/** * Handles the user authentification for each request sent to OpenCms.<p> * * User authentification is done in three steps: * <ol> * <li>Session authentification: OpenCms stores information of all authentificated * users in an internal storage based on the users session.</li> * <li>Authorization handler authentification: If the session authentification fails, * the current configured authorization handler is called.</li> * <li>Default user: When both authentification methods fail, the user is set to * the default (Guest) user.</li> * </ol> * * @param req the current http request * @param res the current http response * * @return the initialized cms context * * @throws IOException if user authentication fails * @throws CmsException in case something goes wrong */ private CmsObject initCmsObject(HttpServletRequest req, HttpServletResponse res) throws IOException, CmsException { return initCmsObject(req, res, true); }
/** * Returns the CMS object.<p> * * @param req the request * * @return the CMS object * * @throws CmsException if something goes wrong */ protected CmsObject getCmsObject(HttpServletRequest req) throws CmsException { CmsObject cms = OpenCmsCore.getInstance().initCmsObjectFromSession(req); // use the guest user as fall back if (cms == null) { cms = OpenCmsCore.getInstance().initCmsObject(OpenCms.getDefaultUsers().getUserGuest()); String siteRoot = OpenCmsCore.getInstance().getSiteManager().matchRequest(req).getSiteRoot(); cms.getRequestContext().setSiteRoot(siteRoot); } String baseUri = getBaseUri(req, cms); if (baseUri != null) { cms.getRequestContext().setUri(baseUri); } return cms; }
/** * Returns an independent copy of the provided CmsObject.<p> * * This can be useful in case a permanent reference to a CmsObject is stored. * Changing the request context values (for example project, siteroot) in the new CmsObject * will have no side effects to the CmsObject it was copied form.<p> * * @param cms the CmsObject to create a copy of * * @return an independent copy of the provided CmsObject * * @throws CmsException in case the initialization failed * * @see OpenCms#initCmsObject(CmsObject) * @see OpenCms#initCmsObject(CmsObject, CmsContextInfo) * @see OpenCms#initCmsObject(String) */ public static CmsObject initCmsObject(CmsObject cms) throws CmsException { return OpenCmsCore.getInstance().initCmsObject(cms); }
/** * Returns the CMS object.<p> * * @param req the request * * @return the CMS object * * @throws CmsException if something goes wrong */ protected CmsObject getCmsObject(HttpServletRequest req) throws CmsException { CmsObject cms = OpenCmsCore.getInstance().initCmsObjectFromSession(req); // use the guest user as fall back if (cms == null) { cms = OpenCmsCore.getInstance().initCmsObject(OpenCms.getDefaultUsers().getUserGuest()); String siteRoot = OpenCmsCore.getInstance().getSiteManager().matchRequest(req).getSiteRoot(); cms.getRequestContext().setSiteRoot(siteRoot); } String baseUri = getBaseUri(req, cms); if (baseUri != null) { cms.getRequestContext().setUri(baseUri); } return cms; }
/** * Returns an initialized CmsObject with the user and context initialized as provided.<p> * * Note: Only if the provided <code>adminCms</code> CmsObject has admin permissions, * this method allows the creation a CmsObject for any existing user. Otherwise * only the default users 'Guest' and 'Export' can initialized with * this method, all other user names will throw an Exception.<p> * * @param adminCms must either be initialized with "Admin" permissions, or null * @param contextInfo the context info to create a CmsObject for * * @return an initialized CmsObject with the given users permissions * * @throws CmsException if an invalid user name was provided, or if something else goes wrong * * @see org.opencms.db.CmsDefaultUsers#getUserGuest() * @see org.opencms.db.CmsDefaultUsers#getUserExport() * @see OpenCms#initCmsObject(CmsObject) * @see OpenCms#initCmsObject(CmsObject, CmsContextInfo) * @see OpenCms#initCmsObject(String) */ public static CmsObject initCmsObject(CmsObject adminCms, CmsContextInfo contextInfo) throws CmsException { return OpenCmsCore.getInstance().initCmsObject(adminCms, contextInfo); }
/** * Returns an independent copy of the provided CmsObject.<p> * * This can be useful in case a permanent reference to a CmsObject is stored. * Changing the request context values (for example project, siteroot) in the new CmsObject * will have no side effects to the CmsObject it was copied form.<p> * * @param cms the CmsObject to create a copy of * * @return an independent copy of the provided CmsObject * * @throws CmsException in case the initialization failed * * @see OpenCms#initCmsObject(CmsObject) * @see OpenCms#initCmsObject(CmsObject, CmsContextInfo) * @see OpenCms#initCmsObject(String) */ public static CmsObject initCmsObject(CmsObject cms) throws CmsException { return OpenCmsCore.getInstance().initCmsObject(cms); }
