diff --git a/pom.xml b/pom.xml
index 8c41bd2b67df7a812a19772297be0cd4f7819da4..42279be9f3be99fb3d2d7d316e8549901aadeba8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -67,7 +67,7 @@
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
- <version>1.4.1</version>
+ <version>1.5.3</version>
</dependency>
<dependency>
<groupId>junit</groupId>
diff --git a/src/main/java/caosdb/server/CaosAuthenticator.java b/src/main/java/caosdb/server/CaosAuthenticator.java
index 021f4ab7d4541756df63fa4bf6878fa603179679..f2f5ebc42f84857a00540b720328a7e4de585352 100644
--- a/src/main/java/caosdb/server/CaosAuthenticator.java
+++ b/src/main/java/caosdb/server/CaosAuthenticator.java
@@ -60,15 +60,16 @@ public class CaosAuthenticator extends Authenticator {
if (sessionToken != null) {
subject.login(sessionToken);
}
+
+ // anonymous users
+ if (!subject.isAuthenticated()
+ && CaosDBServer.getServerProperty(ServerProperties.KEY_AUTH_OPTIONAL)
+ .equalsIgnoreCase("TRUE")) {
+ subject.login(AuthenticationUtils.ANONYMOUS_USER);
+ }
} catch (AuthenticationException e) {
logger.info("LOGIN_FAILED", e);
}
- // anonymous users
- if (!subject.isAuthenticated()
- && CaosDBServer.getServerProperty(ServerProperties.KEY_AUTH_OPTIONAL)
- .equalsIgnoreCase("TRUE")) {
- subject.login(AuthenticationUtils.ANONYMOUS_USER);
- }
return subject.isAuthenticated();
}
diff --git a/src/main/java/caosdb/server/CaosDBServer.java b/src/main/java/caosdb/server/CaosDBServer.java
index be705aa58eef7ba045391322d24e267524ebee05..2134734103c64dfcb21de7836c735117091a0062 100644
--- a/src/main/java/caosdb/server/CaosDBServer.java
+++ b/src/main/java/caosdb/server/CaosDBServer.java
@@ -19,50 +19,6 @@
*/
package caosdb.server;
-import caosdb.server.accessControl.AnonymousRealm;
-import caosdb.server.accessControl.AuthenticationUtils;
-import caosdb.server.accessControl.CaosDBAuthorizingRealm;
-import caosdb.server.accessControl.CaosDBDefaultRealm;
-import caosdb.server.accessControl.OneTimeAuthenticationToken;
-import caosdb.server.accessControl.SessionToken;
-import caosdb.server.accessControl.SessionTokenRealm;
-import caosdb.server.database.BackendTransaction;
-import caosdb.server.database.access.Access;
-import caosdb.server.database.backend.transaction.RetrieveDatatypes;
-import caosdb.server.database.misc.TransactionBenchmark;
-import caosdb.server.datatype.AbstractDatatype;
-import caosdb.server.entity.EntityInterface;
-import caosdb.server.entity.Role;
-import caosdb.server.entity.container.Container;
-import caosdb.server.logging.RequestErrorLogMessage;
-import caosdb.server.resource.AuthenticationResource;
-import caosdb.server.resource.DefaultResource;
-import caosdb.server.resource.EntityOwnerResource;
-import caosdb.server.resource.EntityPermissionsResource;
-import caosdb.server.resource.FileSystemResource;
-import caosdb.server.resource.InfoResource;
-import caosdb.server.resource.LogoutResource;
-import caosdb.server.resource.PermissionRulesResource;
-import caosdb.server.resource.RolesResource;
-import caosdb.server.resource.ScriptingResource;
-import caosdb.server.resource.ServerLogsResource;
-import caosdb.server.resource.ServerPropertiesResource;
-import caosdb.server.resource.SharedFileResource;
-import caosdb.server.resource.ThumbnailsResource;
-import caosdb.server.resource.UserResource;
-import caosdb.server.resource.UserRolesResource;
-import caosdb.server.resource.Webinterface;
-import caosdb.server.resource.WebinterfaceBuildNumber;
-import caosdb.server.resource.transaction.EntityNamesResource;
-import caosdb.server.resource.transaction.EntityResource;
-import caosdb.server.terminal.CaosDBTerminal;
-import caosdb.server.terminal.StatsPanel;
-import caosdb.server.terminal.SystemErrPanel;
-import caosdb.server.transaction.ChecksumUpdater;
