Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.wiki.auth
Class SecurityVerifier

java.lang.Object
  extended by org.apache.wiki.auth.SecurityVerifier

public final class SecurityVerifier
extends Object

Helper class for verifying JSPWiki's security configuration. Invoked by admin/SecurityConfig.jsp.

Since:
2.4

Field Summary
static String ERROR
          Message prefix for errors.
static String ERROR_DB
          Message topic for user database errors.
static String ERROR_GROUPS
          Message topic for group database errors.
static String ERROR_JAAS
          Message topic for JAAS errors.
static String ERROR_POLICY
          Message topic for policy errors.
static String ERROR_ROLES
          Message topic for role-checking errors.
static String INFO
          Message prefix for information messages.
static String INFO_DB
          Message topic for user database information messages.
static String INFO_GROUPS
          Message topic for group database information messages.
static String INFO_JAAS
          Message topic for JAAS information messages.
static String INFO_POLICY
          Message topic for policy information messages.
static String INFO_ROLES
          Message topic for role-checking information messages.
static String WARNING
          Message prefix for warnings.
static String WARNING_DB
          Message topic for user database warnings.
static String WARNING_GROUPS
          Message topic for group database warnings.
static String WARNING_JAAS
          Message topic for JAAS warnings.
static String WARNING_POLICY
          Message topic for policy warnings.
 
Constructor Summary
SecurityVerifier(WikiEngine engine, WikiSession session)
          Constructs a new SecurityVerifier for a supplied WikiEngine and WikiSession.
 
Method Summary
 String containerRoleTable()
          Formats and returns an HTML table containing the roles the web container is aware of, and whether each role maps to particular JSPs.
protected  File getFileFromProperty(String property)
          Looks up a file name based on a JRE system property and returns the associated File object if it exists.
 boolean isSecurityPolicyConfigured()
          Returns true if the Java security policy is configured correctly, and it verifies as valid.
 Principal[] policyPrincipals()
          Returns an array of unique Principals from the JSPWIki security policy file.
 String policyRoleTable()
          Formats and returns an HTML table containing sample permissions and what roles are allowed to have them.
protected  void verifyGroupDatabase()
          Verifies that the group datbase was initialized properly, and that user add and delete operations work as they should.
protected  void verifyJaas()
          Verfies the JAAS configuration.
protected  void verifyPolicy()
          Verfies the Java security policy configuration.
protected  void verifyPolicyAndContainerRoles()
          Verifies that the roles given in the security policy are reflected by the container web.xml file.
protected  boolean verifyStaticPermission(Principal principal, Permission permission)
          Verifies that a particular Principal possesses a Permission, as defined in the security policy file.
protected  void verifyUserDatabase()
          Verifies that the user datbase was initialized properly, and that user add and delete operations work as they should.
 Principal[] webContainerRoles()
          If the active Authorizer is the WebContainerAuthorizer, returns the roles it knows about; otherwise, a zero-length array.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

ERROR

public static final String ERROR
Message prefix for errors.

See Also:
Constant Field Values

WARNING

public static final String WARNING
Message prefix for warnings.

See Also:
Constant Field Values

INFO

public static final String INFO
Message prefix for information messages.

See Also:
Constant Field Values

ERROR_POLICY

public static final String ERROR_POLICY
Message topic for policy errors.

See Also:
Constant Field Values

WARNING_POLICY

public static final String WARNING_POLICY
Message topic for policy warnings.

See Also:
Constant Field Values

INFO_POLICY

public static final String INFO_POLICY
Message topic for policy information messages.

See Also:
Constant Field Values

ERROR_JAAS

public static final String ERROR_JAAS
Message topic for JAAS errors.

See Also:
Constant Field Values

WARNING_JAAS

public static final String WARNING_JAAS
Message topic for JAAS warnings.

See Also:
Constant Field Values

ERROR_ROLES

public static final String ERROR_ROLES
Message topic for role-checking errors.

See Also:
Constant Field Values

INFO_ROLES

public static final String INFO_ROLES
Message topic for role-checking information messages.

See Also:
Constant Field Values

ERROR_DB

public static final String ERROR_DB
Message topic for user database errors.

