Repository: archiva-redback-core Updated Branches: refs/heads/master 3791ad83d -> 47cd662af
cxf upgrade to 3.0.3 Project: http://git-wip-us.apache.org/repos/asf/archiva-redback-core/repo Commit: http://git-wip-us.apache.org/repos/asf/archiva-redback-core/commit/5bf9065c Tree: http://git-wip-us.apache.org/repos/asf/archiva-redback-core/tree/5bf9065c Diff: http://git-wip-us.apache.org/repos/asf/archiva-redback-core/diff/5bf9065c Branch: refs/heads/master Commit: 5bf9065c2ffd0081ac55237a897f8ac7e38b1523 Parents: 3791ad8 Author: Olivier Lamy <[email protected]> Authored: Thu Jan 29 22:13:22 2015 +1100 Committer: Olivier Lamy <[email protected]> Committed: Thu Feb 5 21:35:03 2015 +1100 ---------------------------------------------------------------------- pom.xml | 36 ++++++++++++------- .../redback-common-integrations/pom.xml | 1 - .../redback-rest/redback-rest-api/pom.xml | 8 +---- .../redback-rest/redback-rest-services/pom.xml | 36 ++++++++++--------- .../interceptors/AuthenticationInterceptor.java | 32 ++++++++++------- .../interceptors/PermissionsInterceptor.java | 38 ++++++++++++-------- .../services/RoleManagementServiceTest.java | 16 ++++----- .../redback/rest/services/UserServiceTest.java | 21 ++++++----- 8 files changed, 107 insertions(+), 81 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/archiva-redback-core/blob/5bf9065c/pom.xml ---------------------------------------------------------------------- diff --git a/pom.xml b/pom.xml index 2e46d8a..45a52f3 100644 --- a/pom.xml +++ b/pom.xml @@ -76,7 +76,7 @@ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> <gpg.useagent>true</gpg.useagent> - <cxfVersion>2.6.15</cxfVersion> + <cxf.version>3.0.3</cxf.version> <!-- <redbackTestJdbcUrl>jdbc:derby:memory:users-test;create=true</redbackTestJdbcUrl> <redbackTestJdbcDriver>org.apache.derby.jdbc.EmbeddedDriver</redbackTestJdbcDriver> @@ -632,19 +632,29 @@ </dependency> <dependency> <groupId>org.apache.cxf</groupId> - <artifactId>cxf-bundle-jaxrs</artifactId> - <version>${cxfVersion}</version> - <exclusions> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-server</artifactId> - </exclusion> - <exclusion> - <groupId>org.codehaus.jettison</groupId> - <artifactId>jettison</artifactId> - </exclusion> - </exclusions> + <artifactId>cxf-rt-frontend-jaxrs</artifactId> + <version>${cxf.version}</version> + </dependency> + + <dependency> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-rt-rs-client</artifactId> + <version>${cxf.version}</version> + </dependency> + + <dependency> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-rt-rs-extension-providers</artifactId> + <version>${cxf.version}</version> </dependency> + + <dependency> + <groupId>javax.mail</groupId> + <artifactId>mail</artifactId> + <version>1.4</version> + <scope>provided</scope> + </dependency> + <dependency> <groupId>org.apache.velocity</groupId> <artifactId>velocity</artifactId> http://git-wip-us.apache.org/repos/asf/archiva-redback-core/blob/5bf9065c/redback-integrations/redback-common-integrations/pom.xml ---------------------------------------------------------------------- diff --git a/redback-integrations/redback-common-integrations/pom.xml b/redback-integrations/redback-common-integrations/pom.xml index 004843c..5cdb42c 100644 --- a/redback-integrations/redback-common-integrations/pom.xml +++ b/redback-integrations/redback-common-integrations/pom.xml @@ -114,7 +114,6 @@ <dependency> <groupId>javax.mail</groupId> <artifactId>mail</artifactId> - <version>1.4</version> <scope>provided</scope> </dependency> <dependency> http://git-wip-us.apache.org/repos/asf/archiva-redback-core/blob/5bf9065c/redback-integrations/redback-rest/redback-rest-api/pom.xml ---------------------------------------------------------------------- diff --git a/redback-integrations/redback-rest/redback-rest-api/pom.xml b/redback-integrations/redback-rest/redback-rest-api/pom.xml index 153c41f..f717ad1 100644 --- a/redback-integrations/redback-rest/redback-rest-api/pom.xml +++ b/redback-integrations/redback-rest/redback-rest-api/pom.xml @@ -56,13 +56,7 @@ <!