securityverifier.java

jspwiki source code,jspwiki source code

        if ( jaasClass == null || jaasClass.length() == 0 )
        {
            m_session.addMessage( ERROR_JAAS, "The value of the '" + AuthenticationManager.PROP_LOGIN_MODULE +
                    "' property was null or blank. This is a fatal error. This value should be set to a valid LoginModule implementation " +
                    "on the classpath." );
            return;
        }
        
        // See if we can find the LoginModule on the classpath
        Class c = null;
        try
        {
            m_session.addMessage( INFO_JAAS, "The property '" + AuthenticationManager.PROP_LOGIN_MODULE +
                                  "' specified the class '" + jaasClass + ".'" );
            c = Class.forName( jaasClass );
        }
        catch( ClassNotFoundException e )
        {
            m_session.addMessage( ERROR_JAAS, "We could not find the the class '" + jaasClass + "' on the " +
            "classpath. This is fatal error." );
        }
        
        // Is the specified class actually a LoginModule?
        if ( LoginModule.class.isAssignableFrom( c ) )
        {
            m_session.addMessage( INFO_JAAS, "We found the the class '" + jaasClass + "' on the " +
                    "classpath, and it is a LoginModule implementation. Good!" );
        }
        else
        {
            m_session.addMessage( ERROR_JAAS, "We found the the class '" + jaasClass + "' on the " +
            "classpath, but it does not seem to be LoginModule implementation! This is fatal error." );
        }
    }

    /**
     * Looks up a file name based on a JRE system property and returns the associated
     * File object if it exists. This method adds messages with the topic prefix 
     * {@link #ERROR} and {@link #INFO} as appropriate, with the suffix matching the 
     * supplied property.
     * @param property the system property to look up
     * @return the file object, or <code>null</code> if not found
     */
    protected final File getFileFromProperty( String property )
    {
        String propertyValue = null;
        try
        {
            propertyValue = System.getProperty( property );
            if ( propertyValue == null )
            {
                m_session.addMessage( "Error." + property, "The system property '" + property + "' is null." );
                return null;
            }

            //
            //  It's also possible to use "==" to mark a property.  We remove that
            //  here so that we can actually find the property file, then.
            //
            if( propertyValue.startsWith("=") )
            {
                propertyValue = propertyValue.substring(1);
            }

            try
            {
                m_session.addMessage( "Info." + property, "The system property '" + property + "' is set to: "
                        + propertyValue + "." );

                // Prepend a file: prefix if not there already
                if ( !propertyValue.startsWith( "file:" ) )
                {
                  propertyValue = "file:" + propertyValue;
                }
                URL url = new URL( propertyValue );
                File file = new File( url.getPath() );
                if ( file.exists() )
                {
                    m_session.addMessage( "Info." + property, "File '" + propertyValue + "' exists in the filesystem." );
                    return file;
                }
            }
            catch( MalformedURLException e )
            {
                // Swallow exception because we can't find it anyway
            }
            m_session.addMessage( "Error." + property, "File '" + propertyValue
                    + "' doesn't seem to exist. This might be a problem." );
            return null;
        }
        catch( SecurityException e )
        {
            m_session.addMessage( "Error." + property, "We could not read system property '" + property
                    + "'. This is probably because you are running with a security manager." );
            return null;
        }
    }

    /**
     * Verfies the Java security policy configuration. The configuration is
     * valid if value of the local policy (at <code>WEB-INF/jspwiki.policy</code>
     * resolves to an existing file, and the policy file contained therein
     * represents a valid policy.
     */
    @SuppressWarnings("unchecked")
    protected final void verifyPolicy()
    {
        // Look up the policy file and set the status text.
        URL policyURL = AuthenticationManager.findConfigFile( m_engine, AuthorizationManager.DEFAULT_POLICY );
        String path = policyURL.getPath();
        if ( path.startsWith("file:") )
        {
            path = path.substring( 5 );
        }
        File policyFile = new File( path );

        // Next, verify the policy
        try
        {
            // Get the file
            PolicyReader policy = new PolicyReader( policyFile );
            m_session.addMessage( INFO_POLICY, "The security policy '" + policy.getFile() + "' exists." );

            // See if there is a keystore that's valid
            KeyStore ks = policy.getKeyStore();
            if ( ks == null )
            {
                m_session.addMessage( WARNING_POLICY,
                    "Policy file does not have a keystore... at least not one that we can locate. If your policy file " +
                    "does not contain any 'signedBy' blocks, this is probably ok." );
            }
            else
            {
                m_session.addMessage( INFO_POLICY,
                    "The security policy specifies a keystore, and we were able to locate it in the filesystem." );
            }

            // Verify the file
            policy.read();
            List<Exception> errors = policy.getMessages();
            if ( errors.size() > 0 )
            {
                for( Exception e : errors )
                {
                    m_session.addMessage( ERROR_POLICY, e.getMessage() );
                }
            }
            else
            {
                m_session.addMessage( INFO_POLICY, "The security policy looks fine." );
                m_isSecurityPolicyConfigured = true;
            }

