Remove trunk directory

wise-webapp/src/main/java/com/wisemapping/security/AuthenticationHandler.java

@@ -0,0 +1,31 @@
+/*
+* Licensed to the Apache Software Foundation (ASF) under one or more
+* contributor license agreements.  See the NOTICE file distributed with
+* this work for additional information regarding copyright ownership.
+* The ASF licenses this file to You under the Apache License, Version 2.0
+* (the "License"); you may not use this file except in compliance with
+* the License.  You may obtain a copy of the License at
+*
+*       http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*
+* $Id: file 64488 2006-03-10 17:32:09Z paulo $
+*/
+
+package com.wisemapping.security;
+
+import org.acegisecurity.AuthenticationException;
+
+import javax.servlet.http.HttpServletRequest;
+
+public interface AuthenticationHandler
+{
+
+    AuthenticationToken getAuthenticationToken(HttpServletRequest request) throws AuthenticationException;
+
+}

wise-webapp/src/main/java/com/wisemapping/security/AuthenticationToken.java

@@ -0,0 +1,42 @@
+/*
+* Licensed to the Apache Software Foundation (ASF) under one or more
+* contributor license agreements.  See the NOTICE file distributed with
+* this work for additional information regarding copyright ownership.
+* The ASF licenses this file to You under the Apache License, Version 2.0
+* (the "License"); you may not use this file except in compliance with
+* the License.  You may obtain a copy of the License at
+*
+*       http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*
+* $Id: file 64488 2006-03-10 17:32:09Z paulo $
+*/
+
+package com.wisemapping.security;
+
+public class AuthenticationToken
+{
+    private String username;
+    private String password;
+
+    public AuthenticationToken(String username,String password)
+    {
+        this.username = username;
+        this.password = password;
+    }
+
+    public String getUsername()
+    {
+        return username;
+    }
+
+    public String getPassword()
+    {
+        return password;
+    }
+}

wise-webapp/src/main/java/com/wisemapping/security/CustomPasswordEncoder.java

@@ -0,0 +1,60 @@
+/*
+* Licensed to the Apache Software Foundation (ASF) under one or more
+* contributor license agreements.  See the NOTICE file distributed with
+* this work for additional information regarding copyright ownership.
+* The ASF licenses this file to You under the Apache License, Version 2.0
+* (the "License"); you may not use this file except in compliance with
+* the License.  You may obtain a copy of the License at
+*
+*       http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*
+* $Id: file 64488 2006-03-10 17:32:09Z paulo $
+*/
+
+package com.wisemapping.security;
+
+import org.acegisecurity.providers.encoding.PasswordEncoder;
+import org.springframework.dao.DataAccessException;
+
+public class CustomPasswordEncoder
+    implements PasswordEncoder
+{
+    private PasswordEncoder delegateEncoder;
+    private static final String ENC_PREFIX = "ENC:";
+
+    public void setDelegatedEncoder(PasswordEncoder delegateEncoder)
+    {
+        this.delegateEncoder = delegateEncoder;
+    }
+    
+    public String encodePassword(String rawPass, Object salt) throws DataAccessException {
+
+        String password = rawPass;
+        if (!rawPass.startsWith(ENC_PREFIX))
+        {
+            password = ENC_PREFIX + delegateEncoder.encodePassword(rawPass,salt);
+        }
+
+        return password;
+    }
+
+    public boolean isPasswordValid(String encPass, String rawPass, Object salt) throws DataAccessException {
+
+        String pass1 = "" + encPass;
+        String pass2 = rawPass;
+
+        if (pass1.startsWith(ENC_PREFIX))
+        {
+
+            pass2 = encodePassword(rawPass, salt);
+        }
+
+        return pass1.equals(pass2);
+    }
+}

wise-webapp/src/main/java/com/wisemapping/security/CustomTokenBasedRememberMeServices.java

@@ -0,0 +1,41 @@
+/*
+* Licensed to the Apache Software Foundation (ASF) under one or more
+* contributor license agreements.  See the NOTICE file distributed with
+* this work for additional information regarding copyright ownership.
+* The ASF licenses this file to You under the Apache License, Version 2.0
+* (the "License"); you may not use this file except in compliance with
+* the License.  You may obtain a copy of the License at
+*
+*       http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*
+* $Id: file 64488 2006-03-10 17:32:09Z paulo $
+*/
+
+package com.wisemapping.security;
+
+import org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices;
+import org.acegisecurity.Authentication;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+public class CustomTokenBasedRememberMeServices extends
+        TokenBasedRememberMeServices {
+    public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication)
+    {
+     if(authentication!=null)
+         super.logout(request, response, authentication);
+     else
+     {
+         logger.debug("Session Already Expired. Authentication is null");
+         response.addCookie(makeCancelCookie(request));
+     }
+    }
+
+}

wise-webapp/src/main/java/com/wisemapping/security/DatabaseUserDetailService.java

