Author: bleny Date: 2014-04-01 17:02:59 +0200 (Tue, 01 Apr 2014) New Revision: 1790 Url: http://forge.codelutin.com/projects/wao/repository/revisions/1790 Log: remove shiro Removed: trunk/wao-services/src/main/java/fr/ifremer/wao/services/WaoPermissions.java trunk/wao-web/src/main/java/fr/ifremer/wao/web/WaoRealm.java trunk/wao-web/src/main/resources/shiro.ini Modified: trunk/pom.xml trunk/wao-services/pom.xml trunk/wao-services/src/main/java/fr/ifremer/wao/services/AuthenticatedWaoUser.java trunk/wao-services/src/main/java/fr/ifremer/wao/services/service/csv/operations/DCF5CodesParserFormatter.java trunk/wao-services/src/main/java/fr/ifremer/wao/services/service/csv/operations/ObservedDataControlParserFormatter.java trunk/wao-web/pom.xml trunk/wao-web/src/main/webapp/WEB-INF/web.xml Modified: trunk/pom.xml =================================================================== --- trunk/pom.xml 2014-04-01 14:13:54 UTC (rev 1789) +++ trunk/pom.xml 2014-04-01 15:02:59 UTC (rev 1790) @@ -104,7 +104,6 @@ <struts2Version>2.3.16.1</struts2Version> <jqueryPluginVersion>3.7.0</jqueryPluginVersion> <bootstrapPluginVersion>1.7.0</bootstrapPluginVersion> - <shiroVersion>1.2.2</shiroVersion> <slf4jVersion>1.7.6</slf4jVersion> <hibernateVersion>4.2.8.Final</hibernateVersion> <mockitoVersion>1.9.5</mockitoVersion> @@ -214,19 +213,6 @@ <scope>test</scope> </dependency> - <dependency> - <groupId>org.apache.shiro</groupId> - <artifactId>shiro-core</artifactId> - <version>${shiroVersion}</version> - <exclusions> - <!-- prevent java.lang.ClassCastException: cannot be cast to javassist.util.proxy.Proxy --> - <exclusion> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-api</artifactId> - </exclusion> - </exclusions> - </dependency> - <!-- persistence module dependencies --> <dependency> @@ -360,12 +346,6 @@ </exclusions> </dependency> - <dependency> - <groupId>org.apache.shiro</groupId> - <artifactId>shiro-web</artifactId> - <version>${shiroVersion}</version> - </dependency> - </dependencies> </dependencyManagement> Modified: trunk/wao-services/pom.xml =================================================================== --- trunk/wao-services/pom.xml 2014-04-01 14:13:54 UTC (rev 1789) +++ trunk/wao-services/pom.xml 2014-04-01 15:02:59 UTC (rev 1790) @@ -106,11 +106,6 @@ <artifactId>log4j</artifactId> </dependency> - <dependency> - <groupId>org.apache.shiro</groupId> - <artifactId>shiro-core</artifactId> - </dependency> - <!-- Test dependencies --> <dependency> <groupId>junit</groupId> Modified: trunk/wao-services/src/main/java/fr/ifremer/wao/services/AuthenticatedWaoUser.java =================================================================== --- trunk/wao-services/src/main/java/fr/ifremer/wao/services/AuthenticatedWaoUser.java 2014-04-01 14:13:54 UTC (rev 1789) +++ trunk/wao-services/src/main/java/fr/ifremer/wao/services/AuthenticatedWaoUser.java 2014-04-01 15:02:59 UTC (rev 1790) @@ -28,8 +28,6 @@ import fr.ifremer.wao.entity.UserProfile; import fr.ifremer.wao.entity.UserRole; import fr.ifremer.wao.entity.WaoUser; -import org.apache.shiro.SecurityUtils; -import org.apache.shiro.subject.Subject; import java.io.Serializable; @@ -41,35 +39,17 @@ protected UserProfile userProfile; - protected transient WaoPermissions permissions; - public AuthenticatedWaoUser(WaoUser waoUser, UserProfile userProfile) { this.waoUser = waoUser; this.userProfile = userProfile; } - protected WaoPermissions getPermissions() { - if (permissions == null) { - permissions = new WaoPermissions(); - } - return permissions; - } - - protected boolean isPermitted(String permission) { - return getCurrentUser().isPermitted(permission); - } - - protected Subject