diff --git a/distribution/Dockerfile b/distribution/Dockerfile
index da17dbdb..0578be08 100644
--- a/distribution/Dockerfile
+++ b/distribution/Dockerfile
@@ -21,7 +21,7 @@ RUN cd ${WEBAPP_TARGET_DIR} && jar -xvf /tmp/wisemapping.war
RUN rm /tmp/wisemapping.war
# Change logger to
-RUN cp ${WEBAPP_TARGET_DIR}/WEB-INF/classes/log4j-stdout.properties ${WEBAPP_TARGET_DIR}/WEB-INF/classes/log4j.properties
+RUN cp ${WEBAPP_TARGET_DIR}/WEB-INF/classes/log4j-stdout.xml ${WEBAPP_TARGET_DIR}/WEB-INF/classes/log4j.properties
# Add support for proxy
RUN sed -i 's|\
diff --git a/wise-webapp/pom.xml b/wise-webapp/pom.xml
index b9b83a78..7bc83645 100644
--- a/wise-webapp/pom.xml
+++ b/wise-webapp/pom.xml
@@ -13,11 +13,11 @@
- 5.3.28
- 5.8.4
- 5.6.15.Final
+ 6.0.10
+ 6.1.1
+ 6.2.6.Final
6.0.21.Final
- 5.6.1
+ 6.0.2
@@ -56,12 +56,6 @@
postgresql
42.5.4
-
- org.springframework.security
- spring-security-ldap
- ${org.springframework.addons}
- compile
-
org.springframework
spring-beans
@@ -82,16 +76,17 @@
org.hibernate
- hibernate-core
- ${hibernate.version}
+ hibernate-core-jakarta
+ 5.6.15.Final
org.hibernate.validator
hibernate-validator
- ${hibernate-validator.version}
+ 8.0.1.Final
+
org.springframework
spring-orm
@@ -104,12 +99,6 @@
${org.springframework.version}
compile
-
- org.slf4j
- slf4j-log4j12
- 1.7.25
- runtime
-
org.springframework
spring-web
@@ -139,24 +128,12 @@
5.3.15
test
-
- antlr
- antlr
- 2.7.6
- runtime
-
-
- org.apache.tiles
- tiles-jsp
- 3.0.8
- runtime
-
-
- org.slf4j
- jcl-over-slf4j
-
-
-
+
+
+
+
+
+
org.springframework
spring-aop
@@ -169,18 +146,17 @@
${org.springframework.addons}
compile
+
+
+
+
+
org.springframework.security
spring-security-core
${org.springframework.addons}
compile
-
- org.springframework.security
- spring-security-config
- ${org.springframework.addons}
- runtime
-
org.springframework
spring-jdbc
@@ -194,9 +170,9 @@
compile
- com.sun.mail
- javax.mail
- 1.6.2
+ jakarta.mail
+ jakarta.mail-api
+ 2.1.2
mysql
@@ -209,21 +185,16 @@
commons-dbcp2
2.9.0
-
- org.hibernate
- hibernate-ehcache
- ${hibernate.version}
-
-
- javax.cache
- cache-api
- 1.1.1
-
-
- org.ehcache
- ehcache
- 3.9.9
-
+
+
+
+
+
+
+
+
+
+
org.apache.logging.log4j
log4j-core
@@ -235,6 +206,7 @@
commons-validator
1.7
+
org.hsqldb
@@ -242,29 +214,26 @@
2.7.1
runtime
+
com.fasterxml.jackson.core
jackson-databind
- 2.14.2
+ 2.15.1
+
-
- javax.servlet
- jstl
- 1.2
+ jakarta.transaction
+ jakarta.transaction-api
+ 2.0.1
+
- org.slf4j
- slf4j-api
- 2.0.5
- runtime
-
-
- javax.servlet
- javax.servlet-api
- 3.1.0
+ jakarta.servlet
+ jakarta.servlet-api
+ 6.0.0
provided
+
commons-io
commons-io
@@ -275,6 +244,11 @@
fluent-hc
4.5.14
+
+ org.springframework.security
+ spring-security-config
+ ${org.springframework.addons}
+
@@ -420,6 +394,9 @@
true
+
+ WEB-INF/lib/commons-logging-*.jar,
+
src/main/resources
@@ -436,21 +413,6 @@
org.apache.maven.plugins
maven-surefire-plugin
-
-
- org.apache.tomcat.maven
- tomcat7-maven-plugin
- 2.0
-
- /wisemapping
- ${project.build.directory}/wisemapping.war
- war
- true
-
- ${project.build.directory}
-
-
-
org.jacoco
jacoco-maven-plugin
@@ -497,14 +459,6 @@
-
-
-
-
-
-
-
-
default-report
verify
@@ -518,48 +472,29 @@
org.eclipse.jetty
jetty-maven-plugin
- 9.4.34.v20201102
+ 11.0.15
foo
8080
9999
- ${project.build.directory}/wisemapping.war
- automatic
-
+ FORK
+
+ ${project.build.directory}/wisemapping.war
${project.basedir}/webdefault.xml
-
-
-
- org.mortbay.util.FileResource.checkAliases
- false
-
-
- org.mortbay.util.FileResource.checkAliases
- false
-
-
- database.base.url
- ${project.build.directory}
-
-
+
run-forked
pre-integration-test
- run-forked
+ run-war
- true
true
- 0
- false
- 200
- -Ddatabase.base.url=${project.build.directory} -Djetty.port=8080
-
+ -Ddatabase.base.url=${project.build.directory} -Djetty.port=8080 -Dlogging.level.org.springframework=TRACE
diff --git a/wise-webapp/src/main/java/com/wisemapping/config/SecurityConfig.java b/wise-webapp/src/main/java/com/wisemapping/config/SecurityConfig.java
new file mode 100644
index 00000000..545cdcf9
--- /dev/null
+++ b/wise-webapp/src/main/java/com/wisemapping/config/SecurityConfig.java
@@ -0,0 +1,126 @@
+package com.wisemapping.config;
+
+import com.wisemapping.security.AuthenticationSuccessHandler;
+import com.wisemapping.security.UserDetailsService;
+import com.wisemapping.service.UserService;
+import org.jetbrains.annotations.NotNull;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.core.annotation.Order;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.security.web.firewall.StrictHttpFirewall;
+import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
+import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
+
+
+@Configuration
+@EnableWebSecurity(debug = true)
+public class SecurityConfig {
+ @Autowired
+ UserService userService;
+
+ @Value("${admin.user}")
+ String adminUser;
+
+ @Bean
+ public StrictHttpFirewall httpFirewall() {
+ StrictHttpFirewall firewall = new StrictHttpFirewall();
+ firewall.setAllowSemicolon(true);
+ return firewall;
+ }
+
+ @Bean
+ @Order(2)
+ SecurityFilterChain apiSecurityFilterChain(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
+ final MvcRequestMatcher.Builder serviceMapper = new MvcRequestMatcher.Builder(introspector).servletPath("/service");
+ return http
+ .securityMatchers((matchers) ->
+ matchers.requestMatchers(serviceMapper.pattern(("/**"))))
+ .authorizeHttpRequests(auth ->
+ auth
+ .requestMatchers("/users/").permitAll()
+ .requestMatchers("/users/resetPassword").permitAll()
+ .requestMatchers("/oauth2/googlecallback").permitAll()
+ .requestMatchers("/oauth2/confirmaccountsync").permitAll()
+ .requestMatchers("/admin/**").hasAnyRole("ADMIN")
+ .requestMatchers("/**").hasAnyRole("USER", "ADMIN")
+
+ )
+ .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
+ .httpBasic(httpBasic -> {
+ })
+ .csrf(AbstractHttpConfigurer::disable)
+ .build();
+ }
+
+ @Bean
+ @Order(1)
+ public SecurityFilterChain filterChain(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
+ final AuthenticationSuccessHandler authenticationSuccessHandler = new AuthenticationSuccessHandler();
+ authenticationSuccessHandler.setAlwaysUseDefaultTargetUrl(false);
+ authenticationSuccessHandler.setDefaultTargetUrl("/c/maps/");
+
+ final MvcRequestMatcher.Builder restfullMapper = new MvcRequestMatcher.Builder(introspector).servletPath("/c/restful");
+ final MvcRequestMatcher.Builder mvcMatcher = new MvcRequestMatcher.Builder(introspector).servletPath("/c");
+
+ http
+ .securityMatchers((matchers) ->
+ matchers.requestMatchers(restfullMapper.pattern(("/**"))).
+ requestMatchers(mvcMatcher.pattern(("/**"))))
+ .authorizeHttpRequests(
+ (auth) ->
+ auth
+ .requestMatchers("/login", "logout").permitAll()
+ .requestMatchers("/registration", "registration-success").permitAll()
+ .requestMatchers("/registration-google").permitAll()
+ .requestMatchers("/forgot-password", "/forgot-password-success").permitAll()
+ .requestMatchers("/maps/*/embed").permitAll()
+ .requestMatchers("/maps/*/try").permitAll()
+ .requestMatchers("/maps/*/public").permitAll()
+ .requestMatchers("/restful/maps/*/document/xml-pub").permitAll()
+ .requestMatchers("/**").hasAnyRole("USER", "ADMIN")
+ .anyRequest().authenticated())
+ .formLogin((loginForm) ->
+ loginForm.loginPage("/c/login")
+ .loginProcessingUrl("/c/perform-login")
+ .defaultSuccessUrl("/c/maps/")
+ .failureUrl("/c/login?login_error=2"))
+ .logout((logout) ->
+ logout
+ .logoutUrl("/c/logout")
+ .logoutSuccessUrl("/c/login")
+ .invalidateHttpSession(true)
+ .deleteCookies("JSESSIONID")
+ .permitAll()
+ ).rememberMe(remember ->
+ remember
+ .tokenValiditySeconds(2419200)
+ .rememberMeParameter("remember-me"
+ ).authenticationSuccessHandler(authenticationSuccessHandler)
+ )
+ .csrf((csrf) ->
+ csrf.ignoringRequestMatchers("/logout"));
+
+ return http.build();
+ }
+
+ @Bean
+ public WebSecurityCustomizer webSecurityCustomizer() {
+ return (web) -> web.ignoring().requestMatchers("/static/**", "/css/**", "/js/**", "/images/**");
+ }
+
+ @Bean
+ public UserDetailsService userDetailsService() {
+ final UserDetailsService result = new UserDetailsService();
+ result.setUserService(userService);
+ result.setAdminUser(adminUser);
+ return result;
+ }
+}
diff --git a/wise-webapp/src/main/java/com/wisemapping/dao/MindmapManagerImpl.java b/wise-webapp/src/main/java/com/wisemapping/dao/MindmapManagerImpl.java
index 907a3a5e..1d8a5f8a 100644
--- a/wise-webapp/src/main/java/com/wisemapping/dao/MindmapManagerImpl.java
+++ b/wise-webapp/src/main/java/com/wisemapping/dao/MindmapManagerImpl.java
@@ -20,6 +20,7 @@ package com.wisemapping.dao;
import com.wisemapping.model.*;
import com.wisemapping.util.ZipUtils;
+import jakarta.persistence.Query;
import org.hibernate.Criteria;
import org.hibernate.criterion.Junction;
import org.hibernate.criterion.Order;
@@ -30,7 +31,6 @@ import org.jetbrains.annotations.Nullable;
import org.springframework.orm.hibernate5.HibernateTemplate;
import org.springframework.orm.hibernate5.support.HibernateDaoSupport;
-import javax.persistence.Query;
import java.io.IOException;
import java.util.Calendar;
import java.util.List;
diff --git a/wise-webapp/src/main/java/com/wisemapping/exceptions/InvalidEmailException.java b/wise-webapp/src/main/java/com/wisemapping/exceptions/InvalidEmailException.java
index 92739682..97cac72d 100755
--- a/wise-webapp/src/main/java/com/wisemapping/exceptions/InvalidEmailException.java
+++ b/wise-webapp/src/main/java/com/wisemapping/exceptions/InvalidEmailException.java
@@ -21,7 +21,7 @@ package com.wisemapping.exceptions;
import org.springframework.lang.Nullable;
-import javax.validation.constraints.NotNull;
+import jakarta.validation.constraints.NotNull;
public class InvalidEmailException
extends ClientException {
diff --git a/wise-webapp/src/main/java/com/wisemapping/exceptions/InvalidMindmapException.java b/wise-webapp/src/main/java/com/wisemapping/exceptions/InvalidMindmapException.java
index 59dcc5e9..d7db2b99 100755
--- a/wise-webapp/src/main/java/com/wisemapping/exceptions/InvalidMindmapException.java
+++ b/wise-webapp/src/main/java/com/wisemapping/exceptions/InvalidMindmapException.java
@@ -21,7 +21,7 @@ package com.wisemapping.exceptions;
import org.springframework.lang.Nullable;
-import javax.validation.constraints.NotNull;
+import jakarta.validation.constraints.NotNull;
public class InvalidMindmapException
extends ClientException {
diff --git a/wise-webapp/src/main/java/com/wisemapping/exceptions/MapCouldNotFoundException.java b/wise-webapp/src/main/java/com/wisemapping/exceptions/MapCouldNotFoundException.java
index ee8a641e..5ed7c5f3 100755
--- a/wise-webapp/src/main/java/com/wisemapping/exceptions/MapCouldNotFoundException.java
+++ b/wise-webapp/src/main/java/com/wisemapping/exceptions/MapCouldNotFoundException.java
@@ -19,7 +19,7 @@
package com.wisemapping.exceptions;
-import javax.validation.constraints.NotNull;
+import jakarta.validation.constraints.NotNull;
public class MapCouldNotFoundException
extends ClientException
diff --git a/wise-webapp/src/main/java/com/wisemapping/exceptions/OAuthAuthenticationException.java b/wise-webapp/src/main/java/com/wisemapping/exceptions/OAuthAuthenticationException.java
index f321ca30..816c423c 100644
--- a/wise-webapp/src/main/java/com/wisemapping/exceptions/OAuthAuthenticationException.java
+++ b/wise-webapp/src/main/java/com/wisemapping/exceptions/OAuthAuthenticationException.java
@@ -3,7 +3,7 @@ package com.wisemapping.exceptions;
import com.wisemapping.service.google.http.HttpInvokerException;
-import javax.validation.constraints.NotNull;
+import jakarta.validation.constraints.NotNull;
public class OAuthAuthenticationException extends WiseMappingException {
diff --git a/wise-webapp/src/main/java/com/wisemapping/exceptions/PasswordTooLongException.java b/wise-webapp/src/main/java/com/wisemapping/exceptions/PasswordTooLongException.java
index 6409ee29..fca34aad 100755
--- a/wise-webapp/src/main/java/com/wisemapping/exceptions/PasswordTooLongException.java
+++ b/wise-webapp/src/main/java/com/wisemapping/exceptions/PasswordTooLongException.java
@@ -19,7 +19,7 @@
package com.wisemapping.exceptions;
-import javax.validation.constraints.NotNull;
+import jakarta.validation.constraints.NotNull;
public class PasswordTooLongException
extends ClientException {
diff --git a/wise-webapp/src/main/java/com/wisemapping/exceptions/TooManyInactiveAccountsExceptions.java b/wise-webapp/src/main/java/com/wisemapping/exceptions/TooManyInactiveAccountsExceptions.java
index dc2c8428..dcdf5815 100755
--- a/wise-webapp/src/main/java/com/wisemapping/exceptions/TooManyInactiveAccountsExceptions.java
+++ b/wise-webapp/src/main/java/com/wisemapping/exceptions/TooManyInactiveAccountsExceptions.java
@@ -19,7 +19,7 @@
package com.wisemapping.exceptions;
-import javax.validation.constraints.NotNull;
+import jakarta.validation.constraints.NotNull;
public class TooManyInactiveAccountsExceptions
extends ClientException {
diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/ValidationException.java b/wise-webapp/src/main/java/com/wisemapping/exceptions/ValidationException.java
similarity index 97%
rename from wise-webapp/src/main/java/com/wisemapping/rest/ValidationException.java
rename to wise-webapp/src/main/java/com/wisemapping/exceptions/ValidationException.java
index a3962513..e5464ea5 100644
--- a/wise-webapp/src/main/java/com/wisemapping/rest/ValidationException.java
+++ b/wise-webapp/src/main/java/com/wisemapping/exceptions/ValidationException.java
@@ -16,7 +16,7 @@
* limitations under the License.
