Example 16 with NotAuthorizedException
use of io.milton.http.exceptions.NotAuthorizedException in project lobcder by skoulouzis.
the class UserManagerAdapter method authenticate.
@Override
public User authenticate(Authentication authentication) throws AuthenticationFailedException {
if (authentication instanceof UsernamePasswordAuthentication) {
UsernamePasswordAuthentication upa = (UsernamePasswordAuthentication) authentication;
String user = upa.getUsername();
String password = upa.getPassword();
log.debug("authenticate: " + user);
NameAndAuthority naa = NameAndAuthority.parse(user);
if (naa.domain == null) {
log.warn("invalid login. no domain specified. use form: user#domain");
return null;
}
Resource hostRoot;
try {
hostRoot = resourceFactory.getResource(naa.domain, "/");
} catch (NotAuthorizedException ex) {
throw new RuntimeException(ex);
} catch (BadRequestException ex) {
throw new RuntimeException(ex);
}
if (hostRoot == null) {
log.warn("failed to find root for domain: " + naa.domain);
return null;
}
Object oUser = hostRoot.authenticate(naa.toMilton(), password);
if (oUser != null) {
return new MiltonUser(oUser, naa.toMilton(), naa.domain);
} else {
log.debug("authentication failed: " + user);
return null;
}
} else if (authentication instanceof AnonymousAuthentication) {
log.debug("anonymous login not supported");
return null;
} else {
log.warn("unknown authentication type: " + authentication.getClass());
return null;
}
}
Also used :
AnonymousAuthentication(org.apache.ftpserver.usermanager.AnonymousAuthentication)
UsernamePasswordAuthentication(org.apache.ftpserver.usermanager.UsernamePasswordAuthentication)
Resource(io.milton.resource.Resource)
BadRequestException(io.milton.http.exceptions.BadRequestException)
NotAuthorizedException(io.milton.http.exceptions.NotAuthorizedException)
Example 17 with NotAuthorizedException
use of io.milton.http.exceptions.NotAuthorizedException in project lobcder by skoulouzis.
the class MiltonFsView method changeWorkingDirectory.
@Override
public boolean changeWorkingDirectory(String dir) throws FtpException {
try {
log.debug("cd: " + dir + " from " + currentPath);
Path p = Path.path(dir);
ResourceAndPath rp = getResource(p);
if (rp.resource == null) {
log.debug("not found: " + p);
return false;
} else if (rp.resource instanceof CollectionResource) {
current = (CollectionResource) rp.resource;
currentPath = rp.path;
log.debug("currentPath is now: " + currentPath);
return true;
} else {
log.debug("not a collection: " + rp.resource.getName());
return false;
}
} catch (NotAuthorizedException ex) {
throw new FtpException(ex);
} catch (BadRequestException ex) {
throw new FtpException(ex);
}
}
Also used :
Path(io.milton.common.Path)
CollectionResource(io.milton.resource.CollectionResource)
BadRequestException(io.milton.http.exceptions.BadRequestException)
FtpException(org.apache.ftpserver.ftplet.FtpException)
NotAuthorizedException(io.milton.http.exceptions.NotAuthorizedException)
Example 18 with NotAuthorizedException
use of io.milton.http.exceptions.NotAuthorizedException in project lobcder by skoulouzis.
the class MiltonFsView method getFile.
@Override
public FtpFile getFile(String path) throws FtpException {
try {
log.debug("getFile: " + path);
if (path.startsWith(".")) {
path = currentPath.toString() + path.substring(1);
log.debug("getFile2: " + path);
}
Path p = Path.path(path);
ResourceAndPath rp = getResource(p);
if (rp.resource == null) {
log.debug("returning new file");
return new MiltonFtpFile(this, rp.path, this.current, null, user);
} else {
return new MiltonFtpFile(this, rp.path, rp.resource, user);
}
} catch (NotAuthorizedException ex) {
throw new FtpException(ex);
} catch (BadRequestException ex) {
throw new FtpException(ex);
}
}
Also used :
Path(io.milton.common.Path)
BadRequestException(io.milton.http.exceptions.BadRequestException)
FtpException(org.apache.ftpserver.ftplet.FtpException)
NotAuthorizedException(io.milton.http.exceptions.NotAuthorizedException)
Example 19 with NotAuthorizedException
use of io.milton.http.exceptions.NotAuthorizedException in project lobcder by skoulouzis.
the class JsonPropPatchHandler method process.
public PropFindResponse process(Resource wrappedResource, String encodedUrl, Map<String, String> params) throws NotAuthorizedException, ConflictException, BadRequestException {
log.trace("process");
Map<QName, String> fields = new HashMap<QName, String>();
for (String fieldName : params.keySet()) {
String sFieldValue = params.get(fieldName);
QName qn;
if (fieldName.contains(":")) {
// name is of form uri:local E.g. MyDav:authorName
String[] parts = fieldName.split(":");
String nsUri = parts[0];
String localName = parts[1];
qn = new QName(nsUri, localName);
} else {
// name is simple form E.g. displayname, default nsUri to DAV
qn = new QName(WebDavProtocol.NS_DAV.getPrefix(), fieldName);
}
log.debug("field: " + qn);
fields.put(qn, sFieldValue);
}
ParseResult parseResult = new ParseResult(fields, null);
if (log.isTraceEnabled()) {
log.trace("check permissions with: " + permissionService.getClass());
}
Set<PropertyAuthoriser.CheckResult> errorFields = permissionService.checkPermissions(HttpManager.request(), Method.PROPPATCH, PropertyAuthoriser.PropertyPermission.WRITE, fields.keySet(), wrappedResource);
if (errorFields != null && errorFields.size() > 0) {
log.info("authorisation errors: " + errorFields.size() + " from permissionService: " + permissionService.getClass());
if (log.isTraceEnabled()) {
for (CheckResult e : errorFields) {
LogUtils.trace(log, " - field error: ", e.getField(), e.getStatus(), e.getDescription());
}
}
throw new NotAuthorizedException(wrappedResource);
} else {
LogUtils.trace(log, "setting properties with", patchSetter.getClass());
PropFindResponse resp = patchSetter.setProperties(encodedUrl, parseResult, wrappedResource);
if (eventManager != null) {
log.trace("fire event");
eventManager.fireEvent(new PropPatchEvent(wrappedResource, resp));
} else {
log.trace("no event manager");
}
if (resp.getErrorProperties().size() > 0) {
LogUtils.warn(log, "Encountered errors setting fields with patch setter", patchSetter.getClass());
}
if (log.isTraceEnabled()) {
if (resp.getErrorProperties().size() > 0) {
for (List<NameAndError> e : resp.getErrorProperties().values()) {
for (NameAndError ne : e) {
LogUtils.trace(log, " - field error setting properties: ", ne.getName(), ne.getError());
}
}
}
}
return resp;
}
}
Also used :
ParseResult(io.milton.http.webdav.PropPatchRequestParser.ParseResult)
HashMap(java.util.HashMap)
QName(javax.xml.namespace.QName)
NotAuthorizedException(io.milton.http.exceptions.NotAuthorizedException)
NameAndError(io.milton.http.webdav.PropFindResponse.NameAndError)
CheckResult(io.milton.property.PropertyAuthoriser.CheckResult)
PropFindResponse(io.milton.http.webdav.PropFindResponse)
PropPatchEvent(io.milton.event.PropPatchEvent)
Example 20 with NotAuthorizedException
use of io.milton.http.exceptions.NotAuthorizedException in project lobcder by skoulouzis.
the class PropPatchHandler method doPropPatch.
public PropFindResponse doPropPatch(Request request, Resource resource) throws NotAuthorizedException, IOException, BadRequestException {
InputStream in = request.getInputStream();
ParseResult parseResult = requestParser.getRequestedFields(in);
// Check that the current user has permission to write requested fields
Set<QName> allFields = getAllFields(parseResult);
if (log.isTraceEnabled()) {
log.trace("check permissions with: " + permissionService.getClass().getCanonicalName());
}
Set<PropertyAuthoriser.CheckResult> errorFields = permissionService.checkPermissions(request, request.getMethod(), PropertyAuthoriser.PropertyPermission.WRITE, allFields, resource);
if (errorFields != null && errorFields.size() > 0) {
throw new NotAuthorizedException(resource);
}
String href = request.getAbsoluteUrl();
href = DefaultPropFindPropertyBuilder.fixUrlForWindows(href);
PropFindResponse resp = patchSetter.setProperties(href, parseResult, resource);
return resp;
}
Also used :
ParseResult(io.milton.http.webdav.PropPatchRequestParser.ParseResult)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
QName(javax.xml.namespace.QName)
NotAuthorizedException(io.milton.http.exceptions.NotAuthorizedException)
Aggregations
NotAuthorizedException (io.milton.http.exceptions.NotAuthorizedException)40
BadRequestException (io.milton.http.exceptions.BadRequestException)29
IOException (java.io.IOException)12
Resource (io.milton.resource.Resource)10
URISyntaxException (java.net.URISyntaxException)9
Connection (java.sql.Connection)9
SQLException (java.sql.SQLException)9
ConflictException (io.milton.http.exceptions.ConflictException)7
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)7
PreConditionFailedException (io.milton.http.exceptions.PreConditionFailedException)6
UnsupportedEncodingException (java.io.UnsupportedEncodingException)6
Permissions (nl.uva.cs.lobcder.auth.Permissions)6
NotFoundException (io.milton.http.exceptions.NotFoundException)5
CollectionResource (io.milton.resource.CollectionResource)5
ReplaceableResource (io.milton.resource.ReplaceableResource)5
QName (javax.xml.namespace.QName)5
Path (io.milton.common.Path)4
LockedException (io.milton.http.exceptions.LockedException)4
ValueAndType (io.milton.http.values.ValueAndType)4
LogicalData (nl.uva.cs.lobcder.resources.LogicalData)4
