You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by la...@apache.org on 2012/12/18 23:02:16 UTC
svn commit: r1423690 - in /airavata/trunk/modules: integration-tests/
rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/
rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/basic/
rest/service/src...
Author: lahiru
Date: Tue Dec 18 22:02:11 2012
New Revision: 1423690
URL: http://svn.apache.org/viewvc?rev=1423690&view=rev
Log:
Fixing AIRAVATA-676 and AIRAVATA-675. Also cleaned up some code related to integration tests and rest services. Thanks Amila
Added:
airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/ServletRequestHelper.java
airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/services/registry/rest/security/AbstractAuthenticatorTest.java
airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/services/registry/rest/security/MyHttpServletRequest.java
airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/services/registry/rest/security/basic/
airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/services/registry/rest/security/basic/BasicAccessAuthenticatorTest.java
airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/services/registry/rest/security/session/
airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/services/registry/rest/security/session/SessionAuthenticatorTest.java
airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/util/PasswordDigester.java
- copied, changed from r1422437, airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/util/SecurityUtil.java
Removed:
airavata/trunk/modules/integration-tests/derby-stop.txt
airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/security/
airavata/trunk/modules/rest/service/src/test/resources/disabled-authenticator.xml
airavata/trunk/modules/rest/service/src/test/resources/jdbc-authenticator.xml
airavata/trunk/modules/rest/service/src/test/resources/ldap-authenticator.xml
airavata/trunk/modules/rest/service/src/test/resources/session-authenticator.xml
airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/util/DBLookup.java
airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/util/SecurityUtil.java
Modified:
airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/HttpAuthenticatorFilter.java
airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/basic/BasicAccessAuthenticator.java
airavata/trunk/modules/rest/service/src/test/resources/authenticators.xml
airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AbstractAuthenticator.java
airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AbstractDatabaseAuthenticator.java
airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/JDBCUserStore.java
airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/LDAPUserStore.java
airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/AuthenticatorConfigurationReaderTest.java
airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/TestDBAuthenticator2.java
airavata/trunk/modules/security/src/test/resources/authenticators.xml
airavata/trunk/modules/security/src/test/resources/disabled-authenticator.xml
airavata/trunk/modules/security/src/test/resources/ldap-authenticator.xml
Modified: airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/HttpAuthenticatorFilter.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/HttpAuthenticatorFilter.java?rev=1423690&r1=1423689&r2=1423690&view=diff
==============================================================================
--- airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/HttpAuthenticatorFilter.java (original)
+++ airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/HttpAuthenticatorFilter.java Tue Dec 18 22:02:11 2012
@@ -45,6 +45,8 @@ public class HttpAuthenticatorFilter imp
private static Logger log = LoggerFactory.getLogger(HttpAuthenticatorFilter.class);
+ private ServletRequestHelper servletRequestHelper = new ServletRequestHelper();
+
@Override
public void init(FilterConfig filterConfig) throws ServletException {
String authenticatorConfiguration = filterConfig.getInitParameter("authenticatorConfigurations");
@@ -103,6 +105,16 @@ public class HttpAuthenticatorFilter imp
// Firs check whether authenticators are disabled
if (! AuthenticatorConfigurationReader.isAuthenticationEnabled()) {
+
+ // Extract user id and gateway id
+ try {
+ servletRequestHelper.addIdentityInformationToSession((HttpServletRequest) servletRequest);
+ } catch (AuthenticationException e) {
+ log.warn("Error adding identity information to session.", e);
+ populateUnauthorisedData(servletResponse, "Error adding identity information to session.");
+
+ }
+
filterChain.doFilter(servletRequest, servletResponse);
return;
}
Added: airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/ServletRequestHelper.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/ServletRequestHelper.java?rev=1423690&view=auto
==============================================================================
--- airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/ServletRequestHelper.java (added)
+++ airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/ServletRequestHelper.java Tue Dec 18 22:02:11 2012
@@ -0,0 +1,98 @@
+package org.apache.airavata.services.registry.rest.security;
+
+import org.apache.airavata.common.context.RequestContext;
+import org.apache.airavata.common.context.WorkflowContext;
+import org.apache.airavata.common.exception.ServerSettingsException;
+import org.apache.airavata.common.utils.Constants;
+import org.apache.airavata.common.utils.ServerSettings;
+import org.apache.airavata.security.AuthenticationException;
+import org.apache.commons.codec.binary.Base64;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * Helper class to extract request information.
+ */
+public class ServletRequestHelper {
+
+ /**
+ * Header names
+ */
+ public static final String AUTHORISATION_HEADER_NAME = "Authorization";
+
+ protected void addIdentityInformationToSession(HttpServletRequest servletRequest) throws AuthenticationException {
+
+ addUserToSession(null, servletRequest);
+ }
+
+ public void addUserToSession(String userName, HttpServletRequest servletRequest) throws AuthenticationException {
+
+ if (userName == null) {
+ userName = getUserName(servletRequest);
+ }
+
+ String gatewayId = getGatewayId(servletRequest);
+
+ if (servletRequest.getSession() != null) {
+ servletRequest.getSession().setAttribute(Constants.USER_IN_SESSION, userName);
+ servletRequest.getSession().setAttribute(Constants.GATEWAY_NAME, gatewayId);
+ }
+
+ addToContext(userName, gatewayId);
+ }
+
+ String getUserName(HttpServletRequest httpServletRequest) throws AuthenticationException {
+
+ String basicHeader = httpServletRequest.getHeader(AUTHORISATION_HEADER_NAME);
+
+ if (basicHeader == null) {
+ throw new AuthenticationException("Authorization Required");
+ }
+
+ String[] userNamePasswordArray = basicHeader.split(" ");
+
+ if (userNamePasswordArray == null || userNamePasswordArray.length != 2) {
+ throw new AuthenticationException("Authorization Required");
+ }
+
+ String decodedString = decode(userNamePasswordArray[1]);
+
+ String[] array = decodedString.split(":");
+
+ if (array == null || array.length != 1) {
+ throw new AuthenticationException("Authorization Required");
+ }
+
+ return array[0];
+
+ }
+
+ public String decode(String encoded) {
+ return new String(Base64.decodeBase64(encoded.getBytes()));
+ }
+
+ String getGatewayId(HttpServletRequest request) throws AuthenticationException {
+ String gatewayId = request.getHeader(Constants.GATEWAY_NAME);
+
+ if (gatewayId == null) {
+ try {
+ gatewayId = ServerSettings.getDefaultGatewayId();
+ } catch (ServerSettingsException e) {
+ throw new AuthenticationException("Unable to retrieve default gateway", e);
+ }
+ }
+
+ return gatewayId;
+ }
+
+ public void addToContext(String userName, String gatewayId) {
+
+ RequestContext requestContext = new RequestContext();
+ requestContext.setUserIdentity(userName);
+ requestContext.setGatewayId(gatewayId);
+
+ WorkflowContext.set(requestContext);
+ }
+
+
+}
Modified: airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/basic/BasicAccessAuthenticator.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/basic/BasicAccessAuthenticator.java?rev=1423690&r1=1423689&r2=1423690&view=diff
==============================================================================
--- airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/basic/BasicAccessAuthenticator.java (original)
+++ airavata/trunk/modules/rest/service/src/main/java/org/apache/airavata/services/registry/rest/security/basic/BasicAccessAuthenticator.java Tue Dec 18 22:02:11 2012
@@ -26,6 +26,7 @@ import org.apache.airavata.common.utils.
