Example 6 with UserNotFoundException
use of org.apache.archiva.redback.users.UserNotFoundException in project archiva by apache.
the class ArchivaUserManagerAuthenticator method authenticate.
@Override
public AuthenticationResult authenticate(AuthenticationDataSource ds) throws AuthenticationException, AccountLockedException, MustChangePasswordException {
boolean authenticationSuccess = false;
String username = null;
Exception resultException = null;
PasswordBasedAuthenticationDataSource source = (PasswordBasedAuthenticationDataSource) ds;
List<AuthenticationFailureCause> authnResultErrors = new ArrayList<>();
for (UserManager userManager : userManagers) {
try {
log.debug("Authenticate: {} with userManager: {}", source, userManager.getId());
User user = userManager.findUser(source.getUsername());
username = user.getUsername();
if (user.isLocked()) {
// throw new AccountLockedException( "Account " + source.getUsername() + " is locked.", user );
AccountLockedException e = new AccountLockedException("Account " + source.getUsername() + " is locked.", user);
log.warn("{}", e.getMessage());
resultException = e;
authnResultErrors.add(new AuthenticationFailureCause(AuthenticationConstants.AUTHN_LOCKED_USER_EXCEPTION, e.getMessage()));
}
if (user.isPasswordChangeRequired() && source.isEnforcePasswordChange()) {
// throw new MustChangePasswordException( "Password expired.", user );
MustChangePasswordException e = new MustChangePasswordException("Password expired.", user);
log.warn("{}", e.getMessage());
resultException = e;
authnResultErrors.add(new AuthenticationFailureCause(AuthenticationConstants.AUTHN_MUST_CHANGE_PASSWORD_EXCEPTION, e.getMessage()));
}
PasswordEncoder encoder = securityPolicy.getPasswordEncoder();
log.debug("PasswordEncoder: {}", encoder.getClass().getName());
boolean isPasswordValid = encoder.isPasswordValid(user.getEncodedPassword(), source.getPassword());
if (isPasswordValid) {
log.debug("User {} provided a valid password", source.getUsername());
try {
securityPolicy.extensionPasswordExpiration(user);
authenticationSuccess = true;
// REDBACK-151 do not make unnessesary updates to the user object
if (user.getCountFailedLoginAttempts() > 0) {
user.setCountFailedLoginAttempts(0);
if (!userManager.isReadOnly()) {
userManager.updateUser(user);
}
}
return new AuthenticationResult(true, source.getUsername(), null);
} catch (MustChangePasswordException e) {
user.setPasswordChangeRequired(true);
// throw e;
resultException = e;
authnResultErrors.add(new AuthenticationFailureCause(AuthenticationConstants.AUTHN_MUST_CHANGE_PASSWORD_EXCEPTION, e.getMessage()).user(user));
}
} else {
log.warn("Password is Invalid for user {} and userManager '{}'.", source.getUsername(), userManager.getId());
authnResultErrors.add(new AuthenticationFailureCause(AuthenticationConstants.AUTHN_NO_SUCH_USER, "Password is Invalid for user " + source.getUsername() + ".").user(user));
try {
securityPolicy.extensionExcessiveLoginAttempts(user);
} finally {
if (!userManager.isReadOnly()) {
userManager.updateUser(user);
}
}
// return new AuthenticationResult( false, source.getUsername(), null, authnResultExceptionsMap );
}
} catch (UserNotFoundException e) {
log.warn("Login for user {} and userManager {} failed. user not found.", source.getUsername(), userManager.getId());
resultException = e;
authnResultErrors.add(new AuthenticationFailureCause(AuthenticationConstants.AUTHN_NO_SUCH_USER, "Login for user " + source.getUsername() + " failed. user not found."));
} catch (Exception e) {
log.warn("Login for user {} and userManager {} failed, message: {}", source.getUsername(), userManager.getId(), e.getMessage());
e.printStackTrace();
resultException = e;
authnResultErrors.add(new AuthenticationFailureCause(AuthenticationConstants.AUTHN_RUNTIME_EXCEPTION, "Login for user " + source.getUsername() + " failed, message: " + e.getMessage()));
}
}
return new AuthenticationResult(authenticationSuccess, username, resultException, authnResultErrors);
}
Also used :
UserNotFoundException(org.apache.archiva.redback.users.UserNotFoundException)
AccountLockedException(org.apache.archiva.redback.policy.AccountLockedException)
User(org.apache.archiva.redback.users.User)
PasswordEncoder(org.apache.archiva.redback.policy.PasswordEncoder)
ArrayList(java.util.ArrayList)
RepositoryAdminException(org.apache.archiva.admin.model.RepositoryAdminException)
AuthenticationException(org.apache.archiva.redback.authentication.AuthenticationException)
UserNotFoundException(org.apache.archiva.redback.users.UserNotFoundException)
AccountLockedException(org.apache.archiva.redback.policy.AccountLockedException)
MustChangePasswordException(org.apache.archiva.redback.policy.MustChangePasswordException)
AuthenticationResult(org.apache.archiva.redback.authentication.AuthenticationResult)
MustChangePasswordException(org.apache.archiva.redback.policy.MustChangePasswordException)
AuthenticationFailureCause(org.apache.archiva.redback.authentication.AuthenticationFailureCause)
UserManager(org.apache.archiva.redback.users.UserManager)
PasswordBasedAuthenticationDataSource(org.apache.archiva.redback.authentication.PasswordBasedAuthenticationDataSource)
Example 7 with UserNotFoundException
use of org.apache.archiva.redback.users.UserNotFoundException in project archiva by apache.
