Author: degenaro Date: Tue Sep 20 14:00:23 2016 New Revision: 1761580 URL: http://svn.apache.org/viewvc?rev=1761580&view=rev Log: UIMA-5114 DUCC WebServer (WS) needs better user validation for login
Added: uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/utils/commands/ uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/utils/commands/CmdId.java (with props) Modified: uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/server/DuccHandlerUserAuthentication.java Modified: uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/server/DuccHandlerUserAuthentication.java URL: http://svn.apache.org/viewvc/uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/server/DuccHandlerUserAuthentication.java?rev=1761580&r1=1761579&r2=1761580&view=diff ============================================================================== --- uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/server/DuccHandlerUserAuthentication.java (original) +++ uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/server/DuccHandlerUserAuthentication.java Tue Sep 20 14:00:23 2016 @@ -32,6 +32,7 @@ import org.apache.uima.ducc.common.utils import org.apache.uima.ducc.common.utils.DuccLoggerComponents; import org.apache.uima.ducc.common.utils.id.DuccId; import org.apache.uima.ducc.ws.authentication.DuccAuthenticator; +import org.apache.uima.ducc.ws.utils.commands.CmdId; import org.eclipse.jetty.server.Request; public class DuccHandlerUserAuthentication extends DuccAbstractHandler { @@ -48,6 +49,8 @@ public class DuccHandlerUserAuthenticati private DuccWebSessionManager duccWebSessionManager = DuccWebSessionManager.getInstance(); + private CmdId cmdId = new CmdId(); + public DuccHandlerUserAuthentication() { } @@ -112,6 +115,35 @@ public class DuccHandlerUserAuthenticati duccLogger.trace(methodName, jobid, messages.fetch("exit")); } + // check if userid is missing (true) or specified (false) + private boolean isLinuxUserMissing(String userId) { + boolean retVal = false; // presume userid is specified + if((userId == null) || (userId.trim().length() == 0)) { + retVal = true; // userid is missing + } + return retVal; + } + + // check if userid is invalid (true) or valid (false) to Linux! + + private boolean isLinuxUserInvalid(String userId) { + boolean retVal = true; // presume userid is invalid + String[] args = { userId }; + String result = cmdId.runnit(args); + if(result != null) { + String[] resultParts = result.split(" "); + if(resultParts.length > 0) { + String useridPart = resultParts[0]; + if(useridPart != null) { + if(useridPart.contains("("+userId+")")) { + retVal = false; // userid is valid + } + } + } + } + return retVal; + } + private void handleDuccServletLogin(String target,Request baseRequest,HttpServletRequest request,HttpServletResponse response) throws IOException, ServletException { @@ -141,8 +173,12 @@ public class DuccHandlerUserAuthenticati } if(sb.length() == 0) { try { - if((userId == null) || (userId.trim().length() == 0)) { - duccLogger.info(methodName, jobid, messages.fetch("login ")+userId+" "+messages.fetch("failed")); + if(isLinuxUserMissing(userId)) { + duccLogger.info(methodName, jobid, messages.fetch("login ")+userId+" "+messages.fetch("failed: user missing")); + sb.append("failure"); + } + if(isLinuxUserInvalid(userId)) { + duccLogger.info(methodName, jobid, messages.fetch("login ")+userId+" "+messages.fetch("failed: user invalid")); sb.append("failure"); } else if(duccAuthenticator.isPasswordChecked() && (((password == null) || (password.trim().length() == 0)))) { Added: uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/utils/commands/CmdId.java URL: http://svn.apache.org/viewvc/uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/utils/commands/CmdId.java?rev=1761580&view=auto ============================================================================== --- uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/utils/commands/CmdId.java (added) +++ uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/utils/commands/CmdId.java Tue Sep 20 14:00:23 2016 @@ -0,0 +1,123 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. +*/ +package org.apache.uima.ducc.ws.utils.commands; + +import java.io.BufferedReader; +import java.io.InputStream; +import java.io.InputStreamReader; +import java.util.ArrayList; +import java.util.List; + +import org.apache.uima.ducc.common.utils.DuccLogger; +import org.apache.uima.ducc.common.utils.DuccLoggerComponents; +import org.apache.uima.ducc.common.utils.id.DuccId; + +/** + * Issue /usr/bin/id <userid> and return results + */ +public class CmdId { + + private static String command = "/usr/bin/id"; + + private DuccLogger logger = null; + private DuccId jobid = null; + + // constructors + + public CmdId() { + init(true); // use logger, by default + } + + public CmdId(boolean useLogger) { + init(useLogger); // use logger or not, by choice + } + + // set use of logger or console + + private void init(boolean useLogger) { + if(useLogger) { + logger = DuccLoggerComponents.getWsLogger(CmdId.class.getName()); + } + } + + // use logger or console? + + private boolean isUseLogger() { + return logger != null; + } + + // run id command and return result + + public String runnit(String[] args) { + String location = "runCommand"; + String retVal = null; + try { + List<String> commandList = new ArrayList<String>(); + commandList.add(command); + String[] commandArray = commandList.toArray(new String[0]); + ProcessBuilder pb = new ProcessBuilder( commandArray ); + Process p = pb.start(); + //p.waitFor(); + InputStream pOut = p.getInputStream(); + InputStreamReader isr = new InputStreamReader(pOut); + BufferedReader br = new BufferedReader(isr); + String line; + StringBuffer sb = new StringBuffer(); + while ((line = br.readLine()) != null) { + sb.append(line); + debug(location, line); + } + retVal = sb.toString(); + } + catch(Exception e) { + error(location, e); + } + return retVal; + } + + // log result to logger or console when debugging + + private void debug(String location, String s) { + if(isUseLogger()) { + logger.debug(location, jobid, s); + } + else { + System.out.println(s); + } + } + + // log exception to logger or console + + private void error(String location, Exception e) { + if(isUseLogger()) { + logger.error(location, jobid, e); + } + else { + e.printStackTrace(); + } + } + + // process command line invocation + + public static void main(String[] args) { + CmdId id = new CmdId(false); + id.runnit(args); + } + +} Propchange: uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/utils/commands/CmdId.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: uima/uima-ducc/trunk/uima-ducc-web/src/main/java/org/apache/uima/ducc/ws/utils/commands/CmdId.java ------------------------------------------------------------------------------ svn:mime-type = text/plain