archiva-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From och...@apache.org
Subject svn commit: r701955 - in /archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src: main/java/org/apache/maven/archiva/security/ test/java/org/apache/maven/archiva/security/ test/resources/org/apache/maven/archiva/security/
Date Mon, 06 Oct 2008 06:22:49 GMT
Author: oching
Date: Sun Oct  5 23:22:49 2008
New Revision: 701955

URL: http://svn.apache.org/viewvc?rev=701955&view=rev
Log:
added test cases for ArchivaServletAuthenticator

Added:
    archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/AbstractSecurityTest.java
    archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/test/resources/org/apache/maven/archiva/security/ArchivaServletAuthenticatorTest.xml
Modified:
    archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ServletAuthenticator.java
    archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/ArchivaServletAuthenticatorTest.java
    archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/DefaultUserRepositoriesTest.java

Modified: archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ServletAuthenticator.java
URL: http://svn.apache.org/viewvc/archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ServletAuthenticator.java?rev=701955&r1=701954&r2=701955&view=diff
==============================================================================
--- archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ServletAuthenticator.java
(original)
+++ archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ServletAuthenticator.java
Sun Oct  5 23:22:49 2008
@@ -35,12 +35,46 @@
  */
 public interface ServletAuthenticator
 {
+    /**
+     * Authentication check for users.
+     * 
+     * @param request
+     * @param result
+     * @return
+     * @throws AuthenticationException
+     * @throws AccountLockedException
+     * @throws MustChangePasswordException
+     */
     public boolean isAuthenticated( HttpServletRequest request, AuthenticationResult result
)
         throws AuthenticationException, AccountLockedException, MustChangePasswordException;
 
+    /**
+     * Authorization check for valid users.
+     * 
+     * @param request
+     * @param securitySession
+     * @param repositoryId
+     * @param isWriteRequest
+     * @return
+     * @throws AuthorizationException
+     * @throws UnauthorizedException
+     */
     public boolean isAuthorized( HttpServletRequest request, SecuritySession securitySession,
String repositoryId,
         boolean isWriteRequest ) throws AuthorizationException, UnauthorizedException;
     
+    /**
+     * Authorization check specific for user guest, which doesn't go through 
+     * HttpBasicAuthentication#getAuthenticationResult( HttpServletRequest request, HttpServletResponse
response )
+     * since no credentials are attached to the request. 
+     * 
+     * See also MRM-911
+     * 
+     * @param principal
+     * @param repoId
+     * @param isWriteRequest
+     * @return
+     * @throws UnauthorizedException
+     */
     public boolean isAuthorized( String principal, String repoId, boolean isWriteRequest
)
         throws UnauthorizedException;
 }

