|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.apache.wiki.auth.SecurityVerifier
public final class SecurityVerifier
Helper class for verifying JSPWiki's security configuration. Invoked by
admin/SecurityConfig.jsp
.
Field Summary | |
---|---|
static String |
ERROR
Message prefix for errors. |
static String |
ERROR_DB
Message topic for user database errors. |
static String |
ERROR_GROUPS
Message topic for group database errors. |
static String |
ERROR_JAAS
Message topic for JAAS errors. |
static String |
ERROR_POLICY
Message topic for policy errors. |
static String |
ERROR_ROLES
Message topic for role-checking errors. |
static String |
INFO
Message prefix for information messages. |
static String |
INFO_DB
Message topic for user database information messages. |
static String |
INFO_GROUPS
Message topic for group database information messages. |
static String |
INFO_JAAS
Message topic for JAAS information messages. |
static String |
INFO_POLICY
Message topic for policy information messages. |
static String |
INFO_ROLES
Message topic for role-checking information messages. |
static String |
WARNING
Message prefix for warnings. |
static String |
WARNING_DB
Message topic for user database warnings. |
static String |
WARNING_GROUPS
Message topic for group database warnings. |
static String |
WARNING_JAAS
Message topic for JAAS warnings. |
static String |
WARNING_POLICY
Message topic for policy warnings. |
Constructor Summary | |
---|---|
SecurityVerifier(WikiEngine engine,
WikiSession session)
Constructs a new SecurityVerifier for a supplied WikiEngine and WikiSession. |
Method Summary | |
---|---|
String |
containerRoleTable()
Formats and returns an HTML table containing the roles the web container is aware of, and whether each role maps to particular JSPs. |
protected File |
getFileFromProperty(String property)
Looks up a file name based on a JRE system property and returns the associated File object if it exists. |
boolean |
isSecurityPolicyConfigured()
Returns true if the Java security policy is configured
correctly, and it verifies as valid. |
Principal[] |
policyPrincipals()
Returns an array of unique Principals from the JSPWIki security policy file. |
String |
policyRoleTable()
Formats and returns an HTML table containing sample permissions and what roles are allowed to have them. |
protected void |
verifyGroupDatabase()
Verifies that the group datbase was initialized properly, and that user add and delete operations work as they should. |
protected void |
verifyJaas()
Verfies the JAAS configuration. |
protected void |
verifyPolicy()
Verfies the Java security policy configuration. |
protected void |
verifyPolicyAndContainerRoles()
Verifies that the roles given in the security policy are reflected by the container web.xml file. |
protected boolean |
verifyStaticPermission(Principal principal,
Permission permission)
Verifies that a particular Principal possesses a Permission, as defined in the security policy file. |
protected void |
verifyUserDatabase()
Verifies that the user datbase was initialized properly, and that user add and delete operations work as they should. |
Principal[] |
webContainerRoles()
If the active Authorizer is the WebContainerAuthorizer, returns the roles it knows about; otherwise, a zero-length array. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final String ERROR
public static final String WARNING
public static final String INFO
public static final String ERROR_POLICY
public static final String WARNING_POLICY
public static final String INFO_POLICY
public static final String ERROR_JAAS
public static final String WARNING_JAAS
public static final String ERROR_ROLES
public static final String INFO_ROLES
public static final String ERROR_DB
public static final String WARNING_DB
public static final String INFO_DB
public static final String ERROR_GROUPS
public static final String WARNING_GROUPS
public static final String INFO_GROUPS
public static final String INFO_JAAS
Constructor Detail |
---|
public SecurityVerifier(WikiEngine engine, WikiSession session)
engine
- the wiki enginesession
- the wiki session (typically, that of an administrator)Method Detail |
---|
public Principal[] policyPrincipals()
public String policyRoleTable()
IllegalStateException
if the authorizer is not of type
WebContainerAuthorizer
public String containerRoleTable() throws WikiException
IllegalStateException
if the authorizer is not of type
WebContainerAuthorizer
WikiException
- if tests fail for unexpected reasonspublic boolean isSecurityPolicyConfigured()
true
if the Java security policy is configured
correctly, and it verifies as valid.
public Principal[] webContainerRoles() throws WikiException
web.xml
, or a zero-length array
WikiException
- if the web authorizer cannot obtain the list of rolesprotected void verifyPolicyAndContainerRoles() throws WikiException
web.xml
file.
WikiException
- if the web authorizer cannot verify the rolesprotected void verifyGroupDatabase()
protected void verifyJaas()
jspwiki.properties property
"jspwiki.loginModule.class"
resolves to a valid class on the classpath.
protected File getFileFromProperty(String property)
ERROR
and INFO
as appropriate, with the suffix matching the
supplied property.
property
- the system property to look up
null
if not foundprotected void verifyPolicy()
WEB-INF/jspwiki.policy
resolves to an existing file, and the policy file contained therein
represents a valid policy.
protected boolean verifyStaticPermission(Principal principal, Permission permission)
principal
- the principalpermission
- the permission
protected void verifyUserDatabase()
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |