPermissionMap( roles );
+
+ if ( permissionMap.keySet().contains( operation ) )
+ {
+ for ( Permission permission : permissionMap.get( operation ) )
+ {
+
+ log.debug( "checking permission {} for operation {} resource {}",
+ ( permission != null ? permission.getName() : "null" ), operation, resource );
+
+ if ( evaluate( permission, operation, resource, userName ) )
+ {
+ return new AuthorizationResult( true, permission, null );
+ }
+ }
+
+ log.debug( "no permission found for operation {} resource {}", operation, resource );
+ }
+ else
+ {
+ log.debug( "permission map does not contain operation: {}", operation );
+ }
+
+ }
+ catch ( MappingException e )
+ {
+ log.info( "skip MappingException trying to find LDAP roles for user: '{}", userName );
+ }
+ catch ( RbacManagerException e )
+ {
+ log.info( "skip RbacManagerException trying to find LDAP roles for user: '{}", userName );
+ }
return null;
+
+ }
+
+ protected List<String> mapLdapGroups( List<String> groups )
+ throws MappingException
+ {
+ List<String> roles = new ArrayList<String>();
+
+ Map<String, String> mapping = ldapRoleMapper.getLdapGroupMappings();
+
+ for ( String group : groups )
+ {
+ String role = mapping.get( group );
+ if ( role != null )
+ {
+ roles.add( role );
+ }
+ }
+
+ return roles;
+ }
+
+ public Map<String, List<Permission>> getAssignedPermissionMap( List<String> roles )
+ throws RbacObjectNotFoundException, RbacManagerException
+ {
+ return getPermissionMapByOperation( getAssignedPermissions( roles ) );
+ }
+
+ public Set<Permission> getAssignedPermissions( List<String> roles )
+ throws RbacObjectNotFoundException, RbacManagerException
+ {
+
+ Set<Permission> permissionSet = new HashSet<Permission>();
+
+ boolean childRoleNamesUpdated = false;
+
+ Iterator<String> it = roles.iterator();
+ while ( it.hasNext() )
+ {
+ String roleName = it.next();
+ try
+ {
+ Role role = rbacManager.getRole( roleName );
+ gatherUniquePermissions( role, permissionSet );
+ }
+ catch ( RbacObjectNotFoundException e )
+ {
+ // Found a bad role name. remove it!
+ it.remove();
+ childRoleNamesUpdated = true;
+ }
+ }
+
+ return permissionSet;
+ }
+
+ private void gatherUniquePermissions( Role role, Collection<Permission> coll )
+ throws RbacManagerException
+ {
+ if ( role.getPermissions() != null )
+ {
+ for ( Permission permission : role.getPermissions() )
+ {
+ if ( !coll.contains( permission ) )
+ {
+ coll.add( permission );
+ }
+ }
+ }
+
+ if ( role.hasChildRoles() )
+ {
+ Map<String, Role> childRoles = getChildRoles( role );
+ Iterator<Role> it = childRoles.values().iterator();
+ while ( it.hasNext() )
+ {
+ Role child = it.next();
+ gatherUniquePermissions( child, coll );
+ }
+ }
+ }
+
+ public Map<String, Role> getChildRoles( Role role )
+ throws RbacManagerException
+ {
+ Map<String, Role> childRoles = new HashMap<String, Role>();
+
+ boolean childRoleNamesUpdated = false;
+
+ Iterator<String> it = role.getChildRoleNames().listIterator();
+ while ( it.hasNext() )
+ {
+ String roleName = it.next();
+ try
+ {
+ Role child = rbacManager.getRole( roleName );
+ childRoles.put( child.getName(), child );
+ }
+ catch ( RbacObjectNotFoundException e )
+ {
+ // Found a bad roleName! - remove it.
