Skip to content
This repository has been archived by the owner on Dec 10, 2023. It is now read-only.

Commit

Permalink
Browse files Browse the repository at this point in the history
[FIXED JENKINS-21852] Added http proxy configuration.
[FIXED JENKINS-18791] Session validation interval saved from ui.
[FIXED JENKINS-13279] Don't use ssoTokenHelper, work with Embedded Crowd in Jira.
[JENKINS-16703] More options for connection configuration.
  • Loading branch information
KostyaSha committed Apr 16, 2014
1 parent 744eaa8 commit 7039baf
Show file tree
Hide file tree
Showing 23 changed files with 360 additions and 234 deletions.
88 changes: 67 additions & 21 deletions src/main/java/de/theit/jenkins/crowd/CrowdConfigurationService.java
Expand Up @@ -31,15 +31,11 @@
import static de.theit.jenkins.crowd.ErrorMessages.operationFailed;
import static de.theit.jenkins.crowd.ErrorMessages.userNotFound;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Comparator;
import java.util.HashSet;
import java.util.List;
import java.util.TreeSet;
import java.util.*;
import java.util.logging.Level;
import java.util.logging.Logger;

import jenkins.model.Jenkins;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;

Expand All @@ -65,8 +61,7 @@
*/
public class CrowdConfigurationService {
/** Used for logging purposes. */
private static final Logger LOG = Logger
.getLogger(CrowdConfigurationService.class.getName());
private static final Logger LOG = Logger.getLogger(CrowdConfigurationService.class.getName());

/**
* The maximum number of groups that can be fetched from the Crowd server
Expand Down Expand Up @@ -95,22 +90,21 @@ public class CrowdConfigurationService {
/** Specifies whether nested groups may be used. */
private boolean nestedGroups;

boolean useSSO;
public boolean useSSO;

/**
* Creates a new Crowd configuration object.
*
* @param pGroupNames
* The group names to use when authenticating Crowd users. May
* not be <code>null</code>.
* @param pNestedGroups
* Specifies whether nested groups should be used when validating
* users against a group name.
*/
/**
* Creates a new Crowd configuration object.
*
* @param pGroupNames
* The group names to use when authenticating Crowd users. May
* not be <code>null</code>.
* @param pNestedGroups
* Specifies whether nested groups should be used when validating
* users against a group name.
*/
public CrowdConfigurationService(String pGroupNames, boolean pNestedGroups) {
if (LOG.isLoggable(Level.INFO)) {
LOG.info("Groups given for Crowd configuration service: "
+ pGroupNames);
LOG.info("Groups given for Crowd configuration service: " + pGroupNames);
}
this.allowedGroupNames = new ArrayList<String>();
for (String group : pGroupNames.split(",")) {
Expand Down Expand Up @@ -353,4 +347,56 @@ public int compare(GrantedAuthority ga1,

return authorities;
}

static public Properties getProperties(String url, String applicationName, String password,
int sessionValidationInterval, boolean useSSO,
String cookieDomain, String cookieTokenkey, Boolean useProxy,
String httpProxyHost, String httpProxyPort, String httpProxyUsername,
String httpProxyPassword, String socketTimeout,
String httpTimeout, String httpMaxConnections){
// for https://docs.atlassian.com/crowd/2.7.1/com/atlassian/crowd/service/client/ClientPropertiesImpl.html
Properties props = new Properties();

String crowdUrl = url;
if (!crowdUrl.endsWith("/")) {
crowdUrl += "/";
}
props.setProperty("application.name", applicationName);
props.setProperty("application.password", password);
props.setProperty("crowd.base.url", crowdUrl);
props.setProperty("application.login.url", crowdUrl + "console/");
props.setProperty("crowd.server.url", crowdUrl + "services/");
props.setProperty("session.validationinterval", String.valueOf(sessionValidationInterval));
//TODO move other values to jenkins web configuration
props.setProperty("session.isauthenticated", "session.isauthenticated");
props.setProperty("session.tokenkey", "session.tokenkey");
props.setProperty("session.lastvalidation","session.lastvalidation");

if (useSSO) {
if (cookieDomain != null && !cookieDomain.equals(""))
props.setProperty("cookie.domain", cookieDomain);
if (cookieTokenkey != null && !cookieTokenkey.equals(""))
props.setProperty("cookie.tokenkey", cookieTokenkey);
}

if (useProxy != null && useProxy){
if (httpProxyHost != null && !httpProxyHost.equals(""))
props.setProperty("http.proxy.host", httpProxyHost);
if (httpProxyPort != null && !httpProxyPort.equals(""))
props.setProperty("http.proxy.port", httpProxyPort);
if (httpProxyUsername != null && !httpProxyUsername.equals(""))
props.setProperty("http.proxy.username", httpProxyUsername);
if (httpProxyPassword != null && !httpProxyPassword.equals(""))
props.setProperty("http.proxy.password", httpProxyPassword);
}