-import caosdb.server.utils.FileUtils;
-import caosdb.server.utils.Initialization;
-import caosdb.server.utils.NullPrintStream;
-import caosdb.server.utils.Utils;
import java.io.BufferedReader;
import java.io.FileNotFoundException;
import java.io.IOException;
@@ -79,10 +35,9 @@ import java.util.logging.LogRecord;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.config.Ini;
import org.apache.shiro.config.Ini.Section;
-import org.apache.shiro.config.IniSecurityManagerFactory;
+import org.apache.shiro.env.BasicIniEnvironment;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
-import org.apache.shiro.util.Factory;
import org.apache.shiro.util.ThreadContext;
import org.quartz.JobDetail;
import org.quartz.Scheduler;
@@ -111,6 +66,50 @@ import org.restlet.routing.Variable;
import org.restlet.util.Series;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import caosdb.server.accessControl.AnonymousRealm;
+import caosdb.server.accessControl.AuthenticationUtils;
+import caosdb.server.accessControl.CaosDBAuthorizingRealm;
+import caosdb.server.accessControl.CaosDBDefaultRealm;
+import caosdb.server.accessControl.OneTimeAuthenticationToken;
+import caosdb.server.accessControl.SessionToken;
+import caosdb.server.accessControl.SessionTokenRealm;
+import caosdb.server.database.BackendTransaction;
+import caosdb.server.database.access.Access;
+import caosdb.server.database.backend.transaction.RetrieveDatatypes;
+import caosdb.server.database.misc.TransactionBenchmark;
+import caosdb.server.datatype.AbstractDatatype;
+import caosdb.server.entity.EntityInterface;
+import caosdb.server.entity.Role;
+import caosdb.server.entity.container.Container;
+import caosdb.server.logging.RequestErrorLogMessage;
+import caosdb.server.resource.AuthenticationResource;
+import caosdb.server.resource.DefaultResource;
+import caosdb.server.resource.EntityOwnerResource;
+import caosdb.server.resource.EntityPermissionsResource;
+import caosdb.server.resource.FileSystemResource;
+import caosdb.server.resource.InfoResource;
+import caosdb.server.resource.LogoutResource;
+import caosdb.server.resource.PermissionRulesResource;
+import caosdb.server.resource.RolesResource;
+import caosdb.server.resource.ScriptingResource;
+import caosdb.server.resource.ServerLogsResource;
+import caosdb.server.resource.ServerPropertiesResource;
+import caosdb.server.resource.SharedFileResource;
+import caosdb.server.resource.ThumbnailsResource;
+import caosdb.server.resource.UserResource;
+import caosdb.server.resource.UserRolesResource;
+import caosdb.server.resource.Webinterface;
+import caosdb.server.resource.WebinterfaceBuildNumber;
+import caosdb.server.resource.transaction.EntityNamesResource;
+import caosdb.server.resource.transaction.EntityResource;
+import caosdb.server.terminal.CaosDBTerminal;
+import caosdb.server.terminal.StatsPanel;
+import caosdb.server.terminal.SystemErrPanel;
+import caosdb.server.transaction.ChecksumUpdater;
+import caosdb.server.utils.FileUtils;
+import caosdb.server.utils.Initialization;
+import caosdb.server.utils.NullPrintStream;
+import caosdb.server.utils.Utils;
public class CaosDBServer extends Application {
@@ -225,6 +224,8 @@ public class CaosDBServer extends Application {
INSECURE = true;
}
}
+ INSECURE = INSECURE && isDebugMode(); // only allow insecure in debug mode
+ START_BACKEND = START_BACKEND || !isDebugMode(); // always start backend if // not in debug mode
}
public static Ini getShiroConfig() {
@@ -245,67 +246,46 @@ public class CaosDBServer extends Application {
"securityManager.subjectDAO.sessionStorageEvaluator.sessionStorageEnabled", "false");
return config;
}
-
- /**
- * This main method starts up a web application that will listen on a port defined in the config
- * file.