+ it.remove();
+ childRoleNamesUpdated = true;
+ }
+ }
+
+ return childRoles;
+ }
+
+
+ private Map<String, List<Permission>> getPermissionMapByOperation( Collection<Permission> permissions )
+ {
+ Map<String, List<Permission>> userPermMap = new HashMap<String, List<Permission>>();
+
+ for ( Permission permission : permissions )
+ {
+ List<Permission> permList = userPermMap.get( permission.getOperation().getName() );
+
+ if ( permList != null )
+ {
+ permList.add( permission );
+ }
+ else
+ {
+ List<Permission> newPermList = new ArrayList<Permission>( permissions.size() );
+ newPermList.add( permission );
+ userPermMap.put( permission.getOperation().getName(), newPermList );
+ }
+ }
+
+ return userPermMap;
+ }
+
+ public boolean evaluate( Permission permission, String operation, String resource, String principal )
+ {
+ String permissionResource = permission.getResource().getIdentifier();
+
+ // expression evaluation checking
+ /*if ( permissionResource.startsWith( "${" ) )
+ {
+ String tempStr = permissionResource.substring( 2, permissionResource.indexOf( '}' ) );
+
+ if ( "username".equals( tempStr ) )
+ {
+ try
+ {
+ permissionResource = userManager.findUser( principal ).getUsername();
+ }
+ catch ( UserNotFoundException e )
+ {
+ throw new PermissionEvaluationException( "unable to locate user to retrieve username", e );
+ }
+ catch ( UserManagerException e )
+ {
+ throw new PermissionEvaluationException( "trouble finding user: " + e.getMessage(), e );
+ }
+ }
+ }*/
+
+ // check if this permission applies to the operation at all
+ if ( permission.getOperation().getName().equals( operation ) )
+ {
+ // check if it is a global resource, if it is then since the operations match we return true
+ if ( Resource.GLOBAL.equals( permission.getResource().getIdentifier() ) )
+ {
+ return true;
+ }
+
+ // if we are not checking a specific resource, the operation is enough
+ if ( resource == null )
+ {
+ return true;
+ }
+
+ // check if the resource identifier of the permission matches the resource we are checking against
+ // if it does then return true
+ if ( permissionResource.equals( resource ) )
+ {
+ return true;
+ }
+ }
+
+ return false;
}
public boolean isFinalImplementation()
Modified: archiva/redback/redback-core/trunk/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/DefaultLdapRoleMapper.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/DefaultLdapRoleMapper.java?rev=1430601&r1=1430600&r2=1430601&view=diff
==============================================================================
--- archiva/redback/redback-core/trunk/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/DefaultLdapRoleMapper.java (original)
+++ archiva/redback/redback-core/trunk/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/DefaultLdapRoleMapper.java Tue Jan 8 22:46:30 2013
@@ -40,6 +40,7 @@ import javax.naming.directory.SearchCont
import javax.naming.directory.SearchResult;
import java.util.ArrayList;
import java.util.Collections;
+import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -76,9 +77,9 @@ public class DefaultLdapRoleMapper
{
this.ldapGroupClass = userConf.getString( UserConfigurationKeys.LDAP_GROUPS_CLASS, this.ldapGroupClass );
- this.groupsDn = userConf.getString( UserConfigurationKeys.LDAP_GROUPS_BASEDN, this.groupsDn );
+ this.groupsDn = userConf.getConcatenatedList( UserConfigurationKeys.LDAP_GROUPS_BASEDN, this.groupsDn );
- this.baseDn = userConf.getString( UserConfigurationKeys.LDAP_BASEDN, this.baseDn );
+ this.baseDn = userConf.getConcatenatedList( UserConfigurationKeys.LDAP_BASEDN, this.baseDn );
}
public String getLdapGroup( String role )
@@ -345,8 +346,11 @@ public class DefaultLdapRoleMapper
public Map<String, String> getLdapGroupMappings()
{
- log.warn( "getLdapGroupMappings not implemented" );
- return Collections.emptyMap();
+ Map<String, String> map = new HashMap<String, String>();
+ map.put( "archiva-admin", "System Administrator" );
+ //log.warn( "getLdapGroupMappings not implemented" );
+ //return Collections.emptyMap();
+ return map;
}
//---------------------------------
Modified: archiva/redback/redback-core/trunk/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/LdapRoleMapper.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/LdapRoleMapper.java?rev=1430601&r1=1430600&r2=1430601&view=diff
==============================================================================
--- archiva/redback/redback-core/trunk/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/LdapRoleMapper.java (original)
+++ archiva/redback/redback-core/trunk/redback-common/redback-common-ldap/src/main/java/org/apache/archiva/redback/common/ldap/role/LdapRoleMapper.java Tue Jan 8 22:46:30 2013
@@ -88,7 +88,7 @@ public interface LdapRoleMapper
throws MappingException;
/**
- * @return Map of corresponding Redback role (key) and LDAP group (value)
+ * @return Map of corresponding LDAP group (key) and Redback role (value)
