Commits

Anonymous committed 2a213d6

change user handling

Comments (0)

Files changed (3)

   <parent>
     <artifactId>scm-plugins</artifactId>
     <groupId>sonia.scm.plugins</groupId>
-    <version>1.12-SNAPSHOT</version>
+    <version>1.13-SNAPSHOT</version>
   </parent>
 
   <groupId>sonia.scm.plugins</groupId>
 
   </dependencies>
   <repositories>
-    
+
     <repository>
       <id>maven.scm-manager.org</id>
       <name>scm-manager release repository</name>
       <url>http://maven.scm-manager.org/nexus/content/groups/public</url>
     </repository>
-  
+
   </repositories>
 </project>

src/main/java/sonia/scm/auth/remoteuser/RemoteuserAuthenticationFilter.java

 import com.google.inject.Singleton;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+
+import sonia.scm.user.User;
+import sonia.scm.util.AssertUtil;
 import sonia.scm.web.filter.HttpFilter;
+import sonia.scm.web.filter.SecurityHttpServletRequestWrapper;
 import sonia.scm.web.security.WebSecurityContext;
 
 import javax.inject.Provider;
 @Singleton
 public class RemoteuserAuthenticationFilter extends HttpFilter {
 
-    private static final Logger log = LoggerFactory
-            .getLogger(RemoteuserAuthenticationFilter.class);
+	private static final Logger log = LoggerFactory
+			.getLogger(RemoteuserAuthenticationFilter.class);
 
-    private final Provider<WebSecurityContext> securityContextProvider;
+	private final Provider<WebSecurityContext> securityContextProvider;
 
-    @Inject
-    public RemoteuserAuthenticationFilter(
-            final Provider<WebSecurityContext> securityContextProvider) {
-        this.securityContextProvider = securityContextProvider;
-    }
+	@Inject
+	public RemoteuserAuthenticationFilter(
+			final Provider<WebSecurityContext> securityContextProvider) {
+		this.securityContextProvider = securityContextProvider;
+	}
 
-    protected void doFilter(HttpServletRequest request,
-            HttpServletResponse response, FilterChain chain)
-            throws IOException, ServletException {
+	@Override
+	protected void doFilter(HttpServletRequest request,
+			HttpServletResponse response, FilterChain chain)
+			throws IOException, ServletException {
 
-        try {
-            WebSecurityContext securityContext = securityContextProvider.get();
-            if (!securityContext.isAuthenticated()) {
-                if (log.isDebugEnabled()) {
-                    log.debug("Current user is not authenticated, use REMOTE_USER variable authentication.");
-                }
-                securityContext.authenticate(request, response,
-                        RemoteuserAuthenticationHandler.DUMMYUSERPASS,
-                        RemoteuserAuthenticationHandler.DUMMYUSERPASS);
-            }
-        } finally {
-            chain.doFilter(request, response);
-        }
-    }
+		if(request.getRequestURI().contains("/scm/api/rest/")){
+			log.debug("");
+		}
+		WebSecurityContext securityContext = securityContextProvider.get();
+		AssertUtil.assertIsNotNull(securityContext);
+		User user = null;
+	    if (securityContext.isAuthenticated())
+	    {
+	      user = securityContext.getUser();
+	    }
+	    else
+	    {
+			String username = request.getHeader("X_REMOTE_USER");
+			if(username == null){
+				username = "foobar";
+			}
+			log.debug(request.getRequestURI());
+			log.debug("Current user is not authenticated, use REMOTE_USER variable authentication.");
+			securityContext.authenticate(request, response,
+					username,
+					RemoteuserAuthenticationHandler.DUMMYUSERPASS);
+
+			user = new User();
+			user.setName(username);
+			user.setDisplayName(username);
+	    }
+
+	    chain.doFilter(new SecurityHttpServletRequestWrapper(request, user),
+	                     response);
+	}
 }

src/main/java/sonia/scm/auth/remoteuser/RemoteuserAuthenticationHandler.java

 @Singleton
 @Extension
 public class RemoteuserAuthenticationHandler implements AuthenticationHandler,
-        ConfigChangedListener {
+		ConfigChangedListener {
 
-    public static final String DUMMYUSERPASS = "foobar";
+	public static final String DUMMYUSERPASS = "foobar";
 
