You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@archiva.apache.org by ev...@apache.org on 2009/03/11 07:12:18 UTC
svn commit: r752384 - in /archiva/trunk/archiva-modules/archiva-web:
archiva-security/src/main/java/org/apache/maven/archiva/security/
archiva-webapp/src/main/java/org/apache/maven/archiva/web/startup/
archiva-webdav/src/test/java/org/apache/maven/arch...
Author: evenisse
Date: Wed Mar 11 06:12:17 2009
New Revision: 752384
URL: http://svn.apache.org/viewvc?rev=752384&view=rev
Log:
[ARCHIVA-938] Remove harcoded guest user
Modified:
archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaRoleConstants.java
archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaXworkUser.java
archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/SecurityStartup.java
archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/startup/SecuritySynchronization.java
archiva/trunk/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/RepositoryServletSecurityTest.java
Modified: archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaRoleConstants.java
URL: http://svn.apache.org/viewvc/archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaRoleConstants.java?rev=752384&r1=752383&r2=752384&view=diff
==============================================================================
--- archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaRoleConstants.java (original)
+++ archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaRoleConstants.java Wed Mar 11 06:12:17 2009
@@ -36,10 +36,6 @@
public static final String GUEST_ROLE = "Guest";
- // principals
-
- public static final String PRINCIPAL_GUEST = "guest";
-
// dynamic role prefixes
public static final String REPOSITORY_MANAGER_ROLE_PREFIX = "Repository Manager";
Modified: archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaXworkUser.java
URL: http://svn.apache.org/viewvc/archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaXworkUser.java?rev=752384&r1=752383&r2=752384&view=diff
==============================================================================
--- archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaXworkUser.java (original)
+++ archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaXworkUser.java Wed Mar 11 06:12:17 2009
@@ -24,34 +24,25 @@
import org.codehaus.plexus.redback.system.SecuritySession;
import org.codehaus.plexus.redback.system.SecuritySystemConstants;
import org.codehaus.plexus.redback.users.User;
+import org.codehaus.plexus.redback.users.UserManager;
import org.codehaus.plexus.registry.Registry;
/**
- * ArchivaXworkUser
+ * ArchivaXworkUser
*
* @version $Id$
- *
* @plexus.component role="org.apache.maven.archiva.security.ArchivaXworkUser"
*/
public class ArchivaXworkUser
{
- /**
- * @plexus.requirement role-hint="commons-configuration"
- */
- private Registry registry;
-
- private static final String KEY = "org.codehaus.plexus.redback";
-
- private static String guest;
-
public String getActivePrincipal( Map<String, Object> sessionMap )
- {
+ {
if ( sessionMap == null )
{
return getGuest();
}
- SecuritySession securitySession =
+ SecuritySession securitySession =
(SecuritySession) sessionMap.get( SecuritySystemConstants.SECURITY_SESSION_KEY );
if ( securitySession == null )
@@ -64,28 +55,17 @@
return getGuest();
}
- User user = securitySession.getUser();
+ User user = securitySession.getUser();
if ( user == null )
{
return getGuest();
}
return (String) user.getPrincipal();
- }
-
- public String getGuest()
- {
- if( guest == null || "".equals( guest ) )
- {
- Registry subset = registry.getSubset( KEY );
- guest = subset.getString( "redback.default.guest", ArchivaRoleConstants.PRINCIPAL_GUEST );
- }
-
- return guest;
}
-
- public void setGuest( String guesT )
+
+ public String getGuest()
{
- guest = guesT;
+ return UserManager.GUEST_USERNAME;
}
}
Modified: archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/SecurityStartup.java
URL: http://svn.apache.org/viewvc/archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/SecurityStartup.java?rev=752384&r1=752383&r2=752384&view=diff
==============================================================================
--- archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/SecurityStartup.java (original)
+++ archiva/trunk/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/SecurityStartup.java Wed Mar 11 06:12:17 2009
@@ -39,17 +39,16 @@
import org.slf4j.LoggerFactory;
/**
- * SecurityStartup
+ * SecurityStartup
*
* @version $Id$
- *
* @plexus.component role="org.apache.maven.archiva.security.SecurityStartup"
*/
public class SecurityStartup
implements RegistryListener
{
private Logger log = LoggerFactory.getLogger( SecurityStartup.class );
-
+
/**
* @plexus.requirement
*/
@@ -70,6 +69,11 @@
*/
private ArchivaConfiguration archivaConfiguration;
+ /**
+ * @plexus.requirement
+ */
+ private ArchivaXworkUser archivaXworkUser;
+
public void afterConfigurationChange( Registry registry, String propertyName, Object propertyValue )
{
if ( ConfigurationNames.isManagedRepositories( propertyName ) )
@@ -84,8 +88,7 @@
{
String repoId = repoConfig.getId();
- // TODO: Use the Redback / UserConfiguration..getString( "redback.default.guest" ) to get the right name.