*/
Map<String, String> getLdapGroupMappings()
throws MappingException;
Modified: archiva/redback/redback-core/trunk/redback-common/redback-common-test-resources/src/main/resources/org/apache/archiva/redback/config-defaults.properties
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-common/redback-common-test-resources/src/main/resources/org/apache/archiva/redback/config-defaults.properties?rev=1430601&r1=1430600&r2=1430601&view=diff
==============================================================================
--- archiva/redback/redback-core/trunk/redback-common/redback-common-test-resources/src/main/resources/org/apache/archiva/redback/config-defaults.properties (original)
+++ archiva/redback/redback-core/trunk/redback-common/redback-common-test-resources/src/main/resources/org/apache/archiva/redback/config-defaults.properties Tue Jan 8 22:46:30 2013
@@ -78,6 +78,7 @@ security.signon.timeout=30
# --------------------------------------------------------------------
# Default Username Values
redback.default.admin=admin
+redback.default.guest=guest
# --------------------------------------------------------------------
# Security Policies
Modified: archiva/redback/redback-core/trunk/redback-configuration/src/main/java/org/apache/archiva/redback/configuration/UserConfigurationKeys.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-configuration/src/main/java/org/apache/archiva/redback/configuration/UserConfigurationKeys.java?rev=1430601&r1=1430600&r2=1430601&view=diff
==============================================================================
--- archiva/redback/redback-core/trunk/redback-configuration/src/main/java/org/apache/archiva/redback/configuration/UserConfigurationKeys.java (original)
+++ archiva/redback/redback-core/trunk/redback-configuration/src/main/java/org/apache/archiva/redback/configuration/UserConfigurationKeys.java Tue Jan 8 22:46:30 2013
@@ -28,6 +28,8 @@ public interface UserConfigurationKeys
String DEFAULT_ADMIN = "redback.default.admin";
+ String DEFAULT_GUEST = "redback.default.guest";
+
String EMAIL_FROM_ADDRESS = "email.from.address";
String EMAIL_FROM_NAME = "email.from.name";
Modified: archiva/redback/redback-core/trunk/redback-configuration/src/main/resources/org/apache/archiva/redback/config-defaults.properties
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-configuration/src/main/resources/org/apache/archiva/redback/config-defaults.properties?rev=1430601&r1=1430600&r2=1430601&view=diff
==============================================================================
--- archiva/redback/redback-core/trunk/redback-configuration/src/main/resources/org/apache/archiva/redback/config-defaults.properties (original)
+++ archiva/redback/redback-core/trunk/redback-configuration/src/main/resources/org/apache/archiva/redback/config-defaults.properties Tue Jan 8 22:46:30 2013
@@ -83,6 +83,7 @@ security.signon.timeout=30
# --------------------------------------------------------------------
# Default Username Values
redback.default.admin=admin
+redback.default.guest=guest
# --------------------------------------------------------------------
# Security Policies
Modified: archiva/redback/redback-core/trunk/redback-data-management/src/test/resources/org/apache/archiva/redback/config-defaults.properties
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-data-management/src/test/resources/org/apache/archiva/redback/config-defaults.properties?rev=1430601&r1=1430600&r2=1430601&view=diff
==============================================================================
--- archiva/redback/redback-core/trunk/redback-data-management/src/test/resources/org/apache/archiva/redback/config-defaults.properties (original)
+++ archiva/redback/redback-core/trunk/redback-data-management/src/test/resources/org/apache/archiva/redback/config-defaults.properties Tue Jan 8 22:46:30 2013
@@ -82,6 +82,7 @@ security.signon.timeout=30
# --------------------------------------------------------------------
# Default Username Values
redback.default.admin=admin
+redback.default.guest=guest
# --------------------------------------------------------------------
# Security Policies
Modified: archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/apache/archiva/redback/integration/checks/security/GuestUserEnvironmentCheck.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/apache/archiva/redback/integration/checks/security/GuestUserEnvironmentCheck.java?rev=1430601&r1=1430600&r2=1430601&view=diff
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/apache/archiva/redback/integration/checks/security/GuestUserEnvironmentCheck.java (original)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-common-integrations/src/main/java/org/apache/archiva/redback/integration/checks/security/GuestUserEnvironmentCheck.java Tue Jan 8 22:46:30 2013
@@ -19,6 +19,8 @@ package org.apache.archiva.redback.integ
* under the License.
