changeset 71:29c6049b8e06 8.0.x

(grafted from 8.1.x) log most of details of auth process
author Evgeniy.Koshkin
date Thu, 27 Feb 2014 12:10:05 +0400
parents d5dcce1dae94
children 2f96f552f1bd
files server/src/jetbrains/buildServer/symbols/AuthHelper.java
diffstat 1 files changed, 29 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/server/src/jetbrains/buildServer/symbols/AuthHelper.java	Wed Feb 26 18:01:24 2014 +0400
+++ b/server/src/jetbrains/buildServer/symbols/AuthHelper.java	Thu Feb 27 12:10:05 2014 +0400
@@ -7,6 +7,7 @@
 import jetbrains.buildServer.users.SUser;
 import jetbrains.buildServer.users.UserModel;
 import jetbrains.buildServer.util.Predicate;
+import org.apache.log4j.Logger;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
 
@@ -19,6 +20,8 @@
  */
 public class AuthHelper {
 
+  private static final Logger LOG = Logger.getLogger(AuthHelper.class);
+
   @NotNull private final ServerSettings myServerSettings;
   @NotNull private final UserModel myUserModel;
   @NotNull private final HttpAuthenticationManager myAuthManager;
@@ -36,23 +39,46 @@
                                     @NotNull HttpServletResponse response,
                                     @NotNull Predicate<SUser> hasPermissions) throws IOException {
     if(myServerSettings.isGuestLoginAllowed()) {
+      LOG.debug("Guest access enabled on the server. Trying to check permissions of Guest.");
       final SUser guestUser = myUserModel.getGuestUser();
-      if(hasPermissions.apply(guestUser)) return guestUser;
+      if (hasPermissions.apply(guestUser)) {
+        LOG.debug("Guest user has enough permissions to process request.");
+        return guestUser;
+      }
+      LOG.debug("Guest user has NO permissions to process request. Will try to authenticate incoming request.");
+    } else {
+      LOG.debug("Guest access disabled on the server. Will try to authenticate incoming request.");
     }
+    LOG.debug("Trying to authenticate incoming request.");
     final HttpAuthenticationResult authResult = myAuthManager.processAuthenticationRequest(request, response);
     switch (authResult.getType()) {
       case NOT_APPLICABLE:
+        //TODO
+        LOG.debug("NOT_APPLICABLE");
         myAuthManager.processUnauthenticatedRequest(request, response);
         return null;
       case UNAUTHENTICATED:
+        //TODO
+        LOG.debug("UNAUTHENTICATED");
         return null;
     }
+    LOG.debug("Incoming request was authenticated successfully.");
     final ServerPrincipal principal = authResult.getPrincipal();
-    final SUser user = myUserModel.findUserAccount(principal.getRealm(), principal.getName());
+    final String realm = principal.getRealm();
+    final String name = principal.getName();
+    final SUser user = myUserModel.findUserAccount(realm, name);
     if(user == null){
+      LOG.warn(String.format("Failed to find user account by realm (%s) and name (%s)", realm, name));
       response.sendError(HttpServletResponse.SC_FORBIDDEN, "Access denied");
       return null;
     }
-    return hasPermissions.apply(user) ? user : null;
+    LOG.debug(String.format("Found user account (id %s) by realm (%s) and name (%s)", user.getId(), realm, name));
+    final boolean hasAccess = hasPermissions.apply(user);
+    if (hasAccess) {
+      LOG.debug(String.format("Located user (name %s) has enough permissions to process the request.", name));
+      return user;
+    }
+    LOG.warn(String.format("Located user (name %s) has NO permissions to process the request.", name));
+    return null;
   }
 }