- *
- * @param args One option temporarily (for testing) available: silent: If present: disable
- * System.out-stream (stream to a NullPrintStream). This makes the response of the database
- * amazingly faster.
- * @throws IOException
- * @throws FileNotFoundException
- * @throws SecurityException
- * @throws Exception If problems occur.
- */
- public static void main(final String[] args)
- throws SecurityException, FileNotFoundException, IOException {
- try {
- init(args);
- initScheduler();
- initServerProperties();
- initTimeZone();
- OneTimeAuthenticationToken.init();
- } catch (Exception e1) {
- logger.error("Could not configure the server.", e1);
- System.exit(1);
- }
-
- INSECURE = INSECURE && isDebugMode(); // only allow insecure in debug mode
- START_BACKEND = START_BACKEND || !isDebugMode(); // always start backend if
- // not in debug mode
-
+
+
+ public static void initShiro(Ini config) {
+ BasicIniEnvironment env = new BasicIniEnvironment(config);
+ final SecurityManager securityManager = env.getSecurityManager();
+ SecurityUtils.setSecurityManager(securityManager);
+ }
+
+ public static void initShiro() {
// init Shiro (user authentication/authorization and session management)
final Ini config = getShiroConfig();
- final Factory<SecurityManager> factory = new IniSecurityManagerFactory(config);
- final SecurityManager securityManager = factory.getInstance();
- SecurityUtils.setSecurityManager(securityManager);
-
- final Initialization init = Initialization.setUp();
- try {
- // init backend
- if (START_BACKEND) {
- BackendTransaction.init();
-
- // init benchmark
- TransactionBenchmark.getRootInstance();
+ initShiro(config);
+ }
+
+ public static void initBackend() throws Exception {
+ if (START_BACKEND) {
+ try (final Initialization init = Initialization.setUp()){
+ BackendTransaction.init();
- // Role
- Role.init(init.getAccess());
+ // init benchmark
+ TransactionBenchmark.getRootInstance();
- // Data types
- initDatatypes(init.getAccess());
+ // Role
+ Role.init(init.getAccess());
- // check for chown script
- FileUtils.testChownScript();
+ // Data types
+ initDatatypes(init.getAccess());
- // ChecksumUpdater
- ChecksumUpdater.start();
- } else {
- logger.info("NO BACKEND");
- }
+ // check for chown script
+ FileUtils.testChownScript();
- // GUI
+ // ChecksumUpdater
+ ChecksumUpdater.start();
+ }
+ } else {
+ logger.info("NO BACKEND");
+ }
+ }
+
+ public static void initGUI() throws InterruptedException {
if (START_GUI) {
final CaosDBTerminal caosDBTerminal = new CaosDBTerminal();
caosDBTerminal.setName("CaosDBTerminal");
@@ -329,40 +309,67 @@ public class CaosDBServer extends Application {
logger.info("NO GUI");
System.setOut(new NullPrintStream());
}
+ }
+
+
- // Web server properties
- final int port_https =
- Integer.parseInt(getServerProperty(ServerProperties.KEY_SERVER_PORT_HTTPS));
- final int port_http =
- Integer.parseInt(getServerProperty(ServerProperties.KEY_SERVER_PORT_HTTP));
- int port_redirect_https;
- try {
- port_redirect_https =
- Integer.parseInt(getServerProperty(ServerProperties.KEY_REDIRECT_HTTP_TO_HTTPS_PORT));
- } catch (NumberFormatException e) {
- port_redirect_https = port_https;
- }
- final int initialConnections =
- Integer.parseInt(getServerProperty(ServerProperties.KEY_INITIAL_CONNECTIONS));
- final int maxTotalConnections =
- Integer.parseInt(getServerProperty(ServerProperties.KEY_MAX_CONNECTIONS));
-
- init.release();
-
- if (INSECURE) {
- runHTTPServer(port_http, initialConnections, maxTotalConnections);
- } else {
- runHTTPSServer(
- port_https, port_http, port_redirect_https, initialConnections, maxTotalConnections);
- }
+ /**
+ * This main method starts up a web application that will listen on a port defined in the config
+ * file.
