fix unit test
Project: http://git-wip-us.apache.org/repos/asf/archiva-redback-core/repo Commit: http://git-wip-us.apache.org/repos/asf/archiva-redback-core/commit/8bdcfbb8 Tree: http://git-wip-us.apache.org/repos/asf/archiva-redback-core/tree/8bdcfbb8 Diff: http://git-wip-us.apache.org/repos/asf/archiva-redback-core/diff/8bdcfbb8 Branch: refs/heads/master Commit: 8bdcfbb8a0ceeed657a2a0c90797ab309948176e Parents: 5bf9065 Author: Olivier Lamy <[email protected]> Authored: Fri Jan 30 12:02:30 2015 +1100 Committer: Olivier Lamy <[email protected]> Committed: Thu Feb 5 21:35:04 2015 +1100 ---------------------------------------------------------------------- .../redback-rest/redback-rest-services/pom.xml | 4 +- .../interceptors/AuthenticationInterceptor.java | 8 +--- .../interceptors/PermissionsInterceptor.java | 45 +++++++++++++++++--- .../rest/services/AbstractRestServicesTest.java | 13 ++++-- 4 files changed, 51 insertions(+), 19 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/archiva-redback-core/blob/8bdcfbb8/redback-integrations/redback-rest/redback-rest-services/pom.xml ---------------------------------------------------------------------- diff --git a/redback-integrations/redback-rest/redback-rest-services/pom.xml b/redback-integrations/redback-rest/redback-rest-services/pom.xml index 013db29..5bd18df 100644 --- a/redback-integrations/redback-rest/redback-rest-services/pom.xml +++ b/redback-integrations/redback-rest/redback-rest-services/pom.xml @@ -32,7 +32,8 @@ <name>Redback :: Integration :: REST :: Services</name> <properties> - <tomcatVersion>7.0.54</tomcatVersion> + <tomcatVersion>7.0.57</tomcatVersion> + <rest.test.timeout>1000000</rest.test.timeout> </properties> <dependencies> @@ -276,6 +277,7 @@ <redback.jdbc.url>${redbackTestJdbcUrl}</redback.jdbc.url> <redback.jdbc.driver.name>${redbackTestJdbcDriver}</redback.jdbc.driver.name> <ldapPort>${ldapPort}</ldapPort> + <rest.test.timeout>${rest.test.timeout}</rest.test.timeout> </systemPropertyVariables> </configuration> </plugin> http://git-wip-us.apache.org/repos/asf/archiva-redback-core/blob/8bdcfbb8/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/AuthenticationInterceptor.java ---------------------------------------------------------------------- diff --git a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/AuthenticationInterceptor.java b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/AuthenticationInterceptor.java index 8074f75..8489aef 100644 --- a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/AuthenticationInterceptor.java +++ b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/AuthenticationInterceptor.java @@ -156,29 +156,23 @@ public class AuthenticationInterceptor catch ( UserNotFoundException e ) { log.debug( "UserNotFoundException for path {}", message.get( Message.REQUEST_URI ) ); - containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() ); } catch ( AccountLockedException e ) { log.debug( "account locked for path {}", message.get( Message.REQUEST_URI ) ); - containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() ); - } catch ( MustChangePasswordException e ) { log.debug( "must change password for path {}", message.get( Message.REQUEST_URI ) ); - containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() ); - } catch ( AuthenticationException e ) { log.debug( "failed to authenticate for path {}", message.get( Message.REQUEST_URI ) ); - containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() ); } catch ( UserManagerException e ) { log.debug( "UserManagerException: {} for path", e.getMessage(), message.get( Message.REQUEST_URI ) ); - containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() ); } + containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() ); } } http://git-wip-us.apache.org/repos/asf/archiva-redback-core/blob/8bdcfbb8/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/PermissionsInterceptor.java ---------------------------------------------------------------------- diff --git a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/PermissionsInterceptor.java b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/PermissionsInterceptor.java index ae5b6ca..be877db 100644 --- a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/PermissionsInterceptor.java +++ b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/PermissionsInterceptor.java @@ -19,10 +19,13 @@ package org.apache.archiva.redback.rest.services.interceptors; * under the License. */ +import org.apache.archiva.redback.authentication.AuthenticationException; import org.apache.archiva.redback.authentication.AuthenticationResult; import org.apache.archiva.redback.authorization.AuthorizationException; import org.apache.archiva.redback.authorization.RedbackAuthorization; import org.apache.archiva.redback.integration.filter.authentication.basic.HttpBasicAuthentication; +import org.apache.archiva.redback.policy.AccountLockedException; +import org.apache.archiva.redback.policy.MustChangePasswordException; import org.apache.archiva.redback.system.SecuritySession; import