From 6a3d0c3f5722e5bd39cf45ba44fe115128a46c94 Mon Sep 17 00:00:00 2001 From: rkrzewski Date: Tue, 15 Mar 2011 23:38:39 +0100 Subject: [PATCH 01/10] Updated to Nexus 1.9.0.1 and Crowd 2.0.0 --- pom.xml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pom.xml b/pom.xml index e5ee959..dd7edcb 100644 --- a/pom.xml +++ b/pom.xml @@ -4,7 +4,7 @@ org.sonatype.nexus.plugins nexus-plugins-parent - 4 + 8 nexus-crowd-plugin @@ -51,7 +51,7 @@ com.atlassian.crowd crowd-integration-client - 1.6.1 + 2.0.0 @@ -221,6 +221,6 @@ - 1.6.0 + 1.9.0.1 From 8cbafb835475189914bf3d5ad2c5566f97b85230 Mon Sep 17 00:00:00 2001 From: rkrzewski Date: Tue, 15 Mar 2011 23:41:26 +0100 Subject: [PATCH 02/10] org.jsecurity to org.apache.shiro migration --- .../crowd/CrowdAuthenticatingRealm.java | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/src/main/java/org/sonatype/nexus/jsecurity/realms/external/crowd/CrowdAuthenticatingRealm.java b/src/main/java/org/sonatype/nexus/jsecurity/realms/external/crowd/CrowdAuthenticatingRealm.java index ae9bc8a..b8aa5c1 100644 --- a/src/main/java/org/sonatype/nexus/jsecurity/realms/external/crowd/CrowdAuthenticatingRealm.java +++ b/src/main/java/org/sonatype/nexus/jsecurity/realms/external/crowd/CrowdAuthenticatingRealm.java @@ -14,23 +14,23 @@ import java.rmi.RemoteException; +import org.apache.shiro.authc.AuthenticationException; +import org.apache.shiro.authc.AuthenticationInfo; +import org.apache.shiro.authc.AuthenticationToken; +import org.apache.shiro.authc.DisabledAccountException; +import org.apache.shiro.authc.IncorrectCredentialsException; +import org.apache.shiro.authc.SimpleAuthenticationInfo; +import org.apache.shiro.authc.UsernamePasswordToken; +import org.apache.shiro.authc.pam.UnsupportedTokenException; +import org.apache.shiro.authz.AuthorizationInfo; +import org.apache.shiro.realm.AuthorizingRealm; +import org.apache.shiro.realm.Realm; +import org.apache.shiro.subject.PrincipalCollection; import org.codehaus.plexus.component.annotations.Component; import org.codehaus.plexus.component.annotations.Requirement; import org.codehaus.plexus.personality.plexus.lifecycle.phase.Disposable; import org.codehaus.plexus.personality.plexus.lifecycle.phase.Initializable; import org.codehaus.plexus.personality.plexus.lifecycle.phase.InitializationException; -import org.jsecurity.authc.AuthenticationException; -import org.jsecurity.authc.AuthenticationInfo; -import org.jsecurity.authc.AuthenticationToken; -import org.jsecurity.authc.DisabledAccountException; -import org.jsecurity.authc.IncorrectCredentialsException; -import org.jsecurity.authc.SimpleAuthenticationInfo; -import org.jsecurity.authc.UsernamePasswordToken; -import org.jsecurity.authc.pam.UnsupportedTokenException; -import org.jsecurity.authz.AuthorizationInfo; -import org.jsecurity.realm.AuthorizingRealm; -import org.jsecurity.realm.Realm; -import org.jsecurity.subject.PrincipalCollection; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.sonatype.nexus.plugins.crowd.client.CrowdClientHolder; From 8259376963dadd37b828700dc39b5e10aab429a2 Mon Sep 17 00:00:00 2001 From: rkrzewski Date: Tue, 15 Mar 2011 23:42:22 +0100 Subject: [PATCH 03/10] updated class name after update to Crowd 2.0.0 --- .../plugins/crowd/caching/CachingAuthenticationManager.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/sonatype/nexus/plugins/crowd/caching/CachingAuthenticationManager.java b/src/main/java/org/sonatype/nexus/plugins/crowd/caching/CachingAuthenticationManager.java index 5448526..86d0135 100644 --- a/src/main/java/org/sonatype/nexus/plugins/crowd/caching/CachingAuthenticationManager.java +++ b/src/main/java/org/sonatype/nexus/plugins/crowd/caching/CachingAuthenticationManager.java @@ -17,7 +17,7 @@ import java.rmi.RemoteException; -import com.atlassian.crowd.integration.authentication.PrincipalAuthenticationContext; +import com.atlassian.crowd.integration.authentication.UserAuthenticationContext; import com.atlassian.crowd.integration.authentication.ValidationFactor; import com.atlassian.crowd.integration.exception.ApplicationAccessDeniedException; import com.atlassian.crowd.integration.exception.InactiveAccountException; @@ -44,7 +44,7 @@ public CachingAuthenticationManager(SecurityServerClient securityServerClient, this.basicCache = basicCache; } - public String authenticate(PrincipalAuthenticationContext authenticationContext) + public String authenticate(UserAuthenticationContext authenticationContext) throws RemoteException, InvalidAuthorizationTokenException, InvalidAuthenticationException, InactiveAccountException, ApplicationAccessDeniedException { From d5125fbd2e4ad19328b5eb60766b703e539a66b0 Mon Sep 17 00:00:00 2001 From: rkrzewski Date: Tue, 15 Mar 2011 23:48:02 +0100 Subject: [PATCH 04/10] excluded commons-logging-api --- pom.xml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pom.xml b/pom.xml index dd7edcb..7cf21c8 100644 --- a/pom.xml +++ b/pom.xml @@ -46,6 +46,10 @@ backport-util-concurrent backport-util-concurrent + + commons-logging-api + commons-logging + From ef3a5cf6a11d60c401ab2ee325b5387b51736ff7 Mon Sep 17 00:00:00 2001 From: rkrzewski Date: Wed, 16 Mar 2011 02:19:53 +0100 Subject: [PATCH 05/10] implemented doGetAuthorizationInfo --- .../crowd/CrowdAuthenticatingRealm.java | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/src/main/java/org/sonatype/nexus/jsecurity/realms/external/crowd/CrowdAuthenticatingRealm.java b/src/main/java/org/sonatype/nexus/jsecurity/realms/external/crowd/CrowdAuthenticatingRealm.java index b8aa5c1..c4f4e45 100644 --- a/src/main/java/org/sonatype/nexus/jsecurity/realms/external/crowd/CrowdAuthenticatingRealm.java +++ b/src/main/java/org/sonatype/nexus/jsecurity/realms/external/crowd/CrowdAuthenticatingRealm.java @@ -13,6 +13,8 @@ package org.sonatype.nexus.jsecurity.realms.external.crowd; import java.rmi.RemoteException; +import java.util.HashSet; +import java.util.List; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; @@ -20,9 +22,12 @@ import org.apache.shiro.authc.DisabledAccountException; import org.apache.shiro.authc.IncorrectCredentialsException; import org.apache.shiro.authc.SimpleAuthenticationInfo; +import org.apache.shiro.authc.UnknownAccountException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.authc.pam.UnsupportedTokenException; +import org.apache.shiro.authz.AuthorizationException; import org.apache.shiro.authz.AuthorizationInfo; +import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.realm.Realm; import org.apache.shiro.subject.PrincipalCollection; @@ -39,6 +44,7 @@ import com.atlassian.crowd.integration.exception.InactiveAccountException; import com.atlassian.crowd.integration.exception.InvalidAuthenticationException; import com.atlassian.crowd.integration.exception.InvalidAuthorizationTokenException; +import com.atlassian.crowd.integration.exception.ObjectNotFoundException; @Component(role = Realm.class, hint = "Crowd") public class CrowdAuthenticatingRealm extends AuthorizingRealm implements Initializable, Disposable { @@ -101,7 +107,17 @@ protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authent @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { - return null; + String username = (String)principals.getPrimaryPrincipal(); + try { + List roles = crowdClientHolder.getNexusRoleManager().getNexusRoles(username); + return new SimpleAuthorizationInfo(new HashSet(roles)); + } catch (RemoteException e) { + throw new AuthorizationException("Could not retrieve info from Crowd.", e); + } catch (InvalidAuthorizationTokenException e) { + throw new AuthorizationException("Could not retrieve info from Crowd.", e); + } catch (ObjectNotFoundException e) { + throw new UnknownAccountException("User " + username + " not found", e); + } } } From 2d7a2e3acca6f293d4fb2c963f35cd6eb4801642 Mon Sep 17 00:00:00 2001 From: hypobyte Date: Thu, 29 Sep 2011 10:59:09 +0200 Subject: [PATCH 06/10] Upgraded to use crowd 2.3.3 and Nexus 1.9.2.3 --- pom.xml | 11 +++- .../crowd/CrowdAuthenticatingRealm.java | 35 +++++----- .../crowd/api/CrowdTestPlexusResource.java | 10 ++- .../plugins/crowd/caching/AuthBasicCache.java | 2 +- .../plugins/crowd/caching/AuthCacheImpl.java | 2 +- .../caching/CachingAuthenticationManager.java | 64 ++++++++++--------- .../client/CrowdAuthorizationManager.java | 14 ++-- .../crowd/client/CrowdClientHolder.java | 10 +-- .../crowd/client/CrowdUserManager.java | 31 +++++---- .../client/DefaultCrowdClientHolder.java | 24 +++---- .../crowd/client/DefaultNexusRoleManager.java | 24 ++++--- .../crowd/client/NexusRoleManager.java | 14 ++-- .../crowd/CrowdAuthenticatingRealmTest.java | 7 +- .../crowd/client/CrowdUserManagerTest.java | 54 ++++++++++++---- .../crowd/config/ExtraPropertiesTest.java | 2 +- 15 files changed, 181 insertions(+), 123 deletions(-) diff --git a/pom.xml b/pom.xml index 7cf21c8..1e671dd 100644 --- a/pom.xml +++ b/pom.xml @@ -55,7 +55,7 @@ com.atlassian.crowd crowd-integration-client - 2.0.0 + 2.3.3 @@ -112,6 +112,13 @@ + + + org.codehaus.xfire + xfire-aegis + 1.2.6 + runtime + com.google.code.google-collections google-collect @@ -225,6 +232,6 @@ - 1.9.0.1 + 1.9.2.3 diff --git a/src/main/java/org/sonatype/nexus/jsecurity/realms/external/crowd/CrowdAuthenticatingRealm.java b/src/main/java/org/sonatype/nexus/jsecurity/realms/external/crowd/CrowdAuthenticatingRealm.java index c4f4e45..6074ea5 100644 --- a/src/main/java/org/sonatype/nexus/jsecurity/realms/external/crowd/CrowdAuthenticatingRealm.java +++ b/src/main/java/org/sonatype/nexus/jsecurity/realms/external/crowd/CrowdAuthenticatingRealm.java @@ -40,11 +40,12 @@ import org.slf4j.LoggerFactory; import org.sonatype.nexus.plugins.crowd.client.CrowdClientHolder; -import com.atlassian.crowd.integration.exception.ApplicationAccessDeniedException; -import com.atlassian.crowd.integration.exception.InactiveAccountException; -import com.atlassian.crowd.integration.exception.InvalidAuthenticationException; -import com.atlassian.crowd.integration.exception.InvalidAuthorizationTokenException; -import com.atlassian.crowd.integration.exception.ObjectNotFoundException; +import com.atlassian.crowd.exception.ApplicationAccessDeniedException; +import com.atlassian.crowd.exception.ExpiredCredentialException; +import com.atlassian.crowd.exception.InactiveAccountException; +import com.atlassian.crowd.exception.InvalidAuthenticationException; +import com.atlassian.crowd.exception.InvalidAuthorizationTokenException; +import com.atlassian.crowd.exception.UserNotFoundException; @Component(role = Realm.class, hint = "Crowd") public class CrowdAuthenticatingRealm extends AuthorizingRealm implements Initializable, Disposable { @@ -94,15 +95,17 @@ protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authent getName()); } catch (RemoteException e) { throw new AuthenticationException("Could not retrieve info from Crowd.", e); - } catch (InvalidAuthorizationTokenException e) { - throw new AuthenticationException("Could not retrieve info from Crowd.", e); - } catch (ApplicationAccessDeniedException e) { - throw new AuthenticationException("Could not retrieve info from Crowd.", e); - } catch (InvalidAuthenticationException e) { - throw new IncorrectCredentialsException(e); } catch (InactiveAccountException e) { - throw new DisabledAccountException(e); - } + throw new DisabledAccountException(e); + } catch (ExpiredCredentialException e) { + throw new IncorrectCredentialsException(e); + } catch (InvalidAuthenticationException e) { + throw new IncorrectCredentialsException(e); + } catch (InvalidAuthorizationTokenException e) { + throw new AuthenticationException("Could not retrieve info from Crowd.", e); + } catch (ApplicationAccessDeniedException e) { + throw new AuthenticationException("Could not retrieve info from Crowd.", e); + } } @Override @@ -113,10 +116,12 @@ protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principal return new SimpleAuthorizationInfo(new HashSet(roles)); } catch (RemoteException e) { throw new AuthorizationException("Could not retrieve info from Crowd.", e); + } catch (UserNotFoundException e) { + throw new UnknownAccountException("User " + username + " not found", e); + } catch (InvalidAuthenticationException e) { + throw new IncorrectCredentialsException(e); } catch (InvalidAuthorizationTokenException e) { throw new AuthorizationException("Could not retrieve info from Crowd.", e); - } catch (ObjectNotFoundException e) { - throw new UnknownAccountException("User " + username + " not found", e); } } diff --git a/src/main/java/org/sonatype/nexus/plugins/crowd/api/CrowdTestPlexusResource.java b/src/main/java/org/sonatype/nexus/plugins/crowd/api/CrowdTestPlexusResource.java index 29fd9c0..8523f05 100644 --- a/src/main/java/org/sonatype/nexus/plugins/crowd/api/CrowdTestPlexusResource.java +++ b/src/main/java/org/sonatype/nexus/plugins/crowd/api/CrowdTestPlexusResource.java @@ -27,7 +27,8 @@ import org.sonatype.plexus.rest.resource.PathProtectionDescriptor; import org.sonatype.plexus.rest.resource.PlexusResource; -import com.atlassian.crowd.integration.exception.InvalidAuthorizationTokenException; +import com.atlassian.crowd.exception.InvalidAuthenticationException; +import com.atlassian.crowd.exception.InvalidAuthorizationTokenException; /** * Intent of this class is to enable an admin to easily test if the Crowd @@ -66,9 +67,12 @@ public Object get(Context context, Request request, Response response, Variant v } catch (RemoteException e) { throw new ResourceException(Status.SERVER_ERROR_SERVICE_UNAVAILABLE, "Unable to authenticate. Check configuration.", e); - } catch (InvalidAuthorizationTokenException e) { + } catch (InvalidAuthenticationException e) { throw new ResourceException(Status.SERVER_ERROR_SERVICE_UNAVAILABLE, "Unable to authenticate. Check configuration.", e); - } + } catch (InvalidAuthorizationTokenException e) { + throw new ResourceException(Status.SERVER_ERROR_SERVICE_UNAVAILABLE, + "Unable to authenticate. Check configuration.", e); + } } } diff --git a/src/main/java/org/sonatype/nexus/plugins/crowd/caching/AuthBasicCache.java b/src/main/java/org/sonatype/nexus/plugins/crowd/caching/AuthBasicCache.java index 5ef1b8b..6769c23 100644 --- a/src/main/java/org/sonatype/nexus/plugins/crowd/caching/AuthBasicCache.java +++ b/src/main/java/org/sonatype/nexus/plugins/crowd/caching/AuthBasicCache.java @@ -15,7 +15,7 @@ */ package org.sonatype.nexus.plugins.crowd.caching; -import com.atlassian.crowd.integration.service.cache.BasicCache; +import com.atlassian.crowd.service.cache.BasicCache; /** * Extension of Crowd's BasicCache interface to enable authentication caching. diff --git a/src/main/java/org/sonatype/nexus/plugins/crowd/caching/AuthCacheImpl.java b/src/main/java/org/sonatype/nexus/plugins/crowd/caching/AuthCacheImpl.java index 478b258..ba484cd 100644 --- a/src/main/java/org/sonatype/nexus/plugins/crowd/caching/AuthCacheImpl.java +++ b/src/main/java/org/sonatype/nexus/plugins/crowd/caching/AuthCacheImpl.java @@ -19,7 +19,7 @@ import net.sf.ehcache.CacheManager; import net.sf.ehcache.Element; -import com.atlassian.crowd.integration.service.cache.CacheImpl; +import com.atlassian.crowd.service.cache.CacheImpl; /** * Extension of Crowd CacheImpl object which supports caching of authentication diff --git a/src/main/java/org/sonatype/nexus/plugins/crowd/caching/CachingAuthenticationManager.java b/src/main/java/org/sonatype/nexus/plugins/crowd/caching/CachingAuthenticationManager.java index 86d0135..75e20d8 100644 --- a/src/main/java/org/sonatype/nexus/plugins/crowd/caching/CachingAuthenticationManager.java +++ b/src/main/java/org/sonatype/nexus/plugins/crowd/caching/CachingAuthenticationManager.java @@ -17,15 +17,16 @@ import java.rmi.RemoteException; -import com.atlassian.crowd.integration.authentication.UserAuthenticationContext; -import