            // Stash the unique principals mentioned in the file,
            // plus our standard roles.
            Set<Principal> principals = new LinkedHashSet<Principal>();
            principals.add( Role.ALL );
            principals.add( Role.ANONYMOUS );
            principals.add( Role.ASSERTED );
            principals.add( Role.AUTHENTICATED );
            ProtectionDomain[] domains = policy.getProtectionDomains();
            for ( ProtectionDomain domain : domains )
            {
                for( Principal principal : domain.getPrincipals() )
                {
                    principals.add( principal );
                }
            }
            m_policyPrincipals = principals.toArray( new Principal[principals.size()] );
        }
        catch( IOException e )
        {
            m_session.addMessage( ERROR_POLICY, e.getMessage() );
        }
    }

    /**
     * Verifies that a particular Principal possesses a Permission, as defined
     * in the security policy file.
     * @param principal the principal
     * @param permission the permission
     * @return the result, based on consultation with the active Java security
     *         policy
     */
    protected final boolean verifyStaticPermission( Principal principal, final Permission permission )
    {
        Subject subject = new Subject();
        subject.getPrincipals().add( principal );
        boolean allowedByGlobalPolicy = ((Boolean)
            Subject.doAsPrivileged( subject, new PrivilegedAction<Object>()
            {
                public Object run()
                {
                    try
                    {
                        AccessController.checkPermission( permission );
                        return Boolean.TRUE;
                    }
                    catch ( AccessControlException e )
                    {
                        return Boolean.FALSE;
                    }
                }
            }, null )).booleanValue();

        if ( allowedByGlobalPolicy )
        {
            return true;
        }

        // Check local policy
        Principal[] principals = new Principal[]{ principal };
        return m_engine.getAuthorizationManager().allowedByLocalPolicy( principals, permission );
    }

    /**
     * Verifies that the user datbase was initialized properly, and that
     * user add and delete operations work as they should.
     */
    protected final void verifyUserDatabase()
    {
        UserDatabase db = m_engine.getUserManager().getUserDatabase();

        // Check for obvious error conditions
        if ( db == null )
        {
            m_session.addMessage( ERROR_DB, "UserDatabase is null; JSPWiki could not " +
                    "initialize it. Check the error logs." );
            return;
        }

        if ( db instanceof UserManager.DummyUserDatabase )
        {
            m_session.addMessage( ERROR_DB, "UserDatabase is DummyUserDatabase; JSPWiki " +
                    "may not have been able to initialize the database you supplied in " +
                    "jspwiki.properties, or you left the 'jspwiki.userdatabase' property " +
                    "blank. Check the error logs." );
        }

        // Tell user what class of database this is.
        m_session.addMessage( INFO_DB, "UserDatabase is of type '" + db.getClass().getName() +
                "'. It appears to be initialized properly." );

        // Now, see how many users we have.
        int oldUserCount = 0;
        try
        {
            Principal[] users = db.getWikiNames();
            oldUserCount = users.length;
            m_session.addMessage( INFO_DB, "The user database contains " + oldUserCount + " users." );
        }
        catch ( WikiSecurityException e )
        {
            m_session.addMessage( ERROR_DB, "Could not obtain a list of current users: " + e.getMessage() );
            return;
        }

        // Try adding a bogus user with random name
        String loginName = "TestUser" + String.valueOf( System.currentTimeMillis() );
        try
        {
            UserProfile profile = db.newProfile();
            profile.setEmail( "testuser@testville.com" );
            profile.setLoginName( loginName );
            profile.setFullname( "FullName"+loginName );
            profile.setPassword( "password" );
            db.save(profile);

            // Make sure the profile saved successfully
            if ( db.getWikiNames().length == oldUserCount )
            {
                m_session.addMessage( ERROR_DB, "Could not add a test user to the database." );
                return;
            }
            m_session.addMessage( INFO_DB, "The user database allows new users to be created, as it should." );
        }
        catch ( WikiSecurityException e )
        {
            m_session.addMessage( ERROR_DB, "Could not add a test user to the database: " + e.getMessage() );
            return;
        }

        // Now delete the profile; should be back to old count
        try
        {
            db.deleteByLoginName( loginName );
            if ( db.getWikiNames().length != oldUserCount )
            {
                m_session.addMessage( ERROR_DB, "Could not delete a test user from the database." );
                return;
            }
            m_session.addMessage( INFO_DB, "The user database allows users to be deleted, as it should." );
        }
        catch ( WikiSecurityException e )
        {
            m_session.addMessage( ERROR_DB, "Could not delete a test user to the database: " + e.getMessage() );
            return;
        }

        m_session.addMessage( INFO_DB, "The user database configuration looks fine." );
    }
}