Commits

Dominik Ruf committed 3bd28f5

init

Comments (0)

Files changed (10)

+# netbeans temp & private files
+/?target/
+release.properties
+nbactions.*\.xml
+# MacOS X Files
+\.DS_Store$
+\._\.DS_Store$
+\._\.
+Desktop DB$
+Desktop DF$
+\.hotfiles\.btree$
+\.orig$
+~$
+\.\~.*$
+\.bak$
+.*\.NavData$
+\.orig\..*$
+\.chg\..*$
+\.rej$
+\.conflict\~$
+# Eclipse Files
+\.project
+\.classpath
+\.settings
+syntax: glob
+scm-auth-remote-plugin
+==============================
+This is a authentication plugin for scm-manager (http://www.scm-manager.org)
+that uses a http header variable to authenticate a user.
+The idea is to use what every authentication mechanism your reverse proxy
+supports and forward the authenticated user to the scm-manager application
+via a http header variable.
+
+
+IMPORTANT SECURITY INFORMATION
+THIS PLUGIN IN ONLY MEANT TO BE USED BEHIND A REVERSE PROXY SERVER
+THAT PREVENTS THE END USER OF SETTING THE HEADER VARIABLE HIM SELF 
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+
+  <modelVersion>4.0.0</modelVersion>
+
+  <parent>
+    <artifactId>scm-plugins</artifactId>
+    <groupId>sonia.scm.plugins</groupId>
+    <version>1.12-SNAPSHOT</version>
+  </parent>
+
+  <groupId>sonia.scm.plugins</groupId>
+  <artifactId>scm-auth-remoteuser-plugin</artifactId>
+  <packaging>jar</packaging>
+  <version>1.0-SNAPSHOT</version>
+  <name>${project.artifactId}</name>
+  <description>plugin description</description>
+
+  <dependencies>
+
+    <dependency>
+      <groupId>javax.servlet</groupId>
+      <artifactId>servlet-api</artifactId>
+      <version>${servlet.version}</version>
+      <scope>provided</scope>
+    </dependency>
+
+    <!-- test scope -->
+
+    <dependency>
+      <groupId>sonia.scm</groupId>
+      <artifactId>scm-test</artifactId>
+      <version>1.6</version>
+      <scope>test</scope>
+    </dependency>
+
+  </dependencies>
+  <repositories>
+    
+    <repository>
+      <id>maven.scm-manager.org</id>
+      <name>scm-manager release repository</name>
+      <url>http://maven.scm-manager.org/nexus/content/groups/public</url>
+    </repository>
+  
+  </repositories>
+</project>

src/main/java/sonia/scm/auth/remoteuser/RemoteuserAuthenticationFilter.java

+/**
+ * Copyright (c) 2012, Dominik Ruf
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ *    this list of conditions and the following disclaimer in the documentation
+ *    and/or other materials provided with the distribution.
+ * 3. Neither the name of SCM-Manager; nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * https://bitbucket.org/domruf/scm-auth-remoteuser-plugin
+ *
+ */
+
+package sonia.scm.auth.remoteuser;
+
+import com.google.inject.Inject;
+import com.google.inject.Singleton;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import sonia.scm.web.filter.HttpFilter;
+import sonia.scm.web.security.WebSecurityContext;
+
+import javax.inject.Provider;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+@Singleton
+public class RemoteuserAuthenticationFilter extends HttpFilter {
+
+    private static final Logger log = LoggerFactory
+            .getLogger(RemoteuserAuthenticationFilter.class);
+
+    private final Provider<WebSecurityContext> securityContextProvider;
+
+    @Inject
+    public RemoteuserAuthenticationFilter(
+            final Provider<WebSecurityContext> securityContextProvider) {
+        this.securityContextProvider = securityContextProvider;
+    }
+
+    protected void doFilter(HttpServletRequest request,
+            HttpServletResponse response, FilterChain chain)
+            throws IOException, ServletException {
+
+        try {
+            WebSecurityContext securityContext = securityContextProvider.get();
+            if (!securityContext.isAuthenticated()) {
+                if (log.isDebugEnabled()) {
+                    log.debug("Current user is not authenticated, use REMOTE_USER variable authentication.");
+                }
+                securityContext.authenticate(request, response,
+                        RemoteuserAuthenticationHandler.DUMMYUSERPASS,
+                        RemoteuserAuthenticationHandler.DUMMYUSERPASS);
+            }
+        } finally {
+            chain.doFilter(request, response);
+        }
+    }
+}