/** * Returns an initialized CmsObject with the user and context initialized as provided.<p> * * Note: Only if the provided <code>adminCms</code> CmsObject has admin permissions, * this method allows the creation a CmsObject for any existing user. Otherwise * only the default users 'Guest' and 'Export' can initialized with * this method, all other user names will throw an Exception.<p> * * @param adminCms must either be initialized with "Admin" permissions, or null * @param contextInfo the context info to create a CmsObject for * * @return an initialized CmsObject with the given users permissions * * @throws CmsException if an invalid user name was provided, or if something else goes wrong * * @see org.opencms.db.CmsDefaultUsers#getUserGuest() * @see org.opencms.db.CmsDefaultUsers#getUserExport() * @see OpenCms#initCmsObject(CmsObject) * @see OpenCms#initCmsObject(CmsObject, CmsContextInfo) * @see OpenCms#initCmsObject(String) */ public static CmsObject initCmsObject(CmsObject adminCms, CmsContextInfo contextInfo) throws CmsException { return OpenCmsCore.getInstance().initCmsObject(adminCms, contextInfo); }
/** * Returns an initialized CmsObject with the user initialized as provided, * with the "Online" project selected and "/" set as the current site root.<p> * * Note: Only the default users 'Guest' and 'Export' can initialized with * this method, all other user names will throw an Exception.<p> * * @param user the user name to initialize, can only be * {@link org.opencms.db.CmsDefaultUsers#getUserGuest()} or * {@link org.opencms.db.CmsDefaultUsers#getUserExport()} * * @return an initialized CmsObject with the given users permissions * * @throws CmsException if an invalid user name was provided, or if something else goes wrong * * @see org.opencms.db.CmsDefaultUsers#getUserGuest() * @see org.opencms.db.CmsDefaultUsers#getUserExport() * @see OpenCms#initCmsObject(String) * @see #initCmsObject(CmsObject, CmsContextInfo) */ protected CmsObject initCmsObject(String user) throws CmsException { return initCmsObject(null, new CmsContextInfo(user)); }
/** * Initializes the OpenCms context for Vaadin UI servlet.<p> * * @param req the request * @param res the response * @param servlet the UI servlet * * @throws IOException if user authentication fails * @throws CmsException if something goes wrong */ protected void initCmsContextForUI(HttpServletRequest req, HttpServletResponse res, CmsUIServlet servlet) throws IOException, CmsException { // instantiate CMS context String originalEncoding = req.getCharacterEncoding(); String referrer = req.getHeader("referer"); boolean allowPrivilegedLogin = (referrer == null) || !referrer.contains(CmsWorkplaceLoginHandler.LOGIN_HANDLER); CmsObject cms = initCmsObject(req, res, allowPrivilegedLogin); servlet.setCms(cms); if (originalEncoding != null) { // getI18NInfo sets wrong encoding req.setCharacterEncoding(originalEncoding); } }
/** * Returns an initialized CmsObject with the user initialized as provided, * with the "Online" project selected and "/" set as the current site root.<p> * * Note: Only the default users 'Guest' and 'Export' can initialized with * this method, all other user names will throw an Exception.<p> * * @param user the user name to initialize, can only be * {@link org.opencms.db.CmsDefaultUsers#getUserGuest()} or * {@link org.opencms.db.CmsDefaultUsers#getUserExport()} * * @return an initialized CmsObject with the given users permissions * * @throws CmsException if an invalid user name was provided, or if something else goes wrong * * @see org.opencms.db.CmsDefaultUsers#getUserGuest() * @see org.opencms.db.CmsDefaultUsers#getUserExport() * @see OpenCms#initCmsObject(String) * @see #initCmsObject(CmsObject, CmsContextInfo) */ protected CmsObject initCmsObject(String user) throws CmsException { return initCmsObject(null, new CmsContextInfo(user)); }
/** * Returns an initialized CmsObject (OpenCms user context) with the user initialized as provided, * with the "Online" project selected and "/" set as the current site root.<p> * * Note: Only the default users 'Guest' and 'Export' can initialized with * this method, all other user names will throw an Exception.<p> * * In order to initialize another user (for example, the {@link CmsDefaultUsers#getUserAdmin()}), * you need to get the 'Guest' user context first, then login the target user with * his user name and password, using {@link CmsObject#loginUser(String, String)}. * There is no way to obtain a user context other then the 'Guest' or 'Export' user * without the users password. This is a security feature.<p> * * @param user the user name to initialize, can only be * {@link org.opencms.db.CmsDefaultUsers#getUserGuest()} or * {@link org.opencms.db.CmsDefaultUsers#getUserExport()} * * @return an initialized CmsObject with the given users permissions * * @throws CmsException if an invalid user name was provided, or if something else goes wrong * * @see org.opencms.db.CmsDefaultUsers#getUserGuest() * @see org.opencms.db.CmsDefaultUsers#getUserExport() * @see OpenCms#initCmsObject(CmsObject) * @see OpenCms#initCmsObject(CmsObject, CmsContextInfo) * @see OpenCms#initCmsObject(String) */ public static CmsObject initCmsObject(String user) throws CmsException { return OpenCmsCore.getInstance().initCmsObject(user); }