Added: archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/AbstractSecurityTest.java
URL: http://svn.apache.org/viewvc/archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/AbstractSecurityTest.java?rev=701955&view=auto
==============================================================================
--- archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/AbstractSecurityTest.java
(added)
+++ archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/AbstractSecurityTest.java
Sun Oct  5 23:22:49 2008
@@ -0,0 +1,126 @@
+package org.apache.maven.archiva.security;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import java.io.File;
+
+import org.apache.commons.io.FileUtils;
+import org.apache.maven.archiva.configuration.ArchivaConfiguration;
+import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration;
+import org.codehaus.plexus.redback.rbac.RBACManager;
+import org.codehaus.plexus.redback.role.RoleManager;
+import org.codehaus.plexus.redback.system.SecuritySystem;
+import org.codehaus.plexus.redback.users.User;
+import org.codehaus.plexus.redback.users.UserManager;
+import org.codehaus.plexus.spring.PlexusInSpringTestCase;
+
+/**
+ * AbstractSecurityTest 
+ *
+ * @author <a href="mailto:oching@apache.org">Maria Odea Ching</a>
+ * @version $Id: AbstractSecurityTest
+ */
+public abstract class AbstractSecurityTest
+    extends PlexusInSpringTestCase
+{
+    protected static final String USER_GUEST = "guest";
+
+    protected static final String USER_ADMIN = "admin";
+
+    protected static final String USER_ALPACA = "alpaca";
+
+    protected SecuritySystem securitySystem;
+
+    private RBACManager rbacManager;
+
+    protected RoleManager roleManager;
+
+    private ArchivaConfiguration archivaConfiguration;
+
+    protected UserRepositories userRepos;
+
+    protected void setupRepository( String repoId )
+        throws Exception
+    {
+        // Add repo to configuration.
+        ManagedRepositoryConfiguration repoConfig = new ManagedRepositoryConfiguration();
+        repoConfig.setId( repoId );
+        repoConfig.setName( "Testable repo <" + repoId + ">" );
+        repoConfig.setLocation( getTestPath( "target/test-repo/" + repoId ) );
+        archivaConfiguration.getConfiguration().addManagedRepository( repoConfig );
+
+        // Add repo roles to security.
+        userRepos.createMissingRepositoryRoles( repoId );
+    }
+
+    protected void assignRepositoryObserverRole( String principal, String repoId )
+        throws Exception
+    {
+        roleManager.assignTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_OBSERVER,
repoId, principal );
+    }
+
+    protected User createUser( String principal, String fullname )
+    {
+        UserManager userManager = securitySystem.getUserManager();
+
+        User user = userManager.createUser( principal, fullname, principal + "@testable.archiva.apache.org"
);
+        securitySystem.getPolicy().setEnabled( false );
+        userManager.addUser( user );
+        securitySystem.getPolicy().setEnabled( true );
+
+        return user;
+    }
+
+    @Override
+    public void setUp()
+        throws Exception
+    {
+        super.setUp();
+
+        File srcConfig = getTestFile( "src/test/resources/repository-archiva.xml" );
+        File destConfig = getTestFile( "target/test-conf/archiva.xml" );
+
+        destConfig.getParentFile().mkdirs();
+        destConfig.delete();
+
+        FileUtils.copyFile( srcConfig, destConfig );
+
+        securitySystem = (SecuritySystem) lookup( SecuritySystem.class, "testable" );
+        rbacManager = (RBACManager) lookup( RBACManager.class, "memory" );
+        roleManager = (RoleManager) lookup( RoleManager.class, "default" );
+        userRepos = (UserRepositories) lookup( UserRepositories.class, "default" );
+        archivaConfiguration = (ArchivaConfiguration) lookup( ArchivaConfiguration.class
);
+
+        // Some basic asserts.
+        assertNotNull( securitySystem );
+        assertNotNull( rbacManager );
+        assertNotNull( roleManager );
+        assertNotNull( userRepos );
+        assertNotNull( archivaConfiguration );
+
+        // Setup Admin User.
+        User adminUser = createUser( USER_ADMIN, "Admin User" );
+        roleManager.assignRole( ArchivaRoleConstants.TEMPLATE_SYSTEM_ADMIN, adminUser.getPrincipal().toString()
);
+
+        // Setup Guest User.
+        User guestUser = createUser( USER_GUEST, "Guest User" );
+        roleManager.assignRole( ArchivaRoleConstants.TEMPLATE_GUEST, guestUser.getPrincipal().toString()
);
+    }
+}

Modified: archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/ArchivaServletAuthenticatorTest.java
URL: http://svn.apache.org/viewvc/archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/ArchivaServletAuthenticatorTest.java?rev=701955&r1=701954&r2=701955&view=diff
==============================================================================
--- archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/ArchivaServletAuthenticatorTest.java
(original)
+++ archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/ArchivaServletAuthenticatorTest.java
Sun Oct  5 23:22:49 2008
@@ -19,7 +19,17 @@
  * under the License.
  */
 
