Search in sources :

Example 1 with AuthenticationManager

use of org.apache.wiki.auth.AuthenticationManager in project jspwiki by apache.

the class MetaWeblogHandler method checkPermissions.

/**
 *  Does a quick check against the current user
 *  and does he have permissions to do the stuff
 *  that he really wants to.
 *  <p>
 *  If there is no authentication enabled, returns normally.
 *
 *  @throw XmlRpcException with the correct error message, if auth fails.
 */
private void checkPermissions(WikiPage page, String username, String password, String permission) throws XmlRpcException {
    try {
        AuthenticationManager amm = m_context.getEngine().getAuthenticationManager();
        AuthorizationManager mgr = m_context.getEngine().getAuthorizationManager();
        if (amm.login(m_context.getWikiSession(), m_context.getHttpRequest(), username, password)) {
            if (!mgr.checkPermission(m_context.getWikiSession(), PermissionFactory.getPagePermission(page, permission))) {
                throw new XmlRpcException(1, "No permission");
            }
        } else {
            throw new XmlRpcException(1, "Unknown login");
        }
    } catch (WikiSecurityException e) {
        throw new XmlRpcException(1, e.getMessage(), e);
    }
    return;
}
Also used : AuthenticationManager(org.apache.wiki.auth.AuthenticationManager) WikiSecurityException(org.apache.wiki.auth.WikiSecurityException) AuthorizationManager(org.apache.wiki.auth.AuthorizationManager) XmlRpcException(org.apache.xmlrpc.XmlRpcException)

Example 2 with AuthenticationManager

use of org.apache.wiki.auth.AuthenticationManager in project jspwiki by apache.

the class UserCheckTag method doWikiStartTag.

/**
 * {@inheritDoc}
 * @see org.apache.wiki.tags.WikiTagBase#doWikiStartTag()
 */
@Override
public final int doWikiStartTag() throws IOException {
    WikiSession session = m_wikiContext.getWikiSession();
    String status = session.getStatus();
    AuthenticationManager mgr = m_wikiContext.getEngine().getAuthenticationManager();
    boolean containerAuth = mgr.isContainerAuthenticated();
    boolean cookieAssertions = mgr.allowsCookieAssertions();
    if (m_status != null) {
        if (ANONYMOUS.equals(m_status)) {
            if (status.equals(WikiSession.ANONYMOUS)) {
                return EVAL_BODY_INCLUDE;
            }
        } else if (AUTHENTICATED.equals(m_status)) {
            if (status.equals(WikiSession.AUTHENTICATED)) {
                return EVAL_BODY_INCLUDE;
            }
        } else if (ASSERTED.equals(m_status)) {
            if (status.equals(WikiSession.ASSERTED)) {
                return EVAL_BODY_INCLUDE;
            }
        } else if (ASSERTIONS_ALLOWED.equals(m_status)) {
            if (cookieAssertions) {
                return EVAL_BODY_INCLUDE;
            }
            return SKIP_BODY;
        } else if (ASSERTIONS_NOT_ALLOWED.equals(m_status)) {
            if (!cookieAssertions) {
                return EVAL_BODY_INCLUDE;
            }
            return SKIP_BODY;
        } else if (CONTAINER_AUTH.equals(m_status)) {
            if (containerAuth) {
                return EVAL_BODY_INCLUDE;
            }
            return SKIP_BODY;
        } else if (CUSTOM_AUTH.equals(m_status)) {
            if (!containerAuth) {
                return EVAL_BODY_INCLUDE;
            }
            return SKIP_BODY;
        } else if (KNOWN.equals(m_status)) {
            if (!session.isAnonymous()) {
                return EVAL_BODY_INCLUDE;
            }
            return SKIP_BODY;
        } else if (NOT_AUTHENTICATED.equals(m_status)) {
            if (!status.equals(WikiSession.AUTHENTICATED)) {
                return EVAL_BODY_INCLUDE;
            }
        }
    }
    return SKIP_BODY;
}
Also used : AuthenticationManager(org.apache.wiki.auth.AuthenticationManager) WikiSession(org.apache.wiki.WikiSession)

