Return-Path: Delivered-To: apmail-incubator-jspwiki-commits-archive@locus.apache.org Received: (qmail 51851 invoked from network); 3 Aug 2008 12:18:00 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 3 Aug 2008 12:18:00 -0000 Received: (qmail 1475 invoked by uid 500); 3 Aug 2008 12:18:00 -0000 Delivered-To: apmail-incubator-jspwiki-commits-archive@incubator.apache.org Received: (qmail 1455 invoked by uid 500); 3 Aug 2008 12:18:00 -0000 Mailing-List: contact jspwiki-commits-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: jspwiki-dev@incubator.apache.org Delivered-To: mailing list jspwiki-commits@incubator.apache.org Received: (qmail 1446 invoked by uid 99); 3 Aug 2008 12:17:59 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 03 Aug 2008 05:17:59 -0700 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 03 Aug 2008 12:17:10 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id 130DB238885D; Sun, 3 Aug 2008 05:17:37 -0700 (PDT) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r682144 [1/4] - in /incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki: auth/authorize/ auth/login/ auth/permissions/ auth/user/ content/ Date: Sun, 03 Aug 2008 12:17:35 -0000 To: jspwiki-commits@incubator.apache.org From: ajaquith@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20080803121737.130DB238885D@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: ajaquith Date: Sun Aug 3 05:17:34 2008 New Revision: 682144 URL: http://svn.apache.org/viewvc?rev=682144&view=rev Log: Massive re-factoring to make Stripes less invasive. Added: incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/package.html incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/package.html incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/content/ incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/content/PageRenamer.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/content/package.html Modified: incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/Group.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/GroupDatabase.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/GroupManager.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/JDBCGroupDatabase.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/Role.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/WebAuthorizer.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/WebContainerAuthorizer.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/XMLGroupDatabase.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/AbstractLoginModule.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/AnonymousLoginModule.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/AuthorizerCallback.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/CookieAssertionLoginModule.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/CookieAuthenticationLoginModule.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/HttpRequestCallback.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/PrincipalWrapper.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/UserDatabaseCallback.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/UserDatabaseLoginModule.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/WebContainerCallbackHandler.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/WebContainerLoginModule.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/WikiCallbackHandler.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/WikiEngineCallback.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/permissions/AllPermission.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/permissions/AllPermissionCollection.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/permissions/GroupPermission.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/permissions/PagePermission.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/permissions/PermissionFactory.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/permissions/WikiPermission.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/user/AbstractUserDatabase.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/user/DefaultUserProfile.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/user/DuplicateUserException.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/user/JDBCUserDatabase.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/user/UserDatabase.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/user/UserProfile.java incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/user/XMLUserDatabase.java Modified: incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/Group.java URL: http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/Group.java?rev=682144&r1=682143&r2=682144&view=diff ============================================================================== --- incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/Group.java (original) +++ incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/Group.java Sun Aug 3 05:17:34 2008 @@ -1,20 +1,28 @@ -/* - * JSPWiki - a JSP-based WikiWiki clone. Copyright (C) 2001-2003 Janne Jalkanen - * (Janne.Jalkanen@iki.fi) This program is free software; you can redistribute - * it and/or modify it under the terms of the GNU Lesser General Public License - * as published by the Free Software Foundation; either version 2.1 of the - * License, or (at your option) any later version. This program is distributed - * in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even - * the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - * See the GNU Lesser General Public License for more details. You should have - * received a copy of the GNU Lesser General Public License along with this - * program; if not, write to the Free Software Foundation, Inc., 59 Temple - * Place, Suite 330, Boston, MA 02111-1307 USA +/* + JSPWiki - a JSP-based WikiWiki clone. + + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. */ package com.ecyrd.jspwiki.auth.authorize; import java.security.Principal; -import java.util.*; +import java.util.Date; +import java.util.Vector; import com.ecyrd.jspwiki.auth.GroupPrincipal; @@ -48,17 +56,17 @@ * lightweight and immutable. That's why we use them in Subjects rather than the * Groups themselves. *

- * @author Janne Jalkanen + * * @author Andrew Jaquith * @since 2.3 */ public class Group { - public static final String[] RESTRICTED_GROUPNAMES = new String[] + static final String[] RESTRICTED_GROUPNAMES = new String[] { "Anonymous", "All", "Asserted", "Authenticated" }; - private final List m_members = new ArrayList(); + private final Vector m_members = new Vector(); private String m_creator = null; @@ -74,8 +82,6 @@ private final String m_wiki; - private final String m_qualifiedName; - /** * Protected constructor to prevent direct instantiation except by other * package members. Callers should use @@ -90,7 +96,6 @@ m_name = name; m_wiki = wiki; m_principal = new GroupPrincipal( name ); - m_qualifiedName = wiki + ":" + name; } /** @@ -143,9 +148,9 @@ return false; } - for( Iterator i = m_members.iterator(); i.hasNext(); ) + for( Principal principal : m_members ) { - if ( !( g.isMember( (Principal) i.next() ) ) ) + if ( !g.isMember( principal ) ) { return false; } @@ -162,9 +167,9 @@ public int hashCode() { int hc = 0; - for( Iterator i = m_members.iterator(); i.hasNext(); ) + for( Principal member : m_members ) { - hc ^= i.next().hashCode(); + hc ^= member.hashCode(); } return hc; } @@ -215,16 +220,6 @@ } /** - * The qualified name of the group, defined as the wiki plus the name, - * separated by a colon (e.g., MyWiki:MyGroup). - * @return the qualified name of the Group - */ - public String getQualifiedName() - { - return m_qualifiedName; - } - - /** * Returns the GroupPrincipal that represents this Group. * @return the group principal */ @@ -256,22 +251,12 @@ } /** - * Returns the members of the group as an unmodifiable Set of Principal - * objects. - */ - public List getMembers() - { - return Collections.unmodifiableList(m_members); - } - - /** * Returns the members of the group as an array of Principal objects. * @return the members - * @deprecated */ public Principal[] members() { - return m_members.toArray(new Principal[m_members.size()]); + return m_members.toArray( new Principal[m_members.size()] ); } /** @@ -342,10 +327,8 @@ private Principal findMember( String name ) { - for( Iterator i = m_members.iterator(); i.hasNext(); ) + for( Principal member : m_members ) { - Principal member = (Principal) i.next(); - if ( member.getName().equals( name ) ) { return member; Modified: incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/GroupDatabase.java URL: http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/GroupDatabase.java?rev=682144&r1=682143&r2=682144&view=diff ============================================================================== --- incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/GroupDatabase.java (original) +++ incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/GroupDatabase.java Sun Aug 3 05:17:34 2008 @@ -1,15 +1,22 @@ -/* - * JSPWiki - a JSP-based WikiWiki clone. Copyright (C) 2001-2003 Janne Jalkanen - * (Janne.Jalkanen@iki.fi) This program is free software; you can redistribute - * it and/or modify it under the terms of the GNU Lesser General Public License - * as published by the Free Software Foundation; either version 2.1 of the - * License, or (at your option) any later version. This program is distributed - * in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even - * the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - * See the GNU Lesser General Public License for more details. You should have - * received a copy of the GNU Lesser General Public License along with this - * program; if not, write to the Free Software Foundation, Inc., 59 Temple - * Place, Suite 330, Boston, MA 02111-1307 USA +/* + JSPWiki - a JSP-based WikiWiki clone. + + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. */ package com.ecyrd.jspwiki.auth.authorize; Modified: incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/GroupManager.java URL: http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/GroupManager.java?rev=682144&r1=682143&r2=682144&view=diff ============================================================================== --- incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/GroupManager.java (original) +++ incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/GroupManager.java Sun Aug 3 05:17:34 2008 @@ -1,20 +1,32 @@ -/* - * JSPWiki - a JSP-based WikiWiki clone. Copyright (C) 2001-2003 Janne Jalkanen - * (Janne.Jalkanen@iki.fi) This program is free software; you can redistribute - * it and/or modify it under the terms of the GNU Lesser General Public License - * as published by the Free Software Foundation; either version 2.1 of the - * License, or (at your option) any later version. This program is distributed - * in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even - * the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - * See the GNU Lesser General Public License for more details. You should have - * received a copy of the GNU Lesser General Public License along with this - * program; if not, write to the Free Software Foundation, Inc., 59 Temple - * Place, Suite 330, Boston, MA 02111-1307 USA +/* + JSPWiki - a JSP-based WikiWiki clone. + + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. */ package com.ecyrd.jspwiki.auth.authorize; import java.security.Principal; -import java.util.*; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Map; +import java.util.Properties; +import java.util.Set; +import java.util.StringTokenizer; import javax.servlet.http.HttpServletRequest; @@ -67,7 +79,7 @@ private GroupDatabase m_groupDatabase = null; /** Map with GroupPrincipals as keys, and Groups as values */ - private final Map m_groups = new HashMap(); + private final Map m_groups = new HashMap(); /** *