getCurrentUser() { - Subject currentUser = SecurityUtils.getSubject(); - return currentUser; - } - public WaoUser getWaoUser() { return waoUser; } public void logout() { - // TODO brendan 20/03/14 getCurrentUser().logout(); + } public boolean isAdmin() { Deleted: trunk/wao-services/src/main/java/fr/ifremer/wao/services/WaoPermissions.java =================================================================== --- trunk/wao-services/src/main/java/fr/ifremer/wao/services/WaoPermissions.java 2014-04-01 14:13:54 UTC (rev 1789) +++ trunk/wao-services/src/main/java/fr/ifremer/wao/services/WaoPermissions.java 2014-04-01 15:02:59 UTC (rev 1790) @@ -1,73 +0,0 @@ -package fr.ifremer.wao.services; - -/* - * #%L - * Wao :: Services - * %% - * Copyright (C) 2009 - 2014 Ifremer - * %% - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * #L% - */ - -import com.google.common.collect.Iterables; -import fr.ifremer.wao.WaoTopiaPersistenceContext; -import fr.ifremer.wao.entity.WaoUser; -import org.apache.commons.lang3.StringUtils; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.nuiton.topia.persistence.TopiaEntities; -import org.nuiton.topia.persistence.TopiaEntity; - -import java.util.HashSet; -import java.util.Set; - -/** - * Représente tout le système de permissions de WAO - */ -public class WaoPermissions { - - private static final Log log = LogFactory.getLog(WaoPermissions.class); - - protected <E extends TopiaEntity> String getTopiaIds(Iterable<E> topiaEntities) { - Iterable<String> topiaIds = Iterables.transform(topiaEntities, TopiaEntities.getTopiaIdFunction()); - return join(topiaIds); - } - - protected String join(Iterable<String> topiaIds) { - return StringUtils.join(topiaIds, ','); - } - - /** - * Permet d'obtenir toutes les permissions accordée à l'utilisateur donné. - */ - public Set<String> getPermissions(WaoTopiaPersistenceContext topiaPersistenceContext, WaoUser waoUser) { - - Set<String> permissions = new HashSet<>(); - - if (waoUser.isActive()) { - - - - } - - if (log.isDebugEnabled()) { - log.debug("permissions for " + waoUser + " are " + permissions); - } - - return permissions; - - } - -} Modified: trunk/wao-services/src/main/java/fr/ifremer/wao/services/service/csv/operations/DCF5CodesParserFormatter.java =================================================================== --- trunk/wao-services/src/main/java/fr/ifremer/wao/services/service/csv/operations/DCF5CodesParserFormatter.java 2014-04-01 14:13:54 UTC (rev 1789) +++ trunk/wao-services/src/main/java/fr/ifremer/wao/services/service/csv/operations/DCF5CodesParserFormatter.java 2014-04-01 15:02:59 UTC (rev 1790) @@ -62,10 +62,10 @@ Collection<DCF5Code> dcf5Codes = referentialService.getDcf5Codes(codes); List<DCF5Code> value = new ArrayList<>(dcf5Codes); return value; - } catch (UnknownFishingGearDcfCodeException unknownFishingGearDcfCode) { - throw new ImportRuntimeException(unknownFishingGearDcfCode); - } catch (UnknownTargetSpeciesDcfCodeException unknownTargetSpeciesDcfCode) { - throw new ImportRuntimeException(unknownTargetSpeciesDcfCode); + } catch (UnknownFishingGearDcfCodeException e) { + throw new ImportRuntimeException(e.getMessage(), e); + } catch (UnknownTargetSpeciesDcfCodeException e) { + throw new ImportRuntimeException(e); } } } Modified: trunk/wao-services/src/main/java/fr/ifremer/wao/services/service/csv/operations/ObservedDataControlParserFormatter.java =================================================================== --- trunk/wao-services/src/main/java/fr/ifremer/wao/services/service/csv/operations/ObservedDataControlParserFormatter.java 2014-04-01 14:13:54 UTC (rev 1789) +++ trunk/wao-services/src/main/java/fr/ifremer/wao/services/service/csv/operations/ObservedDataControlParserFormatter.java 