@@ -0,0 +1,53 @@
+/*
+* Licensed to the Apache Software Foundation (ASF) under one or more
+* contributor license agreements.  See the NOTICE file distributed with
+* this work for additional information regarding copyright ownership.
+* The ASF licenses this file to You under the Apache License, Version 2.0
+* (the "License"); you may not use this file except in compliance with
+* the License.  You may obtain a copy of the License at
+*
+*       http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*
+* $Id: file 64488 2006-03-10 17:32:09Z paulo $
+*/
+
+package com.wisemapping.security;
+
+import com.wisemapping.dao.UserManager;
+import org.acegisecurity.userdetails.UserDetailsService;
+import org.acegisecurity.userdetails.UsernameNotFoundException;
+import org.acegisecurity.userdetails.UserDetails;
+import org.acegisecurity.providers.encoding.PasswordEncoder;
+import org.acegisecurity.providers.encoding.Md5PasswordEncoder;
+import org.acegisecurity.providers.dao.SaltSource;
+import org.springframework.dao.DataAccessException;
+
+public class DatabaseUserDetailService
+        implements UserDetailsService {
+    private UserManager userManager;
+
+    public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException, DataAccessException {
+        final com.wisemapping.model.User model = userManager.getUserBy(email);
+
+        if (model != null) {
+            return new User(model);
+        } else {
+            throw new UsernameNotFoundException(email);
+        }
+    }
+
+    public UserManager getUserManager() {
+        return userManager;
+    }
+
+    public void setUserManager(UserManager userManager) {
+        this.userManager = userManager;
+    }
+
+}

wise-webapp/src/main/java/com/wisemapping/security/DefaultAuthenticationHandler.java

@@ -0,0 +1,44 @@
+/*
+* Licensed to the Apache Software Foundation (ASF) under one or more
+* contributor license agreements.  See the NOTICE file distributed with
+* this work for additional information regarding copyright ownership.
+* The ASF licenses this file to You under the Apache License, Version 2.0
+* (the "License"); you may not use this file except in compliance with
+* the License.  You may obtain a copy of the License at
+*
+*       http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*
+* $Id: file 64488 2006-03-10 17:32:09Z paulo $
+*/
+
+package com.wisemapping.security;
+
+import org.acegisecurity.AuthenticationException;
+import org.acegisecurity.ui.webapp.AuthenticationProcessingFilter;
+
+import javax.servlet.http.HttpServletRequest;
+
+public class DefaultAuthenticationHandler
+    implements AuthenticationHandler
+{
+    public AuthenticationToken getAuthenticationToken(HttpServletRequest request)
+        throws AuthenticationException
+    {
+        String username = request.getParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_USERNAME_KEY);
+        String password = request.getParameter(AuthenticationProcessingFilter.ACEGI_SECURITY_FORM_PASSWORD_KEY);
+        if (username == null) {
+            username = "";
+        }
+
+        if (password == null) {
+            password = "";
+        }
+        return new AuthenticationToken(username,password);
+    }
+}

wise-webapp/src/main/java/com/wisemapping/security/User.java

@@ -0,0 +1,68 @@
+/*
+* Licensed to the Apache Software Foundation (ASF) under one or more
+* contributor license agreements.  See the NOTICE file distributed with
+* this work for additional information regarding copyright ownership.
+* The ASF licenses this file to You under the Apache License, Version 2.0
+* (the "License"); you may not use this file except in compliance with
+* the License.  You may obtain a copy of the License at
+*
+*       http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*
+* $Id: file 64488 2006-03-10 17:32:09Z paulo $
+*/
+
+package com.wisemapping.security;
+
+import org.acegisecurity.userdetails.UserDetails;
+import org.acegisecurity.GrantedAuthority;
+import org.acegisecurity.GrantedAuthorityImpl;
+
+public class User implements UserDetails {
+    private com.wisemapping.model.User model;
+
+    public User(com.wisemapping.model.User model) {
+        this.model = model;
+    }
+
+    public GrantedAuthority[] getAuthorities() {
+        return new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_USER")};
+    }
+
+    public String getPassword() {        
+        return model.getPassword();
+    }
+
+    public String getUsername() {
+        return model.getEmail();
+    }
+
+    public boolean isAccountNonExpired() {
+        return true;
+    }
+
+    public boolean isAccountNonLocked() {
+       return this.model.isActive();
+    }
+
+    public boolean isCredentialsNonExpired() {
+        return true;
+    }
+
+    public boolean isEnabled() {
+        return this.model.isActive();
+    }
+
+    public com.wisemapping.model.User getModel() {
+        return model;
+    }
+
+    public String getDisplayName() {
+        return model.getFirstname();
+    }
+}