+ *
+ * @param args One option temporarily (for testing) available: silent: If present: disable
+ * System.out-stream (stream to a NullPrintStream). This makes the response of the database
+ * amazingly faster.
+ * @throws IOException
+ * @throws FileNotFoundException
+ * @throws SecurityException
+ * @throws Exception If problems occur.
+ */
+ public static void main(final String[] args)
+ throws SecurityException, FileNotFoundException, IOException {
+ try {
+ init(args);
+ initScheduler();
+ initServerProperties();
+ initTimeZone();
+ OneTimeAuthenticationToken.init();
+ initShiro();
+ initBackend();
+ initWebServer();
initShutDownHook();
- } catch (final Exception e) {
- logger.error("Server start failed.", e);
- init.release();
+ } catch (Exception e1) {
+ logger.error("Could not start the server.", e1);
System.exit(1);
}
}
+ private static void initWebServer() throws Exception {
+ final int port_https =
+ Integer.parseInt(getServerProperty(ServerProperties.KEY_SERVER_PORT_HTTPS));
+ final int port_http =
+ Integer.parseInt(getServerProperty(ServerProperties.KEY_SERVER_PORT_HTTP));
+ int port_redirect_https;
+ try {
+ port_redirect_https =
+ Integer.parseInt(getServerProperty(ServerProperties.KEY_REDIRECT_HTTP_TO_HTTPS_PORT));
+ } catch (NumberFormatException e) {
+ port_redirect_https = port_https;
+ }
+ final int initialConnections =
+ Integer.parseInt(getServerProperty(ServerProperties.KEY_INITIAL_CONNECTIONS));
+ final int maxTotalConnections =
+ Integer.parseInt(getServerProperty(ServerProperties.KEY_MAX_CONNECTIONS));
+
+
+ if (INSECURE) {
+ runHTTPServer(port_http, initialConnections, maxTotalConnections);
+ } else {
+ runHTTPSServer(
+ port_https, port_http, port_redirect_https, initialConnections, maxTotalConnections);
+ }
+
+ }
+
private static void initScheduler() throws SchedulerException {
SCHEDULER = StdSchedulerFactory.getDefaultScheduler();
SCHEDULER.start();
diff --git a/src/main/java/caosdb/server/accessControl/AuthenticationUtils.java b/src/main/java/caosdb/server/accessControl/AuthenticationUtils.java
index 651aeab6758303bbc0f0419878eaa7a421dbaa21..615a6447ba69bb3eba2ec9b43894924f08bf4e0d 100644
--- a/src/main/java/caosdb/server/accessControl/AuthenticationUtils.java
+++ b/src/main/java/caosdb/server/accessControl/AuthenticationUtils.java
@@ -23,12 +23,6 @@
package caosdb.server.accessControl;
import static caosdb.server.utils.Utils.URLDecodeWithUTF8;
-
-import caosdb.server.CaosDBServer;
-import caosdb.server.ServerProperties;
-import caosdb.server.permissions.ResponsibleAgent;
-import caosdb.server.permissions.Role;
-import caosdb.server.utils.Utils;
import java.sql.Timestamp;
import java.util.Collection;
import java.util.LinkedList;
@@ -36,8 +30,11 @@ import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.subject.Subject;
import org.restlet.data.Cookie;
import org.restlet.data.CookieSetting;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import caosdb.server.CaosDBServer;
+import caosdb.server.ServerProperties;
+import caosdb.server.permissions.ResponsibleAgent;
+import caosdb.server.permissions.Role;
+import caosdb.server.utils.Utils;
/**
* Useful static methods, mainly for parsing and serializing SessionTokens by the means of web
@@ -47,8 +44,6 @@ import org.slf4j.LoggerFactory;
*/
public class AuthenticationUtils {
- private static final Logger logger = LoggerFactory.getLogger(AuthenticationUtils.class);
-
public static final String ONE_TIME_TOKEN_COOKIE = "OneTimeToken";
public static final String SESSION_TOKEN_COOKIE = "SessionToken";