com.atlassian.crowd.integration.authentication.ValidationFactor; -import com.atlassian.crowd.integration.exception.ApplicationAccessDeniedException; -import com.atlassian.crowd.integration.exception.InactiveAccountException; -import com.atlassian.crowd.integration.exception.InvalidAuthenticationException; -import com.atlassian.crowd.integration.exception.InvalidAuthorizationTokenException; -import com.atlassian.crowd.integration.service.cache.AuthenticationManagerImpl; -import com.atlassian.crowd.integration.service.soap.client.SecurityServerClient; -import com.atlassian.crowd.integration.util.Assert; +import com.atlassian.crowd.exception.ApplicationAccessDeniedException; +import com.atlassian.crowd.exception.ExpiredCredentialException; +import com.atlassian.crowd.exception.InactiveAccountException; +import com.atlassian.crowd.exception.InvalidAuthenticationException; +import com.atlassian.crowd.exception.InvalidAuthorizationTokenException; +import com.atlassian.crowd.model.authentication.UserAuthenticationContext; +import com.atlassian.crowd.model.authentication.ValidationFactor; +import com.atlassian.crowd.service.cache.SimpleAuthenticationManager; +import com.atlassian.crowd.service.soap.client.SecurityServerClient; +import com.atlassian.crowd.util.Assert; /** * Implementation of Crowd client's AuthenticationManager which caches tokens @@ -34,7 +35,7 @@ * @author Justin Edelson * */ -public class CachingAuthenticationManager extends AuthenticationManagerImpl { +public class CachingAuthenticationManager extends SimpleAuthenticationManager { private AuthBasicCache basicCache; @@ -43,17 +44,18 @@ public CachingAuthenticationManager(SecurityServerClient securityServerClient, super(securityServerClient); this.basicCache = basicCache; } + + public String authenticate(UserAuthenticationContext authenticationContext) + throws RemoteException, InvalidAuthorizationTokenException, + InvalidAuthenticationException, InactiveAccountException, + ApplicationAccessDeniedException, ExpiredCredentialException { + return super.authenticate(authenticationContext); + } - public String authenticate(UserAuthenticationContext authenticationContext) - throws RemoteException, InvalidAuthorizationTokenException, - InvalidAuthenticationException, InactiveAccountException, - ApplicationAccessDeniedException { - return super.authenticate(authenticationContext); - } - - public String authenticate(String username, String password) throws RemoteException, - InvalidAuthorizationTokenException, InvalidAuthenticationException, - InactiveAccountException, ApplicationAccessDeniedException { + public String authenticate(String username, String password) + throws RemoteException, InvalidAuthorizationTokenException, + InvalidAuthenticationException, InactiveAccountException, + ApplicationAccessDeniedException, ExpiredCredentialException { Assert.notNull(username); Assert.notNull(password); @@ -63,17 +65,17 @@ public String authenticate(String username, String password) throws RemoteExcept basicCache.addOrReplaceToken(username, password, token); } return token; - } - - public void invalidate(String token) throws RemoteException, InvalidAuthorizationTokenException { - super.invalidate(token); + } - } - - public boolean isAuthenticated(String token, ValidationFactor[] validationFactors) - throws RemoteException, InvalidAuthorizationTokenException, - ApplicationAccessDeniedException { - return super.isAuthenticated(token, validationFactors); - } + public void invalidate(String token) throws RemoteException, + InvalidAuthorizationTokenException, InvalidAuthenticationException { + super.invalidate(token); + } + public boolean isAuthenticated(String token, + ValidationFactor[] validationFactors) throws RemoteException, + InvalidAuthorizationTokenException, + ApplicationAccessDeniedException, InvalidAuthenticationException { + return super.isAuthenticated(token, validationFactors); + } } diff --git a/src/main/java/org/sonatype/nexus/plugins/crowd/client/CrowdAuthorizationManager.java b/src/main/java/org/sonatype/nexus/plugins/crowd/client/CrowdAuthorizationManager.java index 72eee3b..3386aa9 100644 --- a/src/main/java/org/sonatype/nexus/plugins/crowd/client/CrowdAuthorizationManager.java +++ b/src/main/java/org/sonatype/nexus/plugins/crowd/client/CrowdAuthorizationManager.java @@ -16,8 +16,8 @@ package org.sonatype.nexus.plugins.crowd.client; import java.rmi.RemoteException; -import java.util.Set; import java.util.Collections; +import java.util.Set; import org.codehaus.plexus.component.annotations.Component; import org.codehaus.plexus.component.annotations.Requirement; @@ -30,7 +30,8 @@ import org.sonatype.security.authorization.Privilege; import org.sonatype.security.authorization.Role; -import com.atlassian.crowd.integration.exception.InvalidAuthorizationTokenException; +import com.atlassian.crowd.exception.InvalidAuthenticationException; +import com.atlassian.crowd.exception.InvalidAuthorizationTokenException; import com.atlassian.crowd.integration.soap.SOAPEntity; import com.google.common.base.Function; import com.google.common.collect.Iterables; @@ -112,7 +113,6 @@ public String getSource() { /** * {@inheritDoc} */ - @SuppressWarnings("unchecked") public Set listPrivileges() { return Collections.emptySet(); } @@ -120,7 +120,6 @@ public Set listPrivileges() { /** * {@inheritDoc} */ - @SuppressWarnings("unchecked") public Set listRoles() { if (crowdClientHolder.isConfigured()) { try { @@ -129,10 +128,13 @@ public Set listRoles() { } catch (RemoteException e) { logger.error("Unable to load roles", e); return null; - } catch (InvalidAuthorizationTokenException e) { + } catch (InvalidAuthenticationException e) { + logger.error("Unable to load roles", e); + return null; + } catch (InvalidAuthorizationTokenException e) { logger.error("Unable to load roles", e); return null; - } + } } UnconfiguredNotifier.unconfigured(); return Collections.emptySet(); diff --git a/src/main/java/org/sonatype/nexus/plugins/crowd/client/CrowdClientHolder.java b/src/main/java/org/sonatype/nexus/plugins/crowd/client/CrowdClientHolder.java index 4fe9bec..c0ab7d8 100644 --- a/src/main/java/org/sonatype/nexus/plugins/crowd/client/CrowdClientHolder.java +++ b/src/main/java/org/sonatype/nexus/plugins/crowd/client/CrowdClientHolder.java @@ -17,11 +17,11 @@ import org.sonatype.nexus.plugins.crowd.config.model.v1_0_0.Configuration; -import com.atlassian.crowd.integration.service.AuthenticationManager; -import com.atlassian.crowd.integration.service.GroupManager; -import com.atlassian.crowd.integration.service.GroupMembershipManager; -import com.atlassian.crowd.integration.service.UserManager; -import com.atlassian.crowd.integration.service.soap.client.SecurityServerClient; +import com.atlassian.crowd.service.AuthenticationManager; +import com.atlassian.crowd.service.GroupManager; +import com.atlassian.crowd.service.GroupMembershipManager; +import com.atlassian.crowd.service.UserManager; +import com.atlassian.crowd.service.soap.client.SecurityServerClient; /** * Interface that allows the various client components of the Crowd plugin to diff --git a/src/main/java/org/sonatype/nexus/plugins/crowd/client/CrowdUserManager.java b/src/main/java/org/sonatype/nexus/plugins/crowd/client/CrowdUserManager.java index a3d8fc0..8963c9c 100644 --- a/src/main/java/org/sonatype/nexus/plugins/crowd/client/CrowdUserManager.java +++ b/src/main/java/org/sonatype/nexus/plugins/crowd/client/CrowdUserManager.java @@ -41,13 +41,13 @@ import org.sonatype.security.usermanagement.UserSearchCriteria; import org.sonatype.security.usermanagement.UserStatus; -import com.atlassian.crowd.integration.SearchContext; -import com.atlassian.crowd.integration.exception.InvalidAuthorizationTokenException; -import com.atlassian.crowd.integration.exception.ObjectNotFoundException; +import com.atlassian.crowd.exception.InvalidAuthenticationException; +import com.atlassian.crowd.exception.InvalidAuthorizationTokenException; import com.atlassian.crowd.integration.soap.SOAPAttribute; import com.atlassian.crowd.integration.soap.SOAPEntity; import com.atlassian.crowd.integration.soap.SOAPPrincipal; import com.atlassian.crowd.integration.soap.SearchRestriction; +import com.atlassian.crowd.search.SearchContext; import com.google.common.base.Function; import com.google.common.collect.Iterables; import com.google.common.collect.Sets; @@ -148,14 +148,17 @@ public User getUser(String userId) throws UserNotFoundException { } catch (RemoteException e) { logger.error("Unable to look up user " + userId, e); return null; - } catch (InvalidAuthorizationTokenException e) { + } catch (InvalidAuthenticationException e) { logger.error("Unable to look up user " + userId, e); return null; - } catch (ObjectNotFoundException e) { + } catch (com.atlassian.crowd.exception.UserNotFoundException e) { + throw new UserNotFoundException(userId); + } catch (InvalidAuthorizationTokenException e) { + logger.error("Unable to look up user " + userId, e); return null; - } + } } else { - throw new UserNotFoundException("Crowd plugin is not configured."); + throw new UserNotFoundException(userId, "Crowd plugin is not configured."); } } @@ -171,12 +174,14 @@ public Set getUsersRoles(String userId, String userSource) throw } catch (RemoteException e) { logger.error("Unable to look up user " + userId, e); return Collections.emptySet(); - } catch (InvalidAuthorizationTokenException e) { + } catch (com.atlassian.crowd.exception.UserNotFoundException e) { + throw new UserNotFoundException(userId); + } catch (InvalidAuthenticationException e) { + throw new UserNotFoundException(userId); + } catch (InvalidAuthorizationTokenException e) { logger.error("Unable to look up user " + userId, e); return Collections.emptySet(); - } catch (ObjectNotFoundException e) { - throw new UserNotFoundException(userId); - } + } return Sets.newHashSet(Iterables.transform(roleNames, new Function() { public RoleIdentifier apply(String from) { @@ -283,10 +288,10 @@ protected User convertToUser(SOAPPrincipal principal) { } String givenName = getAttributeValue(principal, ATTRIBUTE_FIRST_NAME); String surName = getAttributeValue(principal, ATTRIBUTE_LAST_NAME); - user.setName(String.format("%s %s", givenName, surName)); + user.setFirstName(givenName); + user.setLastName(surName); user.setSource(SOURCE); user.setStatus(principal.isActive() ? UserStatus.active : UserStatus.disabled); - user.setReadOnly(true); try { user.setRoles(getUsersRoles(principal.getName(), SOURCE)); } catch (UserNotFoundException