import org.apache.airavata.security.AbstractAuthenticator;
import org.apache.airavata.security.AuthenticationException;
import org.apache.airavata.security.UserStoreException;
+import org.apache.airavata.services.registry.rest.security.ServletRequestHelper;
import org.apache.commons.codec.binary.Base64;
import org.w3c.dom.Node;
@@ -42,18 +43,12 @@ public class BasicAccessAuthenticator ex
private static final String AUTHENTICATOR_NAME = "BasicAccessAuthenticator";
- /**
- * Header names
- */
- private static final String AUTHORISATION_HEADER_NAME = "Authorization";
+ private ServletRequestHelper servletRequestHelper = new ServletRequestHelper();
public BasicAccessAuthenticator() {
super(AUTHENTICATOR_NAME);
}
- private String decode(String encoded) {
- return new String(Base64.decodeBase64(encoded.getBytes()));
- }
/**
* Returns user name and password as an array. The first element is user name and second is password.
@@ -64,7 +59,7 @@ public class BasicAccessAuthenticator ex
*/
private String[] getUserNamePassword(HttpServletRequest httpServletRequest) throws AuthenticationException {
- String basicHeader = httpServletRequest.getHeader(AUTHORISATION_HEADER_NAME);
+ String basicHeader = httpServletRequest.getHeader(ServletRequestHelper.AUTHORISATION_HEADER_NAME);
if (basicHeader == null) {
throw new AuthenticationException("Authorization Required");
@@ -76,7 +71,7 @@ public class BasicAccessAuthenticator ex
throw new AuthenticationException("Authorization Required");
}
- String decodedString = decode(userNamePasswordArray[1]);
+ String decodedString = servletRequestHelper.decode(userNamePasswordArray[1]);
String[] array = decodedString.split(":");
@@ -112,17 +107,7 @@ public class BasicAccessAuthenticator ex
}
}
- protected void addUserToSession(String userName, HttpServletRequest servletRequest) throws AuthenticationException {
- String gatewayId = getGatewayId(servletRequest);
-
- if (servletRequest.getSession() != null) {
- servletRequest.getSession().setAttribute(Constants.USER_IN_SESSION, userName);
- servletRequest.getSession().setAttribute(Constants.GATEWAY_NAME, gatewayId);
- }
-
- addToContext(userName, gatewayId);
- }
@Override
public void onSuccessfulAuthentication(Object authenticationInfo) {
@@ -136,7 +121,7 @@ public class BasicAccessAuthenticator ex
if (array != null) {
- addUserToSession(array[0], httpServletRequest);
+ servletRequestHelper.addUserToSession(array[0], httpServletRequest);
stringBuilder.append(array[0]).append(" successfully logged into system at ").append(getCurrentTime());
log.info(stringBuilder.toString());
@@ -188,7 +173,7 @@ public class BasicAccessAuthenticator ex
String gateway = (String)httpSession.getAttribute(Constants.GATEWAY_NAME);
if (user != null && gateway != null) {
- addToContext(user, gateway);
+ servletRequestHelper.addToContext(user, gateway);
seenInSession = true;
}
}
@@ -202,22 +187,10 @@ public class BasicAccessAuthenticator ex
HttpServletRequest httpServletRequest = (HttpServletRequest) credentials;
- return (httpServletRequest.getHeader(AUTHORISATION_HEADER_NAME) != null);
+ return (httpServletRequest.getHeader(ServletRequestHelper.AUTHORISATION_HEADER_NAME) != null);
}
- private String getGatewayId(HttpServletRequest request) throws AuthenticationException {
- String gatewayId = request.getHeader(Constants.GATEWAY_NAME);
- if (gatewayId == null) {
- try {
- gatewayId = ServerSettings.getDefaultGatewayId();
- } catch (ServerSettingsException e) {
- throw new AuthenticationException("Unable to retrieve default gateway", e);
- }
- }
-
- return gatewayId;
- }
@Override
public void configure(Node node) throws RuntimeException {
Added: airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/services/registry/rest/security/AbstractAuthenticatorTest.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/services/registry/rest/security/AbstractAuthenticatorTest.java?rev=1423690&view=auto
==============================================================================
--- airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/services/registry/rest/security/AbstractAuthenticatorTest.java (added)
+++ airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/services/registry/rest/security/AbstractAuthenticatorTest.java Tue Dec 18 22:02:11 2012
@@ -0,0 +1,63 @@
+package org.apache.airavata.services.registry.rest.security;
+
+import junit.framework.TestCase;
+import org.apache.airavata.common.utils.DatabaseTestCases;
+import org.apache.airavata.common.utils.DerbyUtil;
+import org.apache.airavata.security.Authenticator;
+import org.apache.airavata.security.configurations.AuthenticatorConfigurationReader;
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+import java.util.List;
+
+/**
+ * An abstract class to implement test cases for authenticators.
