This project has retired. For details please refer to its Attic page.
Coverage Report
Coverage Report - org.apache.maven.archiva.security.ArchivaServletAuthenticator
 
Classes in this File Line Coverage Branch Coverage Complexity
ArchivaServletAuthenticator
0%
0/24
0%
0/12
6
 
 1   
 package org.apache.maven.archiva.security;
 2   
 
 3   
 /*
 4   
  * Licensed to the Apache Software Foundation (ASF) under one
 5   
  * or more contributor license agreements.  See the NOTICE file
 6   
  * distributed with this work for additional information
 7   
  * regarding copyright ownership.  The ASF licenses this file
 8   
  * to you under the Apache License, Version 2.0 (the
 9   
  * "License"); you may not use this file except in compliance
 10   
  * with the License.  You may obtain a copy of the License at
 11   
  *
 12   
  *  http://www.apache.org/licenses/LICENSE-2.0
 13   
  *
 14   
  * Unless required by applicable law or agreed to in writing,
 15   
  * software distributed under the License is distributed on an
 16   
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 17   
  * KIND, either express or implied.  See the License for the
 18   
  * specific language governing permissions and limitations
 19   
  * under the License.
 20   
  */
 21   
 
 22   
 import javax.servlet.http.HttpServletRequest;
 23   
 
 24   
 import org.codehaus.plexus.redback.authentication.AuthenticationException;
 25   
 import org.codehaus.plexus.redback.authentication.AuthenticationResult;
 26   
 import org.codehaus.plexus.redback.authorization.AuthorizationException;
 27   
 import org.codehaus.plexus.redback.authorization.AuthorizationResult;
 28   
 import org.codehaus.plexus.redback.authorization.UnauthorizedException;
 29   
 import org.codehaus.plexus.redback.policy.AccountLockedException;
 30   
 import org.codehaus.plexus.redback.policy.MustChangePasswordException;
 31   
 import org.codehaus.plexus.redback.system.DefaultSecuritySession;
 32   
 import org.codehaus.plexus.redback.system.SecuritySession;
 33   
 import org.codehaus.plexus.redback.system.SecuritySystem;
 34   
 import org.codehaus.plexus.redback.users.User;
 35   
 import org.codehaus.plexus.redback.users.UserNotFoundException;
 36   
 import org.slf4j.Logger;
 37   
 import org.slf4j.LoggerFactory;
 38   
 
 39   
 /**
 40   
  * @version
 41   
  * @plexus.component role="org.apache.maven.archiva.security.ServletAuthenticator" role-hint="default"
 42   
  */
 43  0 
 public class ArchivaServletAuthenticator
 44   
     implements ServletAuthenticator
 45   
 {
 46  0 
     private Logger log = LoggerFactory.getLogger( ArchivaServletAuthenticator.class );
 47   
 
 48   
     /**
 49   
      * @plexus.requirement
 50   
      */
 51   
     private SecuritySystem securitySystem;
 52   
 
 53   
     public boolean isAuthenticated( HttpServletRequest request, AuthenticationResult result )
 54   
         throws AuthenticationException, AccountLockedException, MustChangePasswordException
 55   
     {
 56  0 
         if ( result != null && !result.isAuthenticated() )
 57   
         {
 58  0 
             throw new AuthenticationException( "User Credentials Invalid" );
 59   
         }
 60   
 
 61  0 
         return true;
 62   
     }
 63   
 
 64   
     public boolean isAuthorized( HttpServletRequest request, SecuritySession securitySession, String repositoryId,
 65   
                                  String permission )
 66   
         throws AuthorizationException, UnauthorizedException
 67   
     {
 68   
         // TODO: also check for permission to proxy the resource when MRM-579 is implemented
 69   
 
 70  0 
         AuthorizationResult authzResult = securitySystem.authorize( securitySession, permission, repositoryId );
 71   
 
 72  0 
         if ( !authzResult.isAuthorized() )
 73   
         {
 74  0 
             if ( authzResult.getException() != null )
 75   
             {
 76  0 
                 log.info( "Authorization Denied [ip=" + request.getRemoteAddr() + ",permission=" + permission
 77   
                     + ",repo=" + repositoryId + "] : " + authzResult.getException().getMessage() );
 78   
 
 79  0 
                 throw new UnauthorizedException( "Access denied for repository " + repositoryId );
 80   
             }
 81  0 
             throw new UnauthorizedException( "User account is locked" );
 82   
         }
 83   
 
 84  0 
         return true;
 85   
     }
 86   
 
 87   
     public boolean isAuthorized( String principal, String repoId, String permission )
 88   
         throws UnauthorizedException
 89   
     {
 90   
         try
 91   
         {
 92  0 
             User user = securitySystem.getUserManager().findUser( principal );
 93  0 
             if ( user == null )
 94   
             {
 95  0 
                 throw new UnauthorizedException( "The security system had an internal error - please check your system logs" );
 96   
             }
 97  0 
             if ( user.isLocked() )
 98   
             {
 99  0 
                 throw new UnauthorizedException( "User account is locked." );
 100   
             }
 101   
 
 102  0 
             AuthenticationResult authn = new AuthenticationResult( true, principal, null );
 103  0 
             SecuritySession securitySession = new DefaultSecuritySession( authn, user );
 104   
 
 105  0 
             return securitySystem.isAuthorized( securitySession, permission, repoId );
 106   
         }
 107  0 
         catch ( UserNotFoundException e )
 108   
         {
 109  0 
             throw new UnauthorizedException( e.getMessage() );
 110   
         }
 111  0 
         catch ( AuthorizationException e )
 112   
         {
 113  0 
             throw new UnauthorizedException( e.getMessage() );
 114   
         }
 115   
     }
 116   
 }
Report generated by Cobertura 1.9 on 5/27/11 9:49 AM.