diff --git a/scm-web-api/src/main/java/sonia/scm/web/security/AuthenticationHandler.java b/scm-web-api/src/main/java/sonia/scm/web/security/AuthenticationHandler.java new file mode 100644 index 0000000000..95c3ddb29f --- /dev/null +++ b/scm-web-api/src/main/java/sonia/scm/web/security/AuthenticationHandler.java @@ -0,0 +1,68 @@ +/** + * Copyright (c) 2010, Sebastian Sdorra + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * 3. Neither the name of SCM-Manager; nor the names of its + * contributors may be used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY + * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + * http://bitbucket.org/sdorra/scm-manager + * + */ + + + +package sonia.scm.web.security; + +//~--- non-JDK imports -------------------------------------------------------- + +import sonia.scm.Initable; +import sonia.scm.TypedObject; + +//~--- JDK imports ------------------------------------------------------------ + +import java.io.Closeable; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * + * @author Sebastian Sdorra + */ +public interface AuthenticationHandler extends Initable, Closeable, TypedObject +{ + + /** + * Method description + * + * + * @param request + * @param response + * @param username + * @param password + * + * @return + */ + public AuthenticationResult authenticate(HttpServletRequest request, + HttpServletResponse response, String username, String password); +} diff --git a/scm-web-api/src/main/java/sonia/scm/web/security/AuthenticationManager.java b/scm-web-api/src/main/java/sonia/scm/web/security/AuthenticationManager.java index 5ae0d94c12..566d227358 100644 --- a/scm-web-api/src/main/java/sonia/scm/web/security/AuthenticationManager.java +++ b/scm-web-api/src/main/java/sonia/scm/web/security/AuthenticationManager.java @@ -36,6 +36,7 @@ package sonia.scm.web.security; //~--- non-JDK imports -------------------------------------------------------- import sonia.scm.Initable; +import sonia.scm.user.User; //~--- JDK imports ------------------------------------------------------------ @@ -62,6 +63,7 @@ public interface AuthenticationManager extends Initable, Closeable * * @return */ - public AuthenticationResult authenticate(HttpServletRequest request, - HttpServletResponse response, String username, String password); + public User authenticate(HttpServletRequest request, + HttpServletResponse response, String username, + String password); } diff --git a/scm-web-api/src/main/java/sonia/scm/web/security/AuthenticationResult.java b/scm-web-api/src/main/java/sonia/scm/web/security/AuthenticationResult.java index e8a51e7b4d..9730d07f48 100644 --- a/scm-web-api/src/main/java/sonia/scm/web/security/AuthenticationResult.java +++ b/scm-web-api/src/main/java/sonia/scm/web/security/AuthenticationResult.java @@ -45,8 +45,8 @@ public class AuthenticationResult { /** Field description */ - public static final AuthenticationResult NEXT = - new AuthenticationResult(AuthenticationState.NEXT); + public static final AuthenticationResult NOT_FOUND = + new AuthenticationResult(AuthenticationState.NOT_FOUND); /** Field description */ public static final AuthenticationResult FAILED = @@ -65,6 +65,18 @@ public class AuthenticationResult this.state = state; } + /** + * Constructs ... + * + * + * + * @param user + */ + public AuthenticationResult(User user) + { + this.state = AuthenticationState.SUCCESS; + } + /** * Constructs ... * diff --git a/scm-web-api/src/main/java/sonia/scm/web/security/AuthenticationState.java b/scm-web-api/src/main/java/sonia/scm/web/security/AuthenticationState.java index c9a4ccb603..277c0edb5a 100644 --- a/scm-web-api/src/main/java/sonia/scm/web/security/AuthenticationState.java +++ b/scm-web-api/src/main/java/sonia/scm/web/security/AuthenticationState.java @@ -39,8 +39,7 @@ package sonia.scm.web.security; */ public enum AuthenticationState { - CREATE_USER(true), MODIFY_USER(true), SUCCESS(true), NEXT(false), - FAILED(false); + SUCCESS(true), NOT_FOUND(false), FAILED(false); /** * Constructs ... diff --git a/scm-web-api/src/main/java/sonia/scm/web/security/BasicSecurityContext.java b/scm-web-api/src/main/java/sonia/scm/web/security/BasicSecurityContext.java index a863c1252c..b611ba97dc 100644 --- a/scm-web-api/src/main/java/sonia/scm/web/security/BasicSecurityContext.java +++ b/scm-web-api/src/main/java/sonia/scm/web/security/BasicSecurityContext.java @@ -96,28 +96,26 @@ public class BasicSecurityContext implements WebSecurityContext HttpServletResponse response, String username, String password) { - AuthenticationResult result = authenticator.authenticate(request, response, - username, password); + user = authenticator.authenticate(request, response, username, password); - if (result.getState().isSuccessfully()) + if (user != null) { - user = result.getUser(); - try { - switch (result.getState()) + user.setLastLogin(System.currentTimeMillis()); + + if (userManager.contains(username)) { - case CREATE_USER : - userManager.create(user); - - break; - - case MODIFY_USER : - userManager.modify(user); + userManager.modify(user); + } + else + { + userManager.create(user); } } catch (Exception ex) { + user = null; logger.error(ex.getMessage(), ex); } } diff --git a/scm-web-api/src/main/java/sonia/scm/web/security/ChainAuthenticatonManager.java b/scm-web-api/src/main/java/sonia/scm/web/security/ChainAuthenticatonManager.java index cbc83d79e7..b56bf93b9b 100644 --- a/scm-web-api/src/main/java/sonia/scm/web/security/ChainAuthenticatonManager.java +++ b/scm-web-api/src/main/java/sonia/scm/web/security/ChainAuthenticatonManager.java @@ -42,6 +42,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import