You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openmeetings.apache.org by so...@apache.org on 2021/04/03 16:39:05 UTC
[openmeetings] branch master updated: [OPENMEETINGS-2593] wicket
and friends
This is an automated email from the ASF dual-hosted git repository.
solomax pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/openmeetings.git
The following commit(s) were added to refs/heads/master by this push:
new ff7f413 [OPENMEETINGS-2593] wicket and friends
ff7f413 is described below
commit ff7f413bba288e571cf7088df3cf9e212f01c56f
Author: Maxim Solodovnik <so...@gmail.com>
AuthorDate: Sat Apr 3 23:38:49 2021 +0700
[OPENMEETINGS-2593] wicket and friends
---
openmeetings-db/pom.xml | 8 +++++-
.../src/site/xdoc/CommandLineAdmin.xml | 2 +-
.../util/crypt/SCryptImplementation.java | 2 +-
openmeetings-web/pom.xml | 16 ++++++------
.../apache/openmeetings/web/app/Application.java | 9 ++++---
.../web/app/OmAuthenticationStrategy.java | 14 ++++++++--
.../apache/openmeetings/web/room/RoomPanel.java | 3 +--
.../webapp/WEB-INF/classes/openmeetings.properties | 3 +++
.../web/app/TestOmAuthenticationStrategy.java | 4 ++-
.../web/pages/install/TestInstall.java | 4 +--
pom.xml | 30 ++++++++++------------
11 files changed, 57 insertions(+), 38 deletions(-)
diff --git a/openmeetings-db/pom.xml b/openmeetings-db/pom.xml
index af04d2f..70f725f 100644
--- a/openmeetings-db/pom.xml
+++ b/openmeetings-db/pom.xml
@@ -39,9 +39,15 @@
<artifactId>openmeetings-util</artifactId>
</dependency>
<dependency>
+ <!-- required for JAXB/CXF -->
+ <groupId>org.glassfish.jaxb</groupId>
+ <artifactId>jaxb-runtime</artifactId>
+ <version>2.3.3</version>
+ </dependency>
+ <dependency>
<groupId>org.wicketstuff</groupId>
<artifactId>wicketstuff-datastore-hazelcast</artifactId>
- <version>${wickets.version}</version>
+ <version>${wicketstuff.version}</version>
</dependency>
<dependency>
<groupId>org.apache.openjpa</groupId>
diff --git a/openmeetings-server/src/site/xdoc/CommandLineAdmin.xml b/openmeetings-server/src/site/xdoc/CommandLineAdmin.xml
index e49f897..bab505c 100644
--- a/openmeetings-server/src/site/xdoc/CommandLineAdmin.xml
+++ b/openmeetings-server/src/site/xdoc/CommandLineAdmin.xml
@@ -53,7 +53,7 @@
-r,--restore Restores OM
-file <arg> file used for backup/restore/install
--------------------------------------------------------------------------------------------------
- -l,--LDAP Import LDAP users into DB
+ -l,--ldap Import LDAP users into DB
-d,--domain-id <arg> LDAP domain Id
--print-only (optional) Print users found instead of importing
--------------------------------------------------------------------------------------------------
diff --git a/openmeetings-util/src/main/java/org/apache/openmeetings/util/crypt/SCryptImplementation.java b/openmeetings-util/src/main/java/org/apache/openmeetings/util/crypt/SCryptImplementation.java
index 560d824..542eef9 100644
--- a/openmeetings-util/src/main/java/org/apache/openmeetings/util/crypt/SCryptImplementation.java
+++ b/openmeetings-util/src/main/java/org/apache/openmeetings/util/crypt/SCryptImplementation.java
@@ -60,7 +60,7 @@ public class SCryptImplementation implements ICrypt {
props.load(is);
cost = Integer.valueOf(props.getProperty("scrypt.cost", "" + cost));
} catch (Exception e) {
- log.error("Failed to initialize the cost", e);
+ log.error("Failed to initialize the cost {}", e.getMessage());
}
}
diff --git a/openmeetings-web/pom.xml b/openmeetings-web/pom.xml
index 8f34c03..1929ad1 100644
--- a/openmeetings-web/pom.xml
+++ b/openmeetings-web/pom.xml
@@ -556,7 +556,7 @@
<dependency>
<groupId>org.wicketstuff</groupId>
<artifactId>wicketstuff-dashboard-core</artifactId>
- <version>${wickets.version}</version>
+ <version>${wicketstuff.version}</version>
</dependency>
<dependency>
<groupId>org.apache.wicket</groupId>
@@ -576,37 +576,37 @@
<dependency>
<groupId>com.googlecode.wicket-jquery-ui</groupId>
<artifactId>wicket-jquery-ui-core</artifactId>
- <version>${wicketju.version}</version>
+ <version>${wicket-jquery-ui.version}</version>