*/
-package com.wisemapping.rest;
+package com.wisemapping.exceptions;
import com.wisemapping.exceptions.WiseMappingException;
diff --git a/wise-webapp/src/main/java/com/wisemapping/filter/CorsFilter.java b/wise-webapp/src/main/java/com/wisemapping/filter/CorsFilter.java
index 5cc60cdb..fd0d53b9 100644
--- a/wise-webapp/src/main/java/com/wisemapping/filter/CorsFilter.java
+++ b/wise-webapp/src/main/java/com/wisemapping/filter/CorsFilter.java
@@ -20,13 +20,13 @@ package com.wisemapping.filter;
import java.io.IOException;
-import javax.servlet.Filter;
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.Filter;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.FilterConfig;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.ServletRequest;
+import jakarta.servlet.ServletResponse;
+import jakarta.servlet.http.HttpServletResponse;
/**
*
diff --git a/wise-webapp/src/main/java/com/wisemapping/filter/RequestPropertiesInterceptor.java b/wise-webapp/src/main/java/com/wisemapping/filter/RequestPropertiesInterceptor.java
index 1d257177..ddc03d1b 100644
--- a/wise-webapp/src/main/java/com/wisemapping/filter/RequestPropertiesInterceptor.java
+++ b/wise-webapp/src/main/java/com/wisemapping/filter/RequestPropertiesInterceptor.java
@@ -22,8 +22,8 @@ import org.jetbrains.annotations.NotNull;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.servlet.HandlerInterceptor;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
public class RequestPropertiesInterceptor implements HandlerInterceptor {
diff --git a/wise-webapp/src/main/java/com/wisemapping/filter/UserLocaleInterceptor.java b/wise-webapp/src/main/java/com/wisemapping/filter/UserLocaleInterceptor.java
index dfcaa888..ed72d796 100644
--- a/wise-webapp/src/main/java/com/wisemapping/filter/UserLocaleInterceptor.java
+++ b/wise-webapp/src/main/java/com/wisemapping/filter/UserLocaleInterceptor.java
@@ -22,12 +22,11 @@ import com.wisemapping.model.User;
import com.wisemapping.security.Utils;
import org.jetbrains.annotations.NotNull;
import org.springframework.web.servlet.HandlerInterceptor;
-import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import org.springframework.web.servlet.i18n.SessionLocaleResolver;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpSession;
import java.util.Locale;
public class UserLocaleInterceptor implements HandlerInterceptor {
diff --git a/wise-webapp/src/main/java/com/wisemapping/listener/UnlockOnExpireListener.java b/wise-webapp/src/main/java/com/wisemapping/listener/UnlockOnExpireListener.java
index 008c8155..1a706451 100644
--- a/wise-webapp/src/main/java/com/wisemapping/listener/UnlockOnExpireListener.java
+++ b/wise-webapp/src/main/java/com/wisemapping/listener/UnlockOnExpireListener.java
@@ -31,9 +31,9 @@ import org.apache.logging.log4j.Logger;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;
-import javax.servlet.ServletContext;
-import javax.servlet.http.HttpSessionEvent;
-import javax.servlet.http.HttpSessionListener;
+import jakarta.servlet.ServletContext;
+import jakarta.servlet.http.HttpSessionEvent;
+import jakarta.servlet.http.HttpSessionListener;
public class UnlockOnExpireListener implements HttpSessionListener {
private static final Logger logger = LogManager.getLogger();
diff --git a/wise-webapp/src/main/java/com/wisemapping/mail/Mailer.java b/wise-webapp/src/main/java/com/wisemapping/mail/Mailer.java
index 04b05f52..0cca8d1f 100644
--- a/wise-webapp/src/main/java/com/wisemapping/mail/Mailer.java
+++ b/wise-webapp/src/main/java/com/wisemapping/mail/Mailer.java
@@ -21,11 +21,11 @@ package com.wisemapping.mail;
import com.wisemapping.util.VelocityEngineUtils;
import com.wisemapping.util.VelocityEngineWrapper;
-import org.jetbrains.annotations.NotNull;
import org.springframework.mail.javamail.JavaMailSender;
import org.springframework.mail.javamail.MimeMessageHelper;
import org.springframework.mail.javamail.MimeMessagePreparator;
+import jakarta.validation.constraints.NotNull;
import java.nio.charset.StandardCharsets;
import java.util.Map;
diff --git a/wise-webapp/src/main/java/com/wisemapping/mail/NotificationService.java b/wise-webapp/src/main/java/com/wisemapping/mail/NotificationService.java
index ce52f098..fc7ce39b 100644
--- a/wise-webapp/src/main/java/com/wisemapping/mail/NotificationService.java
+++ b/wise-webapp/src/main/java/com/wisemapping/mail/NotificationService.java
@@ -32,7 +32,7 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.i18n.LocaleContextHolder;
import org.springframework.context.support.ResourceBundleMessageSource;
-import javax.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringWriter;
diff --git a/wise-webapp/src/main/java/com/wisemapping/model/AccessAuditory.java b/wise-webapp/src/main/java/com/wisemapping/model/AccessAuditory.java
index 9b021285..6f9e6637 100755
--- a/wise-webapp/src/main/java/com/wisemapping/model/AccessAuditory.java
+++ b/wise-webapp/src/main/java/com/wisemapping/model/AccessAuditory.java
@@ -20,7 +20,7 @@ package com.wisemapping.model;
import org.jetbrains.annotations.NotNull;
-import javax.persistence.*;
+import jakarta.persistence.*;
import java.io.Serializable;
import java.util.Calendar;
diff --git a/wise-webapp/src/main/java/com/wisemapping/model/Collaboration.java b/wise-webapp/src/main/java/com/wisemapping/model/Collaboration.java
index 40d892b8..3ff74905 100644
--- a/wise-webapp/src/main/java/com/wisemapping/model/Collaboration.java
+++ b/wise-webapp/src/main/java/com/wisemapping/model/Collaboration.java
@@ -21,8 +21,8 @@ package com.wisemapping.model;
import org.jetbrains.annotations.Nullable;
-import javax.persistence.*;
-import javax.validation.constraints.NotNull;
+import jakarta.persistence.*;
+import jakarta.validation.constraints.NotNull;
import java.io.Serializable;
import java.util.Objects;
diff --git a/wise-webapp/src/main/java/com/wisemapping/model/CollaborationProperties.java b/wise-webapp/src/main/java/com/wisemapping/model/CollaborationProperties.java
index 4c0fea46..155c4b82 100644
--- a/wise-webapp/src/main/java/com/wisemapping/model/CollaborationProperties.java
+++ b/wise-webapp/src/main/java/com/wisemapping/model/CollaborationProperties.java
@@ -20,7 +20,7 @@ package com.wisemapping.model;
import org.jetbrains.annotations.NotNull;
-import javax.persistence.*;
+import jakarta.persistence.*;
import java.io.Serializable;
@Entity
diff --git a/wise-webapp/src/main/java/com/wisemapping/model/Collaborator.java b/wise-webapp/src/main/java/com/wisemapping/model/Collaborator.java
index 02e507b7..4fa9def0 100755
--- a/wise-webapp/src/main/java/com/wisemapping/model/Collaborator.java
+++ b/wise-webapp/src/main/java/com/wisemapping/model/Collaborator.java
@@ -22,7 +22,7 @@ import org.hibernate.annotations.CacheConcurrencyStrategy;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
-import javax.persistence.*;
+import jakarta.persistence.*;
import java.io.Serializable;
import java.util.Calendar;
import java.util.HashSet;
diff --git a/wise-webapp/src/main/java/com/wisemapping/model/Label.java b/wise-webapp/src/main/java/com/wisemapping/model/Label.java
index 6126560d..36617fd8 100644
--- a/wise-webapp/src/main/java/com/wisemapping/model/Label.java
+++ b/wise-webapp/src/main/java/com/wisemapping/model/Label.java
@@ -22,7 +22,7 @@ import org.hibernate.annotations.CacheConcurrencyStrategy;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
-import javax.persistence.*;
+import jakarta.persistence.*;
import java.io.Serializable;
import java.util.Objects;
diff --git a/wise-webapp/src/main/java/com/wisemapping/model/MindMapHistory.java b/wise-webapp/src/main/java/com/wisemapping/model/MindMapHistory.java
index 5ef3c1c5..14a015f2 100755
--- a/wise-webapp/src/main/java/com/wisemapping/model/MindMapHistory.java
+++ b/wise-webapp/src/main/java/com/wisemapping/model/MindMapHistory.java
@@ -22,7 +22,7 @@ import com.wisemapping.util.ZipUtils;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
-import javax.persistence.*;
+import jakarta.persistence.*;
import java.io.IOException;
import java.util.Calendar;
diff --git a/wise-webapp/src/main/java/com/wisemapping/model/Mindmap.java b/wise-webapp/src/main/java/com/wisemapping/model/Mindmap.java
index 68f18c82..42621668 100644
--- a/wise-webapp/src/main/java/com/wisemapping/model/Mindmap.java
+++ b/wise-webapp/src/main/java/com/wisemapping/model/Mindmap.java
@@ -30,7 +30,7 @@ import org.hibernate.annotations.NotFoundAction;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
-import javax.persistence.*;
+import jakarta.persistence.*;
import java.io.IOException;
import java.io.Serializable;
import java.io.UnsupportedEncodingException;
diff --git a/wise-webapp/src/main/java/com/wisemapping/model/User.java b/wise-webapp/src/main/java/com/wisemapping/model/User.java
index 615c6775..39f6e8a1 100644
--- a/wise-webapp/src/main/java/com/wisemapping/model/User.java
+++ b/wise-webapp/src/main/java/com/wisemapping/model/User.java
@@ -21,7 +21,7 @@ package com.wisemapping.model;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
-import javax.persistence.*;
+import jakarta.persistence.*;
import java.io.Serializable;
import java.util.Calendar;
@@ -90,7 +90,7 @@ public class User
return password;
}
- public void setPassword(@javax.validation.constraints.NotNull String password) {
+ public void setPassword(@jakarta.validation.constraints.NotNull String password) {
this.password = password;
}
diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/AccountController.java b/wise-webapp/src/main/java/com/wisemapping/rest/AccountController.java
index e7ef928a..571d96e2 100644
--- a/wise-webapp/src/main/java/com/wisemapping/rest/AccountController.java
+++ b/wise-webapp/src/main/java/com/wisemapping/rest/AccountController.java
@@ -32,6 +32,7 @@ import com.wisemapping.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.HttpStatus;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
@@ -41,6 +42,7 @@ import org.springframework.web.bind.annotation.ResponseStatus;
import java.util.List;
@Controller
+@PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
public class AccountController extends BaseController {
@Qualifier("userService")
@Autowired
diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/AdminController.java b/wise-webapp/src/main/java/com/wisemapping/rest/AdminController.java
index 352f5681..71cf2700 100644
--- a/wise-webapp/src/main/java/com/wisemapping/rest/AdminController.java
+++ b/wise-webapp/src/main/java/com/wisemapping/rest/AdminController.java
@@ -30,14 +30,16 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.List;
@Controller
+@PreAuthorize("isAuthenticated() and hasRole('ROLE_ADMIN')")
public class AdminController extends BaseController {
@Qualifier("userService")
@Autowired
diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/BaseController.java b/wise-webapp/src/main/java/com/wisemapping/rest/BaseController.java
index 89d4953e..8acc8ece 100644
--- a/wise-webapp/src/main/java/com/wisemapping/rest/BaseController.java
+++ b/wise-webapp/src/main/java/com/wisemapping/rest/BaseController.java
@@ -20,6 +20,7 @@ package com.wisemapping.rest;
import com.wisemapping.exceptions.ClientException;
import com.wisemapping.exceptions.OAuthAuthenticationException;
import com.wisemapping.exceptions.Severity;
+import com.wisemapping.exceptions.ValidationException;
import com.wisemapping.mail.NotificationService;
import com.wisemapping.model.User;
import com.wisemapping.rest.model.RestErrors;
@@ -37,9 +38,9 @@ import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;
-import javax.servlet.ServletContext;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.ServletContext;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
import java.lang.reflect.UndeclaredThrowableException;
import java.util.Locale;
diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/LabelController.java b/wise-webapp/src/main/java/com/wisemapping/rest/LabelController.java
index 7b801bb7..9a8078c1 100644
--- a/wise-webapp/src/main/java/com/wisemapping/rest/LabelController.java
+++ b/wise-webapp/src/main/java/com/wisemapping/rest/LabelController.java
@@ -18,6 +18,7 @@
package com.wisemapping.rest;
import com.wisemapping.exceptions.LabelCouldNotFoundException;
+import com.wisemapping.exceptions.ValidationException;
import com.wisemapping.exceptions.WiseMappingException;
import com.wisemapping.model.Label;
import com.wisemapping.model.User;
@@ -30,15 +31,17 @@ import org.jetbrains.annotations.NotNull;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.HttpStatus;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.validation.BeanPropertyBindingResult;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.*;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpServletResponse;
import java.util.List;
@Controller
+@PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
public class LabelController extends BaseController {
@Qualifier("labelService")
@@ -64,7 +67,7 @@ public class LabelController extends BaseController {
response.setHeader("ResourceId", Long.toString(label.getId()));
}
- @RequestMapping(method = RequestMethod.GET, value = "/labels", produces = {"application/json"})
+ @RequestMapping(method = RequestMethod.GET, value = "/labels/", produces = {"application/json"})
public RestLabelList retrieveList() {
final User user = Utils.getUser();
assert user != null;
diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/MindmapController.java b/wise-webapp/src/main/java/com/wisemapping/rest/MindmapController.java
index 1ba785b9..d033d9f4 100644
--- a/wise-webapp/src/main/java/com/wisemapping/rest/MindmapController.java
+++ b/wise-webapp/src/main/java/com/wisemapping/rest/MindmapController.java
@@ -33,12 +33,13 @@ import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.validation.BeanPropertyBindingResult;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.*;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.*;
@@ -46,6 +47,7 @@ import java.util.stream.Collectors;
@Controller