public static final String SESSION_TIMEOUT_COOKIE = "SessionTimeOut";
@@ -102,11 +97,7 @@ public class AuthenticationUtils {
if (cookie != null) {
final String tokenString = URLDecodeWithUTF8(cookie.getValue());
if (tokenString != null && !tokenString.equals("")) {
- try {
- return SelfValidatingAuthenticationToken.parse(tokenString, curry);
- } catch (final Exception e) {
- logger.warn("AUTHTOKEN_PARSING_FAILED", e);
- }
+ return SelfValidatingAuthenticationToken.parse(tokenString, curry);
}
}
return null;
diff --git a/src/main/java/caosdb/server/accessControl/OneTimeAuthenticationToken.java b/src/main/java/caosdb/server/accessControl/OneTimeAuthenticationToken.java
index 69ab0b546294d9753ee809dfdccafc0c6d708a12..3c4ddbca406204a517162eb694c4dc802a02b3cf 100644
--- a/src/main/java/caosdb/server/accessControl/OneTimeAuthenticationToken.java
+++ b/src/main/java/caosdb/server/accessControl/OneTimeAuthenticationToken.java
@@ -189,7 +189,7 @@ public class OneTimeAuthenticationToken extends SelfValidatingAuthenticationToke
}
public static OneTimeAuthenticationToken generate(Config c) {
- return generate(c, AnonymousAuthenticationToken.PRINCIPAL, null);
+ return generate(c, new Principal(AnonymousAuthenticationToken.PRINCIPAL), null);
}
public static OneTimeAuthenticationToken generateForPurpose(
diff --git a/src/main/java/caosdb/server/terminal/CaosDBTerminal.java b/src/main/java/caosdb/server/terminal/CaosDBTerminal.java
index 8113d4e1e7c36adb517543b778d03ec9a0970598..02b9465cecfc816b7e76da60495bdee44c40debc 100644
--- a/src/main/java/caosdb/server/terminal/CaosDBTerminal.java
+++ b/src/main/java/caosdb/server/terminal/CaosDBTerminal.java
@@ -22,14 +22,19 @@
*/
package caosdb.server.terminal;
+import java.nio.charset.Charset;
import com.googlecode.lanterna.TerminalFacade;
import com.googlecode.lanterna.gui.GUIScreen;
import com.googlecode.lanterna.gui.GUIScreen.Position;
import com.googlecode.lanterna.screen.Screen;
import com.googlecode.lanterna.terminal.Terminal;
import com.googlecode.lanterna.terminal.text.UnixTerminal;
-import java.nio.charset.Charset;
+/**
+ * @deprecated Soon to be removed
+ * @author Timm Fitschen (t.fitschen@indiscale.com)
+ */
+@Deprecated
public class CaosDBTerminal extends Thread {
public CaosDBTerminal() {
diff --git a/src/main/java/caosdb/server/utils/FileUtils.java b/src/main/java/caosdb/server/utils/FileUtils.java
index 824646caab6983863acd7d35a276a1213b393235..00f243bcff6d84a276892b3363665b8e3bb1cc9e 100644
--- a/src/main/java/caosdb/server/utils/FileUtils.java
+++ b/src/main/java/caosdb/server/utils/FileUtils.java
@@ -25,13 +25,6 @@ package caosdb.server.utils;
import static java.nio.file.Files.isSameFile;
import static java.nio.file.Files.isSymbolicLink;
import static java.nio.file.Files.readSymbolicLink;
-
-import caosdb.server.CaosDBException;
-import caosdb.server.CaosDBServer;
-import caosdb.server.FileSystem;
-import caosdb.server.ServerProperties;
-import caosdb.server.database.exceptions.TransactionException;
-import caosdb.server.entity.Message;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
@@ -44,6 +37,12 @@ import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import org.eclipse.jetty.io.RuntimeIOException;
+import caosdb.server.CaosDBException;
+import caosdb.server.CaosDBServer;
+import caosdb.server.FileSystem;
+import caosdb.server.ServerProperties;
+import caosdb.server.database.exceptions.TransactionException;
+import caosdb.server.entity.Message;
public class FileUtils {
@@ -218,6 +217,13 @@ public class FileUtils {
}
}
+ /**
+ * @deprecated Soon to be removed.