@@ -137,7 +149,7 @@ dbClassName = XMLGroupDatabase.class.getName(); } log.info( "Attempting to load group database class " + dbClassName ); - Class dbClass = ClassUtil.findClass( "com.ecyrd.jspwiki.auth.authorize", dbClassName ); + Class dbClass = ClassUtil.findClass( "com.ecyrd.jspwiki.auth.authorize", dbClassName ); m_groupDatabase = (GroupDatabase) dbClass.newInstance(); m_groupDatabase.initialize( m_engine, m_engine.getWikiProperties() ); log.info( "Group database initialized." ); @@ -214,9 +226,8 @@ Group[] groups = m_groupDatabase.groups(); synchronized( m_groups ) { - for( int i = 0; i < groups.length; i++ ) + for( Group group : groups ) { - Group group = groups[i]; // Add new group to cache; fire GROUP_ADD event m_groups.put( group.getPrincipal(), group ); fireEvent( WikiSecurityEvent.GROUP_ADD, group ); @@ -269,10 +280,9 @@ } // Check each user principal to see if it belongs to the group - Principal[] principals = session.getPrincipals(); - for ( int i = 0; i < principals.length; i++ ) + for ( Principal principal : session.getPrincipals() ) { - if ( AuthenticationManager.isUserPrincipal( principals[i] ) && group.isMember( principals[i] ) ) + if ( AuthenticationManager.isUserPrincipal( principal ) && group.isMember( principal ) ) { return true; } @@ -349,10 +359,9 @@ group.setCreated( existingGroup.getCreated() ); group.setModifier( existingGroup.getModifier() ); group.setLastModified( existingGroup.getLastModified() ); - List existingMembers = existingGroup.getMembers(); - for( Principal member : existingMembers ) + for( Principal existingMember : existingGroup.members() ) { - group.add( member ); + group.add( existingMember ); } } catch( NoSuchPrincipalException e ) @@ -369,9 +378,9 @@ if ( members.length > 0 ) { group.clear(); - for( int i = 0; i < members.length; i++ ) + for( String member : members ) { - group.add( new WikiPrincipal( members[i] ) ); + group.add( new WikiPrincipal( member ) ); } } @@ -418,7 +427,7 @@ Group group = parseGroup( name, memberLine, create ); // If no members, add the current user by default - if ( group.getMembers().size() == 0 ) + if ( group.members().length == 0 ) { group.add( context.getWikiSession().getUserPrincipal() ); } @@ -583,9 +592,10 @@ } // Member names must be "safe" strings - for( Principal member: group.getMembers() ) + Principal[] members = group.members(); + for( int i = 0; i < members.length; i++ ) { - validator.validateNotNull( member.getName(), "Full name", InputValidator.ID ); + validator.validateNotNull( members[i].getName(), "Full name", InputValidator.ID ); } } @@ -710,16 +720,14 @@ int groupsChanged = 0; try { - Group[] groups = m_groupDatabase.groups(); - for ( int i = 0; i < groups.length; i++ ) + for ( Group group : m_groupDatabase.groups() ) { boolean groupChanged = false; - Group group = groups[i]; - for ( int j = 0; j < oldPrincipals.length; j++ ) + for ( Principal oldPrincipal : oldPrincipals ) { - if ( group.isMember( oldPrincipals[j] ) ) + if ( group.isMember( oldPrincipal ) ) { - group.remove( oldPrincipals[j] ); + group.remove( oldPrincipal ); group.add( newPrincipal ); groupChanged = true; } Modified: incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/JDBCGroupDatabase.java URL: http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/JDBCGroupDatabase.java?rev=682144&r1=682143&r2=682144&view=diff ============================================================================== --- incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/JDBCGroupDatabase.java (original) +++ incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/JDBCGroupDatabase.java Sun Aug 3 05:17:34 2008 @@ -1,21 +1,22 @@ -/* +/* JSPWiki - a JSP-based WikiWiki clone. - Copyright (C) 2001-2007 JSPWiki Development Group - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU Lesser General Public License as published by - the Free Software Foundation; either version 2.1 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. */ package com.ecyrd.jspwiki.auth.authorize; @@ -38,70 +39,75 @@ import com.ecyrd.jspwiki.auth.WikiSecurityException; /** - *

Implementation of GroupDatabase that persists {@link Group} - * objects to a JDBC DataSource, as might typically be provided by a web - * container. This implementation looks up the JDBC DataSource using JNDI. - * The JNDI name of the datasource, backing table and mapped columns used - * by this class are configured via settings in jspwiki.properties.

