📄 wikisession.java
字号:
m_messages.put( topic, messages ); } messages.add( message ); } /** * Clears all messages associated with this session. */ public final void clearMessages() { m_messages.clear(); } /** * Clears all messages associated with a session topic. * @param topic the topic whose messages should be cleared. */ public final void clearMessages( String topic ) { Set<String> messages = m_messages.get( topic ); if ( messages != null ) { m_messages.clear(); } } /** * Returns all generic messages associated with this session. * The messages stored with the session persist throughout the * session unless they have been reset with {@link #clearMessages()}. * @return the current messages. */ public final String[] getMessages() { return getMessages( ALL ); } /** * Returns all messages associated with a session topic. * The messages stored with the session persist throughout the * session unless they have been reset with {@link #clearMessages(String)}. * @return the current messages. * @param topic The topic */ public final String[] getMessages( String topic ) { Set<String> messages = m_messages.get( topic ); if ( messages == null || messages.size() == 0 ) { return new String[0]; } return messages.toArray( new String[messages.size()] ); } /** * Returns all user Principals associated with this session. User principals * are those in the Subject's principal collection that aren't of type Role or * of type GroupPrincipal. This is a defensive copy. * @return Returns the user principal * @see com.ecyrd.jspwiki.auth.AuthenticationManager#isUserPrincipal(Principal) */ public final Principal[] getPrincipals() { ArrayList<Principal> principals = new ArrayList<Principal>(); // Take the first non Role as the main Principal for( Principal principal : m_subject.getPrincipals() ) { if ( AuthenticationManager.isUserPrincipal( principal ) ) { principals.add( principal ); } } return principals.toArray( new Principal[principals.size()] ); } /** * Returns an array of Principal objects that represents the groups and * roles that the user associated with a WikiSession possesses. The array is * built by iterating through the Subject's Principal set and extracting all * Role and GroupPrincipal objects into a list. The list is returned as an * array sorted in the natural order implied by each Principal's * <code>getName</code> method. Note that this method does <em>not</em> * consult the external Authorizer or GroupManager; it relies on the * Principals that have been injected into the user's Subject at login time, * or after group creation/modification/deletion. * @return an array of Principal objects corresponding to the roles the * Subject possesses */ public final Principal[] getRoles() { Set<Principal> roles = new HashSet<Principal>(); // Add all of the Roles possessed by the Subject directly roles.addAll( m_subject.getPrincipals( Role.class ) ); // Add all of the GroupPrincipals possessed by the Subject directly roles.addAll( m_subject.getPrincipals( GroupPrincipal.class ) ); // Return a defensive copy Principal[] roleArray = roles.toArray( new Principal[roles.size()] ); Arrays.sort( roleArray, WikiPrincipal.COMPARATOR ); return roleArray; } /** * Removes the wiki session associated with the user's HTTP request * from the cache of wiki sessions, typically as part of a logout * process. * @param engine the wiki engine * @param request the users's HTTP request */ public static final void removeWikiSession( WikiEngine engine, HttpServletRequest request ) { if ( engine == null || request == null ) { throw new IllegalArgumentException( "Request or engine cannot be null." ); } SessionMonitor monitor = SessionMonitor.getInstance( engine ); monitor.remove( request.getSession() ); } /** * Returns <code>true</code> if the WikiSession's Subject * possess a supplied Principal. This method eliminates the need * to externally request and inspect the JAAS subject. * @param principal the Principal to test * @return the result */ public final boolean hasPrincipal( Principal principal ) { return m_subject.getPrincipals().contains( principal ); } /** * Listens for WikiEvents generated by source objects such as the * GroupManager. This method adds Principals to the private Subject managed * by the WikiSession. * @see