+@PreAuthorize("isAuthenticated() and hasRole('ROLE_USER')")
public class MindmapController extends BaseController {
final Logger logger = LogManager.getLogger();
diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/OAuth2Controller.java b/wise-webapp/src/main/java/com/wisemapping/rest/OAuth2Controller.java
index feba7457..9130a4b5 100644
--- a/wise-webapp/src/main/java/com/wisemapping/rest/OAuth2Controller.java
+++ b/wise-webapp/src/main/java/com/wisemapping/rest/OAuth2Controller.java
@@ -34,8 +34,8 @@ import org.springframework.security.web.authentication.preauth.PreAuthenticatedA
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpSession;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpSession;
@Controller
diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/UserController.java b/wise-webapp/src/main/java/com/wisemapping/rest/UserController.java
index e2ee2ec2..5791fed8 100644
--- a/wise-webapp/src/main/java/com/wisemapping/rest/UserController.java
+++ b/wise-webapp/src/main/java/com/wisemapping/rest/UserController.java
@@ -35,13 +35,14 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.stereotype.Controller;
import org.springframework.validation.BindException;
import org.springframework.web.bind.annotation.*;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
import java.util.Arrays;
import java.util.List;
@@ -61,7 +62,7 @@ public class UserController extends BaseController {
@Autowired
private AuthenticationManager authManager;
- @Value("${google.recaptcha2.enabled}")
+ @Value("${google.recaptcha2.enabled:false}")
private Boolean recatchaEnabled;
@Value("${accounts.exclusion.domain:''}")
@@ -70,7 +71,7 @@ public class UserController extends BaseController {
private static final Logger logger = LogManager.getLogger();
private static final String REAL_IP_ADDRESS_HEADER = "X-Real-IP";
- @RequestMapping(method = RequestMethod.POST, value = "/users", produces = { "application/json" })
+ @RequestMapping(method = RequestMethod.POST, value = "/users/", produces = { "application/json" })
@ResponseStatus(value = HttpStatus.CREATED)
public void registerUser(@RequestBody RestUserRegistration registration, @NotNull HttpServletRequest request,
@NotNull HttpServletResponse response) throws WiseMappingException, BindException {
diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/model/RestCollaborator.java b/wise-webapp/src/main/java/com/wisemapping/rest/model/RestCollaborator.java
index 1593af01..ede08c0e 100644
--- a/wise-webapp/src/main/java/com/wisemapping/rest/model/RestCollaborator.java
+++ b/wise-webapp/src/main/java/com/wisemapping/rest/model/RestCollaborator.java
@@ -24,9 +24,9 @@ import com.wisemapping.model.Collaborator;
import com.wisemapping.util.TimeUtils;
import org.jetbrains.annotations.NotNull;
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlRootElement;
+import jakarta.xml.bind.annotation.XmlAccessType;
+import jakarta.xml.bind.annotation.XmlAccessorType;
+import jakarta.xml.bind.annotation.XmlRootElement;
import java.util.Calendar;
@JsonAutoDetect(
diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/model/RestErrors.java b/wise-webapp/src/main/java/com/wisemapping/rest/model/RestErrors.java
index daf4a213..7591e567 100644
--- a/wise-webapp/src/main/java/com/wisemapping/rest/model/RestErrors.java
+++ b/wise-webapp/src/main/java/com/wisemapping/rest/model/RestErrors.java
@@ -30,9 +30,9 @@ import org.springframework.validation.Errors;
import org.springframework.validation.FieldError;
import org.springframework.validation.ObjectError;
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlRootElement;
+import jakarta.xml.bind.annotation.XmlAccessType;
+import jakarta.xml.bind.annotation.XmlAccessorType;
+import jakarta.xml.bind.annotation.XmlRootElement;
import java.util.*;
@JsonAutoDetect(
diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/model/RestLabelList.java b/wise-webapp/src/main/java/com/wisemapping/rest/model/RestLabelList.java
index 10f7f8f4..62a9e311 100644
--- a/wise-webapp/src/main/java/com/wisemapping/rest/model/RestLabelList.java
+++ b/wise-webapp/src/main/java/com/wisemapping/rest/model/RestLabelList.java
@@ -4,7 +4,7 @@ import com.fasterxml.jackson.annotation.JsonAutoDetect;
import com.wisemapping.model.Label;
import org.jetbrains.annotations.NotNull;
-import javax.xml.bind.annotation.XmlElement;
+import jakarta.xml.bind.annotation.XmlElement;
import java.util.ArrayList;
import java.util.List;
diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/model/RestMindmap.java b/wise-webapp/src/main/java/com/wisemapping/rest/model/RestMindmap.java
index 660fbb28..1e837b5c 100644
--- a/wise-webapp/src/main/java/com/wisemapping/rest/model/RestMindmap.java
+++ b/wise-webapp/src/main/java/com/wisemapping/rest/model/RestMindmap.java
@@ -29,9 +29,9 @@ import com.wisemapping.util.TimeUtils;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
-import javax.xml.bind.annotation.XmlAccessType;
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlRootElement;
+import jakarta.xml.bind.annotation.XmlAccessType;
+import jakarta.xml.bind.annotation.XmlAccessorType;
+import jakarta.xml.bind.annotation.XmlRootElement;
import java.io.IOException;
import java.util.Calendar;
diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/model/RestMindmapList.java b/wise-webapp/src/main/java/com/wisemapping/rest/model/RestMindmapList.java
index aaef046c..48dc7b54 100644
--- a/wise-webapp/src/main/java/com/wisemapping/rest/model/RestMindmapList.java
+++ b/wise-webapp/src/main/java/com/wisemapping/rest/model/RestMindmapList.java
@@ -24,7 +24,7 @@ import com.wisemapping.model.Collaborator;
import com.wisemapping.model.Mindmap;
import org.jetbrains.annotations.NotNull;
-import javax.xml.bind.annotation.XmlElement;
+import jakarta.xml.bind.annotation.XmlElement;
import java.util.Collections;
import java.util.List;
import java.util.stream.Collectors;
diff --git a/wise-webapp/src/main/java/com/wisemapping/security/AuthenticationSuccessHandler.java b/wise-webapp/src/main/java/com/wisemapping/security/AuthenticationSuccessHandler.java
index 923eefca..2e3945b6 100644
--- a/wise-webapp/src/main/java/com/wisemapping/security/AuthenticationSuccessHandler.java
+++ b/wise-webapp/src/main/java/com/wisemapping/security/AuthenticationSuccessHandler.java
@@ -23,9 +23,9 @@ import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.security.web.savedrequest.RequestCache;
import org.springframework.security.web.savedrequest.SavedRequest;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
diff --git a/wise-webapp/src/main/java/com/wisemapping/security/CSFRRequestMatcher.java b/wise-webapp/src/main/java/com/wisemapping/security/CSFRRequestMatcher.java
deleted file mode 100644
index 4f3421eb..00000000
--- a/wise-webapp/src/main/java/com/wisemapping/security/CSFRRequestMatcher.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Copyright [2022] [wisemapping]
- *
- * Licensed under WiseMapping Public License, Version 1.0 (the "License").
