Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-09 23:15:43 +01:00
Code Issues Packages Projects Releases Activity

Reverted mess of eclipse formatting.

Browse Source
This commit is contained in:
Clemens Rabe
2013-10-15 20:57:38 +02:00
parent 13bd150c6f
commit 814b940998
2 changed files with 459 additions and 403 deletions
Download Patch File Download Diff File Expand all files Collapse all files

120
scm-core/src/main/java/sonia/scm/web/filter/BasicAuthenticationFilter.java
View File

@@ -29,6 +29,8 @@
* *
*/ */
package sonia.scm.web.filter; package sonia.scm.web.filter;
//~--- non-JDK imports -------------------------------------------------------- //~--- non-JDK imports --------------------------------------------------------
@@ -41,6 +43,7 @@ import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject; import org.apache.shiro.subject.Subject;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
@@ -69,7 +72,8 @@ import javax.servlet.http.HttpServletResponse;
* @author Sebastian Sdorra * @author Sebastian Sdorra
*/ */
@Singleton @Singleton
public class BasicAuthenticationFilter extends AutoLoginFilter { public class BasicAuthenticationFilter extends AutoLoginFilter
{
/** Field description */ /** Field description */
public static final String AUTHORIZATION_BASIC_PREFIX = "BASIC"; public static final String AUTHORIZATION_BASIC_PREFIX = "BASIC";
@@ -81,11 +85,10 @@ public class BasicAuthenticationFilter extends AutoLoginFilter {
public static final String HEADER_AUTHORIZATION = "Authorization"; public static final String HEADER_AUTHORIZATION = "Authorization";
/** the logger for BasicAuthenticationFilter */ /** the logger for BasicAuthenticationFilter */
private static final Logger logger = LoggerFactory private static final Logger logger =
.getLogger(BasicAuthenticationFilter.class); LoggerFactory.getLogger(BasicAuthenticationFilter.class);
// ~--- constructors //~--- constructors ---------------------------------------------------------
// ---------------------------------------------------------
/** /**
* Constructs ... * Constructs ...
@@ -96,26 +99,24 @@ public class BasicAuthenticationFilter extends AutoLoginFilter {
*/ */
@Deprecated @Deprecated
public BasicAuthenticationFilter( public BasicAuthenticationFilter(
Provider<WebSecurityContext> securityContextProvider) { Provider<WebSecurityContext> securityContextProvider) {}
}
/** /**
* Constructs a new basic authenticaton filter * Constructs a new basic authenticaton filter
* *
* @param configuration * @param configuration scm-manager global configuration
* scm-manager global configuration
* *
* @since 1.21 * @since 1.21
*/ */
@Inject @Inject
public BasicAuthenticationFilter(ScmConfiguration configuration, public BasicAuthenticationFilter(ScmConfiguration configuration,
Set<AutoLoginModule> autoLoginModules) { Set<AutoLoginModule> autoLoginModules)
{
super(autoLoginModules); super(autoLoginModules);
this.configuration = configuration; this.configuration = configuration;
} }
// ~--- methods //~--- methods --------------------------------------------------------------
// --------------------------------------------------------------
/** /**
* Method description * Method description
@@ -131,33 +132,42 @@ public class BasicAuthenticationFilter extends AutoLoginFilter {
@Override @Override
protected void doFilter(HttpServletRequest request, protected void doFilter(HttpServletRequest request,
HttpServletResponse response, FilterChain chain) HttpServletResponse response, FilterChain chain)
throws IOException, ServletException { throws IOException, ServletException
{
Subject subject = SecurityUtils.getSubject(); Subject subject = SecurityUtils.getSubject();
User user = getAuthenticatedUser(request, response); User user = getAuthenticatedUser(request, response);
// Fallback to basic authentication scheme // Fallback to basic authentication scheme
if (user == null) { if (user == null)
{
String authentication = request.getHeader(HEADER_AUTHORIZATION); String authentication = request.getHeader(HEADER_AUTHORIZATION);
if (Util.startWithIgnoreCase(authentication, if (Util.startWithIgnoreCase(authentication, AUTHORIZATION_BASIC_PREFIX))
AUTHORIZATION_BASIC_PREFIX)) { {
if (logger.isTraceEnabled()) { if (logger.isTraceEnabled())
{
logger.trace("found basic authorization header, start authentication"); logger.trace("found basic authorization header, start authentication");
