Examples with WikiSecurityException org.apache.wiki.auth.WikiSecurityException used on opensource projects

Example 21 with WikiSecurityException

use of org.apache.wiki.auth.WikiSecurityException in project jspwiki by apache.

the class JSPWikiMarkupParser method handleAccessRule.

private Element handleAccessRule(String ruleLine) {
    if (m_wysiwygEditorMode) {
        m_currentElement.addContent("[" + ruleLine + "]");
    }
    if (!m_parseAccessRules)
        return m_currentElement;
    Acl acl;
    WikiPage page = m_context.getRealPage();
    if (ruleLine.startsWith("{"))
        ruleLine = ruleLine.substring(1);
    if (ruleLine.endsWith("}"))
        ruleLine = ruleLine.substring(0, ruleLine.length() - 1);
    if (log.isDebugEnabled())
        log.debug("page=" + page.getName() + ", ACL = " + ruleLine);
    try {
        acl = m_engine.getAclManager().parseAcl(page, ruleLine);
        page.setAcl(acl);
        if (log.isDebugEnabled())
            log.debug(acl.toString());
    } catch (WikiSecurityException wse) {
        return makeError(wse.getMessage());
    }
    return m_currentElement;
}

Example 22 with WikiSecurityException

use of org.apache.wiki.auth.WikiSecurityException in project jspwiki by apache.

the class XMLGroupDatabase method saveDOM.

private void saveDOM() throws WikiSecurityException {
    if (m_dom == null) {
        log.fatal("Group database doesn't exist in memory.");
    }
    File newFile = new File(m_file.getAbsolutePath() + ".new");
    try {
        BufferedWriter io = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(newFile), "UTF-8"));
        // Write the file header and document root
        io.write("<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n");
        io.write("<groups>\n");
        // Write each profile as a <group> node
        for (Group group : m_groups.values()) {
            io.write("  <" + GROUP_TAG + " ");
            io.write(GROUP_NAME);
            io.write("=\"" + StringEscapeUtils.escapeXml(group.getName()) + "\" ");
            io.write(CREATOR);
            io.write("=\"" + StringEscapeUtils.escapeXml(group.getCreator()) + "\" ");
            io.write(CREATED);
            io.write("=\"" + m_format.format(group.getCreated()) + "\" ");
            io.write(MODIFIER);
            io.write("=\"" + group.getModifier() + "\" ");
            io.write(LAST_MODIFIED);
            io.write("=\"" + m_format.format(group.getLastModified()) + "\"");
            io.write(">\n");
            // Write each member as a <member> node
            for (Principal member : group.members()) {
                io.write("    <" + MEMBER_TAG + " ");
                io.write(PRINCIPAL);
                io.write("=\"" + StringEscapeUtils.escapeXml(member.getName()) + "\" ");
                io.write("/>\n");
            }
            // Close tag
            io.write("  </" + GROUP_TAG + ">\n");
        }
        io.write("</groups>");
        io.close();
    } catch (IOException e) {
        throw new WikiSecurityException(e.getLocalizedMessage(), e);
    }
    // Copy new file over old version
    File backup = new File(m_file.getAbsolutePath() + ".old");
    if (backup.exists() && !backup.delete()) {
        log.error("Could not delete old group database backup: " + backup);
    }
    if (!m_file.renameTo(backup)) {
        log.error("Could not create group database backup: " + backup);
    }
    if (!newFile.renameTo(m_file)) {
        log.error("Could not save database: " + backup + " restoring backup.");
        if (!backup.renameTo(m_file)) {
            log.error("Restore failed. Check the file permissions.");
        }
        log.error("Could not save database: " + m_file + ". Check the file permissions");
    }
}

Example 23 with WikiSecurityException

use of org.apache.wiki.auth.WikiSecurityException in project jspwiki by apache.

the class WikiServletFilter method doFilter.

/**
 * Checks that the WikiEngine is running ok, wraps the current
 * HTTP request, and sets the correct authentication state for the users's
 * WikiSession. First, the method {@link org.apache.wiki.auth.AuthenticationManager#login(HttpServletRequest)}
 * executes, which sets the authentication state. Then, the request is wrapped with a
 * {@link WikiRequestWrapper}.
 * @param request the current HTTP request object
 * @param response the current HTTP response object
 * @param chain The Filter chain passed down.
 * @throws ServletException if {@link org.apache.wiki.auth.AuthenticationManager#login(HttpServletRequest)} fails for any reason
 * @throws IOException If writing to the servlet response fails.
 */
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
    // 
    if (chain == null) {
        throw new ServletException("FilterChain is null, even if it should not be.  Please report this to the jspwiki development team.");
    }
    if (m_engine == null) {
        PrintWriter out = response.getWriter();
        out.print("<html><head><title>Fatal problem with JSPWiki</title></head>");
        out.print("<body>");
        out.print("<h1>JSPWiki has not been started</h1>");
        out.print("<p>JSPWiki is not running.  This is probably due to a configuration error in your jspwiki.properties file, ");
        out.print("or a problem with your servlet container.  Please double-check everything before issuing a bug report ");
        out.print("at jspwiki.apache.org.</p>");
        out.print("<p>We apologize for the inconvenience.  No, really, we do.  We're trying to ");
        out.print("JSPWiki as easy as we can, but there is only so much we have time to test ");
        out.print("platforms.</p>");
        out.print("<p>Please go to the <a href='Install.jsp'>installer</a> to continue.</p>");
        out.print("</body></html>");
        return;
    }
    // If we haven't done so, wrap the request
    HttpServletRequest httpRequest = (HttpServletRequest) request;
    // Set the character encoding
    httpRequest.setCharacterEncoding(m_engine.getContentEncoding());
    if (!isWrapped(request)) {
        // Prepare the WikiSession
        try {
            m_engine.getAuthenticationManager().login(httpRequest);
            WikiSession wikiSession = SessionMonitor.getInstance(m_engine).find(httpRequest.getSession());
            httpRequest = new WikiRequestWrapper(m_engine, httpRequest);
            if (log.isDebugEnabled()) {
                log.debug("Executed security filters for user=" + wikiSession.getLoginPrincipal().getName() + ", path=" + httpRequest.getRequestURI());
            }
        } catch (WikiSecurityException e) {
            throw new ServletException(e);
        }
    }
    try {
        NDC.push(m_engine.getApplicationName() + ":" + httpRequest.getRequestURL());
        chain.doFilter(httpRequest, response);
    } finally {
        NDC.pop();
        NDC.remove();
    }
}