-import org.codehaus.plexus.spring.PlexusInSpringTestCase;
+import javax.servlet.http.HttpServletRequest;
+
+import org.codehaus.plexus.redback.authentication.AuthenticationException;
+import org.codehaus.plexus.redback.authentication.AuthenticationResult;
+import org.codehaus.plexus.redback.authorization.UnauthorizedException;
+import org.codehaus.plexus.redback.system.DefaultSecuritySession;
+import org.codehaus.plexus.redback.system.SecuritySession;
+import org.codehaus.plexus.redback.users.User;
+import org.codehaus.plexus.redback.users.UserManager; 
+
+import org.easymock.MockControl;
 
 /**
  * ArchivaServletAuthenticatorTest
@@ -28,23 +38,187 @@
  * @version
  */
 public class ArchivaServletAuthenticatorTest
-    extends PlexusInSpringTestCase
-{
+    extends AbstractSecurityTest
+{    
+    private ServletAuthenticator servletAuth;
+    
+    private MockControl httpServletRequestControl;
+    
+    private HttpServletRequest request;
+    
+    @Override
     public void setUp()
         throws Exception
     {
         super.setUp();
+        
+        servletAuth = ( ServletAuthenticator ) lookup( ServletAuthenticator.class, "default"
);
+        
+        httpServletRequestControl = MockControl.createControl( HttpServletRequest.class );
+        request = ( HttpServletRequest ) httpServletRequestControl.getMock();
+        
+        setupRepository( "corporate" );
+    }
+    
+    @Override
+    protected String getPlexusConfigLocation()
+    {
+        return "org/apache/maven/archiva/security/ArchivaServletAuthenticatorTest.xml";
+    }
+    
+    protected void assignRepositoryManagerRole( String principal, String repoId )
+        throws Exception
+    {
+        roleManager.assignTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_MANAGER,
repoId, principal );
     }
     
-    public void testIsAuthenticated()
+    public void testIsAuthenticatedUserExists()
         throws Exception
     {
-        //TODO
+        AuthenticationResult result = new AuthenticationResult( true, "user", null );
+        boolean isAuthenticated = servletAuth.isAuthenticated( request, result );
+        
+        assertTrue( isAuthenticated );
     }
     
