Examples of org.apache.wiki.WikiSession

org.apache.wiki.WikiSession
Represents a long-running wiki session, with an associated user Principal, user Subject, and authentication status. This class is initialized with minimal, default-deny values: authentication is set to false, and the user principal is set to null.

The WikiSession class allows callers to:
- Obtain the authentication status of the user via {@link #isAnonymous()} and {@link #isAuthenticated()}
- Query the session for Principals representing the user's identity via {@link #getLoginPrincipal()}, {@link #getUserPrincipal()} and {@link #getPrincipals()}
- Store, retrieve and clear UI messages via {@link #addMessage(String)}, {@link #getMessages(String)}and {@link #clearMessages(String)}
To keep track of the Principals each user posseses, each WikiSession stores a JAAS Subject. Various login processes add or remove Principals when users authenticate or log out.

WikiSession implements the {@link org.apache.wiki.event.WikiEventListener}interface and listens for group add/change/delete events fired by event sources the WikiSession is registered with. Normally, {@link org.apache.wiki.auth.AuthenticationManager} registers each WikiSessionwith the {@link org.apache.wiki.auth.authorize.GroupManager}so it can catch group events. Thus, when a user is added to a {@link org.apache.wiki.auth.authorize.Group}, a corresponding {@link org.apache.wiki.auth.GroupPrincipal} is injected intothe Subject's Principal set. Likewise, when the user is removed from the Group or the Group is deleted, the GroupPrincipal is removed from the Subject. The effect that this strategy produces is extremely beneficial: when someone adds a user to a wiki group, that user immediately gains the privileges associated with that group; he or she does not need to re-authenticate.

In addition to methods for examining individual WikiSession objects, this class also contains a number of static methods for managing WikiSessions for an entire wiki. These methods allow callers to find, query and remove WikiSession objects, and to obtain a list of the current wiki session users.

WikiSession encloses a protected static class, {@link SessionMonitor}, to keep track of WikiSessions registered with each wiki.

        Attachment p = (Attachment) m_engine.getPage( "Test/test1.txt" );
        Permission view = PermissionFactory.getPagePermission( p, "view" );
        Permission edit = PermissionFactory.getPagePermission( p, "edit" );


        // Create authenticated session with user 'Alice', who can read & edit (in ACL)
        WikiSession session;
        session = WikiSessionTest.authenticatedSession( m_engine, Users.ALICE, Users.ALICE_PASS );
        assertTrue( "Alice view Test/test1.txt", m_auth.checkPermission( session, view ) );
        assertTrue( "Alice edit Test/test1.txt", m_auth.checkPermission( session, edit ) );


        // Create authenticated session with user 'Bob', who can't read or edit (not in ACL)

View Full Code Here

        Attachment p = (Attachment) m_engine.getPage( "Test/test1.txt" );
        Permission view = PermissionFactory.getPagePermission( p, "view" );
        Permission edit = PermissionFactory.getPagePermission( p, "edit" );


        // Create session with user 'Alice', who can read (in ACL)
        WikiSession session;
        session = WikiSessionTest.authenticatedSession( m_engine, Users.ALICE, Users.ALICE_PASS );
        assertTrue( "Foo view Test", m_auth.checkPermission( session, view ) );
        assertFalse( "Foo !edit Test", m_auth.checkPermission( session, edit ) );


        // Create session with user 'Bob', who can't read or edit (not in ACL)

View Full Code Here

        Principal alice = new WikiPrincipal( Users.ALICE );
        Role it = new Role( "IT" );
        Role finance = new Role( "Finance" );


        // Create Group1 with Alice in it, Group2 without
        WikiSession session = WikiSessionTest.adminSession( m_engine );
        Group g1 = m_groupMgr.parseGroup( "Group1", "Alice", true );
        m_groupMgr.setGroup( session, g1 );
        Principal group1 = g1.getPrincipal();
        Group g2 = m_groupMgr.parseGroup( "Group2", "Bob", true );
        m_groupMgr.setGroup( session, g2 );

View Full Code Here

        Principal alice = new WikiPrincipal( Users.ALICE );
        Role it = new Role( "IT" );
        Role finance = new Role( "Finance" );


        // Create Group1 with Alice in it, Group2 without
        WikiSession session = WikiSessionTest.adminSession( m_engine );
        Group g1 = m_groupMgr.parseGroup( "Group1", "Alice", true );
        m_groupMgr.setGroup( session, g1 );
        Principal group1 = g1.getPrincipal();
        Group g2 = m_groupMgr.parseGroup( "Group2", "Bob", true );
        m_groupMgr.setGroup( session, g2 );