Example 3 with AuthenticationManager

use of org.apache.wiki.auth.AuthenticationManager in project jspwiki by apache.

the class UserProfileTag method doWikiStartTag.

public final int doWikiStartTag() throws IOException, WikiSecurityException {
    UserManager manager = m_wikiContext.getEngine().getUserManager();
    UserProfile profile = manager.getUserProfile(m_wikiContext.getWikiSession());
    String result = null;
    if (EXISTS.equals(m_prop) || NOT_NEW.equals(m_prop)) {
        return profile.isNew() ? SKIP_BODY : EVAL_BODY_INCLUDE;
    } else if (NEW.equals(m_prop) || NOT_EXISTS.equals(m_prop)) {
        return profile.isNew() ? EVAL_BODY_INCLUDE : SKIP_BODY;
    } else if (CREATED.equals(m_prop) && profile.getCreated() != null) {
        result = profile.getCreated().toString();
    } else if (EMAIL.equals(m_prop)) {
        result = profile.getEmail();
    } else if (FULLNAME.equals(m_prop)) {
        result = profile.getFullname();
    } else if (GROUPS.equals(m_prop)) {
        result = printGroups(m_wikiContext);
    } else if (LOGINNAME.equals(m_prop)) {
        result = profile.getLoginName();
    } else if (MODIFIED.equals(m_prop) && profile.getLastModified() != null) {
        result = profile.getLastModified().toString();
    } else if (ROLES.equals(m_prop)) {
        result = printRoles(m_wikiContext);
    } else if (WIKINAME.equals(m_prop)) {
        result = profile.getWikiName();
        if (result == null) {
            // 
            // Default back to the declared user name
            // 
            WikiEngine engine = this.m_wikiContext.getEngine();
            WikiSession wikiSession = WikiSession.getWikiSession(engine, (HttpServletRequest) pageContext.getRequest());
            Principal user = wikiSession.getUserPrincipal();
            if (user != null) {
                result = user.getName();
            }
        }
    } else if (CHANGE_PASSWORD.equals(m_prop) || CHANGE_LOGIN_NAME.equals(m_prop)) {
        AuthenticationManager authMgr = m_wikiContext.getEngine().getAuthenticationManager();
        if (!authMgr.isContainerAuthenticated()) {
            return EVAL_BODY_INCLUDE;
        }
    } else if (NOT_CHANGE_PASSWORD.equals(m_prop) || NOT_CHANGE_LOGIN_NAME.equals(m_prop)) {
        AuthenticationManager authMgr = m_wikiContext.getEngine().getAuthenticationManager();
        if (authMgr.isContainerAuthenticated()) {
            return EVAL_BODY_INCLUDE;
        }
    }
    if (result != null) {
        pageContext.getOut().print(TextUtil.replaceEntities(result));
    }
    return SKIP_BODY;
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) AuthenticationManager(org.apache.wiki.auth.AuthenticationManager) WikiSession(org.apache.wiki.WikiSession) UserProfile(org.apache.wiki.auth.user.UserProfile) UserManager(org.apache.wiki.auth.UserManager) WikiEngine(org.apache.wiki.WikiEngine) Principal(java.security.Principal) GroupPrincipal(org.apache.wiki.auth.GroupPrincipal)

Example 4 with AuthenticationManager

use of org.apache.wiki.auth.AuthenticationManager in project jspwiki by apache.

the class WikiEngine method initialize.

