zhouxy108/wisemapping-open-source
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

- Migrate to Spring 3.1

Browse Source 
- Remove Acegy
- Fix editor partially
This commit is contained in:
Paulo Gustavo Veiga
2012-02-12 02:55:42 -03:00
parent 2287825292
commit 5fd6ba30f5
36 changed files with 2154 additions and 2402 deletions
Download Patch File Download Diff File Expand all files Collapse all files

284
wise-webapp/src/main/java/com/wisemapping/dao/UserManagerImpl.java
View File

@@ -1,142 +1,142 @@
/*
* Copyright [2011] [wisemapping]
*
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
* It is basically the Apache License, Version 2.0 (the "License") plus the
* "powered by wisemapping" text requirement on every single page;
* you may not use this file except in compliance with the License.
* You may obtain a copy of the license at
*
* http://www.wisemapping.org/license
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.wisemapping.dao;
import com.wisemapping.model.Colaborator;
import com.wisemapping.model.MindmapUser;
import com.wisemapping.model.User;
import com.wisemapping.model.UserLogin;
import org.springframework.orm.hibernate3.support.HibernateDaoSupport;
import org.acegisecurity.providers.encoding.PasswordEncoder;
import java.util.List;
import java.util.Set;
public class UserManagerImpl
extends HibernateDaoSupport
implements UserManager {
private PasswordEncoder passwordEncoder;
public void setPasswordEncoder(PasswordEncoder passwordEncoder)
{
this.passwordEncoder = passwordEncoder;
}
public List<User> getAllUsers() {
return getHibernateTemplate().find("from com.wisemapping.model.User user");
}
public User getUserBy(final String email) {
final User user;
final List users = getHibernateTemplate().find("from com.wisemapping.model.User colaborator where email=?", email);
if (users != null && !users.isEmpty()) {
assert users.size() == 1 : "More than one user with the same email!";
user = (User) users.get(0);
} else {
user = null;
}
return user;
}
public Colaborator getColaboratorBy(final String email) {
final Colaborator cola;
final List cols = getHibernateTemplate().find("from com.wisemapping.model.Colaborator colaborator where email=?", email);
if (cols != null && !cols.isEmpty()) {
assert cols.size() == 1 : "More than one colaborator with the same email!";
cola = (Colaborator) cols.get(0);
} else {
cola = null;
}
return cola;
}
public User getUserBy(long id)
{
return (User)getHibernateTemplate().get(User.class,id);
}
public User getUserByUsername(String username) {
final User user;
final List users = getHibernateTemplate().find("from com.wisemapping.model.User colaborator where username=?", username);
if (users != null && !users.isEmpty()) {
assert users.size() == 1 : "More than one user with the same username!";
user = (User) users.get(0);
} else {
user = null;
}
return user;
}
public boolean authenticate(final String email, final String password) {
final boolean result;
final User user = getUserBy(email);
result = user != null && user.getPassword().equals(password);
return result;
}
public void createUser(User user) {
assert user != null : "Trying to store a null user";
user.setPassword(passwordEncoder.encodePassword(user.getPassword(),null));
getHibernateTemplate().saveOrUpdate(user);
}
public User createUser(User user, Colaborator col)
{
user.setPassword(passwordEncoder.encodePassword(user.getPassword(),null));
assert user != null : "Trying to store a null user";
final Set<MindmapUser> set = col.getMindmapUsers();
for (MindmapUser mindmapUser : set) {
MindmapUser newMapUser = new MindmapUser();
newMapUser.setRoleId(mindmapUser.getRole().ordinal());
newMapUser.setMindMap(mindmapUser.getMindMap());
newMapUser.setColaborator(user);
user.addMindmapUser(newMapUser);
}
getHibernateTemplate().delete(col);
getHibernateTemplate().flush();
getHibernateTemplate().saveOrUpdate(user);
return user;
}
public void auditLogin(UserLogin userLogin) {
assert userLogin != null : "userLogin is null";
getHibernateTemplate().save(userLogin);
}
public void updateUser(User user) {
assert user != null : "user is null";
user.setPassword(passwordEncoder.encodePassword(user.getPassword(),null));
getHibernateTemplate().update(user);
}
public User getUserByActivationCode(long code) {
final User user;
