This project has retired. For details please refer to its Attic page.
KeyStoreAuthenticator xref
View Javadoc

1   package org.apache.archiva.redback.authentication.keystore;
2   
3   /*
4    * Licensed to the Apache Software Foundation (ASF) under one
5    * or more contributor license agreements.  See the NOTICE file
6    * distributed with this work for additional information
7    * regarding copyright ownership.  The ASF licenses this file
8    * to you under the Apache License, Version 2.0 (the
9    * "License"); you may not use this file except in compliance
10   * with the License.  You may obtain a copy of the License at
11   *
12   * http://www.apache.org/licenses/LICENSE-2.0
13   *
14   * Unless required by applicable law or agreed to in writing,
15   * software distributed under the License is distributed on an
16   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17   * KIND, either express or implied.  See the License for the
18   * specific language governing permissions and limitations
19   * under the License.
20   */
21  
22  import org.apache.archiva.redback.authentication.AbstractAuthenticator;
23  import org.apache.archiva.redback.authentication.AuthenticationDataSource;
24  import org.apache.archiva.redback.authentication.AuthenticationException;
25  import org.apache.archiva.redback.authentication.AuthenticationResult;
26  import org.apache.archiva.redback.authentication.Authenticator;
27  import org.apache.archiva.redback.authentication.TokenBasedAuthenticationDataSource;
28  import org.apache.archiva.redback.keys.AuthenticationKey;
29  import org.apache.archiva.redback.keys.KeyManager;
30  import org.apache.archiva.redback.keys.KeyManagerException;
31  import org.apache.archiva.redback.keys.KeyNotFoundException;
32  import org.apache.archiva.redback.policy.AccountLockedException;
33  import org.apache.archiva.redback.policy.MustChangePasswordException;
34  import org.apache.archiva.redback.users.User;
35  import org.apache.archiva.redback.users.UserManager;
36  import org.apache.archiva.redback.users.UserManagerException;
37  import org.apache.archiva.redback.users.UserNotFoundException;
38  import org.slf4j.Logger;
39  import org.slf4j.LoggerFactory;
40  import org.springframework.stereotype.Service;
41  
42  import javax.annotation.Resource;
43  
44  /**
45   * KeyStoreAuthenticator:
46   *
47   * @author: Jesse McConnell <jesse@codehaus.org>
48   */
49  @Service("authenticator#keystore")
50  public class KeyStoreAuthenticator
51      extends AbstractAuthenticator
52      implements Authenticator
53  {
54      private Logger log = LoggerFactory.getLogger( getClass() );
55  
56      @Resource(name = "keyManager#cached")
57      private KeyManager keystore;
58  
59      @Resource(name = "userManager#default")
60      private UserManager userManager;
61  
62      public String getId()
63      {
64          return getClass().getName();
65      }
66  
67      public AuthenticationResult authenticate( AuthenticationDataSource source )
68          throws AccountLockedException, AuthenticationException, MustChangePasswordException
69      {
70          TokenBasedAuthenticationDataSource dataSource = (TokenBasedAuthenticationDataSource) source;
71  
72          String key = dataSource.getToken();
73          try
74          {
75              AuthenticationKey authKey = keystore.findKey( key );
76  
77              // if we find a key (exception was probably thrown if not) then we should be authentic
78              if ( authKey != null )
79              {
80                  User user = userManager.findUser( dataSource.getUsername() );
81  
82                  if ( user.isLocked() )
83                  {
84                      throw new AccountLockedException( "Account " + source.getUsername() + " is locked.", user );
85                  }
86  
87                  if ( user.isPasswordChangeRequired() && source.isEnforcePasswordChange() )
88                  {
89                      throw new MustChangePasswordException( "Password expired.", user );
90                  }
91  
92                  return new AuthenticationResult( true, dataSource.getUsername(), null );
93              }
94              else
95              {
96                  return new AuthenticationResult( false, dataSource.getUsername(),
97                                                   new AuthenticationException( "unable to find key" ) );
98              }
99          }
100         catch ( KeyNotFoundException ne )
101         {
102             return new AuthenticationResult( false, null, ne );
103         }
104         catch ( KeyManagerException ke )
105         {
106             throw new AuthenticationException( "underlaying keymanager issue", ke );
107         }
108         catch ( UserNotFoundException e )
109         {
110             log.warn( "Login for user {} failed. user not found.", source.getUsername() );
111             return new AuthenticationResult( false, null, e );
112         }
113         catch ( UserManagerException e )
114         {
115             log.warn( "Login fail for user {} failed. message: {}", source.getUsername(), e.getMessage() );
116             return new AuthenticationResult( false, null, e );
117         }
118     }
119 
120     public boolean supportsDataSource( AuthenticationDataSource source )
121     {
122         return source instanceof TokenBasedAuthenticationDataSource;
123     }
124 }