import com.bradmcevoy.http.Resource;
import com.bradmcevoy.http.ResourceFactory;
import com.bradmcevoy.http.SecurityManager;
+import com.bradmcevoy.http.Request.Method;
import com.ettrema.http.fs.LockManager;
url = stripContext(url);
if(url==null||url.trim().equals("")||url.equals("/")){
url="/";
- return new GssRootFolderResource(host, this, null);
+ return new GssRootFolderResource(host, this, null,"/");
}
- /*log.info("URL:"+url);
+ /*//log.info("URL:"+url);
if(url.equals("/OthersShared")||url.equals("/OthersShared/")){
- log.info("[returning others]");
+ //log.info("[returning others]");
return new GssOthersResource(host, this);
}
if(url.startsWith("/OthersShared")){
}*/
try {
-
- Object r = getResourceGss(url);
- if(r==null)
+ UserDTO user =null;
+ if(HttpManager.request().getAuthorization()!=null && HttpManager.request().getAuthorization().getTag()==null){
+ String username = HttpManager.request().getAuthorization().getUser();
+ //log.info("username is:"+username);
+ if(username !=null)
+ user = getService().getUserByUserName(username);
+ }
+ else if(HttpManager.request().getAuthorization()!=null&&HttpManager.request().getAuthorization().getTag()!=null){
+ //log.info(HttpManager.request().getAuthorization().getUser());
+ user =(UserDTO) HttpManager.request().getAuthorization().getTag();//getService().getUserByUserName("past@ebs.gr");
+ }
+
+ if(user==null){
+ //if(HttpManager.request().getMethod().equals(Method.PROPFIND)){
+ ////log.info("[PROP FIND RETURNING ROOT FOR:]"+url);
+ return new GssRootFolderResource(host, this, null,url);
+ //}
+ ////log.info("[RETURNING NULL FOR:]"+url+" "+HttpManager.request().getMethod());
+ //return null;
+ }
+
+ Object r = getResourceGss(url,user);
+ if(r==null){
+
return null;
+ }
if(r instanceof FolderDTO)
- return new GssFolderResource(host, this,r );
+ return new GssFolderResource(host, this,r ,user);
else
- return new GssFileResource(host, this,r);
+ return new GssFileResource(host, this,r,user);
} catch (RpcException e) {
e.printStackTrace();
}
public Long maxAgeSeconds(GssResource resource) {
return maxAgeSeconds;
}
- protected Object getResourceGss(String path) throws RpcException{
- UserDTO user = null;
- String username = HttpManager.request().getHeaders().get("authorization");
+ protected Object getResourceGss(String path, UserDTO user) throws RpcException{
+ //log.info(path+" <--> "+HttpManager.request().getAuthorization() + HttpManager.request().getHeaders());
+ if(user ==null){
+ if(HttpManager.request().getAuthorization()!=null && HttpManager.request().getAuthorization().getTag()==null){
+ String username = HttpManager.request().getAuthorization().getUser();
+ //log.info("username is:"+username);
+ if(username !=null)
+ user = getService().getUserByUserName(username);
+ }
+ else if(HttpManager.request().getAuthorization()!=null&&HttpManager.request().getAuthorization().getTag()!=null){
+ //log.info(HttpManager.request().getAuthorization().getUser());
+ user =(UserDTO) HttpManager.request().getAuthorization().getTag();//getService().getUserByUserName("past@ebs.gr");
+ }
+ }
+
+ if(user==null){
+ //log.info("---------------->"+path);
+ return null;
+ }
+