the class RssFeedServlet method doGet.
@Override
public void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException {
String repoId = null;
String groupId = null;
String artifactId = null;
String url = StringUtils.removeEnd(req.getRequestURL().toString(), "/");
if (StringUtils.countMatches(StringUtils.substringAfter(url, "feeds/"), "/") > 0) {
artifactId = StringUtils.substringAfterLast(url, "/");
groupId = StringUtils.substringBeforeLast(StringUtils.substringAfter(url, "feeds/"), "/");
groupId = StringUtils.replaceChars(groupId, '/', '.');
} else if (StringUtils.countMatches(StringUtils.substringAfter(url, "feeds/"), "/") == 0) {
// we receive feeds?babla=ded which is not correct
if (StringUtils.countMatches(url, "feeds?") > 0) {
res.sendError(HttpServletResponse.SC_BAD_REQUEST, "Invalid request url.");
return;
}
repoId = StringUtils.substringAfterLast(url, "/");
} else {
res.sendError(HttpServletResponse.SC_BAD_REQUEST, "Invalid request url.");
return;
}
RssFeedProcessor processor = null;
try {
Map<String, String> map = new HashMap<>();
SyndFeed feed = null;
if (isAllowed(req, repoId, groupId, artifactId)) {
if (repoId != null) {
// new artifacts in repo feed request
processor = newArtifactsprocessor;
map.put(RssFeedProcessor.KEY_REPO_ID, repoId);
} else if ((groupId != null) && (artifactId != null)) {
// TODO: this only works for guest - we could pass in the list of repos
// new versions of artifact feed request
processor = newVersionsprocessor;
map.put(RssFeedProcessor.KEY_GROUP_ID, groupId);
map.put(RssFeedProcessor.KEY_ARTIFACT_ID, artifactId);
}
} else {
res.sendError(HttpServletResponse.SC_UNAUTHORIZED, USER_NOT_AUTHORIZED);
return;
}
RepositorySession repositorySession = repositorySessionFactory.createSession();
try {
feed = processor.process(map, repositorySession.getRepository());
} finally {
repositorySession.close();
}
if (feed == null) {
res.sendError(HttpServletResponse.SC_NO_CONTENT, "No information available.");
return;
}
res.setContentType(MIME_TYPE);
if (repoId != null) {
feed.setLink(req.getRequestURL().toString());
} else if ((groupId != null) && (artifactId != null)) {
feed.setLink(req.getRequestURL().toString());
}
SyndFeedOutput output = new SyndFeedOutput();
output.output(feed, res.getWriter());
} catch (UserNotFoundException unfe) {
log.debug(COULD_NOT_AUTHENTICATE_USER, unfe);
res.sendError(HttpServletResponse.SC_UNAUTHORIZED, COULD_NOT_AUTHENTICATE_USER);
} catch (AccountLockedException acce) {
res.sendError(HttpServletResponse.SC_UNAUTHORIZED, COULD_NOT_AUTHENTICATE_USER);
} catch (AuthenticationException authe) {
log.debug(COULD_NOT_AUTHENTICATE_USER, authe);
res.sendError(HttpServletResponse.SC_UNAUTHORIZED, COULD_NOT_AUTHENTICATE_USER);
} catch (FeedException ex) {
log.debug(COULD_NOT_GENERATE_FEED_ERROR, ex);
res.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, COULD_NOT_GENERATE_FEED_ERROR);
} catch (MustChangePasswordException e) {
res.sendError(HttpServletResponse.SC_UNAUTHORIZED, COULD_NOT_AUTHENTICATE_USER);
} catch (UnauthorizedException e) {
log.debug(e.getMessage());
if (repoId != null) {
res.setHeader("WWW-Authenticate", "Basic realm=\"Repository Archiva Managed " + repoId + " Repository");
} else {
res.setHeader("WWW-Authenticate", "Basic realm=\"Artifact " + groupId + ":" + artifactId);
}
res.sendError(HttpServletResponse.SC_UNAUTHORIZED, USER_NOT_AUTHORIZED);
}
}
Also used :
UserNotFoundException(org.apache.archiva.redback.users.UserNotFoundException)