/**
 *  Does all the real initialization.
 */
private void initialize(Properties props) throws WikiException {
    m_startTime = new Date();
    m_properties = props;
    // 
    if (!c_configured) {
        String useExternalLogConfig = TextUtil.getStringProperty(props, "jspwiki.use.external.logconfig", "false");
        if (useExternalLogConfig == null || useExternalLogConfig.equals("false")) {
            PropertyConfigurator.configure(props);
        }
        c_configured = true;
    }
    log.info("*******************************************");
    log.info(Release.APPNAME + " " + Release.getVersionString() + " starting. Whee!");
    // begin initialization
    fireEvent(WikiEngineEvent.INITIALIZING);
    log.debug("Java version: " + System.getProperty("java.runtime.version"));
    log.debug("Java vendor: " + System.getProperty("java.vm.vendor"));
    log.debug("OS: " + System.getProperty("os.name") + " " + System.getProperty("os.version") + " " + System.getProperty("os.arch"));
    log.debug("Default server locale: " + Locale.getDefault());
    log.debug("Default server timezone: " + TimeZone.getDefault().getDisplayName(true, TimeZone.LONG));
    if (m_servletContext != null) {
        log.info("Servlet container: " + m_servletContext.getServerInfo());
        if (m_servletContext.getMajorVersion() < 2 || (m_servletContext.getMajorVersion() == 2 && m_servletContext.getMinorVersion() < 4)) {
            throw new InternalWikiException("I require a container which supports at least version 2.4 of Servlet specification");
        }
    }
    log.debug("Configuring WikiEngine...");
    // Initializes the CommandResolver
    m_commandResolver = new CommandResolver(this, props);
    // 
    // Create and find the default working directory.
    // 
    m_workDir = TextUtil.getStringProperty(props, PROP_WORKDIR, null);
    if (m_workDir == null) {
        m_workDir = System.getProperty("java.io.tmpdir", ".");
        m_workDir += File.separator + Release.APPNAME + "-" + m_appid;
    }
    try {
        File f = new File(m_workDir);
        f.mkdirs();
        // 
        if (!f.exists())
            throw new WikiException("Work directory does not exist: " + m_workDir);
        if (!f.canRead())
            throw new WikiException("No permission to read work directory: " + m_workDir);
        if (!f.canWrite())
            throw new WikiException("No permission to write to work directory: " + m_workDir);
        if (!f.isDirectory())
            throw new WikiException("jspwiki.workDir does not point to a directory: " + m_workDir);
    } catch (SecurityException e) {
        log.fatal("Unable to find or create the working directory: " + m_workDir, e);
        throw new IllegalArgumentException("Unable to find or create the working dir: " + m_workDir, e);
    }
    log.info("JSPWiki working directory is '" + m_workDir + "'");
    m_saveUserInfo = TextUtil.getBooleanProperty(props, PROP_STOREUSERNAME, m_saveUserInfo);
    m_useUTF8 = "UTF-8".equals(TextUtil.getStringProperty(props, PROP_ENCODING, "ISO-8859-1"));
    m_beautifyTitle = TextUtil.getBooleanProperty(props, PROP_BEAUTIFYTITLE, m_beautifyTitle);
    m_templateDir = TextUtil.getStringProperty(props, PROP_TEMPLATEDIR, "default");
    m_frontPage = TextUtil.getStringProperty(props, PROP_FRONTPAGE, "Main");
    // Initialize the page name comparator now as it may be used while
    // initializing other modules
    initPageSorter(props);
    // of a better way to do the startup-sequence.
    try {
        Class<?> urlclass = ClassUtil.findClass("org.apache.wiki.url", TextUtil.getStringProperty(props, PROP_URLCONSTRUCTOR, "DefaultURLConstructor"));
        m_urlConstructor = (URLConstructor) urlclass.newInstance();
        m_urlConstructor.initialize(this, props);
        m_pageManager = (PageManager) ClassUtil.getMappedObject(PageManager.class.getName(), this, props);
        m_pluginManager = (PluginManager) ClassUtil.getMappedObject(PluginManager.class.getName(), this, props);
        m_differenceManager = (DifferenceManager) ClassUtil.getMappedObject(DifferenceManager.class.getName(), this, props);
