diff --git a/ccm-core/src/com/arsdigita/categorization/CategoryPurpose.java b/ccm-core/src/com/arsdigita/categorization/CategoryPurpose.java index f4d09a2ad..f63773999 100755 --- a/ccm-core/src/com/arsdigita/categorization/CategoryPurpose.java +++ b/ccm-core/src/com/arsdigita/categorization/CategoryPurpose.java @@ -43,9 +43,9 @@ import org.apache.log4j.Logger; * filter the list of categories associated with an object. * * @author Scott Seago + * @version $Revision: #13 $ $DateTime: 2004/08/16 18:10:38 $ * @deprecated See the note about "use context" methods in the documentation for * {@link Category} class. - * @version $Revision: #13 $ $DateTime: 2004/08/16 18:10:38 $ */ public class CategoryPurpose extends ACSObject { diff --git a/ccm-core/src/com/arsdigita/core/Initializer.java b/ccm-core/src/com/arsdigita/core/Initializer.java index c75bfae6b..5f5416f58 100755 --- a/ccm-core/src/com/arsdigita/core/Initializer.java +++ b/ccm-core/src/com/arsdigita/core/Initializer.java @@ -86,6 +86,7 @@ public class Initializer extends CompoundInitializer { new NameFilter(DbHelper.getDatabaseSuffix(database), "pdl")))); add(new com.arsdigita.ui.Initializer()); + add(new com.arsdigita.kernel.security.Initializer()); add(new com.arsdigita.portal.Initializer()); add(new com.arsdigita.search.Initializer()); add(new com.arsdigita.search.lucene.Initializer()); diff --git a/ccm-core/src/com/arsdigita/core/enterprise.init b/ccm-core/src/com/arsdigita/core/enterprise.init index e07bd6c2b..034e9931c 100755 --- a/ccm-core/src/com/arsdigita/core/enterprise.init +++ b/ccm-core/src/com/arsdigita/core/enterprise.init @@ -37,7 +37,7 @@ init com.arsdigita.globalization.LegacyInitializer { init com.arsdigita.kernel.Initializer {} -init com.arsdigita.kernel.security.Initializer { +init com.arsdigita.kernel.security.LegacyInitializer { securityHelperClass = "com.arsdigita.kernel.security.DefaultSecurityHelper"; sessionTrackingMethod = "cookie"; diff --git a/ccm-core/src/com/arsdigita/kernel/security/CredentialLoginModule.java b/ccm-core/src/com/arsdigita/kernel/security/CredentialLoginModule.java index aa6cdc80a..dde8b8428 100755 --- a/ccm-core/src/com/arsdigita/kernel/security/CredentialLoginModule.java +++ b/ccm-core/src/com/arsdigita/kernel/security/CredentialLoginModule.java @@ -51,7 +51,7 @@ import com.arsdigita.kernel.Kernel; * * @author Sameer Ajmani * @version $Id: CredentialLoginModule.java 718 2005-08-18 15:34:42Z apevec $ - */ + **/ public abstract class CredentialLoginModule implements LoginModule { private static final Logger s_log = @@ -389,7 +389,7 @@ public abstract class CredentialLoginModule implements LoginModule { **/ protected final boolean requestIsExcluded() throws LoginException { - java.util.Iterator exts = Initializer.getExcludedExtensions(); + java.util.Iterator exts = Util.getExcludedExtensions(); while (exts.hasNext()) { String ext = (String)exts.next(); if (getRequest().getRequestURI().endsWith(ext)) { @@ -466,7 +466,9 @@ public abstract class CredentialLoginModule implements LoginModule { if (m_forever == null) { LifetimeCallback cb = new LifetimeCallback(); m_handler.handle(new Callback[] { cb }); - m_forever = new Boolean(cb.isForever()); + // m_forever = new Boolean(cb.isForever()); + // performancewise better: + m_forever = Boolean.valueOf(cb.isForever()); } return m_forever.booleanValue(); } catch (IOException e) { diff --git a/ccm-core/src/com/arsdigita/kernel/security/DefaultSecurityHelper.java b/ccm-core/src/com/arsdigita/kernel/security/DefaultSecurityHelper.java index d903e0d9d..3e54b4987 100755 --- a/ccm-core/src/com/arsdigita/kernel/security/DefaultSecurityHelper.java +++ b/ccm-core/src/com/arsdigita/kernel/security/DefaultSecurityHelper.java @@ -41,11 +41,11 @@ public class DefaultSecurityHelper implements SecurityHelper { } private static String[] allowedPages = new String[] { - Initializer.LOGIN_PAGE_KEY, - Initializer.LOGOUT_PAGE_KEY, - Initializer.COOKIES_PAGE_KEY, - Initializer.RECOVER_PAGE_KEY, - Initializer.EXPIRED_PAGE_KEY, + LegacyInitializer.LOGIN_PAGE_KEY, + LegacyInitializer.LOGOUT_PAGE_KEY, + LegacyInitializer.COOKIES_PAGE_KEY, + LegacyInitializer.RECOVER_PAGE_KEY, + LegacyInitializer.EXPIRED_PAGE_KEY, }; /** @@ -68,7 +68,7 @@ public class DefaultSecurityHelper implements SecurityHelper { // // don't require login if page on allowed list // String url = req.getRequestURI(); // for (int i = 0; i < allowedPages.length; i++) { -// String allowed = Initializer.getFullURL(allowedPages[i], req); +// String allowed = LegacyInitializer.getFullURL(allowedPages[i], req); // if (url.equals(allowed)) { // return false; // } @@ -83,6 +83,6 @@ public class DefaultSecurityHelper implements SecurityHelper { * @return the full URL of the login page. **/ public String getLoginURL(HttpServletRequest req) { - return Initializer.getFullURL(Initializer.LOGIN_PAGE_KEY, req); + return LegacyInitializer.getFullURL(LegacyInitializer.LOGIN_PAGE_KEY, req); } } diff --git a/ccm-core/src/com/arsdigita/kernel/security/Initializer.java b/ccm-core/src/com/arsdigita/kernel/security/Initializer.java index b52ebec12..35b6a106f 100755 --- a/ccm-core/src/com/arsdigita/kernel/security/Initializer.java +++ b/ccm-core/src/com/arsdigita/kernel/security/Initializer.java @@ -1,5 +1,4 @@ /* - * Copyright (C) 2001-2004 Red Hat Inc. All Rights Reserved. * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public License @@ -16,326 +15,110 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * */ + package com.arsdigita.kernel.security; -import com.arsdigita.util.URLRewriter; import com.arsdigita.kernel.Kernel; -import com.arsdigita.kernel.SiteNode; -import com.arsdigita.initializer.Configuration; -import com.arsdigita.initializer.InitializationException; +import com.arsdigita.runtime.ConfigError; +import com.arsdigita.runtime.DomainInitEvent; +import com.arsdigita.runtime.GenericInitializer; +import com.arsdigita.util.URLRewriter; import java.util.Arrays; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.Iterator; +//import java.util.ArrayList; +//import java.util.HashMap; +//import java.util.Iterator; import java.util.List; -import java.util.Map; +//import java.util.Map; + import javax.security.auth.login.LoginException; -import javax.servlet.http.HttpServletRequest; +//import javax.servlet.http.HttpServletRequest; import org.apache.log4j.Logger; /** - *

Initializes security properties.

+ * Initializes the kernel security subpackage. * - *

Deprecated feature: Provides access - * to URLs for standard pages.

- * - * @author Sameer Ajmani - * @since ACS 4.5 - * @version $Id: Initializer.java 1225 2006-06-19 09:27:21Z apevec $ - **/ -public class Initializer - implements com.arsdigita.initializer.Initializer { + * @author pboy (pboy@barkhof.uni-bremen.de) + */ +public class Initializer extends GenericInitializer { - private static final Logger s_log = - Logger.getLogger(Initializer.class); + // Creates a s_logging category with name = to the full name of class + public static final Logger s_log = Logger.getLogger(Initializer.class); - /** Obsolete parameter name for session tracking method. **/ - public static String SESSION_TRACKING_PARAM = "sessionTrackingMethod"; - /** Parameter name for security helper class name. **/ - public static String SECURITY_HELPER_PARAM = "securityHelperClass"; - /** Parameter name for excluded URI extensions. **/ - public static String EXCLUDED_EXTENSIONS_PARAM = "excludedExtensions"; - /** Size of secret key in bytes. **/ - public static int SECRET_KEY_BYTES = 16; - - private Configuration m_conf = new Configuration(); - - public Configuration getConfiguration() { - return m_conf; - } - - public Initializer() throws InitializationException { - m_conf.initParameter - (SECURITY_HELPER_PARAM, - "The class name of the SecurityHelper implementation", - String.class, - DefaultSecurityHelper.class.getName()); - m_conf.initParameter - (SESSION_TRACKING_PARAM, - "This parameter is obsolete.", - String.class); - m_conf.initParameter - (EXCLUDED_EXTENSIONS_PARAM, - "List of extensions excluded from authentication cookies. " - +"Authentication is checked for all requests, but requests " - +"with one of these extensions will never cause a new cookie " - +"to be set. Include a leading dot for each extension.", - List.class, - Arrays.asList(new String[] { ".jpg", ".gif", ".png", ".pdf" })); - - - } - - public void startup() throws InitializationException { - URLRewriter.addParameterProvider - (new SecurityParameterProvider()); - loadExcludedExtensions(); - loadSecurityHelper(); - loadPageMap(); - loadLoginConfig(); - } + private static SecurityConfig s_conf = Kernel.getSecurityConfig(); /** - * Returns an iterator over the list of excluded extensions. + * Implementation of the {@link Initializer#init(DomainInitEvent)} + * method. * - * @return an iterator over the list of excluded extensions. * - * @deprecated To be moved into a utility class. - **/ - public static Iterator getExcludedExtensions() { - if (s_exts == null) { - return java.util.Collections.EMPTY_LIST.iterator(); - } else { - return s_exts.iterator(); - } - } - private static List s_exts = null; + * @param evt The domain init event. + */ + public void init(DomainInitEvent evt) { + s_log.debug("kernel security domain init begin."); - private void loadExcludedExtensions() { - s_exts = (List)m_conf.getParameter(EXCLUDED_EXTENSIONS_PARAM); - Iterator exts = getExcludedExtensions(); - while (exts.hasNext()) { - Object o = exts.next(); - if (!