merge changes from branch 1.x

scm-webapp/src/main/java/sonia/scm/api/rest/IllegalArgumentExceptionMapper.java

@@ -0,0 +1,64 @@
+/**
+ * Copyright (c) 2010, Sebastian Sdorra All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer. 2. Redistributions in
+ * binary form must reproduce the above copyright notice, this list of
+ * conditions and the following disclaimer in the documentation and/or other
+ * materials provided with the distribution. 3. Neither the name of SCM-Manager;
+ * nor the names of its contributors may be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+ * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * http://bitbucket.org/sdorra/scm-manager
+ *
+ */
+
+
+
+package sonia.scm.api.rest;
+
+//~--- JDK imports ------------------------------------------------------------
+
+import javax.ws.rs.core.Response;
+import javax.ws.rs.core.Response.Status;
+import javax.ws.rs.ext.ExceptionMapper;
+import javax.ws.rs.ext.Provider;
+
+/**
+ *
+ * @author Sebastian Sdorra
+ * @since 1.36
+ */
+@Provider
+public class IllegalArgumentExceptionMapper
+  implements ExceptionMapper<IllegalArgumentException>
+{
+
+  /**
+   * Method description
+   *
+   *
+   * @param exception
+   *
+   * @return
+   */
+  @Override
+  public Response toResponse(IllegalArgumentException exception)
+  {
+    return Response.status(Status.BAD_REQUEST).build();
+  }
+}

scm-webapp/src/main/java/sonia/scm/api/rest/resources/AuthenticationResource.java

@@ -35,6 +35,8 @@ package sonia.scm.api.rest.resources;
 
 //~--- non-JDK imports --------------------------------------------------------
 
+import com.google.common.base.Preconditions;
+import com.google.common.base.Strings;
 import com.google.common.collect.ImmutableList;
 import com.google.common.collect.ImmutableList.Builder;
 import com.google.inject.Inject;
@@ -153,6 +155,7 @@ public class AuthenticationResource
    * <br />
    * <ul>
    *   <li>200 success</li>
+   *   <li>400 bad request, required parameter is missing.</li>
    *   <li>401 unauthorized, the specified username or password is wrong</li>
    *   <li>500 internal server error</li>
    * </ul>
@@ -172,6 +175,11 @@ public class AuthenticationResource
     @FormParam("password") String password, @FormParam("rememberMe")
   @DefaultValue("false") boolean rememberMe)
   {
+    Preconditions.checkArgument(!Strings.isNullOrEmpty(username),
+      "username parameter is required");
+    Preconditions.checkArgument(!Strings.isNullOrEmpty(password),
+      "password parameter is required");
+
     Response response;
     Subject subject = SecurityUtils.getSubject();
 

scm-webapp/src/main/java/sonia/scm/security/DefaultKeyGenerator.java

@@ -30,6 +30,7 @@
  */
 
 
+
 package sonia.scm.security;
 
 //~--- non-JDK imports --------------------------------------------------------
@@ -68,6 +69,17 @@ public class DefaultKeyGenerator implements KeyGenerator
 
   //~--- methods --------------------------------------------------------------
 
+  /**
+   * Method description
+   *
+   *
+   * @param args
+   */
+  public static void main(String[] args)
+  {
+    System.out.println(new DefaultKeyGenerator().createKey());
+  }
+
   /**
    * Method description
    *
@@ -107,8 +119,8 @@ public class DefaultKeyGenerator implements KeyGenerator
   //~--- fields ---------------------------------------------------------------
 
   /** Field description */
-  private AtomicLong sessionKey = new AtomicLong();
+  private final AtomicLong sessionKey = new AtomicLong();
 
   /** Field description */
-  private Random random = new Random();
+  private final Random random = new Random();
 }

scm-webapp/src/main/java/sonia/scm/security/ScmRealm.java

@@ -361,7 +361,10 @@ public class ScmRealm extends AuthorizingRealm
     // modify existing user, copy properties except password and admin
     if (user.copyProperties(dbUser, false))
     {
-      userManager.modify(dbUser);
+      user.setLastModified(System.currentTimeMillis());
+      UserEventHack.fireEvent(userManager, HandlerEventType.BEFORE_MODIFY, user);
+      userDAO.modify(user);
+      UserEventHack.fireEvent(userManager, HandlerEventType.MODIFY, user);
     }
   }
 

scm-webapp/src/main/java/sonia/scm/web/security/ChainAuthenticatonManager.java

@@ -47,6 +47,7 @@ import org.slf4j.LoggerFactory;
 import sonia.scm.SCMContextProvider;
 import sonia.scm.cache.Cache;
 import sonia.scm.cache.CacheManager;
+import sonia.scm.config.ScmConfiguration;
 import sonia.scm.security.EncryptionHandler;
 import sonia.scm.user.User;
 import sonia.scm.user.UserManager;
@@ -85,19 +86,21 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager
    * Constructs ...
    *
    *
-   *
+   * @param configuration
    * @param userManager
    * @param authenticationHandlerSet
    * @param encryptionHandler
    * @param cacheManager
    */
   @Inject
-  public ChainAuthenticatonManager(UserManager userManager,
+  public ChainAuthenticatonManager(ScmConfiguration configuration,
+    UserManager userManager,
     Set<AuthenticationHandler> authenticationHandlerSet,
     EncryptionHandler encryptionHandler, CacheManager cacheManager)
   {
     AssertUtil.assertIsNotEmpty(authenticationHandlerSet);
     AssertUtil.assertIsNotNull(cacheManager);
+    this.configuration = configuration;
     this.authenticationHandlers = sort(userManager, authenticationHandlerSet);
     this.encryptionHandler = encryptionHandler;
     this.cache = cacheManager.getCache(CACHE_NAME);
@@ -190,6 +193,22 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager
     }
   }
 
+  /**
+   * Method description
+   *
+   *
+   * @param result
+   *
+   * @return
+   */
+  boolean stopChain(AuthenticationResult result)
+  {
+    return (result != null) && (result.getState() != null)
+      && (result.getState().isSuccessfully()
+        || ((result.getState() == AuthenticationState.FAILED)
+          &&!configuration.isSkipFailedAuthenticators()));
+  }
+
   /**
    * Method description
    *
@@ -230,9 +249,7 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager
             authenticator.getClass().getName(), result);
         }
 
-        if ((result != null) && (result.getState() != null)
-          && (result.getState().isSuccessfully()
-            || (result.getState() == AuthenticationState.FAILED)))
+        if (stopChain(result))
         {
           if (result.getState().isSuccessfully() && (result.getUser() != null))
           {
@@ -372,7 +389,10 @@ public class ChainAuthenticatonManager extends AbstractAuthenticationManager
 
   /** authentication cache */
   private final Cache<String, AuthenticationCacheValue> cache;
-
+  
+  /** Field description */
+  private final ScmConfiguration configuration;
+  
   /** encryption handler */
   private final EncryptionHandler encryptionHandler;
 }