wise-webapp/src/main/java/com/wisemapping/security/Utils.java

@@ -0,0 +1,59 @@
+/*
+* Licensed to the Apache Software Foundation (ASF) under one or more
+* contributor license agreements.  See the NOTICE file distributed with
+* this work for additional information regarding copyright ownership.
+* The ASF licenses this file to You under the Apache License, Version 2.0
+* (the "License"); you may not use this file except in compliance with
+* the License.  You may obtain a copy of the License at
+*
+*       http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*
+* $Id: file 64488 2006-03-10 17:32:09Z paulo $
+*/
+
+package com.wisemapping.security;
+
+import com.wisemapping.model.User;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.acegisecurity.providers.AbstractAuthenticationToken;
+import org.acegisecurity.context.SecurityContextHolder;
+import org.acegisecurity.Authentication;
+
+
+public class Utils {
+    private Utils() {
+    }
+
+    public static User getUser(final HttpServletRequest request) {
+
+        final AbstractAuthenticationToken token = (AbstractAuthenticationToken) request.getUserPrincipal();
+        User result = null;
+        if (token != null) {
+            final com.wisemapping.security.User user = (com.wisemapping.security.User) token.getPrincipal();
+            result = user.getModel();
+        }
+        return result;
+    }
+
+    public static User getUser()
+    {
+        User user = null;
+        final Authentication auth = SecurityContextHolder.getContext().getAuthentication();
+        if (auth != null && auth.getDetails() != null)
+        {
+            final Object principal = auth.getPrincipal();
+            if (principal != null && principal instanceof com.wisemapping.security.User) {
+                user = ((com.wisemapping.security.User)principal).getModel();
+            }
+        }
+        return user;
+    }
+}

wise-webapp/src/main/java/com/wisemapping/security/WiseAuthenticationProcessingFilter.java

@@ -0,0 +1,67 @@
+/*
+* Licensed to the Apache Software Foundation (ASF) under one or more
+* contributor license agreements.  See the NOTICE file distributed with
+* this work for additional information regarding copyright ownership.
+* The ASF licenses this file to You under the Apache License, Version 2.0
+* (the "License"); you may not use this file except in compliance with
+* the License.  You may obtain a copy of the License at
+*
+*       http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*
+* $Id: file 64488 2006-03-10 17:32:09Z paulo $
+*/
+
+package com.wisemapping.security;
+
+import org.acegisecurity.Authentication;
+import org.acegisecurity.AuthenticationException;
+import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
+import org.acegisecurity.ui.webapp.AuthenticationProcessingFilter;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+public class WiseAuthenticationProcessingFilter
+    extends AuthenticationProcessingFilter
+{
+    public static final String ACEGI_SECURITY_FORM_SSO_ID_KEY = "j_sso_id";   
+
+    private AuthenticationHandler authenticationHandler;
+
+    public void setAuthenticationHandler(AuthenticationHandler ssoAuthenticationHandler)
+    {
+        this.authenticationHandler = ssoAuthenticationHandler;
+    }
+
+    @Override
+    public Authentication attemptAuthentication(HttpServletRequest request)
+           throws AuthenticationException
+    {
+
+        final AuthenticationToken ssoToken = authenticationHandler.getAuthenticationToken(request);
+
+        final UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(ssoToken.getUsername(), ssoToken.getPassword());
+
+        // Place the last username attempted into HttpSession for views
+        request.getSession().setAttribute(ACEGI_SECURITY_LAST_USERNAME_KEY, ssoToken.getUsername());
+
+        // Allow subclasses to set the "details" property
+        setDetails(request, authRequest);
+
+        return this.getAuthenticationManager().authenticate(authRequest);
+    }
+
+    @Override
+    protected void onPreAuthentication(HttpServletRequest request, HttpServletResponse response)
+        throws AuthenticationException, IOException
+    {
+        assert request != null;
+    }
+}