</dependency>
<dependency>
<groupId>com.googlecode.wicket-jquery-ui</groupId>
<artifactId>wicket-jquery-ui</artifactId>
- <version>${wicketju.version}</version>
+ <version>${wicket-jquery-ui.version}</version>
</dependency>
<dependency>
<groupId>com.googlecode.wicket-jquery-ui</groupId>
<artifactId>wicket-jquery-ui-calendar</artifactId>
- <version>${wicketju.version}</version>
+ <version>${wicket-jquery-ui.version}</version>
</dependency>
<dependency>
<groupId>com.googlecode.wicket-jquery-ui</groupId>
<artifactId>wicket-jquery-ui-plugins</artifactId>
- <version>${wicketju.version}</version>
+ <version>${wicket-jquery-ui.version}</version>
</dependency>
<dependency>
<groupId>org.wicketstuff</groupId>
<artifactId>wicketstuff-urlfragment</artifactId>
- <version>${wickets.version}</version>
+ <version>${wicketstuff.version}</version>
</dependency>
<dependency>
<groupId>org.wicketstuff</groupId>
<artifactId>wicketstuff-select2</artifactId>
- <version>${wickets.version}</version>
+ <version>${wicketstuff.version}</version>
</dependency>
<dependency>
<groupId>org.wicketstuff</groupId>
<artifactId>jqplot</artifactId>
- <version>${wickets.version}</version>
+ <version>${wicketstuff.version}</version>
</dependency>
<dependency>
<groupId>de.agilecoders.wicket</groupId>
diff --git a/openmeetings-web/src/main/java/org/apache/openmeetings/web/app/Application.java b/openmeetings-web/src/main/java/org/apache/openmeetings/web/app/Application.java
index 440db0f..c70725e 100644
--- a/openmeetings-web/src/main/java/org/apache/openmeetings/web/app/Application.java
+++ b/openmeetings-web/src/main/java/org/apache/openmeetings/web/app/Application.java
@@ -111,7 +111,7 @@ import org.apache.wicket.markup.head.filter.FilteringHeaderResponse;
import org.apache.wicket.markup.html.WebPage;
import org.apache.wicket.pageStore.IPageStore;
import org.apache.wicket.pageStore.SerializingPageStore;
-import org.apache.wicket.protocol.ws.WebSocketAwareCsrfPreventionRequestCycleListener;
+import org.apache.wicket.protocol.ws.WebSocketAwareResourceIsolationRequestCycleListener;
import org.apache.wicket.request.IRequestHandler;
import org.apache.wicket.request.Response;
import org.apache.wicket.request.Url;
@@ -129,6 +129,7 @@ import org.apache.wicket.validation.validator.UrlValidator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.ApplicationContext;
import org.springframework.stereotype.Component;
import org.wicketstuff.dashboard.WidgetRegistry;
@@ -190,11 +191,13 @@ public class Application extends AuthenticatedWebApplication implements IApplica
private AppointmentDao appointmentDao;
@Autowired
private SipManager sipManager;
+ @Value("${remember.me.encryption.key}")
+ private String encryptionKey;
@Override
protected void init() {
setWicketApplicationName(super.getName());
- getSecuritySettings().setAuthenticationStrategy(new OmAuthenticationStrategy());
+ getSecuritySettings().setAuthenticationStrategy(new OmAuthenticationStrategy(encryptionKey));
getApplicationSettings().setAccessDeniedPage(AccessDeniedPage.class);
getApplicationSettings().setInternalErrorPage(InternalErrorPage.class);
getExceptionSettings().setUnexpectedExceptionDisplay(ExceptionSettings.SHOW_INTERNAL_ERROR_PAGE);
@@ -263,7 +266,7 @@ public class Application extends AuthenticatedWebApplication implements IApplica
//chain of Resource Loaders, if not found it will search in Wicket's internal
//Resource Loader for a the property key
getResourceSettings().getStringResourceLoaders().add(0, new LabelResourceLoader());
- getRequestCycleListeners().add(new WebSocketAwareCsrfPreventionRequestCycleListener() {
+ getRequestCycleListeners().add(new WebSocketAwareResourceIsolationRequestCycleListener() {
@Override
public void onBeginRequest(RequestCycle cycle) {
String wsUrl = getWsUrl(cycle.getRequest().getUrl());
diff --git a/openmeetings-web/src/main/java/org/apache/openmeetings/web/app/OmAuthenticationStrategy.java b/openmeetings-web/src/main/java/org/apache/openmeetings/web/app/OmAuthenticationStrategy.java