final List users = getHibernateTemplate().find("from com.wisemapping.model.User user where activationCode=?", code);
if (users != null && !users.isEmpty()) {
assert users.size() == 1 : "More than one user with the same username!";
user = (User) users.get(0);
} else {
user = null;
}
return user;
}
}
/*
* Copyright [2011] [wisemapping]
*
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
* It is basically the Apache License, Version 2.0 (the "License") plus the
* "powered by wisemapping" text requirement on every single page;
* you may not use this file except in compliance with the License.
* You may obtain a copy of the license at
*
* http://www.wisemapping.org/license
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.wisemapping.dao;
import com.wisemapping.model.Colaborator;
import com.wisemapping.model.MindmapUser;
import com.wisemapping.model.User;
import com.wisemapping.model.UserLogin;
import org.springframework.orm.hibernate3.support.HibernateDaoSupport;
//import org.acegisecurity.providers.encoding.PasswordEncoder;
import java.util.List;
import java.util.Set;
public class UserManagerImpl
extends HibernateDaoSupport
implements UserManager {
// private PasswordEncoder passwordEncoder;
//
// public void setEncoder(PasswordEncoder passwordEncoder)
// {
// this.passwordEncoder = passwordEncoder;
// }
public List<User> getAllUsers() {
return getHibernateTemplate().find("from com.wisemapping.model.User user");
}
public User getUserBy(final String email) {
final User user;
final List users = getHibernateTemplate().find("from com.wisemapping.model.User colaborator where email=?", email);
if (users != null && !users.isEmpty()) {
assert users.size() == 1 : "More than one user with the same email!";
user = (User) users.get(0);
} else {
user = null;
}
return user;
}
public Colaborator getColaboratorBy(final String email) {
final Colaborator cola;
final List cols = getHibernateTemplate().find("from com.wisemapping.model.Colaborator colaborator where email=?", email);
if (cols != null && !cols.isEmpty()) {
assert cols.size() == 1 : "More than one colaborator with the same email!";
cola = (Colaborator) cols.get(0);
} else {
cola = null;
}
return cola;
}
public User getUserBy(long id)
{
return (User)getHibernateTemplate().get(User.class,id);
}
public User getUserByUsername(String username) {
final User user;
final List users = getHibernateTemplate().find("from com.wisemapping.model.User colaborator where username=?", username);
if (users != null && !users.isEmpty()) {
assert users.size() == 1 : "More than one user with the same username!";
user = (User) users.get(0);
} else {
user = null;
}
return user;
}
public boolean authenticate(final String email, final String password) {
final boolean result;
final User user = getUserBy(email);
result = user != null && user.getPassword().equals(password);
return result;
}
public void createUser(User user) {
assert user != null : "Trying to store a null user";
// user.setPassword(passwordEncoder.encodePassword(user.getPassword(),null));
getHibernateTemplate().saveOrUpdate(user);
}
public User createUser(User user, Colaborator col)
{
// user.setPassword(passwordEncoder.encodePassword(user.getPassword(),null));
assert user != null : "Trying to store a null user";
final Set<MindmapUser> set = col.getMindmapUsers();
for (MindmapUser mindmapUser : set) {
MindmapUser newMapUser = new MindmapUser();
newMapUser.setRoleId(mindmapUser.getRole().ordinal());
newMapUser.setMindMap(mindmapUser.getMindMap());
newMapUser.setColaborator(user);
user.addMindmapUser(newMapUser);
}
getHibernateTemplate().delete(col);
getHibernateTemplate().flush();
getHibernateTemplate().saveOrUpdate(user);
return user;
}
public void auditLogin(UserLogin userLogin) {
assert userLogin != null : "userLogin is null";
getHibernateTemplate().save(userLogin);
}
public void updateUser(User user) {
assert user != null : "user is null";
// user.setPassword(passwordEncoder.encodePassword(user.getPassword(),null));
getHibernateTemplate().update(user);
}
public User getUserByActivationCode(long code) {
final User user;
final List users = getHibernateTemplate().find("from com.wisemapping.model.User user where activationCode=?", code);
if (users != null && !users.isEmpty()) {
assert users.size() == 1 : "More than one user with the same username!";
user = (User) users.get(0);
} else {
user = null;
}
return user;
}
}