        m_attachmentManager = (AttachmentManager) ClassUtil.getMappedObject(AttachmentManager.class.getName(), this, props);
        m_variableManager = (VariableManager) ClassUtil.getMappedObject(VariableManager.class.getName(), props);
        // m_filterManager     = (FilterManager)ClassUtil.getMappedObject(FilterManager.class.getName(), this, props );
        m_renderingManager = (RenderingManager) ClassUtil.getMappedObject(RenderingManager.class.getName());
        m_searchManager = (SearchManager) ClassUtil.getMappedObject(SearchManager.class.getName(), this, props);
        m_authenticationManager = (AuthenticationManager) ClassUtil.getMappedObject(AuthenticationManager.class.getName());
        m_authorizationManager = (AuthorizationManager) ClassUtil.getMappedObject(AuthorizationManager.class.getName());
        m_userManager = (UserManager) ClassUtil.getMappedObject(UserManager.class.getName());
        m_groupManager = (GroupManager) ClassUtil.getMappedObject(GroupManager.class.getName());
        m_editorManager = (EditorManager) ClassUtil.getMappedObject(EditorManager.class.getName(), this);
        m_editorManager.initialize(props);
        m_progressManager = new ProgressManager();
        // Initialize the authentication, authorization, user and acl managers
        m_authenticationManager.initialize(this, props);
        m_authorizationManager.initialize(this, props);
        m_userManager.initialize(this, props);
        m_groupManager.initialize(this, props);
        m_aclManager = getAclManager();
        // Start the Workflow manager
        m_workflowMgr = (WorkflowManager) ClassUtil.getMappedObject(WorkflowManager.class.getName());
        m_workflowMgr.initialize(this, props);
        m_internationalizationManager = (InternationalizationManager) ClassUtil.getMappedObject(InternationalizationManager.class.getName(), this);
        m_templateManager = (TemplateManager) ClassUtil.getMappedObject(TemplateManager.class.getName(), this, props);
        // Since we want to use a page filters initilize() method
        // as a engine startup listener where we can initialize global event listeners,
        // it must be called lastly, so that all object references in the engine
        // are availabe to the initialize() method
        m_filterManager = (FilterManager) ClassUtil.getMappedObject(FilterManager.class.getName(), this, props);
        m_adminBeanManager = (AdminBeanManager) ClassUtil.getMappedObject(AdminBeanManager.class.getName(), this);
        // RenderingManager depends on FilterManager events.
        m_renderingManager.initialize(this, props);
        // 
        // ReferenceManager has the side effect of loading all
        // pages.  Therefore after this point, all page attributes
        // are available.
        // 
        // initReferenceManager is indirectly using m_filterManager, therefore
        // it has to be called after it was initialized.
        // 
        initReferenceManager();
        // 
        // Hook the different manager routines into the system.
        // 
        m_filterManager.addPageFilter(m_referenceManager, -1001);
        m_filterManager.addPageFilter(m_searchManager, -1002);
    } catch (RuntimeException e) {
        // RuntimeExceptions may occur here, even if they shouldn't.
        log.fatal("Failed to start managers.", e);
        throw new WikiException("Failed to start managers: " + e.getMessage(), e);
    } catch (ClassNotFoundException e) {
        log.fatal("JSPWiki could not start, URLConstructor was not found: " + e.getMessage(), e);
        throw new WikiException(e.getMessage(), e);
    } catch (InstantiationException e) {
        log.fatal("JSPWiki could not start, URLConstructor could not be instantiated: " + e.getMessage(), e);
        throw new WikiException(e.getMessage(), e);
    } catch (IllegalAccessException e) {
        log.fatal("JSPWiki could not start, URLConstructor cannot be accessed: " + e.getMessage(), e);
        throw new WikiException(e.getMessage(), e);
    } catch (Exception e) {
        // Final catch-all for everything
        log.fatal("JSPWiki could not start, due to an unknown exception when starting.", e);