/** * Returns an initialized CmsObject (OpenCms user context) with the user initialized as provided, * with the "Online" project selected and "/" set as the current site root.<p> * * Note: Only the default users 'Guest' and 'Export' can initialized with * this method, all other user names will throw an Exception.<p> * * In order to initialize another user (for example, the {@link CmsDefaultUsers#getUserAdmin()}), * you need to get the 'Guest' user context first, then login the target user with * his user name and password, using {@link CmsObject#loginUser(String, String)}. * There is no way to obtain a user context other then the 'Guest' or 'Export' user * without the users password. This is a security feature.<p> * * @param user the user name to initialize, can only be * {@link org.opencms.db.CmsDefaultUsers#getUserGuest()} or * {@link org.opencms.db.CmsDefaultUsers#getUserExport()} * * @return an initialized CmsObject with the given users permissions * * @throws CmsException if an invalid user name was provided, or if something else goes wrong * * @see org.opencms.db.CmsDefaultUsers#getUserGuest() * @see org.opencms.db.CmsDefaultUsers#getUserExport() * @see OpenCms#initCmsObject(CmsObject) * @see OpenCms#initCmsObject(CmsObject, CmsContextInfo) * @see OpenCms#initCmsObject(String) */ public static CmsObject initCmsObject(String user) throws CmsException { return OpenCmsCore.getInstance().initCmsObject(user); }
/** * Returns an independent copy of the provided CmsObject.<p> * * This can be useful in case a permanent reference to a CmsObject is stored. * Changing the request context values (for example project, siteroot) in the new CmsObject * will have no side effects to the CmsObject it was copied form.<p> * * The request time (<code>{@link CmsRequestContext#getRequestTime()}</code>) * is set to the current time.<p> * * @param cms the CmsObject to create a copy of * * @return an independent copy of the provided CmsObject * * @throws CmsException in case the initialization failed * * @see OpenCms#initCmsObject(CmsObject) * @see OpenCms#initCmsObject(CmsObject, CmsContextInfo) * @see OpenCms#initCmsObject(String) */ protected CmsObject initCmsObject(CmsObject cms) throws CmsException { CmsContextInfo contextInfo = new CmsContextInfo(cms.getRequestContext()); contextInfo.setRequestTime(CmsContextInfo.CURRENT_TIME); return initCmsObject(contextInfo); }
/** * Returns an independent copy of the provided CmsObject.<p> * * This can be useful in case a permanent reference to a CmsObject is stored. * Changing the request context values (for example project, siteroot) in the new CmsObject * will have no side effects to the CmsObject it was copied form.<p> * * The request time (<code>{@link CmsRequestContext#getRequestTime()}</code>) * is set to the current time.<p> * * @param cms the CmsObject to create a copy of * * @return an independent copy of the provided CmsObject * * @throws CmsException in case the initialization failed * * @see OpenCms#initCmsObject(CmsObject) * @see OpenCms#initCmsObject(CmsObject, CmsContextInfo) * @see OpenCms#initCmsObject(String) */ protected CmsObject initCmsObject(CmsObject cms) throws CmsException { CmsContextInfo contextInfo = new CmsContextInfo(cms.getRequestContext()); contextInfo.setRequestTime(CmsContextInfo.CURRENT_TIME); return initCmsObject(contextInfo); }
CmsObject newCms = initCmsObject(m_adminCms, contextInfo);
/** * Displays a resource from the OpenCms by writing the result to the provided * Servlet response output stream.<p> * * @param req the current servlet request * @param res the current servlet response */ protected void showResource(HttpServletRequest req, HttpServletResponse res) { CmsObject cms = null; try { cms = initCmsObject(req, res); // user is initialized, now deliver the requested resource CmsResource resource = initResource(cms, cms.getRequestContext().getUri(), req, res); if (resource != null) { // a file was read, go on process it m_resourceManager.loadResource(cms, resource, req, res); m_sessionManager.updateSessionInfo(cms, req); } } catch (Throwable t) { errorHandling(cms, req, res, t); } }
return initCmsObject(contextInfo);
cms = initCmsObject(req, res);
/** * This method updates the request context information.<p> * * The update information is:<br> * <ul> * <li>Requested Url</li> * <li>Locale</li> * <li>Encoding</li> * <li>Remote Address</li> * <li>Request Time</li> * </ul> * * @param request the current request * @param cms the cms object to update the request context for * * @return a new updated cms context * * @throws CmsException if something goes wrong */ protected CmsObject updateContext(HttpServletRequest request, CmsObject cms) throws CmsException { // get the right site for the request CmsSite site = OpenCms.getSiteManager().matchRequest(request); return initCmsObject( request, cms.getRequestContext().currentUser(), site.getSiteRoot(), cms.getRequestContext().currentProject().getUuid(), cms.getRequestContext().getOuFqn()); }
CmsObject newCms = initCmsObject(m_adminCms, contextInfo);