-    public void testIsAuthorized()
+    public void testIsAuthenticatedUserDoesNotExist()
         throws Exception
     {
-        //TODO
+        AuthenticationResult result = new AuthenticationResult( false, "non-existing-user",
null );
+        try
+        {
+            servletAuth.isAuthenticated( request, result );
+            fail( "Authentication exception should have been thrown." );
+        }
+        catch ( AuthenticationException e )
+        {
+            assertEquals( "User Credentials Invalid", e.getMessage() );
+        }        
+    }
+    
+    public void testIsAuthorizedUserHasWriteAccess()
+        throws Exception
+    {   
+        createUser( USER_ALPACA, "Al 'Archiva' Paca" );
+        
+        assignRepositoryManagerRole( USER_ALPACA, "corporate" );
+
+        UserManager userManager = securitySystem.getUserManager();
+        User user = userManager.findUser( USER_ALPACA );
+        
+        AuthenticationResult result = new AuthenticationResult( true, USER_ALPACA, null );
+        
+        SecuritySession session = new DefaultSecuritySession( result, user );
+        boolean isAuthorized = servletAuth.isAuthorized( request, session, "corporate", true
);
+                
+        assertTrue( isAuthorized );
+    }
+    
+    public void testIsAuthorizedUserHasNoWriteAccess()
+        throws Exception
+    {
+        createUser( USER_ALPACA, "Al 'Archiva' Paca" );
+        
+        assignRepositoryObserverRole( USER_ALPACA, "corporate" );
+    
+        httpServletRequestControl.expectAndReturn( request.getRemoteAddr(), "192.168.111.111"
);
+        
+        UserManager userManager = securitySystem.getUserManager();
+        User user = userManager.findUser( USER_ALPACA );
+        
+        AuthenticationResult result = new AuthenticationResult( true, USER_ALPACA, null );
+        
+        SecuritySession session = new DefaultSecuritySession( result, user );
+        
+        httpServletRequestControl.replay();
+        
+        try
+        {
+            servletAuth.isAuthorized( request, session, "corporate", true );
+            fail( "UnauthorizedException should have been thrown." ); 
+        }
+        catch ( UnauthorizedException e )
+        {
+            assertEquals( "Access denied for repository corporate", e.getMessage() );
+        }
+    
+        httpServletRequestControl.verify();
+    }
+    
+    
+    public void testIsAuthorizedUserHasReadAccess()
+        throws Exception
+    { 
+        createUser( USER_ALPACA, "Al 'Archiva' Paca" );
+        
+        assignRepositoryObserverRole( USER_ALPACA, "corporate" );
+        
+        UserManager userManager = securitySystem.getUserManager();
+        User user = userManager.findUser( USER_ALPACA );
+        
+        AuthenticationResult result = new AuthenticationResult( true, USER_ALPACA, null );
+        
+        SecuritySession session = new DefaultSecuritySession( result, user );
+        boolean isAuthorized = servletAuth.isAuthorized( request, session, "corporate", false
);
+                
+        assertTrue( isAuthorized );        
+    }
+    
+    public void testIsAuthorizedUserHasNoReadAccess()
+        throws Exception
+    {
+        createUser( USER_ALPACA, "Al 'Archiva' Paca" );
+        
+        UserManager userManager = securitySystem.getUserManager();
+        User user = userManager.findUser( USER_ALPACA );
+        
+        AuthenticationResult result = new AuthenticationResult( true, USER_ALPACA, null );
+        
+        SecuritySession session = new DefaultSecuritySession( result, user );
+        try
+        {
+            servletAuth.isAuthorized( request, session, "corporate", false );
+            fail( "UnauthorizedException should have been thrown." );
+        }
+        catch ( UnauthorizedException e )
+        {
+            assertEquals( "Access denied for repository corporate", e.getMessage() );
+        }       
+    }
+    
+    public void testIsAuthorizedGustUserHasWriteAccess()
+        throws Exception
+    {   
+        assignRepositoryManagerRole( USER_GUEST, "corporate" );        
+        boolean isAuthorized = servletAuth.isAuthorized( USER_GUEST, "corporate", true );
+        
+        assertTrue( isAuthorized );
+    }
+    
+    public void testIsAuthorizedGustUserHasNoWriteAccess()
+        throws Exception
+    {   
+        assignRepositoryObserverRole( USER_GUEST, "corporate" );
+        
+        boolean isAuthorized = servletAuth.isAuthorized( USER_GUEST, "corporate", true );
+        assertFalse( isAuthorized );
+    }
+    
+    public void testIsAuthorizedGustUserHasReadAccess()
+        throws Exception
+    {
+        assignRepositoryObserverRole( USER_GUEST, "corporate" );
+        
+        boolean isAuthorized = servletAuth.isAuthorized( USER_GUEST, "corporate", false );
+        
+        assertTrue( isAuthorized );        
+    }
+    
+    public void testIsAuthorizedGustUserHasNoReadAccess()
+        throws Exception
+    {                   
+        boolean isAuthorized = servletAuth.isAuthorized( USER_GUEST, "corporate", false );
+            
+        assertFalse( isAuthorized );
     }
 }

Modified: archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/DefaultUserRepositoriesTest.java
URL: http://svn.apache.org/viewvc/archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/DefaultUserRepositoriesTest.java?rev=701955&r1=701954&r2=701955&view=diff
==============================================================================
--- archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/DefaultUserRepositoriesTest.java
(original)
+++ archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/DefaultUserRepositoriesTest.java
Sun Oct  5 23:22:49 2008
@@ -19,19 +19,9 @@
  * under the License.
  */
 
-import java.io.File;
 import java.util.List;
 
