1. Project Clover database Sat Feb 2 2019 06:45:20 CET
  2. Package com.xpn.xwiki.user.impl.xwiki

File AppServerTrustedKerberosAuthServiceImpl.java

 

Coverage histogram

../../../../../../img/srcFileCovDistChart0.png
86% of files have more coverage

Code metrics

6
16
3
1
114
47
6
0.38
5.33
3
2

Classes

Class Line # Actions
AppServerTrustedKerberosAuthServiceImpl 36 16 0% 6 25
0.00%
 

Contributing tests

No tests hitting this source file were found.

Source view

1    /*
2    * See the NOTICE file distributed with this work for additional
3    * information regarding copyright ownership.
4    *
5    * This is free software; you can redistribute it and/or modify it
6    * under the terms of the GNU Lesser General Public License as
7    * published by the Free Software Foundation; either version 2.1 of
8    * the License, or (at your option) any later version.
9    *
10    * This software is distributed in the hope that it will be useful,
11    * but WITHOUT ANY WARRANTY; without even the implied warranty of
12    * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13    * Lesser General Public License for more details.
14    *
15    * You should have received a copy of the GNU Lesser General Public
16    * License along with this software; if not, write to the Free
17    * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18    * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
19    */
20    package com.xpn.xwiki.user.impl.xwiki;
21   
22    import org.apache.commons.lang3.StringUtils;
23    import org.slf4j.Logger;
24    import org.slf4j.LoggerFactory;
25   
26    import com.xpn.xwiki.XWikiContext;
27    import com.xpn.xwiki.XWikiException;
28    import com.xpn.xwiki.user.api.XWikiUser;
29   
30    /**
31    * Specialized version of the {@link AppServerTrustedAuthServiceImpl} that extract usernames out of Kerberos principals.
32    *
33    * @version $Id: 340f1169c37a2bf336173f7c06482ebeea8fb952 $
34    * @since 2.6.2
35    */
 
36    public class AppServerTrustedKerberosAuthServiceImpl extends XWikiAuthServiceImpl
37    {
38   
39    /**
40    * A dot. The document space/name separator.
41    */
42    private static final String DOT = ".";
43   
44    /**
45    * The name of the XWiki space.
46    */
47    private static final String XWIKI_SPACE = "XWiki";
48   
49    /**
50    * The at sign.
51    */
52    private static final String AT_SIGN = "@";
53   
54    /**
55    * An anti-slash.
56    */
57    private static final String ANTI_SLASH = "\\";
58   
59    /**
60    * The logger for this class.
61    */
62    private static final Logger LOGGER = LoggerFactory.getLogger(AppServerTrustedKerberosAuthServiceImpl.class);
63   
 
64  0 toggle @Override
65    public XWikiUser checkAuth(XWikiContext context) throws XWikiException
66    {
67  0 String user = context.getRequest().getRemoteUser();
68   
69  0 LOGGER.debug("Checking auth for remote user [{}]", user);
70   
71  0 if (StringUtils.isBlank(user)) {
72  0 return super.checkAuth(context);
73    } else {
74  0 user = this.extractUsernameFromPrincipal(user);
75  0 user = createUser(user, context);
76  0 user = XWIKI_SPACE + DOT + user;
77    }
78  0 context.setUser(user);
79   
80  0 return new XWikiUser(user);
81    }
82   
 
83  0 toggle @Override
84    public XWikiUser checkAuth(String username, String password, String rememberme, XWikiContext context)
85    throws XWikiException
86    {
87  0 return this.checkAuth(context);
88    }
89   
90    /**
91    * Helper method to extract the username part out of a Kerberos principal.
92    *
93    * @param principal the principal to extract the username from
94    * @return the extracted username
95    */
 
96  0 toggle private String extractUsernameFromPrincipal(final String principal)
97    {
98  0 String username = principal;
99   
100    // Clears the Kerberos principal, by removing the domain part, to retain only the user name of the
101    // authenticated remote user.
102  0 if (username.contains(ANTI_SLASH)) {
103    // old domain form
104  0 username = StringUtils.substringAfter(username, ANTI_SLASH);
105    }
106  0 if (username.contains(AT_SIGN)) {
107    // new domain form
108  0 username = StringUtils.substringBeforeLast(username, AT_SIGN);
109    }
110   
111  0 return username;
112    }
113   
114    }