- String principal = "guest";
+ String principal = archivaXworkUser.getGuest();
try
{
@@ -106,8 +109,8 @@
catch ( RbacManagerException e )
{
log.warn(
- "Unable to add role [" + ArchivaRoleConstants.toRepositoryObserverRoleName( repoId )
- + "] to " + principal + " user.", e );
+ "Unable to add role [" + ArchivaRoleConstants.toRepositoryObserverRoleName( repoId ) + "] to " +
+ principal + " user.", e );
}
}
}
@@ -156,8 +159,8 @@
{
if ( ( checkers == null ) || CollectionUtils.isEmpty( checkers.values() ) )
{
- throw new ArchivaException( "Unable to initialize the Redback Security Environment, "
- + "no Environment Check components found." );
+ throw new ArchivaException(
+ "Unable to initialize the Redback Security Environment, " + "no Environment Check components found." );
}
List<String> violations = new ArrayList<String>();
@@ -186,8 +189,8 @@
msg.append( "======================================================================" );
log.error( msg.toString() );
- throw new ArchivaException( "Unable to initialize Redback Security Environment, [" + violations.size()
- + "] violation(s) encountered, See log for details." );
+ throw new ArchivaException( "Unable to initialize Redback Security Environment, [" + violations.size() +
+ "] violation(s) encountered, See log for details." );
}
}
Modified: archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/startup/SecuritySynchronization.java
URL: http://svn.apache.org/viewvc/archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/startup/SecuritySynchronization.java?rev=752384&r1=752383&r2=752384&view=diff
==============================================================================
--- archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/startup/SecuritySynchronization.java (original)
+++ archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/java/org/apache/maven/archiva/web/startup/SecuritySynchronization.java Wed Mar 11 06:12:17 2009
@@ -30,6 +30,7 @@
import org.apache.maven.archiva.configuration.ConfigurationNames;
import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration;
import org.apache.maven.archiva.security.ArchivaRoleConstants;
+import org.apache.maven.archiva.security.ArchivaXworkUser;
import org.codehaus.plexus.redback.rbac.RBACManager;
import org.codehaus.plexus.redback.rbac.RbacManagerException;
import org.codehaus.plexus.redback.rbac.UserAssignment;
@@ -45,7 +46,6 @@
* ConfigurationSynchronization
*
* @version $Id$
- *
* @plexus.component role="org.apache.maven.archiva.web.startup.SecuritySynchronization"
* role-hint="default"
*/
@@ -53,7 +53,7 @@
implements RegistryListener
{
private Logger log = LoggerFactory.getLogger( SecuritySynchronization.class );
-
+
/**
* @plexus.requirement role-hint="default"
*/
@@ -74,6 +74,11 @@
*/
private ArchivaConfiguration archivaConfiguration;
+ /**
+ * @plexus.requirement
+ */
+ private ArchivaXworkUser archivaXworkUser;
+
public void afterConfigurationChange( Registry registry, String propertyName, Object propertyValue )
{
if ( ConfigurationNames.isManagedRepositories( propertyName ) )
@@ -96,18 +101,18 @@
// manage roles for repositories
try
{
- if ( !roleManager.templatedRoleExists( ArchivaRoleConstants.TEMPLATE_REPOSITORY_OBSERVER, repoConfig
- .getId() ) )
+ if ( !roleManager.templatedRoleExists( ArchivaRoleConstants.TEMPLATE_REPOSITORY_OBSERVER,
+ repoConfig.getId() ) )
{
- roleManager.createTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_OBSERVER, repoConfig
