continuum-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jmcconn...@apache.org
Subject svn commit: r537255 - in /maven/continuum/trunk/continuum-xmlrpc/continuum-xmlrpc-server: ./ src/main/java/org/apache/maven/continuum/xmlrpc/server/
Date Fri, 11 May 2007 18:21:54 GMT
Author: jmcconnell
Date: Fri May 11 11:21:53 2007
New Revision: 537255

URL: http://svn.apache.org/viewvc?view=rev&rev=537255
Log:
working redback authn and authz with xmlrpc

Modified:
    maven/continuum/trunk/continuum-xmlrpc/continuum-xmlrpc-server/pom.xml
    maven/continuum/trunk/continuum-xmlrpc/continuum-xmlrpc-server/src/main/java/org/apache/maven/continuum/xmlrpc/server/ContinuumServiceImpl.java
    maven/continuum/trunk/continuum-xmlrpc/continuum-xmlrpc-server/src/main/java/org/apache/maven/continuum/xmlrpc/server/ContinuumXmlRpcConfig.java
    maven/continuum/trunk/continuum-xmlrpc/continuum-xmlrpc-server/src/main/java/org/apache/maven/continuum/xmlrpc/server/ContinuumXmlRpcServlet.java

Modified: maven/continuum/trunk/continuum-xmlrpc/continuum-xmlrpc-server/pom.xml
URL: http://svn.apache.org/viewvc/maven/continuum/trunk/continuum-xmlrpc/continuum-xmlrpc-server/pom.xml?view=diff&rev=537255&r1=537254&r2=537255
==============================================================================
--- maven/continuum/trunk/continuum-xmlrpc/continuum-xmlrpc-server/pom.xml (original)
+++ maven/continuum/trunk/continuum-xmlrpc/continuum-xmlrpc-server/pom.xml Fri May 11 11:21:53
2007
@@ -33,6 +33,14 @@
       <artifactId>continuum-xmlrpc-api</artifactId>
     </dependency>
     <dependency>
+      <groupId>org.apache.maven.continuum</groupId>
+      <artifactId>continuum-security</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.codehaus.plexus.redback</groupId>
+      <artifactId>redback-system</artifactId>
+    </dependency>
+    <dependency>
       <groupId>org.codehaus.plexus</groupId>
       <artifactId>plexus-xwork-integration</artifactId>
     </dependency>

Modified: maven/continuum/trunk/continuum-xmlrpc/continuum-xmlrpc-server/src/main/java/org/apache/maven/continuum/xmlrpc/server/ContinuumServiceImpl.java
URL: http://svn.apache.org/viewvc/maven/continuum/trunk/continuum-xmlrpc/continuum-xmlrpc-server/src/main/java/org/apache/maven/continuum/xmlrpc/server/ContinuumServiceImpl.java?view=diff&rev=537255&r1=537254&r2=537255
==============================================================================
--- maven/continuum/trunk/continuum-xmlrpc/continuum-xmlrpc-server/src/main/java/org/apache/maven/continuum/xmlrpc/server/ContinuumServiceImpl.java
(original)
+++ maven/continuum/trunk/continuum-xmlrpc/continuum-xmlrpc-server/src/main/java/org/apache/maven/continuum/xmlrpc/server/ContinuumServiceImpl.java
Fri May 11 11:21:53 2007
@@ -32,6 +32,8 @@
 import org.apache.maven.continuum.xmlrpc.project.ProjectGroup;
 import org.apache.maven.continuum.xmlrpc.project.ProjectGroupSummary;
 import org.apache.maven.continuum.xmlrpc.project.ProjectSummary;
+import org.codehaus.plexus.redback.authorization.AuthorizationException;
+import org.codehaus.plexus.redback.system.SecuritySystem;
 
 import java.util.ArrayList;
 import java.util.Collection;
@@ -51,8 +53,13 @@
      */
     private Continuum continuum;
 
+    /**
+     * @plexus.requirement role-hint="default"
+     */
+    private SecuritySystem securitySystem;
+    
     private ContinuumXmlRpcConfig config;
-
+    
     public void setConfig( ContinuumXmlRpcConfig config )
     {
         this.config = config;
@@ -204,8 +211,22 @@
     public AddingResult addMavenTwoProject( String url )
         throws ContinuumException
     {
-        ContinuumProjectBuildingResult result = continuum.addMavenTwoProject( url );
-        return populateAddingResult( result );
+        try 
+        {
+            if ( securitySystem.isAuthorized( config.getSecuritySession(), "continuum-add-group"
) )
+            {
+                ContinuumProjectBuildingResult result = continuum.addMavenTwoProject( url
);
+                return populateAddingResult( result );
+            }
+            else
+            {
+                throw new ContinuumException( "unauthorized add project request" ); 
+            }
+        }
+        catch (AuthorizationException e )
+        {
+            throw new ContinuumException( "error authorizing request", e );
+        }
     }
 
     public AddingResult addMavenTwoProject( String url, int projectGroupId )

Modified: maven/continuum/trunk/continuum-xmlrpc/continuum-xmlrpc-server/src/main/java/org/apache/maven/continuum/xmlrpc/server/ContinuumXmlRpcConfig.java
URL: http://svn.apache.org/viewvc/maven/continuum/trunk/continuum-xmlrpc/continuum-xmlrpc-server/src/main/java/org/apache/maven/continuum/xmlrpc/server/ContinuumXmlRpcConfig.java?view=diff&rev=537255&r1=537254&r2=537255
==============================================================================
--- maven/continuum/trunk/continuum-xmlrpc/continuum-xmlrpc-server/src/main/java/org/apache/maven/continuum/xmlrpc/server/ContinuumXmlRpcConfig.java
(original)
+++ maven/continuum/trunk/continuum-xmlrpc/continuum-xmlrpc-server/src/main/java/org/apache/maven/continuum/xmlrpc/server/ContinuumXmlRpcConfig.java
Fri May 11 11:21:53 2007
@@ -20,6 +20,7 @@
  */
 
 import org.apache.xmlrpc.common.XmlRpcHttpRequestConfigImpl;
+import org.codehaus.plexus.redback.system.SecuritySession;
 
 import javax.servlet.http.HttpServletRequest;
 