index b83266c..070f9ef 100644
--- a/openmeetings-web/src/main/java/org/apache/openmeetings/web/app/OmAuthenticationStrategy.java
+++ b/openmeetings-web/src/main/java/org/apache/openmeetings/web/app/OmAuthenticationStrategy.java
@@ -20,13 +20,15 @@ package org.apache.openmeetings.web.app;
import org.apache.openmeetings.db.entity.user.User.Type;
import org.apache.wicket.authentication.strategy.DefaultAuthenticationStrategy;
+import org.apache.wicket.util.crypt.ICrypt;
+import org.apache.wicket.util.crypt.SunJceCrypt;
import org.apache.wicket.util.string.Strings;
public class OmAuthenticationStrategy extends DefaultAuthenticationStrategy {
private static final String COOKIE_KEY = "LoggedIn";
- public OmAuthenticationStrategy() {
- super(COOKIE_KEY);
+ public OmAuthenticationStrategy(String encryptionKey) {
+ super(COOKIE_KEY, defaultCrypt(encryptionKey));
}
/**
@@ -65,4 +67,12 @@ public class OmAuthenticationStrategy extends DefaultAuthenticationStrategy {
super.save(username, password, type.name(), String.valueOf(domainId));
}
}
+
+ private static ICrypt defaultCrypt(String encryptionKey) {
+ byte[] salt = SunJceCrypt.randomSalt();
+
+ SunJceCrypt crypt = new SunJceCrypt(salt, 1000);
+ crypt.setKey(encryptionKey);
+ return crypt;
+ }
}
diff --git a/openmeetings-web/src/main/java/org/apache/openmeetings/web/room/RoomPanel.java b/openmeetings-web/src/main/java/org/apache/openmeetings/web/room/RoomPanel.java
index 98781c1..de66749 100644
--- a/openmeetings-web/src/main/java/org/apache/openmeetings/web/room/RoomPanel.java
+++ b/openmeetings-web/src/main/java/org/apache/openmeetings/web/room/RoomPanel.java
@@ -529,7 +529,7 @@ public class RoomPanel extends BasePanel {
wb.reloadWb(handler);
}
break;
- case MODERATOR_IN_ROOM: {
+ case MODERATOR_IN_ROOM:
if (!r.isModerated() || !r.isWaitModerator()) {
log.warn("Something weird: `moderatorInRoom` in wrong room {}", r);
} else if (!curClient.hasRight(Room.Right.MODERATOR)) {
@@ -546,7 +546,6 @@ public class RoomPanel extends BasePanel {
}
}
}
- }
break;
case WB_PUT_FILE:
onWbPutFile((TextRoomMessage)m);
diff --git a/openmeetings-web/src/main/webapp/WEB-INF/classes/openmeetings.properties b/openmeetings-web/src/main/webapp/WEB-INF/classes/openmeetings.properties
index 41727a7..b2aadca 100644
--- a/openmeetings-web/src/main/webapp/WEB-INF/classes/openmeetings.properties
+++ b/openmeetings-web/src/main/webapp/WEB-INF/classes/openmeetings.properties
@@ -18,6 +18,9 @@
#
################## Crypt ##################
scrypt.cost=16384
+## please ensure this one is unique, better to regenerate it from time to time
+## can be generated for ex. here https://www.uuidtools.com
+remember.me.encryption.key=27574200-a56f-410a-b2c9-3aa3b4b9389a
################## Timeouts ##################
# 5000 == 5 sec
diff --git a/openmeetings-web/src/test/java/org/apache/openmeetings/web/app/TestOmAuthenticationStrategy.java b/openmeetings-web/src/test/java/org/apache/openmeetings/web/app/TestOmAuthenticationStrategy.java
index ba0e5c9..59faea9 100644
--- a/openmeetings-web/src/test/java/org/apache/openmeetings/web/app/TestOmAuthenticationStrategy.java
+++ b/openmeetings-web/src/test/java/org/apache/openmeetings/web/app/TestOmAuthenticationStrategy.java
@@ -18,6 +18,7 @@
*/
package org.apache.openmeetings.web.app;
+import static java.util.UUID.randomUUID;
import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertNotNull;
import static org.junit.jupiter.api.Assertions.assertNull;
@@ -31,7 +32,8 @@ import org.junit.jupiter.api.Test;
class TestOmAuthenticationStrategy extends AbstractWicketTester {
@Test
void test() {
- OmAuthenticationStrategy s = new OmAuthenticationStrategy();
+ String encKey = randomUUID().toString();
+ OmAuthenticationStrategy s = new OmAuthenticationStrategy(encKey);
s.save(null, null, User.Type.OAUTH, null);
assertNull(s.load(), "Wasn't saved, should not be loaded");
diff --git a/openmeetings-web/src/test/java/org/apache/openmeetings/web/pages/install/TestInstall.java b/openmeetings-web/src/test/java/org/apache/openmeetings/web/pages/install/TestInstall.java
