Example 1 with NoSuchPrincipalException
use of org.apache.wiki.auth.NoSuchPrincipalException in project jspwiki by apache.
the class Installer method createAdministrator.
/**
* Creates an administrative user and returns the new password.
* If the admin user exists, the password will be <code>null</code>.
* @return the password
* @throws WikiSecurityException
*/
public String createAdministrator() throws WikiSecurityException {
if (!m_validated) {
throw new WikiSecurityException("Cannot create administrator because one or more of the installation settings are invalid.");
}
if (adminExists()) {
return null;
}
// See if the admin user exists already
UserManager userMgr = m_engine.getUserManager();
UserDatabase userDb = userMgr.getUserDatabase();
String password = null;
try {
userDb.findByLoginName(ADMIN_ID);
} catch (NoSuchPrincipalException e) {
// Create a random 12-character password
password = TextUtil.generateRandomPassword();
UserProfile profile = userDb.newProfile();
profile.setLoginName(ADMIN_ID);
profile.setFullname(ADMIN_NAME);
profile.setPassword(password);
userDb.save(profile);
}
// Create a new admin group
GroupManager groupMgr = m_engine.getGroupManager();
Group group = null;
try {
group = groupMgr.getGroup(ADMIN_GROUP);
group.add(new WikiPrincipal(ADMIN_NAME));
} catch (NoSuchPrincipalException e) {
group = groupMgr.parseGroup(ADMIN_GROUP, ADMIN_NAME, true);
}
groupMgr.setGroup(m_session, group);
return password;
}
Also used :
WikiSecurityException(org.apache.wiki.auth.WikiSecurityException)
Group(org.apache.wiki.auth.authorize.Group)
UserProfile(org.apache.wiki.auth.user.UserProfile)
WikiPrincipal(org.apache.wiki.auth.WikiPrincipal)
UserManager(org.apache.wiki.auth.UserManager)
UserDatabase(org.apache.wiki.auth.user.UserDatabase)
NoSuchPrincipalException(org.apache.wiki.auth.NoSuchPrincipalException)
GroupManager(org.apache.wiki.auth.authorize.GroupManager)
Example 2 with NoSuchPrincipalException
use of org.apache.wiki.auth.NoSuchPrincipalException in project jspwiki by apache.
the class UserBean method doPost.
public String doPost(WikiContext context) {
HttpServletRequest request = context.getHttpRequest();
WikiSession session = context.getWikiSession();
UserManager mgr = context.getEngine().getUserManager();
String loginid = request.getParameter("loginid");
String loginname = request.getParameter("loginname");
String fullname = request.getParameter("fullname");
String password = request.getParameter("password");
String password2 = request.getParameter("password2");
String email = request.getParameter("email");
if (request.getParameter("action").equalsIgnoreCase("remove")) {
try {
mgr.getUserDatabase().deleteByLoginName(loginid);
session.addMessage("User profile " + loginid + " (" + fullname + ") has been deleted");
} catch (NoSuchPrincipalException e) {
session.addMessage("User profile has already been removed");
} catch (WikiSecurityException e) {
session.addMessage("Security problem: " + e);
}
return "";
}
if (password != null && password.length() > 0 && !password.equals(password2)) {
session.addMessage("Passwords do not match!");
return "";
}
UserProfile p;
if (loginid.equals("--New--")) {
// Create new user
p = mgr.getUserDatabase().newProfile();
p.setCreated(new Date());
} else {
try {
p = mgr.getUserDatabase().findByLoginName(loginid);
} catch (NoSuchPrincipalException e) {
session.addMessage("I could not find user profile " + loginid);
return "";
}
}
p.setEmail(email);
p.setFullname(fullname);
if (password != null && password.length() > 0)
p.setPassword(password);
p.setLoginName(loginname);
try {
mgr.getUserDatabase().save(p);
} catch (WikiSecurityException e) {
session.addMessage("Unable to save " + e.getMessage());
}
session.addMessage("User profile has been updated");
return "";
}
Also used :
HttpServletRequest(javax.servlet.http.HttpServletRequest)
WikiSession(org.apache.wiki.WikiSession)
WikiSecurityException(org.apache.wiki.auth.WikiSecurityException)
UserProfile(org.apache.wiki.auth.user.UserProfile)
UserManager(org.apache.wiki.auth.UserManager)
NoSuchPrincipalException(org.apache.wiki.auth.NoSuchPrincipalException)
Date(java.util.Date)
Example 3 with NoSuchPrincipalException
use of org.apache.wiki.auth.NoSuchPrincipalException in project jspwiki by apache.
the class GroupManager method removeGroup.