- * It is basically the Apache License, Version 2.0 (the "License") plus the
- * "powered by wisemapping" text requirement on every single page;
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the license at
- *
- * http://www.wisemapping.org/license
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.wisemapping.security;
-
-import org.springframework.security.web.util.matcher.RequestMatcher;
-
-import javax.servlet.http.HttpServletRequest;
-import java.util.Arrays;
-
-public class CSFRRequestMatcher implements RequestMatcher {
-
- private String prefix;
- static String[] supportedMethods = {"POST", "PUT", "GET", "DELETE", "PATCH"};
-
- @Override
- public boolean matches(HttpServletRequest request) {
- final String requestURI = request.getRequestURI();
- return Arrays.stream(supportedMethods).anyMatch(p -> request.getMethod().toUpperCase().equals(p))
- && requestURI.startsWith(prefix);
- }
-
- public String getPrefix() {
- return prefix;
- }
-
- public void setPrefix(String prefix) {
- this.prefix = prefix;
- }
-}
diff --git a/wise-webapp/src/main/java/com/wisemapping/security/UserDetailsService.java b/wise-webapp/src/main/java/com/wisemapping/security/UserDetailsService.java
index 0d86c946..f74a582d 100644
--- a/wise-webapp/src/main/java/com/wisemapping/security/UserDetailsService.java
+++ b/wise-webapp/src/main/java/com/wisemapping/security/UserDetailsService.java
@@ -1,20 +1,20 @@
/*
-* Copyright [2022] [wisemapping]
-*
-* Licensed under WiseMapping Public License, Version 1.0 (the "License").
-* It is basically the Apache License, Version 2.0 (the "License") plus the
-* "powered by wisemapping" text requirement on every single page;
-* you may not use this file except in compliance with the License.
-* You may obtain a copy of the license at
-*
-* http://www.wisemapping.org/license
-*
-* Unless required by applicable law or agreed to in writing, software
-* distributed under the License is distributed on an "AS IS" BASIS,
-* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-* See the License for the specific language governing permissions and
-* limitations under the License.
-*/
+ * Copyright [2022] [wisemapping]
+ *
+ * Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ * It is basically the Apache License, Version 2.0 (the "License") plus the
+ * "powered by wisemapping" text requirement on every single page;
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the license at
+ *
+ * http://www.wisemapping.org/license
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
package com.wisemapping.security;
@@ -23,12 +23,13 @@ import com.wisemapping.model.User;
import com.wisemapping.service.UserService;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
+import org.springframework.context.annotation.Bean;
import org.springframework.dao.DataAccessException;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
public class UserDetailsService
- implements org.springframework.security.core.userdetails.UserDetailsService{
+ implements org.springframework.security.core.userdetails.UserDetailsService {
private UserService userService;
private String adminUser;
diff --git a/wise-webapp/src/main/java/com/wisemapping/security/ldap/LdapUserDetailsContextMapper.java b/wise-webapp/src/main/java/com/wisemapping/security/ldap/LdapUserDetailsContextMapper.java
deleted file mode 100644
index 3bea2f97..00000000
--- a/wise-webapp/src/main/java/com/wisemapping/security/ldap/LdapUserDetailsContextMapper.java
+++ /dev/null
@@ -1,99 +0,0 @@
-package com.wisemapping.security.ldap;
-
-
-import com.wisemapping.exceptions.WiseMappingException;
-import com.wisemapping.model.AuthenticationType;
-import com.wisemapping.model.User;
-import com.wisemapping.security.UserDetails;
-import com.wisemapping.service.UserService;
-import org.jetbrains.annotations.NotNull;
-import org.jetbrains.annotations.Nullable;
-import org.springframework.ldap.core.DirContextAdapter;
-import org.springframework.ldap.core.DirContextOperations;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.ldap.userdetails.UserDetailsContextMapper;
-
-import java.util.Calendar;
-import java.util.Collection;
-
-public class LdapUserDetailsContextMapper implements UserDetailsContextMapper {
-
- private UserService userService;
- private String adminUser;
- private String ldapAttributeFirstName;
- private String ldapAttributeLastName;
-
-
- public UserService getUserService() {
- return userService;
- }
-
- public void setUserService(UserService userService) {
- this.userService = userService;
- }
-
-
- private boolean isAdmin(@Nullable String email) {
- return email != null && adminUser != null && email.trim().endsWith(adminUser);
- }
-
- public String getAdminUser() {
- return adminUser;
- }
-
- public void setAdminUser(String adminUser) {
- this.adminUser = adminUser;
- }
-
- @Override
- public UserDetails mapUserFromContext(@NotNull DirContextOperations userData,
- String email, Collection arg2) {
- User user = userService.getUserBy(email);
- if (user == null) {
- // If the user was not found in the database, create a new one ...
- user = new User();
- user.setEmail(email);
-
- final String firstName = userData.getStringAttribute(ldapAttributeFirstName);
- user.setFirstname(firstName);
-
- final String lastName = userData.getStringAttribute(ldapAttributeLastName);
- user.setLastname(lastName);
-
- user.setPassword(email);
- final Calendar now = Calendar.getInstance();
- user.setActivationDate(now);
-
- try {
- user.setAuthenticationType(AuthenticationType.LDAP);
- user = userService.createUser(user, false, false);
- } catch (WiseMappingException e) {
- throw new IllegalStateException(e);
- }
- }
- return new UserDetails(user, isAdmin(email));
- }
-
- public String getLdapAttributeLastName() {
- return ldapAttributeLastName;
- }
-
- public void setLdapAttributeLastName(String ldapAttributLastName) {
- this.ldapAttributeLastName = ldapAttributLastName;
- }
-
- public String getLdapAttrbutFirstName() {
- return ldapAttributeFirstName;
- }
-
- public void setLdapAttributeFirstName(String ldapAttributeFirstName) {
- this.ldapAttributeFirstName = ldapAttributeFirstName;
- }
-
- @Override
- public void mapUserToContext(org.springframework.security.core.userdetails.UserDetails userDetails, DirContextAdapter dirContextAdapter) {
- // To be implemented ...
- }
-
-
-}
diff --git a/wise-webapp/src/main/java/com/wisemapping/service/HibernateAppListener.java b/wise-webapp/src/main/java/com/wisemapping/service/HibernateAppListener.java
index 06aa1455..1e9da9a2 100755
--- a/wise-webapp/src/main/java/com/wisemapping/service/HibernateAppListener.java
+++ b/wise-webapp/src/main/java/com/wisemapping/service/HibernateAppListener.java
@@ -18,8 +18,8 @@
package com.wisemapping.service;
-import javax.servlet.ServletContextEvent;
-import javax.servlet.ServletContextListener;
+import jakarta.servlet.ServletContextEvent;
+import jakarta.servlet.ServletContextListener;
public class HibernateAppListener implements ServletContextListener {
diff --git a/wise-webapp/src/main/java/com/wisemapping/service/MindmapService.java b/wise-webapp/src/main/java/com/wisemapping/service/MindmapService.java