-- normally not needed but here for wadl feature currently in cxf --> <dependency> <groupId>org.apache.cxf</groupId> - <artifactId>cxf-bundle-jaxrs</artifactId> - <exclusions> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-server</artifactId> - </exclusion> - </exclusions> + <artifactId>cxf-rt-frontend-jaxrs</artifactId> </dependency> </dependencies> http://git-wip-us.apache.org/repos/asf/archiva-redback-core/blob/5bf9065c/redback-integrations/redback-rest/redback-rest-services/pom.xml ---------------------------------------------------------------------- diff --git a/redback-integrations/redback-rest/redback-rest-services/pom.xml b/redback-integrations/redback-rest/redback-rest-services/pom.xml index ccaf2c5..013db29 100644 --- a/redback-integrations/redback-rest/redback-rest-services/pom.xml +++ b/redback-integrations/redback-rest/redback-rest-services/pom.xml @@ -82,22 +82,26 @@ </dependency> <dependency> <groupId>org.apache.cxf</groupId> - <artifactId>cxf-bundle-jaxrs</artifactId> - <exclusions> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-server</artifactId> - </exclusion> - <exclusion> - <groupId>org.apache.geronimo.specs</groupId> - <artifactId>geronimo-servlet_2.5_spec</artifactId> - </exclusion> - <exclusion> - <groupId>org.codehaus.jettison</groupId> - <artifactId>jettison</artifactId> - </exclusion> - </exclusions> + <artifactId>cxf-rt-frontend-jaxrs</artifactId> </dependency> + + <dependency> + <groupId>javax.mail</groupId> + <artifactId>mail</artifactId> + <scope>provided</scope> + </dependency> + + <dependency> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-rt-rs-client</artifactId> + <scope>test</scope> + </dependency> + + <dependency> + <groupId>org.apache.cxf</groupId> + <artifactId>cxf-rt-rs-extension-providers</artifactId> + </dependency> + <dependency> <groupId>javax.ws.rs</groupId> <artifactId>jsr311-api</artifactId> @@ -232,7 +236,7 @@ org.apache.archiva.redback.users;version=${project.version}, org.apache.commons.io;version="[1.4,2)", org.apache.commons.lang;version="[2.6,3)", - org.apache.cxf*;version="[2.6,3)", + org.apache.cxf*;version="[3.0.3)", com.fasterxml.jackson.databind;version="[2.2,3)", org.codehaus.plexus.util;version="[3,4)", org.springframework*;version="[3,4)", http://git-wip-us.apache.org/repos/asf/archiva-redback-core/blob/5bf9065c/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/AuthenticationInterceptor.java ---------------------------------------------------------------------- diff --git a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/AuthenticationInterceptor.java b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/AuthenticationInterceptor.java index b839045..8074f75 100644 --- a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/AuthenticationInterceptor.java +++ b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/AuthenticationInterceptor.java @@ -34,8 +34,7 @@ import org.apache.archiva.redback.users.User; import org.apache.archiva.redback.users.UserManager; import org.apache.archiva.redback.users.UserManagerException; import org.apache.archiva.redback.users.UserNotFoundException; -import org.apache.cxf.jaxrs.ext.RequestHandler; -import org.apache.cxf.jaxrs.model.ClassResourceInfo; +import org.apache.cxf.jaxrs.utils.JAXRSUtils; import org.apache.cxf.message.Message; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -45,7 +44,10 @@ import javax.inject.Inject; import javax.inject.Named; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.ws.rs.container.ContainerRequestContext; +import javax.ws.rs.container.ContainerRequestFilter; import javax.ws.rs.core.Response; +import javax.ws.rs.ext.Provider; /** * This interceptor will check if the user is already logged in the session. @@ -56,9 +58,10 @@ import javax.ws.rs.core.Response; * @since 1.3 */ @Service("authenticationInterceptor#rest") +@Provider public class