plugin update to support nexus 1.9.0.1

pom.xml

@@ -4,11 +4,11 @@
     <parent>
         <groupId>org.sonatype.nexus.plugins</groupId>
         <artifactId>nexus-plugins-parent</artifactId>
-        <version>4</version>
+        <version>8</version>
     </parent>
 
     <artifactId>nexus-crowd-plugin</artifactId>
-    <version>1.6.2-SNAPSHOT</version>
+    <version>1.9-SNAPSHOT</version>
     <packaging>nexus-plugin</packaging>
     <name>Nexus Crowd Integration</name>
     <description>Integration between Nexus MRM and Crowd Identity Server.</description>
@@ -27,7 +27,22 @@
             <email>[email protected]</email>
             <roles>
                 <role>developer</role>
-            </roles>
+            </roles>            
+        </developer>
+        <developer>
+            <id>rkrzewski</id>
+            <name>Rafał Krzewski</name>
+            <email>[email protected]</email>
+            <roles>
+                <role>developer</role>
+            </roles>            
+        </developer>
+        <developer>
+            <id>hypobyte</id>
+            <name>Trygve Sanne Hardersen</name>
+            <roles>
+                <role>developer</role>
+            </roles>            
         </developer>
     </developers>
 
@@ -46,12 +61,16 @@
                     <groupId>backport-util-concurrent</groupId>
                     <artifactId>backport-util-concurrent</artifactId>
                 </exclusion>
+                <exclusion>
+                	<artifactId>commons-logging-api</artifactId>
+                	<groupId>commons-logging</groupId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
             <groupId>com.atlassian.crowd</groupId>
             <artifactId>crowd-integration-client</artifactId>
-            <version>1.6.1</version>
+            <version>2.3.3</version>
             <!-- these exclusions are all provided by nexus -->
             <exclusions>
                 <exclusion>
@@ -108,6 +127,13 @@
                 </exclusion>
             </exclusions>
         </dependency>
+        <!-- Agesis binding is required by xfire, which is used by the crowd client -->
+		<dependency>
+			<groupId>org.codehaus.xfire</groupId>
+			<artifactId>xfire-aegis</artifactId>
+			<version>1.2.6</version>
+			<scope>runtime</scope>
+		</dependency>
         <dependency>
             <groupId>com.google.code.google-collections</groupId>
             <artifactId>google-collect</artifactId>
@@ -196,6 +222,15 @@
                     </excludes>
                 </configuration>
             </plugin>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-resources-plugin</artifactId>
+				<version>2.4.3</version>
+				<configuration>
+					<!-- Cross platform capability -->
+					<encoding>UTF-8</encoding>
+				</configuration>
+			</plugin>
         </plugins>
     </build>
     <reporting>
@@ -210,17 +245,50 @@
         </plugins>
     </reporting>
     <distributionManagement>
-        <repository>
-          <id>forge-releases</id>
-          <url>https://repository.sonatype.org/service/local/staging/deploy/maven2/</url>
-        </repository>
-        <snapshotRepository>
-            <id>forge-snapshots</id>
-            <url>http://repository.sonatype.org/content/repositories/nexus-plugins-snapshots</url>
-        </snapshotRepository>
+		<downloadUrl>https://hypobytes.com/maven/content/groups/public</downloadUrl>
+		<repository>
+			<id>hypobytes-releases</id>
+			<name>HypoBytes Releases</name>
+			<url>https://hypobytes.com/maven/content/repositories/releases</url>
+		</repository>
+		<snapshotRepository>
+			<id>hypobytes-snapshots</id>
+			<name>HypoBytes Snapshots</name>
+			<url>https://hypobytes.com/maven/content/repositories/snapshots</url>		
+		</snapshotRepository>
     </distributionManagement>
 
     <properties>
-        <nexus.version>1.6.0</nexus.version>
+        <nexus.version>1.9.2.3</nexus.version>
     </properties>
+
+	<repositories>
+		<repository>
+			<id>rso</id>
+			<name>repository.sonatype.org</name>
+			<url>https://repository.sonatype.org/content/groups/forge/</url>
+			<releases>
+				<enabled>true</enabled>
+			</releases>
+		</repository>
+		<repository>
+		  <id>atlassian</id>
+		  <name>maven.atlassian.com</name>
+		  <url>https://maven.atlassian.com/content/groups/public/</url>
+		  <releases>
+		     <enabled>true</enabled>
+		  </releases>
+		</repository>
+	</repositories>
+
+	<pluginRepositories>
+	   <pluginRepository>
+	   <id>rso-plugins</id>
+			<name>repository.sonatype.org plugins</name>
+			<url>https://repository.sonatype.org/content/groups/forge/</url>
+			<releases>
+				<enabled>true</enabled>
+			</releases>
+	   </pluginRepository>
+	</pluginRepositories>
 </project>

src/main/java/org/sonatype/nexus/jsecurity/realms/external/crowd/CrowdAuthenticatingRealm.java

@@ -13,32 +13,39 @@
 package org.sonatype.nexus.jsecurity.realms.external.crowd;
 
 import java.rmi.RemoteException;
-
+import java.util.HashSet;
+import java.util.List;
+
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.AuthenticationInfo;
+import org.apache.shiro.authc.AuthenticationToken;
+import org.apache.shiro.authc.DisabledAccountException;
+import org.apache.shiro.authc.IncorrectCredentialsException;
+import org.apache.shiro.authc.SimpleAuthenticationInfo;
+import org.apache.shiro.authc.UnknownAccountException;
+import org.apache.shiro.authc.UsernamePasswordToken;
+import org.apache.shiro.authc.pam.UnsupportedTokenException;
+import org.apache.shiro.authz.AuthorizationException;
+import org.apache.shiro.authz.AuthorizationInfo;
+import org.apache.shiro.authz.SimpleAuthorizationInfo;
+import org.apache.shiro.realm.AuthorizingRealm;
+import org.apache.shiro.realm.Realm;
+import org.apache.shiro.subject.PrincipalCollection;
 import org.codehaus.plexus.component.annotations.Component;
 import org.codehaus.plexus.component.annotations.Requirement;
 import org.codehaus.plexus.personality.plexus.lifecycle.phase.Disposable;
 import org.codehaus.plexus.personality.plexus.lifecycle.phase.Initializable;
 import org.codehaus.plexus.personality.plexus.lifecycle.phase.InitializationException;
-import org.jsecurity.authc.AuthenticationException;
-import org.jsecurity.authc.AuthenticationInfo;
-import org.jsecurity.authc.AuthenticationToken;
-import org.jsecurity.authc.DisabledAccountException;
-import org.jsecurity.authc.IncorrectCredentialsException;
-import org.jsecurity.authc.SimpleAuthenticationInfo;
-import org.jsecurity.authc.UsernamePasswordToken;
-import org.jsecurity.authc.pam.UnsupportedTokenException;
-import org.jsecurity.authz.AuthorizationInfo;
-import org.jsecurity.realm.AuthorizingRealm;
-import org.jsecurity.realm.Realm;
-import org.jsecurity.subject.PrincipalCollection;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.sonatype.nexus.plugins.crowd.client.CrowdClientHolder;
 
-import com.atlassian.crowd.integration.exception.ApplicationAccessDeniedException;
-import com.atlassian.crowd.integration.exception.InactiveAccountException;
-import com.atlassian.crowd.integration.exception.InvalidAuthenticationException;
-import com.atlassian.crowd.integration.exception.InvalidAuthorizationTokenException;
+import com.atlassian.crowd.exception.ApplicationAccessDeniedException;
+import com.atlassian.crowd.exception.ExpiredCredentialException;
+import com.atlassian.crowd.exception.InactiveAccountException;
+import com.atlassian.crowd.exception.InvalidAuthenticationException;
+import com.atlassian.crowd.exception.InvalidAuthorizationTokenException;
+import com.atlassian.crowd.exception.UserNotFoundException;
 
