in redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/AuthenticationInterceptor.java [81:183]
public void filter( ContainerRequestContext containerRequestContext )
{
// Message message = JAXRSUtils.getCurrentMessage();
RedbackAuthorization redbackAuthorization = getRedbackAuthorization( resourceInfo );
if ( redbackAuthorization == null )
{
log.warn( "http path {} doesn't contain any informations regarding permissions ",
containerRequestContext.getUriInfo().getRequestUri());
// here we failed to authenticate so 403 as there is no detail on karma for this
// it must be marked as it's exposed
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );
return;
}
HttpServletRequest request = getHttpServletRequest( );
HttpServletResponse response = getHttpServletResponse( );
if ( redbackAuthorization.noRestriction() )
{
// maybe session exists so put it in threadLocal
// some services need the current user if logged
SecuritySession securitySession = httpAuthenticator.getSecuritySession( request.getSession( true ) );
if ( securitySession != null )
{
RedbackRequestInformation redbackRequestInformation =
new RedbackRequestInformation( securitySession.getUser(), request.getRemoteAddr() );
RedbackAuthenticationThreadLocal.set( redbackRequestInformation );
}
else
{
// maybe there is some authz in the request so try it but not fail so catch Exception !
try
{
AuthenticationResult authenticationResult =
httpAuthenticator.getAuthenticationResult( request, response );
if ( ( authenticationResult == null ) || ( !authenticationResult.isAuthenticated() ) )
{
return;
}
User user = authenticationResult.getUser() == null ? userManager.findUser(
authenticationResult.getPrincipal() ) : authenticationResult.getUser();
RedbackRequestInformation redbackRequestInformation =
new RedbackRequestInformation( user, request.getRemoteAddr() );
RedbackAuthenticationThreadLocal.set( redbackRequestInformation );
// message.put( AuthenticationResult.class, authenticationResult );
containerRequestContext.setProperty( AUTHENTICATION_RESULT, authenticationResult );
}
catch ( Exception e )
{
// ignore here
}
}
return;
}
try
{
AuthenticationResult authenticationResult = httpAuthenticator.getAuthenticationResult( request, response );
if ( ( authenticationResult == null ) || ( !authenticationResult.isAuthenticated() ) )
{
throw new HttpAuthenticationException( "You are not authenticated." );
}
User user = authenticationResult.getUser() == null
? userManager.findUser( authenticationResult.getPrincipal() )
: authenticationResult.getUser();
RedbackRequestInformation redbackRequestInformation =
new RedbackRequestInformation( user, request.getRemoteAddr() );
RedbackAuthenticationThreadLocal.set( redbackRequestInformation );
// message.put( AuthenticationResult.class, authenticationResult );
return;
}
catch ( UserNotFoundException e )
{
log.debug( "UserNotFoundException for path {}", containerRequestContext.getUriInfo().getRequestUri() );
}
catch ( AccountLockedException e )
{
log.debug( "account locked for path {}", containerRequestContext.getUriInfo().getRequestUri() );
}
catch ( MustChangePasswordException e )
{
log.debug( "must change password for path {}", containerRequestContext.getUriInfo().getRequestUri() );
}
catch ( AuthenticationException e )
{
log.debug( "failed to authenticate for path {}", containerRequestContext.getUriInfo().getRequestUri() );
}
catch ( UserManagerException e )
{
log.debug( "UserManagerException: {} for path", e.getMessage(), containerRequestContext.getUriInfo().getRequestUri() );
}
containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );
}