+ * @throws IOException
+ * @throws InterruptedException
+ * @throws CaosDBException
+ */
+ @Deprecated
public static void testChownScript() throws IOException, InterruptedException, CaosDBException {
final String sudopw = CaosDBServer.getServerProperty(ServerProperties.KEY_SUDO_PASSWORD);
final Process cmd =
diff --git a/src/main/java/caosdb/server/utils/Initialization.java b/src/main/java/caosdb/server/utils/Initialization.java
index e77922a417c1a2ef9542cb3dc9b8971ca10b332a..6e1266f87dd6558bd55351d2963133b7a7bb3407 100644
--- a/src/main/java/caosdb/server/utils/Initialization.java
+++ b/src/main/java/caosdb/server/utils/Initialization.java
@@ -26,7 +26,7 @@ import caosdb.server.database.DatabaseMonitor;
import caosdb.server.database.access.Access;
import caosdb.server.transaction.TransactionInterface;
-public final class Initialization implements TransactionInterface {
+public final class Initialization implements TransactionInterface, AutoCloseable {
private Access access;
private static final Initialization instance = new Initialization();
@@ -43,13 +43,15 @@ public final class Initialization implements TransactionInterface {
return this.access;
}
- public final void release() {
+ @Override
+ public void execute() throws Exception {}
+
+ @Override
+ public void close() throws Exception {
if (this.access != null) {
this.access.release();
this.access = null;
}
}
- @Override
- public void execute() throws Exception {}
}
diff --git a/src/test/java/caosdb/server/Misc.java b/src/test/java/caosdb/server/Misc.java
index bcdc1729f008dbb1393fe238a3eb763c67d69e0f..222a0b9db84efa97dcb93fc92e583309af5b9f75 100644
--- a/src/test/java/caosdb/server/Misc.java
+++ b/src/test/java/caosdb/server/Misc.java
@@ -26,10 +26,6 @@ import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
-
-import caosdb.server.database.misc.TransactionBenchmark;
-import caosdb.server.jobs.core.CheckFileStorageConsistency;
-import caosdb.server.utils.CronJob;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
@@ -39,16 +35,15 @@ import java.io.ObjectOutputStream;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.config.Ini;
-import org.apache.shiro.config.IniSecurityManagerFactory;
-import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
-import org.apache.shiro.util.Factory;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
import org.jvnet.libpam.PAMException;
import org.jvnet.libpam.UnixUser;
+import caosdb.server.database.misc.TransactionBenchmark;
+import caosdb.server.jobs.core.CheckFileStorageConsistency;
+import caosdb.server.utils.CronJob;
public class Misc {
@BeforeClass
@@ -293,12 +288,7 @@ public class Misc {
@Test
public void testShiro() {
- Ini config = CaosDBServer.getShiroConfig();
- final Factory<SecurityManager> factory = new IniSecurityManagerFactory(config);
-
- final SecurityManager securityManager = factory.getInstance();
-
- SecurityUtils.setSecurityManager(securityManager);
+ CaosDBServer.initShiro();
final Subject subject = SecurityUtils.getSubject();
diff --git a/src/test/java/caosdb/server/authentication/AuthTokenTest.java b/src/test/java/caosdb/server/authentication/AuthTokenTest.java
index 75bbbb56a60b4510ea7496770256de2ee6148087..4a2c2f1cea901b6ab45f49142a55532c7e65a06d 100644
--- a/src/test/java/caosdb/server/authentication/AuthTokenTest.java
+++ b/src/test/java/caosdb/server/authentication/AuthTokenTest.java
@@ -24,7 +24,19 @@ package caosdb.server.authentication;
import static org.junit.Assert.assertArrayEquals;
import static org.junit.Assert.assertEquals;
-
+import java.io.BufferedReader;
+import java.io.File;
+import java.io.FileReader;
+import java.io.IOException;
+import java.util.List;
+import java.util.Map;
+import org.apache.commons.io.input.CharSequenceInputStream;
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.subject.Subject;