+ */
+public abstract class AbstractAuthenticatorTest extends DatabaseTestCases {
+
+ private String authenticatorName;
+
+ protected Authenticator authenticator = null;
+
+ public AbstractAuthenticatorTest(String name) throws Exception {
+ authenticatorName = name;
+ }
+
+ protected AuthenticatorConfigurationReader authenticatorConfigurationReader;
+
+
+ @Before
+ public void setUp() throws Exception {
+
+ authenticatorConfigurationReader = new AuthenticatorConfigurationReader();
+ authenticatorConfigurationReader.init(this.getClass().getClassLoader().getResourceAsStream("authenticators.xml"));
+
+ List<Authenticator> listAuthenticators = authenticatorConfigurationReader.getAuthenticatorList();
+
+ if (listAuthenticators == null) {
+ throw new Exception("No authenticators found !");
+ }
+
+ for (Authenticator a : listAuthenticators) {
+ if (a.getAuthenticatorName().equals(authenticatorName)) {
+ authenticator = a;
+ }
+ }
+
+ if (authenticator == null) {
+ throw new Exception("Could not find an authenticator with name " + authenticatorName);
+ }
+
+ }
+
+ @Test
+ public abstract void testAuthenticateSuccess() throws Exception;
+
+ @Test
+ public abstract void testAuthenticateFail() throws Exception;
+
+ @Test
+ public abstract void testCanProcess() throws Exception;
+}
Added: airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/services/registry/rest/security/MyHttpServletRequest.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/services/registry/rest/security/MyHttpServletRequest.java?rev=1423690&view=auto
==============================================================================
--- airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/services/registry/rest/security/MyHttpServletRequest.java (added)
+++ airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/services/registry/rest/security/MyHttpServletRequest.java Tue Dec 18 22:02:11 2012
@@ -0,0 +1,351 @@
+package org.apache.airavata.services.registry.rest.security;
+
+import javax.servlet.*;
+import javax.servlet.http.*;
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.security.Principal;
+import java.util.*;
+
+/**
+ * Test servlet implementation. For test cases only.
+ */
+public class MyHttpServletRequest implements HttpServletRequest {
+
+ private Map<String, String> headers = new HashMap<String, String>();
+
+ public void addHeader(String name, String value) {
+ headers.put(name, value);
+ }
+
+ @Override
+ public String getAuthType() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public Cookie[] getCookies() {
+ return new Cookie[0]; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public long getDateHeader(String s) {
+ return 0; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public String getHeader(String s) {
+ return headers.get(s);
+ }
+
+ @Override
+ public Enumeration<String> getHeaders(String s) {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public Enumeration<String> getHeaderNames() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public int getIntHeader(String s) {
+ return 0; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public String getMethod() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public String getPathInfo() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public String getPathTranslated() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public String getContextPath() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public String getQueryString() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public String getRemoteUser() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public boolean isUserInRole(String s) {
+ return false; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public Principal getUserPrincipal() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public String getRequestedSessionId() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public String getRequestURI() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public StringBuffer getRequestURL() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public String getServletPath() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public HttpSession getSession(boolean b) {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public HttpSession getSession() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public boolean isRequestedSessionIdValid() {
+ return false; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public boolean isRequestedSessionIdFromCookie() {
+ return false; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public boolean isRequestedSessionIdFromURL() {
+ return false; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public boolean isRequestedSessionIdFromUrl() {
+ return false; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public boolean authenticate(HttpServletResponse httpServletResponse) throws IOException, ServletException {
+ return false; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public void login(String s, String s1) throws ServletException {
+ //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public void logout() throws ServletException {
+ //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public Collection<Part> getParts() throws IOException, ServletException {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public Part getPart(String s) throws IOException, ServletException {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public Object getAttribute(String s) {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public Enumeration<String> getAttributeNames() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public String getCharacterEncoding() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public void setCharacterEncoding(String s) throws UnsupportedEncodingException {
+ //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public int getContentLength() {
+ return 0; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public String getContentType() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public ServletInputStream getInputStream() throws IOException {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public String getParameter(String s) {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public Enumeration<String> getParameterNames() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public String[] getParameterValues(String s) {
+ return new String[0]; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public Map<String, String[]> getParameterMap() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public String getProtocol() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public String getScheme() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public String getServerName() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public int getServerPort() {
+ return 0; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public BufferedReader getReader() throws IOException {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public String getRemoteAddr() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public String getRemoteHost() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public void setAttribute(String s, Object o) {
+ //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public void removeAttribute(String s) {
+ //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public Locale getLocale() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public Enumeration<Locale> getLocales() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public boolean isSecure() {
+ return false; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public RequestDispatcher getRequestDispatcher(String s) {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public String getRealPath(String s) {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public int getRemotePort() {
+ return 0; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public String getLocalName() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public String getLocalAddr() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public int getLocalPort() {
+ return 0; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public ServletContext getServletContext() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public AsyncContext startAsync() throws IllegalStateException {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public AsyncContext startAsync(ServletRequest servletRequest, ServletResponse servletResponse) throws IllegalStateException {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public boolean isAsyncStarted() {
+ return false; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public boolean isAsyncSupported() {
+ return false; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public AsyncContext getAsyncContext() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
+ public DispatcherType getDispatcherType() {
+ return null; //To change body of implemented methods use File | Settings | File Templates.