282
wise-webapp/src/main/java/com/wisemapping/model/User.java
View File

@@ -1,140 +1,142 @@
/*
* Copyright [2011] [wisemapping]
*
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
* It is basically the Apache License, Version 2.0 (the "License") plus the
* "powered by wisemapping" text requirement on every single page;
* you may not use this file except in compliance with the License.
* You may obtain a copy of the license at
*
* http://www.wisemapping.org/license
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.wisemapping.model;
import java.io.Serializable;
import java.util.*;
public class User
extends Colaborator
implements Serializable
{
private String firstname;
private String lastname;
private String password;
private long activationCode;
private Calendar activationDate;
private String username;
private Set<String> tags = new HashSet<String>();
private boolean allowSendEmail = false;
public User() {
}
public void setTags(Set<String> tags)
{
this.tags = tags;
}
public Set<String> getTags()
{
return tags;
}
public String getFirstname() {
return firstname;
}
public void setFirstname(String firstname) {
this.firstname = firstname;
}
public String getLastname() {
return lastname;
}
public void setLastname(String lastname) {
this.lastname = lastname;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public boolean isActive() {
return activationDate != null;
}
public void setActivationCode(long code) {
this.activationCode = code;
}
public long getActivationCode() {
return activationCode;
}
public void setActivationDate(Calendar date) {
this.activationDate = date;
}
public Calendar getActivationDate() {
return activationDate;
}
public boolean isAllowSendEmail()
{
return allowSendEmail;
}
public void setAllowSendEmail(boolean allowSendEmail)
{
this.allowSendEmail = allowSendEmail;
}
public boolean getAllowSendEmail()
{
return allowSendEmail;
}
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
final User user = (User) o;
if (!getEmail().equals(user.getEmail())) return false;
if (firstname != null ? !firstname.equals(user.firstname) : user.firstname != null) return false;
if (lastname != null ? !lastname.equals(user.lastname) : user.lastname != null) return false;
if (password != null ? !password.equals(user.password) : user.password != null) return false;
return true;
}
public int hashCode() {
int result;
result = (firstname != null ? firstname.hashCode() : 0);
result = 29 * result + (lastname != null ? lastname.hashCode() : 0);
result = 29 * result + (password != null ? password.hashCode() : 0);
result = 29 * result + getEmail().hashCode();
return result;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
}
/*
* Copyright [2011] [wisemapping]
*
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
* It is basically the Apache License, Version 2.0 (the "License") plus the
* "powered by wisemapping" text requirement on every single page;
* you may not use this file except in compliance with the License.
* You may obtain a copy of the license at
*
* http://www.wisemapping.org/license
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.wisemapping.model;
import javax.xml.bind.annotation.XmlRootElement;
import java.io.Serializable;
import java.util.*;
@XmlRootElement(name="user")
public class User
extends Colaborator
implements Serializable
{
private String firstname;
private String lastname;
private String password;
private long activationCode;
private Calendar activationDate;
private String username;
private Set<String> tags = new HashSet<String>();
private boolean allowSendEmail = false;
public User() {
}
public void setTags(Set<String> tags)
{
this.tags = tags;
}
public Set<String> getTags()
{
return tags;
}
public String getFirstname() {
return firstname;
}
public void setFirstname(String firstname) {
this.firstname = firstname;
}
public String getLastname() {
return lastname;
}
public void setLastname(String lastname) {
this.lastname = lastname;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public boolean isActive() {
return activationDate != null;
}
public void setActivationCode(long code) {
this.activationCode = code;
}
public long getActivationCode() {
return activationCode;
}
public void setActivationDate(Calendar date) {
this.activationDate = date;
}
public Calendar getActivationDate() {
return activationDate;
}
public boolean isAllowSendEmail()
{
return allowSendEmail;
}
public void setAllowSendEmail(boolean allowSendEmail)
{
this.allowSendEmail = allowSendEmail;
}
public boolean getAllowSendEmail()
{
return allowSendEmail;
}
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
final User user = (User) o;
if (!getEmail().equals(user.getEmail())) return false;
if (firstname != null ? !firstname.equals(user.firstname) : user.firstname != null) return false;
if (lastname != null ? !lastname.equals(user.lastname) : user.lastname != null) return false;
if (password != null ? !password.equals(user.password) : user.password != null) return false;
return true;
}
public int hashCode() {
int result;
result = (firstname != null ? firstname.hashCode() : 0);
result = 29 * result + (lastname != null ? lastname.hashCode() : 0);
result = 29 * result + (password != null ? password.hashCode() : 0);
result = 29 * result + getEmail().hashCode();
return result;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
}

30
wise-webapp/src/main/java/com/wisemapping/rest/UserController.java Normal file
View File