- *

Configurable properties are these:

+ *

+ * Implementation of GroupDatabase that persists {@link Group} objects to a JDBC + * DataSource, as might typically be provided by a web container. This + * implementation looks up the JDBC DataSource using JNDI. The JNDI name of the + * datasource, backing table and mapped columns used by this class are + * configured via settings in jspwiki.properties. + *

+ *

+ * Configurable properties are these: + *

* - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * + * *
PropertyDefaultDefinition
jspwiki.groupdatabase.datasourcejdbc/GroupDatabaseThe JNDI name of the DataSource
jspwiki.groupdatabase.tablegroupsThe table that stores the groups
jspwiki.groupdatabase.membertablegroup_membersThe table that stores the names of group members
jspwiki.groupdatabase.createdcreatedThe column containing the group's creation timestamp
jspwiki.groupdatabase.creatorcreatorThe column containing the group creator's name
jspwiki.groupdatabase.namenameThe column containing the group's name
jspwiki.groupdatabase.membermemberThe column containing the group member's name
jspwiki.groupdatabase.modifiedmodifiedThe column containing the group's last-modified timestamp
jspwiki.groupdatabase.modifiermodifierThe column containing the name of the user who last modified the group
PropertyDefaultDefinition
jspwiki.groupdatabase.datasourcejdbc/GroupDatabaseThe JNDI name of the DataSource
jspwiki.groupdatabase.tablegroupsThe table that stores the groups
jspwiki.groupdatabase.membertablegroup_membersThe table that stores the names of group members
jspwiki.groupdatabase.createdcreatedThe column containing the group's creation timestamp
jspwiki.groupdatabase.creatorcreatorThe column containing the group creator's name
jspwiki.groupdatabase.namenameThe column containing the group's name
jspwiki.groupdatabase.membermemberThe column containing the group member's name
jspwiki.groupdatabase.modifiedmodifiedThe column containing the group's last-modified timestamp
jspwiki.groupdatabase.modifiermodifierThe column containing the name of the user who last modified the group
- *

This class is typically used in conjunction with a web container's JNDI resource - * factory. For example, Tomcat versions 4 and higher provide a basic JNDI factory - * for registering DataSources. To give JSPWiki access to the JNDI resource named - * by jdbc/GroupDatabase, you would declare the datasource resource similar to this:

+ *

+ * This class is typically used in conjunction with a web container's JNDI + * resource factory. For example, Tomcat versions 4 and higher provide a basic + * JNDI factory for registering DataSources. To give JSPWiki access to the JNDI + * resource named by jdbc/GroupDatabase, you would declare the + * datasource resource similar to this: + *

*
<Context ...>
*   ...
*   <Resource name="jdbc/GroupDatabase" auth="Container"
@@ -110,106 +116,151 @@ *     maxActive="8" maxIdle="4"/>
*  ...
* </Context>
- *

JDBC driver JARs should be added to Tomcat's common/lib directory. - * For more Tomcat 5.5 JNDI configuration examples, - * see - * http://tomcat.apache.org/tomcat-5.5-doc/jndi-resources-howto.html.

- *

JDBCGroupDatabase commits changes as transactions if the back-end database supports them. - * If the database supports transactions, group changes are saved - * to permanent storage only when the {@link #commit()} method is called. If the database does not - * support transactions, then changes are made immediately (during the {@link #save(Group, Principal)} - * method), and the {@linkplain #commit()} method no-ops. Thus, callers should always call the - * {@linkplain #commit()} method after saving a profile to guarantee that changes are applied.

+ *

+ * JDBC driver JARs should be added to Tomcat's common/lib + * directory. For more Tomcat 5.5 JNDI configuration examples, see + * http://tomcat.apache.org/tomcat-5.5-doc/jndi-resources-howto.html. + *

+ *

+ * JDBCGroupDatabase commits changes as transactions if the back-end database + * supports them. If the database supports transactions, group changes are saved + * to permanent storage only when the {@link #commit()} method is called. If the + * database does not support transactions, then changes are made + * immediately (during the {@link #save(Group, Principal)} method), and the + * {@linkplain #commit()} method no-ops. Thus, callers should always call the + * {@linkplain #commit()} method after saving a profile to guarantee that + * changes are applied. + *