} }
user = authenticate(request, response, subject, authentication); user = authenticate(request, response, subject, authentication);
if (logger.isTraceEnabled()) { if (logger.isTraceEnabled())
if (user != null) { {
logger.trace("user {} successfully authenticated", if (user != null)
user.getName()); {
} else { logger.trace("user {} successfully authenticated", user.getName());
}
else
{
logger.trace("authentcation failed, user object is null"); logger.trace("authentcation failed, user object is null");
} }
} }
} else if ((configuration != null) }
&& configuration.isAnonymousAccessEnabled()) { else if ((configuration != null)
if (logger.isTraceEnabled()) { && configuration.isAnonymousAccessEnabled())
{
if (logger.isTraceEnabled())
{
logger.trace("anonymous access granted"); logger.trace("anonymous access granted");
} }
@@ -165,15 +175,18 @@ public class BasicAuthenticationFilter extends AutoLoginFilter {
} }
} }
if (user == null) { if (user == null)
if (logger.isTraceEnabled()) { {
if (logger.isTraceEnabled())
{
logger.trace("could not find user send unauthorized"); logger.trace("could not find user send unauthorized");
} }
handleUnauthorized(request, response, chain); handleUnauthorized(request, response, chain);
} else { }
chain.doFilter( else
new SecurityHttpServletRequestWrapper(request, user), {
chain.doFilter(new SecurityHttpServletRequestWrapper(request, user),
response); response);
} }
} }
@@ -193,7 +206,8 @@ public class BasicAuthenticationFilter extends AutoLoginFilter {
*/ */
protected void handleUnauthorized(HttpServletRequest request, protected void handleUnauthorized(HttpServletRequest request,
HttpServletResponse response, FilterChain chain) HttpServletResponse response, FilterChain chain)
throws IOException, ServletException { throws IOException, ServletException
{
HttpUtil.sendUnauthorized(request, response); HttpUtil.sendUnauthorized(request, response);
} }
@@ -210,7 +224,8 @@ public class BasicAuthenticationFilter extends AutoLoginFilter {
* @return * @return
*/ */
private User authenticate(HttpServletRequest request, private User authenticate(HttpServletRequest request,
HttpServletResponse response, Subject subject, String authentication) { HttpServletResponse response, Subject subject, String authentication)
{
String token = authentication.substring(6); String token = authentication.substring(6);
token = new String(Base64.decode(token.getBytes())); token = new String(Base64.decode(token.getBytes()));
@@ -218,41 +233,52 @@ public class BasicAuthenticationFilter extends AutoLoginFilter {
int index = token.indexOf(CREDENTIAL_SEPARATOR); int index = token.indexOf(CREDENTIAL_SEPARATOR);
User user = null; User user = null;
if ((index > 0) && (index < token.length())) { if ((index > 0) && (index < token.length()))
{
String username = token.substring(0, index); String username = token.substring(0, index);
String password = token.substring(index + 1); String password = token.substring(index + 1);
if (Util.isNotEmpty(username) && Util.isNotEmpty(password)) { if (Util.isNotEmpty(username) && Util.isNotEmpty(password))
if (logger.isTraceEnabled()) { {
if (logger.isTraceEnabled())
{
logger.trace("try to authenticate user {}", username); logger.trace("try to authenticate user {}", username);
} }
try { try
{
subject.login(new UsernamePasswordToken(username, password, subject.login(new UsernamePasswordToken(username, password,
request.getRemoteAddr())); request.getRemoteAddr()));
user = subject.getPrincipals().oneByType(User.class); user = subject.getPrincipals().oneByType(User.class);
} catch (AuthenticationException ex) { }
if (logger.isTraceEnabled()) { catch (AuthenticationException ex)
logger.trace("authentication failed for user " {
.concat(username), ex); if (logger.isTraceEnabled())
} else if (logger.isWarnEnabled()) { {
logger.warn("authentication failed for user {}", logger.trace("authentication failed for user ".concat(username),
username); ex);
}
else if (logger.isWarnEnabled())
{
logger.warn("authentication failed for user {}", username);
} }
} }
} else if (logger.isWarnEnabled()) { }
else if (logger.isWarnEnabled())
{
logger.warn("username or password is null/empty"); logger.warn("username or password is null/empty");
} }
} else if (logger.isWarnEnabled()) { }
else if (logger.isWarnEnabled())
