use of com.xpn.xwiki.user.api.XWikiUser in project xwiki-platform by xwiki.
the class XWikiCachingRightService method authenticateUser.
/**
* Ensure user authentication if needed.
*
* @param context Current XWikiContext
*/
private void authenticateUser(XWikiContext context) {
DocumentReference contextUserReference = context.getUserReference();
DocumentReference userReference = contextUserReference;
if (userReference == null && context.getMode() != XWikiContext.MODE_XMLRPC) {
try {
XWikiUser user = context.getWiki().checkAuth(context);
if (user != null) {
userReference = resolveUserName(user.getUser(), new WikiReference(context.getWikiId()));
}
} catch (XWikiException e) {
LOGGER.error("Caught exception while authenticating user.", e);
}
}
if (userReference != null && XWikiConstants.GUEST_USER.equals(userReference.getName())) {
// Public users (not logged in) should be passed as null in the new API. It may happen that badly
// design code, and poorly written API does not take care, so we prevent security issue here.
userReference = null;
}
if (userReference != contextUserReference && (userReference == null || !userReference.equals(contextUserReference))) {
context.setUserReference(userReference);
}
}
use of com.xpn.xwiki.user.api.XWikiUser in project xwiki-platform by xwiki.
the class XWikiAuthServiceImpl method checkAuth.
@Override
public XWikiUser checkAuth(XWikiContext context) throws XWikiException {
// Debug time taken.
long time = System.currentTimeMillis();
HttpServletRequest request = null;
HttpServletResponse response = context.getResponse();
if (context.getRequest() != null) {
request = context.getRequest().getHttpServletRequest();
}
if (request == null) {
return null;
}
XWikiAuthenticator auth = getAuthenticator(context);
SecurityRequestWrapper wrappedRequest = new SecurityRequestWrapper(request, null, null, auth.getAuthMethod());
try {
if (auth.processLogin(wrappedRequest, response, context)) {
return null;
}
// Process logout (this only works with Forms)
if (auth.processLogout(wrappedRequest, response, new URLPatternMatcher())) {
if (LOGGER.isInfoEnabled()) {
LOGGER.info("User " + context.getUser() + " has been logged-out");
}
wrappedRequest.setUserPrincipal(null);
return null;
}
final String userName = getContextUserName(wrappedRequest.getUserPrincipal(), context);
if (LOGGER.isInfoEnabled()) {
if (userName != null) {
LOGGER.info("User " + userName + " is authentified");
}
}
if (userName == null) {
return null;
}
return new XWikiUser(userName);
} catch (Exception e) {
LOGGER.error("Failed to authenticate", e);
return null;
} finally {
LOGGER.debug("XWikiAuthServiceImpl.checkAuth(XWikiContext) took " + (System.currentTimeMillis() - time) + " milliseconds to run.");
}
}
use of com.xpn.xwiki.user.api.XWikiUser in project xwiki-platform by xwiki.
the class XWiki method getUser.
public User getUser(XWikiContext context) {
XWikiUser xwikiUser = context.getXWikiUser();
User user = new User(xwikiUser, context);
return user;
}
use of com.xpn.xwiki.user.api.XWikiUser in project xwiki-platform by xwiki.
the class XWikiContext method setUserReference.
public void setUserReference(DocumentReference userReference) {
if (userReference == null) {
this.userReference = null;
remove(USER_KEY);
remove(USERREFERENCE_KEY);
} else {
this.userReference = new DocumentReference(userReference);
boolean ismain = isMainWiki(this.userReference.getWikiReference().getName());
put(USER_KEY, new XWikiUser(getUser(), ismain));
put(USERREFERENCE_KEY, this.userReference);
// Log this since it's probably a mistake so that we find who is doing bad things
if (this.userReference.getName().equals(XWikiRightService.GUEST_USER)) {
LOGGER.warn("A reference to XWikiGuest user has been set instead of null. This is probably a mistake.", new Exception("See stack trace"));
}
}
}
Aggregations