+ //UserDTO user =getService().getUserByUserName("past@ebs.gr");
+ /*String username = HttpManager.request().getHeaders().get("authorization");
if(username!=null){
e.printStackTrace();
return null;
}
- }
+ }*/
boolean exists = true;
Object resource = null;
FileHeaderDTO file = null;
import gr.ebs.gss.server.ejb.ExternalAPI;
import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Iterator;
import java.util.List;
import javax.naming.Context;
import com.bradmcevoy.http.Auth;
import com.bradmcevoy.http.AuthenticationHandler;
import com.bradmcevoy.http.AuthenticationService;
-import com.bradmcevoy.http.HttpManager;
import com.bradmcevoy.http.Request;
import com.bradmcevoy.http.Resource;
-import com.bradmcevoy.http.AuthenticationService.AuthStatus;
+import com.bradmcevoy.http.http11.auth.BasicAuthHandler;
+import com.bradmcevoy.http.http11.auth.DigestAuthenticationHandler;
/**
*
*/
public class GssAuthenticationService extends com.bradmcevoy.http.AuthenticationService{
- private static final Logger log = LoggerFactory.getLogger( GssAuthenticationService.class );
-
- public GssAuthenticationService( ) {
- super(new ArrayList<AuthenticationHandler>());
+ private static final Logger log = LoggerFactory.getLogger( AuthenticationService.class );
+ private List<AuthenticationHandler> authenticationHandlers;
+ private List<AuthenticationHandler> extraHandlers;
+ private List<AuthenticationHandler> allHandlers;
+ private boolean disableBasic;
+ private boolean disableDigest;
+
+ /**
+ * Creates a AuthenticationService using the given handlers. Use this if
+ * you don't want the default of a BasicAuthHandler and a DigestAuthenticationHandler
+ *
+ * @param authenticationHandlers
+ */
+ public GssAuthenticationService( List<AuthenticationHandler> authenticationHandlers ) {
+ this.authenticationHandlers = authenticationHandlers;
+ setAllHandlers();
}
-
+
+
+ /**
+ * Creates with Basic and Digest handlers
+ *
+ */
+ public GssAuthenticationService() {
+ AuthenticationHandler digest = new com.bradmcevoy.http.http11.auth.DigestAuthenticationHandler();
+ AuthenticationHandler basic = new BasicAuthHandler();
+ authenticationHandlers = new ArrayList<AuthenticationHandler>();
+ authenticationHandlers.add( basic );
+ authenticationHandlers.add( digest );
+ setAllHandlers();
+ }
+
+ public void setDisableBasic( boolean b ) {
+ if( b ) {
+ Iterator<AuthenticationHandler> it = this.authenticationHandlers.iterator();
+ while( it.hasNext() ) {
+ AuthenticationHandler hnd = it.next();
+ if( hnd instanceof BasicAuthHandler ) {
+ it.remove();
+ }
+ }
+ }
+ disableBasic = b;
+ setAllHandlers();
+ }
+
+ public boolean isDisableBasic() {
+ return disableBasic;
+ }
+
+ public void setDisableDigest( boolean b ) {
+ if( b ) {
+ Iterator<AuthenticationHandler> it = this.authenticationHandlers.iterator();
+ while( it.hasNext() ) {
+ AuthenticationHandler hnd = it.next();
+ if( hnd instanceof DigestAuthenticationHandler ) {
+ it.remove();
+ }
+ }
+ }
+ disableDigest = b;
+ setAllHandlers();
+ }
+
+ public boolean isDisableDigest() {
+ return disableDigest;
+ }
+
+
+ /**
+ * Generates a list of http authentication challenges, one for each
+ * supported authentication method, to be sent to the client.