e) { diff --git a/src/main/java/org/sonatype/nexus/plugins/crowd/client/DefaultCrowdClientHolder.java b/src/main/java/org/sonatype/nexus/plugins/crowd/client/DefaultCrowdClientHolder.java index d0523c2..2b8e4a3 100644 --- a/src/main/java/org/sonatype/nexus/plugins/crowd/client/DefaultCrowdClientHolder.java +++ b/src/main/java/org/sonatype/nexus/plugins/crowd/client/DefaultCrowdClientHolder.java @@ -27,17 +27,17 @@ import org.sonatype.nexus.plugins.crowd.config.model.v1_0_0.Configuration; import org.sonatype.plexus.components.ehcache.PlexusEhCacheWrapper; -import com.atlassian.crowd.integration.service.AuthenticationManager; -import com.atlassian.crowd.integration.service.GroupManager; -import com.atlassian.crowd.integration.service.GroupMembershipManager; -import com.atlassian.crowd.integration.service.UserManager; -import com.atlassian.crowd.integration.service.cache.CachingGroupManager; -import com.atlassian.crowd.integration.service.cache.CachingGroupMembershipManager; -import com.atlassian.crowd.integration.service.cache.CachingUserManager; -import com.atlassian.crowd.integration.service.soap.client.ClientProperties; -import com.atlassian.crowd.integration.service.soap.client.ClientPropertiesImpl; -import com.atlassian.crowd.integration.service.soap.client.SecurityServerClient; -import com.atlassian.crowd.integration.service.soap.client.SecurityServerClientImpl; +import com.atlassian.crowd.service.AuthenticationManager; +import com.atlassian.crowd.service.GroupManager; +import com.atlassian.crowd.service.GroupMembershipManager; +import com.atlassian.crowd.service.UserManager; +import com.atlassian.crowd.service.cache.CachingGroupManager; +import com.atlassian.crowd.service.cache.CachingGroupMembershipManager; +import com.atlassian.crowd.service.cache.CachingUserManager; +import com.atlassian.crowd.service.soap.client.SecurityServerClient; +import com.atlassian.crowd.service.soap.client.SecurityServerClientImpl; +import com.atlassian.crowd.service.soap.client.SoapClientProperties; +import com.atlassian.crowd.service.soap.client.SoapClientPropertiesImpl; /** * Implementation of the CrowdClientHolder which uses caching wherever possible. @@ -104,7 +104,7 @@ public void initialize() throws InitializationException { basicCache = new AuthCacheImpl(cacheManager.getEhCacheManager()); configuration = crowdPluginConfiguration.getConfiguration(); if (configuration != null) { - ClientProperties clientProps = new ClientPropertiesImpl(configuration.getCrowdClientProperties()); + SoapClientProperties clientProps = SoapClientPropertiesImpl.newInstanceFromProperties(configuration.getCrowdClientProperties()); securityServerClient = new SecurityServerClientImpl(clientProps); userManager = new CachingUserManager(securityServerClient, basicCache); groupManager = new CachingGroupManager(securityServerClient, basicCache); diff --git a/src/main/java/org/sonatype/nexus/plugins/crowd/client/DefaultNexusRoleManager.java b/src/main/java/org/sonatype/nexus/plugins/crowd/client/DefaultNexusRoleManager.java index cfe8be2..ba3cfd6 100644 --- a/src/main/java/org/sonatype/nexus/plugins/crowd/client/DefaultNexusRoleManager.java +++ b/src/main/java/org/sonatype/nexus/plugins/crowd/client/DefaultNexusRoleManager.java @@ -19,12 +19,14 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import com.atlassian.crowd.integration.exception.InvalidAuthorizationTokenException; -import com.atlassian.crowd.integration.exception.ObjectNotFoundException; -import com.atlassian.crowd.integration.service.GroupManager; -import com.atlassian.crowd.integration.service.GroupMembershipManager; -import com.atlassian.crowd.integration.service.soap.client.SecurityServerClient; +import com.atlassian.crowd.exception.GroupNotFoundException; +import com.atlassian.crowd.exception.InvalidAuthenticationException; +import com.atlassian.crowd.exception.InvalidAuthorizationTokenException; +import com.atlassian.crowd.exception.UserNotFoundException; import com.atlassian.crowd.integration.soap.SOAPEntity; +import com.atlassian.crowd.service.GroupManager; +import com.atlassian.crowd.service.GroupMembershipManager; +import com.atlassian.crowd.service.soap.client.SecurityServerClient; public class DefaultNexusRoleManager implements NexusRoleManager { @@ -44,8 +46,7 @@ public DefaultNexusRoleManager(boolean useGroups, GroupManager groupManager, } @SuppressWarnings({ "deprecation", "unchecked" }) - public List getAllNexusRoles() throws RemoteException, - InvalidAuthorizationTokenException { + public List getAllNexusRoles() throws RemoteException, InvalidAuthenticationException, InvalidAuthorizationTokenException { List roles; if (useGroups) { roles = groupManager.getAllGroupNames(); @@ -56,8 +57,7 @@ public List getAllNexusRoles() throws RemoteException, } @SuppressWarnings({ "deprecation", "unchecked" }) - public List getNexusRoles(String username) throws RemoteException, - InvalidAuthorizationTokenException, ObjectNotFoundException { + public List getNexusRoles(String username) throws UserNotFoundException, RemoteException, InvalidAuthenticationException, InvalidAuthorizationTokenException { if (LOGGER.isDebugEnabled()) { LOGGER.debug("Looking up role list for username: " + username); } @@ -77,8 +77,12 @@ public List getNexusRoles(String