2014-04-01 15:02:59 UTC (rev 1790) @@ -40,8 +40,10 @@ */ public class ObservedDataControlParserFormatter implements ValueParserFormatter<ObservedDataControl> { - ValueParserFormatter<ObservedDataControl> nonNullObservedDataControlParserFormatter; + // FIXME brendan 01/04/14 what the f... + protected ValueParserFormatter<ObservedDataControl> nonNullObservedDataControlParserFormatter; + public ObservedDataControlParserFormatter() { List<ObservedDataControl> observedDataControlsValues = new LinkedList<>(); Collections.addAll(observedDataControlsValues, ObservedDataControl.values()); Modified: trunk/wao-web/pom.xml =================================================================== --- trunk/wao-web/pom.xml 2014-04-01 14:13:54 UTC (rev 1789) +++ trunk/wao-web/pom.xml 2014-04-01 15:02:59 UTC (rev 1790) @@ -27,8 +27,6 @@ <!-- see http://maven-site.nuiton.org/mavenpom/mavenpom4redmine/release.html --> <skipPostRelease>false</skipPostRelease> - <!-- XXX voir le profil le profil removeSlf4jJclFromClassPath --> - <slf4jJclScope>runtime</slf4jJclScope> </properties> <dependencies> @@ -138,29 +136,9 @@ </dependency> <dependency> - <groupId>org.apache.shiro</groupId> - <artifactId>shiro-core</artifactId> - </dependency> - - <dependency> - <groupId>org.apache.shiro</groupId> - <artifactId>shiro-web</artifactId> - <scope>runtime</scope> - </dependency> - - <!-- TODO enable guava caching --> - <!--<dependency>--> - <!--<groupId>org.apache.shiro</groupId>--> - <!--<artifactId>shiro-guava</artifactId>--> - <!--<version>2.alpha.0-SNAPSHOT</version>--> - <!--<scope>runtime</scope>--> - <!--</dependency>--> - - <!-- FIXME bleny 2013/12/18 need to be removed to do a tomcat:run since shiro was added --> - <dependency> <groupId>org.slf4j</groupId> <artifactId>slf4j-jcl</artifactId> - <scope>${slf4jJclScope}</scope> + <scope>runtime</scope> </dependency> <dependency> @@ -256,13 +234,4 @@ </plugins> </build> - <!-- XXX le profil le profil removeSlf4jJclFromClasspath permet d'exclure cette dépendance du classpath, indispensable pour que tomcat7:run fonctione --> - <profiles> - <profile> - <id>removeSlf4jJclFromClasspath</id> - <properties> - <slf4jJclScope>provided</slf4jJclScope> - </properties> - </profile> - </profiles> </project> Deleted: trunk/wao-web/src/main/java/fr/ifremer/wao/web/WaoRealm.java =================================================================== --- trunk/wao-web/src/main/java/fr/ifremer/wao/web/WaoRealm.java 2014-04-01 14:13:54 UTC (rev 1789) +++ trunk/wao-web/src/main/java/fr/ifremer/wao/web/WaoRealm.java 2014-04-01 15:02:59 UTC (rev 1790) @@ -1,202 +0,0 @@ -package fr.ifremer.wao.web; - -/* - * #%L - * Wao :: Web - * %% - * Copyright (C) 2009 - 2014 Ifremer - * %% - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - * #L% - */ - -import com.google.common.base.Optional; -import com.google.common.base.Preconditions; -import fr.ifremer.wao.WaoTechnicalException; -import fr.ifremer.wao.WaoTopiaApplicationContext; -import fr.ifremer.wao.WaoTopiaPersistenceContext; -import fr.ifremer.wao.entity.WaoUser; -import fr.ifremer.wao.entity.WaoUserTopiaDao; -import fr.ifremer.wao.services.WaoPermissions; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.apache.shiro.authc.AuthenticationException; -import org.apache.shiro.authc.AuthenticationInfo; -import org.apache.shiro.authc.AuthenticationToken; -import org.apache.shiro.authc.LockedAccountException; -import org.apache.shiro.authc.SimpleAccount; -import org.apache.shiro.authc.UsernamePasswordToken; -import org.apache.shiro.authc.credential.CredentialsMatcher; -import org.apache.shiro.authz.AuthorizationInfo; -import