wise-webapp/src/main/java/com/wisemapping/security/aop/BaseSecurityAdvice.java

@@ -0,0 +1,72 @@
+/*
+* Licensed to the Apache Software Foundation (ASF) under one or more
+* contributor license agreements.  See the NOTICE file distributed with
+* this work for additional information regarding copyright ownership.
+* The ASF licenses this file to You under the Apache License, Version 2.0
+* (the "License"); you may not use this file except in compliance with
+* the License.  You may obtain a copy of the License at
+*
+*       http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*
+* $Id: file 64488 2006-03-10 17:32:09Z paulo $
+*/
+
+package com.wisemapping.security.aop;
+
+import com.wisemapping.model.MindMap;
+import com.wisemapping.model.User;
+import com.wisemapping.exceptions.AccessDeniedSecurityException;
+import com.wisemapping.exceptions.UnexpectedArgumentException;
+import com.wisemapping.security.Utils;
+import com.wisemapping.service.MindmapService;
+import org.aopalliance.intercept.MethodInvocation;
+
+public abstract class BaseSecurityAdvice {
+    private MindmapService mindmapService = null;
+
+    public void checkRole(MethodInvocation methodInvocation) throws UnexpectedArgumentException,AccessDeniedSecurityException
+    {
+        final User user = Utils.getUser();
+
+        final Object argument = methodInvocation.getArguments()[0];
+
+        boolean isAllowed;
+
+        if (argument instanceof MindMap)
+        {
+            isAllowed = isAllowed(user,(MindMap)  argument);
+        }
+        else if (argument instanceof Integer)
+        {
+            isAllowed = isAllowed(user, ((Integer)argument));
+        }
+        else
+        {
+            throw new UnexpectedArgumentException("Argument " +argument);
+        }
+
+        if (!isAllowed)
+        {
+            throw new AccessDeniedSecurityException("User not allowed to invoke:" + methodInvocation);
+        }
+    }
+
+    protected abstract boolean isAllowed(User user, MindMap map);
+    protected abstract boolean isAllowed(User user, int mapId);
+
+    protected MindmapService getMindmapService()
+    {
+        return mindmapService;
+    }
+
+    public void setMindmapService(MindmapService service)
+    {
+        this.mindmapService = service;
+    }
+}

wise-webapp/src/main/java/com/wisemapping/security/aop/UpdateSecurityAdvise.java

@@ -0,0 +1,50 @@
+/*
+* Licensed to the Apache Software Foundation (ASF) under one or more
+* contributor license agreements.  See the NOTICE file distributed with
+* this work for additional information regarding copyright ownership.
+* The ASF licenses this file to You under the Apache License, Version 2.0
+* (the "License"); you may not use this file except in compliance with
+* the License.  You may obtain a copy of the License at
+*
+*       http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*
+* $Id: file 64488 2006-03-10 17:32:09Z paulo $
+*/
+
+package com.wisemapping.security.aop;
+
+import com.wisemapping.model.UserRole;
+import com.wisemapping.model.User;
+import com.wisemapping.model.MindMap;
+
+import org.aopalliance.intercept.MethodInterceptor;
+import org.aopalliance.intercept.MethodInvocation;
+
+public class UpdateSecurityAdvise
+    extends BaseSecurityAdvice
+    implements MethodInterceptor
+{
+
+    private UserRole grantedRole = UserRole.COLLABORATOR;
+
+    public Object invoke(MethodInvocation methodInvocation) throws Throwable {
+        checkRole(methodInvocation);
+        return methodInvocation.proceed();
+    }
+
+    protected boolean isAllowed(User user, MindMap map)
+    {
+        return getMindmapService().isAllowedToView(user,map,grantedRole);
+    }
+
+    protected boolean isAllowed(User user, int mapId)
+    {
+        return getMindmapService().isAllowedToView(user,mapId,grantedRole);
+    }
+}

wise-webapp/src/main/java/com/wisemapping/security/aop/ViewBaseSecurityAdvise.java

@@ -0,0 +1,48 @@
+/*
+* Licensed to the Apache Software Foundation (ASF) under one or more
+* contributor license agreements.  See the NOTICE file distributed with
+* this work for additional information regarding copyright ownership.
+* The ASF licenses this file to You under the Apache License, Version 2.0
+* (the "License"); you may not use this file except in compliance with
+* the License.  You may obtain a copy of the License at
+*
+*       http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*
+* $Id: file 64488 2006-03-10 17:32:09Z paulo $
+*/
+
+package com.wisemapping.security.aop;
+
+import org.aopalliance.intercept.MethodInterceptor;
+import org.aopalliance.intercept.MethodInvocation;
+import com.wisemapping.model.UserRole;
+import com.wisemapping.model.User;
+import com.wisemapping.model.MindMap;
+
+public class ViewBaseSecurityAdvise
+        extends BaseSecurityAdvice
+        implements MethodInterceptor
+{
+    private UserRole grantedRole = UserRole.VIEWER;
+
+    public Object invoke(MethodInvocation methodInvocation) throws Throwable {
+        checkRole(methodInvocation);
+        return methodInvocation.proceed();
+    }
+
+    protected boolean isAllowed(User user, MindMap map)
+    {
+        return getMindmapService().isAllowedToView(user,map,grantedRole);
+    }
+
+    protected boolean isAllowed(User user, int mapId)
+    {
+        return getMindmapService().isAllowedToView(user,mapId,grantedRole);
+    }    
+}