2010-10-31 19:22:53 +01:00
|
|
|
/**
|
|
|
|
|
* Copyright (c) 2010, Sebastian Sdorra
|
|
|
|
|
* All rights reserved.
|
|
|
|
|
*
|
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
|
* modification, are permitted provided that the following conditions are met:
|
|
|
|
|
*
|
|
|
|
|
* 1. Redistributions of source code must retain the above copyright notice,
|
|
|
|
|
* this list of conditions and the following disclaimer.
|
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright notice,
|
|
|
|
|
* this list of conditions and the following disclaimer in the documentation
|
|
|
|
|
* and/or other materials provided with the distribution.
|
|
|
|
|
* 3. Neither the name of SCM-Manager; nor the names of its
|
|
|
|
|
* contributors may be used to endorse or promote products derived from this
|
|
|
|
|
* software without specific prior written permission.
|
|
|
|
|
*
|
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
|
|
|
|
|
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
|
|
|
* DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY
|
|
|
|
|
* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
|
|
|
|
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
|
|
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
|
|
|
|
|
* ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
|
|
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
|
|
|
|
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
|
*
|
|
|
|
|
* http://bitbucket.org/sdorra/scm-manager
|
|
|
|
|
*
|
2010-10-15 17:58:16 +02:00
|
|
|
*/
|
|
|
|
|
|
2010-12-02 20:44:13 +01:00
|
|
|
|
|
|
|
|
|
2010-10-15 17:58:16 +02:00
|
|
|
package sonia.scm.web.security;
|
|
|
|
|
|
|
|
|
|
//~--- non-JDK imports --------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
import com.google.inject.Inject;
|
|
|
|
|
import com.google.inject.servlet.SessionScoped;
|
|
|
|
|
|
2010-12-02 20:44:13 +01:00
|
|
|
import org.slf4j.Logger;
|
|
|
|
|
import org.slf4j.LoggerFactory;
|
|
|
|
|
|
2010-12-30 13:44:40 +01:00
|
|
|
import sonia.scm.config.ScmConfiguration;
|
2011-01-07 18:15:11 +01:00
|
|
|
import sonia.scm.group.Group;
|
|
|
|
|
import sonia.scm.group.GroupManager;
|
2010-11-05 15:20:56 +01:00
|
|
|
import sonia.scm.user.User;
|
2010-12-02 20:44:13 +01:00
|
|
|
import sonia.scm.user.UserManager;
|
2010-10-15 17:58:16 +02:00
|
|
|
|
|
|
|
|
//~--- JDK imports ------------------------------------------------------------
|
|
|
|
|
|
2011-01-07 18:15:11 +01:00
|
|
|
import java.util.Collection;
|
|
|
|
|
import java.util.HashSet;
|
2011-01-08 13:04:04 +01:00
|
|
|
import java.util.Iterator;
|
2011-01-07 18:15:11 +01:00
|
|
|
import java.util.Set;
|
|
|
|
|
|
2010-10-15 17:58:16 +02:00
|
|
|
import javax.servlet.http.HttpServletRequest;
|
|
|
|
|
import javax.servlet.http.HttpServletResponse;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
*
|
|
|
|
|
* @author Sebastian Sdorra
|
|
|
|
|
*/
|
|
|
|
|
@SessionScoped
|
2010-11-26 17:57:05 +01:00
|
|
|
public class BasicSecurityContext implements WebSecurityContext
|
2010-10-15 17:58:16 +02:00
|
|
|
{
|
|
|
|
|
|
2010-12-30 13:44:40 +01:00
|
|
|
/** Field description */
|
|
|
|
|
public static final String USER_ANONYMOUS = "anonymous";
|
|
|
|
|
|
2010-12-02 20:44:13 +01:00
|
|
|
/** the logger for BasicSecurityContext */
|
|
|
|
|
private static final Logger logger =
|
|
|
|
|
LoggerFactory.getLogger(BasicSecurityContext.class);
|
|
|
|
|
|
|
|
|
|
//~--- constructors ---------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Constructs ...