View Full Code Here

        WikiPage p = m_engine.getPage( "Test" );
        Permission view = PermissionFactory.getPagePermission( p, "view" );
        Permission edit = PermissionFactory.getPagePermission( p, "edit" );


        // Create session with authenticated user 'Alice', who can read & edit (in ACL)
        WikiSession session;
        session = WikiSessionTest.authenticatedSession( m_engine, Users.ALICE, Users.ALICE_PASS );
        assertTrue( "Alice view Test", m_auth.checkPermission( session, view ) );
        assertTrue( "Alice edit Test", m_auth.checkPermission( session, edit ) );


        // Create session with authenticated user 'Bob', who can't read or edit (not in ACL)

View Full Code Here

        WikiPage p = m_engine.getPage( "Test" );
        Permission view = PermissionFactory.getPagePermission( p, "view" );
        Permission edit = PermissionFactory.getPagePermission( p, "edit" );


        // Create session with authenticated user 'Alice', who can read & edit
        WikiSession session;
        session = WikiSessionTest.authenticatedSession( m_engine, Users.ALICE, Users.ALICE_PASS );
        assertTrue( "Alice view Test", m_auth.checkPermission( session, view ) );
        assertTrue( "Alice edit Test", m_auth.checkPermission( session, edit ) );


        // Create session with asserted user 'Bob', who can't read or edit (not in ACL)

View Full Code Here

        }
    }


    public void testStaticPermission() throws Exception
    {
        WikiSession s = WikiSessionTest.anonymousSession( m_engine );
        assertTrue( "Anonymous view", m_auth.checkStaticPermission( s, PagePermission.VIEW ) );
        assertTrue( "Anonymous edit", m_auth.checkStaticPermission( s, PagePermission.EDIT ) );
        assertTrue( "Anonymous comment", m_auth.checkStaticPermission( s, PagePermission.COMMENT ) );
        assertFalse( "Anonymous modify", m_auth.checkStaticPermission( s, PagePermission.MODIFY ) );
        assertFalse( "Anonymous upload", m_auth.checkStaticPermission( s, PagePermission.UPLOAD ) );

View Full Code Here

       throws Exception
    {
        m_engine.saveText( "TestDefaultPage", "Foo [{ALLOW view FooBar}]" );
        
        Principal admin = new GroupPrincipal( "Admin" );
        WikiSession session = WikiSessionTest.containerAuthenticatedSession(
                m_engine,
                Users.ALICE,
                new Principal[] { admin } );


        assertTrue( "Alice has AllPermission", m_auth.checkPermission( session,

View Full Code Here


    public void testAdminView2() throws Exception 
    {
        m_engine.saveText( "TestDefaultPage", "Foo [{ALLOW view FooBar}]" );
     
        WikiSession session = WikiSessionTest.adminSession(m_engine);


        assertTrue( "Alice has AllPermission", m_auth.checkPermission( session, 
                                                                       new AllPermission( m_engine.getApplicationName() )));
        assertTrue( "Alice cannot read", m_auth.checkPermission( session, 
                                                                 new PagePermission("TestDefaultPage","view") ) );

View Full Code Here

        m_engine = new TestEngine( props );
        m_auth = m_engine.getAuthorizationManager();
        m_groupMgr = m_engine.getGroupManager();
        m_session = WikiSessionTest.adminSession( m_engine );
        
        WikiSession s = WikiSessionTest.anonymousSession( m_engine );
        assertFalse( "Anonymous view", m_auth.checkStaticPermission( s, PagePermission.VIEW ) );
        assertFalse( "Anonymous edit", m_auth.checkStaticPermission( s, PagePermission.EDIT ) );
        assertFalse( "Anonymous comment", m_auth.checkStaticPermission( s, PagePermission.COMMENT ) );
        assertFalse( "Anonymous modify", m_auth.checkStaticPermission( s, PagePermission.MODIFY ) );
        assertFalse( "Anonymous upload", m_auth.checkStaticPermission( s, PagePermission.UPLOAD ) );

View Full Code Here

0 1 2 3 4 5 6

TOP

Related Classes of org.apache.wiki.WikiSession

org.apache.wiki.attachment.AttachmentServlet

org.apache.wiki.auth.AuthenticationManager

org.apache.wiki.auth.AuthenticationManagerTest

org.apache.wiki.auth.AuthorizationManagerTest

org.apache.wiki.auth.authorize.Group

org.apache.wiki.auth.authorize.GroupManager

org.apache.wiki.auth.GroupManagerTest

org.apache.wiki.auth.SessionMonitor

org.apache.wiki.auth.user.UserDatabase

org.apache.wiki.auth.user.UserProfile

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.