com.ecyrd.jspwiki.event.WikiEventListener#actionPerformed(com.ecyrd.jspwiki.event.WikiEvent) * {@inheritDoc} */ public final void actionPerformed( WikiEvent event ) { if ( event instanceof WikiSecurityEvent ) { WikiSecurityEvent e = (WikiSecurityEvent)event; if ( e.getTarget() != null ) { switch (e.getType() ) { case WikiSecurityEvent.GROUP_ADD: { Group group = (Group)e.getTarget(); if ( isInGroup( group ) ) { m_subject.getPrincipals().add( group.getPrincipal() ); } break; } case WikiSecurityEvent.GROUP_REMOVE: { Group group = (Group)e.getTarget(); if ( m_subject.getPrincipals().contains( group.getPrincipal() ) ) { m_subject.getPrincipals().remove( group.getPrincipal() ); } break; } case WikiSecurityEvent.GROUP_CLEAR_GROUPS: { m_subject.getPrincipals().removeAll( m_subject.getPrincipals( GroupPrincipal.class ) ); break; } case WikiSecurityEvent.LOGIN_INITIATED: { // Do nothing } case WikiSecurityEvent.PRINCIPAL_ADD: { WikiSession target = (WikiSession)e.getTarget(); if ( this.equals( target ) && m_status == AUTHENTICATED ) { Set<Principal> principals = m_subject.getPrincipals(); principals.add( (Principal)e.getPrincipal()); } break; } case WikiSecurityEvent.LOGIN_ANONYMOUS: { WikiSession target = (WikiSession)e.getTarget(); if ( this.equals( target ) ) { m_status = ANONYMOUS; // Set the login/user principals and login status Set<Principal> principals = m_subject.getPrincipals(); m_loginPrincipal = (Principal)e.getPrincipal(); m_userPrincipal = m_loginPrincipal; // Add the login principal to the Subject, and set the built-in roles principals.clear(); principals.add( m_loginPrincipal ); principals.add( Role.ALL ); principals.add( Role.ANONYMOUS ); } break; } case WikiSecurityEvent.LOGIN_ASSERTED: { WikiSession target = (WikiSession)e.getTarget(); if ( this.equals( target ) ) { m_status = ASSERTED; // Set the login/user principals and login status Set<Principal> principals = m_subject.getPrincipals(); m_loginPrincipal = (Principal)e.getPrincipal(); m_userPrincipal = m_loginPrincipal; // Add the login principal to the Subject, and set the built-in roles principals.clear(); principals.add( m_loginPrincipal ); principals.add( Role.ALL ); principals.add( Role.ASSERTED ); } break; } case WikiSecurityEvent.LOGIN_AUTHENTICATED: { WikiSession target = (WikiSession)e.getTarget(); if ( this.equals( target ) ) { m_status = AUTHENTICATED; // Set the login/user principals and login status Set<Principal> principals = m_subject.getPrincipals(); m_loginPrincipal = (Principal)e.getPrincipal(); m_userPrincipal = m_loginPrincipal; // Add the login principal to the Subject, and set the built-in roles principals.clear(); principals.add( m_loginPrincipal ); principals.add( Role.ALL ); principals.add( Role.AUTHENTICATED ); // Add the user and group principals injectUserProfilePrincipals(); // Add principals for the user profile injectGroupPrincipals(); // Inject group principals } break; } case WikiSecurityEvent.PROFILE_SAVE: { WikiSession source = (WikiSession)e.getSource(); if ( this.equals( source ) ) { injectUserProfilePrincipals(); // Add principals for the user profile injectGroupPrincipals(); // Inject group principals } break; } case WikiSecurityEvent.PROFILE_NAME_CHANGED: { // Refresh user principals based on new user profile WikiSession source = (WikiSession)e.getSource(); if ( this.equals( source ) && m_status == AUTHENTICATED ) { // To prepare for refresh, set the new full name as the primary principal UserProfile[] profiles = (UserProfile[])e.getTarget(); UserProfile newProfile = profiles[1]; if ( newProfile.getFullname() == null ) { throw new IllegalStateException( "User profile FullName cannot be null." ); } Set<Principal> principals = m_subject.getPrincipals(); m_loginPrincipal = new WikiPrincipal( newProfile.getLoginName() ); // Add the login principal to the Subject, and set the built-in roles principals.clear(); principals.add( m_loginPrincipal ); principals.add( Role.ALL ); principals.add( Role.AUTHENTICATED ); // Add the user and group principals injectUserProfilePrincipals(); // Add principals for the user profile injectGroupPrincipals(); // Inject group principals } break; } // // No action, if the event is not recognized. // default: break; }⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -