Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-09 15:05:44 +01:00
Code Issues Packages Projects Releases Activity

Reverted mess of eclipse formatting.

Browse Source
This commit is contained in:
Clemens Rabe
2013-10-15 20:57:38 +02:00
parent 13bd150c6f
commit 814b940998
2 changed files with 459 additions and 403 deletions
Download Patch File Download Diff File Expand all files Collapse all files

120
scm-core/src/main/java/sonia/scm/web/filter/BasicAuthenticationFilter.java
View File

@@ -29,6 +29,8 @@
*
*/
package sonia.scm.web.filter;
//~--- non-JDK imports --------------------------------------------------------
@@ -41,6 +43,7 @@ import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -69,7 +72,8 @@ import javax.servlet.http.HttpServletResponse;
* @author Sebastian Sdorra
*/
@Singleton
public class BasicAuthenticationFilter extends AutoLoginFilter {
public class BasicAuthenticationFilter extends AutoLoginFilter
{
/** Field description */
public static final String AUTHORIZATION_BASIC_PREFIX = "BASIC";
@@ -81,11 +85,10 @@ public class BasicAuthenticationFilter extends AutoLoginFilter {
public static final String HEADER_AUTHORIZATION = "Authorization";
/** the logger for BasicAuthenticationFilter */
private static final Logger logger = LoggerFactory
.getLogger(BasicAuthenticationFilter.class);
private static final Logger logger =
LoggerFactory.getLogger(BasicAuthenticationFilter.class);
// ~--- constructors
// ---------------------------------------------------------
//~--- constructors ---------------------------------------------------------
/**
* Constructs ...
@@ -96,26 +99,24 @@ public class BasicAuthenticationFilter extends AutoLoginFilter {
*/
@Deprecated
public BasicAuthenticationFilter(
Provider<WebSecurityContext> securityContextProvider) {
}
Provider<WebSecurityContext> securityContextProvider) {}
/**
* Constructs a new basic authenticaton filter
*
* @param configuration
* scm-manager global configuration
* @param configuration scm-manager global configuration
*
* @since 1.21
*/
@Inject
public BasicAuthenticationFilter(ScmConfiguration configuration,
Set<AutoLoginModule> autoLoginModules) {
Set<AutoLoginModule> autoLoginModules)
{
super(autoLoginModules);
this.configuration = configuration;
}
// ~--- methods
// --------------------------------------------------------------
//~--- methods --------------------------------------------------------------
/**
* Method description
@@ -131,33 +132,42 @@ public class BasicAuthenticationFilter extends AutoLoginFilter {
@Override
protected void doFilter(HttpServletRequest request,
HttpServletResponse response, FilterChain chain)
throws IOException, ServletException {
throws IOException, ServletException
{
Subject subject = SecurityUtils.getSubject();
User user = getAuthenticatedUser(request, response);
// Fallback to basic authentication scheme
if (user == null) {
if (user == null)
{
String authentication = request.getHeader(HEADER_AUTHORIZATION);
if (Util.startWithIgnoreCase(authentication,
AUTHORIZATION_BASIC_PREFIX)) {
if (logger.isTraceEnabled()) {
if (Util.startWithIgnoreCase(authentication, AUTHORIZATION_BASIC_PREFIX))
{
if (logger.isTraceEnabled())
{
logger.trace("found basic authorization header, start authentication");
}
user = authenticate(request, response, subject, authentication);
if (logger.isTraceEnabled()) {
if (user != null) {
logger.trace("user {} successfully authenticated",
user.getName());
} else {
if (logger.isTraceEnabled())
{
if (user != null)
{
logger.trace("user {} successfully authenticated", user.getName());
}
else
{
logger.trace("authentcation failed, user object is null");
}
}
} else if ((configuration != null)
&& configuration.isAnonymousAccessEnabled()) {
if (logger.isTraceEnabled()) {
}
else if ((configuration != null)
&& configuration.isAnonymousAccessEnabled())
{
if (logger.isTraceEnabled())
{
logger.trace("anonymous access granted");