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Test;
import caosdb.server.CaosDBServer;
import caosdb.server.ServerProperties;
import caosdb.server.accessControl.AnonymousAuthenticationToken;
@@ -44,23 +56,6 @@ import caosdb.server.resource.TestScriptingResource.RetrievePasswordValidator;
import caosdb.server.resource.TestScriptingResource.RetrievePermissionRules;
import caosdb.server.resource.TestScriptingResource.RetrieveRole;
import caosdb.server.resource.TestScriptingResource.RetrieveUser;
-import java.io.BufferedReader;
-import java.io.File;
-import java.io.FileReader;
-import java.io.IOException;
-import java.util.List;
-import java.util.Map;
-import org.apache.commons.io.input.CharSequenceInputStream;
-import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.authc.AuthenticationException;
-import org.apache.shiro.config.Ini;
-import org.apache.shiro.config.IniSecurityManagerFactory;
-import org.apache.shiro.mgt.SecurityManager;
-import org.apache.shiro.subject.Subject;
-import org.apache.shiro.util.Factory;
-import org.junit.Assert;
-import org.junit.BeforeClass;
-import org.junit.Test;
public class AuthTokenTest {
@@ -78,12 +73,7 @@ public class AuthTokenTest {
RetrievePasswordValidatorImpl.class, RetrievePasswordValidator.class);
CaosDBServer.initServerProperties();
- Ini config = CaosDBServer.getShiroConfig();
- final Factory<SecurityManager> factory = new IniSecurityManagerFactory(config);
-
- final SecurityManager securityManager = factory.getInstance();
-
- SecurityUtils.setSecurityManager(securityManager);
+ CaosDBServer.initShiro();
}
@Test
diff --git a/src/test/java/caosdb/server/resource/TestScriptingResource.java b/src/test/java/caosdb/server/resource/TestScriptingResource.java
index ddf915fb2bc8f9401c630339b274404ab37545af..9981273565d97d19e887a995d756a502a325d03a 100644
--- a/src/test/java/caosdb/server/resource/TestScriptingResource.java
+++ b/src/test/java/caosdb/server/resource/TestScriptingResource.java
@@ -23,36 +23,13 @@
package caosdb.server.resource;
import static org.junit.Assert.assertEquals;
-
-import caosdb.server.CaosDBServer;
-import caosdb.server.accessControl.AuthenticationUtils;
-import caosdb.server.accessControl.CredentialsValidator;
-import caosdb.server.accessControl.Principal;
-import caosdb.server.accessControl.Role;
-import caosdb.server.database.BackendTransaction;
-import caosdb.server.database.access.Access;
-import caosdb.server.database.backend.interfaces.RetrievePasswordValidatorImpl;
-import caosdb.server.database.backend.interfaces.RetrievePermissionRulesImpl;
-import caosdb.server.database.backend.interfaces.RetrieveRoleImpl;
-import caosdb.server.database.backend.interfaces.RetrieveUserImpl;
-import caosdb.server.database.exceptions.TransactionException;
-import caosdb.server.database.misc.TransactionBenchmark;
-import caosdb.server.database.proto.ProtoUser;
-import caosdb.server.entity.Message;
-import caosdb.server.permissions.PermissionRule;
-import caosdb.server.scripting.ScriptingPermissions;
-import caosdb.server.scripting.ServerSideScriptingCaller;
import java.io.IOException;
import java.util.Date;
import java.util.HashSet;
import java.util.List;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.permission.WildcardPermission;
-import org.apache.shiro.config.Ini;
-import org.apache.shiro.config.IniSecurityManagerFactory;
-import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.subject.Subject;
-import org.apache.shiro.util.Factory;
import org.jdom2.Element;
import org.junit.BeforeClass;
import org.junit.Test;
@@ -65,6 +42,24 @@ import org.restlet.data.Reference;
import org.restlet.data.Status;
import org.restlet.representation.Representation;
import org.restlet.representation.StringRepresentation;
+import caosdb.server.CaosDBServer;
+import caosdb.server.accessControl.AuthenticationUtils;
