Пример #1
0
 /**
  * Special login method - it cannot be assumed that the database schema is unchanged, so do not
  * use standard methods.
  */
 public static boolean login(String username, String password) throws WikiException {
   WikiVersion oldVersion =
       new WikiVersion(Environment.getValue(Environment.PROP_BASE_WIKI_VERSION));
   if (!oldVersion.before(0, 7, 0)) {
     try {
       return (WikiBase.getDataHandler().authenticate(username, password));
     } catch (DataAccessException e) {
       logger.severe("Unable to authenticate user during upgrade", e);
       throw new WikiException(new WikiMessage("upgrade.error.fatal", e.getMessage()));
     }
   }
   try {
     Connection conn = DatabaseConnection.getConnection();
     WikiPreparedStatement stmt =
         new WikiPreparedStatement(
             "select 1 from jam_wiki_user_info where login = ? and encoded_password = ?");
     if (!StringUtils.isBlank(password)) {
       password = Encryption.encrypt(password);
     }
     stmt.setString(1, username);
     stmt.setString(2, password);
     WikiResultSet rs = stmt.executeQuery(conn);
     return (rs.size() > 0);
   } catch (SQLException e) {
     logger.severe("Database failure while authenticating user", e);
     throw new WikiException(new WikiMessage("upgrade.error.fatal", e.getMessage()));
   }
 }
Пример #2
0
 private void setProperties(HttpServletRequest request, ModelAndView next) throws Exception {
   Environment.setValue(
       Environment.PROP_BASE_FILE_DIR, request.getParameter(Environment.PROP_BASE_FILE_DIR));
   Environment.setValue(
       Environment.PROP_FILE_DIR_FULL_PATH,
       request.getParameter(Environment.PROP_FILE_DIR_FULL_PATH));
   Environment.setValue(
       Environment.PROP_FILE_DIR_RELATIVE_PATH,
       request.getParameter(Environment.PROP_FILE_DIR_RELATIVE_PATH));
   Environment.setValue(
       Environment.PROP_BASE_PERSISTENCE_TYPE,
       request.getParameter(Environment.PROP_BASE_PERSISTENCE_TYPE));
   if (Environment.getValue(Environment.PROP_BASE_PERSISTENCE_TYPE)
       .equals(WikiBase.PERSISTENCE_EXTERNAL)) {
     Environment.setValue(
         Environment.PROP_DB_DRIVER, request.getParameter(Environment.PROP_DB_DRIVER));
     Environment.setValue(
         Environment.PROP_DB_TYPE, request.getParameter(Environment.PROP_DB_TYPE));
     Environment.setValue(Environment.PROP_DB_URL, request.getParameter(Environment.PROP_DB_URL));
     Environment.setValue(
         Environment.PROP_DB_USERNAME, request.getParameter(Environment.PROP_DB_USERNAME));
     Encryption.setEncryptedProperty(
         Environment.PROP_DB_PASSWORD, request.getParameter(Environment.PROP_DB_PASSWORD), null);
     next.addObject("dbPassword", request.getParameter(Environment.PROP_DB_PASSWORD));
   } else {
     WikiDatabase.setupDefaultDatabase(Environment.getInstance());
   }
   Environment.setValue(Environment.PROP_FILE_SERVER_URL, Utilities.getServerUrl(request));
   Environment.setValue(Environment.PROP_SERVER_URL, Utilities.getServerUrl(request));
 }
Пример #3
0
 protected PasswordAuthentication getPasswordAuthentication() {
   PasswordAuthentication passwordAuthentication =
       new PasswordAuthentication(
           Environment.getValue(Environment.PROP_EMAIL_SMTP_USERNAME),
           Encryption.getEncryptedProperty(Environment.PROP_EMAIL_SMTP_PASSWORD, null));
   if (logger.isDebugEnabled()) {
     logger.debug("Authenticating with: " + passwordAuthentication);
   }
   return passwordAuthentication;
 }
Пример #4
0
 private boolean previousInstall() {
   String driver = Environment.getValue(Environment.PROP_DB_DRIVER);
   String url = Environment.getValue(Environment.PROP_DB_URL);
   String userName = Environment.getValue(Environment.PROP_DB_USERNAME);
   String password = Encryption.getEncryptedProperty(Environment.PROP_DB_PASSWORD, null);
   try {
     DatabaseConnection.testDatabase(driver, url, userName, password, true);
   } catch (Exception e) {
     // no previous database, all good
     return false;
   }
   return true;
 }
Пример #5
0
 private static void setPassword(
     Properties props,
     HttpServletRequest request,
     ModelAndView next,
     String parameter,
     String passwordParam)
     throws Exception {
   if (StringUtils.hasText(request.getParameter(parameter))) {
     String value = request.getParameter(parameter);
     Encryption.setEncryptedProperty(parameter, value, props);
     next.addObject(passwordParam, request.getParameter(parameter));
   } else {
     props.setProperty(parameter, Environment.getValue(parameter));
   }
 }
Пример #6
0
 // FIXME - shouldn't need to pass in response
 private boolean register(
     HttpServletRequest request,
     HttpServletResponse response,