@@ -0,0 +1,30 @@
package com.wisemapping.rest;
import com.wisemapping.model.User;
import org.jetbrains.annotations.NotNull;
import org.springframework.oxm.jaxb.Jaxb2Marshaller;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;
@Controller
public class UserController {
private Jaxb2Marshaller jaxb2Mashaller;
public void setJaxb2Mashaller(@NotNull final Jaxb2Marshaller jaxb2Mashaller) {
this.jaxb2Mashaller = jaxb2Mashaller;
}
private static final String XML_VIEW_NAME = "users";
@RequestMapping(method = RequestMethod.GET, value = "/employee/{id}")
public ModelAndView getEmployee(@PathVariable String id) {
User user = new User();
return new ModelAndView(XML_VIEW_NAME, "object", user);
}
}

30
wise-webapp/src/main/java/com/wisemapping/security/AuthenticationHandler.java
View File

@@ -1,30 +0,0 @@
/*
* Copyright [2011] [wisemapping]
*
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
* It is basically the Apache License, Version 2.0 (the "License") plus the
* "powered by wisemapping" text requirement on every single page;
* you may not use this file except in compliance with the License.
* You may obtain a copy of the license at
*
* http://www.wisemapping.org/license
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.wisemapping.security;
import org.acegisecurity.AuthenticationException;
import javax.servlet.http.HttpServletRequest;
public interface AuthenticationHandler
{
AuthenticationToken getAuthenticationToken(HttpServletRequest request) throws AuthenticationException;
}

48
wise-webapp/src/main/java/com/wisemapping/security/AuthenticationProvider.java Normal file
View File

@@ -0,0 +1,48 @@
package com.wisemapping.security;
import com.wisemapping.dao.UserManager;
import com.wisemapping.model.User;
import org.jetbrains.annotations.NotNull;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.encoding.PasswordEncoder;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
public class AuthenticationProvider implements org.springframework.security.authentication.AuthenticationProvider {
private UserManager userManager;
private PasswordEncoder encoder;
@Override
public Authentication authenticate(@NotNull final Authentication auth) throws AuthenticationException {
// All your user authentication needs
final String email = auth.getName();
final User user = userManager.getUserBy(email);
final String credentials = (String) auth.getCredentials();
if (user == null || credentials == null || !encoder.isPasswordValid(user.getPassword(), credentials, null)) {
throw new BadCredentialsException("Username/Password does not match for " + auth.getPrincipal());
}
final UserDetails userDetails = new UserDetails(user);
return new UsernamePasswordAuthenticationToken(userDetails, credentials, userDetails.getAuthorities());
}
@Override
public boolean supports(final Class<? extends Object> authentication) {
return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication));
}
public void setEncoder(@NotNull PasswordEncoder encoder) {
this.encoder = encoder;
}
public void setUserManager(UserManager userManager) {
this.userManager = userManager;
}
}

41
wise-webapp/src/main/java/com/wisemapping/security/AuthenticationToken.java
View File

@@ -1,41 +0,0 @@
/*
* Copyright [2011] [wisemapping]
*
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
* It is basically the Apache License, Version 2.0 (the "License") plus the
* "powered by wisemapping" text requirement on every single page;
* you may not use this file except in compliance with the License.
* You may obtain a copy of the license at
*
* http://www.wisemapping.org/license
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.wisemapping.security;
public class AuthenticationToken
{
private String username;
private String password;
public AuthenticationToken(String username,String password)
{
this.username = username;
this.password = password;
}
public String getUsername()
{
return username;
}
public String getPassword()
{
return password;
}
}

116
wise-webapp/src/main/java/com/wisemapping/security/CustomPasswordEncoder.java
View File

