diff --git a/scm-core/src/main/java/sonia/scm/SCMContext.java b/scm-core/src/main/java/sonia/scm/SCMContext.java index 5af5d9f7d9..ce96412fef 100644 --- a/scm-core/src/main/java/sonia/scm/SCMContext.java +++ b/scm-core/src/main/java/sonia/scm/SCMContext.java @@ -51,7 +51,7 @@ public final class SCMContext public static final String DEFAULT_PACKAGE = "sonia.scm"; /** Name of the anonymous user */ - public static final String USER_ANONYMOUS = "anonymous"; + public static final String USER_ANONYMOUS = "_anonymous"; /** * the anonymous user diff --git a/scm-core/src/main/java/sonia/scm/security/AnonymousRealm.java b/scm-core/src/main/java/sonia/scm/security/AnonymousRealm.java index 836c19181b..eb68c47027 100644 --- a/scm-core/src/main/java/sonia/scm/security/AnonymousRealm.java +++ b/scm-core/src/main/java/sonia/scm/security/AnonymousRealm.java @@ -5,8 +5,15 @@ import com.google.inject.Inject; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; +import org.apache.shiro.authc.credential.AllowAllCredentialsMatcher; import org.apache.shiro.realm.AuthenticatingRealm; +import sonia.scm.SCMContext; +import sonia.scm.plugin.Extension; +import javax.inject.Singleton; + +@Singleton +@Extension public class AnonymousRealm extends AuthenticatingRealm { /** @@ -25,10 +32,11 @@ public class AnonymousRealm extends AuthenticatingRealm { this.helper = helperFactory.create(REALM); setAuthenticationTokenClass(AnonymousToken.class); + setCredentialsMatcher(new AllowAllCredentialsMatcher()); } @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { - return helper.authenticationInfoBuilder("_anonymous").build(); + return helper.authenticationInfoBuilder(SCMContext.USER_ANONYMOUS).build(); } } diff --git a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/ConfigResource.java b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/ConfigResource.java index 73c144564b..71570909c9 100644 --- a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/ConfigResource.java +++ b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/ConfigResource.java @@ -3,10 +3,10 @@ package sonia.scm.api.v2.resources; import com.webcohesion.enunciate.metadata.rs.ResponseCode; import com.webcohesion.enunciate.metadata.rs.StatusCodes; import com.webcohesion.enunciate.metadata.rs.TypeHint; +import sonia.scm.SCMContext; import sonia.scm.config.ConfigurationPermissions; import sonia.scm.config.ScmConfiguration; import sonia.scm.repository.NamespaceStrategyValidator; -import sonia.scm.user.User; import sonia.scm.user.UserManager; import sonia.scm.util.ScmConfigurationUtil; import sonia.scm.web.VndMediaType; @@ -96,8 +96,8 @@ public class ConfigResource { ScmConfigurationUtil.getInstance().store(configuration); } - if (config.isAnonymousAccessEnabled() && !userManager.contains("_anonymous")) { - userManager.create(new User("_anonymous")); + if (config.isAnonymousAccessEnabled() && !userManager.contains(SCMContext.USER_ANONYMOUS)) { + userManager.create(SCMContext.ANONYMOUS); } return Response.noContent().build(); diff --git a/scm-webapp/src/main/java/sonia/scm/group/DefaultGroupCollector.java b/scm-webapp/src/main/java/sonia/scm/group/DefaultGroupCollector.java index 072e975dbf..d1acccb364 100644 --- a/scm-webapp/src/main/java/sonia/scm/group/DefaultGroupCollector.java +++ b/scm-webapp/src/main/java/sonia/scm/group/DefaultGroupCollector.java @@ -4,6 +4,7 @@ import com.cronutils.utils.VisibleForTesting; import com.google.common.collect.ImmutableSet; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import sonia.scm.SCMContext; import sonia.scm.cache.Cache; import sonia.scm.cache.CacheManager; @@ -38,7 +39,7 @@ public class DefaultGroupCollector implements GroupCollector { public Set collect(String principal) { ImmutableSet.Builder builder = ImmutableSet.builder(); - if (principal != "_anonymous") { + if (!principal.equals(SCMContext.USER_ANONYMOUS)) { builder.add(AUTHENTICATED); } diff --git a/scm-webapp/src/main/java/sonia/scm/lifecycle/SetupContextListener.java b/scm-webapp/src/main/java/sonia/scm/lifecycle/SetupContextListener.java index 69cb8a9224..512a4fc534 100644 --- a/scm-webapp/src/main/java/sonia/scm/lifecycle/SetupContextListener.java +++ b/scm-webapp/src/main/java/sonia/scm/lifecycle/SetupContextListener.java @@ -4,6 +4,7 @@ import com.google.common.annotations.VisibleForTesting; import org.apache.shiro.authc.credential.PasswordService; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import