+import caosdb.server.accessControl.CredentialsValidator;
+import caosdb.server.accessControl.Principal;
+import caosdb.server.accessControl.Role;
+import caosdb.server.database.BackendTransaction;
+import caosdb.server.database.access.Access;
+import caosdb.server.database.backend.interfaces.RetrievePasswordValidatorImpl;
+import caosdb.server.database.backend.interfaces.RetrievePermissionRulesImpl;
+import caosdb.server.database.backend.interfaces.RetrieveRoleImpl;
+import caosdb.server.database.backend.interfaces.RetrieveUserImpl;
+import caosdb.server.database.exceptions.TransactionException;
+import caosdb.server.database.misc.TransactionBenchmark;
+import caosdb.server.database.proto.ProtoUser;
+import caosdb.server.entity.Message;
+import caosdb.server.permissions.PermissionRule;
+import caosdb.server.scripting.ScriptingPermissions;
+import caosdb.server.scripting.ServerSideScriptingCaller;
public class TestScriptingResource {
@@ -164,12 +159,7 @@ public class TestScriptingResource {
RetrievePasswordValidatorImpl.class, RetrievePasswordValidator.class);
CaosDBServer.initServerProperties();
- Ini config = CaosDBServer.getShiroConfig();
- final Factory<SecurityManager> factory = new IniSecurityManagerFactory(config);
-
- final SecurityManager securityManager = factory.getInstance();
-
- SecurityUtils.setSecurityManager(securityManager);
+ CaosDBServer.initShiro();
}
ScriptingResource resource =
diff --git a/src/test/java/caosdb/server/utils/FileUtilsTest.java b/src/test/java/caosdb/server/utils/FileUtilsTest.java
index e4b2411dc0e77ce0225c0637422c84bbab2cc4aa..688b14a85a323c3faba205d6da5dd6a8a40c03b0 100644
--- a/src/test/java/caosdb/server/utils/FileUtilsTest.java
+++ b/src/test/java/caosdb/server/utils/FileUtilsTest.java
@@ -26,19 +26,6 @@ import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
-
-import caosdb.server.CaosDBException;
-import caosdb.server.CaosDBServer;
-import caosdb.server.FileSystem;
-import caosdb.server.ServerProperties;
-import caosdb.server.database.BackendTransaction;
-import caosdb.server.database.access.Access;
-import caosdb.server.database.backend.implementation.UnixFileSystem.UnixFileSystemGetFileIterator.FileNameIterator;
-import caosdb.server.database.backend.implementation.UnixFileSystem.UnixFileSystemHelper;
-import caosdb.server.database.backend.transaction.FileConsistencyCheck;
-import caosdb.server.database.backend.transaction.GetFileIterator;
-import caosdb.server.database.exceptions.TransactionException;
-import caosdb.server.entity.Message;
import java.io.File;
import java.io.IOException;
import java.io.PrintStream;
@@ -46,7 +33,6 @@ import java.io.PrintWriter;
import java.security.NoSuchAlgorithmException;
import java.util.Iterator;
import java.util.regex.Pattern;
-import net.jcip.annotations.NotThreadSafe;
import org.eclipse.jetty.io.RuntimeIOException;
import org.junit.After;
import org.junit.AfterClass;
@@ -56,6 +42,19 @@ import org.junit.BeforeClass;
import org.junit.ClassRule;
import org.junit.Test;
import org.junit.rules.TemporaryFolder;
+import caosdb.server.CaosDBException;
+import caosdb.server.CaosDBServer;
+import caosdb.server.FileSystem;
+import caosdb.server.ServerProperties;
+import caosdb.server.database.BackendTransaction;
+import caosdb.server.database.access.Access;
+import caosdb.server.database.backend.implementation.UnixFileSystem.UnixFileSystemGetFileIterator.FileNameIterator;
+import caosdb.server.database.backend.implementation.UnixFileSystem.UnixFileSystemHelper;
+import caosdb.server.database.backend.transaction.FileConsistencyCheck;
+import caosdb.server.database.backend.transaction.GetFileIterator;
+import caosdb.server.database.exceptions.TransactionException;
+import caosdb.server.entity.Message;
+import net.jcip.annotations.NotThreadSafe;
@NotThreadSafe
public class FileUtilsTest {