Author: degenaro
Date: Tue Sep 20 14:00:23 2016
New Revision: 1761580
URL: http://svn.apache.org/viewvc?rev=1761580&view=rev
Log:
UIMA-5114 DUCC WebServer (WS) needs better user validation for login
Added:
uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/utils/commands/
uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/utils/commands/CmdId.java
(with props)
Modified:
uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/server/DuccHandlerUserAuthentication.java
Modified:
uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/server/DuccHandlerUserAuthentication.java
URL:
http://svn.apache.org/viewvc/uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/server/DuccHandlerUserAuthentication.java?rev=1761580&r1=1761579&r2=1761580&view=diff
==============================================================================
---
uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/server/DuccHandlerUserAuthentication.java
(original)
+++
uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/server/DuccHandlerUserAuthentication.java
Tue Sep 20 14:00:23 2016
@@ -32,6 +32,7 @@ import org.apache.uima.ducc.common.utils
import org.apache.uima.ducc.common.utils.DuccLoggerComponents;
import org.apache.uima.ducc.common.utils.id.DuccId;
import org.apache.uima.ducc.ws.authentication.DuccAuthenticator;
+import org.apache.uima.ducc.ws.utils.commands.CmdId;
import org.eclipse.jetty.server.Request;
public class DuccHandlerUserAuthentication extends DuccAbstractHandler {
@@ -48,6 +49,8 @@ public class DuccHandlerUserAuthenticati
private DuccWebSessionManager duccWebSessionManager =
DuccWebSessionManager.getInstance();
+ private CmdId cmdId = new CmdId();
+
public DuccHandlerUserAuthentication() {
}
@@ -112,6 +115,35 @@ public class DuccHandlerUserAuthenticati
duccLogger.trace(methodName, jobid, messages.fetch("exit"));
}
+ // check if userid is missing (true) or specified (false)
+ private boolean isLinuxUserMissing(String userId) {
+ boolean retVal = false; // presume userid is specified
+ if((userId == null) || (userId.trim().length() == 0)) {
+ retVal = true; // userid is missing
+ }
+ return retVal;
+ }
+
+ // check if userid is invalid (true) or valid (false) to Linux!
+
+ private boolean isLinuxUserInvalid(String userId) {
+ boolean retVal = true; // presume userid is invalid
+ String[] args = { userId };
+ String result = cmdId.runnit(args);
+ if(result != null) {
+ String[] resultParts = result.split(" ");
+ if(resultParts.length > 0) {
+ String useridPart = resultParts[0];
+ if(useridPart != null) {
+ if(useridPart.contains("("+userId+")"))
{
+ retVal = false; // userid is
valid
+ }
+ }
+ }
+ }
+ return retVal;
+ }
+
private void handleDuccServletLogin(String target,Request
baseRequest,HttpServletRequest request,HttpServletResponse response)
throws IOException, ServletException
{
@@ -141,8 +173,12 @@ public class DuccHandlerUserAuthenticati
}
if(sb.length() == 0) {
try {
- if((userId == null) || (userId.trim().length()
== 0)) {
- duccLogger.info(methodName, jobid,
messages.fetch("login ")+userId+" "+messages.fetch("failed"));
+ if(isLinuxUserMissing(userId)) {
+ duccLogger.info(methodName, jobid,
messages.fetch("login ")+userId+" "+messages.fetch("failed: user missing"));
+ sb.append("failure");
+ }
+ if(isLinuxUserInvalid(userId)) {
+ duccLogger.info(methodName, jobid,
messages.fetch("login ")+userId+" "+messages.fetch("failed: user invalid"));
sb.append("failure");
}
else if(duccAuthenticator.isPasswordChecked()
&& (((password == null) || (password.trim().length() == 0)))) {
Added:
uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/utils/commands/CmdId.java
URL:
http://svn.apache.org/viewvc/uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/utils/commands/CmdId.java?rev=1761580&view=auto
==============================================================================
---
uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/utils/commands/CmdId.java
(added)
+++
uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/utils/commands/CmdId.java
Tue Sep 20 14:00:23 2016
@@ -0,0 +1,123 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+*/
+package org.apache.uima.ducc.ws.utils.commands;
+
+import java.io.BufferedReader;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.uima.ducc.common.utils.DuccLogger;
+import org.apache.uima.ducc.common.utils.DuccLoggerComponents;
+import org.apache.uima.ducc.common.utils.id.DuccId;
+
+/**
+ * Issue /usr/bin/id <userid> and return results
+ */
+public class CmdId {
+
+ private static String command = "/usr/bin/id";
+
+ private DuccLogger logger = null;
+ private DuccId jobid = null;
+
+ // constructors
+
+ public CmdId() {
+ init(true); // use logger, by default
+ }
+
+ public CmdId(boolean useLogger) {
+ init(useLogger); // use logger or not, by choice
+ }
+
+ // set use of logger or console
+
+ private void init(boolean useLogger) {
+ if(useLogger) {
+ logger =
DuccLoggerComponents.getWsLogger(CmdId.class.getName());
+ }
+ }
+
+ // use logger or console?
+
+ private boolean isUseLogger() {
+ return logger != null;
+ }
+
+ // run id command and return result
+
+ public String runnit(String[] args) {
+ String location = "runCommand";
+ String retVal = null;
+ try {
+ List<String> commandList = new ArrayList<String>();
+ commandList.add(command);
+ String[] commandArray = commandList.toArray(new
String[0]);
+ ProcessBuilder pb = new ProcessBuilder( commandArray );
+ Process p = pb.start();
+ //p.waitFor();
+ InputStream pOut = p.getInputStream();
+ InputStreamReader isr = new InputStreamReader(pOut);
+ BufferedReader br = new BufferedReader(isr);
+ String line;
+ StringBuffer sb = new StringBuffer();
+ while ((line = br.readLine()) != null) {
+ sb.append(line);
+ debug(location, line);
+ }
+ retVal = sb.toString();
+ }
+ catch(Exception e) {
+ error(location, e);
+ }
+ return retVal;
+ }
+
+ // log result to logger or console when debugging
+
+ private void debug(String location, String s) {
+ if(isUseLogger()) {
+ logger.debug(location, jobid, s);
+ }
+ else {
+ System.out.println(s);
+ }
+ }
+
+ // log exception to logger or console
+
+ private void error(String location, Exception e) {
+ if(isUseLogger()) {
+ logger.error(location, jobid, e);
+ }
+ else {
+ e.printStackTrace();
+ }
+ }
+
+ // process command line invocation
+
+ public static void main(String[] args) {
+ CmdId id = new CmdId(false);
+ id.runnit(args);
+ }
+
+}
Propchange:
uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/utils/commands/CmdId.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/utils/commands/CmdId.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