username) throws RemoteException, /** * {@inheritDoc} + * @throws InvalidAuthorizationTokenException + * @throws InvalidAuthenticationException + * @throws RemoteException + * @throws GroupNotFoundException */ - public SOAPEntity getNexusRole(String roleName) throws RemoteException, InvalidAuthorizationTokenException, ObjectNotFoundException { + public SOAPEntity getNexusRole(String roleName) throws GroupNotFoundException, RemoteException, InvalidAuthenticationException, InvalidAuthorizationTokenException { if (useGroups) { return groupManager.getGroup(roleName); } else { diff --git a/src/main/java/org/sonatype/nexus/plugins/crowd/client/NexusRoleManager.java b/src/main/java/org/sonatype/nexus/plugins/crowd/client/NexusRoleManager.java index 249032f..9c7125e 100644 --- a/src/main/java/org/sonatype/nexus/plugins/crowd/client/NexusRoleManager.java +++ b/src/main/java/org/sonatype/nexus/plugins/crowd/client/NexusRoleManager.java @@ -15,8 +15,10 @@ import java.rmi.RemoteException; import java.util.List; -import com.atlassian.crowd.integration.exception.InvalidAuthorizationTokenException; -import com.atlassian.crowd.integration.exception.ObjectNotFoundException; +import com.atlassian.crowd.exception.GroupNotFoundException; +import com.atlassian.crowd.exception.InvalidAuthenticationException; +import com.atlassian.crowd.exception.InvalidAuthorizationTokenException; +import com.atlassian.crowd.exception.UserNotFoundException; import com.atlassian.crowd.integration.soap.SOAPEntity; /** @@ -27,12 +29,10 @@ */ public interface NexusRoleManager { - List getNexusRoles(String username) throws RemoteException, InvalidAuthorizationTokenException, - ObjectNotFoundException; + List getNexusRoles(String username) throws UserNotFoundException, RemoteException, InvalidAuthenticationException, InvalidAuthorizationTokenException; - SOAPEntity getNexusRole(String roleName) throws ObjectNotFoundException, InvalidAuthorizationTokenException, - RemoteException; + SOAPEntity getNexusRole(String roleName) throws GroupNotFoundException, RemoteException, InvalidAuthenticationException, InvalidAuthorizationTokenException; - List getAllNexusRoles() throws RemoteException, InvalidAuthorizationTokenException; + List getAllNexusRoles() throws RemoteException, InvalidAuthenticationException, InvalidAuthorizationTokenException; } diff --git a/src/test/java/org/sonatype/nexus/jsecurity/realms/external/crowd/CrowdAuthenticatingRealmTest.java b/src/test/java/org/sonatype/nexus/jsecurity/realms/external/crowd/CrowdAuthenticatingRealmTest.java index 7f84735..b26295e 100644 --- a/src/test/java/org/sonatype/nexus/jsecurity/realms/external/crowd/CrowdAuthenticatingRealmTest.java +++ b/src/test/java/org/sonatype/nexus/jsecurity/realms/external/crowd/CrowdAuthenticatingRealmTest.java @@ -12,7 +12,8 @@ */ package org.sonatype.nexus.jsecurity.realms.external.crowd; -import static org.junit.Assert.*; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; import org.junit.After; import org.junit.Before; @@ -30,9 +31,9 @@ public void setup() { @Test public void checkActiveFlag() throws Exception { - assertFalse(realm.isActive()); + assertFalse(CrowdAuthenticatingRealm.isActive()); realm.initialize(); - assertTrue(realm.isActive()); + assertTrue(CrowdAuthenticatingRealm.isActive()); } @After diff --git a/src/test/java/org/sonatype/nexus/plugins/crowd/client/CrowdUserManagerTest.java b/src/test/java/org/sonatype/nexus/plugins/crowd/client/CrowdUserManagerTest.java index 0d48396..6073745 100644 --- a/src/test/java/org/sonatype/nexus/plugins/crowd/client/CrowdUserManagerTest.java +++ b/src/test/java/org/sonatype/nexus/plugins/crowd/client/CrowdUserManagerTest.java @@ -15,9 +15,15 @@ */ package org.sonatype.nexus.plugins.crowd.client; -import static org.easymock.EasyMock.*; -import static org.junit.Assert.*; -import static org.hamcrest.Matchers.*; +import static org.easymock.EasyMock.capture; +import static org.easymock.EasyMock.createMock; +import static org.easymock.EasyMock.createStrictMock; +import static org.easymock.EasyMock.expect; +import static org.easymock.EasyMock.replay; +import static org.easymock.EasyMock.verify; +import static org.hamcrest.Matchers.equalTo; +import static org.hamcrest.Matchers.nullValue; +import static org.junit.Assert.assertThat; import java.util.Arrays; import java.util.Set; @@ -29,14 +35,14 @@ import org.junit.Test; import org.sonatype.nexus.plugins.crowd.config.model.v1_0_0.Configuration; import org.sonatype.security.usermanagement.User; +import org.sonatype.security.usermanagement.UserNotFoundException; import org.sonatype.security.usermanagement.UserSearchCriteria; -import com.atlassian.crowd.integration.SearchContext; -import com.atlassian.crowd.integration.exception.ObjectNotFoundException; -import com.atlassian.crowd.integration.service.UserManager; import com.atlassian.crowd.integration.soap.SOAPAttribute; import com.atlassian.crowd.integration.soap.SOAPPrincipal; import com.atlassian.crowd.integration.soap.SearchRestriction; +import com.atlassian.crowd.search.SearchContext; +import com.atlassian.crowd.service.UserManager; import com.google.common.collect.Sets; /** @@ -61,7 +67,6 @@ public void setup() throws Exception { @Test public void testSearchUserById() throws