index 927a05ca..02574da7 100755
--- a/wise-webapp/src/main/java/com/wisemapping/service/MindmapService.java
+++ b/wise-webapp/src/main/java/com/wisemapping/service/MindmapService.java
@@ -22,7 +22,7 @@ import com.wisemapping.exceptions.WiseMappingException;
import com.wisemapping.model.*;
import org.jetbrains.annotations.Nullable;
-import javax.validation.constraints.NotNull;
+import jakarta.validation.constraints.NotNull;
import java.io.IOException;
import java.util.List;
diff --git a/wise-webapp/src/main/java/com/wisemapping/service/RecaptchaService.java b/wise-webapp/src/main/java/com/wisemapping/service/RecaptchaService.java
index e947090f..17d6cb1f 100644
--- a/wise-webapp/src/main/java/com/wisemapping/service/RecaptchaService.java
+++ b/wise-webapp/src/main/java/com/wisemapping/service/RecaptchaService.java
@@ -28,7 +28,7 @@ import org.apache.http.client.fluent.Form;
import org.apache.http.client.fluent.Request;
import org.jetbrains.annotations.Nullable;
-import javax.validation.constraints.NotNull;
+import jakarta.validation.constraints.NotNull;
import java.io.IOException;
import java.util.HashMap;
import java.util.List;
diff --git a/wise-webapp/src/main/java/com/wisemapping/service/google/http/HttpInvoker.java b/wise-webapp/src/main/java/com/wisemapping/service/google/http/HttpInvoker.java
index a33bf8af..4a8da4c1 100644
--- a/wise-webapp/src/main/java/com/wisemapping/service/google/http/HttpInvoker.java
+++ b/wise-webapp/src/main/java/com/wisemapping/service/google/http/HttpInvoker.java
@@ -47,7 +47,7 @@ import org.springframework.stereotype.Service;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
-import javax.validation.constraints.NotNull;
+import jakarta.validation.constraints.NotNull;
@Service
public class HttpInvoker {
diff --git a/wise-webapp/src/main/java/com/wisemapping/webmvc/LoginController.java b/wise-webapp/src/main/java/com/wisemapping/webmvc/MvcLoginController.java
similarity index 87%
rename from wise-webapp/src/main/java/com/wisemapping/webmvc/LoginController.java
rename to wise-webapp/src/main/java/com/wisemapping/webmvc/MvcLoginController.java
index 4c01c51d..2e972b5e 100644
--- a/wise-webapp/src/main/java/com/wisemapping/webmvc/LoginController.java
+++ b/wise-webapp/src/main/java/com/wisemapping/webmvc/MvcLoginController.java
@@ -21,13 +21,15 @@ package com.wisemapping.webmvc;
import com.wisemapping.model.User;
import com.wisemapping.security.Utils;
import org.springframework.beans.factory.annotation.Value;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;
@Controller
-public class LoginController {
+@PreAuthorize("permitAll()")
+public class MvcLoginController {
@Value("${database.driver}")
private String driver;
@@ -39,7 +41,7 @@ public class LoginController {
if (user != null) {
result = new ModelAndView("forward:/c/maps/");
} else {
- result = new ModelAndView("login");
+ result = new ModelAndView("reactInclude");
result.addObject("isHsql", driver.contains("hsql"));
}
return result;
diff --git a/wise-webapp/src/main/java/com/wisemapping/webmvc/MindmapController.java b/wise-webapp/src/main/java/com/wisemapping/webmvc/MvcMindmapController.java
similarity index 94%
rename from wise-webapp/src/main/java/com/wisemapping/webmvc/MindmapController.java
rename to wise-webapp/src/main/java/com/wisemapping/webmvc/MvcMindmapController.java
index 03317139..52d395b2 100644
--- a/wise-webapp/src/main/java/com/wisemapping/webmvc/MindmapController.java
+++ b/wise-webapp/src/main/java/com/wisemapping/webmvc/MvcMindmapController.java
@@ -34,6 +34,7 @@ import org.jetbrains.annotations.NotNull;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.i18n.LocaleContextHolder;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.PathVariable;
@@ -45,7 +46,7 @@ import org.springframework.web.servlet.ModelAndView;
import java.util.Locale;
@Controller
-public class MindmapController {
+public class MvcMindmapController {
@Qualifier("mindmapService")
@Autowired
@@ -59,12 +60,12 @@ public class MindmapController {
model.addAttribute("mindmap", mindmap);
final Locale locale = LocaleContextHolder.getLocale();
model.addAttribute("locale", locale.toString().toLowerCase());
- return "mindmapPrint";
+ return "mindmapViewonly";
}
@RequestMapping(value = "maps/")
public String showListPage(@NotNull Model model) {
- return "mindmapList";
+ return "reactInclude";
}
@RequestMapping(value = "maps/{id}/edit", method = RequestMethod.GET)
@@ -106,6 +107,7 @@ public class MindmapController {
}
@RequestMapping(value = "maps/{id}/try", method = RequestMethod.GET)
+ @PreAuthorize("permitAll()")
public String showMindmapTryPage(@PathVariable int id, @NotNull Model model) throws WiseMappingException {
return showEditorPage(id, model, false);
}
@@ -118,13 +120,14 @@ public class MindmapController {
}
@RequestMapping(value = "maps/{id}/embed")
+ @PreAuthorize("permitAll()")
public ModelAndView showEmbeddedPage(@PathVariable int id, @RequestParam(required = false) Float zoom) throws MapCouldNotFoundException, MapNonPublicException, AccessDeniedSecurityException {
if (!mindmapService.isMindmapPublic(id)) {
throw new MapNonPublicException("Map " + id + " is not public.");
}
final MindMapBean mindmap = findMindmapBean(id);
- final ModelAndView view = new ModelAndView("mindmapEmbedded", "mindmap", mindmap);
+ final ModelAndView view = new ModelAndView("mindmapViewonly", "mindmap", mindmap);
view.addObject("zoom", zoom == null ? 1 : zoom);
final Locale locale = LocaleContextHolder.getLocale();
view.addObject("locale", locale.toString().toLowerCase());
@@ -132,6 +135,7 @@ public class MindmapController {
}
@RequestMapping(value = "maps/{id}/public", method = RequestMethod.GET)
+ @PreAuthorize("permitAll()")
public String showPublicViewPage(@PathVariable int id, @NotNull Model model) throws WiseMappingException {
if (!mindmapService.isMindmapPublic(id)) {
throw new MapNonPublicException("Map " + id + " is not public.");
@@ -141,12 +145,14 @@ public class MindmapController {
@Deprecated
@RequestMapping(value = "publicView", method = RequestMethod.GET)
+ @PreAuthorize("permitAll()")
public String showPublicViewPageLegacy(@RequestParam(required = true) int mapId) {
return "redirect:maps/" + mapId + "/public";
}
@Deprecated
@RequestMapping(value = "embeddedView", method = RequestMethod.GET)
+ @PreAuthorize("permitAll()")
public String showPublicViewLegacyPage(@RequestParam(required = true) int mapId, @RequestParam(required = false) int zoom) {
return "redirect:maps/" + mapId + "/embed?zoom=" + zoom;
}
diff --git a/wise-webapp/src/main/java/com/wisemapping/webmvc/UsersController.java b/wise-webapp/src/main/java/com/wisemapping/webmvc/MvcUsersController.java
similarity index 83%
rename from wise-webapp/src/main/java/com/wisemapping/webmvc/UsersController.java
rename to wise-webapp/src/main/java/com/wisemapping/webmvc/MvcUsersController.java
index e760c017..83add065 100644
--- a/wise-webapp/src/main/java/com/wisemapping/webmvc/UsersController.java
+++ b/wise-webapp/src/main/java/com/wisemapping/webmvc/MvcUsersController.java