@@ -1,59 +1,57 @@
/*
* Copyright [2011] [wisemapping]
*
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
* It is basically the Apache License, Version 2.0 (the "License") plus the
* "powered by wisemapping" text requirement on every single page;
* you may not use this file except in compliance with the License.
* You may obtain a copy of the license at
*
* http://www.wisemapping.org/license
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.wisemapping.security;
import org.acegisecurity.providers.encoding.PasswordEncoder;
import org.springframework.dao.DataAccessException;
public class CustomPasswordEncoder
implements PasswordEncoder
{
private PasswordEncoder delegateEncoder;
private static final String ENC_PREFIX = "ENC:";
public void setDelegatedEncoder(PasswordEncoder delegateEncoder)
{
this.delegateEncoder = delegateEncoder;
}
public String encodePassword(String rawPass, Object salt) throws DataAccessException {
String password = rawPass;
if (!rawPass.startsWith(ENC_PREFIX))
{
password = ENC_PREFIX + delegateEncoder.encodePassword(rawPass,salt);
}
return password;
}
public boolean isPasswordValid(String encPass, String rawPass, Object salt) throws DataAccessException {
String pass1 = "" + encPass;
String pass2 = rawPass;
if (pass1.startsWith(ENC_PREFIX))
{
pass2 = encodePassword(rawPass, salt);
}
return pass1.equals(pass2);
}
}
/*
* Copyright [2011] [wisemapping]
*
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
* It is basically the Apache License, Version 2.0 (the "License") plus the
* "powered by wisemapping" text requirement on every single page;
* you may not use this file except in compliance with the License.
* You may obtain a copy of the license at
*
* http://www.wisemapping.org/license
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.wisemapping.security;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.springframework.dao.DataAccessException;
import org.springframework.security.authentication.encoding.PasswordEncoder;
import org.springframework.security.authentication.encoding.ShaPasswordEncoder;
public class CustomPasswordEncoder
implements PasswordEncoder
{
private PasswordEncoder delegateEncoder = new ShaPasswordEncoder();
private static final String ENC_PREFIX = "ENC:";
public String encodePassword(@NotNull String rawPass, @Nullable Object salt) throws DataAccessException {
String password = rawPass;
if (!rawPass.startsWith(ENC_PREFIX))
{
password = ENC_PREFIX + delegateEncoder.encodePassword(rawPass,salt);
}
return password;
}
public boolean isPasswordValid(@NotNull String encPass, @NotNull String rawPass, Object salt) throws DataAccessException {
String pass1 = "" + encPass;
String pass2 = rawPass;
if (pass1.startsWith(ENC_PREFIX))
{
pass2 = encodePassword(rawPass, salt);
}
return pass1.equals(pass2);
}
}

40
wise-webapp/src/main/java/com/wisemapping/security/CustomTokenBasedRememberMeServices.java
View File

@@ -1,40 +0,0 @@
/*
* Copyright [2011] [wisemapping]
*
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
* It is basically the Apache License, Version 2.0 (the "License") plus the
* "powered by wisemapping" text requirement on every single page;
* you may not use this file except in compliance with the License.
* You may obtain a copy of the license at
*
* http://www.wisemapping.org/license
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.wisemapping.security;
import org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices;
import org.acegisecurity.Authentication;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class CustomTokenBasedRememberMeServices extends
TokenBasedRememberMeServices {
public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication)
{
if(authentication!=null)
super.logout(request, response, authentication);
else
{
logger.debug("Session Already Expired. Authentication is null");
response.addCookie(makeCancelCookie(request));
}
}
}

102
wise-webapp/src/main/java/com/wisemapping/security/DatabaseUserDetailService.java
View File

@@ -1,52 +1,50 @@
/*
* Copyright [2011] [wisemapping]
*
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
* It is basically the Apache License, Version 2.0 (the "License") plus the
* "powered by wisemapping" text requirement on every single page;
* you may not use this file except in compliance with the License.
* You may obtain a copy of the license at
*
* http://www.wisemapping.org/license
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.wisemapping.security;
import com.wisemapping.dao.UserManager;
import org.acegisecurity.userdetails.UserDetailsService;
import org.acegisecurity.userdetails.UsernameNotFoundException;
import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.providers.encoding.PasswordEncoder;
import org.acegisecurity.providers.encoding.Md5PasswordEncoder;
import org.acegisecurity.providers.dao.SaltSource;
import org.springframework.dao.DataAccessException;
public class DatabaseUserDetailService
implements UserDetailsService {
private UserManager userManager;
public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException, DataAccessException {
final com.wisemapping.model.User model = userManager.getUserBy(email);
if (model != null) {
return new User(model);
} else {
throw new UsernameNotFoundException(email);
}
}
public UserManager getUserManager() {
return userManager;
}
public void setUserManager(UserManager userManager) {
this.userManager = userManager;
}
}
/*
* Copyright [2011] [wisemapping]
*
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
* It is basically the Apache License, Version 2.0 (the "License") plus the
* "powered by wisemapping" text requirement on every single page;
* you may not use this file except in compliance with the License.
* You may obtain a copy of the license at
*
* http://www.wisemapping.org/license
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.wisemapping.security;
import com.wisemapping.dao.UserManager;
import org.jetbrains.annotations.NotNull;
import org.springframework.dao.DataAccessException;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
public class DatabaseUserDetailService
implements UserDetailsService {
private UserManager userManager;
@Override
public UserDetails loadUserByUsername(@NotNull String email) throws UsernameNotFoundException, DataAccessException {
final com.wisemapping.model.User model = userManager.getUserBy(email);
if (model != null) {
return new UserDetails(model);
} else {
throw new UsernameNotFoundException(email);
}
}
public UserManager getUserManager() {
return userManager;
}
public void setUserManager(UserManager userManager) {
this.userManager = userManager;
}
}