index cab2612..de2da84 100644
--- a/openmeetings-web/src/test/java/org/apache/openmeetings/web/pages/install/TestInstall.java
+++ b/openmeetings-web/src/test/java/org/apache/openmeetings/web/pages/install/TestInstall.java
@@ -51,7 +51,7 @@ import org.apache.openmeetings.web.app.WebSession;
import org.apache.wicket.ajax.AjaxClientInfoBehavior;
import org.apache.wicket.behavior.AbstractAjaxBehavior;
import org.apache.wicket.extensions.wizard.WizardButton;
-import org.apache.wicket.protocol.ws.WebSocketAwareCsrfPreventionRequestCycleListener;
+import org.apache.wicket.protocol.ws.WebSocketAwareResourceIsolationRequestCycleListener;
import org.apache.wicket.request.cycle.IRequestCycleListener;
import org.apache.wicket.request.cycle.RequestCycleListenerCollection;
import org.apache.wicket.util.tester.FormTester;
@@ -99,7 +99,7 @@ public class TestInstall {
RequestCycleListenerCollection listeners = tester.getApplication().getRequestCycleListeners();
for (Iterator<IRequestCycleListener> iter = listeners.iterator(); iter.hasNext();) {
IRequestCycleListener l = iter.next();
- if (l instanceof WebSocketAwareCsrfPreventionRequestCycleListener) {
+ if (l instanceof WebSocketAwareResourceIsolationRequestCycleListener) {
listeners.remove(l);
break;
}
diff --git a/pom.xml b/pom.xml
index 08c012b..3c88983 100644
--- a/pom.xml
+++ b/pom.xml
@@ -78,15 +78,15 @@
<frontend-maven-plugin.version>1.11.0</frontend-maven-plugin.version>
<!-- dependency versions -->
<junit.version>5.7.1</junit.version>
- <wicket.version>9.2.0</wicket.version>
- <wicketju.version>9.2.1</wicketju.version>
- <wickets.version>9.2.0</wickets.version>
- <wicket-bootstrap.version>5.0.3</wicket-bootstrap.version>
+ <wicket.version>9.3.0</wicket.version>
+ <wicket-jquery-ui.version>9.3.1</wicket-jquery-ui.version>
+ <wicketstuff.version>9.3.0</wicketstuff.version>
+ <wicket-bootstrap.version>5.0.4</wicket-bootstrap.version>
<font-awesome.version>5.15.2</font-awesome.version>
- <spring.version>5.3.4</spring.version>
+ <spring.version>5.3.5</spring.version>
<tomcat.version>9.0.44</tomcat.version>
<ical4j.version>3.0.21</ical4j.version>
- <cxf.version>3.4.2</cxf.version>
+ <cxf.version>3.4.3</cxf.version>
<io.prometheus.version>0.10.0</io.prometheus.version>
<aspectjtools.version>1.9.6</aspectjtools.version>
<simple-xml.version>2.7.1</simple-xml.version>
@@ -97,7 +97,7 @@
<commons-lang3.version>3.12.0</commons-lang3.version>
<javax.mail.version>1.6.2</javax.mail.version>
<openjpa.version>3.1.2</openjpa.version>
- <asterisk-java.version>3.10.0</asterisk-java.version>
+ <asterisk-java.version>3.11.0</asterisk-java.version>
<commons-dbcp.version>2.8.0</commons-dbcp.version>
<commons-pool2.version>2.9.0</commons-pool2.version>
<commons-cli.version>1.4</commons-cli.version>
@@ -109,10 +109,10 @@
<mssql.version>9.2.1.jre11</mssql.version>
<ojdbc.version>19.10.0.0</ojdbc.version>
<commons-collections4.version>4.4</commons-collections4.version>
- <xstream.version>1.4.15</xstream.version>
+ <xstream.version>1.4.16</xstream.version>
<api-all.version>2.0.1</api-all.version>
<caldav4j.version>1.0.1</caldav4j.version>
- <tika-parsers.version>1.25</tika-parsers.version>
+ <tika-parsers.version>1.26</tika-parsers.version>
<commons-text.version>1.9</commons-text.version>
<slf4j.version>1.7.30</slf4j.version>
<logback.version>1.2.3</logback.version>
@@ -659,14 +659,6 @@
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
</exclusion>
- <exclusion> <!-- TIKA-2801 -->
- <groupId>com.google.guava</groupId>
- <artifactId>guava</artifactId>
- </exclusion>
- <exclusion> <!-- TIKA-2801 -->
- <groupId>com.google.protobuf</groupId>
- <artifactId>protobuf-java</artifactId>
- </exclusion>
<exclusion>
<groupId>xml-apis</groupId>
<artifactId>xml-apis</artifactId>
@@ -675,6 +667,10 @@
<groupId>xerces</groupId>
<artifactId>xercesImpl</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>org.glassfish.jaxb</groupId>
+ <artifactId>jaxb-runtime</artifactId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>