|
|
|
|
|
*
|
|
|
|
|
*
|
2010-12-30 13:44:40 +01:00
|
|
|
*
|
|
|
|
|
* @param configuration
|
2010-12-02 20:44:13 +01:00
|
|
|
* @param authenticator
|
2011-01-07 18:15:11 +01:00
|
|
|
* @param groupManager
|
2010-12-02 20:44:13 +01:00
|
|
|
* @param userManager
|
|
|
|
|
*/
|
|
|
|
|
@Inject
|
2010-12-30 13:44:40 +01:00
|
|
|
public BasicSecurityContext(ScmConfiguration configuration,
|
|
|
|
|
AuthenticationManager authenticator,
|
2011-01-07 18:15:11 +01:00
|
|
|
GroupManager groupManager,
|
2010-12-02 20:44:13 +01:00
|
|
|
UserManager userManager)
|
|
|
|
|
{
|
2010-12-30 13:44:40 +01:00
|
|
|
this.configuration = configuration;
|
2010-12-02 20:44:13 +01:00
|
|
|
this.authenticator = authenticator;
|
2011-01-07 18:15:11 +01:00
|
|
|
this.groupManager = groupManager;
|
2010-12-02 20:44:13 +01:00
|
|
|
this.userManager = userManager;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//~--- methods --------------------------------------------------------------
|
|
|
|
|
|
2010-10-15 17:58:16 +02:00
|
|
|
/**
|
|
|
|
|
* Method description
|
|
|
|
|
*
|
|
|
|
|
*
|
|
|
|
|
* @param request
|
|
|
|
|
* @param response
|
|
|
|
|
* @param username
|
|
|
|
|
* @param password
|
|
|
|
|
*
|
|
|
|
|
* @return
|
|
|
|
|
*/
|
|
|
|
|
@Override
|
|
|
|
|
public User authenticate(HttpServletRequest request,
|
|
|
|
|
HttpServletResponse response, String username,
|
|
|
|
|
String password)
|
|
|
|
|
{
|
2011-01-08 13:04:04 +01:00
|
|
|
AuthenticationResult ar = authenticator.authenticate(request, response,
|
|
|
|
|
username, password);
|
2010-12-02 20:44:13 +01:00
|
|
|
|
2011-01-08 13:04:04 +01:00
|
|
|
if (ar != null)
|
2010-12-02 20:44:13 +01:00
|
|
|
{
|
2011-01-08 13:04:04 +01:00
|
|
|
user = ar.getUser();
|
|
|
|
|
|
2010-12-02 20:44:13 +01:00
|
|
|
try
|
|
|
|
|
{
|
2010-12-04 16:01:27 +01:00
|
|
|
user.setLastLogin(System.currentTimeMillis());
|
2010-12-02 20:44:13 +01:00
|
|
|
|
2010-12-04 16:18:47 +01:00
|
|
|
User dbUser = userManager.get(username);
|
|
|
|
|
|
|
|
|
|
if (dbUser != null)
|
2010-12-04 16:01:27 +01:00
|
|
|
{
|
2010-12-04 16:18:47 +01:00
|
|
|
|
|
|
|
|
// update properties
|
|
|
|
|
dbUser.setDisplayName(user.getDisplayName());
|
|
|
|
|
dbUser.setLastLogin(user.getLastLogin());
|
|
|
|
|
dbUser.setMail(user.getMail());
|
|
|
|
|
dbUser.setType(user.getType());
|
|
|
|
|
userManager.modify(dbUser);
|
2010-12-04 16:01:27 +01:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
userManager.create(user);
|
2010-12-02 20:44:13 +01:00
|
|
|
}
|
2011-01-07 18:15:11 +01:00
|
|
|
|
2011-01-08 13:04:04 +01:00
|
|
|
Collection<String> groupCollection = ar.getGroups();
|
|
|
|
|
|
|
|
|
|
if (groupCollection != null)
|
|
|
|
|
{
|
|
|
|
|
groups.addAll(groupCollection);
|
|
|
|
|
}
|
|
|
|
|
|
2011-01-07 18:15:11 +01:00
|
|
|
loadGroups();
|
2011-01-08 13:04:04 +01:00
|
|
|
|
|
|
|
|
if (logger.isDebugEnabled())
|
|
|
|
|
{
|
|
|
|
|
logGroups();
|
|
|
|
|
}
|
2010-12-02 20:44:13 +01:00
|
|
|
}
|
|
|
|
|
catch (Exception ex)
|
|
|
|
|
{
|
2010-12-04 16:01:27 +01:00
|
|
|
user = null;
|
2010-12-02 20:44:13 +01:00
|
|
|
logger.error(ex.getMessage(), ex);
|
|
|
|
|
}
|
|
|
|
|
}
|
2010-10-15 17:58:16 +02:00
|
|
|
|
|
|
|
|
return user;
|
|
|
|
|
}
|
|
|
|
|
|
2010-10-15 23:03:00 +02:00
|
|
|
/**
|
|
|
|
|
* Method description
|
|
|
|
|
*
|
|
|
|
|
*
|
|
|
|
|
* @param request
|
|
|
|
|
* @param response
|
|
|
|
|
*/
|
|
|
|
|
@Override
|
|
|
|
|