43
wise-webapp/src/main/java/com/wisemapping/security/DefaultAuthenticationHandler.java
View File

@@ -1,43 +0,0 @@
/*
* Copyright [2011] [wisemapping]
*
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
* It is basically the Apache License, Version 2.0 (the "License") plus the
* "powered by wisemapping" text requirement on every single page;
* you may not use this file except in compliance with the License.
* You may obtain a copy of the license at
*
* http://www.wisemapping.org/license
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.wisemapping.security;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.ui.webapp.AuthenticationProcessingFilter;
import javax.servlet.http.HttpServletRequest;
public class DefaultAuthenticationHandler
implements AuthenticationHandler
{
public AuthenticationToken getAuthenticationToken(HttpServletRequest request)
throws AuthenticationException
{
String username = request.getParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY);
String password = request.getParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY);
if (username == null) {
username = "";
}
if (password == null) {
password = "";
}
return new AuthenticationToken(username,password);
}
}

67
wise-webapp/src/main/java/com/wisemapping/security/User.java
View File

@@ -1,67 +0,0 @@
/*
* Copyright [2011] [wisemapping]
*
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
* It is basically the Apache License, Version 2.0 (the "License") plus the
* "powered by wisemapping" text requirement on every single page;
* you may not use this file except in compliance with the License.
* You may obtain a copy of the license at
*
* http://www.wisemapping.org/license
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.wisemapping.security;
import org.acegisecurity.userdetails.UserDetails;
import org.acegisecurity.GrantedAuthority;
import org.acegisecurity.GrantedAuthorityImpl;
public class User implements UserDetails {
private com.wisemapping.model.User model;
public User(com.wisemapping.model.User model) {
this.model = model;
}
public GrantedAuthority[] getAuthorities() {
return new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_USER")};
}
public String getPassword() {
return model.getPassword();
}
public String getUsername() {
return model.getEmail();
}
public boolean isAccountNonExpired() {
return true;
}
public boolean isAccountNonLocked() {
return this.model.isActive();
}
public boolean isCredentialsNonExpired() {
return true;
}
public boolean isEnabled() {
return this.model.isActive();
}
public com.wisemapping.model.User getModel() {
return model;
}
public String getDisplayName() {
return model.getFirstname();
}
}

77
wise-webapp/src/main/java/com/wisemapping/security/UserDetails.java Normal file
View File

@@ -0,0 +1,77 @@
/*
* Copyright [2011] [wisemapping]
*
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
* It is basically the Apache License, Version 2.0 (the "License") plus the
* "powered by wisemapping" text requirement on every single page;
* you may not use this file except in compliance with the License.
* You may obtain a copy of the license at
*
* http://www.wisemapping.org/license
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.wisemapping.security;
import com.wisemapping.model.User;
import org.jetbrains.annotations.NotNull;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import java.util.ArrayList;
import java.util.Collection;
public class UserDetails implements org.springframework.security.core.userdetails.UserDetails {
private com.wisemapping.model.User user;
public UserDetails(@NotNull final com.wisemapping.model.User user) {
this.user = user;
}
public Collection<? extends GrantedAuthority> getAuthorities() {
final SimpleGrantedAuthority role_user = new SimpleGrantedAuthority("ROLE_USER");
final Collection<GrantedAuthority> result = new ArrayList<GrantedAuthority>();
result.add(role_user);
return result;
}
@Override
public String getPassword() {
return user.getPassword();
}
@Override
public String getUsername() {
return user.getEmail();
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return this.user.isActive();
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return this.user.isActive();
}
public User getUser() {
return user;
}
}