+ *
+ * @param resource - the resoruce being requested
+ * @param request - the current request
+ * @return - a list of http challenges
+ */
+ public List<String> getChallenges( Resource resource, Request request ) {
+ List<String> challenges = new ArrayList<String>();
+ for( AuthenticationHandler h : allHandlers ) {
+ if( h.isCompatible( resource ) ) {
+ log.debug( "challenge for auth: " + h.getClass() );
+ String ch = h.getChallenge( resource, request );
+ challenges.add( ch );
+ } else {
+ log.debug( "not challenging for auth: " + h.getClass() + " for resource type: " + resource.getClass() );
+ }
+ }
+ return challenges;
+ }
+
+ public List<AuthenticationHandler> getAuthenticationHandlers() {
+ return allHandlers;
+ }
+
+ public List<AuthenticationHandler> getExtraHandlers() {
+ return extraHandlers;
+ }
+
+ public void setExtraHandlers( List<AuthenticationHandler> extraHandlers ) {
+ this.extraHandlers = extraHandlers;
+ setAllHandlers();
+ }
+
+ /**
+ * Merge standard and extra handlers into single list
+ */
+ private void setAllHandlers() {
+ List<AuthenticationHandler> handlers = new ArrayList<AuthenticationHandler>();
+ if( authenticationHandlers != null ) {
+ handlers.addAll( authenticationHandlers );
+ }
+ if( extraHandlers != null ) {
+ handlers.addAll( extraHandlers );
+ }
+ this.allHandlers = Collections.unmodifiableList( handlers );
+ }
+
+
public AuthStatus authenticate( Resource resource, Request request ) {
+ log.trace( "authenticate" );
Auth auth = request.getAuthorization();
boolean preAuthenticated = ( auth != null && auth.getTag() != null );
if( preAuthenticated ) {
+ log.trace( "request is pre-authenticated" );
return new AuthStatus( auth, false );
}
- String username = request.getHeaders().get("authorization");
- if(username!=null){
- username=GSSResourceFactory.getUsernameFromAuthHeader(username);
- try {
- Object user = getService().getUserByUserName(username);
- if( auth == null ) { // some authentication handlers do not require an Auth object
- auth = new Auth( Auth.Scheme.FORM, username ,null);
- request.setAuthorization( auth );
+ for( AuthenticationHandler h : getAuthenticationHandlers() ) {
+ if( h.supports( resource, request ) ) {
+ Object loginToken = h.authenticate( resource, request );
+ if( loginToken == null ) {
+ log.warn( "authentication failed by AuthenticationHandler:" + h.getClass() );
+ return new AuthStatus( auth, true );
+ } else {
+ if( log.isTraceEnabled() ) {
+ log.trace( "authentication passed by: " + h.getClass() );
+ }
+ if( auth == null ) { // some authentication handlers do not require an Auth object
+ auth = new Auth( Auth.Scheme.FORM, null, loginToken );
+ request.setAuthorization( auth );
+ }
+ auth.setTag( loginToken );
}
- auth.setTag( user );
-
- return new AuthStatus( auth, false );
- } catch (RpcException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- return null;
- }
- }
-
+ return new AuthStatus( auth, false );
+ }
+ }
return null;
}
* @param factory
* @param resource
*/
- public GssFileResource(String host, GSSResourceFactory factory, Object resource) {
+ public GssFileResource(String host, GSSResourceFactory factory, Object resource, UserDTO currentUser) {
super(host, factory, resource);
this.file = (FileHeaderDTO)resource;
+ this.currentUser=currentUser;
}
@Override
* @param factory
* @param resource
*/
- public GssFolderResource(String host, GSSResourceFactory factory, Object resource) {
+ public GssFolderResource(String host, GSSResourceFactory factory, Object resource, UserDTO currentUser) {
super(host, factory, resource);
folder=(FolderDTO) resource;
+ this.currentUser=currentUser;
}
@Override
public String checkRedirect(Request request) {
}
@Override
public CollectionResource createCollection(final String name) throws NotAuthorizedException, ConflictException, BadRequestException {
+ ////log.info("CALLING CREATECOLLECTION:"+name);
try {
final FolderDTO folderParent = folder;
FolderDTO created = new TransactionHelper<FolderDTO>().tryExecute(new Callable<FolderDTO>() {
return f;
}
});
- return new GssFolderResource(host, factory, created);
+ return new GssFolderResource(host, factory, created, getCurrentUser());
} catch (DuplicateNameException e) {
e.printStackTrace();