(o instanceof String)) { - throw new InitializationException - ("Extension must be a string: "+o); - } - } - } + // Steps carried over from the old style initializer / enterprise.ini + + // Step 1: + // Add the security package' parameter provider to the list of URL + // parameters to enable cookielesss login. + URLRewriter.addParameterProvider(new SecurityParameterProvider()); - /** - * Returns the security helper instance. - * - * @return the security helper instance. - * - * @deprecated Moved into {@link Util} - **/ - public static SecurityHelper getSecurityHelper() { - return Util.getSecurityHelper(); - } + // Step 2: + // TODO: Implement an equivalant to loadExcludedExtensions() of + // LegacyInitializer to set the list of ExludecExtensions in Util! + // Avoid any reference to the config object in Util. - private void loadSecurityHelper() { - String name = (String)m_conf.getParameter(SECURITY_HELPER_PARAM); - if (name == null) { - throw new InitializationException - (SECURITY_HELPER_PARAM+" not defined"); - } + // Step 3: + // Set the SecurityHelper class to be used. try { - Class theClass = Class.forName(name); - if (!SecurityHelper.class.isAssignableFrom(theClass)) { - throw new InitializationException - (SECURITY_HELPER_PARAM+": "+name - +" does not implement interface " - +SecurityHelper.class.getName()); - } + + Class theClass = s_conf.getSecurityHelperClass(); Util.setSecurityHelper(theClass.newInstance()); - } catch (ClassNotFoundException e) { - throw new InitializationException - (SECURITY_HELPER_PARAM+": "+name+" not found: ", e); + } catch (InstantiationException e) { - throw new InitializationException - (SECURITY_HELPER_PARAM+": "+name - +" is not concrete or lacks no-arg constructor: ", e); + throw new ConfigError( + "Class: " + s_conf.getSecurityHelperClass().getName() + +" is not concrete or lacks no-arg constructor: " ); } catch (IllegalAccessException e) { - throw new InitializationException - (SECURITY_HELPER_PARAM+": "+name - +" is not public or lacks public constructor: ", e); - } - } - - /** Key for the root page of the site. **/ - public static String ROOT_PAGE_KEY = - "com.arsdigita.page.kernel.root"; - /** Key for the user edit page. **/ - public static String EDIT_PAGE_KEY = - "com.arsdigita.page.kernel.edit"; - /** Key for the login page. **/ - public static String LOGIN_PAGE_KEY = - "com.arsdigita.page.kernel.login"; - /** Key for the new user page. **/ - public static String NEWUSER_PAGE_KEY = - "com.arsdigita.page.kernel.newuser"; - /** Key for the logout page. **/ - public static String LOGOUT_PAGE_KEY = - "com.arsdigita.page.kernel.logout"; - /** Key for the explain-cookies page. **/ - public static String COOKIES_PAGE_KEY = - "com.arsdigita.page.kernel.cookies"; - /** Key for the login-expired page. **/ - public static String EXPIRED_PAGE_KEY = - "com.arsdigita.page.kernel.expired"; - /** Key for the change-password page. **/ - public static String CHANGE_PAGE_KEY = - "com.arsdigita.page.kernel.change"; - /** Key for the recover-password page. **/ - public static String RECOVER_PAGE_KEY = - "com.arsdigita.page.kernel.recover"; - /** Key for the workspace page. **/ - public static String WORKSPACE_PAGE_KEY = - "com.arsdigita.page.kernel.workspace"; - /** Key for the login redirect url. **/ - public static String LOGIN_REDIRECT_PAGE_KEY = - "com.arsdigita.page.kernel.login.redirect"; - /** Key for the admin-permission page. **/ - public static String PERMISSION_PAGE_KEY = - "com.arsdigita.page.kernel.permission"; - /** Key for the single-permission page. **/ - public static String PERM_SINGLE_PAGE_KEY = - "com.arsdigita.page.kernel.perm-single"; - - private static List s_defaultPageMap = new ArrayList() { - { - put(ROOT_PAGE_KEY, "register/"); - put(EDIT_PAGE_KEY, "register/edit-profile/"); - put(LOGIN_PAGE_KEY, "register/"); - put(NEWUSER_PAGE_KEY, "register/new-user/"); - put(LOGOUT_PAGE_KEY, "register/logout/"); - put(COOKIES_PAGE_KEY, "register/explain-persistent-cookies/"); - put(CHANGE_PAGE_KEY, "register/change-password/"); - put(RECOVER_PAGE_KEY, "register/recover-password/"); - put(EXPIRED_PAGE_KEY, "register/login-expired/"); - put(WORKSPACE_PAGE_KEY, "pvt/"); - put(LOGIN_REDIRECT_PAGE_KEY, "pvt/"); - put(PERMISSION_PAGE_KEY, "permissions/"); - put(PERM_SINGLE_PAGE_KEY, "permissions/one/"); - } - private void put(String key, String value) { - add(Arrays.asList(new Object[] { key, value })); - } - }; - - private static Map s_pageMap = new HashMap(); - - - - private void loadPageMap() throws InitializationException { - // load default page map - loadPageMap(s_defaultPageMap); - // load user page map - - List list = new ArrayList() { - { - SecurityConfig conf = Kernel.getSecurityConfig(); - put(ROOT_PAGE_KEY, conf.getRootPage()); - put(LOGIN_PAGE_KEY, conf.getLoginPage()); - put(NEWUSER_PAGE_KEY, conf.getNewUserPage()); - put(LOGOUT_PAGE_KEY, conf.getLogoutPage()); - put(COOKIES_PAGE_KEY, conf.getCookiesPage()); - put(CHANGE_PAGE_KEY, conf.getChangePage()); - put(RECOVER_PAGE_KEY, conf.getRecoverPage()); - put(EXPIRED_PAGE_KEY, conf.getExpiredPage()); - put(WORKSPACE_PAGE_KEY, conf.getWorkspacePage()); - put(LOGIN_REDIRECT_PAGE_KEY, conf.getLoginRedirectPage()); - put(PERMISSION_PAGE_KEY, conf.getPermissionPage()); - put(PERM_SINGLE_PAGE_KEY, conf.getPermSinglePage()); - } - private void put(String key, String value) { - add(Arrays.asList(new Object[] { key, value })); - } - }; - if (list != null) { - s_log.info("Security Initializer: mapping " - +list.size()+" pages"); - loadPageMap(list); - } - } - - private void loadPageMap(List list) { - Iterator pairs = list.iterator(); - while (pairs.hasNext()) { - List pair = (List)pairs.next(); - String key = (String)pair.get(0); - String url = (String)pair.get(1); - s_pageMap.put(key, url); - } - } - - /** - * Returns the relative URL associated with the given key. This is the - * value of the URL in the page map for the given key. - * - * @return the relative URL associated with the given key, or null if it - * does not exist. - * - * @deprecated To be replaced by package parameters. - * - * @see #getFullURL(String, HttpServletRequest) - **/ - public static String getURL(String key) { - return (String)s_pageMap.get(key); - } - - /** - * Returns the absolute URL associated with the given key. This is the - * root URL for the system (the mount point) prepended to the result of - * getURL(key). - * - * @return the absolute URL associated with the given key, or null - * if it does not exist. - * - * @see #getURL(String) - **/ - public static String getFullURL(String key, HttpServletRequest req) { - String root = getRootURL(req); - String url = getURL(key); - - if (s_log.isDebugEnabled()) { - s_log.debug("Root is " + root + ", url is " + url); + throw new ConfigError( + "Class: " + s_conf.getSecurityHelperClass().getName() + +" is not public or lacks public constructor: " + e.toString() ); } - if ((root == null) || (key == null)) { - return null; - } - return root + url; + // Step 4: + // LoadPageMap / handling of URL's. Not an initializer task. + // Has to be handled anywhere else (e.g. com arsdigita.ui) + + // Step 5: + loadLoginConfig(); + + s_log.debug("kernel security domain init completed"); } - private static String getRootURL(HttpServletRequest req) { - // XXX this isn't safe since you aren't neccessarily - // calling it from the root webapp - so we can't - // blindly prepend the context path from the current - // request. - //return SiteNode.getRootSiteNode().getURL(req); - - return SiteNode.getRootSiteNode().getURL(); - } - private void loadLoginConfig() throws InitializationException { - javax.security.auth.login.Configuration.setConfiguration - (getLoginConfig()); + // ////////////////////////////////////////////////////////// + // + // Helper methods + // + // /////////////////////////////////////////////////////////// + + private void loadLoginConfig() throws ConfigError { + javax.security.auth.login.Configuration + .setConfiguration(getLoginConfig()); checkLoginConfig(); } private javax.security.auth.login.Configuration getLoginConfig() - throws InitializationException { + throws ConfigError { SecurityConfig conf = Kernel.getSecurityConfig(); List loginConfig = Arrays.asList(conf.getLoginConfig()); return new LoginConfig(loginConfig); } - private void checkLoginConfig() throws InitializationException { + private void checkLoginConfig() throws ConfigError { // check the login configurations String[] contexts = new String[] { UserContext.REQUEST_LOGIN_CONTEXT, @@ -345,16 +128,11 @@ public class Initializer try { new LoginContext(contexts[i]); } catch (LoginException e) { - throw new InitializationException - ("Could not instantiate login context '" - +contexts[i]+"'. " - +"Check that it is defined in your login " - +"configuration.", e); + throw new ConfigError + ("Could not instantiate login context '"+contexts[i]+"'. " + +"Check that it is defined in your login configuration."); } } } - public void shutdown() throws InitializationException { - // do nothing - } } diff --git a/ccm-core/src/com/arsdigita/kernel/security/LegacyInitializer.java b/ccm-core/src/com/arsdigita/kernel/security/LegacyInitializer.java new file mode 100755 index 000000000..d45054513 --- /dev/null +++ b/ccm-core/src/com/arsdigita/kernel/security/LegacyInitializer.java @@ -0,0 +1,371 @@ +/* + * Copyright (C) 2001-2004 Red Hat Inc. All Rights Reserved. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License + * as published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ +package com.arsdigita.kernel.security; + +// import com.arsdigita.util.URLRewriter; +import com.arsdigita.kernel.Kernel; +import com.arsdigita.kernel.SiteNode; +import com.arsdigita.initializer.Configuration; +import com.arsdigita.initializer.InitializationException; + +import java.util.Arrays; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +// import javax.security.auth.login.LoginException; +import javax.servlet.http.HttpServletRequest; + +import org.apache.log4j.Logger; + +/** + *

Initializes security properties.

+ * + *

Deprecated feature: Provides access + * to URLs for standard pages.