/**
* Removes a named Group from the group database. If not found, throws a
* <code>NoSuchPrincipalException</code>. After removal, this method will
* commit the delete to the back-end group database. It will also fire a
* {@link org.apache.wiki.event.WikiSecurityEvent#GROUP_REMOVE} event with
* the GroupManager instance as the source and the Group as target.
* If <code>index</code> is <code>null</code>, this method throws
* an {@link IllegalArgumentException}.
* @param index the group to remove
* @throws WikiSecurityException if the Group cannot be removed by
* the back-end
* @see org.apache.wiki.auth.authorize.GroupDatabase#delete(Group)
*/
public void removeGroup(String index) throws WikiSecurityException {
if (index == null) {
throw new IllegalArgumentException("Group cannot be null.");
}
Group group = m_groups.get(new GroupPrincipal(index));
if (group == null) {
throw new NoSuchPrincipalException("Group " + index + " not found");
}
// TODO: need rollback procedure
synchronized (m_groups) {
m_groups.remove(group.getPrincipal());
}
m_groupDatabase.delete(group);
fireEvent(WikiSecurityEvent.GROUP_REMOVE, group);
}
Also used :
GroupPrincipal(org.apache.wiki.auth.GroupPrincipal)
NoSuchPrincipalException(org.apache.wiki.auth.NoSuchPrincipalException)
Example 4 with NoSuchPrincipalException
use of org.apache.wiki.auth.NoSuchPrincipalException in project jspwiki by apache.
the class GroupManager method parseGroup.
/**
* <p>
* Extracts group name and members from passed parameters and populates an
* existing Group with them. The Group will either be a copy of an existing
* Group (if one can be found), or a new, unregistered Group (if not).
* Optionally, this method can throw a WikiSecurityException if the Group
* does not yet exist in the GroupManager cache.
* </p>
* <p>
* The <code>group</code> parameter in the HTTP request contains the Group
* name to look up and populate. The <code>members</code> parameter
* contains the member list. If these differ from those in the existing
* group, the passed values override the old values.
* </p>
* <p>
* This method does not commit the new Group to the GroupManager cache. To
* do that, use {@link #setGroup(WikiSession, Group)}.
* </p>
* @param name the name of the group to construct
* @param memberLine the line of text containing the group membership list
* @param create whether this method should create a new, empty Group if one
* with the requested name is not found. If <code>false</code>,
* groups that do not exist will cause a
* <code>NoSuchPrincipalException</code> to be thrown
* @return a new, populated group
* @see org.apache.wiki.auth.authorize.Group#RESTRICTED_GROUPNAMES
* @throws WikiSecurityException if the group name isn't allowed, or if
* <code>create</code> is <code>false</code>
* and the Group named <code>name</code> does not exist
*/
public Group parseGroup(String name, String memberLine, boolean create) throws WikiSecurityException {
// If null name parameter, it's because someone's creating a new group
if (name == null) {
if (create) {
name = "MyGroup";
} else {
throw new WikiSecurityException("Group name cannot be blank.");
}
} else if (ArrayUtils.contains(Group.RESTRICTED_GROUPNAMES, name)) {
// Certain names are forbidden
throw new WikiSecurityException("Illegal group name: " + name);
}
name = name.trim();
// Normalize the member line
if (InputValidator.isBlank(memberLine)) {
memberLine = "";
}
memberLine = memberLine.trim();
// Create or retrieve the group (may have been previously cached)
Group group = new Group(name, m_engine.getApplicationName());
try {
Group existingGroup = getGroup(name);