+ * * @author Andrew R. Jaquith * @since 2.3 */ public class JDBCGroupDatabase implements GroupDatabase { - /** Default column name that stores the JNDI name of the DataSource. */ - public static final String DEFAULT_GROUPDB_DATASOURCE = "jdbc/GroupDatabase"; + /** Default column name that stores the JNDI name of the DataSource. */ + public static final String DEFAULT_GROUPDB_DATASOURCE = "jdbc/GroupDatabase"; + /** Default table name for the table that stores groups. */ - public static final String DEFAULT_GROUPDB_TABLE = "groups"; + public static final String DEFAULT_GROUPDB_TABLE = "groups"; + /** Default column name that stores the names of group members. */ public static final String DEFAULT_GROUPDB_MEMBER_TABLE = "group_members"; + /** Default column name that stores the the group creation timestamps. */ - public static final String DEFAULT_GROUPDB_CREATED = "created"; + public static final String DEFAULT_GROUPDB_CREATED = "created"; + /** Default column name that stores group creator names. */ - public static final String DEFAULT_GROUPDB_CREATOR = "creator"; + public static final String DEFAULT_GROUPDB_CREATOR = "creator"; + /** Default column name that stores the group names. */ - public static final String DEFAULT_GROUPDB_NAME = "name"; + public static final String DEFAULT_GROUPDB_NAME = "name"; + /** Default column name that stores group member names. */ - public static final String DEFAULT_GROUPDB_MEMBER = "member"; + public static final String DEFAULT_GROUPDB_MEMBER = "member"; + /** Default column name that stores group last-modified timestamps. */ - public static final String DEFAULT_GROUPDB_MODIFIED = "modified"; + public static final String DEFAULT_GROUPDB_MODIFIED = "modified"; + /** Default column name that stores names of users who last modified groups. */ - public static final String DEFAULT_GROUPDB_MODIFIER = "modifier"; + public static final String DEFAULT_GROUPDB_MODIFIER = "modifier"; /** The JNDI name of the DataSource. */ - public static final String PROP_GROUPDB_DATASOURCE = "jspwiki.groupdatabase.datasource"; + public static final String PROP_GROUPDB_DATASOURCE = "jspwiki.groupdatabase.datasource"; + /** The table that stores the groups. */ - public static final String PROP_GROUPDB_TABLE = "jspwiki.groupdatabase.table"; + public static final String PROP_GROUPDB_TABLE = "jspwiki.groupdatabase.table"; + /** The table that stores the names of group members. */ public static final String PROP_GROUPDB_MEMBER_TABLE = "jspwiki.groupdatabase.membertable"; + /** The column containing the group's creation timestamp. */ - public static final String PROP_GROUPDB_CREATED = "jspwiki.groupdatabase.created"; + public static final String PROP_GROUPDB_CREATED = "jspwiki.groupdatabase.created"; + /** The column containing the group creator's name. */ - public static final String PROP_GROUPDB_CREATOR = "jspwiki.groupdatabase.creator"; + public static final String PROP_GROUPDB_CREATOR = "jspwiki.groupdatabase.creator"; + /** The column containing the group's name. */ - public static final String PROP_GROUPDB_NAME = "jspwiki.groupdatabase.name"; + public static final String PROP_GROUPDB_NAME = "jspwiki.groupdatabase.name"; + /** The column containing the group member's name. */ - public static final String PROP_GROUPDB_MEMBER = "jspwiki.groupdatabase.member"; + public static final String PROP_GROUPDB_MEMBER = "jspwiki.groupdatabase.member"; + /** The column containing the group's last-modified timestamp. */ - public static final String PROP_GROUPDB_MODIFIED = "jspwiki.groupdatabase.modified"; + public static final String PROP_GROUPDB_MODIFIED = "jspwiki.groupdatabase.modified"; + /** The column containing the name of the user who last modified the group. */ - public static final String PROP_GROUPDB_MODIFIER = "jspwiki.groupdatabase.modifier"; + public static final String PROP_GROUPDB_MODIFIER = "jspwiki.groupdatabase.modifier"; - protected static final Logger log = Logger.getLogger( JDBCGroupDatabase.class ); + protected static final Logger log = Logger.getLogger( JDBCGroupDatabase.class ); private DataSource m_ds = null; + private String m_table = null; + private String m_memberTable = null; + private String m_created = null; + private String m_creator = null; + private String m_name = null; + private String m_member = null; + private String m_modified = null; + private String m_modifier = null; + private String m_findAll = null; + private String m_findGroup = null; + private String m_findMembers = null; + private String m_insertGroup = null; + private String m_insertGroupMembers = null; + private String m_updateGroup = null; + private String m_deleteGroup = null; + private String m_deleteGroupMembers = null; + private boolean m_supportsCommits = false; + private WikiEngine m_engine = null; /** * No-op method that in previous versions of JSPWiki was intended to * atomically commit changes to the user database. Now, the - * {@link #save(Group, Principal)} and {@link #delete(Group)} methods - * are atomic themselves. + * {@link #save(Group, Principal)} and {@link #delete(Group)} methods are + * atomic themselves. + * * @throws WikiSecurityException never... * @deprecated there is no need to call this method because the save and - * delete methods contain their own commit logic + * delete methods contain their own commit logic */ + @SuppressWarnings("deprecation") public void commit() throws WikiSecurityException - { } + { + } /** * Looks up and deletes a {@link Group} from the group database. If the * group database does not contain the supplied Group. this method throws a - * {@link NoSuchPrincipalException}. The method commits the results - * of the delete to persistent storage. + * {@link NoSuchPrincipalException}. The method commits the results of the + * delete to persistent storage. + * * @param group the group to remove * @throws WikiSecurityException if the database does not contain the - * supplied group (thrown as {@link NoSuchPrincipalException}) or if - * the commit did not succeed + * supplied group (thrown as {@link NoSuchPrincipalException}) + * or if the commit did not succeed */ public void delete( Group group ) throws WikiSecurityException { - if ( !exists( group ) ) + if( !exists( group ) ) { throw new NoSuchPrincipalException( "Not in database: " + group.getName() ); } @@ -220,34 +271,40 @@ { // Open the database connection conn = m_ds.getConnection(); - if ( m_supportsCommits ) + if( m_supportsCommits ) { conn.setAutoCommit( false ); } PreparedStatement ps = conn.prepareStatement( m_deleteGroup ); - ps.setString( 1, groupName); + ps.setString( 1, groupName ); ps.execute(); ps.close(); - + ps = conn.prepareStatement( m_deleteGroupMembers ); - ps.setString( 1, groupName); + ps.setString( 1, groupName ); ps.execute(); ps.close(); // Commit and close connection - if ( m_supportsCommits ) + if( m_supportsCommits ) { conn.commit(); } } - catch ( SQLException e ) + catch( SQLException e ) { throw new WikiSecurityException( "Could not delete group " + groupName + ": " + e.getMessage() ); } finally { - try { conn.close(); } catch (Exception e) {} + try + { + if( conn != null ) conn.close(); + } + catch( Exception e ) + { + } } } @@ -257,8 +314,10 @@ * method will return a zero-length array. This method causes