added XmlAuthenticator

plugins/scm-hg-plugin/src/main/java/sonia/scm/api/rest/resources/HgConfigResource.java

@@ -14,7 +14,6 @@ import com.google.inject.Singleton;
 
 import sonia.scm.repository.HgConfig;
 import sonia.scm.repository.HgRepositoryHandler;
-import sonia.scm.repository.RepositoryManager;
 import sonia.scm.web.HgWebConfigWriter;
 
 //~--- JDK imports ------------------------------------------------------------

scm-core/src/main/java/sonia/scm/User.java

@@ -24,7 +24,10 @@ import javax.xml.bind.annotation.XmlType;
  */
 @XmlRootElement(name = "users")
 @XmlAccessorType(XmlAccessType.FIELD)
-@XmlType(propOrder = { "name", "displayName", "mail" })
+@XmlType(propOrder =
+{
+  "name", "displayName", "mail", "password"
+})
 public class User implements Principal, Serializable
 {
 
@@ -90,6 +93,17 @@ public class User implements Principal, Serializable
     return name;
   }
 
+  /**
+   * Method description
+   *
+   *
+   * @return
+   */
+  public String getPassword()
+  {
+    return password;
+  }
+
   //~--- set methods ----------------------------------------------------------
 
   /**
@@ -126,6 +140,17 @@ public class User implements Principal, Serializable
     this.name = name;
   }
 
+  /**
+   * Method description
+   *
+   *
+   * @param password
+   */
+  public void setPassword(String password)
+  {
+    this.password = password;
+  }
+
   //~--- fields ---------------------------------------------------------------
 
   /** Field description */
@@ -136,4 +161,7 @@ public class User implements Principal, Serializable
 
   /** Field description */
   private String name;
+
+  /** Field description */
+  private String password;
 }

scm-web-api/src/main/java/sonia/scm/web/security/Authenticator.java

@@ -9,10 +9,13 @@ package sonia.scm.web.security;
 
 //~--- non-JDK imports --------------------------------------------------------
 
+import sonia.scm.Initable;
 import sonia.scm.User;
 
 //~--- JDK imports ------------------------------------------------------------
 
+import java.io.Closeable;
+
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
@@ -20,7 +23,7 @@ import javax.servlet.http.HttpServletResponse;
  *
  * @author Sebastian Sdorra
  */
-public interface Authenticator
+public interface Authenticator extends Initable, Closeable
 {
 
   /**

scm-webapp/pom.xml

@@ -119,7 +119,7 @@
           <systemproperties>
             <systemproperty>
               <name>org.apache.commons.logging.Log</name>
-              <value>org.apache.commons.logging.impl.Jdk14Logger</value>
+              <value>org.apache.commons.logging.impl.Log4JLogger</value>
             </systemproperty>
           </systemproperties>
           <source>${project.build.javaLevel}</source>

scm-webapp/src/main/java/sonia/scm/ContextListener.java

@@ -27,6 +27,7 @@ import java.util.Collection;
 import java.util.List;
 
 import javax.servlet.ServletContextEvent;
+import sonia.scm.web.security.Authenticator;
 
 /**
  *
@@ -103,6 +104,9 @@ public class ContextListener extends GuiceServletContextListener
     // init RepositoryManager
     injector.getInstance(RepositoryManager.class).init(SCMContext.getContext());
 
+    // init Authenticator
+    injector.getInstance(Authenticator.class).init(SCMContext.getContext());
+
     return injector;
   }
 

scm-webapp/src/main/java/sonia/scm/ScmServletModule.java

@@ -25,12 +25,14 @@ import sonia.scm.plugin.ScriptResourceServlet;
 import sonia.scm.repository.BasicRepositoryManager;
 import sonia.scm.repository.RepositoryHandler;
 import sonia.scm.repository.RepositoryManager;
+import sonia.scm.security.EncryptionHandler;
+import sonia.scm.security.MessageDigestEncryptionHandler;
 import sonia.scm.util.DebugServlet;
 import sonia.scm.web.ScmWebPluginContext;
 import sonia.scm.web.security.Authenticator;
 import sonia.scm.web.security.BasicSecurityContext;
-import sonia.scm.web.security.DemoAuthenticator;
 import sonia.scm.web.security.SecurityContext;
+import sonia.scm.web.security.XmlAuthenticator;
 
 //~--- JDK imports ------------------------------------------------------------
 
@@ -111,7 +113,8 @@ public class ScmServletModule extends ServletModule
     SCMContextProvider context = SCMContext.getContext();
 
     bind(SCMContextProvider.class).toInstance(context);
-    bind(Authenticator.class).to(DemoAuthenticator.class);
+    bind(EncryptionHandler.class).to(MessageDigestEncryptionHandler.class);
+    bind(Authenticator.class).to(XmlAuthenticator.class);
     bind(SecurityContext.class).to(BasicSecurityContext.class);
 