AuthenticationInterceptor extends AbstractInterceptor - implements RequestHandler + implements ContainerRequestFilter { @Inject @Named(value = "userManager#default") @@ -70,9 +73,11 @@ public class AuthenticationInterceptor private Logger log = LoggerFactory.getLogger( getClass() ); - public Response handleRequest( Message message, ClassResourceInfo classResourceInfo ) + public void filter( ContainerRequestContext containerRequestContext ) { + Message message = JAXRSUtils.getCurrentMessage(); + RedbackAuthorization redbackAuthorization = getRedbackAuthorization( message ); if ( redbackAuthorization == null ) { @@ -80,7 +85,8 @@ public class AuthenticationInterceptor message.get( Message.REQUEST_URI ) ); // here we failed to authenticate so 403 as there is no detail on karma for this // it must be marked as it's exposed - return Response.status( Response.Status.FORBIDDEN ).build(); + containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() ); + return; } HttpServletRequest request = getHttpServletRequest( message ); HttpServletResponse response = getHttpServletResponse( message ); @@ -107,7 +113,7 @@ public class AuthenticationInterceptor if ( ( authenticationResult == null ) || ( !authenticationResult.isAuthenticated() ) ) { - return null; + return; } User user = authenticationResult.getUser() == null ? userManager.findUser( @@ -123,7 +129,7 @@ public class AuthenticationInterceptor // ignore here } } - return null; + return; } try @@ -145,34 +151,34 @@ public class AuthenticationInterceptor RedbackAuthenticationThreadLocal.set( redbackRequestInformation ); message.put( AuthenticationResult.class, authenticationResult ); - return null; + return; } catch ( UserNotFoundException e ) { log.debug( "UserNotFoundException for path {}", message.get( Message.REQUEST_URI ) ); - return Response.status( Response.Status.FORBIDDEN ).build(); + containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() ); } catch ( AccountLockedException e ) { log.debug( "account locked for path {}", message.get( Message.REQUEST_URI ) ); - return Response.status( Response.Status.FORBIDDEN ).build(); + containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() ); } catch ( MustChangePasswordException e ) { log.debug( "must change password for path {}", message.get( Message.REQUEST_URI ) ); - return Response.status( Response.Status.FORBIDDEN ).build(); + containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() ); } catch ( AuthenticationException e ) { log.debug( "failed to authenticate for path {}", message.get( Message.REQUEST_URI ) ); - return Response.status( Response.Status.FORBIDDEN ).build(); + containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() ); } catch ( UserManagerException e ) { log.debug( "UserManagerException: {} for path", e.getMessage(), message.get( Message.REQUEST_URI ) ); - return Response.status( Response.Status.FORBIDDEN ).build(); + containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() ); } } } http://git-wip-us.apache.org/repos/asf/archiva-redback-core/blob/5bf9065c/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/PermissionsInterceptor.java ---------------------------------------------------------------------- diff --git a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/PermissionsInterceptor.java b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/PermissionsInterceptor.java index a55b07f..ae5b6ca 100644 --- a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/PermissionsInterceptor.java +++ b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/PermissionsInterceptor.java @@ -26,8 +26,7 @@ import org.apache.archiva.redback.integration.filter.authentication.basic.HttpBa import org.apache.archiva.redback.system.SecuritySession; import org.apache.archiva.redback.system.SecuritySystem; import org.apache.commons.lang.StringUtils; -import org.apache.cxf.jaxrs.ext.RequestHandler; -import org.apache.cxf.jaxrs.model.ClassResourceInfo; +import org.apache.cxf.jaxrs.utils.JAXRSUtils; import