back-end * storage to load the entire set of group; thus, it should be called * infrequently (e.g., at initialization time). + * * @return the wiki groups - * @throws WikiSecurityException if the groups cannot be returned by the back-end + * @throws WikiSecurityException if the groups cannot be returned by the + * back-end */ public Group[] groups() throws WikiSecurityException { @@ -274,7 +333,7 @@ while ( rs.next() ) { String groupName = rs.getString( m_name ); - if ( groupName == null ) + if( groupName == null ) { log.warn( "Detected null group name in JDBCGroupDataBase. Check your group database." ); } @@ -291,13 +350,19 @@ } ps.close(); } - catch ( SQLException e ) + catch( SQLException e ) { throw new WikiSecurityException( e.getMessage() ); } finally { - try { conn.close(); } catch (Exception e) {} + try + { + if( conn != null ) conn.close(); + } + catch( Exception e ) + { + } } return groups.toArray( new Group[groups.size()] ); @@ -308,15 +373,17 @@ * fail, and throw an IllegalArgumentException, if the * proposed group is the same name as one of the built-in Roles: e.g., * Admin, Authenticated, etc. The database is responsible for setting - * create/modify timestamps, upon a successful save, to the Group. - * The method commits the results of the delete to persistent storage. + * create/modify timestamps, upon a successful save, to the Group. The + * method commits the results of the delete to persistent storage. + * * @param group the Group to save * @param modifier the user who saved the Group - * @throws WikiSecurityException if the Group could not be saved successfully + * @throws WikiSecurityException if the Group could not be saved + * successfully */ public void save( Group group, Principal modifier ) throws WikiSecurityException { - if ( group == null || modifier == null ) + if( group == null || modifier == null ) { throw new IllegalArgumentException( "Group or modifier cannot be null." ); } @@ -328,7 +395,7 @@ { // Open the database connection conn = m_ds.getConnection(); - if ( m_supportsCommits ) + if( m_supportsCommits ) { conn.setAutoCommit( false ); } @@ -336,7 +403,7 @@ PreparedStatement ps; Timestamp ts = new Timestamp( System.currentTimeMillis() ); Date modDate = new Date( ts.getTime() ); - if ( !exists ) + if( !exists ) { // Group is new: insert new group record ps = conn.prepareStatement( m_insertGroup ); @@ -356,7 +423,7 @@ { // Modify existing group record ps = conn.prepareStatement( m_updateGroup ); - ps.setTimestamp( 1, ts); + ps.setTimestamp( 1, ts ); ps.setString( 2, modifier.getName() ); ps.setString( 3, group.getName() ); ps.execute(); @@ -373,11 +440,13 @@ ps.setString( 1, group.getName() ); ps.execute(); ps.close(); - + // Insert group member records ps = conn.prepareStatement( m_insertGroupMembers ); - for ( Principal member : group.getMembers() ) + Principal[] members = group.members(); + for( int i = 0; i < members.length; i++ ) { + Principal member = members[i]; ps.setString( 1, group.getName() ); ps.setString( 2, member.getName() ); ps.execute(); @@ -385,26 +454,34 @@ ps.close(); // Commit and close connection - if ( m_supportsCommits ) + if( m_supportsCommits ) { conn.commit(); } } - catch ( SQLException e ) + catch( SQLException e ) { throw new WikiSecurityException( e.getMessage() ); } finally { - try { conn.close(); } catch (Exception e) {} + try + { + if( conn != null ) conn.close(); + } + catch( Exception e ) + { + } } } /** * Initializes the group database based on values from a Properties object. + * * @param engine the wiki engine * @param props the properties used to initialize the group database - * @throws WikiSecurityException if the database could not be initialized successfully + * @throws WikiSecurityException if the database could not be initialized + * successfully * @throws NoRequiredPropertyException if a required property is not present */ public void initialize( WikiEngine engine, Properties props ) throws NoRequiredPropertyException, WikiSecurityException @@ -415,40 +492,30 @@ try { Context initCtx = new InitialContext(); - Context ctx = (Context) initCtx.lookup("java:comp/env"); + Context ctx = (Context) initCtx.lookup( "java:comp/env" ); m_ds = (DataSource) ctx.lookup( jndiName ); // Prepare the SQL selectors - m_table = props.getProperty( PROP_GROUPDB_TABLE, DEFAULT_GROUPDB_TABLE ); + m_table = props.getProperty( PROP_GROUPDB_TABLE, DEFAULT_GROUPDB_TABLE ); m_memberTable = props.getProperty( PROP_GROUPDB_MEMBER_TABLE, DEFAULT_GROUPDB_MEMBER_TABLE ); - m_name = props.getProperty( PROP_GROUPDB_NAME, DEFAULT_GROUPDB_NAME ); - m_created = props.getProperty( PROP_GROUPDB_CREATED, DEFAULT_GROUPDB_CREATED ); - m_creator = props.getProperty( PROP_GROUPDB_CREATOR, DEFAULT_GROUPDB_CREATOR ); - m_modifier = props.getProperty( PROP_GROUPDB_MODIFIER, DEFAULT_GROUPDB_MODIFIER ); - m_modified = props.getProperty( PROP_GROUPDB_MODIFIED, DEFAULT_GROUPDB_MODIFIED ); - m_member = props.getProperty( PROP_GROUPDB_MEMBER, DEFAULT_GROUPDB_MEMBER ); + m_name = props.getProperty( PROP_GROUPDB_NAME, DEFAULT_GROUPDB_NAME ); + m_created = props.getProperty( PROP_GROUPDB_CREATED, DEFAULT_GROUPDB_CREATED ); + m_creator = props.getProperty( PROP_GROUPDB_CREATOR, DEFAULT_GROUPDB_CREATOR ); + m_modifier = props.getProperty( PROP_GROUPDB_MODIFIER, DEFAULT_GROUPDB_MODIFIER ); + m_modified = props.getProperty( PROP_GROUPDB_MODIFIED, DEFAULT_GROUPDB_MODIFIED ); + m_member = props.getProperty( PROP_GROUPDB_MEMBER, DEFAULT_GROUPDB_MEMBER ); - m_findAll = "SELECT DISTINCT * FROM " + m_table; - m_findGroup = "SELECT DISTINCT * FROM " + m_table + " WHERE " + m_name + "=?"; + m_findAll = "SELECT DISTINCT * FROM " + m_table; + m_findGroup = "SELECT DISTINCT * FROM " + m_table + " WHERE " + m_name + "=?"; m_findMembers = "SELECT * FROM " + m_memberTable + " WHERE " + m_name + "=?"; // Prepare the group insert/update SQL - m_insertGroup = "INSERT INTO " + m_table + " (" - + m_name + "," - + m_modified + "," - + m_modifier + "," - + m_created + "," - + m_creator - + ") VALUES (?,?,?,?,?)"; - m_updateGroup = "UPDATE " + m_table + " SET " - + m_modified + "=?," - + m_modifier + "=? WHERE " + m_name + "=?"; + m_insertGroup = "INSERT INTO " + m_table + " (" + m_name + "," + m_modified + "," + m_modifier + "," + m_created + "," + + m_creator + ") VALUES (?,?,?,?,?)"; + m_updateGroup = "UPDATE " + m_table + " SET " + m_modified + "=?," + m_modifier + "=? WHERE " + m_name + "=?"; // Prepare the group member insert SQL - m_insertGroupMembers = "INSERT INTO " + m_memberTable + " (" - + m_name + "," - + m_member - + ") VALUES (?,?)"; + m_insertGroupMembers = "INSERT INTO " + m_memberTable + " (" + m_name + "," + m_member + ") VALUES (?,?)"; // Prepare the group delete SQL m_deleteGroup = "DELETE FROM " + m_table + " WHERE " + m_name + "=?"; @@ -457,7 +524,8 @@ catch( NamingException e ) { log.error( "JDBCGroupDatabase initialization error: " + e.getMessage() ); - throw new NoRequiredPropertyException( PROP_GROUPDB_DATASOURCE, "JDBCGroupDatabase initialization error: " + e.getMessage() ); + throw new NoRequiredPropertyException( PROP_GROUPDB_DATASOURCE, "JDBCGroupDatabase initialization error: " + + e.getMessage() ); } // Test connection by doing a quickie select @@ -469,14 +537,21 @@ ps.executeQuery(); ps.close(); } - catch ( SQLException e ) + catch( SQLException e ) { log.error( "JDBCGroupDatabase initialization error: " + e.getMessage() ); - throw new NoRequiredPropertyException( PROP_GROUPDB_DATASOURCE, "JDBCGroupDatabase initialization error: " + e.getMessage() ); + throw new NoRequiredPropertyException( PROP_GROUPDB_DATASOURCE, "JDBCGroupDatabase initialization error: " + + e.getMessage() ); } finally { - try { conn.close(); } catch (Exception e) {} + try + { + if( conn != null ) conn.close(); + } + catch( Exception e ) + { + } } log.info( "JDBCGroupDatabase initialized from JNDI DataSource: " + jndiName ); @@ -485,26 +560,34 @@ { conn = m_ds.getConnection(); DatabaseMetaData dmd = conn.getMetaData(); - if ( dmd.supportsTransactions() ) + if( dmd.supportsTransactions() ) { m_supportsCommits = true; conn.setAutoCommit( false ); - log.info("JDBCGroupDatabase supports transactions. Good; we will use them." ); + log.info( "JDBCGroupDatabase supports transactions. Good; we will use them." ); } } - catch ( SQLException e ) + catch( SQLException e ) { - log.warn("JDBCGroupDatabase warning: user database doesn't seem to support transactions. Reason: " + e.getMessage() ); - throw new NoRequiredPropertyException( PROP_GROUPDB_DATASOURCE, "JDBCGroupDatabase initialization error: " + e.getMessage() ); + log.warn( "JDBCGroupDatabase warning: user database doesn't seem to support transactions. Reason: " + e.getMessage() ); + throw new NoRequiredPropertyException( PROP_GROUPDB_DATASOURCE, "JDBCGroupDatabase initialization error: " + + e.getMessage() ); } finally { - try { conn.close(); } catch (Exception e) {} + try + { + if( conn != null ) conn.close(); + } + catch( Exception e ) + { + } } } /** * Returns true if the Group exists in back-end storage. + * * @param group the Group to look for * @return the result of the search */ @@ -516,14 +599,16 @@ findGroup( index ); return true; } - catch ( NoSuchPrincipalException e ) + catch( NoSuchPrincipalException e ) { return false; } } /** - * Loads and returns a Group from the back-end database matching a supplied name. + * Loads and returns a Group from the back-end database matching a supplied + * name. + * * @param index the name of the Group to find * @return the populated Group * @throws NoSuchPrincipalException if the Group cannot be found @@ -545,7 +630,7 @@ ResultSet rs = ps.executeQuery(); while ( rs.next() ) { - if ( group != null ) + if( group != null ) { unique = false; break; @@ -560,28 +645,35 @@ } ps.close(); } - catch ( SQLException e ) + catch( SQLException e ) { throw new NoSuchPrincipalException( e.getMessage() ); } finally { - try { conn.close(); } catch (Exception e) {} + try + { + if( conn != null ) conn.close(); + } + catch( Exception e ) + { + } } - if ( !found ) + if( !found ) { - throw new NoSuchPrincipalException("Could not find group in database!"); + throw new NoSuchPrincipalException( "Could not find group in database!" ); } - if ( !unique ) + if( !unique ) { - throw new NoSuchPrincipalException("More than one group in database!"); + throw new NoSuchPrincipalException( "More than one group in database!" ); } return group; } /** * Fills a Group with members. + * * @param group the group to populate * @return the populated Group */ @@ -599,7 +691,7 @@ while ( rs.next() ) { String memberName = rs.getString( m_member ); - if ( memberName != null ) + if( memberName != null ) { WikiPrincipal principal = new WikiPrincipal( memberName, WikiPrincipal.UNSPECIFIED ); group.add( principal ); @@ -607,13 +699,19 @@ } ps.close(); } - catch ( SQLException e ) + catch( SQLException e ) { // I guess that means there aren't any principals... } finally { - try { conn.close(); } catch (Exception e) {} + try + { + if( conn != null ) conn.close(); + } + catch( Exception e ) + { + } } return group; } Modified: incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/Role.java URL: http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/Role.java?rev=682144&r1=682143&r2=682144&view=diff ============================================================================== --- incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/Role.java (original) +++ incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/Role.java Sun Aug 3 05:17:34 2008 @@ -1,24 +1,26 @@ -/* - JSPWiki - a JSP-based WikiWiki clone. +/* + JSPWiki - a JSP-based WikiWiki clone. - Copyright (C) 2001-2004 Janne Jalkanen (Janne.Jalkanen@iki.fi) - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU Lesser General Public License as published by - the Free Software Foundation; either version 2.1 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. */ package com.ecyrd.jspwiki.auth.authorize; +import java.io.Serializable; import java.security.Principal; /** @@ -29,8 +31,9 @@ * @author Andrew Jaquith * @since 2.3 */ -public final class Role implements Principal +public final class Role implements Principal, Serializable { + private static final long serialVersionUID = 1L; /** All users, regardless of authentication status */ public static final Role ALL = new Role( "All" ); @@ -47,6 +50,14 @@ private final String m_name; /** + * Create an empty Role. + */ + protected Role() + { + this(null); + } + + /** * Constructs a new Role with a given name. * @param name the name of the Role */ Modified: incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/WebAuthorizer.java URL: http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/WebAuthorizer.java?rev=682144&r1=682143&r2=682144&view=diff ============================================================================== --- incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/WebAuthorizer.java (original) +++ incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/WebAuthorizer.java Sun Aug 3 05:17:34 2008 @@ -1,15 +1,22 @@ -/* - * JSPWiki - a JSP-based WikiWiki clone. Copyright (C) 2001-2003 Janne Jalkanen - * (Janne.Jalkanen@iki.fi) This program is free software; you can redistribute - * it and/or modify it under the terms of the GNU Lesser General Public License - * as published by the Free Software Foundation; either version 2.1 of the - * License, or (at your option) any later version. This program is distributed - * in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even - * the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - * See the GNU Lesser General Public License for more details. You should have - * received a copy of the GNU Lesser General Public License along with this - * program; if not, write to the Free Software Foundation, Inc., 59 Temple - * Place, Suite 330, Boston, MA 02111-1307 USA +/* + JSPWiki - a JSP-based WikiWiki clone. + + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. */ package com.ecyrd.jspwiki.auth.authorize; Modified: incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/WebContainerAuthorizer.java URL: http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/WebContainerAuthorizer.java?rev=682144&r1=682143&r2=682144&view=diff ============================================================================== --- incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/WebContainerAuthorizer.java (original) +++ incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/WebContainerAuthorizer.java Sun Aug 3 05:17:34 2008 @@ -1,15 +1,22 @@ -/* - * JSPWiki - a JSP-based WikiWiki clone. Copyright (C) 2001-2003 Janne Jalkanen - * (Janne.Jalkanen@iki.fi) This program is free software; you can redistribute - * it and/or modify it under the terms of the GNU Lesser General Public License - * as published by the Free Software Foundation; either version 2.1 of the - * License, or (at your option) any later version. This program is distributed - * in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even - * the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. - * See the GNU Lesser General Public License for more details. You should have - * received a copy of the GNU Lesser General Public License along with this - * program; if not, write to the Free Software Foundation, Inc., 59 Temple - * Place, Suite 330, Boston, MA 02111-1307 USA +/* + JSPWiki - a JSP-based WikiWiki clone. + + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. */ package com.ecyrd.jspwiki.auth.authorize; @@ -130,9 +137,9 @@ if ( m_containerRoles.length > 0 ) { String roles = ""; - for( int i = 0; i < m_containerRoles.length; i++ ) + for( Role containerRole : m_containerRoles ) { - roles = roles + m_containerRoles[i] + " "; + roles = roles + containerRole + " "; } log.info( " JSPWiki determined the web container manages these roles: " + roles ); } @@ -162,9 +169,10 @@ * return false. * This method simply examines the WikiSession subject to see if it * possesses the desired Principal. We assume that the method - * {@link com.ecyrd.jspwiki.auth.AuthenticationManager#login(HttpServletRequest)} - * previously executed at user login time, and that it has injected - * the role Principals that were in force at login time. + * {@link com.ecyrd.jspwiki.ui.WikiServletFilter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain)} + * previously executed, and that it has set the WikiSession + * subject correctly by logging in the user with the various login modules, + * in particular {@link com.ecyrd.jspwiki.auth.login.WebContainerLoginModule}}. * This is definitely a hack, * but it eliminates the need for WikiSession to keep dangling * references to the last WikiContext hanging around, just @@ -195,11 +203,11 @@ */ public Principal findRole( String role ) { - for( int i = 0; i < m_containerRoles.length; i++ ) + for( Role containerRole : m_containerRoles ) { - if ( m_containerRoles[i].getName().equals( role ) ) + if ( containerRole.getName().equals( role ) ) { - return m_containerRoles[i]; + return containerRole; } } return null; @@ -238,13 +246,13 @@ selector = "//j:web-app/j:security-constraint[j:web-resource-collection/j:url-pattern=\"" + url + "\"]"; xpath = XPath.newInstance( selector ); xpath.addNamespace( "j", J2EE_SCHEMA_24_NAMESPACE ); - List constraints = xpath.selectNodes( root ); + List constraints = xpath.selectNodes( root ); // Get all constraints that match our Role pattern selector = "//j:web-app/j:security-constraint[j:auth-constraint/j:role-name=\"" + role.getName() + "\"]"; xpath = XPath.newInstance( selector ); xpath.addNamespace( "j", J2EE_SCHEMA_24_NAMESPACE ); - List roles = xpath.selectNodes( root ); + List roles = xpath.selectNodes( root ); // If we can't find either one, we must not be constrained if ( constraints.size() == 0 ) @@ -265,10 +273,10 @@ } // If a constraint is contained in both lists, we must be constrained - for ( Iterator c = constraints.iterator(); c.hasNext(); ) + for ( Iterator c = constraints.iterator(); c.hasNext(); ) { Element constraint = (Element)c.next(); - for ( Iterator r = roles.iterator(); r.hasNext(); ) + for ( Iterator r = roles.iterator(); r.hasNext(); ) { Element roleConstraint = (Element)r.next(); if ( constraint.equals( roleConstraint ) ) @@ -331,8 +339,8 @@ String selector = "//j:web-app/j:security-constraint/j:auth-constraint/j:role-name"; XPath xpath = XPath.newInstance( selector ); xpath.addNamespace( "j", J2EE_SCHEMA_24_NAMESPACE ); - List nodes = xpath.selectNodes( root ); - for( Iterator it = nodes.iterator(); it.hasNext(); ) + List nodes = xpath.selectNodes( root ); + for( Iterator it = nodes.iterator(); it.hasNext(); ) { String role = ( (Element) it.next() ).getTextTrim(); roles.add( new Role( role ) ); @@ -343,7 +351,7 @@ xpath = XPath.newInstance( selector ); xpath.addNamespace( "j", J2EE_SCHEMA_24_NAMESPACE ); nodes = xpath.selectNodes( root ); - for( Iterator it = nodes.iterator(); it.hasNext(); ) + for( Iterator it = nodes.iterator(); it.hasNext(); ) { String role = ( (Element) it.next() ).getTextTrim(); roles.add( new Role( role ) ); Modified: incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/XMLGroupDatabase.java URL: http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/XMLGroupDatabase.java?rev=682144&r1=682143&r2=682144&view=diff ============================================================================== --- incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/XMLGroupDatabase.java (original) +++ incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/XMLGroupDatabase.java Sun Aug 3 05:17:34 2008 @@ -1,21 +1,22 @@ -/* +/* JSPWiki - a JSP-based WikiWiki clone. - Copyright (C) 2001-2002 Janne Jalkanen (Janne.Jalkanen@iki.fi) - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU Lesser General Public License as published by - the Free Software Foundation; either version 2.1 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. */ package com.ecyrd.jspwiki.auth.authorize; @@ -32,7 +33,6 @@ import java.util.Collection; import java.util.Date; import java.util.HashMap; -import java.util.Iterator; import java.util.Map; import java.util.Properties; @@ -113,7 +113,7 @@ private WikiEngine m_engine = null; - private Map m_groups = new HashMap(); + private Map m_groups = new HashMap(); /** * No-op method that in previous versions of JSPWiki was intended to @@ -124,6 +124,7 @@ * @deprecated there is no need to call this method because the save and * delete methods contain their own commit logic */ + @SuppressWarnings("deprecation") public void commit() throws WikiSecurityException { } @@ -416,10 +417,8 @@ io.write( "\n" ); // Write each profile as a node - Collection groups = m_groups.values(); - for( Iterator it = groups.iterator(); it.hasNext(); ) + for( Group group : m_groups.values() ) { - Group group = (Group) it.next(); io.write( " <" + GROUP_TAG + " " ); io.write( GROUP_NAME ); io.write( "=\"" + StringEscapeUtils.escapeXml( group.getName() )+ "\" " ); @@ -434,10 +433,8 @@ io.write( ">\n" ); // Write each member as a node - Principal[] members = group.members(); - for( int j = 0; j < members.length; j++ ) + for( Principal member : group.members() ) { - Principal member = members[j]; io.write( " <" + MEMBER_TAG + " " ); io.write( PRINCIPAL ); io.write( "=\"" + StringEscapeUtils.escapeXml(member.getName()) + "\" " ); Added: incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/package.html URL: http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/package.html?rev=682144&view=auto ============================================================================== --- incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/package.html (added) +++ incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/authorize/package.html Sun Aug 3 05:17:34 2008 @@ -0,0 +1,20 @@ + + + + +JSPWiki: ACL + + + +