}
@@ -165,15 +175,18 @@ public class BasicAuthenticationFilter extends AutoLoginFilter {
}
}
if (user == null) {
if (logger.isTraceEnabled()) {
if (user == null)
{
if (logger.isTraceEnabled())
{
logger.trace("could not find user send unauthorized");
}
handleUnauthorized(request, response, chain);
} else {
chain.doFilter(
new SecurityHttpServletRequestWrapper(request, user),
}
else
{
chain.doFilter(new SecurityHttpServletRequestWrapper(request, user),
response);
}
}
@@ -193,7 +206,8 @@ public class BasicAuthenticationFilter extends AutoLoginFilter {
*/
protected void handleUnauthorized(HttpServletRequest request,
HttpServletResponse response, FilterChain chain)
throws IOException, ServletException {
throws IOException, ServletException
{
HttpUtil.sendUnauthorized(request, response);
}
@@ -210,7 +224,8 @@ public class BasicAuthenticationFilter extends AutoLoginFilter {
* @return
*/
private User authenticate(HttpServletRequest request,
HttpServletResponse response, Subject subject, String authentication) {
HttpServletResponse response, Subject subject, String authentication)
{
String token = authentication.substring(6);
token = new String(Base64.decode(token.getBytes()));
@@ -218,41 +233,52 @@ public class BasicAuthenticationFilter extends AutoLoginFilter {
int index = token.indexOf(CREDENTIAL_SEPARATOR);
User user = null;
if ((index > 0) && (index < token.length())) {
if ((index > 0) && (index < token.length()))
{
String username = token.substring(0, index);
String password = token.substring(index + 1);
if (Util.isNotEmpty(username) && Util.isNotEmpty(password)) {
if (logger.isTraceEnabled()) {
if (Util.isNotEmpty(username) && Util.isNotEmpty(password))
{
if (logger.isTraceEnabled())
{
logger.trace("try to authenticate user {}", username);
}
try {
try
{
subject.login(new UsernamePasswordToken(username, password,
request.getRemoteAddr()));
user = subject.getPrincipals().oneByType(User.class);
} catch (AuthenticationException ex) {
if (logger.isTraceEnabled()) {
logger.trace("authentication failed for user "
.concat(username), ex);
} else if (logger.isWarnEnabled()) {
logger.warn("authentication failed for user {}",
username);
}
catch (AuthenticationException ex)
{
if (logger.isTraceEnabled())
{
logger.trace("authentication failed for user ".concat(username),
ex);
}
else if (logger.isWarnEnabled())
{
logger.warn("authentication failed for user {}", username);
}
}
} else if (logger.isWarnEnabled()) {
}
else if (logger.isWarnEnabled())
{
logger.warn("username or password is null/empty");
}
} else if (logger.isWarnEnabled()) {
}
else if (logger.isWarnEnabled())
{
logger.warn("failed to read basic auth credentials");
}
return user;
}
// ~--- fields
// ---------------------------------------------------------------
//~--- fields ---------------------------------------------------------------
/** Field description */
private ScmConfiguration configuration;

158
scm-webapp/src/main/java/sonia/scm/web/security/ChainAuthenticatonManager.java
View File

@@ -29,6 +29,8 @@
*
*/
package sonia.scm.web.security;
//~--- non-JDK imports --------------------------------------------------------
@@ -68,17 +70,17 @@ import javax.servlet.http.HttpServletResponse;
* @author Sebastian Sdorra
*/
@Singleton
public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
public class ChainAuthenticatonManager extends AbstractAuthenticationManager
{
/** Field description */
public static final String CACHE_NAME = "sonia.cache.auth";
/** the logger for ChainAuthenticatonManager */
private static final Logger logger = LoggerFactory
.getLogger(ChainAuthenticatonManager.class);
private static final Logger logger =
LoggerFactory.getLogger(ChainAuthenticatonManager.class);
// ~--- constructors
// ---------------------------------------------------------
//~--- constructors ---------------------------------------------------------
/**
* Constructs ...