-import org.apache.commons.io.FileUtils;
 import org.apache.commons.lang.StringUtils;
-import org.apache.maven.archiva.configuration.ArchivaConfiguration;
-import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration;
-import org.codehaus.plexus.spring.PlexusInSpringTestCase;
-import org.codehaus.plexus.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.role.RoleManager;
-import org.codehaus.plexus.redback.system.SecuritySystem;
-import org.codehaus.plexus.redback.users.User;
-import org.codehaus.plexus.redback.users.UserManager;
 
 /**
  * DefaultUserRepositoriesTest 
@@ -40,24 +30,14 @@
  * @version $Id$
  */
 public class DefaultUserRepositoriesTest
-    extends PlexusInSpringTestCase
-{
-    private static final String USER_GUEST = "guest";
-
-    private static final String USER_ADMIN = "admin";
-
-    private static final String USER_ALPACA = "alpaca";
-
-    private SecuritySystem securitySystem;
-
-    private RBACManager rbacManager;
-
-    private RoleManager roleManager;
-
-    private ArchivaConfiguration archivaConfiguration;
-
-    private UserRepositories userRepos;
-
+    extends AbstractSecurityTest
+{   
+    @Override
+    protected String getPlexusConfigLocation()
+    {
+        return "org/apache/maven/archiva/security/DefaultUserRepositoriesTest.xml";
+    }
+    
     public void testGetObservableRepositoryIds()
         throws Exception
     {
@@ -98,78 +78,9 @@
         }
     }
 
-    private void setupRepository( String repoId )
-        throws Exception
-    {
-        // Add repo to configuration.
-        ManagedRepositoryConfiguration repoConfig = new ManagedRepositoryConfiguration();
-        repoConfig.setId( repoId );
-        repoConfig.setName( "Testable repo <" + repoId + ">" );
-        repoConfig.setLocation( getTestPath( "target/test-repo/" + repoId ) );
-        archivaConfiguration.getConfiguration().addManagedRepository( repoConfig );
-
-        // Add repo roles to security.
-        userRepos.createMissingRepositoryRoles( repoId );
-    }
-
     private void assignGlobalRepositoryObserverRole( String principal )
         throws Exception
     {
         roleManager.assignRole( ArchivaRoleConstants.TEMPLATE_GLOBAL_REPOSITORY_OBSERVER,
principal );
     }
-
-    private void assignRepositoryObserverRole( String principal, String repoId )
-        throws Exception
-    {
-        roleManager.assignTemplatedRole( ArchivaRoleConstants.TEMPLATE_REPOSITORY_OBSERVER,
repoId, principal );
-    }
-
-    private User createUser( String principal, String fullname )
-    {
-        UserManager userManager = securitySystem.getUserManager();
-
-        User user = userManager.createUser( principal, fullname, principal + "@testable.archiva.apache.org"
);
-        securitySystem.getPolicy().setEnabled( false );
-        userManager.addUser( user );
-        securitySystem.getPolicy().setEnabled( true );
-
-        return user;
-    }
-
-    @Override
-    protected void setUp()
-        throws Exception
-    {
-        super.setUp();
-
-        File srcConfig = getTestFile( "src/test/resources/repository-archiva.xml" );
-        File destConfig = getTestFile( "target/test-conf/archiva.xml" );
-
-        destConfig.getParentFile().mkdirs();
-        destConfig.delete();
-
-        FileUtils.copyFile( srcConfig, destConfig );
-
-        securitySystem = (SecuritySystem) lookup( SecuritySystem.class, "testable" );
-        rbacManager = (RBACManager) lookup( RBACManager.class, "memory" );
-        roleManager = (RoleManager) lookup( RoleManager.class, "default" );
-        userRepos = (UserRepositories) lookup( UserRepositories.class, "default" );
-        archivaConfiguration = (ArchivaConfiguration) lookup( ArchivaConfiguration.class
);
-
-        // Some basic asserts.
-        assertNotNull( securitySystem );
-        assertNotNull( rbacManager );
-        assertNotNull( roleManager );
-        assertNotNull( userRepos );
-        assertNotNull( archivaConfiguration );
-
-        // Setup Admin User.
-        User adminUser = createUser( USER_ADMIN, "Admin User" );
-        roleManager.assignRole( ArchivaRoleConstants.TEMPLATE_SYSTEM_ADMIN, adminUser.getPrincipal().toString()
);
-
-        // Setup Guest User.
-        User guestUser = createUser( USER_GUEST, "Guest User" );
-        roleManager.assignRole( ArchivaRoleConstants.TEMPLATE_GUEST, guestUser.getPrincipal().toString()
);
-
-    }
 }