        throw new WikiException("Failed to start. Caused by: " + e.getMessage() + "; please check log files for better information.", e);
    }
    // 
    try {
        if (TextUtil.getBooleanProperty(props, RSSGenerator.PROP_GENERATE_RSS, false)) {
            m_rssGenerator = (RSSGenerator) ClassUtil.getMappedObject(RSSGenerator.class.getName(), this, props);
        }
        m_pageRenamer = (PageRenamer) ClassUtil.getMappedObject(PageRenamer.class.getName(), this, props);
    } catch (Exception e) {
        log.error("Unable to start RSS generator - JSPWiki will still work, " + "but there will be no RSS feed.", e);
    }
    // Start the RSS generator & generator thread
    if (m_rssGenerator != null) {
        m_rssFile = TextUtil.getStringProperty(props, RSSGenerator.PROP_RSSFILE, "rss.rdf");
        File rssFile = null;
        if (m_rssFile.startsWith(File.separator)) {
            // honor absolute pathnames:
            rssFile = new File(m_rssFile);
        } else {
            // relative path names are anchored from the webapp root path:
            rssFile = new File(getRootPath(), m_rssFile);
        }
        int rssInterval = TextUtil.getIntegerProperty(props, RSSGenerator.PROP_INTERVAL, 3600);
        RSSThread rssThread = new RSSThread(this, rssFile, rssInterval);
        rssThread.start();
    }
    // initialization complete
    fireEvent(WikiEngineEvent.INITIALIZED);
    log.info("WikiEngine configured.");
    m_isConfigured = true;
}
Also used : WikiException(org.apache.wiki.api.exceptions.WikiException) RSSThread(org.apache.wiki.rss.RSSThread) WorkflowManager(org.apache.wiki.workflow.WorkflowManager) GroupManager(org.apache.wiki.auth.authorize.GroupManager) FilterManager(org.apache.wiki.api.engine.FilterManager) AdminBeanManager(org.apache.wiki.api.engine.AdminBeanManager) PluginManager(org.apache.wiki.api.engine.PluginManager) TemplateManager(org.apache.wiki.ui.TemplateManager) EditorManager(org.apache.wiki.ui.EditorManager) InternationalizationManager(org.apache.wiki.i18n.InternationalizationManager) SearchManager(org.apache.wiki.search.SearchManager) RSSGenerator(org.apache.wiki.rss.RSSGenerator) CommandResolver(org.apache.wiki.ui.CommandResolver) Date(java.util.Date) WikiException(org.apache.wiki.api.exceptions.WikiException) DecisionRequiredException(org.apache.wiki.workflow.DecisionRequiredException) NoSuchVariableException(org.apache.wiki.api.exceptions.NoSuchVariableException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) FilterException(org.apache.wiki.api.exceptions.FilterException) IOException(java.io.IOException) ProviderException(org.apache.wiki.api.exceptions.ProviderException) AuthenticationManager(org.apache.wiki.auth.AuthenticationManager) DifferenceManager(org.apache.wiki.diff.DifferenceManager) RenderingManager(org.apache.wiki.render.RenderingManager) UserManager(org.apache.wiki.auth.UserManager) ProgressManager(org.apache.wiki.ui.progress.ProgressManager) PageRenamer(org.apache.wiki.content.PageRenamer) AttachmentManager(org.apache.wiki.attachment.AttachmentManager) AuthorizationManager(org.apache.wiki.auth.AuthorizationManager) File(java.io.File)

Aggregations

AuthenticationManager (org.apache.wiki.auth.AuthenticationManager)4 WikiSession (org.apache.wiki.WikiSession)2 AuthorizationManager (org.apache.wiki.auth.AuthorizationManager)2 UserManager (org.apache.wiki.auth.UserManager)2 File (java.io.File)1 IOException (java.io.IOException)1 UnsupportedEncodingException (java.io.UnsupportedEncodingException)1 Principal (java.security.Principal)1 Date (java.util.Date)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 WikiEngine (org.apache.wiki.WikiEngine)1 AdminBeanManager (org.apache.wiki.api.engine.AdminBeanManager)1 FilterManager (org.apache.wiki.api.engine.FilterManager)1 PluginManager (org.apache.wiki.api.engine.PluginManager)1 FilterException (org.apache.wiki.api.exceptions.FilterException)1 NoSuchVariableException (org.apache.wiki.api.exceptions.NoSuchVariableException)1 ProviderException (org.apache.wiki.api.exceptions.ProviderException)1 WikiException (org.apache.wiki.api.exceptions.WikiException)1 AttachmentManager (org.apache.wiki.attachment.AttachmentManager)1 GroupPrincipal (org.apache.wiki.auth.GroupPrincipal)1