| | |
|---|
| | | import java.util.Map; |
|---|
| | | import java.util.concurrent.TimeUnit; |
|---|
| | | |
|---|
| | | import javax.inject.Inject; |
|---|
| | | import javax.servlet.http.Cookie; |
|---|
| | | import javax.servlet.http.HttpServletRequest; |
|---|
| | | import javax.servlet.http.HttpServletResponse; |
|---|
| | |
|---|
| | | import com.gitblit.auth.WindowsAuthProvider; |
|---|
| | | import com.gitblit.models.TeamModel; |
|---|
| | | import com.gitblit.models.UserModel; |
|---|
| | | import com.gitblit.transport.ssh.SshSession; |
|---|
| | | import com.gitblit.transport.ssh.SshKey; |
|---|
| | | import com.gitblit.utils.Base64; |
|---|
| | | import com.gitblit.utils.HttpUtils; |
|---|
| | | import com.gitblit.utils.StringUtils; |
|---|
| | |
|---|
| | | |
|---|
| | | private final Map<String, String> legacyRedirects; |
|---|
| | | |
|---|
| | | @Inject |
|---|
| | | public AuthenticationManager( |
|---|
| | | IRuntimeManager runtimeManager, |
|---|
| | | IUserManager userManager) { |
|---|
| | |
|---|
| | | } |
|---|
| | | return this; |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | | public void addAuthenticationProvider(AuthenticationProvider prov) { |
|---|
| | | authenticationProviders.add(prov); |
|---|
| | | } |
|---|
| | |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * Authenticate a user based on SSH session. |
|---|
| | | * Authenticate a user based on a public key. |
|---|
| | | * |
|---|
| | | * @param SshSession |
|---|
| | | * This implementation assumes that the authentication has already take place |
|---|
| | | * (e.g. SSHDaemon) and that this is a validation/verification of the user. |
|---|
| | | * |
|---|
| | | * @param username |
|---|
| | | * @param key |
|---|
| | | * @return a user object or null |
|---|
| | | */ |
|---|
| | | @Override |
|---|
| | | public UserModel authenticate(SshSession sshSession) { |
|---|
| | | String username = sshSession.getRemoteUser(); |
|---|
| | | public UserModel authenticate(String username, SshKey key) { |
|---|
| | | if (username != null) { |
|---|
| | | if (!StringUtils.isEmpty(username)) { |
|---|
| | | UserModel user = userManager.getUserModel(username); |
|---|
| | | if (user != null) { |
|---|
| | | // existing user |
|---|
| | | logger.debug(MessageFormat.format("{0} authenticated by servlet container principal from {1}", |
|---|
| | | user.username, sshSession.getRemoteAddress())); |
|---|
| | | return validateAuthentication(user, AuthenticationType.SSH); |
|---|
| | | logger.debug(MessageFormat.format("{0} authenticated by {1} public key", |
|---|
| | | user.username, key.getAlgorithm())); |
|---|
| | | return validateAuthentication(user, AuthenticationType.PUBLIC_KEY); |
|---|
| | | } |
|---|
| | | logger.warn(MessageFormat.format("Failed to find UserModel for {0}, attempted ssh authentication from {1}", |
|---|
| | | username, sshSession.getRemoteAddress())); |
|---|
| | | logger.warn(MessageFormat.format("Failed to find UserModel for {0} during public key authentication", |
|---|
| | | username)); |
|---|
| | | } |
|---|
| | | } else { |
|---|
| | | logger.warn("Empty user in SSH session"); |
|---|
| | | logger.warn("Empty user passed to AuthenticationManager.authenticate!"); |
|---|
| | | } |
|---|
| | | return null; |
|---|
| | | } |
|---|
| | |
|---|
| | | } |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | | // could not authenticate locally or with a provider |
|---|
| | | return null; |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * Returns a UserModel if local authentication succeeds. |
|---|
| | | * |
|---|
| | | * |
|---|
| | | * @param user |
|---|
| | | * @param password |
|---|
| | | * @return a UserModel if local authentication succeeds, null otherwise |
|---|