src/main/java/sonia/scm/auth/remoteuser/RemoteuserAuthenticationHandler.java

+/**
+ * Copyright (c) 2012, Dominik Ruf
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ *    this list of conditions and the following disclaimer in the documentation
+ *    and/or other materials provided with the distribution.
+ * 3. Neither the name of SCM-Manager; nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * https://bitbucket.org/domruf/scm-auth-remoteuser-plugin
+ *
+ */
+
+package sonia.scm.auth.remoteuser;
+
+import com.google.inject.Inject;
+import com.google.inject.Singleton;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import sonia.scm.ConfigChangedListener;
+import sonia.scm.SCMContextProvider;
+import sonia.scm.config.ScmConfiguration;
+import sonia.scm.plugin.ext.Extension;
+import sonia.scm.store.Store;
+import sonia.scm.store.StoreFactory;
+import sonia.scm.user.User;
+import sonia.scm.web.security.AuthenticationHandler;
+import sonia.scm.web.security.AuthenticationResult;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+@Singleton
+@Extension
+public class RemoteuserAuthenticationHandler implements AuthenticationHandler,
+        ConfigChangedListener {
+
+    public static final String DUMMYUSERPASS = "foobar";
+
+    private static final Logger logger = LoggerFactory
+            .getLogger(RemoteuserAuthenticationHandler.class);
+
+    public static final String TYPE = "remoteuser";
+
+    private RemoteuserPluginConfig config;
+
+    private Store<RemoteuserPluginConfig> store;
+
+    private ScmConfiguration scmConfiguration;
+
+    @Inject
+    public RemoteuserAuthenticationHandler(ScmConfiguration scmConfiguration,
+            StoreFactory storeFactory) {
+        this.scmConfiguration = scmConfiguration;
+        this.scmConfiguration.addListener(this);
+        store = storeFactory.getStore(RemoteuserPluginConfig.class, TYPE);
+    }
+
+    @Override
+    public AuthenticationResult authenticate(HttpServletRequest request,
+            HttpServletResponse response, String username, String password) {
+
+        if (DUMMYUSERPASS.equals(username) && DUMMYUSERPASS.equals(password)) {
+            username = request.getHeader("X_REMOTE_USER");
+            if (username != null && !DUMMYUSERPASS.equals(username)) {
+                logger.debug("REMOTE_USER user: " + username);
+                return new AuthenticationResult(populateUser(username));
+            } else {
+                return AuthenticationResult.NOT_FOUND;
+            }
+        } else {
+            return AuthenticationResult.NOT_FOUND;
+        }
+    }
+
+    @Override
+    public void close() throws IOException {
+
+    }
+
+    @Override
+    public void configChanged(Object configuration) {
+        this.scmConfiguration = (ScmConfiguration) configuration;
+    }
+
+    @Override
+    public synchronized void init(SCMContextProvider context) {
+
+        config = store.get();
+
+        if (config == null) {
+            config = new RemoteuserPluginConfig();
+        }
+    }
+
+    public void storeConfig(RemoteuserPluginConfig config) {
+        this.config = config;
+        store.set(config);
+    }
+
+    public RemoteuserPluginConfig getConfig() {
+        return config;
+    }
+
+    @Override
+    public String getType() {
+        return TYPE;
+    }
+
+    public void setConfig(RemoteuserPluginConfig config) {
+        this.config = config;
+    }
+
+    private User populateUser(String username) {
+        User scmUser = new User();
+        scmUser.setName(username);
+        scmUser.setDisplayName(username);
+        scmUser.setMail(username + "@example.com");
+        return scmUser;
+    }
+}

src/main/java/sonia/scm/auth/remoteuser/RemoteuserPluginConfig.java

+/**
+ * Copyright (c) 2012, Dominik Ruf
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ *    this list of conditions and the following disclaimer in the documentation
+ *    and/or other materials provided with the distribution.
+ * 3. Neither the name of SCM-Manager; nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * https://bitbucket.org/domruf/scm-auth-remoteuser-plugin
+ *
+ */
+
+package sonia.scm.auth.remoteuser;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlRootElement;
+
+@XmlRootElement(name = "config")
+@XmlAccessorType(XmlAccessType.FIELD)
+public class RemoteuserPluginConfig {
+
+    @XmlElement(name = "variable-name")
+    private String variableName = "X_REMOTE_USER";
+
+    public String getVariableName() {
+        return variableName;
+    }
+
+    public void setVariableName(String variableName) {
+        this.variableName = variableName;
+    }
+}