org.apache.cxf.message.Message; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -36,30 +35,36 @@ import org.springframework.stereotype.Service; import javax.inject.Inject; import javax.inject.Named; import javax.servlet.http.HttpServletRequest; +import javax.ws.rs.container.ContainerRequestContext; +import javax.ws.rs.container.ContainerRequestFilter; import javax.ws.rs.core.Response; +import javax.ws.rs.ext.Provider; /** * @author Olivier Lamy * @since 1.3 */ -@Service ("permissionInterceptor#rest") +@Service( "permissionInterceptor#rest" ) +@Provider public class PermissionsInterceptor extends AbstractInterceptor - implements RequestHandler + implements ContainerRequestFilter { @Inject - @Named (value = "securitySystem") + @Named( value = "securitySystem" ) private SecuritySystem securitySystem; @Inject - @Named (value = "httpAuthenticator#basic") + @Named( value = "httpAuthenticator#basic" ) private HttpBasicAuthentication httpAuthenticator; private Logger log = LoggerFactory.getLogger( getClass() ); - public Response handleRequest( Message message, ClassResourceInfo classResourceInfo ) + public void filter( ContainerRequestContext containerRequestContext ) { + Message message = JAXRSUtils.getCurrentMessage(); + RedbackAuthorization redbackAuthorization = getRedbackAuthorization( message ); if ( redbackAuthorization != null ) @@ -67,7 +72,7 @@ public class PermissionsInterceptor if ( redbackAuthorization.noRestriction() ) { // we are fine this services is marked as non restrictive acces - return null; + return; } String[] permissions = redbackAuthorization.permissions(); //olamy: no value is an array with an empty String @@ -92,7 +97,7 @@ public class PermissionsInterceptor ? null : redbackAuthorization.resource() ) ) { - return null; + return; } else { @@ -103,14 +108,18 @@ public class PermissionsInterceptor catch ( AuthorizationException e ) { log.debug( e.getMessage(), e ); - return Response.status( Response.Status.FORBIDDEN ).build(); + containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() ); + return; } } } else { - log.debug( "user {} not authenticated", session.getUser().getUsername() ); + if ( session != null && session.getUser() != null ) + { + log.debug( "user {} not authenticated", session.getUser().getUsername() ); + } } } else @@ -118,15 +127,16 @@ public class PermissionsInterceptor if ( redbackAuthorization.noPermission() ) { log.debug( "path {} doesn't need special permission", message.get( Message.REQUEST_URI ) ); - return null; + return; } - return Response.status( Response.Status.FORBIDDEN ).build(); + containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() ); + return; } } log.warn( "http path {} doesn't contain any informations regarding permissions ", message.get( Message.REQUEST_URI ) ); // here we failed to authenticate so 403 as there is no detail on karma for this // it must be marked as it's exposed - return Response.status( Response.Status.FORBIDDEN ).build(); + containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() ); } } http://git-wip-us.apache.org/repos/asf/archiva-redback-core/blob/5bf9065c/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/RoleManagementServiceTest.java ---------------------------------------------------------------------- diff --git a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/RoleManagementServiceTest.java b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/RoleManagementServiceTest.java index 89d9663..1926314 100644 --- a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/RoleManagementServiceTest.java +++ b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/RoleManagementServiceTest.java @@ -18,15 +18,15 @@ package org.apache.archiva.redback.rest.services; * under the License. */ -import org.apache.commons.lang.StringUtils; -import org.apache.cxf.jaxrs.client.ServerWebApplicationException; import org.apache.archiva.redback.rest.api.model.ApplicationRoles; import org.apache.archiva.redback.rest.api.model.Role; import