+ * + * @author Sameer Ajmani + * @since ACS 4.5 + * @version $Id: LegacyInitializer.java 1225 2006-06-19 09:27:21Z apevec $ + **/ +public class LegacyInitializer + implements com.arsdigita.initializer.Initializer { + + private static final Logger s_log = + Logger.getLogger(LegacyInitializer.class); + + /** Obsolete parameter name for session tracking method. **/ + public static String SESSION_TRACKING_PARAM = "sessionTrackingMethod"; + /** Parameter name for security helper class name. **/ + public static String SECURITY_HELPER_PARAM = "securityHelperClass"; + /** Parameter name for excluded URI extensions. **/ + public static String EXCLUDED_EXTENSIONS_PARAM = "excludedExtensions"; + /** Size of secret key in bytes. **/ + public static int SECRET_KEY_BYTES = 16; + + private static SecurityConfig s_conf = Kernel.getSecurityConfig(); + + private Configuration m_conf = new Configuration(); + + public Configuration getConfiguration() { + return m_conf; + } + + public LegacyInitializer() throws InitializationException { + m_conf.initParameter + (SECURITY_HELPER_PARAM, + "The class name of the SecurityHelper implementation", + String.class, + DefaultSecurityHelper.class.getName()); + m_conf.initParameter + (SESSION_TRACKING_PARAM, + "This parameter is obsolete.", + String.class); + m_conf.initParameter + (EXCLUDED_EXTENSIONS_PARAM, + "List of extensions excluded from authentication cookies. " + +"Authentication is checked for all requests, but requests " + +"with one of these extensions will never cause a new cookie " + +"to be set. Include a leading dot for each extension.", + List.class, + Arrays.asList(new String[] { ".jpg", ".gif", ".png", ".pdf" })); + + + } + + public void startup() throws InitializationException { + // Moved to new style kernel.security.Initializer + //URLRewriter.addParameterProvider + // (new SecurityParameterProvider()); + // Moved to security.Util + //loadExcludedExtensions(); + // Moved to new style kernel.security.Initializer + //loadSecurityHelper(); + loadPageMap(); + // Moved to new style kernel.security.Initializer + //loadLoginConfig(); + } + + // Moved to security.Util because providing a configuration detail is + // definitly not part of an initialization procedure! + // Previously it had been used by CredentialLoginModule only, so it may be + // appropriate to move it over there for future versions. +// /** +// * Returns an iterator over the list of excluded extensions. +// * +// * @return an iterator over the list of excluded extensions. +// * +// * @deprecated To be moved into a utility class. +// **/ +// public static Iterator getExcludedExtensions() { +// if (s_exts == null) { +// return java.util.Collections.EMPTY_LIST.iterator(); +// } else { +// return s_exts.iterator(); +// } +// } +// private static List s_exts = null; + +// private void loadExcludedExtensions() { +// // s_exts = (List)m_conf.getParameter(EXCLUDED_EXTENSIONS_PARAM); +// s_exts = (List)s_conf.getExcludedExtensions(); +// Iterator exts = getExcludedExtensions(); +// while (exts.hasNext()) { +// Object o = exts.next(); +// if (!(o instanceof String)) { +// throw new InitializationException +// ("Extension must be a string: "+o); +// } +// } +// } + +// /** +// * Returns the security helper instance. +// * +// * @return the security helper instance. +// * +// * @deprecated Moved into {@link Util} +// **/ +// public static SecurityHelper getSecurityHelper() { +// return Util.getSecurityHelper(); +// } + +// private void loadSecurityHelper() { +// String name = (String)m_conf.getParameter(SECURITY_HELPER_PARAM); +// if (name == null) { +// throw new InitializationException +// (SECURITY_HELPER_PARAM+" not defined"); +// } +// try { +// Class theClass = Class.forName(name); +// if (!SecurityHelper.class.isAssignableFrom(theClass)) { +// throw new InitializationException +// (SECURITY_HELPER_PARAM+": "+name +// +" does not implement interface " +// +SecurityHelper.class.getName()); +// } +// Util.setSecurityHelper(theClass.newInstance()); +// } catch (ClassNotFoundException e) { +// throw new InitializationException +// (SECURITY_HELPER_PARAM+": "+name+" not found: ", e); +// } catch (InstantiationException e) { +// throw new InitializationException +// (SECURITY_HELPER_PARAM+": "+name +// +" is not concrete or lacks no-arg constructor: ", e); +// } catch (IllegalAccessException e) { +// throw new InitializationException +// (SECURITY_HELPER_PARAM+": "+name +// +" is not public or lacks public constructor: ", e); +// } +// } + + /** Key for the root page of the site. **/ + public static String ROOT_PAGE_KEY = + "com.arsdigita.page.kernel.root"; + /** Key for the user edit page. **/ + public static String EDIT_PAGE_KEY = + "com.arsdigita.page.kernel.edit"; + /** Key for the login page. **/ + public static String LOGIN_PAGE_KEY = + "com.arsdigita.page.kernel.login"; + /** Key for the new user page. **/ + public static String NEWUSER_PAGE_KEY = + "com.arsdigita.page.kernel.newuser"; + /** Key for the logout page. **/ + public static String LOGOUT_PAGE_KEY = + "com.arsdigita.page.kernel.logout"; + /** Key for the explain-cookies page. **/ + public static String COOKIES_PAGE_KEY = + "com.arsdigita.page.kernel.cookies"; + /** Key for the login-expired page. **/ + public static String EXPIRED_PAGE_KEY = + "com.arsdigita.page.kernel.expired"; + /** Key for the change-password page. **/ + public static String CHANGE_PAGE_KEY = + "com.arsdigita.page.kernel.change"; + /** Key for the recover-password page. **/ + public static String RECOVER_PAGE_KEY = + "com.arsdigita.page.kernel.recover"; + /** Key for the workspace page. **/ + public static String WORKSPACE_PAGE_KEY = + "com.arsdigita.page.kernel.workspace"; + /** Key for the login redirect url. **/ + public static String LOGIN_REDIRECT_PAGE_KEY = + "com.arsdigita.page.kernel.login.redirect"; + /** Key for the admin-permission page. **/ + public static String PERMISSION_PAGE_KEY = + "com.arsdigita.page.kernel.permission"; + /** Key for the single-permission page. **/ + public static String PERM_SINGLE_PAGE_KEY = + "com.arsdigita.page.kernel.perm-single"; + + private static List s_defaultPageMap = new ArrayList() { + { + put(ROOT_PAGE_KEY, "register/"); + put(EDIT_PAGE_KEY, "register/edit-profile/"); + put(LOGIN_PAGE_KEY, "register/"); + put(NEWUSER_PAGE_KEY, "register/new-user/"); + put(LOGOUT_PAGE_KEY, "register/logout/"); + put(COOKIES_PAGE_KEY, "register/explain-persistent-cookies/"); + put(CHANGE_PAGE_KEY, "register/change-password/"); + put(RECOVER_PAGE_KEY, "register/recover-password/"); + put(EXPIRED_PAGE_KEY, "register/login-expired/"); + put(WORKSPACE_PAGE_KEY, "pvt/"); + put(LOGIN_REDIRECT_PAGE_KEY, "pvt/"); + put(PERMISSION_PAGE_KEY, "permissions/"); + put(PERM_SINGLE_PAGE_KEY, "permissions/one/"); + } + private void put(String key, String value) { + add(Arrays.asList(new Object[] { key, value })); + } + }; + + private static Map s_pageMap = new HashMap(); + + + + private void loadPageMap() throws InitializationException { + // load default page map + loadPageMap(s_defaultPageMap); + // load user page map + + List list = new ArrayList() { + { + SecurityConfig conf = Kernel.getSecurityConfig(); + put(ROOT_PAGE_KEY, conf.getRootPage()); + put(LOGIN_PAGE_KEY, conf.getLoginPage()); + put(NEWUSER_PAGE_KEY, conf.getNewUserPage()); + put(LOGOUT_PAGE_KEY, conf.getLogoutPage()); + put(COOKIES_PAGE_KEY, conf.getCookiesPage()); + put(CHANGE_PAGE_KEY, conf.getChangePage()); + put(RECOVER_PAGE_KEY, conf.getRecoverPage()); + put(EXPIRED_PAGE_KEY, conf.getExpiredPage()); + put(WORKSPACE_PAGE_KEY, conf.getWorkspacePage()); + put(LOGIN_REDIRECT_PAGE_KEY, conf.getLoginRedirectPage()); + put(PERMISSION_PAGE_KEY, conf.getPermissionPage()); + put(PERM_SINGLE_PAGE_KEY, conf.getPermSinglePage()); + } + private void put(String key, String value) { + add(Arrays.asList(new Object[] { key, value })); + } + }; + if (list != null) { + s_log.info("Security Initializer: mapping " + +list.size()+" pages"); + loadPageMap(list); + } + } + + private void loadPageMap(List list) { + Iterator pairs = list.iterator(); + while (pairs.hasNext()) { + List pair = (List)pairs.next(); + String key = (String)pair.get(0); + String url = (String)pair.get(1); + s_pageMap.put(key, url); + } + } + + /** + * Returns the relative URL associated with the given key. This is the + * value of the URL in the page map for the given key. + * + * @return the relative URL associated with the given key, or null if it + * does not exist. + * + * @deprecated To be replaced by package parameters. + * + * @see #getFullURL(String, HttpServletRequest) + **/ + public static String getURL(String key) { + return (String)s_pageMap.get(key); + } + + /** + * Returns the absolute URL associated with the given key. This is the + * root URL for the system (the mount point) prepended to the result of + * getURL(key). + * + * @return the absolute URL associated with the given key, or null + * if it does not exist. + * + * @see #getURL(String) + **/ + public static String getFullURL(String key, HttpServletRequest req) { + String root = getRootURL(req); + String url = getURL(key); + + if (s_log.isDebugEnabled()) { + s_log.debug("Root is " + root + ", url is " + url); + } + + if ((root == null) || (key == null)) { + return null; + } + return root + url; + } + + private static String getRootURL(HttpServletRequest req) { + // XXX this isn't safe since you aren't neccessarily + // calling it from the root webapp - so we can't + // blindly prepend the context path from the current + // request. + //return SiteNode.getRootSiteNode().getURL(req); + + return SiteNode.getRootSiteNode().getURL(); + } + +// private void loadLoginConfig() throws InitializationException { +// javax.security.auth.login.Configuration.setConfiguration +// (getLoginConfig()); +// +// checkLoginConfig(); +// } +// +// private javax.security.auth.login.Configuration getLoginConfig() +// throws InitializationException { +// SecurityConfig conf = Kernel.getSecurityConfig(); +// List loginConfig = Arrays.asList(conf.getLoginConfig()); +// return new LoginConfig(loginConfig); +// } + +// private void checkLoginConfig() throws InitializationException { +// // check the login configurations +// String[] contexts = new String[] { +// UserContext.REQUEST_LOGIN_CONTEXT, +// UserContext.REGISTER_LOGIN_CONTEXT +// }; +// for (int i = 0; i < contexts.length; i++) { +// try { +// new LoginContext(contexts[i]); +// } catch (LoginException e) { +// throw new InitializationException +// ("Could not instantiate login context '" +// +contexts[i]+"'. " +// +"Check that it is defined in your login " +// +"configuration.", e); +// } +// } +// } + + public void shutdown() throws InitializationException { + // do nothing + } +} diff --git a/ccm-core/src/com/arsdigita/kernel/security/LoginConfig.java b/ccm-core/src/com/arsdigita/kernel/security/LoginConfig.java index 74329828a..59088cb51 100755 --- a/ccm-core/src/com/arsdigita/kernel/security/LoginConfig.java +++ b/ccm-core/src/com/arsdigita/kernel/security/LoginConfig.java @@ -36,10 +36,10 @@ import org.apache.log4j.Logger; * * @author Sameer Ajmani * @since ACS 4.5 + * @version $Id: LoginConfig.java 287 2005-02-22 00:29:02Z sskracic $ **/ public class LoginConfig extends Configuration { - public static final String versionId = "$Id: LoginConfig.java 287 2005-02-22 00:29:02Z sskracic $ by $Author: sskracic $, $DateTime: 2004/08/16 18:10:38 $"; /** Maps application names to AppConfigurationEntry[]. **/ private Map m_appConfigs = new HashMap(); diff --git a/ccm-core/src/com/arsdigita/kernel/security/SecurityConfig.java b/ccm-core/src/com/arsdigita/kernel/security/SecurityConfig.java index 1640736d9..745b65e7f 100755 --- a/ccm-core/src/com/arsdigita/kernel/security/SecurityConfig.java +++ b/ccm-core/src/com/arsdigita/kernel/security/SecurityConfig.java @@ -24,35 +24,73 @@ import com.arsdigita.runtime.AbstractConfig; import com.arsdigita.util.parameter.BooleanParameter; import com.arsdigita.util.parameter.IntegerParameter; import com.arsdigita.util.parameter.Parameter; +import com.arsdigita.util.parameter.SpecificClassParameter; import com.arsdigita.util.parameter.StringArrayParameter; import com.arsdigita.util.parameter.StringParameter; +import java.util.Arrays; +import java.util.List; + +import org.apache.log4j.Logger; + /** - * SecurityConfig + * A record containing server-session scoped security configuration properties. + * + * Accessors of this class may return null. Developers should take care + * to trap null return values in their code. + * * * @author Rafael H. Schloming <rhs@mit.edu> * @version $Revision: #8 $ $Date: 2004/08/16 $ * @version $Id: SecurityConfig.java 1471 2007-03-12 11:27:55Z chrisgilbert23 $ - **/ + */ public class SecurityConfig extends AbstractConfig { + private static final Logger s_log = Logger.getLogger(SecurityConfig.class); + + private static SecurityConfig s_config = null; + private static String s_systemAdministratorEmailAddress = null; + /** The class name of the SecurityHelper implementation. Must implement + SecurityHelper interface */ + private final Parameter m_securityHelperClass = new SpecificClassParameter + ("waf.security_helper_class", Parameter.REQUIRED, + com.arsdigita.kernel.security.DefaultSecurityHelper.class, + com.arsdigita.kernel.security.SecurityHelper.class); + /** This parameter is obsolete. */ + private final Parameter m_sessionTrackingMethod = new StringParameter + ("waf.session_tracking_method", Parameter.REQUIRED, "cookie"); + /** List of extensions excluded from authentication cookies. + * Authentication is checked for all requests, but requests with one of + * these extensions will never cause a new cookie to be set. + * Include a leading dot for each extension. */ + private final Parameter m_excludedExtensions = new StringArrayParameter + ("waf.excluded_extensions", Parameter.REQUIRED, + new String[] { ".jpg", ".gif", ".png", ".pdf" } ); + /** Key for the root page of the site. */ private final Parameter m_rootPage = new StringParameter ("waf.pagemap.root", Parameter.REQUIRED, "register/"); + /** Key for the login page. */ private final Parameter m_loginPage = new StringParameter ("waf.pagemap.login", Parameter.REQUIRED, "register/"); + /** Key for the new user page. */ private final Parameter m_newUserPage = new StringParameter ("waf.pagemap.newuser", Parameter.REQUIRED, "register/new-user"); + /** Key for the logout page. */ private final Parameter m_logoutPage = new StringParameter ("waf.pagemap.logout", Parameter.REQUIRED, "register/logout"); + /** Key for the explain-cookies page. */ private final Parameter m_cookiesPage = new StringParameter ("waf.pagemap.cookies", Parameter.REQUIRED, "register/explain-persistent-cookies"); + /** Key for the change-password page. **/ private final Parameter m_changePage = new StringParameter ("waf.pagemap.change", Parameter.REQUIRED, "register/change-password"); + /** Key for the recover-password page. **/ private final Parameter m_recoverPage = new StringParameter ("waf.pagemap.recover", Parameter.REQUIRED, "register/recover-password"); + /** Key for the login-expired page. */ private final Parameter m_expiredPage = new StringParameter ("waf.pagemap.expired", Parameter.REQUIRED, "register/login-expired"); private final Parameter m_workspacePage = new StringParameter @@ -67,6 +105,7 @@ public class SecurityConfig extends AbstractConfig { ("waf.pagemap.cookies_duration_minutes", Parameter.OPTIONAL, null); private final Parameter m_cookieDomain = new StringParameter ("waf.cookie_domain", Parameter.OPTIONAL, null); + private final Parameter m_loginConfig = new StringArrayParameter ("waf.login_config", Parameter.REQUIRED, new String[] { "Request:com.arsdigita.kernel.security.AdminLoginModule:sufficient", @@ -79,6 +118,7 @@ public class SecurityConfig extends AbstractConfig { "RegisterSSO:com.arsdigita.kernel.security.CookieLoginModule:optional" } ); + private final Parameter m_adminEmail = new StringParameter ("waf.admin.contact_email", Parameter.OPTIONAL, null); private final Parameter m_autoRegistrationOn = new BooleanParameter @@ -90,6 +130,10 @@ public class SecurityConfig extends AbstractConfig { * Constructs an empty SecurityConfig object */ public SecurityConfig() { + register(m_securityHelperClass); + register(m_sessionTrackingMethod); + register(m_excludedExtensions); + register(m_rootPage); register(m_loginPage); register(m_newUserPage); @@ -104,6 +148,7 @@ public class SecurityConfig extends AbstractConfig { register(m_permSinglePage); register(m_cookieDomain); register(m_loginConfig); + register(m_cookieDurationMinutes); register(m_adminEmail); register(m_autoRegistrationOn); @@ -112,6 +157,49 @@ public class SecurityConfig extends AbstractConfig { loadInfo(); } + /** + * Returns the singleton configuration record for the runtime + * environment. + * + * @return The RuntimeConfig record; it cannot be null + */ + public static final synchronized SecurityConfig getConfig() { + if (s_config == null) { + s_config = new SecurityConfig(); + // deprecated + // s_config.require("ccm-core/runtime.properties"); + // use instead: + // read values from the persistent storage + s_config.load(); + } + + return s_config; + } + + /** + * + * @return + */ + public final Class getSecurityHelperClass() { + return (Class) get(m_securityHelperClass); + } + + /** + * Obsolete! + * @return + */ + public final String getSessionTrackingMethod() { + return (String) get(m_sessionTrackingMethod); + } + + /** + * + * @return + */ + public final List getExcludedExtensions() { + return Arrays.asList( (String[]) get(m_excludedExtensions)); + } + String getRootPage() { return (String) get(m_rootPage); } diff --git a/ccm-core/src/com/arsdigita/kernel/security/SecurityHelper.java b/ccm-core/src/com/arsdigita/kernel/security/SecurityHelper.java index 5db6fcb4d..54acbcb8d 100755 --- a/ccm-core/src/com/arsdigita/kernel/security/SecurityHelper.java +++ b/ccm-core/src/com/arsdigita/kernel/security/SecurityHelper.java @@ -25,10 +25,10 @@ import javax.servlet.http.HttpServletRequest; * determining security properties for a request. * * @author Sameer Ajmani - **/ + * @version $Id: SecurityHelper.java 287 2005-02-22 00:29:02Z sskracic $ + */ public interface SecurityHelper { - public static final String versionId = "$Id: SecurityHelper.java 287 2005-02-22 00:29:02Z sskracic $ by $Author: sskracic $, $DateTime: 2004/08/16 18:10:38 $"; /** * Determines whether the given request is secure. Implementation may * simply return req.isSecure(), but certain deployments diff --git a/ccm-core/src/com/arsdigita/kernel/security/SecurityLogger.java b/ccm-core/src/com/arsdigita/kernel/security/SecurityLogger.java index 9a860bc7e..9e4ad8ae0 100755 --- a/ccm-core/src/com/arsdigita/kernel/security/SecurityLogger.java +++ b/ccm-core/src/com/arsdigita/kernel/security/SecurityLogger.java @@ -34,7 +34,6 @@ import org.apache.log4j.Priority; **/ public class SecurityLogger { - public static final String versionId = ""; private static final Logger s_log = Logger.getLogger("SECURITY"); private SecurityLogger() {} diff --git a/ccm-core/src/com/arsdigita/kernel/security/SecurityParameterProvider.java b/ccm-core/src/com/arsdigita/kernel/security/SecurityParameterProvider.java index cc3bac1cb..25c6711e3 100755 --- a/ccm-core/src/com/arsdigita/kernel/security/SecurityParameterProvider.java +++ b/ccm-core/src/com/arsdigita/kernel/security/SecurityParameterProvider.java @@ -31,10 +31,10 @@ import org.apache.log4j.Logger; * Determines the URL parameters needed for user tracking. * * @author Sameer Ajmani - **/ + * @version $Id: SecurityParameterProvider.java 287 2005-02-22 00:29:02Z sskracic $ + */ public class SecurityParameterProvider implements ParameterProvider { - public static final String versionId = "$Id: SecurityParameterProvider.java 287 2005-02-22 00:29:02Z sskracic $ by $Author: sskracic $, $DateTime: 2004/08/16 18:10:38 $"; private static final Logger s_log = Logger.getLogger(SecurityParameterProvider.class.getName()); diff --git a/ccm-core/src/com/arsdigita/kernel/security/SessionContext.java b/ccm-core/src/com/arsdigita/kernel/security/SessionContext.java index 81840163e..b089b1ca0 100755 --- a/ccm-core/src/com/arsdigita/kernel/security/SessionContext.java +++ b/ccm-core/src/com/arsdigita/kernel/security/SessionContext.java @@ -35,11 +35,10 @@ import javax.security.auth.login.LoginException; * KernelRequestContext has a getSessionContext method and is "Stable". * * @author Rob Mayoff - **/ + * @version $Id: SessionContext.java 287 2005-02-22 00:29:02Z sskracic $ + */ public class SessionContext { - public static final String versionId = "$Id: SessionContext.java 287 2005-02-22 00:29:02Z sskracic $ by $Author: sskracic $, $DateTime: 2004/08/16 18:10:38 $"; - private static final Logger s_log = Logger.getLogger(SessionContext.class.getName()); diff --git a/ccm-core/src/com/arsdigita/kernel/security/Store.java b/ccm-core/src/com/arsdigita/kernel/security/Store.java index 8ea8f9312..bc2d5f28f 100755 --- a/ccm-core/src/com/arsdigita/kernel/security/Store.java +++ b/ccm-core/src/com/arsdigita/kernel/security/Store.java @@ -54,7 +54,7 @@ final class Store implements KeyStorage { Store() {} static byte[] newKey() { - byte[] key = new byte[Initializer.SECRET_KEY_BYTES]; + byte[] key = new byte[LegacyInitializer.SECRET_KEY_BYTES]; new SecureRandom().nextBytes(key); return key; } @@ -107,9 +107,9 @@ final class Store implements KeyStorage { throw new IllegalStateException ("the store is null"); } - if ( m_secret.length != Initializer.SECRET_KEY_BYTES ) { + if ( m_secret.length != LegacyInitializer.SECRET_KEY_BYTES ) { throw new IllegalArgumentException - ("wrong length. expected=" + Initializer.SECRET_KEY_BYTES + + ("wrong length. expected=" + LegacyInitializer.SECRET_KEY_BYTES + ", but got " + m_secret.length); } return m_secret; diff --git a/ccm-core/src/com/arsdigita/kernel/security/URLLoginModule.java b/ccm-core/src/com/arsdigita/kernel/security/URLLoginModule.java index 1038a6329..2f49327c4 100755 --- a/ccm-core/src/com/arsdigita/kernel/security/URLLoginModule.java +++ b/ccm-core/src/com/arsdigita/kernel/security/URLLoginModule.java @@ -27,10 +27,10 @@ import org.apache.log4j.Logger; * Logs in a user if the user has a valid authentication URL parameter. * * @author Sameer Ajmani - **/ + * @version $Id: URLLoginModule.java 287 2005-02-22 00:29:02Z sskracic $ + */ public class URLLoginModule extends UserLoginModule { - public static final String versionId = "$Id: URLLoginModule.java 287 2005-02-22 00:29:02Z sskracic $ by $Author: sskracic $, $DateTime: 2004/08/16 