Permalink
Browse files

git-svn-id: file:///opt/svn/repositories/sonatype.org/nexus/tags/nexu…

…s-test-harness-env-plugin@3589 2aa8b3fc-8ebb-4439-a84f-95066eaea8ab
  • Loading branch information...
1 parent 18523c0 commit a9aecae71e7e0f78223b59d38b58fdf58281cdcb velo committed Mar 6, 2009
Showing 1,088 changed files with 61,771 additions and 0 deletions.
@@ -0,0 +1,85 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.sonatype.nexus</groupId>
+ <artifactId>nexus-test-harness</artifactId>
+ <version>1.4.0-SNAPSHOT</version>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>nexus-simple-memory-realm</artifactId>
+ <name>Nexus Test Harness Simple Memory Realm</name>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.codehaus.plexus</groupId>
+ <artifactId>plexus-component-metadata</artifactId>
+ </plugin>
+ </plugins>
+ </build>
+ <dependencies>
+
+ <dependency>
+ <artifactId>plexus-delegating-realm</artifactId>
+ <groupId>org.sonatype.jsecurity</groupId>
+ <version>${plexus-jsecurity-realms.version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.jsecurity</groupId>
+ <artifactId>jsecurity</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.codehaus.plexus</groupId>
+ <artifactId>plexus-utils</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.codehaus.plexus</groupId>
+ <artifactId>plexus-container-default</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ <scope>runtime</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-log4j12</artifactId>
+ <scope>runtime</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>jcl-over-slf4j</artifactId>
+ <scope>runtime</scope>
+ </dependency>
+ <dependency>
+ <groupId>log4j</groupId>
+ <artifactId>log4j</artifactId>
+ </dependency>
+ <!-- For realm tests -->
+ <dependency>
+ <groupId>org.sonatype.nexus</groupId>
+ <artifactId>nexus-app</artifactId>
+ <type>test-jar</type>
+ <scope>test</scope>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.sonatype.nexus</groupId>
+ <artifactId>nexus-app</artifactId>
+ <scope>test</scope>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.sonatype.nexus</groupId>
+ <artifactId>nexus-rest-api</artifactId>
+ <scope>test</scope>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.sonatype.nexus</groupId>
+ <artifactId>nexus-proxy</artifactId>
+ <scope>test</scope>
+ <version>${project.version}</version>
+ </dependency>
+ </dependencies>
+</project>
@@ -0,0 +1,109 @@
+/**
+ * Sonatype Nexus (TM) Open Source Version.
+ * Copyright (c) 2008 Sonatype, Inc. All rights reserved.
+ * Includes the third-party code listed at http://nexus.sonatype.org/dev/attributions.html
+ * This program is licensed to you under Version 3 only of the GNU General Public License as published by the Free Software Foundation.
+ * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
+ * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the GNU General Public License Version 3 for more details.
+ * You should have received a copy of the GNU General Public License Version 3 along with this program.
+ * If not, see http://www.gnu.org/licenses/.
+ * Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc.
+ * "Sonatype" and "Sonatype Nexus" are trademarks of Sonatype, Inc.
+ */
+package org.sonatype.jsecurity.realms;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.codehaus.plexus.component.annotations.Component;
+import org.jsecurity.authc.AuthenticationException;
+import org.jsecurity.authc.AuthenticationInfo;
+import org.jsecurity.authc.AuthenticationToken;
+import org.jsecurity.authc.SimpleAuthenticationInfo;
+import org.jsecurity.authc.UsernamePasswordToken;
+import org.jsecurity.authc.credential.SimpleCredentialsMatcher;
+import org.jsecurity.authz.AuthorizationInfo;
+import org.jsecurity.realm.AuthorizingRealm;
+import org.jsecurity.subject.PrincipalCollection;
+
+/**
+ * This is a sample of how you can inject your own authentication system
+ * but still leave the authorization to nexus.
+ *
+ * This MemoryAuthenticationOnlyRealm will handle authentication on its own
+ *
+ * This class can also be loaded by nexus as either a regular class, or as a
+ * plexus component. In the nexus.xml file, you can remove the default
+ * XmlAuthenticatingRealm and add this realm as either
+ * org.sonatype.jsecurity.realms.MemoryAuthenticationOnlyRealm, or
+ * use the role-hint of MemoryAuthenticationOnlyRealm.
+ *
+ */
+@Component(role=org.jsecurity.realm.Realm.class, hint="MemoryAuthenticationOnlyRealm")
+public class MemoryAuthenticationOnlyRealm
+ extends AuthorizingRealm
+{
+ // Map containing username/password pairs
+ private Map<String,String> authenticationMap = new HashMap<String,String>();
+
+ /**
+ * This is where we are building the security model, not that the passwords have
+ * been changed from the default nexus security, to make for easy validation
+ */
+ public MemoryAuthenticationOnlyRealm()
+ {
+ // As this is a simple test realm, only using simple credentials
+ // just a string compare, no hashing involved
+ setCredentialsMatcher( new SimpleCredentialsMatcher() );
+
+ authenticationMap.put( "admin", "admin321" );
+ authenticationMap.put( "deployment", "deployment321" );
+ authenticationMap.put( "anonymous", "anonymous" );
+ }
+
+ public String getName()
+ {
+ return MemoryAuthenticationOnlyRealm.class.getName();
+ }
+
+ /**
+ * This method is where the authentication is controlled. You will receive a
+ * token, from which you can retrieve the username. Then you can lookup in your
+ * storage, the credentials for that user, place those in an AuthenticationInfo
+ * object and return it, the credential matcher will handle comparing them.
+ *
+ * @see org.jsecurity.realm.AuthenticatingRealm#doGetAuthenticationInfo(org.jsecurity.authc.AuthenticationToken)
+ */
+ @Override
+ protected AuthenticationInfo doGetAuthenticationInfo( AuthenticationToken arg0 )
+ throws AuthenticationException
+ {
+ if ( !UsernamePasswordToken.class.isAssignableFrom( arg0.getClass() ) )
+ {
+ return null;
+ }
+
+ String username = ( ( UsernamePasswordToken ) arg0 ).getUsername();
+
+ String password = authenticationMap.get( username );
+
+ if ( password == null )
+ {
+ throw new AuthenticationException( "Invalid username '" + username + "'");
+ }
+
+ return new SimpleAuthenticationInfo( username, password, getName() );
+ }
+
+ /**
+ * As this is an authentication only realm, we just return null for authorization
+ *
+ * @see org.jsecurity.realm.AuthorizingRealm#doGetAuthorizationInfo(org.jsecurity.subject.PrincipalCollection)
+ */
+ @Override
+ protected AuthorizationInfo doGetAuthorizationInfo( PrincipalCollection arg0 )
+ {
+ return null;
+ }
+}
Oops, something went wrong.

0 comments on commit a9aecae

Please sign in to comment.