@@ -96,22 +98,22 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
public ChainAuthenticatonManager(UserManager userManager,
Set<AuthenticationHandler> authenticationHandlerSet,
EncryptionHandler encryptionHandler, CacheManager cacheManager,
Set<AuthenticationListener> authenticationListeners) {
Set<AuthenticationListener> authenticationListeners)
{
AssertUtil.assertIsNotEmpty(authenticationHandlerSet);
AssertUtil.assertIsNotNull(cacheManager);
this.authenticationHandlers = sort(userManager,
authenticationHandlerSet);
this.authenticationHandlers = sort(userManager, authenticationHandlerSet);
this.encryptionHandler = encryptionHandler;
this.cache = cacheManager.getCache(String.class,
AuthenticationCacheValue.class, CACHE_NAME);
if (Util.isNotEmpty(authenticationListeners)) {
if (Util.isNotEmpty(authenticationListeners))
{
addListeners(authenticationListeners);
}
}
// ~--- methods
// --------------------------------------------------------------
//~--- methods --------------------------------------------------------------
/**
* Method description
@@ -126,27 +128,32 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
*/
@Override
public AuthenticationResult authenticate(HttpServletRequest request,
HttpServletResponse response, String username, String password) {
HttpServletResponse response, String username, String password)
{
AssertUtil.assertIsNotEmpty(username);
AssertUtil.assertIsNotEmpty(password);
String encryptedPassword = encryptionHandler.encrypt(password);
AuthenticationResult ar = getCached(username, encryptedPassword);
if (ar == null) {
if (logger.isTraceEnabled()) {
logger.trace(
"no authentication result for user {} found in cache",
if (ar == null)
{
if (logger.isTraceEnabled())
{
logger.trace("no authentication result for user {} found in cache",
username);
}
ar = doAuthentication(request, response, username, password);
if ((ar != null) && ar.isCacheable()) {
cache.put(username, new AuthenticationCacheValue(ar,
encryptedPassword));
if ((ar != null) && ar.isCacheable())
{
cache.put(username,
new AuthenticationCacheValue(ar, encryptedPassword));
}
} else if (logger.isDebugEnabled()) {
}
else if (logger.isDebugEnabled())
{
logger.debug("authenticate {} via cache", username);
}
@@ -160,9 +167,12 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
* @throws IOException
*/
@Override
public void close() throws IOException {
for (AuthenticationHandler authenticator : authenticationHandlers) {
if (logger.isTraceEnabled()) {
public void close() throws IOException
{
for (AuthenticationHandler authenticator : authenticationHandlers)
{
if (logger.isTraceEnabled())
{
logger.trace("close authenticator {}", authenticator.getClass());
}
@@ -177,11 +187,13 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
* @param context
*/
@Override
public void init(SCMContextProvider context) {
for (AuthenticationHandler authenticator : authenticationHandlers) {
if (logger.isTraceEnabled()) {
logger.trace("initialize authenticator {}",
authenticator.getClass());
public void init(SCMContextProvider context)
{
for (AuthenticationHandler authenticator : authenticationHandlers)
{
if (logger.isTraceEnabled())
{
logger.trace("initialize authenticator {}", authenticator.getClass());
}
authenticator.init(context);
@@ -200,24 +212,30 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
* @return
*/
private AuthenticationResult doAuthentication(HttpServletRequest request,
HttpServletResponse response, String username, String password) {
HttpServletResponse response, String username, String password)
{
AuthenticationResult ar = null;
if (logger.isTraceEnabled()) {
if (logger.isTraceEnabled())
{
logger.trace("start authentication chain for user {}", username);
}
for (AuthenticationHandler authenticator : authenticationHandlers) {
if (logger.isTraceEnabled()) {
for (AuthenticationHandler authenticator : authenticationHandlers)
{
if (logger.isTraceEnabled())
{
logger.trace("check authenticator {} for user {}",
authenticator.getClass(), username);
}
try {
AuthenticationResult result = authenticator.authenticate(
request, response, username, password);
try
{
AuthenticationResult result = authenticator.authenticate(request,
response, username, password);
if (logger.isDebugEnabled()) {
if (logger.isDebugEnabled())
{
logger.debug("authenticator {} ends with result, {}",