18:10:38 $"; private static final Logger s_log = Logger.getLogger(URLLoginModule.class.getName()); diff --git a/ccm-core/src/com/arsdigita/kernel/security/URLManager.java b/ccm-core/src/com/arsdigita/kernel/security/URLManager.java index bbc49e31b..40e079381 100755 --- a/ccm-core/src/com/arsdigita/kernel/security/URLManager.java +++ b/ccm-core/src/com/arsdigita/kernel/security/URLManager.java @@ -34,10 +34,10 @@ import org.apache.log4j.Logger; * @see URLLoginModule * * @author Sameer Ajmani - **/ + * @version $Id: URLManager.java 287 2005-02-22 00:29:02Z sskracic $ + */ public class URLManager extends CredentialManager { - public static final String versionId = "$Id: URLManager.java 287 2005-02-22 00:29:02Z sskracic $ by $Author: sskracic $, $DateTime: 2004/08/16 18:10:38 $"; private static final Logger s_log = Logger.getLogger(URLManager.class.getName()); diff --git a/ccm-core/src/com/arsdigita/kernel/security/UserContext.java b/ccm-core/src/com/arsdigita/kernel/security/UserContext.java index 2b1cf7b59..1ac62c910 100755 --- a/ccm-core/src/com/arsdigita/kernel/security/UserContext.java +++ b/ccm-core/src/com/arsdigita/kernel/security/UserContext.java @@ -61,12 +61,9 @@ import org.apache.log4j.Logger; * accessing the user ID. * * @author Sameer Ajmani + * @version $Id: UserContext.java 1498 2007-03-19 16:22:15Z apevec $ */ public class UserContext { - public static final String versionId = - "$Id: UserContext.java 1498 2007-03-19 16:22:15Z apevec $" + - "$Author: apevec $" + - "$DateTime: 2004/08/16 18:10:38 $"; private static final Logger s_log = Logger.getLogger(UserContext.class); @@ -360,7 +357,8 @@ public class UserContext { // Check that the user making this request is not banned. If they // are we logout the context and throw an exception. - if(Kernel.getSecurityConfig().isUserBanOn() && User.retrieve(m_userID).isBanned()) { + if(Kernel.getSecurityConfig().isUserBanOn() + && User.retrieve(m_userID).isBanned()) { context.logout(); throw new LoginException("This user is banned"); } @@ -414,7 +412,8 @@ public class UserContext { return; } String encoded = auth.substring(6).trim(); // remove "Basic " - byte[] decoded = new Base64().decode(encoded.getBytes(Crypto.CHARACTER_ENCODING)); + byte[] decoded = new Base64().decode( + encoded.getBytes(Crypto.CHARACTER_ENCODING)); String userpass = new String(decoded, Crypto.CHARACTER_ENCODING); int colon = userpass.indexOf(':'); if (colon < 0) { @@ -541,7 +540,8 @@ public class UserContext { // We now check if the user is banned and, if so, we don't allow // the user to login. if(Kernel.getSecurityConfig().isUserBanOn() - && UserAuthentication.retrieveForLoginName(username).getUser().isBanned()) { + && UserAuthentication.retrieveForLoginName(username).getUser() + .isBanned()) { throw new LoginException("This user is currently banned"); } diff --git a/ccm-core/src/com/arsdigita/kernel/security/UserIDLoginModule.java b/ccm-core/src/com/arsdigita/kernel/security/UserIDLoginModule.java index c7bba6691..bebf3d7e4 100755 --- a/ccm-core/src/com/arsdigita/kernel/security/UserIDLoginModule.java +++ b/ccm-core/src/com/arsdigita/kernel/security/UserIDLoginModule.java @@ -32,10 +32,10 @@ import org.apache.log4j.Logger; * com.arsdigita.kernel.UserAuthentication. * * @author Sameer Ajmani - **/ + * @version $Id: UserIDLoginModule.java 287 2005-02-22 00:29:02Z sskracic $ + */ public class UserIDLoginModule extends MappingLoginModule { - public static final String versionId = "$Id: UserIDLoginModule.java 287 2005-02-22 00:29:02Z sskracic $ by $Author: sskracic $, $DateTime: 2004/08/16 18:10:38 $"; private static final Logger s_log = Logger.getLogger(UserIDLoginModule.class.getName()); diff --git a/ccm-core/src/com/arsdigita/kernel/security/UserLoginModule.java b/ccm-core/src/com/arsdigita/kernel/security/UserLoginModule.java index cade0d460..6f03b31a9 100755 --- a/ccm-core/src/com/arsdigita/kernel/security/UserLoginModule.java +++ b/ccm-core/src/com/arsdigita/kernel/security/UserLoginModule.java @@ -31,10 +31,10 @@ import com.arsdigita.kernel.Kernel; * current HTTP request. * * @author Sameer Ajmani - **/ + * @version $Id: UserLoginModule.java 1477 2007-03-14 10:27:16Z chrisgilbert23 $ + */ public abstract class UserLoginModule extends CredentialLoginModule { - public static final String versionId = "$Id: UserLoginModule.java 1477 2007-03-14 10:27:16Z chrisgilbert23 $ by $Author: chrisgilbert23 $, $DateTime: 2004/08/16 18:10:38 $"; private static final Logger s_log = Logger.getLogger(UserLoginModule.class.getName()); diff --git a/ccm-core/src/com/arsdigita/kernel/security/Util.java b/ccm-core/src/com/arsdigita/kernel/security/Util.java index 5b3559940..cd5ae94ba 100755 --- a/ccm-core/src/com/arsdigita/kernel/security/Util.java +++ b/ccm-core/src/com/arsdigita/kernel/security/Util.java @@ -20,6 +20,8 @@ package com.arsdigita.kernel.security; import com.arsdigita.util.Classes; import java.io.IOException; +import java.util.Iterator; +import java.util.List; import javax.security.auth.callback.Callback; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.callback.UnsupportedCallbackException; @@ -29,12 +31,18 @@ import javax.servlet.http.HttpServletRequest; /** * Utility package of static security methods * - * @author Christian - * Brechbühler + * @author Christian Brechbühler */ public class Util { + + private static SecurityConfig s_conf = SecurityConfig.getConfig(); + private static SecurityHelper s_helper = null; + /** list of excluded extensions */ + private static List s_exclExts = null; + // private static List s_exclExts = s_conf.getExcludedExtensions(); + /** This class needs not to be instantiated. */ private Util() {} @@ -79,4 +87,26 @@ public class Util { throw new KernelLoginException("Error getting HTTP request", e); } } + + + /** + * Returns an iterator over the list of excluded extensions. + * + * @return an iterator over the list of excluded extensions. + */ + // TODO: Currently method is used by CredentialLoginModule only. If no other + // class will use it, it is trivial and should directly be moved over there. + public static Iterator getExcludedExtensions() { + + // Alternativly we may introduce a setExkludedExtensions method as with + // setSecurityHelper and avoid a reference to config object here at all. + // Nevertheless, we shoul use it consistantly! + if (s_exclExts == null) { + s_exclExts = s_conf.getExcludedExtensions(); + // return java.util.Collections.EMPTY_LIST.iterator(); + } + return s_exclExts.iterator(); + + } + } diff --git a/ccm-core/src/com/arsdigita/mimetypes/LegacyMimeTypeInitializer.java b/ccm-core/src/com/arsdigita/mimetypes/LegacyMimeTypeInitializer.java.nolongerInUse similarity index 100% rename from ccm-core/src/com/arsdigita/mimetypes/LegacyMimeTypeInitializer.java rename to ccm-core/src/com/arsdigita/mimetypes/LegacyMimeTypeInitializer.java.nolongerInUse diff --git a/ccm-core/src/com/arsdigita/populate/PopulateUsers.java b/ccm-core/src/com/arsdigita/populate/PopulateUsers.java.nolongerInUse similarity index 91% rename from ccm-core/src/com/arsdigita/populate/PopulateUsers.java rename to ccm-core/src/com/arsdigita/populate/PopulateUsers.java.nolongerInUse index de3f3b6c2..0af007cab 100755 --- a/ccm-core/src/com/arsdigita/populate/PopulateUsers.java +++ b/ccm-core/src/com/arsdigita/populate/PopulateUsers.java.nolongerInUse @@ -27,6 +27,18 @@ import com.arsdigita.persistence.Session; import com.arsdigita.persistence.SessionManager; import com.arsdigita.persistence.TransactionContext; + +// /////////////////////////////////////////////////////////////////////////// +// +// NOT USED anywhere in the source tree. +// No documentation available. +// Retained temporarily until refactoring of test cases is completed. +// +// (pboy 2011.01.30) +// +// /////////////////////////////////////////////////////////////////////////// + + /** * @author bche */ diff --git a/ccm-core/src/com/arsdigita/populate/Utilities.java b/ccm-core/src/com/arsdigita/populate/Utilities.java.nolongerInUse similarity index 93% rename from ccm-core/src/com/arsdigita/populate/Utilities.java rename to ccm-core/src/com/arsdigita/populate/Utilities.java.nolongerInUse index caadbcab0..8bee88571 100755 --- a/ccm-core/src/com/arsdigita/populate/Utilities.java +++ b/ccm-core/src/com/arsdigita/populate/Utilities.java.nolongerInUse @@ -29,6 +29,18 @@ import com.arsdigita.kernel.UserCollection; import com.arsdigita.util.Assert; import com.arsdigita.util.ResourceManager; + +// /////////////////////////////////////////////////////////////////////////// +// +// NOT USED anywhere in the source tree. +// No documentation available. +// Retained temporarily until refactoring of test cases is completed. +// +// (pboy 2011.01.30) +// +// /////////////////////////////////////////////////////////////////////////// + + /** * @author bche */ diff --git a/ccm-core/src/com/arsdigita/populate/apps/AbstractPopulateApp.java b/ccm-core/src/com/arsdigita/populate/apps.nolongerInUse/AbstractPopulateApp.java.nolongerInUse similarity index 93% rename from ccm-core/src/com/arsdigita/populate/apps/AbstractPopulateApp.java rename to ccm-core/src/com/arsdigita/populate/apps.nolongerInUse/AbstractPopulateApp.java.nolongerInUse index c724afc6a..20dfa58b9 100755 --- a/ccm-core/src/com/arsdigita/populate/apps/AbstractPopulateApp.java +++ b/ccm-core/src/com/arsdigita/populate/apps.nolongerInUse/AbstractPopulateApp.java.nolongerInUse @@ -25,6 +25,18 @@ import com.arsdigita.portal.apportlet.AppPortlet; import com.arsdigita.web.Application; import com.arsdigita.web.ApplicationType; + +// /////////////////////////////////////////////////////////////////////////// +// +// NOT USED anywhere in the source tree. +// No documentation available. +// Retained temporarily until refactoring of test cases is completed. +// +// (pboy 2011.01.30) +// +// /////////////////////////////////////////////////////////////////////////// + + /** * @author bche */ diff --git a/ccm-core/src/com/arsdigita/populate/apps/Initializer.java b/ccm-core/src/com/arsdigita/populate/apps.nolongerInUse/Initializer.java.nolongerInUse similarity index 90% rename from ccm-core/src/com/arsdigita/populate/apps/Initializer.java rename to ccm-core/src/com/arsdigita/populate/apps.nolongerInUse/Initializer.java.nolongerInUse index cdd9904d2..d61e18d72 100755 --- a/ccm-core/src/com/arsdigita/populate/apps/Initializer.java +++ b/ccm-core/src/com/arsdigita/populate/apps.nolongerInUse/Initializer.java.nolongerInUse @@ -27,6 +27,19 @@ import com.arsdigita.initializer.InitializationException; import com.arsdigita.kernel.BaseInitializer; import com.arsdigita.util.Assert; + +// /////////////////////////////////////////////////////////////////////////// +// +// NOT USED anywhere in the source tree. +// No documentation available. +// Retained temporarily until refactoring of test cases is completed. +// +// Class is commented out in enterprise.ini for several years. +// (pboy 2011.01.30) +// +// /////////////////////////////////////////////////////////////////////////// + + /** * @author bche */ diff --git a/ccm-core/src/com/arsdigita/populate/apps/PopulateApp.java b/ccm-core/src/com/arsdigita/populate/apps.nolongerInUse/PopulateApp.java.nolongerInUse similarity index 89% rename from ccm-core/src/com/arsdigita/populate/apps/PopulateApp.java rename to