This project has retired. For details please refer to its Attic page.
AdminAutoCreateCheck xref
View Javadoc

1   package org.apache.archiva.redback.integration.checks.security;
2   
3   /*
4    * Licensed to the Apache Software Foundation (ASF) under one
5    * or more contributor license agreements.  See the NOTICE file
6    * distributed with this work for additional information
7    * regarding copyright ownership.  The ASF licenses this file
8    * to you under the Apache License, Version 2.0 (the
9    * "License"); you may not use this file except in compliance
10   * with the License.  You may obtain a copy of the License at
11   *
12   * http://www.apache.org/licenses/LICENSE-2.0
13   *
14   * Unless required by applicable law or agreed to in writing,
15   * software distributed under the License is distributed on an
16   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17   * KIND, either express or implied.  See the License for the
18   * specific language governing permissions and limitations
19   * under the License.
20   */
21  
22  import org.apache.archiva.redback.authentication.PasswordBasedAuthenticationDataSource;
23  import org.apache.archiva.redback.configuration.UserConfiguration;
24  import org.apache.archiva.redback.configuration.UserConfigurationKeys;
25  import org.apache.archiva.redback.rbac.RBACManager;
26  import org.apache.archiva.redback.role.RoleManager;
27  import org.apache.archiva.redback.role.RoleManagerException;
28  import org.apache.archiva.redback.system.SecuritySession;
29  import org.apache.archiva.redback.system.SecuritySystem;
30  import org.apache.archiva.redback.system.check.EnvironmentCheck;
31  import org.apache.archiva.redback.users.User;
32  import org.apache.archiva.redback.users.UserManager;
33  import org.apache.archiva.redback.users.UserManagerException;
34  import org.apache.archiva.redback.users.UserNotFoundException;
35  import org.apache.commons.io.IOUtils;
36  import org.apache.commons.lang.StringUtils;
37  import org.slf4j.Logger;
38  import org.slf4j.LoggerFactory;
39  import org.springframework.stereotype.Service;
40  
41  import javax.inject.Inject;
42  import javax.inject.Named;
43  import java.io.File;
44  import java.io.FileInputStream;
45  import java.util.Date;
46  import java.util.List;
47  import java.util.Properties;
48  
49  /**
50   * @author Olivier Lamy
51   * @since 2.0
52   */
53  @Service("environmentCheck#adminAutoCreateCheck")
54  public class AdminAutoCreateCheck
55      implements EnvironmentCheck
56  {
57  
58      private Logger log = LoggerFactory.getLogger( getClass() );
59  
60      public static final String FORCE_ADMIN_FILE_PATH = "redback.admin.creation.file";
61  
62      public static final String ADMIN_FULL_NAME_KEY = "redback.admin.fullname";
63  
64      public static final String ADMIN_EMAIL_KEY = "redback.admin.email";
65  
66      public static final String ADMIN_PASSWORD_KEY = "redback.admin.password";
67  
68      @Inject
69      @Named(value = "userManager#default")
70      private UserManager userManager;
71  
72      @Inject
73      @Named(value = "userConfiguration#default")
74      private UserConfiguration config;
75  
76      @Inject
77      protected SecuritySystem securitySystem;
78  
79      @Inject
80      private RoleManager roleManager;
81  
82      @Inject
83      @Named(value = "rbacManager#default")
84      private RBACManager rbacManager;
85  
86      public void validateEnvironment( List<String> violations )
87      {
88          try
89          {
90              User user = userManager.findUser( getAdminUid() );
91              if ( user == null )
92              {
93                  useForceAdminCreationFile();
94              }
95          }
96          catch ( UserNotFoundException e )
97          {
98              useForceAdminCreationFile();
99          }
100         catch ( UserManagerException e )
101         {
102             useForceAdminCreationFile();
103         }
104     }
105 
106     private void useForceAdminCreationFile()
107     {
108         try
109         {
110             String forceAdminFilePath = System.getProperty( FORCE_ADMIN_FILE_PATH );
111             if ( StringUtils.isBlank( forceAdminFilePath ) )
112             {
113                 log.info( "{} system props is empty don't use an auto creation admin ", FORCE_ADMIN_FILE_PATH );
114                 return;
115             }
116             File file = new File( forceAdminFilePath );
117             if ( !file.exists() )
118             {
119                 log.warn( "file set in sysprops {} not exists skip admin auto creation", FORCE_ADMIN_FILE_PATH );
120                 return;
121             }
122             log.debug( "user {} not found try auto creation", getAdminUid() );
123             Properties properties = new Properties();
124             FileInputStream fis = new FileInputStream( file );
125             try
126             {
127                 properties.load( fis );
128             }
129             catch ( Exception e )
130             {
131                 log.warn( "error loading properties from file {} skip admin auto creation", forceAdminFilePath );
132                 return;
133             }
134             finally
135             {
136                 IOUtils.closeQuietly( fis );
137             }
138 
139             // ensure we have all properties
140             String password = properties.getProperty( ADMIN_PASSWORD_KEY );
141             String email = properties.getProperty( ADMIN_EMAIL_KEY );
142             String fullName = properties.getProperty( ADMIN_FULL_NAME_KEY );
143 
144             if ( StringUtils.isBlank( password ) )
145             {
146                 log.warn( "property {} not set skip auto admin creation", ADMIN_PASSWORD_KEY );
147                 return;
148             }
149 
150             if ( StringUtils.isBlank( email ) )
151             {
152                 log.warn( "property not set skip auto admin creation", ADMIN_EMAIL_KEY );
153                 return;
154             }
155 
156             if ( StringUtils.isBlank( fullName ) )
157             {
158                 log.warn( "property {} not set skip auto admin creation", ADMIN_FULL_NAME_KEY );
159                 return;
160             }
161 
162             User u = userManager.createUser( getAdminUid(), fullName, email );
163 
164             u.setPassword( password );
165             u.setLocked( false );
166             u.setPasswordChangeRequired( false );
167             u.setPermanent( true );
168             u.setValidated( true );
169 
170             u = userManager.addUser( u );
171             u.setPassword( password );
172 
173             PasswordBasedAuthenticationDataSource authdatasource = new PasswordBasedAuthenticationDataSource();
174             authdatasource.setPrincipal( u.getUsername() );
175             authdatasource.setPassword( u.getPassword() );
176             SecuritySession securitySession = securitySystem.authenticate( authdatasource );
177             if ( securitySession.getAuthenticationResult().isAuthenticated() )
178             {
179                 // good add various tokens.
180                 u = securitySession.getUser();
181                 u.setLastLoginDate( new Date() );
182                 securitySystem.getUserManager().updateUser( u );
183             }
184             assignAdminRole( u );
185 
186         }
187         catch ( Exception e )
188         {
189             log.warn( "failed to automatically create an admin account {}", e.getMessage(), e );
190         }
191     }
192 
193     private void assignAdminRole( User user )
194         throws RoleManagerException
195     {
196         roleManager.assignRole( "system-administrator", user.getUsername() );
197     }
198 
199     private String getAdminUid()
200     {
201         return config.getString( UserConfigurationKeys.DEFAULT_ADMIN );
202     }
203 }