Skip to content
Permalink
Browse files
fix unit test
  • Loading branch information
olamy committed Feb 5, 2015
1 parent 5bf9065 commit 8bdcfbb8a0ceeed657a2a0c90797ab309948176e
Showing 4 changed files with 51 additions and 19 deletions.
@@ -32,7 +32,8 @@
<name>Redback :: Integration :: REST :: Services</name>

<properties>
<tomcatVersion>7.0.54</tomcatVersion>
<tomcatVersion>7.0.57</tomcatVersion>
<rest.test.timeout>1000000</rest.test.timeout>
</properties>

<dependencies>
@@ -276,6 +277,7 @@
<redback.jdbc.url>${redbackTestJdbcUrl}</redback.jdbc.url>
<redback.jdbc.driver.name>${redbackTestJdbcDriver}</redback.jdbc.driver.name>
<ldapPort>${ldapPort}</ldapPort>
<rest.test.timeout>${rest.test.timeout}</rest.test.timeout>
</systemPropertyVariables>
</configuration>
</plugin>
@@ -156,29 +156,23 @@ public void filter( ContainerRequestContext containerRequestContext )
catch ( UserNotFoundException e )
{
log.debug( "UserNotFoundException for path {}", message.get( Message.REQUEST_URI ) );
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );
}
catch ( AccountLockedException e )
{
log.debug( "account locked for path {}", message.get( Message.REQUEST_URI ) );
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );

}
catch ( MustChangePasswordException e )
{
log.debug( "must change password for path {}", message.get( Message.REQUEST_URI ) );
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );

}
catch ( AuthenticationException e )
{
log.debug( "failed to authenticate for path {}", message.get( Message.REQUEST_URI ) );
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );
}
catch ( UserManagerException e )
{
log.debug( "UserManagerException: {} for path", e.getMessage(), message.get( Message.REQUEST_URI ) );
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );
}
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );
}
}
@@ -19,10 +19,13 @@
* under the License.
*/

import org.apache.archiva.redback.authentication.AuthenticationException;
import org.apache.archiva.redback.authentication.AuthenticationResult;
import org.apache.archiva.redback.authorization.AuthorizationException;
import org.apache.archiva.redback.authorization.RedbackAuthorization;
import org.apache.archiva.redback.integration.filter.authentication.basic.HttpBasicAuthentication;
import org.apache.archiva.redback.policy.AccountLockedException;
import org.apache.archiva.redback.policy.MustChangePasswordException;
import org.apache.archiva.redback.system.SecuritySession;
import org.apache.archiva.redback.system.SecuritySystem;
import org.apache.commons.lang.StringUtils;
@@ -71,7 +74,7 @@ public void filter( ContainerRequestContext containerRequestContext )
{
if ( redbackAuthorization.noRestriction() )
{
// we are fine this services is marked as non restrictive acces
// we are fine this services is marked as non restrictive access
return;
}
String[] permissions = redbackAuthorization.permissions();
@@ -80,8 +83,32 @@ public void filter( ContainerRequestContext containerRequestContext )
permissions[0] ) ) )
{
HttpServletRequest request = getHttpServletRequest( message );
SecuritySession session = httpAuthenticator.getSecuritySession( request.getSession() );
SecuritySession securitySession = httpAuthenticator.getSecuritySession( request.getSession( true ) );
AuthenticationResult authenticationResult = message.get( AuthenticationResult.class );

if ( authenticationResult == null )
{
try
{
authenticationResult = httpAuthenticator.getAuthenticationResult( request, getHttpServletResponse( message ) );
}
catch ( AuthenticationException e )
{
log.debug( "failed to authenticate for path {}", message.get( Message.REQUEST_URI ) );
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );
}
catch ( AccountLockedException e )
{
log.debug( "account locked for path {}", message.get( Message.REQUEST_URI ) );
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );
}
catch ( MustChangePasswordException e )
{
log.debug( "must change password for path {}", message.get( Message.REQUEST_URI ) );
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );
}
}

if ( authenticationResult != null && authenticationResult.isAuthenticated() )
{
for ( String permission : permissions )
@@ -92,7 +119,7 @@ public void filter( ContainerRequestContext containerRequestContext )
}
try
{
if ( securitySystem.isAuthorized( session, permission,
if ( securitySystem.isAuthorized( securitySession, permission,
StringUtils.isBlank( redbackAuthorization.resource() )
? null
: redbackAuthorization.resource() ) )
@@ -101,8 +128,12 @@ public void filter( ContainerRequestContext containerRequestContext )
}
else
{
log.debug( "user {} not authorized for permission {}", session.getUser().getUsername(),
permission );
if ( securitySession != null && securitySession.getUser() != null )
{
log.debug( "user {} not authorized for permission {}", //
securitySession.getUser().getUsername(), //
permission );
}
}
}
catch ( AuthorizationException e )
@@ -116,9 +147,9 @@ public void filter( ContainerRequestContext containerRequestContext )
}
else
{
if ( session != null && session.getUser() != null )
if ( securitySession != null && securitySession.getUser() != null )
{
log.debug( "user {} not authenticated", session.getUser().getUsername() );
log.debug( "user {} not authenticated", securitySession.getUser().getUsername() );
}
}
}
@@ -62,6 +62,11 @@
public String authorizationHeader = getAdminAuthzHeader();


public long getTimeout()
{
return Long.getLong( "rest.test.timeout", 1000000 );
}

public static String encode( String uid, String password )
{
return "Basic " + Base64Utility.encode( ( uid + ":" + password ).getBytes() );
@@ -159,7 +164,7 @@ protected UserService getUserService( String authzHeader )
UserService.class, Collections.singletonList( new JacksonJaxbJsonProvider() ) );

// time out for debuging purpose
WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( 100000 );
WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( getTimeout() );

if ( authzHeader != null )
{
@@ -180,7 +185,7 @@ protected RoleManagementService getRoleManagementService( String authzHeader )
Collections.singletonList( new JacksonJaxbJsonProvider() ) );

// for debuging purpose
WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( 100000 );
WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( getTimeout() );

if ( authzHeader != null )
{
@@ -200,7 +205,7 @@ protected LoginService getLoginService( String authzHeader )
LoginService.class, Collections.singletonList( new JacksonJaxbJsonProvider() ) );

// for debuging purpose
WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( 100000 );
WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( getTimeout() );

if ( authzHeader != null )
{
@@ -222,7 +227,7 @@ protected LdapGroupMappingService getLdapGroupMappingService( String authzHeader
Collections.singletonList( new JacksonJaxbJsonProvider() ) );

// for debuging purpose
WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( 100000 );
WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( getTimeout() );

if ( authzHeader != null )
{

0 comments on commit 8bdcfbb

Please sign in to comment.