ccm-core/src/com/arsdigita/populate/apps.nolongerInUse/PopulateApp.java.nolongerInUse index 935f8f7fe..3e42943f4 100755 --- a/ccm-core/src/com/arsdigita/populate/apps/PopulateApp.java +++ b/ccm-core/src/com/arsdigita/populate/apps.nolongerInUse/PopulateApp.java.nolongerInUse @@ -22,6 +22,18 @@ import com.arsdigita.portal.apportlet.AppPortlet; import com.arsdigita.web.Application; import com.arsdigita.web.ApplicationType; + +// /////////////////////////////////////////////////////////////////////////// +// +// NOT USED anywhere in the source tree. +// No documentation available. +// Retained temporarily until refactoring of test cases is completed. +// +// (pboy 2011.01.30) +// +// /////////////////////////////////////////////////////////////////////////// + + /** * @author bche */ diff --git a/ccm-core/src/com/arsdigita/populate/apps/PopulateAppPair.java b/ccm-core/src/com/arsdigita/populate/apps.nolongerInUse/PopulateAppPair.java.nolongerInUse similarity index 81% rename from ccm-core/src/com/arsdigita/populate/apps/PopulateAppPair.java rename to ccm-core/src/com/arsdigita/populate/apps.nolongerInUse/PopulateAppPair.java.nolongerInUse index 5a7be8512..53a81b8d6 100755 --- a/ccm-core/src/com/arsdigita/populate/apps/PopulateAppPair.java +++ b/ccm-core/src/com/arsdigita/populate/apps.nolongerInUse/PopulateAppPair.java.nolongerInUse @@ -22,6 +22,18 @@ import java.util.List; import com.arsdigita.util.Assert; + +// /////////////////////////////////////////////////////////////////////////// +// +// NOT USED anywhere in the source tree. +// No documentation available. +// Retained temporarily until refactoring of test cases is completed. +// +// (pboy 2011.01.30) +// +// /////////////////////////////////////////////////////////////////////////// + + /** * @author bche */ diff --git a/ccm-core/src/com/arsdigita/populate/apps/PopulateAppPairCollection.java b/ccm-core/src/com/arsdigita/populate/apps.nolongerInUse/PopulateAppPairCollection.java.nolongerInUse similarity index 80% rename from ccm-core/src/com/arsdigita/populate/apps/PopulateAppPairCollection.java rename to ccm-core/src/com/arsdigita/populate/apps.nolongerInUse/PopulateAppPairCollection.java.nolongerInUse index 5536b8b74..7c212308e 100755 --- a/ccm-core/src/com/arsdigita/populate/apps/PopulateAppPairCollection.java +++ b/ccm-core/src/com/arsdigita/populate/apps.nolongerInUse/PopulateAppPairCollection.java.nolongerInUse @@ -20,6 +20,18 @@ package com.arsdigita.populate.apps; import java.util.ArrayList; + +// /////////////////////////////////////////////////////////////////////////// +// +// NOT USED anywhere in the source tree. +// No documentation available. +// Retained temporarily until refactoring of test cases is completed. +// +// (pboy 2011.01.30) +// +// /////////////////////////////////////////////////////////////////////////// + + /** * @author bche */ diff --git a/ccm-core/src/com/arsdigita/populate/apps/PopulateApps.java b/ccm-core/src/com/arsdigita/populate/apps.nolongerInUse/PopulateApps.java.nolongerInUse similarity index 94% rename from ccm-core/src/com/arsdigita/populate/apps/PopulateApps.java rename to ccm-core/src/com/arsdigita/populate/apps.nolongerInUse/PopulateApps.java.nolongerInUse index 71a13d61b..800976e36 100755 --- a/ccm-core/src/com/arsdigita/populate/apps/PopulateApps.java +++ b/ccm-core/src/com/arsdigita/populate/apps.nolongerInUse/PopulateApps.java.nolongerInUse @@ -30,6 +30,18 @@ import com.arsdigita.populate.Utilities; import com.arsdigita.portal.Portal; import com.arsdigita.web.Application; + +// /////////////////////////////////////////////////////////////////////////// +// +// NOT USED anywhere in the source tree. +// No documentation available. +// Retained temporarily until refactoring of test cases is completed. +// +// (pboy 2011.01.30) +// +// /////////////////////////////////////////////////////////////////////////// + + /** * @author bche */ diff --git a/ccm-core/src/com/arsdigita/populate/portlets/AbstractPopulatePortlet.java b/ccm-core/src/com/arsdigita/populate/portlets.nolongerInUse/AbstractPopulatePortlet.java.nolongerInUse similarity index 88% rename from ccm-core/src/com/arsdigita/populate/portlets/AbstractPopulatePortlet.java rename to ccm-core/src/com/arsdigita/populate/portlets.nolongerInUse/AbstractPopulatePortlet.java.nolongerInUse index 632641156..7342bb0ac 100755 --- a/ccm-core/src/com/arsdigita/populate/portlets/AbstractPopulatePortlet.java +++ b/ccm-core/src/com/arsdigita/populate/portlets.nolongerInUse/AbstractPopulatePortlet.java.nolongerInUse @@ -28,6 +28,17 @@ import com.arsdigita.portal.Portal; import com.arsdigita.portal.Portlet; import com.arsdigita.portal.PortletType; +// /////////////////////////////////////////////////////////////////////////// +// +// NOT USED anywhere in the source tree. +// No documentation available. +// Retained temporarily until refactoring of test cases is completed. +// +// (pboy 2011.01.30) +// +// /////////////////////////////////////////////////////////////////////////// + + /** * @author bche */ diff --git a/ccm-core/src/com/arsdigita/populate/portlets/PopulatePortlet.java b/ccm-core/src/com/arsdigita/populate/portlets.nolongerInUse/PopulatePortlet.java.nolongerInUse similarity index 78% rename from ccm-core/src/com/arsdigita/populate/portlets/PopulatePortlet.java rename to ccm-core/src/com/arsdigita/populate/portlets.nolongerInUse/PopulatePortlet.java.nolongerInUse index 0086cb994..f934913ff 100755 --- a/ccm-core/src/com/arsdigita/populate/portlets/PopulatePortlet.java +++ b/ccm-core/src/com/arsdigita/populate/portlets.nolongerInUse/PopulatePortlet.java.nolongerInUse @@ -22,6 +22,18 @@ import com.arsdigita.portal.Portal; import com.arsdigita.portal.Portlet; import com.arsdigita.portal.PortletType; + +// /////////////////////////////////////////////////////////////////////////// +// +// NOT USED anywhere in the source tree. +// No documentation available. +// Retained temporarily until refactoring of test cases is completed. +// +// (pboy 2011.01.30) +// +// /////////////////////////////////////////////////////////////////////////// + + /** * @author bche */ diff --git a/ccm-core/src/com/arsdigita/populate/portlets/PopulatePortletCollection.java b/ccm-core/src/com/arsdigita/populate/portlets.nolongerInUse/PopulatePortletCollection.java.nolongerInUse similarity index 80% rename from ccm-core/src/com/arsdigita/populate/portlets/PopulatePortletCollection.java rename to ccm-core/src/com/arsdigita/populate/portlets.nolongerInUse/PopulatePortletCollection.java.nolongerInUse index 7d913bc8f..58925fa20 100755 --- a/ccm-core/src/com/arsdigita/populate/portlets/PopulatePortletCollection.java +++ b/ccm-core/src/com/arsdigita/populate/portlets.nolongerInUse/PopulatePortletCollection.java.nolongerInUse @@ -20,6 +20,18 @@ package com.arsdigita.populate.portlets; import java.util.ArrayList; + +// /////////////////////////////////////////////////////////////////////////// +// +// NOT USED anywhere in the source tree. +// No documentation available. +// Retained temporarily until refactoring of test cases is completed. +// +// (pboy 2011.01.30) +// +// /////////////////////////////////////////////////////////////////////////// + + /** * @author bche */ diff --git a/ccm-core/src/com/arsdigita/populate/portlets/PopulatePortlets.java b/ccm-core/src/com/arsdigita/populate/portlets.nolongerInUse/PopulatePortlets.java.nolongerInUse similarity index 90% rename from ccm-core/src/com/arsdigita/populate/portlets/PopulatePortlets.java rename to ccm-core/src/com/arsdigita/populate/portlets.nolongerInUse/PopulatePortlets.java.nolongerInUse index 2b59c0641..9bf5abf1e 100755 --- a/ccm-core/src/com/arsdigita/populate/portlets/PopulatePortlets.java +++ b/ccm-core/src/com/arsdigita/populate/portlets.nolongerInUse/PopulatePortlets.java.nolongerInUse @@ -26,6 +26,18 @@ import org.apache.log4j.Logger; import com.arsdigita.portal.Portal; import com.arsdigita.portal.Portlet; + +// /////////////////////////////////////////////////////////////////////////// +// +// NOT USED anywhere in the source tree. +// No documentation available. +// Retained temporarily until refactoring of test cases is completed. +// +// (pboy 2011.01.30) +// +// /////////////////////////////////////////////////////////////////////////// + + /** * @author bche */ diff --git a/ccm-core/src/com/arsdigita/ui/UserBanner.java b/ccm-core/src/com/arsdigita/ui/UserBanner.java index cd1bc37dd..e8c408391 100755 --- a/ccm-core/src/com/arsdigita/ui/UserBanner.java +++ b/ccm-core/src/com/arsdigita/ui/UserBanner.java @@ -23,7 +23,7 @@ import com.arsdigita.bebop.SimpleComponent; import com.arsdigita.kernel.Kernel; import com.arsdigita.kernel.Party; import com.arsdigita.kernel.User; -import com.arsdigita.kernel.security.Initializer; +import com.arsdigita.kernel.security.LegacyInitializer; import com.arsdigita.web.URL; import com.arsdigita.xml.Element; import com.arsdigita.ui.util.GlobalizationUtil; @@ -103,25 +103,25 @@ public class UserBanner extends SimpleComponent { content.addAttribute( "workspaceURL", URL.there(state.getRequest(), - Initializer.getFullURL(Initializer.WORKSPACE_PAGE_KEY, + LegacyInitializer.getFullURL(LegacyInitializer.WORKSPACE_PAGE_KEY, state.getRequest())).toString()); content.addAttribute( "loginURL", URL.there(state.getRequest(), - Initializer.getFullURL(Initializer.LOGIN_PAGE_KEY, + LegacyInitializer.getFullURL(LegacyInitializer.LOGIN_PAGE_KEY, state.getRequest())).toString()); content.addAttribute( "loginExcursionURL", URL.excursion(state.getRequest(), - Initializer.getFullURL(Initializer.LOGIN_PAGE_KEY, + LegacyInitializer.getFullURL(LegacyInitializer.LOGIN_PAGE_KEY, state.getRequest())).toString()); content.addAttribute( "logoutURL", URL.there(state.getRequest(), - Initializer.getFullURL(Initializer.LOGOUT_PAGE_KEY, + LegacyInitializer.getFullURL(LegacyInitializer.LOGOUT_PAGE_KEY, state.getRequest())).toString()); } diff --git a/ccm-core/src/com/arsdigita/ui/admin/SubsiteDispatcher.java b/ccm-core/src/com/arsdigita/ui/admin/SubsiteDispatcher.java index f9261c765..3336d5224 100755 --- a/ccm-core/src/com/arsdigita/ui/admin/SubsiteDispatcher.java +++ b/ccm-core/src/com/arsdigita/ui/admin/SubsiteDispatcher.java @@ -32,7 +32,7 @@ import com.arsdigita.kernel.Kernel; import com.arsdigita.kernel.permissions.PermissionDescriptor; import com.arsdigita.kernel.permissions.PermissionService; import com.arsdigita.kernel.permissions.PrivilegeDescriptor; -import com.arsdigita.kernel.security.Initializer; +import com.arsdigita.kernel.security.Util; import java.io.IOException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -70,6 +70,7 @@ class SubsiteDispatcher extends BebopMapDispatcher { * that the user requesting the page is logged in and authorized * as a system-wide administrator. */ + @Override public void dispatch(HttpServletRequest req, HttpServletResponse resp, RequestContext ctx) @@ -88,7 +89,7 @@ class SubsiteDispatcher extends BebopMapDispatcher { if (party == null) { // The user is not logged in; redirect to the login page. - final String path = Initializer.getSecurityHelper().getLoginURL + final String path = Util.getSecurityHelper().getLoginURL (req); final ParameterMap params = new ParameterMap(); diff --git a/ccm-core/src/com/arsdigita/ui/admin/UserBrowsePane.java b/ccm-core/src/com/arsdigita/ui/admin/UserBrowsePane.java