     Multibinder<RepositoryHandler> repositoryHandlerBinder =

scm-webapp/src/main/java/sonia/scm/web/security/DemoAuthenticator.java

@@ -1,65 +0,0 @@
-/*
- * To change this template, choose Tools | Templates
- * and open the template in the editor.
- */
-
-
-
-package sonia.scm.web.security;
-
-//~--- non-JDK imports --------------------------------------------------------
-
-import sonia.scm.User;
-
-//~--- JDK imports ------------------------------------------------------------
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-/**
- *
- * @author Sebastian Sdorra
- */
-public class DemoAuthenticator implements Authenticator
-{
-
-  /** Field description */
-  private static final String DEMO_DISPLAYNAME = "Hans am Schalter";
-
-  /** Field description */
-  private static final String DEMO_MAIL = "hans@schalter.de";
-
-  /** Field description */
-  private static final String DEMO_PASSWORD = "hans123";
-
-  /** Field description */
-  private static final String DEMO_USERNAME = "hans";
-
-  //~--- methods --------------------------------------------------------------
-
-  /**
-   * Method description
-   *
-   *
-   * @param request
-   * @param response
-   * @param username
-   * @param password
-   *
-   * @return
-   */
-  @Override
-  public User authenticate(HttpServletRequest request,
-                           HttpServletResponse response, String username,
-                           String password)
-  {
-    User user = null;
-
-    if (DEMO_USERNAME.equals(username) && DEMO_PASSWORD.equals(password))
-    {
-      user = new User(username, DEMO_DISPLAYNAME, DEMO_MAIL);
-    }
-
-    return user;
-  }
-}

scm-webapp/src/main/java/sonia/scm/web/security/XmlAuthenticator.java

@@ -0,0 +1,138 @@
+/*
+ * To change this template, choose Tools | Templates
+ * and open the template in the editor.
+ */
+
+
+
+package sonia.scm.web.security;
+
+//~--- non-JDK imports --------------------------------------------------------
+
+import com.google.inject.Inject;
+import com.google.inject.Singleton;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import sonia.scm.SCMContextProvider;
+import sonia.scm.User;
+import sonia.scm.security.EncryptionHandler;
+
+//~--- JDK imports ------------------------------------------------------------
+
+import java.io.File;
+import java.io.IOException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import javax.xml.bind.JAXB;
+
+/**
+ *
+ * @author Sebastian Sdorra
+ */
+@Singleton
+public class XmlAuthenticator implements Authenticator
+{
+
+  /** Field description */
+  public static final String NAME_DIRECTORY = "users";
+
+  /** the logger for XmlAuthenticator */
+  private static final Logger logger =
+    LoggerFactory.getLogger(XmlAuthenticator.class);
+
+  //~--- methods --------------------------------------------------------------
+
+  /**
+   * Method description
+   *
+   *
+   * @param request
+   * @param response
+   * @param username
+   * @param password
+   *
+   * @return
+   */
+  @Override
+  public User authenticate(HttpServletRequest request,
+                           HttpServletResponse response, String username,
+                           String password)
+  {
+    User user = null;
+    File userFile = new File(baseDirectory, username.concat(".xml"));
+
+    if ((userFile != null) && userFile.exists())
+    {
+      user = JAXB.unmarshal(userFile, User.class);
+
+      String encryptedPassword = encryptionHandler.encrypt(password);
+
+      System.out.println(encryptedPassword);
+      System.out.println(user.getPassword());
+
+      if (!encryptedPassword.equalsIgnoreCase(user.getPassword()))
+      {
+        user = null;
+
+        if (logger.isDebugEnabled())
+        {
+          logger.debug("password for user {} is wrong", username);
+        }
+      }
+      else
+      {
+        user.setPassword(null);
+      }
+    }
+    else if (logger.isDebugEnabled())
+    {
+      logger.debug("could not find user {}", username);
+    }
+
+    return user;
+  }
+
+  /**
+   * Method description
+   *
+   *
+   * @throws IOException
+   */
+  @Override
+  public void close() throws IOException
+  {
+
+    // do nothing
+  }
+
+  /**
+   * Method description
+   *
+   *
+   * @param provider
+   */
+  @Override
+  public void init(SCMContextProvider provider)
+  {
+    baseDirectory = new File(provider.getBaseDirectory(), NAME_DIRECTORY);
+
+    if (logger.isInfoEnabled())
+    {
+      logger.info("init XmlAuthenticator with directory {}",
+                  baseDirectory.getAbsolutePath());
+    }
+  }
+
+  //~--- fields ---------------------------------------------------------------
+
+  /** Field description */
+  private File baseDirectory;
+
+  /** Field description */
+  @Inject
+  private EncryptionHandler encryptionHandler;
+}