+ }
+}
Added: airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/services/registry/rest/security/basic/BasicAccessAuthenticatorTest.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/services/registry/rest/security/basic/BasicAccessAuthenticatorTest.java?rev=1423690&view=auto
==============================================================================
--- airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/services/registry/rest/security/basic/BasicAccessAuthenticatorTest.java (added)
+++ airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/services/registry/rest/security/basic/BasicAccessAuthenticatorTest.java Tue Dec 18 22:02:11 2012
@@ -0,0 +1,96 @@
+package org.apache.airavata.services.registry.rest.security.basic;
+
+import org.apache.airavata.common.utils.Constants;
+import org.apache.airavata.common.utils.DerbyUtil;
+import org.apache.airavata.security.configurations.AuthenticatorConfigurationReader;
+import org.apache.airavata.services.registry.rest.security.AbstractAuthenticatorTest;
+import org.apache.airavata.services.registry.rest.security.MyHttpServletRequest;
+import org.apache.airavata.services.registry.rest.security.session.SessionAuthenticator;
+import org.apache.commons.codec.binary.Base64;
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+/**
+ * Test class for basic access authenticator.
+ */
+public class BasicAccessAuthenticatorTest extends AbstractAuthenticatorTest {
+
+ private SessionAuthenticator sessionAuthenticator;
+
+ private AuthenticatorConfigurationReader authenticatorConfigurationReader;
+
+ public BasicAccessAuthenticatorTest() throws Exception {
+ super("basicAccessAuthenticator");
+ }
+
+ @BeforeClass
+ public static void setUpDatabase() throws Exception{
+ DerbyUtil.startDerbyInServerMode(getHostAddress(), getPort(), getUserName(), getPassword());
+
+ waitTillServerStarts();
+
+ String createTable = "create table AIRAVATA_USER ( USERID varchar(255), PASSWORD varchar(255) )";
+ executeSQL(createTable);
+
+ String insertSQL = "INSERT INTO AIRAVATA_USER VALUES('amilaj', 'secret')";
+ executeSQL(insertSQL);
+
+ }
+
+ @AfterClass
+ public static void shutDownDatabase() throws Exception {
+ DerbyUtil.stopDerbyServer();
+ }
+
+
+
+ @Override
+ public void testAuthenticateSuccess() throws Exception {
+
+ Assert.assertTrue(authenticator.authenticate(getRequest("amilaj:secret")));
+ }
+
+ @Override
+ public void testAuthenticateFail() throws Exception {
+ Assert.assertFalse(authenticator.authenticate(getRequest("amilaj:secret1")));
+ }
+
+ @Test
+ public void testAuthenticateFailUserName() throws Exception {
+ Assert.assertFalse(authenticator.authenticate(getRequest("amila:secret1")));
+ }
+
+ @Override
+ public void testCanProcess() throws Exception {
+
+ Assert.assertTrue(authenticator.canProcess(getRequest("amilaj:secret")));
+ }
+
+ private MyHttpServletRequest getRequest(String userPassword) {
+ MyHttpServletRequest myHttpServletRequest = new MyHttpServletRequest();
+
+ String authHeader = "Basic " + new String(Base64.encodeBase64(userPassword.getBytes()));
+
+ myHttpServletRequest.addHeader("Authorization", authHeader);
+ myHttpServletRequest.addHeader(Constants.GATEWAY_NAME, "default");
+
+ return myHttpServletRequest;
+
+ }
+
+ public void tearDown() throws Exception {
+
+ }
+
+ /*public void testConfigure() throws Exception {
+
+ BasicAccessAuthenticator basicAccessAuthenticator = (BasicAccessAuthenticator)authenticator;
+
+ assertEquals("AIRAVATA_USER", basicAccessAuthenticator.getUserTable());
+ assertEquals("USERID", basicAccessAuthenticator.getUserNameColumn());
+ assertEquals("PASSWORD", basicAccessAuthenticator.getPasswordColumn());
+ }*/
+
+}
Added: airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/services/registry/rest/security/session/SessionAuthenticatorTest.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/services/registry/rest/security/session/SessionAuthenticatorTest.java?rev=1423690&view=auto
==============================================================================
--- airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/services/registry/rest/security/session/SessionAuthenticatorTest.java (added)
+++ airavata/trunk/modules/rest/service/src/test/java/org/apache/airavata/services/registry/rest/security/session/SessionAuthenticatorTest.java Tue Dec 18 22:02:11 2012
@@ -0,0 +1,65 @@
+package org.apache.airavata.services.registry.rest.security.session;
+
+import org.apache.airavata.common.utils.DerbyUtil;
+import org.apache.airavata.services.registry.rest.security.AbstractAuthenticatorTest;
+import org.apache.airavata.services.registry.rest.security.MyHttpServletRequest;
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.BeforeClass;
+
+/**
+ * Session authenticator test.