// XXX If the existing name is a folder we should be returning
public Resource child(String name) {
for(FolderDTO f : folder.getSubfolders())
if(f.getName().equals(name))
- return new GssFolderResource(host, factory, f);
+ return new GssFolderResource(host, factory, f, getCurrentUser());
try {
for(FileHeaderDTO f : factory.getService().getFiles(folder.getOwner().getId(), folder.getId(), true))
if(f.getName().equals(name))
- return new GssFileResource(host, factory, f);
+ return new GssFileResource(host, factory, f,getCurrentUser());
} catch (ObjectNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
// TODO Auto-generated catch block
e.printStackTrace();
}
-
+ ////log.info("CALLING CHILD return null");
return null;
}
@Override
List<GssResource> result = new ArrayList<GssResource>();
for(FolderDTO f : folder.getSubfolders())
if(!f.isDeleted())
- result.add(new GssFolderResource(host, factory, f));
+ result.add(new GssFolderResource(host, factory, f, getCurrentUser()));
try {
for(FileHeaderDTO f : factory.getService().getFiles(getCurrentUser().getId(), folder.getId(), true))
- result.add(new GssFileResource(host, factory, f));
+ result.add(new GssFileResource(host, factory, f,getCurrentUser()));
} catch (ObjectNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
if(!pathFolder.endsWith("/"))
pathFolder=pathFolder+"/";
String fname = pathFolder+name;
- log.info("fname:"+fname+" "+URLDecoder.decode(fname));
+ ////log.info("fname:"+fname+" "+URLDecoder.decode(fname));
Object ff2;
try{
ff2 = factory.getService().getResourceAtPath(folder.getOwner().getId(), URLDecoder.decode(fname), true);
return factory.getService().createFile(getCurrentUser().getId(), folder.getId(), name, contentType, uf.length(), uf.getAbsolutePath());
}
});
- return new GssFileResource(host, factory, kmfileDTO);
+ return new GssFileResource(host, factory, kmfileDTO,getCurrentUser());
} catch (ObjectNotFoundException e) {
+ e.printStackTrace();
throw new BadRequestException(this);
} catch (InsufficientPermissionsException e) {
+ e.printStackTrace();
throw new NotAuthorizedException(this);
}
catch (DuplicateNameException e) {
throw new ConflictException(this);
}
catch(QuotaExceededException e){
+ e.printStackTrace();
throw new ConflictException(this);
}
catch(Exception e){
+ e.printStackTrace();
throw new RuntimeException("System Error");
}
}
// TODO Auto-generated catch block
e.printStackTrace();
}
- log.info("CREATE AND LOCK:"+kmfileDTO.getId());
+ ////log.info("CREATE AND LOCK:"+kmfileDTO.getId());
//File dest = new File( this.getFile(), name );
//createEmptyFile( );
- GssFileResource newRes = new GssFileResource( host, factory, kmfileDTO );
+ GssFileResource newRes = new GssFileResource( host, factory, kmfileDTO ,getCurrentUser());
LockResult res = newRes.lock( timeout, lockInfo );
return res.getLockToken();
*/
package gr.ebs.gss.server.webdav.milton;
-import java.util.ArrayList;
import java.util.Arrays;
import javax.servlet.ServletConfig;
import com.bradmcevoy.http.CompressingResponseHandler;
import com.bradmcevoy.http.MiltonServlet;
import com.bradmcevoy.http.ServletHttpManager;
+import com.bradmcevoy.http.http11.auth.PreAuthenticationFilter;
+import com.bradmcevoy.http.http11.auth.SimpleMemoryNonceProvider;
import com.bradmcevoy.http.webdav.DefaultWebDavResponseHandler;
import com.ettrema.console.ConsoleResourceFactory;
try {
this.config = config;
GssLockManager lockManager = new GssLockManager();
+ SimpleMemoryNonceProvider nonce = new SimpleMemoryNonceProvider( 60*60*24 );
GssSecurityManager securityManager = new GssSecurityManager("Pithos WebDAV");
- AuthenticationService authService = new GssAuthenticationService();
+ AuthenticationService authService = new AuthenticationService(nonce);
authService.setDisableBasic(true);
authService.setDisableDigest(false);
DefaultWebDavResponseHandler responseHandler = new DefaultWebDavResponseHandler(authService);
resourceFactory.setLockManager(lockManager);
resourceFactory.setMaxAgeSeconds(3600l);
resourceFactory.setContextPath("webdav");
-
+ PreAuthenticationFilter filter = new PreAuthenticationFilter(compressHandler, securityManager,nonce);
ConsoleResourceFactory consoleResourceFactory = new ConsoleResourceFactory(resourceFactory, "/console", "/webdav", Arrays.asList(new com.ettrema.console.LsFactory(),