Added: archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/test/resources/org/apache/maven/archiva/security/ArchivaServletAuthenticatorTest.xml
URL: http://svn.apache.org/viewvc/archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/test/resources/org/apache/maven/archiva/security/ArchivaServletAuthenticatorTest.xml?rev=701955&view=auto
==============================================================================
--- archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/test/resources/org/apache/maven/archiva/security/ArchivaServletAuthenticatorTest.xml
(added)
+++ archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-security/src/test/resources/org/apache/maven/archiva/security/ArchivaServletAuthenticatorTest.xml
Sun Oct  5 23:22:49 2008
@@ -0,0 +1,202 @@
+<?xml version="1.0" ?>
+<component-set>
+  <components>
+  
+  	<component>
+      <role>org.apache.maven.archiva.security.ServletAuthenticator</role>
+      <role-hint>default</role-hint>
+      <implementation>org.apache.maven.archiva.security.ArchivaServletAuthenticator</implementation>
+      <description>ArchivaServletAuthenticator</description>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.redback.system.SecuritySystem</role>
+          <role-hint>testable</role-hint>
+          <field-name>securitySystem</field-name>
+        </requirement>
+      </requirements>
+    </component>
+    
+    <component>
+      <role>org.apache.maven.archiva.security.UserRepositories</role>
+      <role-hint>default</role-hint>
+      <implementation>org.apache.maven.archiva.security.DefaultUserRepositories</implementation>
+      <description>DefaultUserRepositories</description>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.redback.system.SecuritySystem</role>
+          <role-hint>testable</role-hint>
+          <field-name>securitySystem</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
+          <role-hint>memory</role-hint>
+          <field-name>rbacManager</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.role.RoleManager</role>
+          <role-hint>default</role-hint>
+          <field-name>roleManager</field-name>
+        </requirement>
+        <requirement>
+          <role>org.apache.maven.archiva.configuration.ArchivaConfiguration</role>
+          <field-name>archivaConfiguration</field-name>
+        </requirement>
+      </requirements>
+    </component>
+    
+    <component>
+      <role>org.codehaus.plexus.redback.system.SecuritySystem</role>
+      <role-hint>testable</role-hint>
+      <implementation>org.codehaus.plexus.redback.system.DefaultSecuritySystem</implementation>
+      <description>DefaultSecuritySystem:</description>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.redback.authentication.AuthenticationManager</role>
+          <field-name>authnManager</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.authorization.Authorizer</role>
+          <role-hint>rbac</role-hint>
+          <field-name>authorizer</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.users.UserManager</role>
+          <role-hint>memory</role-hint>
+          <field-name>userManager</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.keys.KeyManager</role>
+          <role-hint>memory</role-hint>
+          <field-name>keyManager</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.policy.UserSecurityPolicy</role>
+          <field-name>policy</field-name>
+        </requirement>
+      </requirements>
+    </component>
+    
+    <component>
+      <role>org.codehaus.plexus.redback.authorization.Authorizer</role>
+      <role-hint>rbac</role-hint>
+      <implementation>org.codehaus.plexus.redback.authorization.rbac.RbacAuthorizer</implementation>
+      <description>RbacAuthorizer:</description>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
+          <role-hint>memory</role-hint>
+          <field-name>manager</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.users.UserManager</role>
+          <role-hint>memory</role-hint>
+          <field-name>userManager</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.authorization.rbac.evaluator.PermissionEvaluator</role>