+ */
+public class SessionAuthenticatorTest extends AbstractAuthenticatorTest {
+
+ public SessionAuthenticatorTest() throws Exception {
+ super("sessionAuthenticator");
+ }
+
+ @BeforeClass
+ public static void setUpDatabase() throws Exception{
+ DerbyUtil.startDerbyInServerMode(getHostAddress(), getPort(), getUserName(), getPassword());
+
+ waitTillServerStarts();
+
+
+ String createSessionTable = "create table Persons ( sessionId varchar(255) )";
+ executeSQL(createSessionTable);
+
+ String insertSessionSQL = "INSERT INTO Persons VALUES('1234')";
+ executeSQL(insertSessionSQL);
+ }
+
+ @AfterClass
+ public static void shutDownDatabase() throws Exception {
+ DerbyUtil.stopDerbyServer();
+ }
+
+
+ public void testAuthenticateSuccess() throws Exception {
+
+ MyHttpServletRequest servletRequestRequest = new MyHttpServletRequest();
+ servletRequestRequest.addHeader("sessionTicket", "1234");
+
+ Assert.assertTrue(authenticator.authenticate(servletRequestRequest));
+
+ }
+
+ public void testAuthenticateFail() throws Exception {
+
+ MyHttpServletRequest servletRequestRequest = new MyHttpServletRequest();
+ servletRequestRequest.addHeader("sessionTicket", "12345");
+
+ Assert.assertFalse(authenticator.authenticate(servletRequestRequest));
+
+ }
+
+ public void testCanProcess() throws Exception {
+
+ MyHttpServletRequest servletRequestRequest = new MyHttpServletRequest();
+ servletRequestRequest.addHeader("sessionTicket", "12345");
+
+ Assert.assertTrue(authenticator.canProcess(servletRequestRequest));
+
+ }
+}
Modified: airavata/trunk/modules/rest/service/src/test/resources/authenticators.xml
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/rest/service/src/test/resources/authenticators.xml?rev=1423690&r1=1423689&r2=1423690&view=diff
==============================================================================
--- airavata/trunk/modules/rest/service/src/test/resources/authenticators.xml (original)
+++ airavata/trunk/modules/rest/service/src/test/resources/authenticators.xml Tue Dec 18 22:02:11 2012
@@ -8,63 +8,34 @@ Those configurations are reside inside &
-->
<authenticators>
- <authenticator name="dbAuthenticator1" class="org.apache.airavata.security.configurations.TestDBAuthenticator1"
- enabled="true" priority="6" userstore="org.apache.airavata.security.userstore.JDBCUserStore">
+ <authenticator name="sessionAuthenticator" class="org.apache.airavata.services.registry.rest.security.session.SessionAuthenticator"
+ enabled="true" priority="6" userstore="org.apache.airavata.security.userstore.SessionDBUserStore">
<specificConfigurations>
<database>
- <jdbcUrl>jdbc:sql:thin:@//myhost:1521/mysql1</jdbcUrl>
- <userName>mysql1</userName>
- <password>secret1</password>
- <databaseDriver>org.myqsql.Driver1</databaseDriver>
- <sessionTable>Session1</sessionTable>
- <sessionColumn>sessioncolumn</sessionColumn>
- <comparingColumn>comparecolumn</comparingColumn>
- <!-- TODO add datasource.name></datasource.name -->
+ <!--jdbcUrl>jdbc:h2:modules/commons/airavata-registry-rest/src/test/resources/testdb/test</jdbcUrl-->
+ <jdbcUrl>jdbc:derby://localhost:20000/persistent_data;create=true</jdbcUrl>
+ <userName>admin</userName>
+ <password>admin</password>
+ <databaseDriver>org.apache.derby.jdbc.ClientDriver</databaseDriver>
+ <sessionTable>Persons</sessionTable>
+ <sessionColumn>sessionId</sessionColumn>
+ <comparingColumn>sessionId</comparingColumn>
</database>
</specificConfigurations>
</authenticator>
- <authenticator name="dbAuthenticator2" class="org.apache.airavata.security.configurations.TestDBAuthenticator2"
- enabled="true" priority="7" userstore="org.apache.airavata.security.userstore.LDAPUserStore">
+ <authenticator name="basicAccessAuthenticator" class="org.apache.airavata.services.registry.rest.security.basic.BasicAccessAuthenticator"
+ enabled="true" priority="7" userstore="org.apache.airavata.security.userstore.JDBCUserStore">
<specificConfigurations>
<database>
- <jdbcUrl>jdbc:sql:thin:@//myhost:1521/mysql2</jdbcUrl>
- <userName>mysql2</userName>
- <password>secret2</password>
- <databaseDriver>org.myqsql.Driver2</databaseDriver>
- <sessionTable>Session2</sessionTable>
- <sessionColumn>sessioncolumn2</sessionColumn>
- <comparingColumn>comparecolumn2</comparingColumn>
- </database>
- </specificConfigurations>
- </authenticator>
-
- <authenticator name="dbAuthenticator4" class="org.apache.airavata.security.configurations.TestDBAuthenticator2"
- enabled="false" priority="7" userstore="org.apache.airavata.security.userstore.JDBCUserStore">
- <specificConfigurations>
- <database>
- <jdbcUrl>jdbc:sql:thin:@//myhost:1521/mysql2</jdbcUrl>
- <userName>mysql2</userName>
- <password>secret2</password>
- <databaseDriver>org.myqsql.Driver2</databaseDriver>
- <sessionTable>Session2</sessionTable>
- <sessionColumn>sessioncolumn2</sessionColumn>
- <comparingColumn>comparecolumn2</comparingColumn>
- </database>
- </specificConfigurations>
- </authenticator>
-
- <authenticator name="dbAuthenticator3" class="org.apache.airavata.security.configurations.TestDBAuthenticator3"
- enabled="true" priority="8" userstore="org.apache.airavata.security.userstore.JDBCUserStore">
- <specificConfigurations>
- <database>
- <jdbcUrl>jdbc:sql:thin:@//myhost:1521/mysql3</jdbcUrl>
- <userName>mysql3</userName>
- <password>secret3</password>
- <databaseDriver>org.myqsql.Driver3</databaseDriver>
- <sessionTable>Session3</sessionTable>
- <sessionColumn>sessioncolumn3</sessionColumn>
- <comparingColumn>comparecolumn3</comparingColumn>
+ <!--jdbcUrl>jdbc:h2:modules/commons/airavata-registry-rest/src/test/resources/testdb/test</jdbcUrl-->
+ <jdbcUrl>jdbc:derby://localhost:20000/persistent_data;create=true</jdbcUrl>
+ <userName>admin</userName>
+ <password>admin</password>
+ <databaseDriver>org.apache.derby.jdbc.ClientDriver</databaseDriver>
+ <userTableName>AIRAVATA_USER</userTableName>
+ <userNameColumnName>USERID</userNameColumnName>
+ <passwordColumnName>PASSWORD</passwordColumnName>
</database>
</specificConfigurations>
</authenticator>
Modified: airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AbstractAuthenticator.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AbstractAuthenticator.java?rev=1423690&r1=1423689&r2=1423690&view=diff
==============================================================================
--- airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AbstractAuthenticator.java (original)
+++ airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AbstractAuthenticator.java Tue Dec 18 22:02:11 2012
@@ -85,14 +85,7 @@ public abstract class AbstractAuthentica
return authenticated;
}
- protected void addToContext (String userName, String gatewayId) {
- RequestContext requestContext = new RequestContext();
- requestContext.setUserIdentity(userName);
- requestContext.setGatewayId(gatewayId);
-
- WorkflowContext.set(requestContext);
- }
/**
Modified: airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AbstractDatabaseAuthenticator.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AbstractDatabaseAuthenticator.java?rev=1423690&r1=1423689&r2=1423690&view=diff
==============================================================================
--- airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AbstractDatabaseAuthenticator.java (original)
+++ airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/AbstractDatabaseAuthenticator.java Tue Dec 18 22:02:11 2012
@@ -85,6 +85,14 @@ public abstract class AbstractDatabaseAu
append(databaseUserName).append(" DB password - xxxxxx");
log.info(stringBuilder.toString());
+
+ try {
+ getUserStore().configure(node);
+ } catch (UserStoreException e) {
+ String msg = "Error configuring user store associated with authenticator.";
+ log.error(msg, e);
+ throw new RuntimeException(msg, e);
+ }
}
public String getDatabaseURL() {
Modified: airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/JDBCUserStore.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/JDBCUserStore.java?rev=1423690&r1=1423689&r2=1423690&view=diff
==============================================================================
--- airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/JDBCUserStore.java (original)
+++ airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/JDBCUserStore.java Tue Dec 18 22:02:11 2012
@@ -25,6 +25,7 @@ package org.apache.airavata.security.use
import org.apache.airavata.security.UserStoreException;
import org.apache.airavata.common.utils.DBUtil;
+import org.apache.airavata.security.util.PasswordDigester;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
@@ -48,26 +49,32 @@ public class JDBCUserStore extends Abstr
private JdbcRealm jdbcRealm;
+ private PasswordDigester passwordDigester;
+
public JDBCUserStore() {
jdbcRealm = new JdbcRealm();
}
@Override
public boolean authenticate(String userName, Object credentials) throws UserStoreException{
- AuthenticationToken authenticationToken = new UsernamePasswordToken(userName, (String)credentials);
+ AuthenticationToken authenticationToken = new UsernamePasswordToken(userName,
+ passwordDigester.getPasswordHashValue((String) credentials));
AuthenticationInfo authenticationInfo;
try {
+
authenticationInfo = jdbcRealm.getAuthenticationInfo(authenticationToken);
+ return authenticationInfo != null;
+
} catch (AuthenticationException e) {
log.warn(e.getLocalizedMessage());
log.debug(e.getLocalizedMessage(), e);
return false;
}
-
- return authenticationInfo != null;
}
+
+
@Override
public boolean authenticate(Object credentials) throws UserStoreException{
log.error("JDBC user store only supports user name, password based authentication.");
@@ -86,6 +93,7 @@ public class JDBCUserStore extends Abstr
<databaseDriver></databaseDriver>
<userName></userName>
<password></password>
+ <passwordHashMethod>MD5</passwordHashMethod>
<userTableName></userTableName>
<userNameColumnName></userNameColumnName>
<passwordColumnName></passwordColumnName>
@@ -109,6 +117,7 @@ public class JDBCUserStore extends Abstr
String userTable = null;
String userNameColumn = null;
String passwordColumn = null;
+ String passwordHashMethod = null;
if (databaseNode != null) {
NodeList nodeList = databaseNode.getChildNodes();
@@ -126,11 +135,15 @@ public class JDBCUserStore extends Abstr
userNameColumn = element.getFirstChild().getNodeValue();
} else if (element.getNodeName().equals("passwordColumnName")) {
passwordColumn = element.getFirstChild().getNodeValue();
+ } else if (element.getNodeName().equals("passwordHashMethod")) {
+ passwordHashMethod = element.getFirstChild().getNodeValue();
}
}
}
}
+ passwordDigester = new PasswordDigester(passwordHashMethod);
+
initializeDatabaseLookup(passwordColumn, userTable, userNameColumn);
StringBuilder stringBuilder = new StringBuilder("Configuring DB parameters for authenticator with User name Table - ");
@@ -140,6 +153,8 @@ public class JDBCUserStore extends Abstr
log.info(stringBuilder.toString());
}
+
+
protected void initializeDatabaseLookup(String passwordColumn, String userTable,
String userNameColumn) {
@@ -155,4 +170,8 @@ public class JDBCUserStore extends Abstr
jdbcRealm.setAuthenticationQuery(stringBuilder.toString());
}
+
+ public PasswordDigester getPasswordDigester() {
+ return passwordDigester;
+ }
}
Modified: airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/LDAPUserStore.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/LDAPUserStore.java?rev=1423690&r1=1423689&r2=1423690&view=diff
==============================================================================
--- airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/LDAPUserStore.java (original)
+++ airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/userstore/LDAPUserStore.java Tue Dec 18 22:02:11 2012
@@ -25,6 +25,7 @@ package org.apache.airavata.security.use
import org.apache.airavata.security.UserStore;
import org.apache.airavata.security.UserStoreException;
+import org.apache.airavata.security.util.PasswordDigester;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
@@ -48,9 +49,12 @@ public class LDAPUserStore implements Us
protected static Logger log = LoggerFactory.getLogger(LDAPUserStore.class);
+ private PasswordDigester passwordDigester;
+
public boolean authenticate(String userName, Object credentials) throws UserStoreException {
- AuthenticationToken authenticationToken = new UsernamePasswordToken(userName, (String)credentials);
+ AuthenticationToken authenticationToken = new UsernamePasswordToken(userName,
+ passwordDigester.getPasswordHashValue((String)credentials));
AuthenticationInfo authenticationInfo;
try {
@@ -99,6 +103,7 @@ public class LDAPUserStore implements Us
String systemUser = null;
String systemUserPassword = null;
String userTemplate = null;
+ String passwordHashMethod = null;
if (configurationNode != null) {
NodeList nodeList = configurationNode.getChildNodes();
@@ -118,11 +123,15 @@ public class LDAPUserStore implements Us
systemUserPassword = element.getFirstChild().getNodeValue();
} else if (element.getNodeName().equals("userDNTemplate")) {
userTemplate = element.getFirstChild().getNodeValue();
+ } else if (element.getNodeName().equals("passwordHashMethod")) {
+ passwordHashMethod = element.getFirstChild().getNodeValue();
}
}
}
}
+ passwordDigester = new PasswordDigester(passwordHashMethod);
+
initializeLDAP(url, systemUser, systemUserPassword, userTemplate);
}
Copied: airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/util/PasswordDigester.java (from r1422437, airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/util/SecurityUtil.java)
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/util/PasswordDigester.java?p2=airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/util/PasswordDigester.java&p1=airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/util/SecurityUtil.java&r1=1422437&r2=1423690&rev=1423690&view=diff
==============================================================================
--- airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/util/SecurityUtil.java (original)
+++ airavata/trunk/modules/security/src/main/java/org/apache/airavata/security/util/PasswordDigester.java Tue Dec 18 22:02:11 2012
@@ -1,22 +1,82 @@
package org.apache.airavata.security.util;
+import org.apache.airavata.security.UserStoreException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
/**
* Contains some utility methods related to security.