{
logger.warn("failed to read basic auth credentials"); logger.warn("failed to read basic auth credentials");
} }
return user; return user;
} }
// ~--- fields //~--- fields ---------------------------------------------------------------
// ---------------------------------------------------------------
/** Field description */ /** Field description */
private ScmConfiguration configuration; private ScmConfiguration configuration;

158
scm-webapp/src/main/java/sonia/scm/web/security/ChainAuthenticatonManager.java
View File

@@ -29,6 +29,8 @@
* *
*/ */
package sonia.scm.web.security; package sonia.scm.web.security;
//~--- non-JDK imports -------------------------------------------------------- //~--- non-JDK imports --------------------------------------------------------
@@ -68,17 +70,17 @@ import javax.servlet.http.HttpServletResponse;
* @author Sebastian Sdorra * @author Sebastian Sdorra
*/ */
@Singleton @Singleton
public class ChainAuthenticatonManager extends AbstractAuthenticationManager { public class ChainAuthenticatonManager extends AbstractAuthenticationManager
{
/** Field description */ /** Field description */
public static final String CACHE_NAME = "sonia.cache.auth"; public static final String CACHE_NAME = "sonia.cache.auth";
/** the logger for ChainAuthenticatonManager */ /** the logger for ChainAuthenticatonManager */
private static final Logger logger = LoggerFactory private static final Logger logger =
.getLogger(ChainAuthenticatonManager.class); LoggerFactory.getLogger(ChainAuthenticatonManager.class);
// ~--- constructors //~--- constructors ---------------------------------------------------------
// ---------------------------------------------------------
/** /**
* Constructs ... * Constructs ...
@@ -96,22 +98,22 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
public ChainAuthenticatonManager(UserManager userManager, public ChainAuthenticatonManager(UserManager userManager,
Set<AuthenticationHandler> authenticationHandlerSet, Set<AuthenticationHandler> authenticationHandlerSet,
EncryptionHandler encryptionHandler, CacheManager cacheManager, EncryptionHandler encryptionHandler, CacheManager cacheManager,
Set<AuthenticationListener> authenticationListeners) { Set<AuthenticationListener> authenticationListeners)
{
AssertUtil.assertIsNotEmpty(authenticationHandlerSet); AssertUtil.assertIsNotEmpty(authenticationHandlerSet);
AssertUtil.assertIsNotNull(cacheManager); AssertUtil.assertIsNotNull(cacheManager);
this.authenticationHandlers = sort(userManager, this.authenticationHandlers = sort(userManager, authenticationHandlerSet);
authenticationHandlerSet);
this.encryptionHandler = encryptionHandler; this.encryptionHandler = encryptionHandler;
this.cache = cacheManager.getCache(String.class, this.cache = cacheManager.getCache(String.class,
AuthenticationCacheValue.class, CACHE_NAME); AuthenticationCacheValue.class, CACHE_NAME);
if (Util.isNotEmpty(authenticationListeners)) { if (Util.isNotEmpty(authenticationListeners))
{
addListeners(authenticationListeners); addListeners(authenticationListeners);
} }
} }
// ~--- methods //~--- methods --------------------------------------------------------------
// --------------------------------------------------------------
/** /**
* Method description * Method description
@@ -126,27 +128,32 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
*/ */
@Override @Override
public AuthenticationResult authenticate(HttpServletRequest request, public AuthenticationResult authenticate(HttpServletRequest request,
HttpServletResponse response, String username, String password) { HttpServletResponse response, String username, String password)
{
AssertUtil.assertIsNotEmpty(username); AssertUtil.assertIsNotEmpty(username);
AssertUtil.assertIsNotEmpty(password); AssertUtil.assertIsNotEmpty(password);
String encryptedPassword = encryptionHandler.encrypt(password); String encryptedPassword = encryptionHandler.encrypt(password);
AuthenticationResult ar = getCached(username, encryptedPassword); AuthenticationResult ar = getCached(username, encryptedPassword);
if (ar == null) { if (ar == null)
if (logger.isTraceEnabled()) { {
logger.trace( if (logger.isTraceEnabled())
"no authentication result for user {} found in cache", {
logger.trace("no authentication result for user {} found in cache",
username); username);