Exception { - Capture restrictions = new Capture(); expect(holder.getUserManager()).andReturn(userManager); expect(holder.getNexusRoleManager()).andReturn(nexusRoleManager); @@ -157,7 +162,7 @@ public void testGetUser() throws Exception { User u = locator.getUser("user1"); assertThat(u.getEmailAddress(), equalTo("test1@test.com")); - assertThat(u.getName(), equalTo("First1 Last1")); + assertThat(u.getFirstName() + " " + u.getLastName(), equalTo("First1 Last1")); assertThat(u.getRoles().size(), equalTo(2)); verify(holder, userManager, nexusRoleManager); @@ -166,11 +171,34 @@ public void testGetUser() throws Exception { @Test public void testGetUserDoesntExist() throws Exception { expect(holder.getUserManager()).andReturn(userManager); - expect(userManager.getUser("user1")).andThrow(new ObjectNotFoundException()); - replay(holder, userManager); - User u = locator.getUser("user1"); + // clumsy hack to get around 'last method called on mock cannot throw' problems + SOAPPrincipal user; + try{ + user = userManager.getUser("user1"); + }catch (Exception e) { + user = null; + } + assertThat(user, nullValue()); + UserNotFoundException ue = null; + User u; + try{ + u = locator.getUser("user1"); + }catch (Exception e) { + u = null; + if(e instanceof UserNotFoundException){ + ue = (UserNotFoundException)e; + } + + } assertThat(u, nullValue()); - - verify(holder, userManager); + assertThat(true, equalTo(ue != null)); + //assertThat(ue.get, equalTo(new UserNotFoundException("user1", "Crowd plugin is not configured."))); + //expect(userManager.getUser("user1")).andThrow(new ObjectNotFoundException()); + //replay(holder, userManager); + //expect(locator.getUser("user1")).andThrow(new UserNotFoundException("user1", "Crowd plugin is not configured.")); + //User u = locator.getUser("user1"); + //assertThat(u, nullValue()); + + //verify(holder, userManager); } } diff --git a/src/test/java/org/sonatype/nexus/plugins/crowd/config/ExtraPropertiesTest.java b/src/test/java/org/sonatype/nexus/plugins/crowd/config/ExtraPropertiesTest.java index c1b6db9..ca439b6 100644 --- a/src/test/java/org/sonatype/nexus/plugins/crowd/config/ExtraPropertiesTest.java +++ b/src/test/java/org/sonatype/nexus/plugins/crowd/config/ExtraPropertiesTest.java @@ -28,7 +28,7 @@ public void test() throws Exception { Configuration configuration = reader.read(getClass().getResourceAsStream("/extra-props.xml")); - List props = configuration.getExtraCrowdProperties(); + List props = configuration.getExtraCrowdProperties(); Assert.assertEquals(1, props.size()); Property prop = (Property) props.get(0); From b6f00fcf33ad960bfb3552cd0a07f717d33ec2b7 Mon Sep 17 00:00:00 2001 From: hypobyte Date: Thu, 29 Sep 2011 11:51:50 +0200 Subject: [PATCH 07/10] Using UTF-8 for resources, and added HypoBytes repositories. --- pom.xml | 28 ++++++++++++++++++++-------- 1 file changed, 20 insertions(+), 8 deletions(-) diff --git a/pom.xml b/pom.xml index 1e671dd..2613fab 100644 --- a/pom.xml +++ b/pom.xml @@ -207,6 +207,15 @@ + + org.apache.maven.plugins + maven-resources-plugin + 2.4.3 + + + UTF-8 + + @@ -221,14 +230,17 @@ - - forge-releases - https://repository.sonatype.org/service/local/staging/deploy/maven2/ - - - forge-snapshots - http://repository.sonatype.org/content/repositories/nexus-plugins-snapshots - + https://hypobytes.com/maven/content/groups/public + + hypobytes-releases + HypoBytes Releases + https://hypobytes.com/maven/content/repositories/releases + + + hypobytes-snapshots + HypoBytes Snapshots + https://hypobytes.com/maven/content/repositories/snapshots + From c83e022c80df9ebc6d251e553bda425e324f94ce Mon Sep 17 00:00:00 2001 From: rkrzewski Date: Thu, 13 Oct 2011 23:38:56 +0200 Subject: [PATCH 08/10] Added RSO and Atlassian Maven remote repositories --- pom.xml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/pom.xml b/pom.xml index 2613fab..7a9fb0e 100644 --- a/pom.xml +++ b/pom.xml @@ -246,4 +246,34 @@ 1.9.2.3 + + + + rso + repository.sonatype.org + https://repository.sonatype.org/content/groups/forge/ + + true + + + + atlassian + maven.atlassian.com + https://maven.atlassian.com/content/groups/public/ + + true + + + + + + + rso-plugins + repository.sonatype.org plugins + https://repository.sonatype.org/content/groups/forge/ + + true + + + From 3d460f1def469ee6d8b5eda104920dca60ec6198 Mon Sep 17 00:00:00 2001 From: rkrzewski Date: Thu, 13 Oct 2011 23:40:31 +0200 Subject: [PATCH 09/10] Brought version number in sync with current Nexus version --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 7a9fb0e..bbb0e71 100644 --- a/pom.xml +++ b/pom.xml @@ -8,7 +8,7 @@ nexus-crowd-plugin - 1.6.2-SNAPSHOT + 1.9-SNAPSHOT nexus-plugin Nexus Crowd Integration Integration between Nexus MRM and Crowd Identity Server. From 707b5d7cbd1f2e196605c11bb62cf3a7a8d1f05d Mon Sep 17 00:00:00 2001 From: rkrzewski Date: Thu, 13 Oct 2011 23:43:40 +0200 Subject: [PATCH 10/10] Added Trygve and myself to developers POM section --- pom.xml | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index bbb0e71..b524b68 100644 --- a/pom.xml +++ b/pom.xml @@ -27,7 +27,22 @@ justin@justinedelson.com developer - + + + + rkrzewski + RafaƂ Krzewski + rafal.krzewski@objectledge.org + + developer + + + + hypobyte + Trygve Sanne Hardersen + + developer +