- .getId() );
+ roleManager.createTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_OBSERVER,
+ repoConfig.getId() );
}
- if ( !roleManager.templatedRoleExists( ArchivaRoleConstants.TEMPLATE_REPOSITORY_MANAGER, repoConfig
- .getId() ) )
+ if ( !roleManager.templatedRoleExists( ArchivaRoleConstants.TEMPLATE_REPOSITORY_MANAGER,
+ repoConfig.getId() ) )
{
- roleManager.createTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_MANAGER, repoConfig
- .getId() );
+ roleManager.createTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_MANAGER,
+ repoConfig.getId() );
}
}
catch ( RoleManagerException e )
@@ -137,8 +142,8 @@
{
if ( ( checkers == null ) || CollectionUtils.isEmpty( checkers.values() ) )
{
- throw new ArchivaException( "Unable to initialize the Redback Security Environment, "
- + "no Environment Check components found." );
+ throw new ArchivaException(
+ "Unable to initialize the Redback Security Environment, " + "no Environment Check components found." );
}
List<String> violations = new ArrayList<String>();
@@ -172,8 +177,8 @@
msg.append( "======================================================================" );
log.error( msg.toString() );
- throw new ArchivaException( "Unable to initialize Redback Security Environment, [" + violations.size()
- + "] violation(s) encountered, See log for details." );
+ throw new ArchivaException( "Unable to initialize Redback Security Environment, [" + violations.size() +
+ "] violation(s) encountered, See log for details." );
}
}
@@ -182,10 +187,9 @@
for ( ManagedRepositoryConfiguration repoConfig : repos )
{
String repoId = repoConfig.getId();
-
- // TODO: Use the Redback / UserConfiguration..getString( "redback.default.guest" ) to get the right name.
- String principal = "guest";
-
+
+ String principal = archivaXworkUser.getGuest();
+
try
{
UserAssignment ua;
@@ -204,8 +208,9 @@
}
catch ( RbacManagerException e )
{
- log.warn( "Unable to add role [" + ArchivaRoleConstants.toRepositoryObserverRoleName( repoId )
- + "] to " + principal + " user.", e );
+ log.warn(
+ "Unable to add role [" + ArchivaRoleConstants.toRepositoryObserverRoleName( repoId ) + "] to " +
+ principal + " user.", e );
}
}
}
Modified: archiva/trunk/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/RepositoryServletSecurityTest.java
URL: http://svn.apache.org/viewvc/archiva/trunk/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/RepositoryServletSecurityTest.java?rev=752384&r1=752383&r2=752384&view=diff
==============================================================================
--- archiva/trunk/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/RepositoryServletSecurityTest.java (original)
+++ archiva/trunk/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/RepositoryServletSecurityTest.java Wed Mar 11 06:12:17 2009
@@ -85,8 +85,6 @@
private HttpAuthenticator httpAuth;
- private ArchivaXworkUser archivaXworkUser;
-
private RepositoryServlet servlet;
public void setUp()
@@ -125,8 +123,7 @@
httpAuthControl.setDefaultMatcher( MockControl.ALWAYS_MATCHER );
httpAuth = (HttpAuthenticator) httpAuthControl.getMock();
- archivaXworkUser = new ArchivaXworkUser();
- archivaXworkUser.setGuest( "guest" );
+ ArchivaXworkUser archivaXworkUser = (ArchivaXworkUser) lookup( ArchivaXworkUser.class );
davSessionProvider = new ArchivaDavSessionProvider( servletAuth, httpAuth, archivaXworkUser );
}