} }
ar = doAuthentication(request, response, username, password); ar = doAuthentication(request, response, username, password);
if ((ar != null) && ar.isCacheable()) { if ((ar != null) && ar.isCacheable())
cache.put(username, new AuthenticationCacheValue(ar, {
encryptedPassword)); cache.put(username,
new AuthenticationCacheValue(ar, encryptedPassword));
} }
} else if (logger.isDebugEnabled()) { }
else if (logger.isDebugEnabled())
{
logger.debug("authenticate {} via cache", username); logger.debug("authenticate {} via cache", username);
} }
@@ -160,9 +167,12 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
* @throws IOException * @throws IOException
*/ */
@Override @Override
public void close() throws IOException { public void close() throws IOException
for (AuthenticationHandler authenticator : authenticationHandlers) { {
if (logger.isTraceEnabled()) { for (AuthenticationHandler authenticator : authenticationHandlers)
{
if (logger.isTraceEnabled())
{
logger.trace("close authenticator {}", authenticator.getClass()); logger.trace("close authenticator {}", authenticator.getClass());
} }
@@ -177,11 +187,13 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
* @param context * @param context
*/ */
@Override @Override
public void init(SCMContextProvider context) { public void init(SCMContextProvider context)
for (AuthenticationHandler authenticator : authenticationHandlers) { {
if (logger.isTraceEnabled()) { for (AuthenticationHandler authenticator : authenticationHandlers)
logger.trace("initialize authenticator {}", {
authenticator.getClass()); if (logger.isTraceEnabled())
{
logger.trace("initialize authenticator {}", authenticator.getClass());
} }
authenticator.init(context); authenticator.init(context);
@@ -200,24 +212,30 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
* @return * @return
*/ */
private AuthenticationResult doAuthentication(HttpServletRequest request, private AuthenticationResult doAuthentication(HttpServletRequest request,
HttpServletResponse response, String username, String password) { HttpServletResponse response, String username, String password)
{
AuthenticationResult ar = null; AuthenticationResult ar = null;
if (logger.isTraceEnabled()) { if (logger.isTraceEnabled())
{
logger.trace("start authentication chain for user {}", username); logger.trace("start authentication chain for user {}", username);
} }
for (AuthenticationHandler authenticator : authenticationHandlers) { for (AuthenticationHandler authenticator : authenticationHandlers)
if (logger.isTraceEnabled()) { {
if (logger.isTraceEnabled())
{
logger.trace("check authenticator {} for user {}", logger.trace("check authenticator {} for user {}",
authenticator.getClass(), username); authenticator.getClass(), username);
} }
try { try
AuthenticationResult result = authenticator.authenticate( {
request, response, username, password); AuthenticationResult result = authenticator.authenticate(request,
response, username, password);
if (logger.isDebugEnabled()) { if (logger.isDebugEnabled())
{
logger.debug("authenticator {} ends with result, {}", logger.debug("authenticator {} ends with result, {}",
authenticator.getClass().getName(), result); authenticator.getClass().getName(), result);
} }
@@ -225,8 +243,10 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
// CR: Removed check on state=failed to allow next module to // CR: Removed check on state=failed to allow next module to
// continue // continue
if ((result != null) && (result.getState() != null) if ((result != null) && (result.getState() != null)
&& result.getState().isSuccessfully()) { && result.getState().isSuccessfully())
if (result.getUser() != null) { {
if (result.getUser() != null)
{
User user = result.getUser(); User user = result.getUser();
user.setType(authenticator.getType()); user.setType(authenticator.getType());
@@ -238,9 +258,12 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
break; break;
} }
} catch (Exception ex) { }
logger.error("error durring authentication process of " catch (Exception ex)
.concat(authenticator.getClass().getName()), ex); {
logger.error(
"error durring authentication process of ".concat(
authenticator.getClass().getName()), ex);
} }
} }
@@ -258,16 +281,21 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
*/ */
@VisibleForTesting @VisibleForTesting