See Also:
Constant Field Values

WARNING_DB

public static final String WARNING_DB
Message topic for user database warnings.

See Also:
Constant Field Values

INFO_DB

public static final String INFO_DB
Message topic for user database information messages.

See Also:
Constant Field Values

ERROR_GROUPS

public static final String ERROR_GROUPS
Message topic for group database errors.

See Also:
Constant Field Values

WARNING_GROUPS

public static final String WARNING_GROUPS
Message topic for group database warnings.

See Also:
Constant Field Values

INFO_GROUPS

public static final String INFO_GROUPS
Message topic for group database information messages.

See Also:
Constant Field Values

INFO_JAAS

public static final String INFO_JAAS
Message topic for JAAS information messages.

See Also:
Constant Field Values
Constructor Detail

SecurityVerifier

public SecurityVerifier(WikiEngine engine,
                        WikiSession session)
Constructs a new SecurityVerifier for a supplied WikiEngine and WikiSession.

Parameters:
engine - the wiki engine
session - the wiki session (typically, that of an administrator)
Method Detail

policyPrincipals

public Principal[] policyPrincipals()
Returns an array of unique Principals from the JSPWIki security policy file. This array will be zero-length if the policy file was not successfully located, or if the file did not specify any Principals in the policy.

Returns:
the array of principals

policyRoleTable

public String policyRoleTable()
Formats and returns an HTML table containing sample permissions and what roles are allowed to have them. This method will throw an IllegalStateException if the authorizer is not of type WebContainerAuthorizer

Returns:
the formatted HTML table containing the result of the tests

containerRoleTable

public String containerRoleTable()
                          throws WikiException
Formats and returns an HTML table containing the roles the web container is aware of, and whether each role maps to particular JSPs. This method throws an IllegalStateException if the authorizer is not of type WebContainerAuthorizer

Returns:
the formatted HTML table containing the result of the tests
Throws:
WikiException - if tests fail for unexpected reasons

isSecurityPolicyConfigured

public boolean isSecurityPolicyConfigured()
Returns true if the Java security policy is configured correctly, and it verifies as valid.

Returns:
the result of the configuration check

webContainerRoles

public Principal[] webContainerRoles()
                              throws WikiException
If the active Authorizer is the WebContainerAuthorizer, returns the roles it knows about; otherwise, a zero-length array.

Returns:
the roles parsed from web.xml, or a zero-length array
Throws:
WikiException - if the web authorizer cannot obtain the list of roles

verifyPolicyAndContainerRoles

protected void verifyPolicyAndContainerRoles()
                                      throws WikiException
Verifies that the roles given in the security policy are reflected by the container web.xml file.

Throws:
WikiException - if the web authorizer cannot verify the roles

verifyGroupDatabase

protected void verifyGroupDatabase()
Verifies that the group datbase was initialized properly, and that user add and delete operations work as they should.

verifyJaas

protected void verifyJaas()
Verfies the JAAS configuration. The configuration is valid if value of the jspwiki.properties property "jspwiki.loginModule.class" resolves to a valid class on the classpath.

getFileFromProperty

protected File getFileFromProperty(String property)
Looks up a file name based on a JRE system property and returns the associated File object if it exists. This method adds messages with the topic prefix ERROR and INFO as appropriate, with the suffix matching the supplied property.

Parameters:
property - the system property to look up
Returns:
the file object, or null if not found

verifyPolicy

protected void verifyPolicy()
Verfies the Java security policy configuration. The configuration is valid if value of the local policy (at WEB-INF/jspwiki.policy resolves to an existing file, and the policy file contained therein represents a valid policy.

verifyStaticPermission

protected boolean verifyStaticPermission(Principal principal,
                                         Permission permission)
Verifies that a particular Principal possesses a Permission, as defined in the security policy file.

Parameters:
principal - the principal
permission - the permission
Returns:
the result, based on consultation with the active Java security policy

verifyUserDatabase

protected void verifyUserDatabase()
Verifies that the user datbase was initialized properly, and that user add and delete operations work as they should.

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © {inceptionYear}-2014 The Apache Software Foundation. All rights reserved.