AccountLockedException(org.apache.archiva.redback.policy.AccountLockedException)
HashMap(java.util.HashMap)
AuthenticationException(org.apache.archiva.redback.authentication.AuthenticationException)
FeedException(com.sun.syndication.io.FeedException)
SyndFeedOutput(com.sun.syndication.io.SyndFeedOutput)
RepositorySession(org.apache.archiva.metadata.repository.RepositorySession)
MustChangePasswordException(org.apache.archiva.redback.policy.MustChangePasswordException)
SyndFeed(com.sun.syndication.feed.synd.SyndFeed)
RssFeedProcessor(org.apache.archiva.rss.processor.RssFeedProcessor)
UnauthorizedException(org.apache.archiva.redback.authorization.UnauthorizedException)
Example 8 with UserNotFoundException
use of org.apache.archiva.redback.users.UserNotFoundException in project archiva by apache.
the class DefaultUserRepositories method createSession.
private SecuritySession createSession(String principal) throws ArchivaSecurityException, AccessDeniedException {
User user;
try {
user = securitySystem.getUserManager().findUser(principal);
if (user == null) {
throw new ArchivaSecurityException("The security system had an internal error - please check your system logs");
}
} catch (UserNotFoundException e) {
throw new PrincipalNotFoundException("Unable to find principal " + principal + "", e);
} catch (UserManagerException e) {
throw new ArchivaSecurityException(e.getMessage(), e);
}
if (user.isLocked()) {
throw new AccessDeniedException("User " + principal + "(" + user.getFullName() + ") is locked.");
}
AuthenticationResult authn = new AuthenticationResult(true, principal, null);
authn.setUser(user);
return new DefaultSecuritySession(authn, user);
}
Also used :
UserNotFoundException(org.apache.archiva.redback.users.UserNotFoundException)
User(org.apache.archiva.redback.users.User)
UserManagerException(org.apache.archiva.redback.users.UserManagerException)
DefaultSecuritySession(org.apache.archiva.redback.system.DefaultSecuritySession)
AuthenticationResult(org.apache.archiva.redback.authentication.AuthenticationResult)
Aggregations
UserNotFoundException (org.apache.archiva.redback.users.UserNotFoundException)8
User (org.apache.archiva.redback.users.User)7
UserManagerException (org.apache.archiva.redback.users.UserManagerException)6
RepositoryAdminException (org.apache.archiva.admin.model.RepositoryAdminException)4
AuthenticationResult (org.apache.archiva.redback.authentication.AuthenticationResult)4
UserManager (org.apache.archiva.redback.users.UserManager)4
DefaultSecuritySession (org.apache.archiva.redback.system.DefaultSecuritySession)3
ArrayList (java.util.ArrayList)2
AuthenticationException (org.apache.archiva.redback.authentication.AuthenticationException)2
AuthorizationException (org.apache.archiva.redback.authorization.AuthorizationException)2
UnauthorizedException (org.apache.archiva.redback.authorization.UnauthorizedException)2
AccountLockedException (org.apache.archiva.redback.policy.AccountLockedException)2
MustChangePasswordException (org.apache.archiva.redback.policy.MustChangePasswordException)2
SecuritySession (org.apache.archiva.redback.system.SecuritySession)2
AbstractUserManager (org.apache.archiva.redback.users.AbstractUserManager)2
SyndFeed (com.sun.syndication.feed.synd.SyndFeed)1
FeedException (com.sun.syndication.io.FeedException)1
SyndFeedOutput (com.sun.syndication.io.SyndFeedOutput)1
IOException (java.io.IOException)1
Path (java.nio.file.Path)1
