1 package org.apache.archiva.webdav;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22 import org.apache.archiva.redback.authentication.AuthenticationException;
23 import org.apache.archiva.redback.keys.KeyManager;
24 import org.apache.archiva.redback.policy.AccountLockedException;
25 import org.apache.archiva.redback.policy.UserSecurityPolicy;
26 import org.apache.archiva.redback.users.UserManager;
27 import org.apache.archiva.redback.authentication.AuthenticationDataSource;
28 import org.apache.archiva.redback.authentication.AuthenticationResult;
29 import org.apache.archiva.redback.authorization.AuthorizationException;
30 import org.apache.archiva.redback.authorization.AuthorizationResult;
31 import org.apache.archiva.redback.keys.memory.MemoryKeyManager;
32 import org.apache.archiva.redback.policy.DefaultUserSecurityPolicy;
33 import org.apache.archiva.redback.system.DefaultSecuritySession;
34 import org.apache.archiva.redback.system.DefaultSecuritySystem;
35 import org.apache.archiva.redback.system.SecuritySession;
36 import org.apache.archiva.redback.system.SecuritySystem;
37 import org.apache.archiva.redback.users.UserNotFoundException;
38 import org.apache.archiva.redback.users.memory.MemoryUserManager;
39 import org.springframework.stereotype.Service;
40
41
42
43
44
45
46
47 @Service("securitySystem#bypass")
48 public class BypassSecuritySystem
49 extends DefaultSecuritySystem
50 implements SecuritySystem
51 {
52 private KeyManager bypassKeyManager;
53 private UserSecurityPolicy bypassPolicy;
54 private UserManager bypassUserManager;
55
56 public BypassSecuritySystem()
57 {
58 bypassKeyManager = new MemoryKeyManager();
59 bypassPolicy = new DefaultUserSecurityPolicy();
60 bypassUserManager = new MemoryUserManager();
61 }
62
63 @Override
64 public SecuritySession authenticate( AuthenticationDataSource source )
65 throws AuthenticationException, UserNotFoundException, AccountLockedException
66 {
67 AuthenticationResult result = new AuthenticationResult( true, source.getUsername(), null );
68 return new DefaultSecuritySession( result );
69 }
70
71 @Override
72 public AuthorizationResult authorize( SecuritySession session, String permission )
73 throws AuthorizationException
74 {
75 return new AuthorizationResult( true, session.getUser(), null );
76 }
77
78 @Override
79 public AuthorizationResult authorize( SecuritySession session, String permission, String resource )
80 throws AuthorizationException
81 {
82 return new AuthorizationResult( true, session.getUser(), null );
83 }
84
85
86
87 @Override
88 public String getAuthenticatorId()
89 {
90 return "bypass-authenticator";
91 }
92
93 @Override
94 public String getAuthorizerId()
95 {
96 return "bypass-authorizer";
97 }
98
99 @Override
100 public KeyManager getKeyManager()
101 {
102 return bypassKeyManager;
103 }
104
105 @Override
106 public UserSecurityPolicy getPolicy()
107 {
108 return bypassPolicy;
109 }
110
111 @Override
112 public String getUserManagementId()
113 {
114 return "bypass-managementid";
115 }
116
117 @Override
118 public UserManager getUserManager()
119 {
120 return bypassUserManager;
121 }
122
123 @Override
124 public boolean isAuthenticated( AuthenticationDataSource source )
125 throws AuthenticationException, UserNotFoundException, AccountLockedException
126 {
127
128 return true;
129 }
130
131 @Override
132 public boolean isAuthorized( SecuritySession session, String permission )
133 throws AuthorizationException
134 {
135
136 return true;
137 }
138
139 @Override
140 public boolean isAuthorized( SecuritySession session, String permission, String resource )
141 throws AuthorizationException
142 {
143
144 return true;
145 }
146
147 @Override
148 public boolean userManagerReadOnly()
149 {
150 return true;
151 }
152 }