org.apache.archiva.redback.system.SecuritySystem; import org.apache.commons.lang.StringUtils; @@ -71,7 +74,7 @@ public class PermissionsInterceptor { if ( redbackAuthorization.noRestriction() ) { - // we are fine this services is marked as non restrictive acces + // we are fine this services is marked as non restrictive access return; } String[] permissions = redbackAuthorization.permissions(); @@ -80,8 +83,32 @@ public class PermissionsInterceptor permissions[0] ) ) ) { HttpServletRequest request = getHttpServletRequest( message ); - SecuritySession session = httpAuthenticator.getSecuritySession( request.getSession() ); + SecuritySession securitySession = httpAuthenticator.getSecuritySession( request.getSession( true ) ); AuthenticationResult authenticationResult = message.get( AuthenticationResult.class ); + + if ( authenticationResult == null ) + { + try + { + authenticationResult = httpAuthenticator.getAuthenticationResult( request, getHttpServletResponse( message ) ); + } + catch ( AuthenticationException e ) + { + log.debug( "failed to authenticate for path {}", message.get( Message.REQUEST_URI ) ); + containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() ); + } + catch ( AccountLockedException e ) + { + log.debug( "account locked for path {}", message.get( Message.REQUEST_URI ) ); + containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() ); + } + catch ( MustChangePasswordException e ) + { + log.debug( "must change password for path {}", message.get( Message.REQUEST_URI ) ); + containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() ); + } + } + if ( authenticationResult != null && authenticationResult.isAuthenticated() ) { for ( String permission : permissions ) @@ -92,7 +119,7 @@ public class PermissionsInterceptor } try { - if ( securitySystem.isAuthorized( session, permission, + if ( securitySystem.isAuthorized( securitySession, permission, StringUtils.isBlank( redbackAuthorization.resource() ) ? null : redbackAuthorization.resource() ) ) @@ -101,8 +128,12 @@ public class PermissionsInterceptor } else { - log.debug( "user {} not authorized for permission {}", session.getUser().getUsername(), - permission ); + if ( securitySession != null && securitySession.getUser() != null ) + { + log.debug( "user {} not authorized for permission {}", // + securitySession.getUser().getUsername(), // + permission ); + } } } catch ( AuthorizationException e ) @@ -116,9 +147,9 @@ public class PermissionsInterceptor } else { - if ( session != null && session.getUser() != null ) + if ( securitySession != null && securitySession.getUser() != null ) { - log.debug( "user {} not authenticated", session.getUser().getUsername() ); + log.debug( "user {} not authenticated", securitySession.getUser().getUsername() ); } } } http://git-wip-us.apache.org/repos/asf/archiva-redback-core/blob/8bdcfbb8/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/AbstractRestServicesTest.java ---------------------------------------------------------------------- diff --git a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/AbstractRestServicesTest.java b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/AbstractRestServicesTest.java index 5918fe8..b0240c5 100644 --- a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/AbstractRestServicesTest.java +++ b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/AbstractRestServicesTest.java @@ -62,6 +62,11 @@ public abstract class AbstractRestServicesTest public String authorizationHeader = getAdminAuthzHeader(); + public long getTimeout() + { + return Long.getLong( "rest.test.timeout", 1000000 ); + } + public static String encode( String uid, String password ) { return "Basic " + Base64Utility.encode( ( uid + ":" + password ).getBytes() ); @@ -159,7 +164,7 @@ public abstract class AbstractRestServicesTest UserService.class, Collections.singletonList( new JacksonJaxbJsonProvider() ) ); // time out for debuging purpose - WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( 100000 ); + WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( getTimeout() ); if ( authzHeader != null ) { @@ -180,7 +185,7 @@ public abstract class AbstractRestServicesTest Collections.singletonList( new JacksonJaxbJsonProvider() ) ); // for debuging purpose - WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( 100000 ); + WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( getTimeout() ); if ( authzHeader != null ) { @@ -200,7 +205,7 @@ public abstract class AbstractRestServicesTest LoginService.class, Collections.singletonList( new JacksonJaxbJsonProvider() ) ); // for debuging purpose - WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( 100000 ); + WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( getTimeout() ); if ( authzHeader != null ) { @@ -222,7 +227,7 @@ public abstract class AbstractRestServicesTest Collections.singletonList( new JacksonJaxbJsonProvider() ) ); // for debuging purpose - WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( 100000 ); + WebClient.getConfig( service ).getHttpConduit().getClient().setReceiveTimeout( getTimeout() ); if ( authzHeader != null ) {
