incubator-sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cziege...@apache.org
Subject svn commit: r1549759 - in /sling/trunk/bundles/extensions/webconsolesecurityprovider/src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal: ServicesListener.java SlingWebConsoleSecurityProvider2.java
Date Tue, 10 Dec 2013 05:23:39 GMT
Author: cziegeler
Date: Tue Dec 10 05:23:38 2013
New Revision: 1549759

URL: http://svn.apache.org/r1549759
Log:
SLING-3273 : Switch to login page if user is not allowed to access the web console

Modified:
    sling/trunk/bundles/extensions/webconsolesecurityprovider/src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/ServicesListener.java
    sling/trunk/bundles/extensions/webconsolesecurityprovider/src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/SlingWebConsoleSecurityProvider2.java

Modified: sling/trunk/bundles/extensions/webconsolesecurityprovider/src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/ServicesListener.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/webconsolesecurityprovider/src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/ServicesListener.java?rev=1549759&r1=1549758&r2=1549759&view=diff
==============================================================================
--- sling/trunk/bundles/extensions/webconsolesecurityprovider/src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/ServicesListener.java
(original)
+++ sling/trunk/bundles/extensions/webconsolesecurityprovider/src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/ServicesListener.java
Tue Dec 10 05:23:38 2013
@@ -26,6 +26,7 @@ import java.util.concurrent.atomic.Atomi
 import javax.jcr.Repository;
 
 import org.apache.felix.webconsole.WebConsoleSecurityProvider;
+import org.apache.sling.api.auth.Authenticator;
 import org.apache.sling.auth.core.AuthenticationSupport;
 import org.apache.sling.launchpad.api.StartupListener;
 import org.apache.sling.launchpad.api.StartupMode;
@@ -45,6 +46,7 @@ import org.osgi.service.cm.ManagedServic
 public class ServicesListener implements StartupListener {
 
     private static final String AUTH_SUPPORT_CLASS = AuthenticationSupport.class.getName();
+    private static final String AUTHENTICATOR_CLASS = Authenticator.class.getName();
     private static final String REPO_CLASS = Repository.class.getName();
 
     /** The bundle context. */
@@ -56,6 +58,9 @@ public class ServicesListener implements
     /** The listener for the authentication support. */
     private final Listener authSupportListener;
 
+    /** The listener for the authenticator. */
+    private final Listener authListener;
+
     private enum State {
         NONE,
         PROVIDER,
@@ -81,8 +86,10 @@ public class ServicesListener implements
         this.bundleContext = bundleContext;
         this.authSupportListener = new Listener(AUTH_SUPPORT_CLASS);
         this.repositoryListener = new Listener(REPO_CLASS);
+        this.authListener = new Listener(AUTHENTICATOR_CLASS);
         this.authSupportListener.start();
         this.repositoryListener.start();
+        this.authListener.start();
     }
 
     /**
@@ -106,7 +113,7 @@ public class ServicesListener implements
     /**
      * @see org.apache.sling.launchpad.api.StartupListener#startupProgress(float)
      */
-    public void startupProgress(float arg0) {
+    public void startupProgress(final float progress) {
         // nothing to do
     }
 
@@ -116,16 +123,18 @@ public class ServicesListener implements
     public synchronized void notifyChange() {
         // check if all services are available
         final Object authSupport = this.startupFinished.get() ? this.authSupportListener.getService()
: null;
+        final Object authenticator = this.startupFinished.get() ? this.authListener.getService()
: null;
+        final boolean hasAuthServices = authSupport != null && authenticator != null;
         final Object repository = this.repositoryListener.getService();
         if ( registrationState == State.NONE ) {
-            if ( authSupport != null ) {
-                registerProvider2(authSupport);
+            if ( hasAuthServices ) {
+                registerProvider2(authSupport, authenticator);
             } else if ( repository != null ) {
                 registerProvider(repository);
             }
         } else if ( registrationState == State.PROVIDER ) {
-            if ( authSupport != null ) {
-                registerProvider2(authSupport);
+            if ( hasAuthServices ) {
+                registerProvider2(authSupport, authenticator);
                 unregisterProvider();
             } else if ( repository == null ) {
                 unregisterProvider();
@@ -157,13 +166,14 @@ public class ServicesListener implements
         }
     }
 
-    private void registerProvider2(final Object authSupport) {
+    private void registerProvider2(final Object authSupport, final Object authenticator)
{
         final Dictionary<String, Object> props = new Hashtable<String, Object>();
         props.put(Constants.SERVICE_PID, SlingWebConsoleSecurityProvider.class.getName());
         props.put(Constants.SERVICE_DESCRIPTION, "Apache Sling Web Console Security Provider
2");
         props.put(Constants.SERVICE_VENDOR, "The Apache Software Foundation");
         this.provider2Reg = this.bundleContext.registerService(
-            new String[] {ManagedService.class.getName(), WebConsoleSecurityProvider.class.getName()},
new SlingWebConsoleSecurityProvider2(authSupport), props);
+            new String[] {ManagedService.class.getName(), WebConsoleSecurityProvider.class.getName()},
+                          new SlingWebConsoleSecurityProvider2(authSupport, authenticator),
props);
         this.registrationState = State.PROVIDER2;
     }
 
