Class DefaultUserManager
- java.lang.Object
-
- org.apache.wiki.auth.DefaultUserManager
-
- All Implemented Interfaces:
Initializable
,UserManager
public class DefaultUserManager extends java.lang.Object implements UserManager
Default implementation forUserManager
.- Since:
- 2.3
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
DefaultUserManager.JSONUserModule
Implements the JSON API for usermanager.
-
Field Summary
-
Fields inherited from interface org.apache.wiki.auth.UserManager
JSON_USERS, PROP_DATABASE
-
-
Constructor Summary
Constructors Constructor Description DefaultUserManager()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addWikiEventListener(WikiEventListener listener)
Registers a WikiEventListener with this instance.UserDatabase
getUserDatabase()
Returns the UserDatabase employed by this Engine.UserProfile
getUserProfile(Session session)
Retrieves theUserProfile
for the user in a session.void
initialize(Engine engine, java.util.Properties props)
Initializes this Engine component.java.security.Principal[]
listWikiNames()
A helper method for returning all of the known WikiNames in this system.UserProfile
parseProfile(Context context)
Extracts user profile parameters from the HTTP request and populates a UserProfile with them.void
removeWikiEventListener(WikiEventListener listener)
Un-registers a WikiEventListener with this instance.void
setUserProfile(Context context, UserProfile profile)
Saves theUserProfile
for the user in a wiki session.void
startUserProfileCreationWorkflow(Context context, UserProfile profile)
void
validateProfile(Context context, UserProfile profile)
Validates a user profile, and appends any errors to the session errors list.-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.apache.wiki.auth.UserManager
fireEvent
-
-
-
-
Constructor Detail
-
DefaultUserManager
public DefaultUserManager()
-
-
Method Detail
-
initialize
public void initialize(Engine engine, java.util.Properties props)
Initializes this Engine component. Note that the engine is not fully initialized at this point, so don't do anything fancy here - use lazy init, if you have to.
- Specified by:
initialize
in interfaceInitializable
- Parameters:
engine
- Engine performing the initialization.props
- Properties for setup.
-
getUserDatabase
public UserDatabase getUserDatabase()
Returns the UserDatabase employed by this Engine. The UserDatabase is lazily initialized by this method, if it does not exist yet. If the initialization fails, this method will use the inner class DummyUserDatabase as a default (which is enough to get JSPWiki running).- Specified by:
getUserDatabase
in interfaceUserManager
- Returns:
- the dummy user database
-
getUserProfile
public UserProfile getUserProfile(Session session)
Retrieves the
UserProfile
for the user in a session. If the user is authenticated, the UserProfile returned will be the one stored in the user database; if one does not exist, a new one will be initialized and returned. If the user is anonymous or asserted, the UserProfile will always be newly initialized to prevent spoofing of identities. If a UserProfile needs to be initialized, itsUserProfile.isNew()
method will returntrue
, and its login name will will be set automatically if the user is authenticated. Note that this method does not modify the retrieved (or newly created) profile otherwise; other fields in the user profile may benull
.If a new UserProfile was created, but its
UserProfile.isNew()
method returnsfalse
, this method throws anIllegalStateException
. This is meant as a quality check for UserDatabase providers; it should only be thrown if the implementation is faulty.- Specified by:
getUserProfile
in interfaceUserManager
- Parameters:
session
- the session, which may not benull
- Returns:
- the user's profile, which will be newly initialized if the user is anonymous or asserted, or if the user cannot be found in the user database
-
setUserProfile
public void setUserProfile(Context context, UserProfile profile) throws DuplicateUserException, WikiException
Saves the
UserProfile
for the user in a wiki session. This method verifies that a user profile to be saved doesn't collide with existing profiles; that is, the login name or full name is already used by another profile. If the profile collides, aDuplicateUserException
is thrown. After saving the profile, the user database changes are committed, and the user's credential set is refreshed; if custom authentication is used, this means the user will be automatically be logged in.When the user's profile is saved successfully, this method fires a
WikiSecurityEvent.PROFILE_SAVE
event with the Session as the source and the UserProfile as target. For existing profiles, if the user's full name changes, this method also fires a "name changed" event (WikiSecurityEvent.PROFILE_NAME_CHANGED
) with the Session as the source and an array containing the old and new UserProfiles, respectively. TheNAME_CHANGED
event allows the GroupManager and PageManager can change group memberships and ACLs if needed.Note that Sessions normally attach event listeners to the UserManager, so changes to the profile will automatically cause the correct Principals to be reloaded into the current Session's Subject.
- Specified by:
setUserProfile
in interfaceUserManager
- Parameters:
context
- the wiki context, which may not benull
profile
- the user profile, which may not benull
- Throws:
DuplicateUserException
- if the proposed profile's login name or full name collides with anotherWikiException
- if the save fails for some reason. If the current user does not have permission to save the profile, this will be aWikiSecurityException
; if if the user profile must be approved before it can be saved, it will be aDecisionRequiredException
. All other WikiException indicate a condition that is not normal is probably due to mis-configuration
-
startUserProfileCreationWorkflow
public void startUserProfileCreationWorkflow(Context context, UserProfile profile) throws WikiException
- Specified by:
startUserProfileCreationWorkflow
in interfaceUserManager
- Throws:
WikiException
-
parseProfile
public UserProfile parseProfile(Context context)
Extracts user profile parameters from the HTTP request and populates a UserProfile with them. The UserProfile will either be a copy of the user's existing profile (if one can be found), or a new profile (if not). The rules for populating the profile as as follows:
- If the
email
orpassword
parameter values differ from those in the existing profile, the passed parameters override the old values. - For new profiles, the user-supplied
fullname
parameter is always used; for existing profiles the existing value is used, and whatever value the user supplied is discarded. The wiki name is automatically computed by taking the full name and extracting all whitespace. - In all cases, the created/last modified timestamps of the user's existing or new profile always override whatever values the user supplied.
- If container authentication is used, the login name property of the profile is set to the name of
Session.getLoginPrincipal()
. Otherwise, the value of theloginname
parameter is used.
- Specified by:
parseProfile
in interfaceUserManager
- Parameters:
context
- the current wiki context- Returns:
- a new, populated user profile
- If the
-
validateProfile
public void validateProfile(Context context, UserProfile profile)
Validates a user profile, and appends any errors to the session errors list. If the profile is new, the password will be checked to make sure it isn't null. Otherwise, the password is checked for length and that it matches the value of the 'password2' HTTP parameter. Note that we have a special case when container-managed authentication is used and the user is not authenticated; this will always cause validation to fail. Any validation errors are added to the wiki session's messages collection (seeSession.getMessages()
.- Specified by:
validateProfile
in interfaceUserManager
- Parameters:
context
- the current wiki contextprofile
- the supplied UserProfile
-
listWikiNames
public java.security.Principal[] listWikiNames() throws WikiSecurityException
A helper method for returning all of the known WikiNames in this system.- Specified by:
listWikiNames
in interfaceUserManager
- Returns:
- An Array of Principals
- Throws:
WikiSecurityException
- If for reason the names cannot be fetched
-
addWikiEventListener
public void addWikiEventListener(WikiEventListener listener)
Registers a WikiEventListener with this instance. This is a convenience method.- Specified by:
addWikiEventListener
in interfaceUserManager
- Parameters:
listener
- the event listener
-
removeWikiEventListener
public void removeWikiEventListener(WikiEventListener listener)
Un-registers a WikiEventListener with this instance. This is a convenience method.- Specified by:
removeWikiEventListener
in interfaceUserManager
- Parameters:
listener
- the event listener
-
-