-    private static final Logger logger = LoggerFactory
-            .getLogger(RemoteuserAuthenticationHandler.class);
+	private static final Logger logger = LoggerFactory
+			.getLogger(RemoteuserAuthenticationHandler.class);
 
-    public static final String TYPE = "remoteuser";
+	public static final String TYPE = "remoteuser";
 
-    private RemoteuserPluginConfig config;
+	private RemoteuserPluginConfig config;
 
-    private Store<RemoteuserPluginConfig> store;
+	private Store<RemoteuserPluginConfig> store;
 
-    private ScmConfiguration scmConfiguration;
+	private ScmConfiguration scmConfiguration;
 
-    @Inject
-    public RemoteuserAuthenticationHandler(ScmConfiguration scmConfiguration,
-            StoreFactory storeFactory) {
-        this.scmConfiguration = scmConfiguration;
-        this.scmConfiguration.addListener(this);
-        store = storeFactory.getStore(RemoteuserPluginConfig.class, TYPE);
-    }
+	@Inject
+	public RemoteuserAuthenticationHandler(ScmConfiguration scmConfiguration,
+			StoreFactory storeFactory) {
+		this.scmConfiguration = scmConfiguration;
+		this.scmConfiguration.addListener(this);
+		store = storeFactory.getStore(RemoteuserPluginConfig.class, TYPE);
+	}
 
-    @Override
-    public AuthenticationResult authenticate(HttpServletRequest request,
-            HttpServletResponse response, String username, String password) {
+	@Override
+	public AuthenticationResult authenticate(HttpServletRequest request,
+			HttpServletResponse response, String username, String password) {
 
-        if (DUMMYUSERPASS.equals(username) && DUMMYUSERPASS.equals(password)) {
-            username = request.getHeader("X_REMOTE_USER");
-            if (username != null && !DUMMYUSERPASS.equals(username)) {
-                logger.debug("REMOTE_USER user: " + username);
-                return new AuthenticationResult(populateUser(username));
-            } else {
-                return AuthenticationResult.NOT_FOUND;
-            }
-        } else {
-            return AuthenticationResult.NOT_FOUND;
-        }
-    }
+		if (username.equals(request.getHeader("X_REMOTE_USER"))
+				&& DUMMYUSERPASS.equals(password)) {
+			logger.debug("REMOTE_USER user: " + username);
+			return new AuthenticationResult(populateUser(username));
+		} else {
+			return AuthenticationResult.NOT_FOUND;
+		}
+	}
 
-    @Override
-    public void close() throws IOException {
+	@Override
+	public void close() throws IOException {
 
-    }
+	}
 
-    @Override
-    public void configChanged(Object configuration) {
-        this.scmConfiguration = (ScmConfiguration) configuration;
-    }
+	@Override
+	public void configChanged(Object configuration) {
+		this.scmConfiguration = (ScmConfiguration) configuration;
+	}
 
-    @Override
-    public synchronized void init(SCMContextProvider context) {
+	@Override
+	public synchronized void init(SCMContextProvider context) {
 
-        config = store.get();
+		config = store.get();
 
-        if (config == null) {
-            config = new RemoteuserPluginConfig();
-        }
-    }
+		if (config == null) {
+			config = new RemoteuserPluginConfig();
+		}
+	}
 
-    public void storeConfig(RemoteuserPluginConfig config) {
-        this.config = config;
-        store.set(config);
-    }
+	public void storeConfig(RemoteuserPluginConfig config) {
+		this.config = config;
+		store.set(config);
+	}
 
-    public RemoteuserPluginConfig getConfig() {
-        return config;
-    }
+	public RemoteuserPluginConfig getConfig() {
+		return config;
+	}
 
-    @Override
-    public String getType() {
-        return TYPE;
-    }
+	@Override
+	public String getType() {
+		return TYPE;
+	}
 
-    public void setConfig(RemoteuserPluginConfig config) {
-        this.config = config;
-    }
+	public void setConfig(RemoteuserPluginConfig config) {
+		this.config = config;
+	}
 
-    private User populateUser(String username) {
-        User scmUser = new User();
-        scmUser.setName(username);
-        scmUser.setDisplayName(username);
-        scmUser.setMail(username + "@example.com");
-        return scmUser;
-    }
+	private User populateUser(String username) {
+		User scmUser = new User();
+		scmUser.setName(username);
+		scmUser.setDisplayName(username);
+		scmUser.setMail(username + "@example.com");
+		return scmUser;
+	}
 }