Examples of org.apache.wiki.WikiSession

org.apache.wiki.WikiSession
Represents a long-running wiki session, with an associated user Principal, user Subject, and authentication status. This class is initialized with minimal, default-deny values: authentication is set to false, and the user principal is set to null.

The WikiSession class allows callers to:
- Obtain the authentication status of the user via {@link #isAnonymous()} and {@link #isAuthenticated()}
- Query the session for Principals representing the user's identity via {@link #getLoginPrincipal()}, {@link #getUserPrincipal()} and {@link #getPrincipals()}
- Store, retrieve and clear UI messages via {@link #addMessage(String)}, {@link #getMessages(String)}and {@link #clearMessages(String)}
To keep track of the Principals each user posseses, each WikiSession stores a JAAS Subject. Various login processes add or remove Principals when users authenticate or log out.

WikiSession implements the {@link org.apache.wiki.event.WikiEventListener}interface and listens for group add/change/delete events fired by event sources the WikiSession is registered with. Normally, {@link org.apache.wiki.auth.AuthenticationManager} registers each WikiSessionwith the {@link org.apache.wiki.auth.authorize.GroupManager}so it can catch group events. Thus, when a user is added to a {@link org.apache.wiki.auth.authorize.Group}, a corresponding {@link org.apache.wiki.auth.GroupPrincipal} is injected intothe Subject's Principal set. Likewise, when the user is removed from the Group or the Group is deleted, the GroupPrincipal is removed from the Subject. The effect that this strategy produces is extremely beneficial: when someone adds a user to a wiki group, that user immediately gains the privileges associated with that group; he or she does not need to re-authenticate.

In addition to methods for examining individual WikiSession objects, this class also contains a number of static methods for managing WikiSessions for an entire wiki. These methods allow callers to find, query and remove WikiSession objects, and to obtain a list of the current wiki session users.

WikiSession encloses a protected static class, {@link SessionMonitor}, to keep track of WikiSessions registered with each wiki.

     *  @param permission
     *  @return
     */
    private boolean checkPermission( String permission )
    {
        WikiSession session        = m_wikiContext.getWikiSession();
        WikiPage    page           = m_wikiContext.getPage();
        AuthorizationManager mgr   = m_wikiContext.getEngine().getAuthorizationManager();
        boolean gotPermission     = false;
        
        if ( CREATE_GROUPS.equals( permission ) || CREATE_PAGES.equals( permission )

View Full Code Here

    private static final Pattern VALID_USER_NAME_PATTERN = Pattern.compile(notStartWithBlankOrColon + noColons);


    public final int doWikiStartTag() throws IOException
    {
        WikiEngine engine = this.m_wikiContext.getEngine();
        WikiSession wikiSession = WikiSession.getWikiSession(engine, (HttpServletRequest) pageContext.getRequest());
        Principal user = wikiSession.getUserPrincipal();


        if (user != null)
        {
            if (VALID_USER_NAME_PATTERN.matcher(user.getName()).matches())
            {

View Full Code Here

        m_action = action.toLowerCase();
    }


    public final int doWikiStartTag() throws IOException
    {
        WikiSession session = m_wikiContext.getWikiSession();
        if ( CLEAR.equals( m_action ) )
        {
            if ( m_topic == null )
            {
                session.clearMessages();
            }
            else
            {
                session.clearMessages( m_topic );
            }
        }
        else
        {
            String[] messages = ( m_topic == null ) ? session.getMessages() : session.getMessages( m_topic );
            if ( messages.length > 0 )
            {
                StringBuffer sb = new StringBuffer();
                if ( messages.length == 1 )
                {

View Full Code Here

            {
                //
                //  Default back to the declared user name
                //
                WikiEngine engine = this.m_wikiContext.getEngine();
                WikiSession wikiSession = WikiSession.getWikiSession( engine, (HttpServletRequest)pageContext.getRequest() );
                Principal user = wikiSession.getUserPrincipal();


                if( user != null )
                {
                    result = user.getName();
                }

View Full Code Here

     */
    @Override
    public final int doWikiStartTag()
        throws IOException
    {
        WikiSession session = m_wikiContext.getWikiSession();
        String status = session.getStatus();
        AuthenticationManager mgr = m_wikiContext.getEngine().getAuthenticationManager();
        boolean containerAuth = mgr.isContainerAuthenticated();
        boolean cookieAssertions = mgr.allowsCookieAssertions();


        if( m_status != null )
        {
            if ( ANONYMOUS.equals( m_status )) 
            {
                if (status.equals(WikiSession.ANONYMOUS))
                {
                    return EVAL_BODY_INCLUDE;
                }
            }
            else if( AUTHENTICATED.equals( m_status ))
            { 
                if (status.equals(WikiSession.AUTHENTICATED)) 
                {
                    return EVAL_BODY_INCLUDE;
                }
            }
            else if( ASSERTED.equals( m_status )) 
            { 
                if (status.equals(WikiSession.ASSERTED)) 
                {
                    return EVAL_BODY_INCLUDE;
                }
            }
            else if( ASSERTIONS_ALLOWED.equals( m_status ))
            { 
                if ( cookieAssertions )
                {
                    return EVAL_BODY_INCLUDE;
                }
                return SKIP_BODY;
            }
            else if( ASSERTIONS_NOT_ALLOWED.equals( m_status ))
            { 
                if ( !cookieAssertions )
                {
                    return EVAL_BODY_INCLUDE;
                }
                return SKIP_BODY;
            }
            else if( CONTAINER_AUTH.equals( m_status )) 
            { 
                if ( containerAuth )
                {
                    return EVAL_BODY_INCLUDE;
                }
                return SKIP_BODY;
            }
            else if( CUSTOM_AUTH.equals( m_status )) 
            { 
                if ( !containerAuth )
                {
                    return EVAL_BODY_INCLUDE;
                }
                return SKIP_BODY;
            }
            else if( KNOWN.equals( m_status )) 
            { 
                if ( !session.isAnonymous() )
                {
                    return EVAL_BODY_INCLUDE;
                }
                return SKIP_BODY;
            }