*/
-public class SecurityUtil {
+public class PasswordDigester {
+
+ protected static Logger log = LoggerFactory.getLogger(PasswordDigester.class);
+
+ public static final String PASSWORD_HASH_METHOD_PLAINTEXT = "PLAINTEXT";
+
+ private String hashMethod;
+
+ /**
+ * Creates password digester
+ * @param method The particular hash method. E.g :- MD5, SHA1 etc ...
+ */
+ public PasswordDigester(String method) throws UserStoreException {
+ hashMethod = method;
+ validateHashAlgorithm();
+ }
/**
* Gets the hash value of a password.
- * @param hashMethod The hash method.
* @param password Password.
* @return Hashed password.
- * @throws NoSuchAlgorithmException If an invalid hash method is given.
+ * @throws UserStoreException If an invalid hash method is given.
*/
- public static byte[] getHashedPassword (String hashMethod, String password) throws NoSuchAlgorithmException {
- MessageDigest md = MessageDigest.getInstance(hashMethod);
- return md.digest(password.getBytes());
+ public String getPasswordHashValue(String password) throws UserStoreException {
+
+ if (hashMethod.equals(PASSWORD_HASH_METHOD_PLAINTEXT)) {
+ return password;
+ } else {
+ MessageDigest messageDigest = null;
+ try {
+ messageDigest = MessageDigest.getInstance(hashMethod);
+ } catch (NoSuchAlgorithmException e) {
+ throw new UserStoreException("Error creating message digest with hash algorithm - "
+ + hashMethod, e);
+ }
+ return new String(messageDigest.digest(password.getBytes()));
+ }
+
+ }
+
+ private void validateHashAlgorithm() throws UserStoreException {
+
+ if (hashMethod == null) {
+ log.warn("Password hash method is not configured. Setting default to plaintext.");
+ hashMethod = PASSWORD_HASH_METHOD_PLAINTEXT;
+ } else {
+
+ // Validating configured hash method is correct.
+ if (!hashMethod.equals(PASSWORD_HASH_METHOD_PLAINTEXT)) {
+ try {
+ MessageDigest.getInstance(hashMethod);
+ } catch (NoSuchAlgorithmException e) {
+ String msg = "Invalid hash algorithm - " + hashMethod +
+ ". Use Java style way of specifying hash algorithm. E.g :- MD5";
+ log.error(msg);
+ throw new UserStoreException(msg, e);
+ }
+ }
+ }
+
+ }
+
+ public String getHashMethod() {
+ return hashMethod;
+ }
+
+ public void setHashMethod(String hashMethod) {
+ this.hashMethod = hashMethod;
}
}
Modified: airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/AuthenticatorConfigurationReaderTest.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/AuthenticatorConfigurationReaderTest.java?rev=1423690&r1=1423689&r2=1423690&view=diff
==============================================================================
--- airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/AuthenticatorConfigurationReaderTest.java (original)
+++ airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/AuthenticatorConfigurationReaderTest.java Tue Dec 18 22:02:11 2012
@@ -54,16 +54,15 @@ public class AuthenticatorConfigurationR
assertEquals("secret1", ((TestDBAuthenticator1) authenticator).getDatabasePassword());
assertNotNull(authenticator.getUserStore());
assertTrue(authenticator.getUserStore() instanceof JDBCUserStore);
+
+ JDBCUserStore jdbcUserStore = (JDBCUserStore)authenticator.getUserStore();
+ assertEquals("MD5", jdbcUserStore.getPasswordDigester().getHashMethod());
} else if (authenticator instanceof TestDBAuthenticator2) {
assertEquals("dbAuthenticator2", authenticator.getAuthenticatorName());
assertEquals(7, authenticator.getPriority());
assertEquals(true, authenticator.isEnabled());
- assertEquals("jdbc:sql:thin:@//myhost:1521/mysql2", ((TestDBAuthenticator2) authenticator).getDatabaseURL());
- assertEquals("org.myqsql.Driver2", ((TestDBAuthenticator2) authenticator).getDatabaseDriver());
- assertEquals("mysql2", ((TestDBAuthenticator2) authenticator).getDatabaseUserName());
- assertEquals("secret2", ((TestDBAuthenticator2) authenticator).getDatabasePassword());
- assertNotNull(authenticator.getUserStore());
assertTrue(authenticator.getUserStore() instanceof LDAPUserStore);
+
} else if (authenticator instanceof TestDBAuthenticator3) {
assertEquals("dbAuthenticator3", authenticator.getAuthenticatorName());
assertEquals(8, authenticator.getPriority());
@@ -74,6 +73,7 @@ public class AuthenticatorConfigurationR
assertEquals("secret3", ((TestDBAuthenticator3) authenticator).getDatabasePassword());
assertNotNull(authenticator.getUserStore());
assertTrue(authenticator.getUserStore() instanceof JDBCUserStore);
+
}
}
@@ -97,4 +97,6 @@ public class AuthenticatorConfigurationR
assertFalse(AuthenticatorConfigurationReader.isAuthenticationEnabled());
}
+
+
}
Modified: airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/TestDBAuthenticator2.java
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/TestDBAuthenticator2.java?rev=1423690&r1=1423689&r2=1423690&view=diff
==============================================================================
--- airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/TestDBAuthenticator2.java (original)
+++ airavata/trunk/modules/security/src/test/java/org/apache/airavata/security/configurations/TestDBAuthenticator2.java Tue Dec 18 22:02:11 2012
@@ -1,7 +1,8 @@
package org.apache.airavata.security.configurations;
-import org.apache.airavata.security.AbstractDatabaseAuthenticator;
+import org.apache.airavata.security.AbstractAuthenticator;
import org.apache.airavata.security.AuthenticationException;
+import org.w3c.dom.Node;
/**
* Created with IntelliJ IDEA.