authenticator.getClass().getName(), result);
}
@@ -225,8 +243,10 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
// CR: Removed check on state=failed to allow next module to
// continue
if ((result != null) && (result.getState() != null)
&& result.getState().isSuccessfully()) {
if (result.getUser() != null) {
&& result.getState().isSuccessfully())
{
if (result.getUser() != null)
{
User user = result.getUser();
user.setType(authenticator.getType());
@@ -238,9 +258,12 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
break;
}
} catch (Exception ex) {
logger.error("error durring authentication process of "
.concat(authenticator.getClass().getName()), ex);
}
catch (Exception ex)
{
logger.error(
"error durring authentication process of ".concat(
authenticator.getClass().getName()), ex);
}
}
@@ -258,16 +281,21 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
*/
@VisibleForTesting
private List<AuthenticationHandler> sort(UserManager userManager,
Set<AuthenticationHandler> authenticationHandlerSet) {
List<AuthenticationHandler> handlers = Lists
.newArrayListWithCapacity(authenticationHandlerSet.size());
Set<AuthenticationHandler> authenticationHandlerSet)
{
List<AuthenticationHandler> handlers =
Lists.newArrayListWithCapacity(authenticationHandlerSet.size());
String first = Strings.nullToEmpty(userManager.getDefaultType());
for (AuthenticationHandler handler : authenticationHandlerSet) {
if (first.equals(handler.getType())) {
for (AuthenticationHandler handler : authenticationHandlerSet)
{
if (first.equals(handler.getType()))
{
handlers.add(0, handler);
} else {
}
else
{
handlers.add(handler);
}
}
@@ -275,8 +303,7 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
return handlers;
}
// ~--- get methods
// ----------------------------------------------------------
//~--- get methods ----------------------------------------------------------
/**
* Method description
@@ -288,14 +315,17 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
* @return
*/
private AuthenticationResult getCached(String username,
String encryptedPassword) {
String encryptedPassword)
{
AuthenticationResult result = null;
AuthenticationCacheValue value = cache.get(username);
if (value != null) {
if (value != null)
{
String cachedPassword = value.password;
if (cachedPassword.equals(encryptedPassword)) {
if (cachedPassword.equals(encryptedPassword))
{
result = value.authenticationResult;
}
}
@@ -303,8 +333,7 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
return result;
}
// ~--- inner classes
// --------------------------------------------------------
//~--- inner classes --------------------------------------------------------
/**
* Class description
@@ -313,13 +342,13 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
* @version Enter version here..., 2011-01-15
* @author Sebastian Sdorra
*/
private static class AuthenticationCacheValue implements Serializable {
private static class AuthenticationCacheValue implements Serializable
{
/** Field description */
private static final long serialVersionUID = 2201116145941277549L;
// ~--- constructors
// -------------------------------------------------------
//~--- constructors -------------------------------------------------------
/**
* Constructs ...
@@ -329,14 +358,15 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
* @param ar
* @param password
*/
public AuthenticationCacheValue(AuthenticationResult ar, String password) {
this.authenticationResult = new AuthenticationResult(ar.getUser()
.clone(), ar.getGroups(), ar.getState());
public AuthenticationCacheValue(AuthenticationResult ar, String password)
{
this.authenticationResult =
new AuthenticationResult(ar.getUser().clone(), ar.getGroups(),
ar.getState());
this.password = password;
}
// ~--- fields
// -------------------------------------------------------------
//~--- fields -------------------------------------------------------------
/** Field description */
private AuthenticationResult authenticationResult;
@@ -345,8 +375,8 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager {
private String password;
}
// ~--- fields
// ---------------------------------------------------------------
//~--- fields ---------------------------------------------------------------
/** Field description */
private List<AuthenticationHandler> authenticationHandlers;