Extending NexusSecureHttpAuthenticationFilter

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Extending NexusSecureHttpAuthenticationFilter

Harish Kayarohanam
Hi ,
  I saw your thread
http://maven.40175.n5.nabble.com/Extending-
NexusSecureHttpAuthenticationFilter-in-Nexus-2-1-td5721283.html . I am
facing
the same problem .If all filters are specified in java classes
NexusFilterModule is there a way I can tell nexus oss to use my filter . In
earlier versions all filter configurations used to be in web.xml
<code>
<filter-name>nexusFilter</filter-name>
    <filter-
class>org.sonatype.nexus.security.filter.NexusJSecurityFilter</filter-class>
    <init-param>
      <param-name>config</param-name>
      <param-value>
      [filters]
        authcBasic =
org.sonatype.nexus.security.filter.authc.NexusSecureHttpAuthenticationFilter
        authcBasic.applicationName = Sonatype Nexus Repository Manager API
        authcBasic.fakeAuthScheme = false
     
        authcNxBasic =
org.sonatype.nexus.security.filter.authc.NexusSecureHttpAuthenticationFilter
        authcNxBasic.applicationName = Sonatype Nexus Repository Manager API
(specialized auth)
        authcNxBasic.fakeAuthScheme = true
</code>
so we can replace NexusSecureHttpAuthenticationFilter with our filter.

But now all these filter configuration has been taken into java file named
NexusSecurityFilterModule.java
<code>
        bindAuthcFilter( "authcBasic", false, "Sonatype Nexus Repository
Manager API" );
        bindAuthcFilter( "authcNxBasic", true, "Sonatype Nexus Repository
Manager API (specialized auth)" );
        private void bindAuthcFilter( String name, boolean fakeAuthSchem,
String applicationName )
    {
        NexusSecureHttpAuthenticationFilter filter = new
NexusSecureHttpAuthenticationFilter();
        filter.setApplicationName( applicationName );
        filter.setFakeAuthScheme( Boolean.toString( fakeAuthSchem ) );
        bindNamedFilter( name, filter );
    }
</code>
Now is there a way I can tell nexus oss to use my filter.
 Is there a way out . Can you please help me with that . I am struggling to
find a solution . Please help.


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Extending NexusSecureHttpAuthenticationFilter

AlonsoIR
This post has NOT been accepted by the mailing list yet.
Hi harish, i am worrying, but i. Cant remember this problem. Maybe you can resolve the problem reinstalling nexus or searching the solution  on stackoverflow.com

Good luck

El 26/08/2013, a las 07:15, "Harish Kayarohanam [via Maven]" <[hidden email]> escribió:

Hi ,
  I saw your thread
http://maven.40175.n5.nabble.com/Extending-
NexusSecureHttpAuthenticationFilter-in-Nexus-2-1-td5721283.html . I am
facing
the same problem .If all filters are specified in java classes
NexusFilterModule is there a way I can tell nexus oss to use my filter . In
earlier versions all filter configurations used to be in web.xml
<code>
<filter-name>nexusFilter</filter-name>
    <filter-
class>org.sonatype.nexus.security.filter.NexusJSecurityFilter</filter-class>
    <init-param>
      <param-name>config</param-name>
      <param-value>
      [filters]
        authcBasic =
org.sonatype.nexus.security.filter.authc.NexusSecureHttpAuthenticationFilter
        authcBasic.applicationName = Sonatype Nexus Repository Manager API
        authcBasic.fakeAuthScheme = false
     
        authcNxBasic =
org.sonatype.nexus.security.filter.authc.NexusSecureHttpAuthenticationFilter
        authcNxBasic.applicationName = Sonatype Nexus Repository Manager API
(specialized auth)
        authcNxBasic.fakeAuthScheme = true
</code>
so we can replace NexusSecureHttpAuthenticationFilter with our filter.

But now all these filter configuration has been taken into java file named
NexusSecurityFilterModule.java
<code>
        bindAuthcFilter( "authcBasic", false, "Sonatype Nexus Repository
Manager API" );
        bindAuthcFilter( "authcNxBasic", true, "Sonatype Nexus Repository
Manager API (specialized auth)" );
        private void bindAuthcFilter( String name, boolean fakeAuthSchem,
String applicationName )
    {
        NexusSecureHttpAuthenticationFilter filter = new
NexusSecureHttpAuthenticationFilter();
        filter.setApplicationName( applicationName );
        filter.setFakeAuthScheme( Boolean.toString( fakeAuthSchem ) );
        bindNamedFilter( name, filter );
    }
</code>
Now is there a way I can tell nexus oss to use my filter.
 Is there a way out . Can you please help me with that . I am struggling to
find a solution . Please help.


