continuum-commits mailing list archives

Site index · List index

Message view	« Date » · « Thread »
Top	« Date » · « Thread »
From	tryg...@apache.org
Subject	svn commit: r366250 - in /maven/continuum/trunk: continuum-api/src/main/java/org/apache/maven/continuum/security/ continuum-core/ continuum-core/src/main/java/org/apache/maven/continuum/security/ continuum-core/src/test/resources/org/apache/maven/conti...
Date	Thu, 05 Jan 2006 19:25:33 GMT
Author: trygvis Date: Thu Jan 5 11:24:43 2006 New Revision: 366250 URL: http://svn.apache.org/viewcvs?rev=366250&view=rev Log: o Adding some security stuff. Added: maven/continuum/trunk/continuum-core/src/main/java/org/apache/maven/continuum/security/ContinuumAuthenticator.java (with props) Modified: maven/continuum/trunk/continuum-api/src/main/java/org/apache/maven/continuum/security/ContinuumSecurity.java maven/continuum/trunk/continuum-core/pom.xml maven/continuum/trunk/continuum-core/src/test/resources/org/apache/maven/continuum/DefaultContinuumTest.xml maven/continuum/trunk/continuum-web/pom.xml maven/continuum/trunk/continuum-web/src/main/java/org/apache/maven/continuum/web/action/Login.java maven/continuum/trunk/continuum-web/src/main/resources/META-INF/plexus/components.xml maven/continuum/trunk/continuum-web/src/main/resources/templates/navigations/DefaultTop.vm maven/continuum/trunk/continuum-web/src/main/resources/templates/screens/Error.vm maven/continuum/trunk/continuum-web/src/main/resources/templates/screens/Login.vm maven/continuum/trunk/continuum-web/src/main/resources/templates/screens/Summary.vm Modified: maven/continuum/trunk/continuum-api/src/main/java/org/apache/maven/continuum/security/ContinuumSecurity.java URL: http://svn.apache.org/viewcvs/maven/continuum/trunk/continuum-api/src/main/java/org/apache/maven/continuum/security/ContinuumSecurity.java?rev=366250&r1=366249&r2=366250&view=diff ============================================================================== --- maven/continuum/trunk/continuum-api/src/main/java/org/apache/maven/continuum/security/ContinuumSecurity.java (original) +++ maven/continuum/trunk/continuum-api/src/main/java/org/apache/maven/continuum/security/ContinuumSecurity.java Thu Jan 5 11:24:43 2006 @@ -17,7 +17,6 @@ / import org.apache.maven.continuum.model.system.ContinuumUser; -import org.apache.maven.continuum.model.system.Permission; import org.apache.maven.continuum.model.system.UserGroup; import java.util.List; Modified: maven/continuum/trunk/continuum-core/pom.xml URL: http://svn.apache.org/viewcvs/maven/continuum/trunk/continuum-core/pom.xml?rev=366250&r1=366249&r2=366250&view=diff ============================================================================== --- maven/continuum/trunk/continuum-core/pom.xml (original) +++ maven/continuum/trunk/continuum-core/pom.xml Thu Jan 5 11:24:43 2006 @@ -42,6 +42,10 @@ <artifactId>plexus-mail-sender-api</artifactId> </dependency> <dependency> + <groupId>org.codehaus.plexus</groupId> + <artifactId>plexus-security</artifactId> + </dependency> + <dependency> <groupId>org.apache.maven.continuum</groupId> <artifactId>continuum-test</artifactId> <scope>test</scope> @@ -166,4 +170,4 @@ <artifactId>maven-scm-provider-svn</artifactId> </dependency> </dependencies> -</project> \ No newline at end of file +</project> Added: maven/continuum/trunk/continuum-core/src/main/java/org/apache/maven/continuum/security/ContinuumAuthenticator.java URL: http://svn.apache.org/viewcvs/maven/continuum/trunk/continuum-core/src/main/java/org/apache/maven/continuum/security/ContinuumAuthenticator.java?rev=366250&view=auto ============================================================================== --- maven/continuum/trunk/continuum-core/src/main/java/org/apache/maven/continuum/security/ContinuumAuthenticator.java (added) +++ maven/continuum/trunk/continuum-core/src/main/java/org/apache/maven/continuum/security/ContinuumAuthenticator.java Thu Jan 5 11:24:43 2006 @@ -0,0 +1,94 @@ +package org.apache.maven.continuum.security; + +/ + * Copyright 2005 The Apache Software Foundation. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + / + +import org.codehaus.plexus.security.Authenticator; +import org.codehaus.plexus.security.exception.UnknownEntityException; +import org.codehaus.plexus.security.exception.AuthenticationException; +import org.codehaus.plexus.security.exception.UnauthorizedException; +import org.apache.maven.continuum.store.ContinuumStore; +import org.apache.maven.continuum.store.ContinuumStoreException; +import org.apache.maven.continuum.model.system.ContinuumUser; + +import java.util.Map; + +/* + * TODO: Move this to o.a.m.c.security once plexus-security doesn't depend on plexus-summit. + * + * @author <a href="mailto:trygvis@inamo.no">Trygve Laugstøl</a> + * @version $Id$ + / +public class ContinuumAuthenticator + implements Authenticator +{ + /* + * @plexus.requirement + / + private ContinuumStore store; + + // ---------------------------------------------------------------------- + // Authenticator Implementation + // ---------------------------------------------------------------------- + + public Object authenticate( Map tokens ) + throws UnknownEntityException, AuthenticationException, UnauthorizedException + { + String username = (String) tokens.get( "username" ); + String password = (String) tokens.get( "password" ); + + ContinuumUser user = getUser( username ); + + if ( user == null ) + { + throw new UnknownEntityException(); + } + + System.err.println( "username: " + username ); + System.err.println( "password: " + password ); + System.err.println( "user.password: " + user.getPassword() ); + + if ( !user.getPassword().equals( password ) ) + { + throw new AuthenticationException( "Invalid password." ); + } + + return null; + } + + public Object getAnonymousEntity() + { + throw new RuntimeException( "Not implemented" ); + } + + // ---------------------------------------------------------------------- + // Private + // ---------------------------------------------------------------------- + + private ContinuumUser getUser( String username ) + throws AuthenticationException + { + try + { + return store.getUserByUsername( username ); + } + catch ( ContinuumStoreException e ) + { + throw new AuthenticationException( "Error while retreiving user.", e ); + } + } +} Propchange: maven/continuum/trunk/continuum-core/src/main/java/org/apache/maven/continuum/security/ContinuumAuthenticator.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: maven/continuum/trunk/continuum-core/src/main/java/org/apache/maven/continuum/security/ContinuumAuthenticator.java ------------------------------------------------------------------------------ svn:keywords = Id Modified: maven/continuum/trunk/continuum-core/src/test/resources/org/apache/maven/continuum/DefaultContinuumTest.xml URL: http://svn.apache.org/viewcvs/maven/continuum/trunk/continuum-core/src/test/resources/org/apache/maven/continuum/DefaultContinuumTest.xml?rev=366250&r1=366249&r2=366250&view=diff ============================================================================== --- maven/continuum/trunk/continuum-core/src/test/resources/org/apache/maven/continuum/DefaultContinuumTest.xml (original) +++ maven/continuum/trunk/continuum-core/src/test/resources/org/apache/maven/continuum/DefaultContinuumTest.xml Thu Jan 5 11:24:43 2006 @@ -11,13 +11,13 @@ \| \| These point to the flows that we use as part of the runtime. \| - \| TODO: these should probably be packaged in the core package but the plexus-workflow package would + \| TODO: these should probably be packaged in the core package but the plexus-osworkflow package would \| need to be modified in order to find them all packaged in the JAR. \| --> <component> - <role>org.codehaus.plexus.workflow.WorkflowEngine</role> - <implementation>org.codehaus.plexus.workflow.DefaultWorkflowEngine</implementation> + <role>org.codehaus.plexus.osworkflow.WorkflowEngine</role> + <implementation>org.codehaus.plexus.osworkflow.DefaultWorkflowEngine</implementation> <configuration> <workflowDirectory>${basedir}/../continuum-plexus-application/src/conf/workflows</workflowDirectory> </configuration> Modified: maven/continuum/trunk/continuum-web/pom.xml URL: http://svn.apache.org/viewcvs/maven/continuum/trunk/continuum-web/pom.xml?rev=366250&r1=366249&r2=366250&view=diff ============================================================================== --- maven/continuum/trunk/continuum-web/pom.xml (original) +++ maven/continuum/trunk/continuum-web/pom.xml Thu Jan 5 11:24:43 2006 @@ -31,11 +31,6 @@ <artifactId>continuum-model</artifactId> </dependency> <dependency> - <groupId>org.codehaus.plexus</groupId> - <artifactId>plexus-security</artifactId> - <version>1.0-alpha-2</version> - </dependency> - <dependency> <groupId>org.apache.maven.continuum</groupId> <artifactId>continuum-core</artifactId> </dependency> @@ -86,4 +81,4 @@ <version>1.0-beta-1</version> </dependency> </dependencies> -</project> \ No newline at end of file +</project> Modified: maven/continuum/trunk/continuum-web/src/main/java/org/apache/maven/continuum/web/action/Login.java URL: http://svn.apache.org/viewcvs/maven/continuum/trunk/continuum-web/src/main/java/org/apache/maven/continuum/web/action/Login.java?rev=366250&r1=366249&r2=366250&view=diff ============================================================================== --- maven/continuum/trunk/continuum-web/src/main/java/org/apache/maven/continuum/web/action/Login.java (original) +++ maven/continuum/trunk/continuum-web/src/main/java/org/apache/maven/continuum/web/action/Login.java Thu Jan 5 11:24:43 2006 @@ -20,9 +20,15 @@ import org.apache.maven.continuum.store.ContinuumStore; import org.apache.maven.continuum.web.model.SessionUser; import org.codehaus.plexus.security.summit.SecureRunData; +import org.codehaus.plexus.security.Authenticator; +import org.codehaus.plexus.security.exception.UnknownEntityException; +import org.codehaus.plexus.security.exception.UnauthorizedException; +import org.codehaus.plexus.security.exception.AuthenticationException; import org.codehaus.plexus.action.AbstractAction; +import org.codehaus.plexus.util.StringUtils; import java.util.Map; +import java.util.HashMap; /* * @author <a href="mailto:trygvis@inamo.no">Trygve Laugstøl</a> @@ -37,34 +43,76 @@ / private ContinuumStore store; + /* + * @plexus.requirement + */ + private Authenticator authenticator; + public void execute( Map map ) throws Exception { - String login = (String) map.get( "login.username" ); + SecureRunData data = (SecureRunData) map.get( "data" ); - getLogger().info( "Trying to log in " + login ); + String username = (String) map.get( "login.username" ); - String password = (String) map.get( "login.password" ); + getLogger().info( "Trying to log in '" + username + "'." ); - ContinuumUser user = store.getUserByUsername( login ); + String password = (String) map.get( "login.password" ); - if ( user != null && user.equalsPassword( password ) ) + if ( StringUtils.isEmpty( username ) \|\| StringUtils.isEmpty( password ) ) { - SecureRunData secData = (SecureRunData) map.get( "data" ); + data.getViewContext().put( "loginMessage", "Both username and password has to be supplied."); + data.setTarget( "Login.vm" ); + return; + } + + // ---------------------------------------------------------------------- + // Authenticate the user + // ---------------------------------------------------------------------- - SessionUser usr = new SessionUser( user.getAccountId(), user.getUsername() ); + Map tokens = new HashMap(); - usr.setFullName( user.getFullName() ); + tokens.put( "username", username ); + tokens.put( "password", password ); - usr.setLoggedIn( true ); + try + { + authenticator.authenticate( tokens ); + } + catch ( UnknownEntityException e ) + { + // TODO: Internationalize + data.getViewContext().put( "loginMessage", "Unknown user '" + username + "'."); + data.setTarget( "Login.vm" ); - secData.setUser( usr ); + return; + } + catch ( AuthenticationException e ) + { + // TODO: Internationalize + data.getViewContext().put( "loginMessage", "Could not authenticate: " + e.getMessage() ); + data.setTarget( "Login.vm" ); - secData.setTarget( "Summary.vm" ); + return; } - else + catch ( UnauthorizedException e ) { - throw new Exception( "Your login/password is incorrect" ); + data.getViewContext().put( "loginMessage", "User '" + username + "' is not authorized ."); + data.setTarget( "Login.vm" ); + + return; } + + ContinuumUser user = store.getUserByUsername( username ); + + SessionUser usr = new SessionUser( user.getAccountId(), user.getUsername() ); + + usr.setFullName( user.getFullName() ); + + usr.setLoggedIn( true ); + + data.setUser( usr ); + + data.setTarget( "Summary.vm" ); } } Modified: maven/continuum/trunk/continuum-web/src/main/resources/META-INF/plexus/components.xml URL: http://svn.apache.org/viewcvs/maven/continuum/trunk/continuum-web/src/main/resources/META-INF/plexus/components.xml?rev=366250&r1=366249&r2=366250&view=diff ============================================================================== --- maven/continuum/trunk/continuum-web/src/main/resources/META-INF/plexus/components.xml (original) +++ maven/continuum/trunk/continuum-web/src/main/resources/META-INF/plexus/components.xml Thu Jan 5 11:24:43 2006 @@ -53,11 +53,21 @@ </configuration> </component> + <component> + <role>org.codehaus.plexus.security.Authenticator</role> + <role-hint>built-in-store</role-hint> + <implementation>org.apache.maven.continuum.security.ContinuumAuthenticator</implementation> + <requirements> + <requirement> + <role>org.apache.maven.continuum.store.ContinuumStore</role> + </requirement> + </requirements> + </component> <!-- - \| - \| Customized PullTools Service - \| - --> + \| + \| Customized PullTools Service + \| + --> <component> <role>org.codehaus.plexus.summit.pull.PullService</role> @@ -477,6 +487,10 @@ <requirements> <requirement> <role>org.apache.maven.continuum.store.ContinuumStore</role> + </requirement> + <requirement> + <role>org.codehaus.plexus.security.Authenticator</role> + <role-hint>built-in-store</role-hint> </requirement> </requirements> </component> Modified: maven/continuum/trunk/continuum-web/src/main/resources/templates/navigations/DefaultTop.vm URL: http://svn.apache.org/viewcvs/maven/continuum/trunk/continuum-web/src/main/resources/templates/navigations/DefaultTop.vm?rev=366250&r1=366249&r2=366250&view=diff ============================================================================== --- maven/continuum/trunk/continuum-web/src/main/resources/templates/navigations/DefaultTop.vm (original) +++ maven/continuum/trunk/continuum-web/src/main/resources/templates/navigations/DefaultTop.vm Thu Jan 5 11:24:43 2006 @@ -36,7 +36,7 @@ <div> #if ( $data.getUser() ) - Welcome, <b>$data.user.fullName</b> - <a href="$link?action=logout">Disconnect</a> + Welcome, <b>$data.user.fullName</b> - <a href="$link?action=logout">Log out</a> #else Welcome, <b>Guest</b> - <a href="$link.setPage('Login.vm')">Login</a> #end Modified: maven/continuum/trunk/continuum-web/src/main/resources/templates/screens/Error.vm URL: http://svn.apache.org/viewcvs/maven/continuum/trunk/continuum-web/src/main/resources/templates/screens/Error.vm?rev=366250&r1=366249&r2=366250&view=diff ============================================================================== --- maven/continuum/trunk/continuum-web/src/main/resources/templates/screens/Error.vm (original) +++ maven/continuum/trunk/continuum-web/src/main/resources/templates/screens/Error.vm Thu Jan 5 11:24:43 2006 @@ -9,4 +9,3 @@ </div> <pre>$stackTrace</pre> </div> - Modified: maven/continuum/trunk/continuum-web/src/main/resources/templates/screens/Login.vm URL: http://svn.apache.org/viewcvs/maven/continuum/trunk/continuum-web/src/main/resources/templates/screens/Login.vm?rev=366250&r1=366249&r2=366250&view=diff ============================================================================== --- maven/continuum/trunk/continuum-web/src/main/resources/templates/screens/Login.vm (original) +++ maven/continuum/trunk/continuum-web/src/main/resources/templates/screens/Login.vm Thu Jan 5 11:24:43 2006 @@ -8,6 +8,11 @@ <h3>Authentication</h3> <div class="axial"> <table border="1" cellspacing="2" cellpadding="3"> +#if ( $loginMessage ) + <tr> + <td colspan="2"><font color="red">$loginMessage</font></td> + </tr> +#end <tr> <td>Username :</td> <td><input type="text" name="login.username" size="100"></td> Modified: maven/continuum/trunk/continuum-web/src/main/resources/templates/screens/Summary.vm URL: http://svn.apache.org/viewcvs/maven/continuum/trunk/continuum-web/src/main/resources/templates/screens/Summary.vm?rev=366250&r1=366249&r2=366250&view=diff ============================================================================== --- maven/continuum/trunk/continuum-web/src/main/resources/templates/screens/Summary.vm (original) +++ maven/continuum/trunk/continuum-web/src/main/resources/templates/screens/Summary.vm Thu Jan 5 11:24:43 2006 @@ -139,4 +139,4 @@ <td align="right"> </td> </tr> -</table> \ No newline at end of file +</table>
Mime	Unnamed text/plain (inline, 7-Bit, 18749 bytes)
	View raw message