Examples with WikiPrincipal org.apache.wiki.auth.WikiPrincipal used on opensource projects

Example 51 with WikiPrincipal

use of org.apache.wiki.auth.WikiPrincipal in project jspwiki by apache.

the class GroupPermissionTest method testImpliesMember.

public final void testImpliesMember() {
    GroupPermission p1;
    Permission p2;
    Subject s;
    // <groupmember> implies TestGroup if Subject has GroupPermission("TestGroup")
    p1 = new GroupPermission("*:<groupmember>", "view");
    p2 = new GroupPermission("*:TestGroup", "view");
    s = new Subject();
    s.getPrincipals().add(new GroupPrincipal("TestGroup"));
    Assert.assertTrue(subjectImplies(s, p1, p2));
    // <groupmember> doesn't imply it if Subject has no GroupPermission("TestGroup")
    s = new Subject();
    s.getPrincipals().add(new WikiPrincipal("TestGroup"));
    Assert.assertFalse(subjectImplies(s, p1, p2));
    // <groupmember> doesn't imply it if Subject's GP doesn't match
    s = new Subject();
    s.getPrincipals().add(new GroupPrincipal("FooGroup"));
    Assert.assertFalse(subjectImplies(s, p1, p2));
    // <groupmember> doesn't imply it if p2 isn't GroupPermission type
    p2 = new PagePermission("*:TestGroup", "view");
    s = new Subject();
    s.getPrincipals().add(new GroupPrincipal("TestGroup"));
    Assert.assertFalse(subjectImplies(s, p1, p2));
    // <groupmember> implies TestGroup if not called with Subject combiner
    p1 = new GroupPermission("*:<groupmember>", "view");
    p2 = new GroupPermission("*:TestGroup", "view");
    Assert.assertFalse(p1.impliesMember(p2));
}

Example 52 with WikiPrincipal

use of org.apache.wiki.auth.WikiPrincipal in project jspwiki by apache.

the class JDBCUserDatabase method getWikiNames.

/**
 * Returns all WikiNames that are stored in the UserDatabase as an array of
 * WikiPrincipal objects. If the database does not contain any profiles,
 * this method will return a zero-length array.
 *
 * @return the WikiNames
 */
public Principal[] getWikiNames() throws WikiSecurityException {
    Set<Principal> principals = new HashSet<Principal>();
    Connection conn = null;
    try {
        conn = m_ds.getConnection();
        PreparedStatement ps = conn.prepareStatement(m_findAll);
        ResultSet rs = ps.executeQuery();
        while (rs.next()) {
            String wikiName = rs.getString(m_wikiName);
            if (wikiName == null) {
                log.warn("Detected null wiki name in XMLUserDataBase. Check your user database.");
            } else {
                Principal principal = new WikiPrincipal(wikiName, WikiPrincipal.WIKI_NAME);
                principals.add(principal);
            }
        }
        ps.close();
    } catch (SQLException e) {
        throw new WikiSecurityException(e.getMessage(), e);
    } finally {
        try {
            if (conn != null)
                conn.close();
        } catch (Exception e) {
        }
    }
    return principals.toArray(new Principal[principals.size()]);
}

Example 53 with WikiPrincipal

use of org.apache.wiki.auth.WikiPrincipal in project jspwiki by apache.

the class XMLGroupDatabase method buildGroup.

/**
 * Constructs a Group based on a DOM group node.
 * @param groupNode the node in the DOM containing the node
 * @param name the name of the group
 * @throws NoSuchPrincipalException
 * @throws WikiSecurityException
 */
private Group buildGroup(Element groupNode, String name) {
    // It's an error if either param is null (very odd)
    if (groupNode == null || name == null) {
        throw new IllegalArgumentException("DOM element or name cannot be null.");
    }
    // Construct a new group
    Group group = new Group(name, m_engine.getApplicationName());
    // Get the users for this group, and add them
    NodeList members = groupNode.getElementsByTagName(MEMBER_TAG);
    for (int i = 0; i < members.getLength(); i++) {
        Element memberNode = (Element) members.item(i);
        String principalName = memberNode.getAttribute(PRINCIPAL);
        Principal member = new WikiPrincipal(principalName);
        group.add(member);
    }
    // Add the created/last-modified info
    String creator = groupNode.getAttribute(CREATOR);
    String created = groupNode.getAttribute(CREATED);
    String modifier = groupNode.getAttribute(MODIFIER);
    String modified = groupNode.getAttribute(LAST_MODIFIED);
    try {
        group.setCreated(m_format.parse(created));
        group.setLastModified(m_format.parse(modified));
    } catch (ParseException e) {
        // If parsing failed, use the platform default
        try {
            group.setCreated(m_defaultFormat.parse(created));
            group.setLastModified(m_defaultFormat.parse(modified));
        } catch (ParseException e2) {
            log.warn("Could not parse 'created' or 'lastModified' " + "attribute for " + " group'" + group.getName() + "'." + " It may have been tampered with.");
        }
    }
    group.setCreator(creator);
    group.setModifier(modifier);
    return group;
}