sonia.scm.SCMContext; import sonia.scm.config.ScmConfiguration; import sonia.scm.plugin.Extension; import sonia.scm.security.PermissionAssigner; @@ -64,12 +65,12 @@ public class SetupContextListener implements ServletContextListener { createAdminAccount(); } if (anonymousUserRequiredButNotExists()) { - userManager.create(new User("_anonymous")); + userManager.create(SCMContext.ANONYMOUS); } } private boolean anonymousUserRequiredButNotExists() { - return scmConfiguration.isAnonymousAccessEnabled() && !userManager.contains("_anonymous"); + return scmConfiguration.isAnonymousAccessEnabled() && !userManager.contains(SCMContext.USER_ANONYMOUS); } private boolean isFirstStart() { diff --git a/scm-webapp/src/test/java/sonia/scm/api/v2/resources/ConfigResourceTest.java b/scm-webapp/src/test/java/sonia/scm/api/v2/resources/ConfigResourceTest.java index eb86e0aa33..8333cb14d1 100644 --- a/scm-webapp/src/test/java/sonia/scm/api/v2/resources/ConfigResourceTest.java +++ b/scm-webapp/src/test/java/sonia/scm/api/v2/resources/ConfigResourceTest.java @@ -14,9 +14,9 @@ import org.junit.Test; import org.junit.rules.ExpectedException; import org.mockito.InjectMocks; import org.mockito.Mock; +import sonia.scm.SCMContext; import sonia.scm.config.ScmConfiguration; import sonia.scm.repository.NamespaceStrategyValidator; -import sonia.scm.user.User; import sonia.scm.user.UserManager; import sonia.scm.web.VndMediaType; @@ -137,13 +137,13 @@ public class ConfigResourceTest { assertTrue(response.getContentAsString().contains("\"proxyPassword\":\"newPassword\"")); assertTrue(response.getContentAsString().contains("\"self\":{\"href\":\"/v2/config")); assertTrue("link not found", response.getContentAsString().contains("\"update\":{\"href\":\"/v2/config")); - verify(userManager).create(new User("_anonymous")); + verify(userManager).create(SCMContext.ANONYMOUS); } @Test @SubjectAware(username = "readWrite") public void shouldUpdateConfigAndNotCreateAnonymousUserIfAlreadyExists() throws URISyntaxException, IOException { - when(userManager.contains("_anonymous")).thenReturn(true); + when(userManager.contains(SCMContext.USER_ANONYMOUS)).thenReturn(true); MockHttpRequest request = post("sonia/scm/api/v2/config-test-update-with-anonymous-access.json"); MockHttpResponse response = new MockHttpResponse(); @@ -157,7 +157,7 @@ public class ConfigResourceTest { assertTrue(response.getContentAsString().contains("\"proxyPassword\":\"newPassword\"")); assertTrue(response.getContentAsString().contains("\"self\":{\"href\":\"/v2/config")); assertTrue("link not found", response.getContentAsString().contains("\"update\":{\"href\":\"/v2/config")); - verify(userManager, never()).create(new User("_anonymous")); + verify(userManager, never()).create(SCMContext.ANONYMOUS); } @Test diff --git a/scm-webapp/src/test/java/sonia/scm/lifecycle/SetupContextListenerTest.java b/scm-webapp/src/test/java/sonia/scm/lifecycle/SetupContextListenerTest.java index e518578607..27ddd42cc1 100644 --- a/scm-webapp/src/test/java/sonia/scm/lifecycle/SetupContextListenerTest.java +++ b/scm-webapp/src/test/java/sonia/scm/lifecycle/SetupContextListenerTest.java @@ -11,6 +11,7 @@ import org.mockito.Mock; import org.mockito.junit.jupiter.MockitoExtension; import org.mockito.junit.jupiter.MockitoSettings; import org.mockito.quality.Strictness; +import sonia.scm.SCMContext; import sonia.scm.config.ScmConfiguration; import sonia.scm.security.PermissionAssigner; import sonia.scm.security.PermissionDescriptor; @@ -112,7 +113,7 @@ class SetupContextListenerTest { setupContextListener.contextInitialized(null); - verify(userManager).create(new User("_anonymous")); + verify(userManager).create(SCMContext.ANONYMOUS); } @Test @@ -122,18 +123,18 @@ class SetupContextListenerTest { setupContextListener.contextInitialized(null); - verify(userManager, never()).create(new User("_anonymous")); + verify(userManager, never()).create(SCMContext.ANONYMOUS); } @Test void shouldNotCreateAnonymousUserIfAlreadyExists() { - List users = Lists.newArrayList(new User("_anonymous")); + List users = Lists.newArrayList(SCMContext.ANONYMOUS); when(userManager.getAll()).thenReturn(users); when(scmConfiguration.isAnonymousAccessEnabled()).thenReturn(true); setupContextListener.contextInitialized(null); - verify(userManager, times(1)).create(new User("_anonymous")); + verify(userManager, times(1)).create(SCMContext.ANONYMOUS); } private void verifyAdminPermissionsAssigned() {