@@ -22,31 +22,35 @@ package com.wisemapping.webmvc;
import com.wisemapping.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;
@Controller
-public class UsersController {
+public class MvcUsersController {
@Qualifier("userService")
@Autowired
private UserService userService;
@RequestMapping(value = "forgot-password", method = RequestMethod.GET)
+ @PreAuthorize("permitAll()")
public ModelAndView showResetPasswordPage() {
- return new ModelAndView("forgot-password");
+ return new ModelAndView("reactInclude");
}
@RequestMapping(value = "registration-google", method = RequestMethod.GET)
+ @PreAuthorize("permitAll()")
public ModelAndView processGoogleCallback() {
- return new ModelAndView("registration-google");
+ return new ModelAndView("reactInclude");
}
@RequestMapping(value = "registration", method = RequestMethod.GET)
+ @PreAuthorize("permitAll()")
public ModelAndView showRegistrationPage() {
- return new ModelAndView("registration");
+ return new ModelAndView("reactInclude");
}
}
diff --git a/wise-webapp/src/main/resources/Bundle.properties b/wise-webapp/src/main/resources/Bundle.properties
index c09305ac..06dfc929 100644
--- a/wise-webapp/src/main/resources/Bundle.properties
+++ b/wise-webapp/src/main/resources/Bundle.properties
@@ -1 +1 @@
-# Solves error Can't find bundle for base name javax.xml.bind.Messages, locale en_US
\ No newline at end of file
+# Solves error Can't find bundle for base name jakarta.xml.bind.Messages, locale en_US
\ No newline at end of file
diff --git a/wise-webapp/src/main/webapp/WEB-INF/app.properties b/wise-webapp/src/main/webapp/WEB-INF/app.properties
index aec7793d..0046539e 100755
--- a/wise-webapp/src/main/webapp/WEB-INF/app.properties
+++ b/wise-webapp/src/main/webapp/WEB-INF/app.properties
@@ -160,3 +160,4 @@ security.oauth2.google.url=https://accounts.google.com/o/oauth2/v2/auth?redirect
# Coma separated list of domains and emails ban
#accounts.exclusion.domain=
+
diff --git a/wise-webapp/src/main/webapp/WEB-INF/classes/log4j-stdout.properties b/wise-webapp/src/main/webapp/WEB-INF/classes/log4j-stdout.properties
deleted file mode 100644
index 58885ada..00000000
--- a/wise-webapp/src/main/webapp/WEB-INF/classes/log4j-stdout.properties
+++ /dev/null
@@ -1,7 +0,0 @@
-# Debug level
-log4j.rootLogger=INFO,stdout
-
-# Stdout logger
-log4j.appender.stdout=org.apache.log4j.ConsoleAppender
-log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
-log4j.appender.stdout.layout.ConversionPattern=%d %p %c - %m%n
\ No newline at end of file
diff --git a/wise-webapp/src/main/webapp/WEB-INF/classes/log4j-stdout.xml b/wise-webapp/src/main/webapp/WEB-INF/classes/log4j-stdout.xml
new file mode 100644
index 00000000..27ef8dd7
--- /dev/null
+++ b/wise-webapp/src/main/webapp/WEB-INF/classes/log4j-stdout.xml
@@ -0,0 +1,19 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/wise-webapp/src/main/webapp/WEB-INF/classes/log4j.properties b/wise-webapp/src/main/webapp/WEB-INF/classes/log4j.properties
deleted file mode 100644
index 75809f93..00000000
--- a/wise-webapp/src/main/webapp/WEB-INF/classes/log4j.properties
+++ /dev/null
@@ -1,24 +0,0 @@
-# Log levels
-log4j.rootLogger=INFO, stdout, R
-log4j.logger.com.wisemapping=DEBUG,R
-log4j.logger.org.springframework=DEBUG,R
-log4j.logger.org.hibernate=INFO,R
-log4j.logger.org.hibernate.type.descriptor.sql.BasicBinder=TRACE,R
-log4j.logger.org.hibernate.SQL=DEBUG,R
-
-# Stdout logger
-log4j.appender.stdout=org.apache.log4j.ConsoleAppender
-log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
-log4j.appender.stdout.layout.ConversionPattern=%d %p %c - %m%n
-
-
-# File Writer Logger
-log4j.appender.R=org.apache.log4j.RollingFileAppender
-log4j.appender.R.File=wisemapping.log
-
-log4j.appender.R.MaxFileSize=100KB
-# Keep one backup file
-log4j.appender.R.MaxBackupIndex=1
-
-log4j.appender.R.layout=org.apache.log4j.PatternLayout
-log4j.appender.R.layout.ConversionPattern=%d %p %c - %m%n
diff --git a/wise-webapp/src/main/webapp/WEB-INF/classes/log4j2.xml b/wise-webapp/src/main/webapp/WEB-INF/classes/log4j2.xml
new file mode 100644
index 00000000..66b2f29f
--- /dev/null
+++ b/wise-webapp/src/main/webapp/WEB-INF/classes/log4j2.xml
@@ -0,0 +1,24 @@
+
+
+
+
+
+
+
+
+ %d %p %c{1.} [%t] %m%n
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/wise-webapp/src/main/webapp/WEB-INF/defs/definitions.xml b/wise-webapp/src/main/webapp/WEB-INF/defs/definitions.xml
index 0277589b..4c9d2687 100644
--- a/wise-webapp/src/main/webapp/WEB-INF/defs/definitions.xml
+++ b/wise-webapp/src/main/webapp/WEB-INF/defs/definitions.xml
@@ -2,16 +2,6 @@
-
-
-
-
-
-
-
-
-
-
diff --git a/wise-webapp/src/main/webapp/jsp/error.jsp b/wise-webapp/src/main/webapp/WEB-INF/views/error.jsp
similarity index 100%
rename from wise-webapp/src/main/webapp/jsp/error.jsp
rename to wise-webapp/src/main/webapp/WEB-INF/views/error.jsp
diff --git a/wise-webapp/src/main/webapp/jsp/errorTemplate.jsp b/wise-webapp/src/main/webapp/WEB-INF/views/errorTemplate.jsp
similarity index 100%
rename from wise-webapp/src/main/webapp/jsp/errorTemplate.jsp
rename to wise-webapp/src/main/webapp/WEB-INF/views/errorTemplate.jsp
diff --git a/wise-webapp/src/main/webapp/jsp/init.jsp b/wise-webapp/src/main/webapp/WEB-INF/views/init.jsp
similarity index 100%
rename from wise-webapp/src/main/webapp/jsp/init.jsp
rename to wise-webapp/src/main/webapp/WEB-INF/views/init.jsp
diff --git a/wise-webapp/src/main/webapp/jsp/mindmapEditor.jsp b/wise-webapp/src/main/webapp/WEB-INF/views/mindmapEditor.jsp
similarity index 96%
rename from wise-webapp/src/main/webapp/jsp/mindmapEditor.jsp
rename to wise-webapp/src/main/webapp/WEB-INF/views/mindmapEditor.jsp
index 4c7434b1..e3478e1d 100644
--- a/wise-webapp/src/main/webapp/jsp/mindmapEditor.jsp
+++ b/wise-webapp/src/main/webapp/WEB-INF/views/mindmapEditor.jsp
@@ -1,7 +1,7 @@
<%@ page import="com.wisemapping.security.Utils" %>
<%@ page import="com.wisemapping.model.User" %>
<%@ page pageEncoding="UTF-8" contentType="text/html; charset=UTF-8" %>
-<%@ include file="/jsp/init.jsp" %>
+<%@ include file="init.jsp" %>
<%--@elvariable id="mindmap" type="com.wisemapping.model.Mindmap"--%>
<%--@elvariable id="editorTryMode" type="java.lang.Boolean"--%>
@@ -16,7 +16,7 @@
- <%@ include file="/jsp/pageHeaders.jsf" %>
+ <%@ include file="pageHeaders.jsf" %>
Loading ... | WiseMapping
diff --git a/wise-webapp/src/main/webapp/jsp/mindmapViewonly.jsp b/wise-webapp/src/main/webapp/WEB-INF/views/mindmapViewonly.jsp
similarity index 97%
rename from wise-webapp/src/main/webapp/jsp/mindmapViewonly.jsp
rename to wise-webapp/src/main/webapp/WEB-INF/views/mindmapViewonly.jsp
index 495ec993..b4fdc6ab 100644
--- a/wise-webapp/src/main/webapp/jsp/mindmapViewonly.jsp
+++ b/wise-webapp/src/main/webapp/WEB-INF/views/mindmapViewonly.jsp
@@ -1,5 +1,5 @@
<%@page pageEncoding="UTF-8" %>
-<%@include file="/jsp/init.jsp" %>
+<%@include file="init.jsp" %>
<%--@elvariable id="mindmap" type="com.wisemapping.model.Mindmap"--%>
@@ -15,7 +15,7 @@
${mindmap.title} | <spring:message code="SITE.TITLE"/>
- <%@ include file="/jsp/pageHeaders.jsf" %>
+ <%@ include file="pageHeaders.jsf" %>