@@ -31,6 +32,8 @@
     extends XmlRpcHttpRequestConfigImpl
 {
     private HttpServletRequest httpServletRequest;
+    
+    private SecuritySession securitySession;
 
     public HttpServletRequest getHttpServletRequest()
     {
@@ -41,4 +44,16 @@
     {
         this.httpServletRequest = httpServletRequest;
     }
+
+    public SecuritySession getSecuritySession()
+    {
+        return securitySession;
+    }
+
+    public void setSecuritySession( SecuritySession securitySession )
+    {
+        this.securitySession = securitySession;
+    }
+    
+    
 }

Modified: maven/continuum/trunk/continuum-xmlrpc/continuum-xmlrpc-server/src/main/java/org/apache/maven/continuum/xmlrpc/server/ContinuumXmlRpcServlet.java
URL: http://svn.apache.org/viewvc/maven/continuum/trunk/continuum-xmlrpc/continuum-xmlrpc-server/src/main/java/org/apache/maven/continuum/xmlrpc/server/ContinuumXmlRpcServlet.java?view=diff&rev=537255&r1=537254&r2=537255
==============================================================================
--- maven/continuum/trunk/continuum-xmlrpc/continuum-xmlrpc-server/src/main/java/org/apache/maven/continuum/xmlrpc/server/ContinuumXmlRpcServlet.java
(original)
+++ maven/continuum/trunk/continuum-xmlrpc/continuum-xmlrpc-server/src/main/java/org/apache/maven/continuum/xmlrpc/server/ContinuumXmlRpcServlet.java
Fri May 11 11:21:53 2007
@@ -33,6 +33,11 @@
 import org.codehaus.plexus.classworlds.ClassWorld;
 import org.codehaus.plexus.component.repository.exception.ComponentLifecycleException;
 import org.codehaus.plexus.component.repository.exception.ComponentLookupException;
+import org.codehaus.plexus.redback.authentication.AuthenticationException;
+import org.codehaus.plexus.redback.authentication.PasswordBasedAuthenticationDataSource;
+import org.codehaus.plexus.redback.policy.AccountLockedException;
+import org.codehaus.plexus.redback.system.SecuritySystem;
+import org.codehaus.plexus.redback.users.UserNotFoundException;
 import org.codehaus.plexus.xwork.PlexusLifecycleListener;
 
 import javax.servlet.ServletConfig;
@@ -54,6 +59,8 @@
 {
     private ContinuumXmlRpcServletServer server;
 
+    private SecuritySystem securitySystem;
+    
     public String getServletInfo()
     {
         return "Continuum XMLRPC Servlet";
@@ -92,6 +99,16 @@
         throws ServletException
     {
         server = new ContinuumXmlRpcServletServer();
+        
+        try
+        {
+            securitySystem = (SecuritySystem)getPlexusContainer().lookup( SecuritySystem.ROLE
);
+        }
+        catch ( ComponentLookupException e )
+        {
+            throw new ServletException( "Can't init the xml rpc server, unable to obtain
security system", e );
+        }
+        
         try
         {
             XmlRpcServerConfigImpl cfg = (XmlRpcServerConfigImpl) server.getConfig();
@@ -116,18 +133,45 @@
             new AbstractReflectiveHandlerMapping.AuthenticationHandler()
             {
                 public boolean isAuthorized( XmlRpcRequest pRequest )
-                {
-                    XmlRpcHttpRequestConfig config = (XmlRpcHttpRequestConfig) pRequest.getConfig();
-                    return isAuthenticated( config.getBasicUserName(), config.getBasicPassword()
);
+                { 
+                    if ( pRequest.getConfig() instanceof ContinuumXmlRpcConfig )
+                    {
+                        ContinuumXmlRpcConfig config = (ContinuumXmlRpcConfig) pRequest.getConfig();
+                        
+                        PasswordBasedAuthenticationDataSource authdatasource = new PasswordBasedAuthenticationDataSource();
+                        authdatasource.setPrincipal( config.getBasicUserName() );
+                        authdatasource.setPassword( config.getBasicPassword() );
+                        
+                        try
+                        {
+                            config.setSecuritySession( securitySystem.authenticate( authdatasource
) );
+                        
+                            return config.getSecuritySession().isAuthenticated();       
                    
+                        }
+                        catch ( AuthenticationException e )
+                        {
+                            e.printStackTrace();
+                            return false;
+                        }
+                        catch ( AccountLockedException e )
+                        {                           
+                            e.printStackTrace();
+                            return false;
+                        }
+                        catch ( UserNotFoundException e )
+                        {                            
+                            e.printStackTrace();
+                            return false;
+                        }
+                    }
+                    else
+                    {
+                        System.out.println( "unknown xml rpc configiration object found..."
);
+                        return false;
+                    }
                 }
             };
         return handler;
-    }
-
-    protected boolean isAuthenticated( String username, String password )
-    {
-        //TODO: Add authentication there.
-        return true;
     }
 
     public void doPost( HttpServletRequest pRequest, HttpServletResponse pResponse )



Mime
View raw message