+          <role-hint>default</role-hint>
+          <field-name>evaluator</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.configuration.UserConfiguration</role>
+          <role-hint>default</role-hint>
+          <field-name>config</field-name>
+        </requirement>
+      </requirements>
+    </component>
+    
+    <component>
+      <role>org.codehaus.plexus.redback.authorization.rbac.evaluator.PermissionEvaluator</role>
+      <role-hint>default</role-hint>
+      <implementation>org.codehaus.plexus.redback.authorization.rbac.evaluator.DefaultPermissionEvaluator</implementation>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.redback.users.UserManager</role>
+          <role-hint>memory</role-hint>
+          <field-name>userManager</field-name>
+        </requirement>
+      </requirements>
+    </component>
+    
+    <component>
+      <role>org.codehaus.plexus.redback.role.RoleManager</role>
+      <role-hint>default</role-hint>
+      <implementation>org.codehaus.plexus.redback.role.DefaultRoleManager</implementation>
+      <description>RoleProfileManager:</description>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.redback.role.validator.RoleModelValidator</role>
+          <role-hint>default</role-hint>
+          <field-name>modelValidator</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.role.processor.RoleModelProcessor</role>
+          <role-hint>default</role-hint>
+          <field-name>modelProcessor</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.role.template.RoleTemplateProcessor</role>
+          <role-hint>default</role-hint>
+          <field-name>templateProcessor</field-name>
+        </requirement>
+        <requirement>
+          <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
+          <role-hint>memory</role-hint>
+          <field-name>rbacManager</field-name>
+        </requirement>
+      </requirements>
+    </component>
+    
+    <component>
+      <role>org.codehaus.plexus.redback.role.processor.RoleModelProcessor</role>
+      <role-hint>default</role-hint>
+      <implementation>org.codehaus.plexus.redback.role.processor.DefaultRoleModelProcessor</implementation>
+      <description>DefaultRoleModelProcessor: inserts the components of the model that
can be populated into the rbac manager</description>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
+          <role-hint>memory</role-hint>
+          <field-name>rbacManager</field-name>
+        </requirement>
+      </requirements>
+    </component>
+    
+    <component>
+      <role>org.codehaus.plexus.redback.role.template.RoleTemplateProcessor</role>
+      <role-hint>default</role-hint>
+      <implementation>org.codehaus.plexus.redback.role.template.DefaultRoleTemplateProcessor</implementation>
+      <description>DefaultRoleTemplateProcessor: inserts the components of a template
into the rbac manager</description>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
+          <role-hint>memory</role-hint>
+          <field-name>rbacManager</field-name>
+        </requirement>
+      </requirements>
+    </component>
+    
+    <component>
+      <role>org.apache.maven.archiva.configuration.ArchivaConfiguration</role>
+      <implementation>org.apache.maven.archiva.configuration.DefaultArchivaConfiguration</implementation>
+      <requirements>
+        <requirement>
+          <role>org.codehaus.plexus.registry.Registry</role>
+          <role-hint>configured</role-hint>
+        </requirement>
+      </requirements>
+    </component>
+    <component>
+      <role>org.codehaus.plexus.registry.Registry</role>
+      <role-hint>configured</role-hint>
+      <implementation>org.codehaus.plexus.registry.commons.CommonsConfigurationRegistry</implementation>
+      <configuration>
+        <properties>
+          <system/>
+          <xml fileName="${basedir}/target/test-conf/archiva.xml"
+               config-name="org.apache.maven.archiva.base" config-at="org.apache.maven.archiva"/>
+        </properties>
+      </configuration>
+    </component>
+    
+  </components>
+</component-set>



Mime
View raw message