114
wise-webapp/src/main/java/com/wisemapping/security/Utils.java
View File

@@ -1,58 +1,56 @@
/*
* Copyright [2011] [wisemapping]
*
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
* It is basically the Apache License, Version 2.0 (the "License") plus the
* "powered by wisemapping" text requirement on every single page;
* you may not use this file except in compliance with the License.
* You may obtain a copy of the license at
*
* http://www.wisemapping.org/license
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.wisemapping.security;
import com.wisemapping.model.User;
import javax.servlet.http.HttpServletRequest;
import org.acegisecurity.providers.AbstractAuthenticationToken;
import org.acegisecurity.context.SecurityContextHolder;
import org.acegisecurity.Authentication;
public class Utils {
private Utils() {
}
public static User getUser(final HttpServletRequest request) {
final AbstractAuthenticationToken token = (AbstractAuthenticationToken) request.getUserPrincipal();
User result = null;
if (token != null) {
final com.wisemapping.security.User user = (com.wisemapping.security.User) token.getPrincipal();
result = user.getModel();
}
return result;
}
public static User getUser()
{
User user = null;
final Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth != null && auth.getDetails() != null)
{
final Object principal = auth.getPrincipal();
if (principal != null && principal instanceof com.wisemapping.security.User) {
user = ((com.wisemapping.security.User)principal).getModel();
}
}
return user;
}
}
/*
* Copyright [2011] [wisemapping]
*
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
* It is basically the Apache License, Version 2.0 (the "License") plus the
* "powered by wisemapping" text requirement on every single page;
* you may not use this file except in compliance with the License.
* You may obtain a copy of the license at
*
* http://www.wisemapping.org/license
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.wisemapping.security;
import com.wisemapping.model.User;
import org.jetbrains.annotations.NotNull;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import javax.servlet.http.HttpServletRequest;
final public class Utils {
private Utils() {
}
public static User getUser(@NotNull final HttpServletRequest request) {
final AbstractAuthenticationToken token = (AbstractAuthenticationToken) request.getUserPrincipal();
User result = null;
if (token != null) {
final UserDetails userDetails = (UserDetails) token.getPrincipal();
result = userDetails.getUser();
}
return result;
}
public static User getUser() {
User result = null;
final Authentication auth = SecurityContextHolder.getContext().getAuthentication();
if (auth != null && auth.getDetails() != null)
{
final Object principal = auth.getPrincipal();
if (principal != null && principal instanceof UserDetails) {
result = ((UserDetails)principal).getUser();
}
}
return result;
}
}

66
wise-webapp/src/main/java/com/wisemapping/security/WiseAuthenticationProcessingFilter.java
View File

@@ -1,66 +0,0 @@
/*
* Copyright [2011] [wisemapping]
*
* Licensed under WiseMapping Public License, Version 1.0 (the "License").
* It is basically the Apache License, Version 2.0 (the "License") plus the
* "powered by wisemapping" text requirement on every single page;
* you may not use this file except in compliance with the License.
* You may obtain a copy of the license at
*
* http://www.wisemapping.org/license
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.wisemapping.security;
import org.acegisecurity.Authentication;
import org.acegisecurity.AuthenticationException;
import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
import org.acegisecurity.ui.webapp.AuthenticationProcessingFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class WiseAuthenticationProcessingFilter
extends AuthenticationProcessingFilter
{
public static final String ACEGI_SECURITY_FORM_SSO_ID_KEY = "j_sso_id";
private AuthenticationHandler authenticationHandler;
public void setAuthenticationHandler(AuthenticationHandler ssoAuthenticationHandler)
{
this.authenticationHandler = ssoAuthenticationHandler;
}
@Override
public Authentication attemptAuthentication(HttpServletRequest request)
throws AuthenticationException
{
final AuthenticationToken ssoToken = authenticationHandler.getAuthenticationToken(request);
final UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(ssoToken.getUsername(), ssoToken.getPassword());
// Place the last username attempted into HttpSession for views
request.getSession().setAttribute(ACEGI_SECURITY_LAST_USERNAME_KEY, ssoToken.getUsername());
// Allow subclasses to set the "details" property
setDetails(request, authRequest);
return this.getAuthenticationManager().authenticate(authRequest);
}
@Override
protected void onPreAuthentication(HttpServletRequest request, HttpServletResponse response)
throws AuthenticationException, IOException
{
assert request != null;
}
}