*/
+import org.apache.archiva.redback.configuration.UserConfiguration;
+import org.apache.archiva.redback.configuration.UserConfigurationKeys;
import org.apache.archiva.redback.policy.UserSecurityPolicy;
import org.apache.archiva.redback.role.RoleManagerException;
import org.apache.archiva.redback.users.User;
@@ -31,6 +33,7 @@ import org.apache.archiva.redback.users.
import org.springframework.stereotype.Service;
import javax.inject.Inject;
+import javax.inject.Named;
import java.util.List;
/**
@@ -49,6 +52,10 @@ public class GuestUserEnvironmentCheck
@Inject
private SecuritySystem securitySystem;
+ @Inject
+ @Named( value = "userConfiguration#default" )
+ private UserConfiguration config;
+
/**
* boolean detailing if this environment check has been executed
*/
@@ -86,7 +93,7 @@ public class GuestUserEnvironmentCheck
try
{
- roleManager.assignRole( "guest", guest.getUsername() );
+ roleManager.assignRole( config.getString( UserConfigurationKeys.DEFAULT_GUEST ), guest.getUsername() );
}
catch ( RoleManagerException rpe )
{
Modified: archiva/redback/redback-core/trunk/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/DefaultUserService.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/DefaultUserService.java?rev=1430601&r1=1430600&r2=1430601&view=diff
==============================================================================
--- archiva/redback/redback-core/trunk/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/DefaultUserService.java (original)
+++ archiva/redback/redback-core/trunk/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/DefaultUserService.java Tue Jan 8 22:46:30 2013
@@ -453,7 +453,7 @@ public class DefaultUserService
org.apache.archiva.redback.users.User user = userManager.createGuestUser();
user.setPasswordChangeRequired( false );
user = userManager.updateUser( user, false );
- roleManager.assignRole( "guest", user.getUsername() );
+ roleManager.assignRole( config.getString( UserConfigurationKeys.DEFAULT_GUEST ), user.getUsername() );
return getSimpleUser( user );
}
catch ( RoleManagerException e )
Modified: archiva/redback/redback-core/trunk/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/AbstractRBACManager.java
URL: http://svn.apache.org/viewvc/archiva/redback/redback-core/trunk/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/AbstractRBACManager.java?rev=1430601&r1=1430600&r2=1430601&view=diff
==============================================================================
--- archiva/redback/redback-core/trunk/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/AbstractRBACManager.java (original)
+++ archiva/redback/redback-core/trunk/redback-rbac/redback-rbac-model/src/main/java/org/apache/archiva/redback/rbac/AbstractRBACManager.java Tue Jan 8 22:46:30 2013
@@ -723,7 +723,7 @@ public abstract class AbstractRBACManage
Iterator<String> it = role.getChildRoleNames().listIterator();
while ( it.hasNext() )
{
- String roleName = (String) it.next();
+ String roleName = it.next();
try
{
Role child = getRole( roleName );