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]




If you reply to this email, your message will be added to the discussion below:
http://maven.40175.n5.nabble.com/Extending-NexusSecureHttpAuthenticationFilter-tp5768759.html
To start a new topic under Nexus Maven Repository Manager Users List, email [hidden email]
To unsubscribe from Nexus Maven Repository Manager Users List, click here.
NAML
Reply | Threaded
Open this post in threaded view
|

Re: Extending NexusSecureHttpAuthenticationFilter

Jason Dillon-3
In reply to this post by Harish Kayarohanam
Presently there is no plans to expose the security filter configuration for user configuration or extensibility at this time.

Nexus OSS, as its name might suggest, is open-source-software and you are free to customize it as you need.  If you come up with a simple way to configure the filters which you think may be useful to others, then feel free to open a pull request ( https://github.com/sonatype/nexus-oss ) with your changes and we may consider integrating it into the product.

--jason



On August 25, 2013 at 10:15:15 PM, Harish ([hidden email]) wrote:

Hi ,
I saw your thread
http://maven.40175.n5.nabble.com/Extending-
NexusSecureHttpAuthenticationFilter-in-Nexus-2-1-td5721283.html . I am
facing
the same problem .If all filters are specified in java classes
NexusFilterModule is there a way I can tell nexus oss to use my filter . In
earlier versions all filter configurations used to be in web.xml
<code>
<filter-name>nexusFilter</filter-name>
<filter-
class>org.sonatype.nexus.security.filter.NexusJSecurityFilter</filter-class>
<init-param>
<param-name>config</param-name>
<param-value>
[filters]
authcBasic =
org.sonatype.nexus.security.filter.authc.NexusSecureHttpAuthenticationFilter
authcBasic.applicationName = Sonatype Nexus Repository Manager API
authcBasic.fakeAuthScheme = false

authcNxBasic =
org.sonatype.nexus.security.filter.authc.NexusSecureHttpAuthenticationFilter
authcNxBasic.applicationName = Sonatype Nexus Repository Manager API
(specialized auth)
authcNxBasic.fakeAuthScheme = true
</code>
so we can replace NexusSecureHttpAuthenticationFilter with our filter.

But now all these filter configuration has been taken into java file named
NexusSecurityFilterModule.java
<code>
bindAuthcFilter( "authcBasic", false, "Sonatype Nexus Repository
Manager API" );
bindAuthcFilter( "authcNxBasic", true, "Sonatype Nexus Repository
Manager API (specialized auth)" );
private void bindAuthcFilter( String name, boolean fakeAuthSchem,
String applicationName )
{
NexusSecureHttpAuthenticationFilter filter = new
NexusSecureHttpAuthenticationFilter();
filter.setApplicationName( applicationName );
filter.setFakeAuthScheme( Boolean.toString( fakeAuthSchem ) );
bindNamedFilter( name, filter );
}
</code>
Now is there a way I can tell nexus oss to use my filter.
Is there a way out . Can you please help me with that . I am struggling to
find a solution . Please help.


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Extending NexusSecureHttpAuthenticationFilter

Harish Kayarohanam
Jason Dillon <jdillon@...> writes:

>
> Presently there is no plans to expose the security filter configuration
for user configuration or
> extensibility at this time.
>
> Nexus OSS, as its name might suggest, is open-source-software and you are
free to customize it as you need.
>  If you come up with a simple way to configure the filters which you think
may be useful to others, then feel
> free to open a pull request ( https://github.com/sonatype/nexus-oss ) with
your changes and we may
> consider integrating it into the product.
>
> --jason
>
> On August 25, 2013 at 10:15:15 PM, Harish (harish.pmprk <at> gmail.com)
wrote:
>
> Hi ,  
> I saw your thread  
> http://maven.40175.n5.nabble.com/Extending- 
> NexusSecureHttpAuthenticationFilter-in-Nexus-2-1-td5721283.html . I am  
> facing  
> the same problem .If all filters are specified in java classes  
> NexusFilterModule is there a way I can tell nexus oss to use my filter .
In  
> earlier versions all filter configurations used to be in web.xml  
> <code>  
> <filter-name>nexusFilter</filter-name>  
> <filter-  
> class>org.sonatype.nexus.security.filter.NexusJSecurityFilter</filter-
class>  
> <init-param>  
> <param-name>config</param-name>  
> <param-value>  
> [filters]  
> authcBasic =  
>
org.sonatype.nexus.security.filter.authc.NexusSecureHttpAuthenticationFilter
 
> authcBasic.applicationName = Sonatype Nexus Repository Manager API  
> authcBasic.fakeAuthScheme = false  
>
> authcNxBasic =  
>
org.sonatype.nexus.security.filter.authc.NexusSecureHttpAuthenticationFilter
 