@@ -183,6 +193,7 @@ public class ServicesListener implements
     public void deactivate() {
         this.repositoryListener.deactivate();
         this.authSupportListener.deactivate();
+        this.authListener.deactivate();
         this.unregisterProvider();
         this.unregisterProvider2();
     }

Modified: sling/trunk/bundles/extensions/webconsolesecurityprovider/src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/SlingWebConsoleSecurityProvider2.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/webconsolesecurityprovider/src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/SlingWebConsoleSecurityProvider2.java?rev=1549759&r1=1549758&r2=1549759&view=diff
==============================================================================
--- sling/trunk/bundles/extensions/webconsolesecurityprovider/src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/SlingWebConsoleSecurityProvider2.java
(original)
+++ sling/trunk/bundles/extensions/webconsolesecurityprovider/src/main/java/org/apache/sling/extensions/webconsolesecurityprovider/internal/SlingWebConsoleSecurityProvider2.java
Tue Dec 10 05:23:38 2013
@@ -31,6 +31,7 @@ import org.apache.jackrabbit.api.securit
 import org.apache.jackrabbit.api.security.user.Group;
 import org.apache.jackrabbit.api.security.user.User;
 import org.apache.jackrabbit.api.security.user.UserManager;
+import org.apache.sling.api.auth.Authenticator;
 import org.apache.sling.api.resource.ResourceResolver;
 import org.apache.sling.auth.core.AuthenticationSupport;
 
@@ -50,17 +51,19 @@ public class SlingWebConsoleSecurityProv
     extends AbstractWebConsoleSecurityProvider
     implements WebConsoleSecurityProvider2 {
 
-    private final AuthenticationSupport authenticator;
+    private static final String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate";
 
-    public SlingWebConsoleSecurityProvider2(final Object support) {
-        this.authenticator = (AuthenticationSupport)support;
-    }
+    private static final String AUTHENTICATION_SCHEME_BASIC = "Basic";
 
-    private void invokeAuthenticator(final HttpServletRequest request, final HttpServletResponse
response) {
-        final AuthenticationSupport localAuthenticator = this.authenticator;
-        if (localAuthenticator != null) {
-            localAuthenticator.handleSecurity(request, response);
-        }
+    private static final String DEFAULT_REALM = "OSGi Management Console"; //$NON-NLS-1$
+
+    private final AuthenticationSupport authentiationSupport;
+
+    private final Authenticator authenticator;
+
+    public SlingWebConsoleSecurityProvider2(final Object support, final Object authenticator)
{
+        this.authentiationSupport = (AuthenticationSupport)support;
+        this.authenticator = (Authenticator)authenticator;
     }
 
     /**
@@ -68,27 +71,29 @@ public class SlingWebConsoleSecurityProv
      */
     public boolean authenticate(final HttpServletRequest request,
             final HttpServletResponse response) {
-        invokeAuthenticator(request, response);
-        // get ResourceResolver (set by AuthenticationSupport)
-        Object resolverObject = request.getAttribute(AuthenticationSupport.REQUEST_ATTRIBUTE_RESOLVER);
-        final ResourceResolver resolver = (resolverObject instanceof ResourceResolver)
-                ? (ResourceResolver) resolverObject
-                : null;
-        if ( resolver != null ) {
-            final Session session = resolver.adaptTo(Session.class);
-            if ( session != null ) {
-                try {
-                    final User u = this.authenticate(session);
-                    if ( u != null ) {
-                        request.setAttribute(USER_ATTRIBUTE, u);
-                        return true;
+        if ( this.authentiationSupport.handleSecurity(request, response) ) {
+            // get ResourceResolver (set by AuthenticationSupport)
+            Object resolverObject = request.getAttribute(AuthenticationSupport.REQUEST_ATTRIBUTE_RESOLVER);
+            final ResourceResolver resolver = (resolverObject instanceof ResourceResolver)
+                    ? (ResourceResolver) resolverObject
+                    : null;
+            if ( resolver != null ) {
+                final Session session = resolver.adaptTo(Session.class);
+                if ( session != null ) {
+                    try {
+                        final User u = this.authenticate(session);
+                        if ( u != null ) {
+                            request.setAttribute(USER_ATTRIBUTE, u);
+                            return true;
+                        }
+                    } catch (final Exception re) {
+                        logger.info("authenticate: Generic problem trying grant User "
+                            + " access to the Web Console", re);
                     }
-                    return false;
-                } catch (final Exception re) {
-                    logger.info("authenticate: Generic problem trying grant User "
-                        + " access to the Web Console", re);
                 }
             }
+
+            this.authenticator.login(request, response);
         }
         return false;
     }



Mime
View raw message