001 /* 002 Licensed to the Apache Software Foundation (ASF) under one 003 or more contributor license agreements. See the NOTICE file 004 distributed with this work for additional information 005 regarding copyright ownership. The ASF licenses this file 006 to you under the Apache License, Version 2.0 (the 007 "License"); you may not use this file except in compliance 008 with the License. You may obtain a copy of the License at 009 010 http://www.apache.org/licenses/LICENSE-2.0 011 012 Unless required by applicable law or agreed to in writing, 013 software distributed under the License is distributed on an 014 "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 KIND, either express or implied. See the License for the 016 specific language governing permissions and limitations 017 under the License. 018 */ 019 package org.apache.wiki.tags; 020 021 import java.io.IOException; 022 023 import org.apache.wiki.WikiSession; 024 import org.apache.wiki.auth.AuthenticationManager; 025 026 /** 027 * Includes the content if an user check validates. This has 028 * been considerably enhanced for 2.2. The possibilities for the "status"-argument are: 029 * 030 * <ul> 031 * <li>"anonymous" - the body of the tag is included 032 * if the user is completely unknown (no cookie, no password)</li> 033 * <li>"asserted" - the body of the tag is included 034 * if the user has either been named by a cookie, but 035 * not been authenticated.</li> 036 * <li>"authenticated" - the body of the tag is included 037 * if the user is validated either through the container, 038 * or by our own authentication.</li> 039 * <li>"assertionsAllowed" 040 * - the body of the tag is included 041 * if wiki allows identities to be asserted using cookies.</li> 042 * <li>"assertionsNotAllowed" 043 * - the body of the tag is included 044 * if wiki does <i>not</i> allow identities to 045 * be asserted using cookies.</li> 046 * <li>"containerAuth" - the body of the tag is included 047 * if the user is validated through the container.</li> 048 * <li>"customAuth" - the body of the tag is included 049 * if the user is validated through our own authentication.</li> 050 * <li>"known" - if the user is not anonymous</li> 051 * <li>"notAuthenticated" 052 * - the body of the tag is included 053 * if the user is not yet authenticated.</li> 054 * </ul> 055 * 056 * If the old "exists" -argument is used, it corresponds as follows: 057 * <p> 058 * <tt>exists="true" ==> status="known"<br> 059 * <tt>exists="false" ==> status="unknown"<br> 060 * 061 * It is NOT a good idea to use BOTH of the arguments. 062 * 063 * @since 2.0 064 */ 065 public class UserCheckTag 066 extends WikiTagBase 067 { 068 private static final long serialVersionUID = 3256438110127863858L; 069 private static final String ASSERTED = "asserted"; 070 private static final String AUTHENTICATED = "authenticated"; 071 private static final String ANONYMOUS = "anonymous"; 072 private static final String ASSERTIONS_ALLOWED = "assertionsallowed"; 073 private static final String ASSERTIONS_NOT_ALLOWED = "assertionsnotallowed"; 074 private static final String CONTAINER_AUTH = "containerauth"; 075 private static final String CUSTOM_AUTH = "customauth"; 076 private static final String KNOWN = "known"; 077 private static final String NOT_AUTHENTICATED = "notauthenticated"; 078 079 private String m_status; 080 081 /** 082 * {@inheritDoc} 083 */ 084 @Override 085 public void initTag() 086 { 087 super.initTag(); 088 m_status = null; 089 } 090 091 /** 092 * Get the status as defined above. 093 * 094 * @return The status to be checked. 095 */ 096 public String getStatus() 097 { 098 return m_status; 099 } 100 101 /** 102 * Sets the status as defined above. 103 * 104 * @param status The status to be checked. 105 */ 106 public void setStatus( String status ) 107 { 108 m_status = status.toLowerCase(); 109 } 110 111 112 /** 113 * Sets the "exists" attribute, which is converted on-the-fly into 114 * an equivalent "status" -attribute. This is only for backwards compatibility. 115 * 116 * @param arg If true, works exactly as status = authenticated. If false, works 117 * as if status = anonymous. 118 * @deprecated 119 */ 120 public void setExists( String arg ) 121 { 122 if("true".equals(arg)) 123 { 124 m_status = AUTHENTICATED; 125 } 126 else 127 { 128 m_status = ANONYMOUS; 129 } 130 } 131 132 133 /** 134 * {@inheritDoc} 135 * @see org.apache.wiki.tags.WikiTagBase#doWikiStartTag() 136 */ 137 @Override 138 public final int doWikiStartTag() 139 throws IOException 140 { 141 WikiSession session = m_wikiContext.getWikiSession(); 142 String status = session.getStatus(); 143 AuthenticationManager mgr = m_wikiContext.getEngine().getAuthenticationManager(); 144 boolean containerAuth = mgr.isContainerAuthenticated(); 145 boolean cookieAssertions = mgr.allowsCookieAssertions(); 146 147 if( m_status != null ) 148 { 149 if ( ANONYMOUS.equals( m_status )) 150 { 151 if (status.equals(WikiSession.ANONYMOUS)) 152 { 153 return EVAL_BODY_INCLUDE; 154 } 155 } 156 else if( AUTHENTICATED.equals( m_status )) 157 { 158 if (status.equals(WikiSession.AUTHENTICATED)) 159 { 160 return EVAL_BODY_INCLUDE; 161 } 162 } 163 else if( ASSERTED.equals( m_status )) 164 { 165 if (status.equals(WikiSession.ASSERTED)) 166 { 167 return EVAL_BODY_INCLUDE; 168 } 169 } 170 else if( ASSERTIONS_ALLOWED.equals( m_status )) 171 { 172 if ( cookieAssertions ) 173 { 174 return EVAL_BODY_INCLUDE; 175 } 176 return SKIP_BODY; 177 } 178 else if( ASSERTIONS_NOT_ALLOWED.equals( m_status )) 179 { 180 if ( !cookieAssertions ) 181 { 182 return EVAL_BODY_INCLUDE; 183 } 184 return SKIP_BODY; 185 } 186 else if( CONTAINER_AUTH.equals( m_status )) 187 { 188 if ( containerAuth ) 189 { 190 return EVAL_BODY_INCLUDE; 191 } 192 return SKIP_BODY; 193 } 194 else if( CUSTOM_AUTH.equals( m_status )) 195 { 196 if ( !containerAuth ) 197 { 198 return EVAL_BODY_INCLUDE; 199 } 200 return SKIP_BODY; 201 } 202 else if( KNOWN.equals( m_status )) 203 { 204 if ( !session.isAnonymous() ) 205 { 206 return EVAL_BODY_INCLUDE; 207 } 208 return SKIP_BODY; 209 } 210 else if( NOT_AUTHENTICATED.equals( m_status )) 211 { 212 if (!status.equals(WikiSession.AUTHENTICATED)) 213 { 214 return EVAL_BODY_INCLUDE; 215 } 216 } 217 } 218 219 return SKIP_BODY; 220 } 221 222 }