[417103] [Security] Provide console command to add users with passwords

https://bugs.eclipse.org/bugs/show_bug.cgi?id=417103
author: Eike Stepper 2013-09-16 10:28:54 +0000
committer: Eike Stepper 2013-09-18 07:12:32 +0000
commit: 455f71a3150352656029d0c8cf0ccebb376474fe (patch)
tree: 18add391130c28d2362c2ab8a39813992229c82b
parent: 38b001a64de8e82f08acb145181789ed1d90aef6 (diff)
download: cdo-455f71a3150352656029d0c8cf0ccebb376474fe.tar.gz
cdo-455f71a3150352656029d0c8cf0ccebb376474fe.tar.xz
cdo-455f71a3150352656029d0c8cf0ccebb376474fe.zip
5 files changed, 107 insertions, 9 deletions
diff --git a/plugins/org.eclipse.emf.cdo.server.security/META-INF/MANIFEST.MF b/plugins/org.eclipse.emf.cdo.server.security/META-INF/MANIFEST.MF
index 9777a76fdc..c85ea4a003 100644
--- a/plugins/org.eclipse.emf.cdo.server.security/META-INF/MANIFEST.MF
+++ b/plugins/org.eclipse.emf.cdo.server.security/META-INF/MANIFEST.MF
@@ -2,7 +2,7 @@ Manifest-Version: 1.0
 Bundle-ManifestVersion: 2
 Bundle-SymbolicName: org.eclipse.emf.cdo.server.security;singleton:=true
 Bundle-Name: %pluginName
-Bundle-Version: 4.2.0.qualifier
+Bundle-Version: 4.3.0.qualifier
 Bundle-ClassPath: .
 Bundle-Vendor: %providerName
 Bundle-Localization: plugin
@@ -12,15 +12,15 @@ Require-Bundle: org.eclipse.core.runtime;bundle-version="[3.5.0,4.0.0)",
  org.eclipse.emf.cdo.security;bundle-version="[4.1.0,5.0.0)",
  org.eclipse.emf.cdo.net4j;bundle-version="[4.1.0,5.0.0)",
  org.eclipse.net4j.jvm;bundle-version="[4.1.0,5.0.0)"
-Export-Package: org.eclipse.emf.cdo.server.internal.security;version="4.2.0";
+Export-Package: org.eclipse.emf.cdo.server.internal.security;version="4.3.0";
   x-friends:="org.eclipse.emf.cdo.tests,
    org.eclipse.emf.cdo.tests.db,
    org.eclipse.emf.cdo.tests.db4o,
    org.eclipse.emf.cdo.tests.hibernate,
    org.eclipse.emf.cdo.tests.mongodb,
    org.eclipse.emf.cdo.tests.objectivity",
- org.eclipse.emf.cdo.server.internal.security.bundle;version="4.2.0";x-internal:=true,
- org.eclipse.emf.cdo.server.security;version="4.2.0",
- org.eclipse.emf.cdo.server.spi.security;version="4.2.0"
+ org.eclipse.emf.cdo.server.internal.security.bundle;version="4.3.0";x-internal:=true,
+ org.eclipse.emf.cdo.server.security;version="4.3.0",
+ org.eclipse.emf.cdo.server.spi.security;version="4.3.0"
 Bundle-ActivationPolicy: lazy
 Bundle-Activator: org.eclipse.emf.cdo.server.internal.security.bundle.OM$Activator
diff --git a/plugins/org.eclipse.emf.cdo.server.security/plugin.xml b/plugins/org.eclipse.emf.cdo.server.security/plugin.xml
index 05eaf4a485..9e2912e0c1 100644
--- a/plugins/org.eclipse.emf.cdo.server.security/plugin.xml
+++ b/plugins/org.eclipse.emf.cdo.server.security/plugin.xml
@@ -26,6 +26,10 @@
             productGroup="org.eclipse.emf.cdo.server.security.managers"
             type="annotation"
             class="org.eclipse.emf.cdo.server.spi.security.SecurityManagerFactory$Annotation"/>
+      <factory
+            productGroup="org.eclipse.emf.cdo.server.commands"
+            type="adduser"
+            class="org.eclipse.emf.cdo.server.internal.security.bundle.AddUserCommand$Factory"/>
    </extension>
 
 </plugin>
diff --git a/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/internal/security/SecurityManager.java b/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/internal/security/SecurityManager.java
index 81ee71e99c..6e924f5c5c 100644
--- a/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/internal/security/SecurityManager.java
+++ b/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/internal/security/SecurityManager.java
@@ -79,7 +79,9 @@ import java.util.Map;
  */
 public class SecurityManager extends Lifecycle implements InternalSecurityManager
 {
-  private IListener repositoryListener = new LifecycleEventAdapter()
+  private static final Map<IRepository, InternalSecurityManager> SECURITY_MANAGERS = new HashMap<IRepository, InternalSecurityManager>();
+
+  private final IListener repositoryListener = new LifecycleEventAdapter()
   {
     @Override
     protected void onActivated(ILifecycle lifecycle)
@@ -90,6 +92,7 @@ public class SecurityManager extends Lifecycle implements InternalSecurityManage
     @Override
     protected void onDeactivated(ILifecycle lifecycle)
     {
+      SECURITY_MANAGERS.remove(getRepository());
       SecurityManager.this.deactivate();
     }
   };
@@ -462,6 +465,8 @@ public class SecurityManager extends Lifecycle implements InternalSecurityManage
     sessionManager.setAuthenticator(authenticator);
     sessionManager.setPermissionManager(permissionManager);
     repository.addHandler(writeAccessHandler);
+
+    SECURITY_MANAGERS.put(repository, this);
   }
 
   protected Realm createRealm()
@@ -596,6 +601,11 @@ public class SecurityManager extends Lifecycle implements InternalSecurityManage
     super.doDeactivate();
   }
 