> authcNxBasic.applicationName = Sonatype Nexus Repository Manager API  
> (specialized auth)  
> authcNxBasic.fakeAuthScheme = true  
> </code>  
> so we can replace NexusSecureHttpAuthenticationFilter with our filter.  
>
> But now all these filter configuration has been taken into java file named  
> NexusSecurityFilterModule.java  
> <code>  
> bindAuthcFilter( "authcBasic", false, "Sonatype Nexus Repository  
> Manager API" );  
> bindAuthcFilter( "authcNxBasic", true, "Sonatype Nexus Repository  
> Manager API (specialized auth)" );  
> private void bindAuthcFilter( String name, boolean fakeAuthSchem,  
> String applicationName )  
> {  
> NexusSecureHttpAuthenticationFilter filter = new  
> NexusSecureHttpAuthenticationFilter();  
> filter.setApplicationName( applicationName );  
> filter.setFakeAuthScheme( Boolean.toString( fakeAuthSchem ) );  
> bindNamedFilter( name, filter );  
> }  
> </code>  
> Now is there a way I can tell nexus oss to use my filter.  
> Is there a way out . Can you please help me with that . I am struggling to  
> find a solution . Please help.  
>
> ---------------------------------------------------------------------  
> To unsubscribe, e-mail: nexus-user-unsubscribe <at> sonatype.org  
> For additional commands, e-mail: nexus-user-help <at> sonatype.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: nexus-user-unsubscribe@...
> For additional commands, e-mail: nexus-user-help@...

Hi Jason I just tried my way to device a filter module myself for authcbasic
but for some reason I am getting a guice provison exception ,can you please
help me out
I will explain what I did

I am writing a custom filter for nexus to do authentication . when I add the
filter by writing a filter module similar to NexusSecurityFilterModule .I am
getting a guice provision exception. I don't know what is the real cause .
it just says null pointer exception.

Sisu - Problem adding: org.sonatype.guice.bean.locators.LazyBeanEntry@7bb3bc
to: org.apache.shiro.web.filter.mgt.DefaultFilterChainManager@5b460d via:
org.sonatype.security.web.guice.SecurityWebModule$FilterChainManagerProvider
@1d31aaa
com.google.inject.ProvisionException: Guice provision errors:

1) Error in custom provider, java.lang.NullPointerException
  at org.sonatype.guice.bean.binders.LocatorWiring
  while locating org.sonatype.nexus.security.filter.authc.PasswordDecryptor
    for field at
org.sonatype.nexus.security.filter.authc.NexusSecureHttpAuthenticationFilter
.passwordDecryptor(NexusSecureHttpAuthenticationFilter.java:20)
  while locating
net.collab.iaf.sso.authentication.rest.CTFAuthenticationFilter
  at file:/media/blackhole/temp/nexus/nexus-bundle-template-2.6.1-SNAPSHOT-
bundle/nexus-bundle-template-2.6.1-SNAPSHOT/../sonatype-work/nexus/plugin-
repository/authentication-0.0.1-SNAPSHOT/authentication-0.0.1-SNAPSHOT.jar!/
  at file:/media/blackhole/temp/nexus/nexus-bundle-template-2.6.1-SNAPSHOT-
bundle/nexus-bundle-template-2.6.1-SNAPSHOT/../sonatype-work/nexus/plugin-
repository/authentication-0.0.1-SNAPSHOT/authentication-0.0.1-SNAPSHOT.jar!/
  while locating javax.servlet.Filter annotated with
@com.google.inject.name.Named(value=authcBasic)

1 error
    at com.google.inject.internal.InjectorImpl$2.get(InjectorImpl.java:1006)
[sisu-guice-3.1.4.jar:3.1.4]
My custom filter module is same as the NexusSecurityFilterModule.java , with
just filters for authcBasic and authcNxBasic . here I have a custom filter
by name CTFAuthenticationFilter instead of the
NexusSecureHttpAuthenticationFilter . Please give some directions to solve
this issue . snip of my filter module is as follows

@Override
    protected void configure() {
        requireBinding(FilterChainResolver.class);
        logger.info("I am inside collabnetsso");
        bindAuthcFilter("authcBasic", false, "Sonatype Nexus Repository
Manager API");
        bindAuthcFilter("authcNxBasic", true, "Sonatype Nexus Repository
Manager API (specialized auth)");

    }

    private void bindAuthcFilter(String name, boolean fakeAuthSchem, String
applicationName) {
        logger.info("I am inside collabnetsso authc module");
        CTFAuthenticationFilter filter = new CTFAuthenticationFilter();
        filter.setApplicationName(applicationName);
        filter.setFakeAuthScheme(Boolean.toString(fakeAuthSchem));
        bindNamedFilter(name, filter);
    }




---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]