src/main/java/sonia/scm/auth/remoteuser/RemoteuserPluginConfigResource.java

+/**
+ * Copyright (c) 2012, Dominik Ruf
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ *    this list of conditions and the following disclaimer in the documentation
+ *    and/or other materials provided with the distribution.
+ * 3. Neither the name of SCM-Manager; nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * https://bitbucket.org/domruf/scm-auth-remoteuser-plugin
+ *
+ */
+
+package sonia.scm.auth.remoteuser;
+
+import com.google.inject.Inject;
+import com.google.inject.Singleton;
+
+//~--- JDK imports ------------------------------------------------------------
+
+import javax.ws.rs.Consumes;
+import javax.ws.rs.GET;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+import javax.ws.rs.core.UriInfo;
+import java.io.IOException;
+
+@Singleton
+@Path("config/auth/remoteuser")
+public class RemoteuserPluginConfigResource {
+
+    private RemoteuserAuthenticationHandler authenticationHandler;
+
+    @Inject
+    public RemoteuserPluginConfigResource(
+            RemoteuserAuthenticationHandler authenticationHandler) {
+        this.authenticationHandler = authenticationHandler;
+    }
+
+    @GET
+    @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
+    public RemoteuserPluginConfig getConfig() {
+        return authenticationHandler.getConfig();
+    }
+
+    @POST
+    @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
+    public Response setConfig(@Context UriInfo uriInfo,
+            RemoteuserPluginConfig config) throws IOException {
+        authenticationHandler.storeConfig(config);
+        return Response.created(uriInfo.getRequestUri()).build();
+    }
+}

src/main/java/sonia/scm/auth/remoteuser/RemoteuserServletModule.java

+/**
+ * Copyright (c) 2012, Dominik Ruf
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ *    this list of conditions and the following disclaimer in the documentation
+ *    and/or other materials provided with the distribution.
+ * 3. Neither the name of SCM-Manager; nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * https://bitbucket.org/domruf/scm-auth-remoteuser-plugin
+ *
+ */
+
+package sonia.scm.auth.remoteuser;
+
+import com.google.inject.servlet.ServletModule;
+import sonia.scm.plugin.ext.Extension;
+
+@Extension
+public class RemoteuserServletModule extends ServletModule {
+
+    @Override
+    protected void configureServlets() {
+        filter("/*").through(RemoteuserAuthenticationFilter.class);
+    }
+}

src/main/resources/META-INF/scm/plugin.xml

+<?xml version="1.0" encoding="UTF-8"?>
+<plugin>
+    <information>
+        <groupId>${project.groupId}</groupId>
+        <artifactId>${project.artifactId}</artifactId>
+        <version>${project.version}</version>
+        <name>${project.name}</name>
+        <description>${project.description}</description>
+        <author>Dominik Ruf</author>
+        <url>${project.url}</url>
+        <category>Authentication</category>
+    </information>
+    <packages>
+        <package>sonia.scm.auth.remoteuser</package>
+    </packages>
+    <resources>
+        <script>/sonia/scm/auth/remoteuser/sonia.remoteuser-auth.js</script>
+    </resources>
+</plugin>

src/main/resources/sonia/scm/auth/remoteuser/sonia.remoteuser-auth.js

+/* *
+ * Copyright (c) 2012, Dominik Ruf
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ *    this list of conditions and the following disclaimer in the documentation
+ *    and/or other materials provided with the distribution.
+ * 3. Neither the name of SCM-Manager; nor the names of its
+ *    contributors may be used to endorse or promote products derived from this
+ *    software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * https://bitbucket.org/domruf/scm-auth-remoteuser-plugin
+ *
+ */
+
+registerGeneralConfigPanel({
+    xtype : 'configForm',
+    title : 'REMOTE_USER Authentication',
+    items : [{
+        xtype : 'textfield',
+        fieldLabel : 'REMOTE_USER Variable Name',
+        name : 'variable-name',
+        helpText: 'Help for this field.',
+        allowBlank : false
+    }],
+
+    onSubmit : function(values) {
+        this.el.mask('Submit ...');
+        Ext.Ajax.request({
+            url : restUrl + 'config/auth/remoteuser.json',
+            method : 'POST',
+            jsonData : values,
+            scope : this,
+            disableCaching : true,
+            success : function(response) {
+                this.el.unmask();
+            },
+            failure : function() {
+                this.el.unmask();
+            }
+        });
+    },
+    onLoad : function(el) {
+        var tid = setTimeout(function() {
+            el.mask('Loading ...');
+        }, 100);
+        Ext.Ajax.request({
+            url : restUrl + 'config/auth/remoteuser.json',
+            method : 'GET',
+            scope : this,
+            disableCaching : true,
+            success : function(response) {
+                var obj = Ext.decode(response.responseText);
+                this.load(obj);
+                clearTimeout(tid);
+                el.unmask();
+            },
+            failure : function() {
+                el.unmask();
+                clearTimeout(tid);
+                alert('failure');
+            }
+        });
+    }
+});