org.apache.archiva.redback.rest.api.model.User; import org.apache.archiva.redback.rest.api.services.RoleManagementService; import org.apache.archiva.redback.rest.api.services.UserService; +import org.apache.commons.lang.StringUtils; import org.junit.Test; +import javax.ws.rs.ForbiddenException; import java.util.Arrays; import java.util.Collections; import java.util.List; @@ -47,7 +47,7 @@ public class RoleManagementServiceTest assertFalse( getRoleManagementService( authorizationHeader ).roleExists( "foo" ) ); } - @Test( expected = ServerWebApplicationException.class ) + @Test( expected = ForbiddenException.class ) public void roleExistBadAuthz() throws Exception { @@ -55,9 +55,9 @@ public class RoleManagementServiceTest { assertTrue( getRoleManagementService( null ).roleExists( "guest" ) ); } - catch ( ServerWebApplicationException e ) + catch ( ForbiddenException e ) { - assertEquals( 403, e.getStatus() ); + assertEquals( 403, e.getResponse().getStatus() ); throw e; } } @@ -85,9 +85,10 @@ public class RoleManagementServiceTest getUserService( encode( "toto", "foo123" ) ).getUsers(); fail( "should fail with 403" ); } - catch ( ServerWebApplicationException e ) + catch ( ForbiddenException e ) { - assertEquals( 403, e.getStatus() ); + assertEquals( 403, e.getResponse().getStatus() ); + } @@ -193,7 +194,6 @@ public class RoleManagementServiceTest { RoleManagementService roleManagementService = getRoleManagementService( authorizationHeader ); - List<Role> allRoles = roleManagementService.getAllRoles(); assertNotNull( allRoles ); http://git-wip-us.apache.org/repos/asf/archiva-redback-core/blob/5bf9065c/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/UserServiceTest.java ---------------------------------------------------------------------- diff --git a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/UserServiceTest.java b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/UserServiceTest.java index 6481d0d..629e8fc 100644 --- a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/UserServiceTest.java +++ b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/UserServiceTest.java @@ -29,16 +29,17 @@ import org.apache.archiva.redback.rest.api.services.UserService; import org.apache.archiva.redback.rest.services.mock.EmailMessage; import org.apache.archiva.redback.rest.services.mock.ServicesAssert; import org.apache.cxf.jaxrs.client.JAXRSClientFactory; -import org.apache.cxf.jaxrs.client.ServerWebApplicationException; import org.apache.cxf.jaxrs.client.WebClient; -import static org.assertj.core.api.Assertions.assertThat; import org.junit.Test; +import javax.ws.rs.ForbiddenException; import javax.ws.rs.core.MediaType; import java.util.Collection; import java.util.Collections; import java.util.List; +import static org.assertj.core.api.Assertions.assertThat; + /** * @author Olivier Lamy @@ -69,7 +70,7 @@ public class UserServiceTest assertFalse( users.isEmpty() ); } - @Test( expected = ServerWebApplicationException.class ) + @Test( expected = ForbiddenException.class ) public void getUsersWithoutAuthz() throws Exception { @@ -78,9 +79,9 @@ public class UserServiceTest { userService.getUsers(); } - catch ( ServerWebApplicationException e ) + catch ( ForbiddenException e ) { - assertEquals( 403, e.getStatus() ); + assertEquals( 403, e.getResponse().getStatus() ); throw e; } @@ -95,9 +96,10 @@ public class UserServiceTest { getFakeCreateAdminService().testAuthzWithoutKarmasNeededButAuthz(); } - catch ( ServerWebApplicationException e ) + catch ( ForbiddenException e ) { - assertEquals( 403, e.getStatus() ); + assertEquals( 403, e.getResponse().getStatus() ); + throw e; } } @@ -115,9 +117,10 @@ public class UserServiceTest assertTrue( service.testAuthzWithoutKarmasNeededButAuthz().booleanValue() ); } - catch ( ServerWebApplicationException e ) + catch ( ForbiddenException e ) { - assertEquals( 403, e.getStatus() ); + assertEquals( 403, e.getResponse().getStatus() ); + throw e; } }