new com.ettrema.console.CdFactory(),
new com.ettrema.console.RmFactory(),
new com.ettrema.console.CpFactory(),
new com.ettrema.console.MkFactory(),
new com.ettrema.console.MkdirFactory()), "webdav");
+
httpManager = new ServletHttpManager(consoleResourceFactory,compressHandler,authService);
+ /*if(httpManager.getFilters()==null)
+ httpManager.setFilters(new ArrayList<Filter>());
+ httpManager.getFilters().add(filter);*/
+ //List<AuthenticationHandler> list = new ArrayList();
+ //list.add(new DigestAuthenticationHandler(authService));
+ // httpManager.addFilter(0, filter);
+
}catch( Throwable ex ) {
log.error( "Exception starting milton servlet", ex );
throw new RuntimeException( ex );
--- /dev/null
+/*
+ * Copyright 2011 Electronic Business Systems Ltd.
+ *
+ * This file is part of GSS.
+ *
+ * GSS is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GSS is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GSS. If not, see <http://www.gnu.org/licenses/>.
+ */
+package gr.ebs.gss.server.webdav.milton;
+
+import gr.ebs.gss.client.rest.resource.OthersResource;
+import gr.ebs.gss.server.domain.dto.UserDTO;
+
+import java.io.IOException;
+import java.io.OutputStream;
+import java.util.Date;
+import java.util.List;
+import java.util.Map;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.bradmcevoy.http.Auth;
+import com.bradmcevoy.http.CollectionResource;
+import com.bradmcevoy.http.DigestResource;
+import com.bradmcevoy.http.GetableResource;
+import com.bradmcevoy.http.PropFindableResource;
+import com.bradmcevoy.http.Range;
+import com.bradmcevoy.http.Request;
+import com.bradmcevoy.http.Resource;
+import com.bradmcevoy.http.Request.Method;
+import com.bradmcevoy.http.exceptions.BadRequestException;
+import com.bradmcevoy.http.exceptions.NotAuthorizedException;
+import com.bradmcevoy.http.http11.auth.DigestResponse;
+
+
+/**
+ * @author kman
+ *
+ */
+public class GssOtherUserResource implements PropFindableResource, GetableResource, DigestResource, CollectionResource{
+ private static final Logger log = LoggerFactory.getLogger(GssOthersResource.class);
+ String host;
+ GSSResourceFactory factory;
+ UserDTO currentUser;
+ UserDTO resource;
+ /**
+ *
+ */
+ public GssOtherUserResource(String host, GSSResourceFactory factory, UserDTO resource) {
+ this.host=host;
+ this.factory=factory;
+ this.resource=resource;
+
+ }
+
+ @Override
+ public Date getCreateDate() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+
+ @Override
+ public String checkRedirect(Request arg0) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Date getModifiedDate() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getName() {
+ return resource.getName();
+ }
+
+ @Override
+ public String getUniqueId() {
+ return "user:"+resource.getId();
+ }
+
+ @Override
+ public Long getContentLength() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getContentType(String arg0) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Long getMaxAgeSeconds(Auth arg0) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public void sendContent(OutputStream arg0, Range arg1, Map<String, String> arg2, String arg3) throws IOException, NotAuthorizedException, BadRequestException {
+ // TODO Auto-generated method stub
+
+ }
+ @Override
+ public Object authenticate(String user, String password) {
+ return factory.getSecurityManager().authenticate(user, password);
+ }
+ @Override
+ public Object authenticate( DigestResponse digestRequest ) {
+ return (UserDTO) factory.getSecurityManager().authenticate(digestRequest);
+
+
+ }
+
+ @Override
+ public boolean authorise(Request request, Method method, Auth auth) {
+ return factory.getSecurityManager().authorise(request, method, auth, this);
+ }
+ @Override
+ public String getRealm() {
+ return factory.getRealm(this.host);
+ }
+
+ @Override
+ public boolean isDigestAllowed() {
+ // TODO Auto-generated method stub
+ return true;
+ }
+
+ @Override
+ public Resource child(String arg0) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public List<? extends Resource> getChildren() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+}
--- /dev/null
+/*
+ * Copyright 2011 Electronic Business Systems Ltd.