@@ -10,13 +11,18 @@ import org.apache.airavata.security.Auth
* Time: 6:30 PM
* To change this template use File | Settings | File Templates.
*/
-public class TestDBAuthenticator2 extends AbstractDatabaseAuthenticator {
+public class TestDBAuthenticator2 extends AbstractAuthenticator {
public TestDBAuthenticator2() {
super();
}
@Override
+ protected boolean doAuthentication(Object credentials) throws AuthenticationException {
+ return false; //To change body of implemented methods use File | Settings | File Templates.
+ }
+
+ @Override
public void onSuccessfulAuthentication(Object authenticationInfo) {
//To change body of implemented methods use File | Settings | File Templates.
}
@@ -26,18 +32,14 @@ public class TestDBAuthenticator2 extend
//To change body of implemented methods use File | Settings | File Templates.
}
- @Override
- public boolean authenticate(Object credentials) throws AuthenticationException {
- return false; //To change body of implemented methods use File | Settings | File Templates.
- }
@Override
- protected boolean doAuthentication(Object credentials) throws AuthenticationException {
+ public boolean isAuthenticated(Object credentials) {
return false; //To change body of implemented methods use File | Settings | File Templates.
}
@Override
- public boolean isAuthenticated(Object credentials) {
- return false; //To change body of implemented methods use File | Settings | File Templates.
+ public void configure(Node node) throws RuntimeException {
+ //To change body of implemented methods use File | Settings | File Templates.
}
}
Modified: airavata/trunk/modules/security/src/test/resources/authenticators.xml
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/test/resources/authenticators.xml?rev=1423690&r1=1423689&r2=1423690&view=diff
==============================================================================
--- airavata/trunk/modules/security/src/test/resources/authenticators.xml (original)
+++ airavata/trunk/modules/security/src/test/resources/authenticators.xml Tue Dec 18 22:02:11 2012
@@ -15,6 +15,7 @@ Those configurations are reside inside &
<jdbcUrl>jdbc:sql:thin:@//myhost:1521/mysql1</jdbcUrl>
<userName>mysql1</userName>
<password>secret1</password>
+ <passwordHashMethod>MD5</passwordHashMethod>
<databaseDriver>org.myqsql.Driver1</databaseDriver>
<sessionTable>Session1</sessionTable>
<sessionColumn>sessioncolumn</sessionColumn>
@@ -27,15 +28,18 @@ Those configurations are reside inside &
<authenticator name="dbAuthenticator2" class="org.apache.airavata.security.configurations.TestDBAuthenticator2"
enabled="true" priority="7" userstore="org.apache.airavata.security.userstore.LDAPUserStore">
<specificConfigurations>
- <database>
- <jdbcUrl>jdbc:sql:thin:@//myhost:1521/mysql2</jdbcUrl>
- <userName>mysql2</userName>
- <password>secret2</password>
- <databaseDriver>org.myqsql.Driver2</databaseDriver>
- <sessionTable>Session2</sessionTable>
- <sessionColumn>sessioncolumn2</sessionColumn>
- <comparingColumn>comparecolumn2</comparingColumn>
- </database>
+ <ldap>
+ <!--
+ url - The URL which LDAP server is listening for requests
+ systemUser - The DN of the LDAP server connection user
+ systemUserPassword - The password of the LDAP server connection user
+ userDNTemplate - The DN structure of the users in LDAP
+ -->
+ <url>ldap://localhost:10389</url>
+ <systemUser>admin</systemUser>
+ <systemUserPassword>secret</systemUserPassword>
+ <userDNTemplate>uid={0},ou=system</userDNTemplate>
+ </ldap>
</specificConfigurations>
</authenticator>
Modified: airavata/trunk/modules/security/src/test/resources/disabled-authenticator.xml
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/test/resources/disabled-authenticator.xml?rev=1423690&r1=1423689&r2=1423690&view=diff
==============================================================================
--- airavata/trunk/modules/security/src/test/resources/disabled-authenticator.xml (original)
+++ airavata/trunk/modules/security/src/test/resources/disabled-authenticator.xml Tue Dec 18 22:02:11 2012
@@ -25,7 +25,7 @@ Those configurations are reside inside &
</authenticator>
<authenticator name="dbAuthenticator2" class="org.apache.airavata.security.configurations.TestDBAuthenticator2"
- enabled="true" priority="7" userstore="org.apache.airavata.security.userstore.LDAPUserStore">
+ enabled="true" priority="7" userstore="org.apache.airavata.security.userstore.JDBCUserStore">
<specificConfigurations>
<database>
<jdbcUrl>jdbc:sql:thin:@//myhost:1521/mysql2</jdbcUrl>
Modified: airavata/trunk/modules/security/src/test/resources/ldap-authenticator.xml
URL: http://svn.apache.org/viewvc/airavata/trunk/modules/security/src/test/resources/ldap-authenticator.xml?rev=1423690&r1=1423689&r2=1423690&view=diff
==============================================================================
--- airavata/trunk/modules/security/src/test/resources/ldap-authenticator.xml (original)
+++ airavata/trunk/modules/security/src/test/resources/ldap-authenticator.xml Tue Dec 18 22:02:11 2012
@@ -22,7 +22,7 @@
-->
<authenticators>
<authenticator name="dbAuthenticator1" class="org.apache.airavata.security.configurations.TestDBAuthenticator1"
- enabled="true" priority="6" userstore="org.apache.airavata.security.userstore.JDBCUserStore">
+ enabled="true" priority="6" userstore="org.apache.airavata.security.userstore.LDAPUserStore">
<specificConfigurations>
<ldap>
<!--