private List<AuthenticationHandler> sort(UserManager userManager, private List<AuthenticationHandler> sort(UserManager userManager,
Set<AuthenticationHandler> authenticationHandlerSet) { Set<AuthenticationHandler> authenticationHandlerSet)
List<AuthenticationHandler> handlers = Lists {
.newArrayListWithCapacity(authenticationHandlerSet.size()); List<AuthenticationHandler> handlers =
Lists.newArrayListWithCapacity(authenticationHandlerSet.size());
String first = Strings.nullToEmpty(userManager.getDefaultType()); String first = Strings.nullToEmpty(userManager.getDefaultType());
for (AuthenticationHandler handler : authenticationHandlerSet) { for (AuthenticationHandler handler : authenticationHandlerSet)
if (first.equals(handler.getType())) { {
if (first.equals(handler.getType()))
{
handlers.add(0, handler); handlers.add(0, handler);
} else { }
else
{
handlers.add(handler); handlers.add(handler);
} }
} }
@@ -275,8 +303,7 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
return handlers; return handlers;
} }
// ~--- get methods //~--- get methods ----------------------------------------------------------
// ----------------------------------------------------------
/** /**
* Method description * Method description
@@ -288,14 +315,17 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
* @return * @return
*/ */
private AuthenticationResult getCached(String username, private AuthenticationResult getCached(String username,
String encryptedPassword) { String encryptedPassword)
{
AuthenticationResult result = null; AuthenticationResult result = null;
AuthenticationCacheValue value = cache.get(username); AuthenticationCacheValue value = cache.get(username);
if (value != null) { if (value != null)
{
String cachedPassword = value.password; String cachedPassword = value.password;
if (cachedPassword.equals(encryptedPassword)) { if (cachedPassword.equals(encryptedPassword))
{
result = value.authenticationResult; result = value.authenticationResult;
} }
} }
@@ -303,8 +333,7 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
return result; return result;
} }
// ~--- inner classes //~--- inner classes --------------------------------------------------------
// --------------------------------------------------------
/** /**
* Class description * Class description
@@ -313,13 +342,13 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
* @version Enter version here..., 2011-01-15 * @version Enter version here..., 2011-01-15
* @author Sebastian Sdorra * @author Sebastian Sdorra
*/ */
private static class AuthenticationCacheValue implements Serializable { private static class AuthenticationCacheValue implements Serializable
{
/** Field description */ /** Field description */
private static final long serialVersionUID = 2201116145941277549L; private static final long serialVersionUID = 2201116145941277549L;
// ~--- constructors //~--- constructors -------------------------------------------------------
// -------------------------------------------------------
/** /**
* Constructs ... * Constructs ...
@@ -329,14 +358,15 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
* @param ar * @param ar
* @param password * @param password
*/ */
public AuthenticationCacheValue(AuthenticationResult ar, String password) { public AuthenticationCacheValue(AuthenticationResult ar, String password)
this.authenticationResult = new AuthenticationResult(ar.getUser() {
.clone(), ar.getGroups(), ar.getState()); this.authenticationResult =
new AuthenticationResult(ar.getUser().clone(), ar.getGroups(),
ar.getState());
this.password = password; this.password = password;
} }
// ~--- fields //~--- fields -------------------------------------------------------------
// -------------------------------------------------------------
/** Field description */ /** Field description */
private AuthenticationResult authenticationResult; private AuthenticationResult authenticationResult;
@@ -345,8 +375,8 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
private String password; private String password;
} }
// ~--- fields
// --------------------------------------------------------------- //~--- fields ---------------------------------------------------------------
/** Field description */ /** Field description */
private List<AuthenticationHandler> authenticationHandlers; private List<AuthenticationHandler> authenticationHandlers;