Example 1 with WebContainerAuthorizer
use of org.apache.wiki.auth.authorize.WebContainerAuthorizer in project jspwiki by apache.
the class SecurityVerifier method containerRoleTable.
/**
* Formats and returns an HTML table containing the roles the web container
* is aware of, and whether each role maps to particular JSPs. This method
* throws an {@link IllegalStateException} if the authorizer is not of type
* {@link org.apache.wiki.auth.authorize.WebContainerAuthorizer}
* @return the formatted HTML table containing the result of the tests
* @throws WikiException if tests fail for unexpected reasons
*/
public String containerRoleTable() throws WikiException {
AuthorizationManager authorizationManager = m_engine.getAuthorizationManager();
Authorizer authorizer = authorizationManager.getAuthorizer();
// If authorizer not WebContainerAuthorizer, print error message
if (!(authorizer instanceof WebContainerAuthorizer)) {
throw new IllegalStateException("Authorizer should be WebContainerAuthorizer");
}
// Now, print a table with JSP pages listed on the left, and
// an evaluation of each pages' constraints for each role
// we discovered
StringBuilder s = new StringBuilder();
Principal[] roles = authorizer.getRoles();
s.append("<table class=\"wikitable\" border=\"1\">\n");
s.append("<thead>\n");
s.append(" <tr>\n");
s.append(" <th rowspan=\"2\">Action</th>\n");
s.append(" <th rowspan=\"2\">Page</th>\n");
s.append(" <th colspan=\"" + roles.length + 1 + "\">Roles</th>\n");
s.append(" </tr>\n");
s.append(" <tr>\n");
s.append(" <th>Anonymous</th>\n");
for (Principal role : roles) {
s.append(" <th>" + role.getName() + "</th>\n");
}
s.append("</tr>\n");
s.append("</thead>\n");
s.append("<tbody>\n");
try {
WebContainerAuthorizer wca = (WebContainerAuthorizer) authorizer;
for (int i = 0; i < CONTAINER_ACTIONS.length; i++) {
String action = CONTAINER_ACTIONS[i];
String jsp = CONTAINER_JSPS[i];
// Print whether the page is constrained for each role
boolean allowsAnonymous = !wca.isConstrained(jsp, Role.ALL);
s.append(" <tr>\n");
s.append(" <td>" + action + "</td>\n");
s.append(" <td>" + jsp + "</td>\n");
s.append(" <td title=\"");
s.append(allowsAnonymous ? "ALLOW: " : "DENY: ");
s.append(jsp);
s.append(" Anonymous");
s.append("\"");
s.append(allowsAnonymous ? BG_GREEN + ">" : BG_RED + ">");
s.append(" </td>\n");
for (Principal role : roles) {
boolean allowed = allowsAnonymous || wca.isConstrained(jsp, (Role) role);
s.append(" <td title=\"");
s.append(allowed ? "ALLOW: " : "DENY: ");
s.append(jsp);
s.append(" ");
s.append(role.getClass().getName());
s.append(" "");
s.append(role.getName());
s.append(""");
s.append("\"");
s.append(allowed ? BG_GREEN + ">" : BG_RED + ">");
s.append(" </td>\n");
}
s.append(" </tr>\n");
}
} catch (JDOMException e) {
// If we couldn't evaluate constraints it means
// there's some sort of IO mess or parsing issue
LOG.error("Malformed XML in web.xml", e);
throw new InternalWikiException(e.getClass().getName() + ": " + e.getMessage(), e);
}
s.append("</tbody>\n");
s.append("</table>\n");
return s.toString();
}
Also used :
JDOMException(org.jdom2.JDOMException)
InternalWikiException(org.apache.wiki.InternalWikiException)
Role(org.apache.wiki.auth.authorize.Role)
WebContainerAuthorizer(org.apache.wiki.auth.authorize.WebContainerAuthorizer)
WebContainerAuthorizer(org.apache.wiki.auth.authorize.WebContainerAuthorizer)
Principal(java.security.Principal)
Aggregations
Principal (java.security.Principal)1
InternalWikiException (org.apache.wiki.InternalWikiException)1
Role (org.apache.wiki.auth.authorize.Role)1
WebContainerAuthorizer (org.apache.wiki.auth.authorize.WebContainerAuthorizer)1
JDOMException (org.jdom2.JDOMException)1