View Full Code Here

        }


        WikiSecurityEvent se = (WikiSecurityEvent)event;
        if ( se.getType() == WikiSecurityEvent.PROFILE_NAME_CHANGED )
        {
            WikiSession session = se.getSrc();
            UserProfile[] profiles = (UserProfile[])se.getTarget();
            Principal[] oldPrincipals = new Principal[] {
                new WikiPrincipal( profiles[0].getLoginName() ),
                new WikiPrincipal( profiles[0].getFullname() ),
                new WikiPrincipal( profiles[0].getWikiName() ) };

View Full Code Here

     * @throws WikiException problems while logging in.
     */
    WikiContext getJanneBasedWikiContextFor( WikiPage page ) throws WikiException 
    {
        MockHttpServletRequest request = testEngine.newHttpRequest();
        WikiSession session =  WikiSession.getWikiSession( testEngine, request );
        testEngine.getAuthenticationManager().login( session, 
                                                     request,
                                                     Users.JANNE,
                                                     Users.JANNE_PASS );

View Full Code Here

    {
        // Save a page without an ACL
        m_engine.saveText( "TestDefaultPage", "Foo" );
        Permission view = PermissionFactory.getPagePermission( "*:TestDefaultPage", "view" );
        Permission edit = PermissionFactory.getPagePermission( "*:TestDefaultPage", "edit" );
        WikiSession session;


        // Alice is asserted
        session = WikiSessionTest.assertedSession( m_engine, Users.ALICE );
        assertTrue( "Alice view", m_auth.checkPermission( session, view ) );
        assertTrue( "Alice edit", m_auth.checkPermission( session, edit ) );

View Full Code Here

        }
    }


    public void testGetRoles() throws Exception
    {
        WikiSession session;
        Principal[] principals;


        // Create a new "asserted" session for Bob
        session = WikiSessionTest.assertedSession( m_engine, Users.BOB );


        // Set up a group without Bob in it
        Group test = m_groupMgr.parseGroup( "Test", "Alice \n Charlie", true );
        m_groupMgr.setGroup( m_session, test );


        // Bob should have two roles: ASSERTED and ALL
        principals = session.getRoles();
        assertTrue( "Bob in ALL", ArrayUtils.contains( principals, Role.ALL ) );
        assertTrue( "Bob in ASSERTED", ArrayUtils.contains( principals, Role.ASSERTED ) );
        assertFalse( "Bob not in ANONYMOUS", ArrayUtils.contains( principals, Role.ANONYMOUS ) );
        assertFalse( "Bob not in Test", ArrayUtils.contains( principals, test.getPrincipal() ) );


        // Re-save group "Test" with Bob as a member
        test = m_groupMgr.parseGroup( "Test", "Alice \n Bob \nCharlie", true );
        m_groupMgr.setGroup( m_session, test );


        // Bob not authenticated: should still have only two romes
        principals = session.getRoles();
        assertTrue( "Bob in ALL", ArrayUtils.contains( principals, Role.ALL ) );
        assertTrue( "Bob in ASSERTED", ArrayUtils.contains( principals, Role.ASSERTED ) );
        assertFalse( "Bob not in ANONYMOUS", ArrayUtils.contains( principals, Role.ANONYMOUS ) );
        assertFalse( "Bob in Test", ArrayUtils.contains( principals, test.getPrincipal() ) );


        // Elevate Bob to "authenticated" status
        session = WikiSessionTest.authenticatedSession( m_engine, Users.BOB, Users.BOB_PASS );


        // Re-save the group; Bob should possess the role now
        test = m_groupMgr.parseGroup( "Test", "Alice \n Bob \n Charlie", true );
        m_groupMgr.setGroup( m_session, test );
        principals = session.getRoles();
        assertTrue( "Bob in ALL", ArrayUtils.contains( principals, Role.ALL ) );
        assertFalse( "Bob in ASSERTED", ArrayUtils.contains( principals, Role.ASSERTED ) );
        assertFalse( "Bob not in ANONYMOUS", ArrayUtils.contains( principals, Role.ANONYMOUS ) );
        assertTrue( "Bob in Test", ArrayUtils.contains( principals, test.getPrincipal() ) );

View Full Code Here

        Principal alice = new WikiPrincipal( Users.ALICE );
        Role it = new Role( "IT" );
        Role engineering = new Role( "Engineering" );
        Role finance = new Role( "Finance" );
        Principal admin = new GroupPrincipal( "Admin" );
        WikiSession session = WikiSessionTest.assertedSession(
                m_engine,
                Users.ALICE,
                new Principal[] { it, engineering, admin } );


        // Create two groups: Alice should be part of group Bar, but not Foo

View Full Code Here

0 1 2 3 4 5 6

TOP

Related Classes of org.apache.wiki.WikiSession

org.apache.wiki.attachment.AttachmentServlet

org.apache.wiki.auth.AuthenticationManager

org.apache.wiki.auth.AuthenticationManagerTest

org.apache.wiki.auth.AuthorizationManagerTest

org.apache.wiki.auth.authorize.Group

org.apache.wiki.auth.authorize.GroupManager

org.apache.wiki.auth.GroupManagerTest

org.apache.wiki.auth.SessionMonitor

org.apache.wiki.auth.user.UserDatabase

org.apache.wiki.auth.user.UserProfile

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.