+  public static InternalSecurityManager get(IRepository repository)
+  {
+    return SECURITY_MANAGERS.get(repository);
+  }
+
   /**
    * @author Eike Stepper
    */
@@ -606,10 +616,13 @@ public class SecurityManager extends Lifecycle implements InternalSecurityManage
       User user = getUser(userID);
       UserPassword userPassword = user.getPassword();
 
-      String encrypted = userPassword.getEncrypted();
-      if (!Arrays.equals(password, encrypted == null ? null : encrypted.toCharArray()))
+      if (userPassword != null)
       {
-        throw new SecurityException("Access denied"); //$NON-NLS-1$
+        String encrypted = userPassword.getEncrypted();
+        if (!Arrays.equals(password, encrypted == null ? null : encrypted.toCharArray()))
+        {
+          throw new SecurityException("Access denied"); //$NON-NLS-1$
+        }
       }
     }
   }
diff --git a/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/internal/security/bundle/AddUserCommand.java b/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/internal/security/bundle/AddUserCommand.java
new file mode 100644
index 0000000000..902b635a35
--- /dev/null
+++ b/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/internal/security/bundle/AddUserCommand.java
@@ -0,0 +1,71 @@
+/*
+ * Copyright (c) 2004-2013 Eike Stepper (Berlin, Germany) and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * which accompanies this distribution, and is available at
+ * http://www.eclipse.org/legal/epl-v10.html
+ * 
+ * Contributors:
+ *    Eike Stepper - initial API and implementation
+ */
+package org.eclipse.emf.cdo.server.internal.security.bundle;
+
+import org.eclipse.emf.cdo.server.security.ISecurityManager;
+import org.eclipse.emf.cdo.server.security.SecurityManagerUtil;
+import org.eclipse.emf.cdo.spi.server.CDOCommand;
+import org.eclipse.emf.cdo.spi.server.InternalRepository;
+
+import org.eclipse.net4j.util.factory.ProductCreationException;
+
+/**
+ * @author Eike Stepper
+ */
+public class AddUserCommand extends CDOCommand.WithRepository
+{
+  public static final String NAME = "adduser";
+
+  public AddUserCommand()
+  {
+    super(NAME, "adds a user to the security realm of a repository", parameter("username"), optional("password"));
+  }
+
+  @Override
+  public void execute(InternalRepository repository, String[] args) throws Exception
+  {
+    ISecurityManager securityManager = SecurityManagerUtil.getSecurityManager(repository);
+    if (securityManager == null)
+    {
+      throw new CommandException("Security manager not found for " + repository);
+    }
+
+    String username = args[0];
+    String password = args[1];
+    if (password != null)
+    {
+      securityManager.addUser(username, password);
+    }
+    else
+    {
+      securityManager.addUser(username);
+    }
+
+    println("User " + username + " added");
+  }
+
+  /**
+   * @author Eike Stepper
+   */
+  public static class Factory extends CDOCommand.Factory
+  {
+    public Factory()
+    {
+      super(NAME);
+    }
+
+    @Override
+    public CDOCommand create(String description) throws ProductCreationException
+    {
+      return new AddUserCommand();
+    }
+  }
+}
diff --git a/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/security/SecurityManagerUtil.java b/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/security/SecurityManagerUtil.java
index 57651d0622..788f53cd78 100644
--- a/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/security/SecurityManagerUtil.java
+++ b/plugins/org.eclipse.emf.cdo.server.security/src/org/eclipse/emf/cdo/server/security/SecurityManagerUtil.java
@@ -10,6 +10,8 @@
  */
 package org.eclipse.emf.cdo.server.security;
 
+import org.eclipse.emf.cdo.server.IRepository;
+import org.eclipse.emf.cdo.server.internal.security.SecurityManager;
 import org.eclipse.emf.cdo.server.spi.security.SecurityManagerFactory;
 
 import org.eclipse.net4j.util.container.IManagedContainer;
@@ -26,6 +28,14 @@ public final class SecurityManagerUtil
   {
   }
 
+  /**
+   * @since 4.3
+   */
+  public static ISecurityManager getSecurityManager(IRepository repository)
+  {
+    return SecurityManager.get(repository);
+  }
+
   public static ISecurityManager createSecurityManager(String realmPath)
   {
     return createSecurityManager(realmPath, IPluginContainer.INSTANCE);
author	Eike Stepper	2013-09-16 10:28:54 +0000
committer	Eike Stepper	2013-09-18 07:12:32 +0000
commit	455f71a3150352656029d0c8cf0ccebb376474fe (patch)
tree	18add391130c28d2362c2ab8a39813992229c82b
parent	38b001a64de8e82f08acb145181789ed1d90aef6 (diff)
download	cdo-455f71a3150352656029d0c8cf0ccebb376474fe.tar.gz cdo-455f71a3150352656029d0c8cf0ccebb376474fe.tar.xz cdo-455f71a3150352656029d0c8cf0ccebb376474fe.zip