Authorizer implementation.

+ +

Package Specification

+ +

Authorizers are classes which figure out whether a given user matches a given password, +and whether they should be let into the wiki in the first place. This package also contains +group management.

+ +

Related Documentation

+ + + \ No newline at end of file Modified: incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/AbstractLoginModule.java URL: http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/AbstractLoginModule.java?rev=682144&r1=682143&r2=682144&view=diff ============================================================================== --- incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/AbstractLoginModule.java (original) +++ incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/AbstractLoginModule.java Sun Aug 3 05:17:34 2008 @@ -1,28 +1,28 @@ /* JSPWiki - a JSP-based WikiWiki clone. - Copyright (C) 2001-2007 Janne Jalkanen (Janne.Jalkanen@iki.fi) - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU Lesser General Public License as published by - the Free Software Foundation; either version 2.1 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. */ package com.ecyrd.jspwiki.auth.login; import java.security.Principal; import java.util.Collection; import java.util.HashSet; -import java.util.Iterator; import java.util.Map; import javax.security.auth.Subject; @@ -50,7 +50,7 @@ protected CallbackHandler m_handler; - protected Map m_options; + protected Map m_options; /** * Collection of Principals set during login module initialization. @@ -59,8 +59,9 @@ * like a WikiPrincipal for the user cookie, or an IP address. * These Principals are forcibly removed during the commit phase * if login succeeds. + * @deprecated */ - protected Collection m_previousWikiPrincipals; + protected Collection m_previousWikiPrincipals; /** * Implementing classes should add Principals to this collection; these @@ -68,7 +69,7 @@ * These Principals will be added to the Subject * during the {@link #commit()} phase of login. */ - protected Collection m_principals; + protected Collection m_principals; /** * Implementing classes should add Principals to this collection @@ -76,8 +77,9 @@ * this module, or for the entire login configuration overall, fails. * Generally, these will be Principals of type * {@link com.ecyrd.jspwiki.auth.authorize.Role}. + * @deprecated */ - protected Collection m_principalsToRemove; + protected Collection m_principalsToRemove; /** * Implementing classes should add Principals to this collection to specify @@ -90,10 +92,11 @@ * m_principalsToOverwrite collection because when it * succeeds, its own {@link com.ecyrd.jspwiki.auth.authorize.Role#AUTHENTICATED} * should over-write {@link com.ecyrd.jspwiki.auth.authorize.Role#ANONYMOUS}. + * @deprecated */ - protected Collection m_principalsToOverwrite; + protected Collection m_principalsToOverwrite; - protected Map m_state; + protected Map m_state; protected Subject m_subject; @@ -109,6 +112,7 @@ * It always returns true. * @see javax.security.auth.spi.LoginModule#abort() * @throws LoginException if the abort itself fails + * @return True, always. */ public final boolean abort() throws LoginException { @@ -138,17 +142,13 @@ * failed * @see javax.security.auth.spi.LoginModule#commit() */ - /** - * @see javax.security.auth.spi.LoginModule#commit() - */ - public final boolean commit() throws LoginException + public final boolean commit() { if ( succeeded() ) { removePrincipals( m_previousWikiPrincipals ); - for ( Iterator it = m_principals.iterator(); it.hasNext(); ) + for ( Principal principal : m_principals ) { - Principal principal = (Principal)it.next(); m_subject.getPrincipals().add( principal ); if ( log.isDebugEnabled() ) { @@ -177,13 +177,18 @@ * @see javax.security.auth.spi.LoginModule#initialize(javax.security.auth.Subject, * javax.security.auth.callback.CallbackHandler, java.util.Map, * java.util.Map) + * + * @param subject {@inheritDoc} + * @param callbackHandler {@inheritDoc} + * @param sharedState {@inheritDoc} + * @param options {@inheritDoc} */ - public final void initialize( Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options ) + public final void initialize( Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options ) { - m_previousWikiPrincipals = new HashSet(); - m_principals = new HashSet(); - m_principalsToRemove = new HashSet(); - m_principalsToOverwrite = new HashSet(); + m_previousWikiPrincipals = new HashSet(); + m_principals = new HashSet(); + m_principalsToRemove = new HashSet(); + m_principalsToOverwrite = new HashSet(); m_subject = subject; m_handler = callbackHandler; m_state = sharedState; @@ -235,7 +240,7 @@ * Returns true if the number of principals * contained in {@link #m_principals} is non-zero; * false otherwise. - * @return + * @return True, if a login has succeeded. */ private final boolean succeeded() { @@ -247,11 +252,10 @@ * Principal set. * @param principals the principals to remove */ - private final void removePrincipals( Collection principals ) + private final void removePrincipals( Collection principals ) { - for ( Iterator it = principals.iterator(); it.hasNext(); ) + for ( Principal principal : principals ) { - Principal principal = (Principal)it.next(); if ( m_subject.getPrincipals().contains( principal ) ) { m_subject.getPrincipals().remove( principal ); Modified: incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/AnonymousLoginModule.java URL: http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/AnonymousLoginModule.java?rev=682144&r1=682143&r2=682144&view=diff ============================================================================== --- incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/AnonymousLoginModule.java (original) +++ incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/AnonymousLoginModule.java Sun Aug 3 05:17:34 2008 @@ -1,21 +1,22 @@ /* JSPWiki - a JSP-based WikiWiki clone. - Copyright (C) 2001-2007 Janne Jalkanen (Janne.Jalkanen@iki.fi) - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU Lesser General Public License as published by - the Free Software Foundation; either version 2.1 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. */ package com.ecyrd.jspwiki.auth.login; @@ -30,7 +31,6 @@ import org.apache.log4j.Logger; import com.ecyrd.jspwiki.auth.WikiPrincipal; -import com.ecyrd.jspwiki.auth.authorize.Role; /** *

@@ -48,9 +48,7 @@ * *

* After authentication, a generic WikiPrincipal based on the IP address will be - * created and associated with the Subject. Principals - * {@link com.ecyrd.jspwiki.auth.authorize.Role#ALL} and - * {@link com.ecyrd.jspwiki.auth.authorize.Role#ANONYMOUS} will be added. + * created and associated with the Subject. * @see javax.security.auth.spi.LoginModule#commit() *

* @author Andrew Jaquith @@ -70,24 +68,13 @@ * Logs in the user by calling back to the registered CallbackHandler with an * HttpRequestCallback. The CallbackHandler must supply the current servlet * HTTP request as its response. - * @return the result of the login; this will always be false - * if the Subject's Principal set already contains either - * {@link Role#ASSERTED} or {@link Role#AUTHENTICATED}; otherwise, - * always returns true. + * @return the result of the login; this will always be true. * @see javax.security.auth.spi.LoginModule#login() + * @throws {@inheritDoc} */ public boolean login() throws LoginException { - // If already logged in or asserted, ignore this login module - if ( m_subject.getPrincipals().contains( Role.AUTHENTICATED ) - || m_subject.getPrincipals().contains( Role.ASSERTED ) ) - { - // If login ignored, remove anonymous role - m_principalsToRemove.add( Role.ANONYMOUS ); - return false; - } - - // Otherwise, let's go and make a Principal based on the IP address + // Let's go and make a Principal based on the IP address HttpRequestCallback hcb = new HttpRequestCallback(); Callback[] callbacks = new Callback[] { hcb }; @@ -100,20 +87,10 @@ { HttpSession session = request.getSession( false ); String sid = (session == null) ? NULL : session.getId(); - log.debug("Logged in session ID=" + sid); - log.debug("Added Principals " + ipAddr + ",Role.ANONYMOUS,Role.ALL" ); + log.debug("Logged in session ID=" + sid + "; IP=" + ipAddr); } // If login succeeds, commit these principals/roles m_principals.add( ipAddr ); - m_principals.add( Role.ANONYMOUS ); - m_principals.add( Role.ALL ); - - // If login succeeds, overwrite these principals/roles - m_principalsToOverwrite.add( WikiPrincipal.GUEST ); - - // If login fails, remove these roles - m_principalsToRemove.add( Role.ANONYMOUS ); - return true; } catch( IOException e ) Modified: incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/AuthorizerCallback.java URL: http://svn.apache.org/viewvc/incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/AuthorizerCallback.java?rev=682144&r1=682143&r2=682144&view=diff ============================================================================== --- incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/AuthorizerCallback.java (original) +++ incubator/jspwiki/branches/JSPWIKI_2_9_STRIPES_BRANCH/src/com/ecyrd/jspwiki/auth/login/AuthorizerCallback.java Sun Aug 3 05:17:34 2008 @@ -1,21 +1,22 @@ -/* +/* JSPWiki - a JSP-based WikiWiki clone. - Copyright (C) 2001-2007 Janne Jalkanen (Janne.Jalkanen@iki.fi) - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU Lesser General Public License as published by - the Free Software Foundation; either version 2.1 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. */ package com.ecyrd.jspwiki.auth.login; @@ -54,4 +55,4 @@ return m_authorizer; } -} \ No newline at end of file +}