svn commit: r468507 - /maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryAccess.java

Fri, 27 Oct 2006 12:22:10 -0700 

Author: joakime
Date: Fri Oct 27 12:21:46 2006
New Revision: 468507

URL: http://svn.apache.org/viewvc?view=rev&rev=468507
Log:
* Making authenication optional (if provided, then authenticate)
* Making authorization denial reason be dumped to log file.


Modified:
    
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryAccess.java

Modified: 
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryAccess.java
URL: 
http://svn.apache.org/viewvc/maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryAccess.java?view=diff&rev=468507&r1=468506&r2=468507
==============================================================================
--- 
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryAccess.java
 (original)
+++ 
maven/archiva/trunk/archiva-webapp/src/main/java/org/apache/maven/archiva/web/servlet/repository/RepositoryAccess.java
 Fri Oct 27 12:21:46 2006
@@ -27,6 +27,7 @@
 import org.codehaus.plexus.security.authentication.AuthenticationException;
 import org.codehaus.plexus.security.authentication.AuthenticationResult;
 import org.codehaus.plexus.security.authorization.AuthorizationException;
+import org.codehaus.plexus.security.authorization.AuthorizationResult;
 import org.codehaus.plexus.security.policy.AccountLockedException;
 import org.codehaus.plexus.security.policy.MustChangePasswordException;
 import org.codehaus.plexus.security.system.SecuritySession;
@@ -134,19 +135,18 @@
         }
 
         // Authentication Tests.
-
-        AuthenticationResult result;
         try
         {
-            result = httpAuth.getAuthenticationResult( request, response );
+            AuthenticationResult result = httpAuth.getAuthenticationResult( 
request, response );
 
-            if ( !result.isAuthenticated() )
+            if ( ( result != null ) && !result.isAuthenticated() )
             {
                 // Must Authenticate.
                 httpAuth.challenge( request, response, "Repository " + 
repoconfig.getName(),
                                     new AuthenticationException( "User 
Credentials Invalid" ) );
                 return;
             }
+
         }
         catch ( AuthenticationException e )
         {
@@ -178,10 +178,16 @@
                 permission = ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD;
             }
             
-            boolean isAuthorized = securitySystem.isAuthorized( 
securitySession, permission, repoconfig.getId() );
-
-            if ( !isAuthorized )
+            AuthorizationResult authzResult = securitySystem
+                .authorize( securitySession, permission, repoconfig.getId() );
+             
+            if ( !authzResult.isAuthorized() )
             {
+                if ( authzResult.getException() != null )
+                {
+                    getLogger().warn( "Authorization Denied", 
authzResult.getException() );
+                }
+                
                 // Issue HTTP Challenge.
                 httpAuth.challenge( request, response, "Repository " + 
repoconfig.getName(),
                                     new AuthenticationException( 
"Authorization Denied." ) );

Reply via email to