     ModelAndView next,
     WikiPageInfo pageInfo)
     throws Exception {
   pageInfo.setSpecial(true);
   pageInfo.setAction(WikiPageInfo.ACTION_REGISTER);
   pageInfo.setPageTitle(new WikiMessage("register.title"));
   String virtualWikiName = JAMWikiServlet.getVirtualWikiFromURI(request);
   WikiUser user = new WikiUser();
   String userIdString = request.getParameter("userId");
   if (StringUtils.hasText(userIdString)) {
     int userId = new Integer(userIdString).intValue();
     if (userId > 0) user = WikiBase.getHandler().lookupWikiUser(userId);
   }
   user.setLogin(request.getParameter("login"));
   user.setDisplayName(request.getParameter("displayName"));
   user.setEmail(request.getParameter("email"));
   String newPassword = request.getParameter("newPassword");
   if (StringUtils.hasText(newPassword)) {
     user.setEncodedPassword(Encryption.encrypt(newPassword));
   }
   // FIXME - need to distinguish between add & update
   user.setCreateIpAddress(request.getRemoteAddr());
   user.setLastLoginIpAddress(request.getRemoteAddr());
   next.addObject("newuser", user);
   Vector errors = validate(request, user);
   if (errors.size() > 0) {
     next.addObject("errors", errors);
     String oldPassword = request.getParameter("oldPassword");
     String confirmPassword = request.getParameter("confirmPassword");
     if (oldPassword != null) next.addObject("oldPassword", oldPassword);
     if (newPassword != null) next.addObject("newPassword", newPassword);
     if (confirmPassword != null) next.addObject("confirmPassword", confirmPassword);
     return false;
   } else {
     WikiBase.getHandler().writeWikiUser(user);
     request.getSession().setAttribute(JAMWikiServlet.PARAMETER_USER, user);
     VirtualWiki virtualWiki = WikiBase.getHandler().lookupVirtualWiki(virtualWikiName);
     String topic = virtualWiki.getDefaultTopicName();
     String redirect =
         LinkUtil.buildInternalLinkUrl(request.getContextPath(), virtualWikiName, topic);
     // FIXME - can a redirect be done with Spring?
     redirect(redirect, response);
     return true;
   }
 }
Пример #7
0
 private boolean initialize(HttpServletRequest request, ModelAndView next, WikiPageInfo pageInfo)
     throws Exception {
   setProperties(request, next);
   WikiUser user = setAdminUser(request);
   List<WikiMessage> errors = validate(request, user);
   if (!errors.isEmpty()) {
     this.view(request, next, pageInfo);
     next.addObject("errors", errors);
     next.addObject("username", user.getUsername());
     next.addObject("newPassword", request.getParameter("newPassword"));
     next.addObject("confirmPassword", request.getParameter("confirmPassword"));
     return false;
   }
   if (previousInstall() && request.getParameter("override") == null) {
     // user is trying to do a new install when a previous installation exists
     next.addObject("upgrade", "true");
     next.addObject("username", user.getUsername());
     next.addObject("newPassword", request.getParameter("newPassword"));
     next.addObject("confirmPassword", request.getParameter("confirmPassword"));
     return false;
   }
   Environment.setBooleanValue(Environment.PROP_BASE_INITIALIZED, true);
   Environment.setValue(Environment.PROP_BASE_WIKI_VERSION, WikiVersion.CURRENT_WIKI_VERSION);
   String username = request.getParameter("username");
   String newPassword = request.getParameter("newPassword");
   String encryptedPassword = Encryption.encrypt(newPassword);
   WikiBase.reset(request.getLocale(), user, username, encryptedPassword);
   JAMWikiAuthenticationConfiguration.resetJamwikiAnonymousAuthorities();
   JAMWikiAuthenticationConfiguration.resetDefaultGroupRoles();
   Environment.saveProperties();
   // the setup process does not add new topics to the index (currently)
   // TODO - remove this once setup uses safe connection handling
   WikiBase.getSearchEngine().refreshIndex();
   // force current user credentials to be removed and re-validated.
   SecurityContextHolder.clearContext();
   return true;
 }
Пример #8
0
 /**
  * Encrypt and set a property value.
  *
  * @param name The name of the encrypted property being retrieved.
  * @value The enencrypted value of the property.
  */
 public static void setEncryptedProperty(String name, String value) throws Exception {
   value = Encryption.encrypt(value);
   Environment.setValue(name, value);
 }
Пример #9
0
 /**
  * If a property value is encrypted, return the unencrypted value.
  *
  * @param name The name of the encrypted property being retrieved.
  * @return The unencrypted value of the property.
  */
 public static String getEncryptedProperty(String name) {
   return Encryption.decrypt(Environment.getValue(name));
 }