 @Component(role = Realm.class, hint = "Crowd")
 public class CrowdAuthenticatingRealm extends AuthorizingRealm implements Initializable, Disposable {
@@ -88,20 +95,34 @@ protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authent
                     getName());
         } catch (RemoteException e) {
             throw new AuthenticationException("Could not retrieve info from Crowd.", e);
-        } catch (InvalidAuthorizationTokenException e) {
-            throw new AuthenticationException("Could not retrieve info from Crowd.", e);
-        } catch (ApplicationAccessDeniedException e) {
-            throw new AuthenticationException("Could not retrieve info from Crowd.", e);
-        } catch (InvalidAuthenticationException e) {
-            throw new IncorrectCredentialsException(e);
         } catch (InactiveAccountException e) {
-            throw new DisabledAccountException(e);
-        }
+        	throw new DisabledAccountException(e);
+		} catch (ExpiredCredentialException e) {
+			throw new IncorrectCredentialsException(e);
+		} catch (InvalidAuthenticationException e) {
+			throw new IncorrectCredentialsException(e);
+		} catch (InvalidAuthorizationTokenException e) {
+			throw new AuthenticationException("Could not retrieve info from Crowd.", e);
+		} catch (ApplicationAccessDeniedException e) {
+			throw new AuthenticationException("Could not retrieve info from Crowd.", e);
+		}
     }
 
     @Override
     protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
-        return null;
+        String username = (String)principals.getPrimaryPrincipal();
+        try {
+			List<String> roles = crowdClientHolder.getNexusRoleManager().getNexusRoles(username);
+			return new SimpleAuthorizationInfo(new HashSet<String>(roles));
+		} catch (RemoteException e) {
+			throw new AuthorizationException("Could not retrieve info from Crowd.", e);
+		} catch (UserNotFoundException e) {
+			throw new UnknownAccountException("User " + username + " not found", e);
+		} catch (InvalidAuthenticationException e) {
+			throw new IncorrectCredentialsException(e);
+		} catch (InvalidAuthorizationTokenException e) {
+			throw new AuthorizationException("Could not retrieve info from Crowd.", e);
+		}
     }
 
 }

src/main/java/org/sonatype/nexus/plugins/crowd/api/CrowdTestPlexusResource.java

@@ -27,7 +27,8 @@
 import org.sonatype.plexus.rest.resource.PathProtectionDescriptor;
 import org.sonatype.plexus.rest.resource.PlexusResource;
 
-import com.atlassian.crowd.integration.exception.InvalidAuthorizationTokenException;
+import com.atlassian.crowd.exception.InvalidAuthenticationException;
+import com.atlassian.crowd.exception.InvalidAuthorizationTokenException;
 
 /**
  * Intent of this class is to enable an admin to easily test if the Crowd
@@ -66,9 +67,12 @@ public Object get(Context context, Request request, Response response, Variant v
         } catch (RemoteException e) {
             throw new ResourceException(Status.SERVER_ERROR_SERVICE_UNAVAILABLE,
                     "Unable to authenticate. Check configuration.", e);
-        } catch (InvalidAuthorizationTokenException e) {
+        } catch (InvalidAuthenticationException e) {
             throw new ResourceException(Status.SERVER_ERROR_SERVICE_UNAVAILABLE,
                     "Unable to authenticate. Check configuration.", e);
-        }
+		} catch (InvalidAuthorizationTokenException e) {
+            throw new ResourceException(Status.SERVER_ERROR_SERVICE_UNAVAILABLE,
+                    "Unable to authenticate. Check configuration.", e);
+		}
     }
 }

src/main/java/org/sonatype/nexus/plugins/crowd/caching/AuthBasicCache.java

@@ -15,7 +15,7 @@
  */
 package org.sonatype.nexus.plugins.crowd.caching;
 
-import com.atlassian.crowd.integration.service.cache.BasicCache;
+import com.atlassian.crowd.service.cache.BasicCache;
 
 /**
  * Extension of Crowd's BasicCache interface to enable authentication caching.

src/main/java/org/sonatype/nexus/plugins/crowd/caching/AuthCacheImpl.java

@@ -19,7 +19,7 @@
 import net.sf.ehcache.CacheManager;
 import net.sf.ehcache.Element;
 
-import com.atlassian.crowd.integration.service.cache.CacheImpl;
+import com.atlassian.crowd.service.cache.CacheImpl;
 
 /**
  * Extension of Crowd CacheImpl object which supports caching of authentication

src/main/java/org/sonatype/nexus/plugins/crowd/caching/CachingAuthenticationManager.java

@@ -17,15 +17,16 @@
 
 import java.rmi.RemoteException;
 