public void logout(HttpServletRequest request, HttpServletResponse response)
|
|
|
|
|
{
|
|
|
|
|
user = null;
|
2011-01-08 13:04:04 +01:00
|
|
|
groups = new HashSet<String>();
|
2010-10-15 23:03:00 +02:00
|
|
|
}
|
|
|
|
|
|
2010-10-15 17:58:16 +02:00
|
|
|
//~--- get methods ----------------------------------------------------------
|
|
|
|
|
|
2011-01-07 18:15:11 +01:00
|
|
|
/**
|
|
|
|
|
* Method description
|
|
|
|
|
*
|
|
|
|
|
*
|
|
|
|
|
* @return
|
|
|
|
|
*/
|
|
|
|
|
@Override
|
|
|
|
|
public Collection<String> getGroups()
|
|
|
|
|
{
|
|
|
|
|
if (groups == null)
|
|
|
|
|
{
|
|
|
|
|
groups = new HashSet<String>();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return groups;
|
|
|
|
|
}
|
|
|
|
|
|
2010-10-15 17:58:16 +02:00
|
|
|
/**
|
|
|
|
|
* Method description
|
|
|
|
|
*
|
|
|
|
|
*
|
|
|
|
|
* @return
|
|
|
|
|
*/
|
|
|
|
|
@Override
|
|
|
|
|
public User getUser()
|
|
|
|
|
{
|
2010-12-30 13:44:40 +01:00
|
|
|
if ((user == null) && configuration.isAnonymousAccessEnabled())
|
|
|
|
|
{
|
|
|
|
|
user = userManager.get(USER_ANONYMOUS);
|
|
|
|
|
}
|
|
|
|
|
|
2010-10-15 17:58:16 +02:00
|
|
|
return user;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Method description
|
|
|
|
|
*
|
|
|
|
|
*
|
|
|
|
|
* @return
|
|
|
|
|
*/
|
|
|
|
|
@Override
|
|
|
|
|
public boolean isAuthenticated()
|
|
|
|
|
{
|
2010-12-30 13:44:40 +01:00
|
|
|
return getUser() != null;
|
2010-10-15 17:58:16 +02:00
|
|
|
}
|
|
|
|
|
|
2011-01-07 18:15:11 +01:00
|
|
|
//~--- methods --------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Method description
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
private void loadGroups()
|
|
|
|
|
{
|
|
|
|
|
Collection<Group> groupCollection =
|
|
|
|
|
groupManager.getGroupsForMember(user.getName());
|
|
|
|
|
|
|
|
|
|
if (groupCollection != null)
|
|
|
|
|
{
|
|
|
|
|
for (Group group : groupCollection)
|
|
|
|
|
{
|
|
|
|
|
groups.add(group.getName());
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2011-01-08 13:04:04 +01:00
|
|
|
/**
|
|
|
|
|
* Method description
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
private void logGroups()
|
|
|
|
|
{
|
|
|
|
|
StringBuilder msg = new StringBuilder("user ");
|
|
|
|
|
|
|
|
|
|
msg.append(user.getName()).append(" is member of ");
|
|
|
|
|
|
|
|
|
|
Iterator<String> groupIt = groups.iterator();
|
|
|
|
|
|
|
|
|
|
while (groupIt.hasNext())
|
|
|
|
|
{
|
|
|
|
|
msg.append(groupIt.next());
|
|
|
|
|
|
|
|
|
|
if (groupIt.hasNext())
|
|
|
|
|
{
|
|
|
|
|
msg.append(", ");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
logger.debug(msg.toString());
|
|
|
|
|
}
|
|
|
|
|
|
2010-10-15 17:58:16 +02:00
|
|
|
//~--- fields ---------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
/** Field description */
|
2010-12-02 20:44:13 +01:00
|
|
|
private AuthenticationManager authenticator;
|
2010-10-15 17:58:16 +02:00
|
|
|
|
2010-12-30 13:44:40 +01:00
|
|
|
/** Field description */
|
|
|
|
|
private ScmConfiguration configuration;
|
|
|
|
|
|
2011-01-07 18:15:11 +01:00
|
|
|
/** Field description */
|
|
|
|
|
private GroupManager groupManager;
|
|
|
|
|
|
|
|
|
|
/** Field description */
|
|
|
|
|
private Set<String> groups = new HashSet<String>();
|
|
|
|
|
|
2010-10-15 17:58:16 +02:00
|
|
|
/** Field description */
|
|
|
|
|
private User user;
|
2010-12-02 20:44:13 +01:00
|
|
|
|
|
|
|
|
/** Field description */
|
|
|
|
|
private UserManager userManager;
|
2010-10-15 17:58:16 +02:00
|
|
|
}
|