+ *
+ * This file is part of GSS.
+ *
+ * GSS is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GSS is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GSS. If not, see <http://www.gnu.org/licenses/>.
+ */
+package gr.ebs.gss.server.webdav.milton;
+
+import gr.ebs.gss.client.exceptions.ObjectNotFoundException;
+import gr.ebs.gss.client.exceptions.RpcException;
+import gr.ebs.gss.client.rest.resource.OtherUserResource;
+import gr.ebs.gss.client.rest.resource.OthersResource;
+import gr.ebs.gss.server.domain.dto.UserDTO;
+
+import java.io.IOException;
+import java.io.OutputStream;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.List;
+import java.util.Map;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.bradmcevoy.http.Auth;
+import com.bradmcevoy.http.CollectionResource;
+import com.bradmcevoy.http.DigestResource;
+import com.bradmcevoy.http.GetableResource;
+import com.bradmcevoy.http.HttpManager;
+import com.bradmcevoy.http.LockingCollectionResource;
+import com.bradmcevoy.http.PropFindableResource;
+import com.bradmcevoy.http.Range;
+import com.bradmcevoy.http.Request;
+import com.bradmcevoy.http.Resource;
+import com.bradmcevoy.http.Request.Method;
+import com.bradmcevoy.http.exceptions.BadRequestException;
+import com.bradmcevoy.http.exceptions.NotAuthorizedException;
+import com.bradmcevoy.http.http11.auth.DigestResponse;
+
+
+/**
+ * @author kman
+ *
+ */
+public class GssOthersResource implements PropFindableResource, GetableResource, DigestResource, CollectionResource{
+ private static final Logger log = LoggerFactory.getLogger(GssOthersResource.class);
+ String host;
+ GSSResourceFactory factory;
+ UserDTO currentUser;
+
+ /**
+ *
+ */
+ public GssOthersResource(String host, GSSResourceFactory factory) {
+ this.host=host;
+ this.factory=factory;
+
+
+ }
+
+ @Override
+ public Date getCreateDate() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+
+ @Override
+ public String checkRedirect(Request arg0) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Date getModifiedDate() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getName() {
+ return "OthersShared";
+ }
+
+ @Override
+ public String getUniqueId() {
+ return "OthersShared";
+ }
+
+ @Override
+ public Long getContentLength() {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public String getContentType(String arg0) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Long getMaxAgeSeconds(Auth arg0) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public void sendContent(OutputStream arg0, Range arg1, Map<String, String> arg2, String arg3) throws IOException, NotAuthorizedException, BadRequestException {
+ // TODO Auto-generated method stub
+
+ }
+ @Override
+ public Object authenticate(String user, String password) {
+ return factory.getSecurityManager().authenticate(user, password);
+ }
+ @Override
+ public Object authenticate( DigestResponse digestRequest ) {
+ return factory.getSecurityManager().authenticate(digestRequest);
+
+
+ }
+
+ @Override
+ public boolean authorise(Request request, Method method, Auth auth) {
+ return factory.getSecurityManager().authorise(request, method, auth, this);
+ }
+ @Override
+ public String getRealm() {
+ return factory.getRealm(this.host);
+ }
+
+ @Override
+ public boolean isDigestAllowed() {
+ // TODO Auto-generated method stub
+ return true;
+ }
+
+ @Override
+ public Resource child(String arg0) {
+ for(Resource r : getChildren()){
+ if(r.getName().equals(arg0))
+ return r;
+ }
+ return null;
+ }
+
+ @Override
+ public List<? extends Resource> getChildren() {
+ List<GssOtherUserResource> result = new ArrayList<GssOtherUserResource>();
+ List<UserDTO> users;
+ try {
+ users = factory.getService().getUsersSharingFoldersForUser(getCurrentUser().getId());
+ log.info("USERS:"+users);
+ for(UserDTO u : users){
+ result.add(new GssOtherUserResource(host, factory, u));
+ }
+ } catch (ObjectNotFoundException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ } catch (RpcException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+
+
+ return result;
+ }
+
+ /**
+ * Retrieve the currentUser.