org.apache.shiro.authz.SimpleAuthorizationInfo; -import org.apache.shiro.realm.AuthorizingRealm; -import org.apache.shiro.subject.PrincipalCollection; - -import java.util.Set; - -public class WaoRealm extends AuthorizingRealm { - - private static final Log log = LogFactory.getLog(WaoRealm.class); - - protected static final CredentialsMatcher CREDENTIALS_MATCHER = new WaoCredentialsMatcher(); - - protected WaoPermissions permissions = new WaoPermissions(); - - protected WaoTopiaApplicationContext topiaApplicationContext; - - public WaoRealm() { - super(CREDENTIALS_MATCHER); - this.topiaApplicationContext = WaoApplicationContext.getTopiaApplicationContext(); - } - - @Override - protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { - - WaoTopiaPersistenceContext persistenceContext = null; - - try { - - UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token; - String email = usernamePasswordToken.getUsername(); - - persistenceContext = topiaApplicationContext.newPersistenceContext(); - WaoUserTopiaDao waoUserDao = persistenceContext.getWaoUserDao(); - - Optional<WaoUser> waoUserOptional = waoUserDao.tryFindByEmailAndFetchCollections(email); - - AuthenticationInfo authenticationInfo; - if (waoUserOptional.isPresent()) { - - WaoUser waoUser = waoUserOptional.get(); - - if (waoUser.isActive()) { - authenticationInfo = new WaoAuthenticationInfo(getName(), waoUser); - } else { - throw new LockedAccountException(); - } - - } else { - authenticationInfo = null; // If the user doesn't exists, the contract asks us to return null - } - - return authenticationInfo; - - } finally { - - if (persistenceContext != null) { - persistenceContext.closeContext(); - } - - } - - } - - @Override - protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { - - SimpleAuthorizationInfo authorizationInfo; - - Object primaryPrincipal = principalCollection.getPrimaryPrincipal(); - - if (primaryPrincipal instanceof WaoUser) { - - WaoUser waoUser = (WaoUser) primaryPrincipal; - - authorizationInfo = new SimpleAuthorizationInfo(); - - WaoTopiaPersistenceContext persistenceContext = null; - try { - persistenceContext = topiaApplicationContext.newPersistenceContext(); - Set<String> waoUserPermissions = permissions.getPermissions(persistenceContext, waoUser); - authorizationInfo.addStringPermissions(waoUserPermissions); - } finally { - if (persistenceContext != null) { - persistenceContext.closeContext(); - } - } - - } else { - throw new WaoTechnicalException("unable to get wao user from " + principalCollection); - } - - return authorizationInfo; - - } - - /** - * Notre implémentation de {@link org.apache.shiro.authc.AuthenticationInfo}, comme - * on a pas vraiment de Principal, on utilise waoUser directement. - */ - protected static class WaoAuthenticationInfo extends SimpleAccount { - - protected WaoUser waoUser; - - public WaoAuthenticationInfo(String realmName, WaoUser waoUser) { - super(waoUser, waoUser, realmName); - Preconditions.checkNotNull(waoUser); - this.waoUser = waoUser; - } - - public WaoUser getWaoUser() { - return waoUser; - } - } - - /** - * Notre implémentation de {@link org.apache.shiro.authc.credential.CredentialsMatcher}, elle - * compare le mot de passe proposé en utilisant la bonne fonction hash et le bon salt. - */ - protected static class WaoCredentialsMatcher implements CredentialsMatcher { - - private static final Log log = LogFactory.getLog(WaoCredentialsMatcher.class); - - @Override - public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) { - - boolean passwordMatches; - - if (info instanceof WaoAuthenticationInfo) { - - WaoUser waoUser = ((WaoAuthenticationInfo) info).getWaoUser(); - -// char[] tokenCredentials = (char[]) token.getCredentials(); -// String clearPassword = new String(tokenCredentials); -// -// Double hashSalt = waoUser.getHashSalt(); -// -// Preconditions.checkNotNull(hashSalt); -// -// String saltedPassword = clearPassword + hashSalt; -// -// String hashedPassword = DigestUtils.sha1Hex(saltedPassword); -// -// passwordMatches = waoUser.getHashedPassword().equals(hashedPassword); - - // TODO brendan 14/01/14 implementer le check de password - - passwordMatches = true; - - } else { - if (log.isWarnEnabled()) { - log.warn("unable to deal with authenticationInfo " + info); - } - passwordMatches = false; - } - - return passwordMatches; - - } - - } -} Deleted: trunk/wao-web/src/main/resources/shiro.ini =================================================================== --- trunk/wao-web/src/main/resources/shiro.ini 2014-04-01 14:13:54 UTC (rev 1789) +++ trunk/wao-web/src/main/resources/shiro.ini 2014-04-01 15:02:59 UTC (rev 1790) @@ -1,41 +0,0 @@ -[main] -# URL vers laquelle il faut rediriger si l'utilisateur n'est pas authentifié -authc.loginUrl = /authentication/login.action - -# dans le formulaire d'authentifaction, le champs contenant le username s'appelle "email" -authc.usernameParam = email -# authc.passwordParam = password - -# on utilise un cache dans notre implémentation du Realm, il faut le configurer -cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager -securityManager.cacheManager = $cacheManager - -# on indique notre implémentation du realm -waoRealm = fr.ifremer.wao.web.WaoRealm - -# on l'indique comme seul realm à utiliser -securityManager.realms = $waoRealm - -[urls] - -# on doit pouvoir accéder à ces pages sans être authentifié -/authentication/login* = anon -/authentication/forgotten-password-* = anon -/authentication/registration* = anon - -# on donne accès aux ressource statiques -/css/** = anon -/data/** = anon -/font/** = anon -/img/** = anon -/js/** = anon -/struts/js/** = anon -/struts/themes/** = anon -/struts/bootstrap/** = anon - -# pour tout le reste, il faut être authentifié -#/** = authc - -# on désactive shiro - -/** = anon Modified: trunk/wao-web/src/main/webapp/WEB-INF/web.xml =================================================================== --- trunk/wao-web/src/main/webapp/WEB-INF/web.xml 2014-04-01 14:13:54 UTC (rev 1789) +++ trunk/wao-web/src/main/webapp/WEB-INF/web.xml 2014-04-01 15:02:59 UTC (rev 1790) @@ -51,11 +51,6 @@ </filter> <filter> - <filter-name>shiro</filter-name> - <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class> - </filter> - - <filter> <filter-name>struts-prepare</filter-name> <filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareFilter</filter-class> </filter> @@ -75,17 +70,6 @@ <url-pattern>/*</url-pattern> </filter-mapping> - <!-- Le filtre Shiro doit être executer après le fltre struts prepare: Pour gérer l'encodage de la requête --> - <!-- XXX bleny 28/02/2014 attention à le réactivation, on peut avoir le problème d'upload de fichier --> - <!--<filter-mapping>--> - <!--<filter-name>shiro</filter-name>--> - <!--<url-pattern>/*</url-pattern>--> - <!--<dispatcher>REQUEST</dispatcher>--> - <!--<dispatcher>FORWARD</dispatcher>--> - <!--<dispatcher>INCLUDE</dispatcher>--> - <!--<dispatcher>ERROR</dispatcher>--> - <!--</filter-mapping>--> - <filter-mapping> <filter-name>sitemesh</filter-name> <url-pattern>/*</url-pattern> @@ -101,11 +85,6 @@ <listener-class>fr.ifremer.wao.web.WaoApplicationListener</listener-class> </listener> - <listener> - <description>Shiro</description> - <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class> - </listener> - <filter-mapping> <filter-name>ExpiresFilter</filter-name> <url-pattern>/*</url-pattern>