index 91cd1233e..6768b95d7 100755 --- a/ccm-core/src/com/arsdigita/ui/admin/UserBrowsePane.java +++ b/ccm-core/src/com/arsdigita/ui/admin/UserBrowsePane.java @@ -59,7 +59,7 @@ import com.arsdigita.kernel.Group; import com.arsdigita.kernel.GroupCollection; import com.arsdigita.kernel.User; import com.arsdigita.kernel.UserAuthentication; -import com.arsdigita.kernel.security.Initializer; +import com.arsdigita.kernel.security.LegacyInitializer; import com.arsdigita.kernel.security.UserContext; import com.arsdigita.persistence.DataQuery; import com.arsdigita.persistence.PersistenceException; @@ -285,8 +285,8 @@ class UserBrowsePane extends SegmentedPanel } // Redirect to workspace URL - final String path = Initializer.getFullURL - (Initializer.LOGIN_REDIRECT_PAGE_KEY, state.getRequest()); + final String path = LegacyInitializer.getFullURL + (LegacyInitializer.LOGIN_REDIRECT_PAGE_KEY, state.getRequest()); final URL url = URL.there(state.getRequest(), path); diff --git a/ccm-core/src/com/arsdigita/ui/login/ChangePasswordForm.java b/ccm-core/src/com/arsdigita/ui/login/ChangePasswordForm.java index f71a887d5..15aded297 100755 --- a/ccm-core/src/com/arsdigita/ui/login/ChangePasswordForm.java +++ b/ccm-core/src/com/arsdigita/ui/login/ChangePasswordForm.java @@ -45,7 +45,7 @@ import com.arsdigita.web.ReturnSignal; import com.arsdigita.kernel.Kernel; import com.arsdigita.kernel.User; import com.arsdigita.kernel.UserAuthentication; -import com.arsdigita.kernel.security.Initializer; +import com.arsdigita.kernel.security.LegacyInitializer; import com.arsdigita.kernel.security.RecoveryLoginModule; import com.arsdigita.mail.Mail; import com.arsdigita.util.UncheckedWrapperException; @@ -297,8 +297,8 @@ public class ChangePasswordForm extends Form final HttpServletRequest req = state.getRequest(); - final String path = Initializer.getFullURL - (Initializer.WORKSPACE_PAGE_KEY, req); + final String path = LegacyInitializer.getFullURL + (LegacyInitializer.WORKSPACE_PAGE_KEY, req); final URL fallback = URL.there(req, path); diff --git a/ccm-core/src/com/arsdigita/ui/login/DynamicLink.java b/ccm-core/src/com/arsdigita/ui/login/DynamicLink.java index 8f058eb5d..3f70c517f 100755 --- a/ccm-core/src/com/arsdigita/ui/login/DynamicLink.java +++ b/ccm-core/src/com/arsdigita/ui/login/DynamicLink.java @@ -22,7 +22,7 @@ import com.arsdigita.bebop.Label; import com.arsdigita.bebop.Link; import com.arsdigita.bebop.event.PrintEvent; import com.arsdigita.bebop.event.PrintListener; -import com.arsdigita.kernel.security.Initializer; +import com.arsdigita.kernel.security.LegacyInitializer; /** * Package-private class that generates the URL for a link dynamically from @@ -43,7 +43,7 @@ class DynamicLink extends Link { public void prepare(PrintEvent e) { Link link = (Link) e.getTarget(); - String url = Initializer.getFullURL + String url = LegacyInitializer.getFullURL (targetKey, e.getPageState().getRequest()); link.setTarget(url); diff --git a/ccm-core/src/com/arsdigita/ui/login/LoginHelper.java b/ccm-core/src/com/arsdigita/ui/login/LoginHelper.java index b7c3d1e05..6b4b31beb 100755 --- a/ccm-core/src/com/arsdigita/ui/login/LoginHelper.java +++ b/ccm-core/src/com/arsdigita/ui/login/LoginHelper.java @@ -21,6 +21,7 @@ package com.arsdigita.ui.login; import com.arsdigita.bebop.PageState; import com.arsdigita.dispatcher.DispatcherHelper; import com.arsdigita.globalization.GlobalizedMessage; +import com.arsdigita.kernel.SiteNode; import com.arsdigita.web.ReturnSignal; import java.io.IOException; import org.apache.log4j.Logger; @@ -32,12 +33,9 @@ import javax.servlet.http.HttpServletResponse; * Provides helper functions for the login UI. * * @author Sameer Ajmani - **/ + * @version $Id: LoginHelper.java 287 2005-02-22 00:29:02Z sskracic $ + */ public class LoginHelper { - public static final String versionId = - "$Id: LoginHelper.java 287 2005-02-22 00:29:02Z sskracic $" + - "$Author: sskracic $" + - "$DateTime: 2004/08/16 18:10:38 $"; private static final Logger s_log = Logger.getLogger(LoginHelper.class); @@ -141,4 +139,54 @@ public class LoginHelper { +"response already committed"); } } + +// /** +// * Returns the relative URL associated with the given key. This is the +// * value of the URL in the page map for the given key. +// * +// * @return the relative URL associated with the given key, or null if it +// * does not exist. +// * +// * @deprecated To be replaced by package parameters. +// * +// * @see #getFullURL(String, HttpServletRequest) +// **/ +// public static String getURL(String key) { +// return (String)s_pageMap.get(key); +// } + + /** + * Returns the absolute URL associated with the given key. This is the + * root URL for the system (the mount point) prepended to the result of + * getURL(key). + * + * @return the absolute URL associated with the given key, or null + * if it does not exist. + * + * @see #getURL(String) + **/ + public static String getFullURL(String key, HttpServletRequest req) { + String root = getRootURL(req); + String url = com.arsdigita.kernel.security.LegacyInitializer.getURL(key); + + if (s_log.isDebugEnabled()) { + s_log.debug("Root is " + root + ", url is " + url); + } + + if ((root == null) || (key == null)) { + return null; + } + return root + url; + } + + private static String getRootURL(HttpServletRequest req) { + // XXX this isn't safe since you aren't neccessarily + // calling it from the root webapp - so we can't + // blindly prepend the context path from the current + // request. + //return SiteNode.getRootSiteNode().getURL(req); + + return SiteNode.getRootSiteNode().getURL(); + } + } diff --git a/ccm-core/src/com/arsdigita/ui/login/RecoverPasswordPanel.java b/ccm-core/src/com/arsdigita/ui/login/RecoverPasswordPanel.java index f2197c556..b30068d0e 100755 --- a/ccm-core/src/com/arsdigita/ui/login/RecoverPasswordPanel.java +++ b/ccm-core/src/com/arsdigita/ui/login/RecoverPasswordPanel.java @@ -46,7 +46,7 @@ import com.arsdigita.domain.DataObjectNotFoundException; import com.arsdigita.kernel.User; import com.arsdigita.kernel.UserAuthentication; import com.arsdigita.kernel.security.CredentialEncodingException; -import com.arsdigita.kernel.security.Initializer; +import com.arsdigita.kernel.security.LegacyInitializer; import com.arsdigita.kernel.security.RecoveryLoginModule; import com.arsdigita.web.ParameterMap; import com.arsdigita.web.URL; @@ -351,8 +351,8 @@ public class RecoverPasswordPanel extends SimpleContainer url = com.arsdigita.web.URL.dynamicHostThere (req, - Initializer.getFullURL - (Initializer.CHANGE_PAGE_KEY, req), + LegacyInitializer.getFullURL + (LegacyInitializer.CHANGE_PAGE_KEY, req), map); } catch (CredentialEncodingException e) { throw new UncheckedWrapperException diff --git a/ccm-core/src/com/arsdigita/ui/login/SubsiteDispatcher.java b/ccm-core/src/com/arsdigita/ui/login/SubsiteDispatcher.java index e9a496b64..b416dc485 100755 --- a/ccm-core/src/com/arsdigita/ui/login/SubsiteDispatcher.java +++ b/ccm-core/src/com/arsdigita/ui/login/SubsiteDispatcher.java @@ -33,7 +33,7 @@ import com.arsdigita.dispatcher.DispatcherConfig; import com.arsdigita.dispatcher.DispatcherHelper; import com.arsdigita.dispatcher.RequestContext; import com.arsdigita.kernel.Kernel; -import com.arsdigita.kernel.security.Initializer; +import com.arsdigita.kernel.security.LegacyInitializer; import com.arsdigita.web.URL; import com.arsdigita.web.ParameterMap; import com.arsdigita.web.ReturnSignal; @@ -89,40 +89,40 @@ public class SubsiteDispatcher extends BebopMapDispatcher { //Map map = new HashMap(); Map map = new SubsiteDispatcherMap(); // special-case the empty URL - String redirect = Initializer.getURL(Initializer.ROOT_PAGE_KEY); + String redirect = LegacyInitializer.getURL(LegacyInitializer.ROOT_PAGE_KEY); Dispatcher root = new RedirectDispatcher(redirect); map.put("", root); map.put("index", root); - put(map, Initializer.EDIT_PAGE_KEY, buildSimplePage + put(map, LegacyInitializer.EDIT_PAGE_KEY, buildSimplePage ("login.userEditPage.title", new UserEditForm(), "edit")); - put(map, Initializer.LOGIN_PAGE_KEY, buildSimplePage + put(map, LegacyInitializer.LOGIN_PAGE_KEY, buildSimplePage ("login.userRegistrationForm.title", new UserRegistrationForm(Kernel.getSecurityConfig().isAutoRegistrationOn()), "login")); if (Kernel.getSecurityConfig().isAutoRegistrationOn()) { - put(map, Initializer.NEWUSER_PAGE_KEY, buildSimplePage + put(map, LegacyInitializer.NEWUSER_PAGE_KEY, buildSimplePage ("login.userNewForm.title", new UserNewForm(),"register")); } - put(map, Initializer.LOGOUT_PAGE_KEY, buildLogOutPage()); - put(map, Initializer.COOKIES_PAGE_KEY, buildSimplePage + put(map, LegacyInitializer.LOGOUT_PAGE_KEY, buildLogOutPage()); + put(map, LegacyInitializer.COOKIES_PAGE_KEY, buildSimplePage ("login.explainCookiesPage.title", new ElementComponent ("subsite:explainPersistentCookies", SUBSITE_NS_URI), "cookies")); - put(map, Initializer.CHANGE_PAGE_KEY, buildSimplePage + put(map, LegacyInitializer.CHANGE_PAGE_KEY, buildSimplePage ("login.changePasswordPage.title", new ChangePasswordForm(), "changepassword")); - put(map, Initializer.RECOVER_PAGE_KEY, buildSimplePage + put(map, LegacyInitializer.RECOVER_PAGE_KEY, buildSimplePage ("login.recoverPasswordPage.title", new RecoverPasswordPanel(), "recoverpassword")); Page workspace = checkForPageSubClass(); if (workspace == null) workspace = buildSimplePage ("login.workspacePage.title", new UserInfo(), "workspace"); - put(map, Initializer.WORKSPACE_PAGE_KEY, workspace); - put(map, Initializer.EXPIRED_PAGE_KEY, buildExpiredPage()); + put(map, LegacyInitializer.WORKSPACE_PAGE_KEY, workspace); + put(map, LegacyInitializer.EXPIRED_PAGE_KEY, buildExpiredPage()); // special case to handle pvt/home - String url = Initializer.getURL(Initializer.WORKSPACE_PAGE_KEY); + String url = LegacyInitializer.getURL(LegacyInitializer.WORKSPACE_PAGE_KEY); if (url.equals("pvt/")) { map.put("pvt/home", workspace); } @@ -139,9 +139,9 @@ public class SubsiteDispatcher extends BebopMapDispatcher { // /register/login-expired, /register/recover-password // NB, although you'd think /register is cachable, it // stores a timestamp in the login form :( - if (url.equals(Initializer.getURL(Initializer.COOKIES_PAGE_KEY)) || - url.equals(Initializer.getURL(Initializer.EXPIRED_PAGE_KEY)) || - url.equals(Initializer.getURL(Initializer.RECOVER_PAGE_KEY))) { + if (url.equals(LegacyInitializer.getURL(LegacyInitializer.COOKIES_PAGE_KEY)) || + url.equals(LegacyInitializer.getURL(LegacyInitializer.EXPIRED_PAGE_KEY)) || + url.equals(LegacyInitializer.getURL(LegacyInitializer.RECOVER_PAGE_KEY))) { DispatcherHelper.cacheForWorld(resp); } else { DispatcherHelper.cacheDisable(resp); @@ -155,7 +155,7 @@ public class SubsiteDispatcher extends BebopMapDispatcher { * redirected to URL. **/ private void put(Map map, String key, Page page) { - String url = Initializer.getURL(key); + String url = LegacyInitializer.getURL(key); map.put(url, page); if (url.endsWith("/")) { map.put(url+"index", page); @@ -205,7 +205,7 @@ public class SubsiteDispatcher extends BebopMapDispatcher { add(new Label(LoginHelper.getMessage ("login.loginExpiredPage.before"))); add(new DynamicLink("login.loginExpiredPage.link", - Initializer.LOGIN_PAGE_KEY)); + LegacyInitializer.LOGIN_PAGE_KEY)); add(new Label(LoginHelper.getMessage ("login.loginExpiredPage.after"))); add(new ElementComponent("subsite:explainLoginExpired", @@ -227,8 +227,8 @@ public class SubsiteDispatcher extends BebopMapDispatcher { final HttpServletRequest req = state.getRequest(); - final String path = Initializer.getFullURL - (Initializer.ROOT_PAGE_KEY, req); + final String path = LegacyInitializer.getFullURL + (LegacyInitializer.ROOT_PAGE_KEY, req); throw new ReturnSignal(req, URL.there(req, path)); } diff --git a/ccm-core/src/com/arsdigita/ui/login/UserEditForm.java b/ccm-core/src/com/arsdigita/ui/login/UserEditForm.java index efa28e3d9..1d1bba1b0 100755 --- a/ccm-core/src/com/arsdigita/ui/login/UserEditForm.java +++ b/ccm-core/src/com/arsdigita/ui/login/UserEditForm.java @@ -22,7 +22,7 @@ import com.arsdigita.domain.DataObjectNotFoundException; import com.arsdigita.kernel.EmailAddress; import com.arsdigita.kernel.PersonName; import com.arsdigita.kernel.User; -import com.arsdigita.kernel.security.Initializer; +import com.arsdigita.kernel.security.LegacyInitializer; import com.arsdigita.web.URL; import com.arsdigita.web.ReturnSignal; import com.arsdigita.bebop.ColumnPanel; @@ -144,8 +144,8 @@ public class UserEditForm extends UserForm final HttpServletRequest req = state.getRequest(); - final String path = Initializer.getFullURL - (Initializer.WORKSPACE_PAGE_KEY, req); + final String path = LegacyInitializer.getFullURL + (LegacyInitializer.WORKSPACE_PAGE_KEY, req); final URL fallback = com.arsdigita.web.URL.there(req, path); diff --git a/ccm-core/src/com/arsdigita/ui/login/UserInfo.java b/ccm-core/src/com/arsdigita/ui/login/UserInfo.java index 29521ba8f..7956be509 100755 --- a/ccm-core/src/com/arsdigita/ui/login/UserInfo.java +++ b/ccm-core/src/com/arsdigita/ui/login/UserInfo.java @@ -29,7 +29,7 @@ import com.arsdigita.kernel.PackageInstance; import com.arsdigita.kernel.SiteNode; import com.arsdigita.kernel.SiteNodeCollection; import com.arsdigita.kernel.PackageType; -import com.arsdigita.kernel.security.Initializer; +import com.arsdigita.kernel.security.LegacyInitializer; import com.arsdigita.persistence.DataCollection; import com.arsdigita.persistence.SessionManager; import com.arsdigita.xml.Element; @@ -78,11 +78,11 @@ public class UserInfo extends SimpleContainer { // add list of links ListPanel list = new ListPanel(false); list.add(new DynamicLink("login.userInfo.logoutLink", - Initializer.LOGOUT_PAGE_KEY)); + LegacyInitializer.LOGOUT_PAGE_KEY)); list.add(new DynamicLink("login.userInfo.editProfileLink", - Initializer.EDIT_PAGE_KEY)); + LegacyInitializer.EDIT_PAGE_KEY)); list.add(new DynamicLink("login.userInfo.changePasswordLink", - Initializer.CHANGE_PAGE_KEY)); + LegacyInitializer.CHANGE_PAGE_KEY)); add(list); // add user info text add(new SimpleComponent() { diff --git a/ccm-core/src/com/arsdigita/ui/login/UserNewForm.java b/ccm-core/src/com/arsdigita/ui/login/UserNewForm.java index fffad4faf..0a3b474f9 100755 --- a/ccm-core/src/com/arsdigita/ui/login/UserNewForm.java +++ b/ccm-core/src/com/arsdigita/ui/login/UserNewForm.java @@ -43,7 +43,7 @@ import com.arsdigita.kernel.UserAuthentication; import com.arsdigita.kernel.permissions.PermissionDescriptor; import com.arsdigita.kernel.permissions.PermissionService; import com.arsdigita.kernel.permissions.PrivilegeDescriptor; -import com.arsdigita.kernel.security.Initializer; +import com.arsdigita.kernel.security.LegacyInitializer; import com.arsdigita.persistence.PersistenceException; import javax.mail.internet.InternetAddress; @@ -219,8 +219,8 @@ public class UserNewForm extends UserForm // redirect to workspace or return URL, if specified final HttpServletRequest req = state.getRequest(); - url = Initializer.getFullURL - (Initializer.WORKSPACE_PAGE_KEY, req); + url = LegacyInitializer.getFullURL + (LegacyInitializer.WORKSPACE_PAGE_KEY, req); final URL fallback = com.arsdigita.web.URL.there(req, url); diff --git a/ccm-core/src/com/arsdigita/ui/login/UserRegistrationForm.java b/ccm-core/src/com/arsdigita/ui/login/UserRegistrationForm.java index 48b29d32a..32b6f10b5 100755 --- a/ccm-core/src/com/arsdigita/ui/login/UserRegistrationForm.java +++ b/ccm-core/src/com/arsdigita/ui/login/UserRegistrationForm.java @@ -47,7 +47,7 @@ import com.arsdigita.kernel.KernelHelper; import com.arsdigita.kernel.security.AccountNotFoundException; import com.arsdigita.kernel.security.Credential; import com.arsdigita.kernel.security.CredentialException; -import com.arsdigita.kernel.security.Initializer; +import com.arsdigita.kernel.security.LegacyInitializer; import com.arsdigita.kernel.security.UserContext; import com.arsdigita.web.ParameterMap; import com.arsdigita.web.RedirectSignal; @@ -146,17 +146,17 @@ public class UserRegistrationForm extends Form cookiePanel.add(m_isPersistent); cookiePanel.add(new DynamicLink ("login.userRegistrationForm.explainCookieLink", - Initializer.COOKIES_PAGE_KEY)); + LegacyInitializer.COOKIES_PAGE_KEY)); add(cookiePanel); add(new Submit(SUBMIT), ColumnPanel.CENTER | ColumnPanel.FULL_WIDTH); add(new DynamicLink("login.userRegistrationForm.forgotPasswordLink", - Initializer.RECOVER_PAGE_KEY)); + LegacyInitializer.RECOVER_PAGE_KEY)); if (m_autoRegistrationOn) { add(new DynamicLink("login.userRegistrationForm.newUserRegister", - Initializer.NEWUSER_PAGE_KEY)); + LegacyInitializer.NEWUSER_PAGE_KEY)); } add(new ElementComponent("subsite:promptToEnableCookiesMsg", @@ -241,8 +241,8 @@ public class UserRegistrationForm extends Form } catch (CredentialException e) { s_log.info( "Invalid credential" ); - final String path = Initializer.getFullURL - (Initializer.EXPIRED_PAGE_KEY, state.getRequest()); + final String path = LegacyInitializer.getFullURL + (LegacyInitializer.EXPIRED_PAGE_KEY, state.getRequest()); final URL url = com.arsdigita.web.URL.there (state.getRequest(), path); @@ -268,8 +268,8 @@ public class UserRegistrationForm extends Form final HttpServletRequest req = state.getRequest(); // Redirect to workspace or return URL, if specified. - final String path = Initializer.getFullURL - (Initializer.LOGIN_REDIRECT_PAGE_KEY, req); + final String path = LegacyInitializer.getFullURL + (LegacyInitializer.LOGIN_REDIRECT_PAGE_KEY, req); final URL url = com.arsdigita.web.URL.there(req, path); @@ -404,8 +404,8 @@ public class UserRegistrationForm extends Form } protected void redirectToNewUserPage(PageState state) { - String url = Initializer.getFullURL - (Initializer.NEWUSER_PAGE_KEY, state.getRequest()); + String url = LegacyInitializer.getFullURL + (LegacyInitializer.NEWUSER_PAGE_KEY, state.getRequest()); ParameterMap map = new ParameterMap(); map.setParameter(LoginHelper.RETURN_URL_PARAM_NAME, diff --git a/ccm-core/src/com/arsdigita/ui/login/package.html b/ccm-core/src/com/arsdigita/ui/login/package.html index 418d08058..bcd48ef65 100755 --- a/ccm-core/src/com/arsdigita/ui/login/package.html +++ b/ccm-core/src/com/arsdigita/ui/login/package.html @@ -3,7 +3,7 @@ Package com.arsdigita.ui.login - +

diff --git a/ccm-core/src/com/arsdigita/ui/permissions/IndexPanel.java b/ccm-core/src/com/arsdigita/ui/permissions/IndexPanel.java index 42e016e59..2addf10ca 100755 --- a/ccm-core/src/com/arsdigita/ui/permissions/IndexPanel.java +++ b/ccm-core/src/com/arsdigita/ui/permissions/IndexPanel.java @@ -37,7 +37,7 @@ import com.arsdigita.kernel.permissions.PermissionService; import com.arsdigita.kernel.permissions.PermissionService; import com.arsdigita.kernel.permissions.PrivilegeDescriptor; import com.arsdigita.kernel.permissions.PrivilegeDescriptor; -import com.arsdigita.kernel.security.Initializer; +import com.arsdigita.kernel.security.LegacyInitializer; import com.arsdigita.persistence.DataQuery; import com.arsdigita.persistence.SessionManager; import com.arsdigita.util.LockableImpl; @@ -69,8 +69,8 @@ class IndexPanel extends SimpleContainer implements PermissionsConstants { setClassAttr("PERMISSIONS"); m_navbar = new DimensionalNavbar(); m_navbar.add(new Link(PERSONAL_SITE.localize()+"", - "/" + Initializer.getURL( - Initializer.WORKSPACE_PAGE_KEY))); + "/" + LegacyInitializer.getURL( + LegacyInitializer.WORKSPACE_PAGE_KEY))); m_navbar.add(new Link(MAIN_SITE.localize()+"", "/")); m_navbar.add(new Label(PERMISSIONS_INDEX_NAVBAR.localize()+"")); m_navbar.setClassAttr("permNavBar"); diff --git a/ccm-core/src/com/arsdigita/ui/permissions/PermissionsHeader.java b/ccm-core/src/com/arsdigita/ui/permissions/PermissionsHeader.java index de8521615..2b4a546e9 100755 --- a/ccm-core/src/com/arsdigita/ui/permissions/PermissionsHeader.java +++ b/ccm-core/src/com/arsdigita/ui/permissions/PermissionsHeader.java @@ -27,7 +27,7 @@ import com.arsdigita.bebop.PageState; import com.arsdigita.bebop.event.PrintEvent; import com.arsdigita.bebop.event.PrintListener; import com.arsdigita.kernel.ACSObject; -import com.arsdigita.kernel.security.Initializer; +import com.arsdigita.kernel.security.LegacyInitializer; /** * @@ -68,8 +68,8 @@ class PermissionsHeader extends BoxPanel implements PermissionsConstants { DimensionalNavbar navbar = new DimensionalNavbar(); navbar.add(new Link(PERSONAL_SITE.localize()+"", - "/" + Initializer.getURL( - Initializer.WORKSPACE_PAGE_KEY))); + "/" + LegacyInitializer.getURL( + LegacyInitializer.WORKSPACE_PAGE_KEY))); navbar.add(new Link(MAIN_SITE.localize()+"", "/")); navbar.add(new Link(PERMISSIONS_INDEX.localize()+"", "/permissions/")); navbar.add(objectName); diff --git a/ccm-core/src/com/arsdigita/util/URLRewriter.java b/ccm-core/src/com/arsdigita/util/URLRewriter.java index 2065ddef5..803495796 100755 --- a/ccm-core/src/com/arsdigita/util/URLRewriter.java +++ b/ccm-core/src/com/arsdigita/util/URLRewriter.java @@ -39,12 +39,10 @@ import org.apache.log4j.Logger; */ public class URLRewriter { - private static final Logger s_log = - Logger.getLogger(URLRewriter.class); + /** Creates a s_logging category with name = to the full name of class */ + private static final Logger s_log = Logger.getLogger(URLRewriter.class); - /** - * The parameter providers for the system. - **/ + /** The parameter providers for the system. Client classes are registered here. */ private static LinkedList s_providers = new LinkedList(); /** diff --git a/ccm-core/src/com/arsdigita/web/URL.java b/ccm-core/src/com/arsdigita/web/URL.java index 51f09bdad..682cce0ac 100755 --- a/ccm-core/src/com/arsdigita/web/URL.java +++ b/ccm-core/src/com/arsdigita/web/URL.java @@ -888,6 +888,7 @@ public class URL { * * @return a String URL */ + @Override public final String toString() { if (m_params == null) { return m_url.substring(m_serverPortEnd); @@ -924,14 +925,17 @@ public class URL { private static class EmptyParameterMap extends InternalRequestLocal { + @Override protected final Object initialValue() { return new ParameterMap(); } + @Override protected final void prepareValue(final HttpServletRequest sreq) { ((ParameterMap) get()).runListeners(sreq); } + @Override protected final void clearValue() { ((ParameterMap) get()).clear(); } diff --git a/ccm-core/web/index.jsp b/ccm-core/web/index.jsp index 5b16c5ad9..7aeebf96e 100755 --- a/ccm-core/web/index.jsp +++ b/ccm-core/web/index.jsp @@ -1,12 +1,12 @@ - + throw new RedirectSignal(URL.there(request, - Initializer.getFullURL(Initializer.LOGIN_REDIRECT_PAGE_KEY, request)), false); + LegacyInitializer.getFullURL(LegacyInitializer.LOGIN_REDIRECT_PAGE_KEY, request)), false);