+ *
+ * @return the currentUser
+ */
+ public UserDTO getCurrentUser() {
+ if(currentUser!=null)
+ return currentUser;
+ String username = HttpManager.request().getHeaders().get("authorization");
+ if(username!=null){
+ username=GSSResourceFactory.getUsernameFromAuthHeader(username);
+ try {
+ currentUser = factory.getService().getUserByUserName(username);
+ } catch (RpcException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ return null;
+ }
+ }
+ return currentUser;
+ }
+
+}
--- /dev/null
+/*
+ * Copyright 2011 Electronic Business Systems Ltd.
+ *
+ * This file is part of GSS.
+ *
+ * GSS is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GSS is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GSS. If not, see <http://www.gnu.org/licenses/>.
+ */
+package gr.ebs.gss.server.webdav.milton;
+
+
+/**
+ * @author kman
+ *
+ */
+public class GssPathResource {
+
+}
public UserDTO getCurrentUser() {
if(currentUser!=null)
return currentUser;
- String username = HttpManager.request().getHeaders().get("authorization");
- if(username!=null){
- username=GSSResourceFactory.getUsernameFromAuthHeader(username);
- try {
- currentUser = factory.getService().getUserByUserName(username);
- } catch (RpcException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- return null;
- }
- }
- return currentUser;
+ if(HttpManager.request().getAuthorization()!=null && HttpManager.request().getAuthorization().getTag()==null){
+ String username = HttpManager.request().getAuthorization().getUser();
+ //log.info("username is:"+username);
+ if(username !=null)
+ try {
+ currentUser = factory.getService().getUserByUserName(username);
+ } catch (RpcException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+ else if(HttpManager.request().getAuthorization()!=null&&HttpManager.request().getAuthorization().getTag()!=null){
+ //log.info(HttpManager.request().getAuthorization().getUser());
+ currentUser =(UserDTO) HttpManager.request().getAuthorization().getTag();//getService().getUserByUserName("past@ebs.gr");
+ }
+ return currentUser;
}
import java.util.ArrayList;
import java.util.List;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
import com.bradmcevoy.http.Auth;
import com.bradmcevoy.http.Request;
import com.bradmcevoy.http.Resource;
*
*/
public class GssRootFolderResource extends GssFolderResource{
-
+ private static final Logger log = LoggerFactory.getLogger(GssFolderResource.class);
+ String path;
/**
* @param host
* @param factory
* @param resource
*/
- public GssRootFolderResource(String host, GSSResourceFactory factory, Object resource) {
- super(host, factory, resource);
-
+ public GssRootFolderResource(String host, GSSResourceFactory factory, Object resource,String path) {
+ super(host, factory, resource,null);
+ this.path=path;
+ try {
+ this.folder = (FolderDTO) factory.getResourceGss(path,getCurrentUser());
+ //log.info("ROOT FOLDER:"+folder);
+ } catch (RpcException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
}
@Override
boolean result = factory.getSecurityManager().authorise(request, method, auth, this);
if(result){
UserDTO user = getCurrentUser();
- try {
- this.resource = factory.getResourceGss("/");//getService().getFolder(user.getId(), folder.getId());
- } catch (RpcException e) {
- return false;
- }
+ if(user==null)
+ //log.info("AUTH USER NULL");
+ if(this.folder==null){
+ try {
+ this.folder= (FolderDTO) factory.getResourceGss(path,getCurrentUser());//getService().getFolder(user.getId(), folder.getId());
+ } catch (RpcException e) {
+ //log.info("*****AUTH1:"+false+" "+getCurrentUser());
+ return false;
+ }
+ }
+ //log.info("*****AUTH2:"+true+" "+getCurrentUser());
return true;
}
+ //log.info("*****AUTH3:"+result+" "+getCurrentUser()+" "+method);
return result;