sonia.scm.SCMContextProvider; +import sonia.scm.user.User; import sonia.scm.util.AssertUtil; import sonia.scm.util.IOUtil; @@ -72,13 +73,14 @@ public class ChainAuthenticatonManager implements AuthenticationManager * Constructs ... * * - * @param authenticatorSet + * @param authenticationHandlerSet */ @Inject - public ChainAuthenticatonManager(Set authenticatorSet) + public ChainAuthenticatonManager( + Set authenticationHandlerSet) { - AssertUtil.assertIsNotEmpty(authenticatorSet); - this.authenticatorSet = authenticatorSet; + AssertUtil.assertIsNotEmpty(authenticationHandlerSet); + this.authenticationHandlerSet = authenticationHandlerSet; } //~--- methods -------------------------------------------------------------- @@ -95,17 +97,18 @@ public class ChainAuthenticatonManager implements AuthenticationManager * @return */ @Override - public AuthenticationResult authenticate(HttpServletRequest request, - HttpServletResponse response, String username, String password) + public User authenticate(HttpServletRequest request, + HttpServletResponse response, String username, + String password) { - AuthenticationResult result = null; + User user = null; - for (AuthenticationManager authenticator : authenticatorSet) + for (AuthenticationHandler authenticator : authenticationHandlerSet) { try { - result = authenticator.authenticate(request, response, username, - password); + AuthenticationResult result = authenticator.authenticate(request, + response, username, password); if (logger.isDebugEnabled()) { @@ -113,9 +116,16 @@ public class ChainAuthenticatonManager implements AuthenticationManager authenticator.getClass().getName(), result); } - if (((result != null) && result.getState().isSuccessfully()) - || (result.getState() == AuthenticationState.FAILED)) + if ((result != null) && (result.getState() != null) + && (result.getState().isSuccessfully() + || (result.getState() == AuthenticationState.FAILED))) { + if (result.getState().isSuccessfully() && (result.getUser() != null)) + { + user = result.getUser(); + user.setType(authenticator.getType()); + } + break; } } @@ -125,7 +135,7 @@ public class ChainAuthenticatonManager implements AuthenticationManager } } - return result; + return user; } /** @@ -137,7 +147,7 @@ public class ChainAuthenticatonManager implements AuthenticationManager @Override public void close() throws IOException { - for (AuthenticationManager authenticator : authenticatorSet) + for (AuthenticationHandler authenticator : authenticationHandlerSet) { IOUtil.close(authenticator); } @@ -152,7 +162,7 @@ public class ChainAuthenticatonManager implements AuthenticationManager @Override public void init(SCMContextProvider context) { - for (AuthenticationManager authenticator : authenticatorSet) + for (AuthenticationHandler authenticator : authenticationHandlerSet) { authenticator.init(context); } @@ -161,5 +171,5 @@ public class ChainAuthenticatonManager implements AuthenticationManager //~--- fields --------------------------------------------------------------- /** Field description */ - private Set authenticatorSet; + private Set authenticationHandlerSet; } diff --git a/scm-web-api/src/main/java/sonia/scm/web/security/XmlAuthenticationManager.java b/scm-web-api/src/main/java/sonia/scm/web/security/XmlAuthenticationHandler.java similarity index 89% rename from scm-web-api/src/main/java/sonia/scm/web/security/XmlAuthenticationManager.java rename to scm-web-api/src/main/java/sonia/scm/web/security/XmlAuthenticationHandler.java index e57c4e1cca..74538dc898 100644 --- a/scm-web-api/src/main/java/sonia/scm/web/security/XmlAuthenticationManager.java +++ b/scm-web-api/src/main/java/sonia/scm/web/security/XmlAuthenticationHandler.java @@ -58,7 +58,7 @@ import javax.servlet.http.HttpServletResponse; * @author Sebastian Sdorra */ @Singleton -public class XmlAuthenticationManager implements AuthenticationManager +public class XmlAuthenticationHandler implements AuthenticationHandler { /** Field description */ @@ -67,9 +67,9 @@ public class XmlAuthenticationManager implements AuthenticationManager /** Field description */ public static final String TYPE = "xml"; - /** the logger for XmlAuthenticationManager */ + /** the logger for XmlAuthenticationHandler */ private static final Logger logger = - LoggerFactory.getLogger(XmlAuthenticationManager.class); + LoggerFactory.getLogger(XmlAuthenticationHandler.class); //~--- constructors --------------------------------------------------------- @@ -81,7 +81,7 @@ public class XmlAuthenticationManager implements AuthenticationManager * @param encryptionHandler */ @Inject - public XmlAuthenticationManager(UserManager userManager, + public XmlAuthenticationHandler(UserManager userManager, EncryptionHandler encryptionHandler) { this.userManager = userManager; @@ -121,7 +121,7 @@ public class XmlAuthenticationManager implements AuthenticationManager logger.debug("{} is not an xml user", username); } - result = AuthenticationResult.NEXT; + result = AuthenticationResult.NOT_FOUND; } } else @@ -131,7 +131,7 @@ public class XmlAuthenticationManager implements AuthenticationManager logger.debug("could not find user {}", username); } - result = AuthenticationResult.NEXT; + result = AuthenticationResult.NOT_FOUND; } return result; @@ -163,6 +163,22 @@ public class XmlAuthenticationManager implements AuthenticationManager // do nothing } + //~--- get methods ---------------------------------------------------------- + + /** + * Method description + * + * + * @return + */ + @Override + public String getType() + { + return TYPE; + } + + //~--- methods -------------------------------------------------------------- + /** * Method description *