if (socketTimeout != null && !socketTimeout.equals(""))
props.setProperty("socket.timeout", socketTimeout);
if (httpMaxConnections != null && !httpMaxConnections.equals(""))
props.setProperty("http.max.connections", httpMaxConnections);
if (httpTimeout != null && !httpTimeout.equals(""))
props.setProperty("http.timeout", httpTimeout);

return props;
}
}
32 changes: 11 additions & 21 deletions src/main/java/de/theit/jenkins/crowd/CrowdRememberMeServices.java
Expand Up @@ -64,8 +64,7 @@
*/
public class CrowdRememberMeServices implements RememberMeServices {
/** Used for logging purposes. */
private static final Logger LOG = Logger
.getLogger(CrowdRememberMeServices.class.getName());
private static final Logger LOG = Logger.getLogger(CrowdRememberMeServices.class.getName());

/**
* The configuration data necessary for accessing the services on the remote
Expand Down Expand Up @@ -134,11 +133,8 @@ public Authentication autoLogin(HttpServletRequest request,
// process
List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
authorities.add(SecurityRealm.AUTHENTICATED_AUTHORITY);
authorities.addAll(this.configuration
.getAuthoritiesForUser(user.getName()));

result = new CrowdAuthenticationToken(user.getName(), null,
authorities, ssoToken);
authorities.addAll(this.configuration.getAuthoritiesForUser(user.getName()));
result = new CrowdAuthenticationToken(user.getName(), null, authorities, ssoToken);
}
} catch (InvalidTokenException ex) {
// LOG.log(Level.INFO, invalidToken(), ex);
Expand Down Expand Up @@ -186,16 +182,15 @@ public void loginFail(HttpServletRequest request,
*/
@Override
public void loginSuccess(HttpServletRequest request,
HttpServletResponse response,
Authentication successfulAuthentication) {
HttpServletResponse response,
Authentication successfulAuthentication) {
if (!(successfulAuthentication instanceof CrowdAuthenticationToken)) {
// authentication token doesn't belong to us...
return;
}
CrowdAuthenticationToken crowdAuthenticationToken = (CrowdAuthenticationToken) successfulAuthentication;

List<ValidationFactor> validationFactors = this.configuration.tokenHelper
.getValidationFactorExtractor().getValidationFactors(request);
List<ValidationFactor> validationFactors = this.configuration.tokenHelper.getValidationFactorExtractor().getValidationFactors(request);

// check if there's already a SSO token in the authentication object
String ssoToken = crowdAuthenticationToken.getSSOToken();
Expand All @@ -216,10 +211,8 @@ public void loginSuccess(HttpServletRequest request,
if (LOG.isLoggable(Level.FINER)) {
LOG.finer("Retrieve SSO token...");
}
ssoToken = this.configuration.tokenHelper
.getCrowdToken(request,
this.configuration.clientProperties
.getCookieTokenKey());
ssoToken = this.configuration.tokenHelper.getCrowdToken(request,
this.configuration.clientProperties.getCookieTokenKey());
}

if (null == ssoToken) {
Expand All @@ -233,8 +226,7 @@ public void loginSuccess(HttpServletRequest request,
if (LOG.isLoggable(Level.FINE)) {
LOG.fine("Validate the SSO authentication...");
}
this.configuration.crowdClient.validateSSOAuthentication(ssoToken,
validationFactors);
this.configuration.crowdClient.validateSSOAuthentication(ssoToken, validationFactors);

// alright, we're successfully authenticated via SSO
if (LOG.isLoggable(Level.FINE)) {
Expand All @@ -247,13 +239,11 @@ public void loginSuccess(HttpServletRequest request,
} catch (InvalidAuthenticationException ex) {
LOG.warning(invalidAuthentication());
} catch (ExpiredCredentialException ex) {
LOG.warning(expiredCredentials(crowdAuthenticationToken
.getPrincipal()));
LOG.warning(expiredCredentials(crowdAuthenticationToken.getPrincipal()));
} catch (InactiveAccountException ex) {
LOG.warning(accountExpired(crowdAuthenticationToken.getPrincipal()));
} catch (ApplicationAccessDeniedException ex) {
LOG.warning(applicationAccessDenied(crowdAuthenticationToken
.getPrincipal()));
LOG.warning(applicationAccessDenied(crowdAuthenticationToken.getPrincipal()));
} catch (OperationFailedException ex) {
LOG.log(Level.SEVERE, operationFailed(), ex);
}
Expand Down

0 comments on commit 7039baf

Please sign in to comment.