}
@Override
public String getName() {
- return "/";
+ return path;
}
@Override
public String getUniqueId() {
- return "folder:/";
+ if(folder!=null)
+ return "folder:"+folder.getId().toString();
+ return "folder:"+path;
}
@Override
public Resource child(String name) {
- try {
- this.folder = (FolderDTO) factory.getResourceGss("/");
- } catch (RpcException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
+ //log.info("CALLING ROOT GET CHILDREN");
+ if(this.folder==null)
+ try {
+ this.folder = (FolderDTO) factory.getResourceGss(path,getCurrentUser());
+ } catch (RpcException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
return super.child(name);
}
@Override
public List<? extends Resource> getChildren() {
- try {
- this.folder = (FolderDTO) factory.getResourceGss("/");
- } catch (RpcException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
+ //log.info("CALLING ROOT GET CHILDREN");
+ if(this.folder==null)
+ try {
+ this.folder = (FolderDTO) factory.getResourceGss(path,getCurrentUser());
+ } catch (RpcException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
List<Resource> result = new ArrayList<Resource>();
for(FolderDTO f : folder.getSubfolders())
if(!f.isDeleted())
- result.add(new GssFolderResource(host, factory, f));
+ result.add(new GssFolderResource(host, factory, f,getCurrentUser()));
try {
for(FileHeaderDTO f : factory.getService().getFiles(getCurrentUser().getId(), folder.getId(), true))
- result.add(new GssFileResource(host, factory, f));
+ result.add(new GssFileResource(host, factory, f,getCurrentUser()));
} catch (ObjectNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
import org.slf4j.LoggerFactory;
import com.bradmcevoy.http.Auth;
-import com.bradmcevoy.http.HttpManager;
import com.bradmcevoy.http.Request;
import com.bradmcevoy.http.Resource;
import com.bradmcevoy.http.Request.Method;
this.realm = realm;
this.digestGenerator = new DigestGenerator();
}
-
+ /*
+ public Object getUserByName( String name ) {
+ String actualPassword = nameAndPasswords.get( name );
+ if( actualPassword != null ) return name;
+ return null;
+ }*/
+
public Object authenticate( String user, String password ) {
- log.debug( "authenticate: " + user + " - " + password);
+ //log.info( "authenticate: " + user + " - " + password);
// user name will include domain when coming form ftp. we just strip it off
if( user.contains( "@")) {
user = user.substring( 0, user.indexOf( "@"));
}
public Object authenticate( DigestResponse digestRequest ) {
- /*String actualPassword=null;
+ //log.info( "DIGEST authenticate: " + digestRequest);
+ String actualPassword=null;
try {
actualPassword = getUsersPassword( digestRequest.getUser() );
} catch (Exception e) {
}
} else {
return null;
- }*/
- /*String username = HttpManager.request().getHeaders().get("username");
- if(username!=null){
- try {
- return getService().getUserByUserName(username);
- } catch (RpcException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- return null;
- }
- }
- return null;*/
- return true;
+ }
}
-}
+}
\ No newline at end of file
<url-pattern>/miltonController</url-pattern>
</servlet-mapping>
-->
+ <!--
<security-constraint>
- <!-- Protect /, but leave OPTIONS unauthenticated to get around Windows client bug with DIGEST authentication -->
+
<web-resource-collection>
<web-resource-name>GSS</web-resource-name>
<description>GSS WebDAV</description>
</security-constraint>
<security-constraint>
- <!-- Protect everything for every other path -->
+ -->
+ <!-- Protect everything for every other path
<web-resource-collection>
<web-resource-name>GSS</web-resource-name>
<description>GSS WebDAV</description>
<description>A plain WebDAV user</description>
<role-name>simpleUser</role-name>
</security-role>
+ -->
</web-app>