// If existing, clone it
group.setCreator(existingGroup.getCreator());
group.setCreated(existingGroup.getCreated());
group.setModifier(existingGroup.getModifier());
group.setLastModified(existingGroup.getLastModified());
for (Principal existingMember : existingGroup.members()) {
group.add(existingMember);
}
} catch (NoSuchPrincipalException e) {
// It's a new group.... throw error if we don't create new ones
if (!create) {
throw new NoSuchPrincipalException("Group '" + name + "' does not exist.");
}
}
// If passed members not empty, overwrite
String[] members = extractMembers(memberLine);
if (members.length > 0) {
group.clear();
for (String member : members) {
group.add(new WikiPrincipal(member));
}
}
return group;
}
Also used :
WikiSecurityException(org.apache.wiki.auth.WikiSecurityException)
WikiPrincipal(org.apache.wiki.auth.WikiPrincipal)
NoSuchPrincipalException(org.apache.wiki.auth.NoSuchPrincipalException)
GroupPrincipal(org.apache.wiki.auth.GroupPrincipal)
WikiPrincipal(org.apache.wiki.auth.WikiPrincipal)
Principal(java.security.Principal)
Example 5 with NoSuchPrincipalException
use of org.apache.wiki.auth.NoSuchPrincipalException in project jspwiki by apache.
the class JDBCGroupDatabase method findGroup.
/**
* Loads and returns a Group from the back-end database matching a supplied
* name.
*
* @param index the name of the Group to find
* @return the populated Group
* @throws NoSuchPrincipalException if the Group cannot be found
* @throws SQLException if the database query returns an error
*/
private Group findGroup(String index) throws NoSuchPrincipalException {
Group group = null;
boolean found = false;
boolean unique = true;
ResultSet rs = null;
PreparedStatement ps = null;
Connection conn = null;
try {
// Open the database connection
conn = m_ds.getConnection();
ps = conn.prepareStatement(m_findGroup);
ps.setString(1, index);
rs = ps.executeQuery();
while (rs.next()) {
if (group != null) {
unique = false;
break;
}
group = new Group(index, m_engine.getApplicationName());
group.setCreated(rs.getTimestamp(m_created));
group.setCreator(rs.getString(m_creator));
group.setLastModified(rs.getTimestamp(m_modified));
group.setModifier(rs.getString(m_modifier));
populateGroup(group);
found = true;
}
} catch (SQLException e) {
closeQuietly(conn, ps, rs);
throw new NoSuchPrincipalException(e.getMessage());
} finally {
closeQuietly(conn, ps, rs);
}
if (!found) {
throw new NoSuchPrincipalException("Could not find group in database!");
}
if (!unique) {
throw new NoSuchPrincipalException("More than one group in database!");
}
return group;
}
Also used :
NoSuchPrincipalException(org.apache.wiki.auth.NoSuchPrincipalException)
Aggregations
NoSuchPrincipalException (org.apache.wiki.auth.NoSuchPrincipalException)16
WikiSecurityException (org.apache.wiki.auth.WikiSecurityException)9
IOException (java.io.IOException)5
Date (java.util.Date)5
Connection (java.sql.Connection)4
PreparedStatement (java.sql.PreparedStatement)4
SQLException (java.sql.SQLException)4
NamingException (javax.naming.NamingException)4
NoRequiredPropertyException (org.apache.wiki.api.exceptions.NoRequiredPropertyException)4
UserManager (org.apache.wiki.auth.UserManager)4
WikiPrincipal (org.apache.wiki.auth.WikiPrincipal)4
UserDatabase (org.apache.wiki.auth.user.UserDatabase)4
UserProfile (org.apache.wiki.auth.user.UserProfile)3
Principal (java.security.Principal)2
ResultSet (java.sql.ResultSet)2
Timestamp (java.sql.Timestamp)2
GroupPrincipal (org.apache.wiki.auth.GroupPrincipal)2
Element (org.w3c.dom.Element)2
NodeList (org.w3c.dom.NodeList)2
DateFormat (java.text.DateFormat)1