Example 24 with WikiSecurityException

use of org.apache.wiki.auth.WikiSecurityException in project jspwiki by apache.

the class PageManager method actionPerformed.

/**
 * Listens for {@link org.apache.wiki.event.WikiSecurityEvent#PROFILE_NAME_CHANGED}
 * events. If a user profile's name changes, each page ACL is inspected. If an entry contains
 * a name that has changed, it is replaced with the new one. No events are emitted
 * as a consequence of this method, because the page contents are still the same; it is
 * only the representations of the names within the ACL that are changing.
 *
 * @param event The event
 */
public void actionPerformed(WikiEvent event) {
    if (!(event instanceof WikiSecurityEvent)) {
        return;
    }
    WikiSecurityEvent se = (WikiSecurityEvent) event;
    if (se.getType() == WikiSecurityEvent.PROFILE_NAME_CHANGED) {
        UserProfile[] profiles = (UserProfile[]) se.getTarget();
        Principal[] oldPrincipals = new Principal[] { new WikiPrincipal(profiles[0].getLoginName()), new WikiPrincipal(profiles[0].getFullname()), new WikiPrincipal(profiles[0].getWikiName()) };
        Principal newPrincipal = new WikiPrincipal(profiles[1].getFullname());
        // Examine each page ACL
        try {
            int pagesChanged = 0;
            Collection pages = getAllPages();
            for (Iterator it = pages.iterator(); it.hasNext(); ) {
                WikiPage page = (WikiPage) it.next();
                boolean aclChanged = changeAcl(page, oldPrincipals, newPrincipal);
                if (aclChanged) {
                    // If the Acl needed changing, change it now
                    try {
                        m_engine.getAclManager().setPermissions(page, page.getAcl());
                    } catch (WikiSecurityException e) {
                        log.error("Could not change page ACL for page " + page.getName() + ": " + e.getMessage(), e);
                    }
                    pagesChanged++;
                }
            }
            log.info("Profile name change for '" + newPrincipal.toString() + "' caused " + pagesChanged + " page ACLs to change also.");
        } catch (ProviderException e) {
            // Oooo! This is really bad...
            log.error("Could not change user name in Page ACLs because of Provider error:" + e.getMessage(), e);
        }
    }
}

Example 25 with WikiSecurityException

use of org.apache.wiki.auth.WikiSecurityException in project jspwiki by apache.

the class DefaultAclManager method parseAcl.

/**
 * A helper method for parsing textual AccessControlLists. The line is in
 * form "ALLOW <permission> <principal>, <principal>, <principal>". This
 * method was moved from Authorizer.
 *
 * @param page     The current wiki page. If the page already has an ACL, it
 *                 will be used as a basis for this ACL in order to avoid the
 *                 creation of a new one.
 * @param ruleLine The rule line, as described above.
 * @return A valid Access Control List. May be empty.
 * @throws WikiSecurityException if the ruleLine was faulty somehow.
 * @since 2.1.121
 */
public Acl parseAcl(WikiPage page, String ruleLine) throws WikiSecurityException {
    Acl acl = page.getAcl();
    if (acl == null) {
        acl = new AclImpl();
    }
    try {
        StringTokenizer fieldToks = new StringTokenizer(ruleLine);
        fieldToks.nextToken();
        String actions = fieldToks.nextToken();
        page.getName();
        while (fieldToks.hasMoreTokens()) {
            String principalName = fieldToks.nextToken(",").trim();
            Principal principal = m_auth.resolvePrincipal(principalName);
            AclEntry oldEntry = acl.getEntry(principal);
            if (oldEntry != null) {
                log.debug("Adding to old acl list: " + principal + ", " + actions);
                oldEntry.addPermission(PermissionFactory.getPagePermission(page, actions));
            } else {
                log.debug("Adding new acl entry for " + actions);
                AclEntry entry = new AclEntryImpl();
                entry.setPrincipal(principal);
                entry.addPermission(PermissionFactory.getPagePermission(page, actions));
                acl.addEntry(entry);
            }
        }
        page.setAcl(acl);
        log.debug(acl.toString());
    } catch (NoSuchElementException nsee) {
        log.warn("Invalid access rule: " + ruleLine + " - defaults will be used.");
        throw new WikiSecurityException("Invalid access rule: " + ruleLine, nsee);
    } catch (IllegalArgumentException iae) {
        throw new WikiSecurityException("Invalid permission type: " + ruleLine, iae);
    }
    return acl;
}