Example 54 with WikiPrincipal

use of org.apache.wiki.auth.WikiPrincipal in project jspwiki by apache.

the class AnonymousLoginModule method login.

/**
 * Logs in the user by calling back to the registered CallbackHandler with an
 * HttpRequestCallback. The CallbackHandler must supply the current servlet
 * HTTP request as its response.
 * @return the result of the login; this will always be <code>true</code>.
 * @see javax.security.auth.spi.LoginModule#login()
 * @throws {@inheritDoc}
 */
public boolean login() throws LoginException {
    // Let's go and make a Principal based on the IP address
    HttpRequestCallback hcb = new HttpRequestCallback();
    Callback[] callbacks = new Callback[] { hcb };
    try {
        m_handler.handle(callbacks);
        HttpServletRequest request = hcb.getRequest();
        WikiPrincipal ipAddr = new WikiPrincipal(HttpUtil.getRemoteAddress(request));
        if (log.isDebugEnabled()) {
            HttpSession session = request.getSession(false);
            String sid = (session == null) ? NULL : session.getId();
            log.debug("Logged in session ID=" + sid + "; IP=" + ipAddr);
        }
        // If login succeeds, commit these principals/roles
        m_principals.add(ipAddr);
        return true;
    } catch (IOException e) {
        log.error("IOException: " + e.getMessage());
        return false;
    } catch (UnsupportedCallbackException e) {
        String message = "Unable to handle callback, disallowing login.";
        log.error(message, e);
        throw new LoginException(message);
    }
}

Example 55 with WikiPrincipal

use of org.apache.wiki.auth.WikiPrincipal in project jspwiki by apache.

the class CookieAssertionLoginModule method login.

/**
 * Logs in the user by calling back to the registered CallbackHandler with
 * an HttpRequestCallback. The CallbackHandler must supply the current
 * servlet HTTP request as its response.
 * @return the result of the login; if a cookie is
 * found, this method returns <code>true</code>. If not found, this
 * method throws a <code>FailedLoginException</code>.
 * @see javax.security.auth.spi.LoginModule#login()
 * @throws {@inheritDoc}
 */
public boolean login() throws LoginException {
    // Otherwise, let's go and look for the cookie!
    HttpRequestCallback hcb = new HttpRequestCallback();
    Callback[] callbacks = new Callback[] { hcb };
    try {
        m_handler.handle(callbacks);
        HttpServletRequest request = hcb.getRequest();
        HttpSession session = (request == null) ? null : request.getSession(false);
        String sid = (session == null) ? NULL : session.getId();
        String name = (request != null) ? getUserCookie(request) : null;
        if (name == null) {
            if (log.isDebugEnabled()) {
                log.debug("No cookie " + PREFS_COOKIE_NAME + " present in session ID=:  " + sid);
            }
            throw new FailedLoginException("The user cookie was not found.");
        }
        if (log.isDebugEnabled()) {
            log.debug("Logged in session ID=" + sid + "; asserted=" + name);
        }
        // If login succeeds, commit these principals/roles
        m_principals.add(new WikiPrincipal(name, WikiPrincipal.FULL_NAME));
        return true;
    } catch (IOException e) {
        log.error("IOException: " + e.getMessage());
        return false;
    } catch (UnsupportedCallbackException e) {
        String message = "Unable to handle callback, disallowing login.";
        log.error(message, e);
        throw new LoginException(message);
    }
}