-import com.atlassian.crowd.integration.authentication.PrincipalAuthenticationContext;
-import com.atlassian.crowd.integration.authentication.ValidationFactor;
-import com.atlassian.crowd.integration.exception.ApplicationAccessDeniedException;
-import com.atlassian.crowd.integration.exception.InactiveAccountException;
-import com.atlassian.crowd.integration.exception.InvalidAuthenticationException;
-import com.atlassian.crowd.integration.exception.InvalidAuthorizationTokenException;
-import com.atlassian.crowd.integration.service.cache.AuthenticationManagerImpl;
-import com.atlassian.crowd.integration.service.soap.client.SecurityServerClient;
-import com.atlassian.crowd.integration.util.Assert;
+import com.atlassian.crowd.exception.ApplicationAccessDeniedException;
+import com.atlassian.crowd.exception.ExpiredCredentialException;
+import com.atlassian.crowd.exception.InactiveAccountException;
+import com.atlassian.crowd.exception.InvalidAuthenticationException;
+import com.atlassian.crowd.exception.InvalidAuthorizationTokenException;
+import com.atlassian.crowd.model.authentication.UserAuthenticationContext;
+import com.atlassian.crowd.model.authentication.ValidationFactor;
+import com.atlassian.crowd.service.cache.SimpleAuthenticationManager;
+import com.atlassian.crowd.service.soap.client.SecurityServerClient;
+import com.atlassian.crowd.util.Assert;
 
 /**
  * Implementation of Crowd client's AuthenticationManager which caches tokens
@@ -34,7 +35,7 @@
  * @author Justin Edelson
  * 
  */
-public class CachingAuthenticationManager extends AuthenticationManagerImpl {
+public class CachingAuthenticationManager extends SimpleAuthenticationManager {
 
     private AuthBasicCache basicCache;
 
@@ -43,17 +44,18 @@ public CachingAuthenticationManager(SecurityServerClient securityServerClient,
         super(securityServerClient);
         this.basicCache = basicCache;
     }
+
+	public String authenticate(UserAuthenticationContext authenticationContext)
+			throws RemoteException, InvalidAuthorizationTokenException,
+			InvalidAuthenticationException, InactiveAccountException,
+			ApplicationAccessDeniedException, ExpiredCredentialException {
+		return super.authenticate(authenticationContext);
+	}
 
-    public String authenticate(PrincipalAuthenticationContext authenticationContext)
-            throws RemoteException, InvalidAuthorizationTokenException,
-            InvalidAuthenticationException, InactiveAccountException,
-            ApplicationAccessDeniedException {
-        return super.authenticate(authenticationContext);
-    }
-
-    public String authenticate(String username, String password) throws RemoteException,
-            InvalidAuthorizationTokenException, InvalidAuthenticationException,
-            InactiveAccountException, ApplicationAccessDeniedException {
+	public String authenticate(String username, String password)
+			throws RemoteException, InvalidAuthorizationTokenException,
+			InvalidAuthenticationException, InactiveAccountException,
+			ApplicationAccessDeniedException, ExpiredCredentialException {
         Assert.notNull(username);
         Assert.notNull(password);
 
@@ -63,17 +65,17 @@ public String authenticate(String username, String password) throws RemoteExcept
             basicCache.addOrReplaceToken(username, password, token);
         }
         return token;
-    }
-
-    public void invalidate(String token) throws RemoteException, InvalidAuthorizationTokenException {
-        super.invalidate(token);
+	}
 
-    }
-
-    public boolean isAuthenticated(String token, ValidationFactor[] validationFactors)
-            throws RemoteException, InvalidAuthorizationTokenException,
-            ApplicationAccessDeniedException {
-        return super.isAuthenticated(token, validationFactors);
-    }
+	public void invalidate(String token) throws RemoteException,
+			InvalidAuthorizationTokenException, InvalidAuthenticationException {
+		super.invalidate(token);
+	}
 
+	public boolean isAuthenticated(String token,
+			ValidationFactor[] validationFactors) throws RemoteException,
+			InvalidAuthorizationTokenException,
+			ApplicationAccessDeniedException, InvalidAuthenticationException {
+		return super.isAuthenticated(token, validationFactors);
+	}
 }