incubator-sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From fmesc...@apache.org
Subject svn commit: r896351 - in /sling/trunk/bundles/engine: ./ src/main/java/org/apache/sling/engine/ src/main/java/org/apache/sling/engine/auth/ src/main/java/org/apache/sling/engine/impl/ src/main/java/org/apache/sling/engine/impl/auth/ src/main/resources/...
Date Wed, 06 Jan 2010 08:42:57 GMT
Author: fmeschbe
Date: Wed Jan  6 08:42:57 2010
New Revision: 896351

URL: http://svn.apache.org/viewvc?rev=896351&view=rev
Log:
SLING-966 Remove old authentication support code from engine and use the new AuthenticationSupport
service from the Commons Auth bundle.

Removed:
    sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/auth/
    sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/auth/
Modified:
    sling/trunk/bundles/engine/pom.xml
    sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/EngineConstants.java
    sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/SlingMainServlet.java
    sling/trunk/bundles/engine/src/main/resources/OSGI-INF/metatype/metatype.properties

Modified: sling/trunk/bundles/engine/pom.xml
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/engine/pom.xml?rev=896351&r1=896350&r2=896351&view=diff
==============================================================================
--- sling/trunk/bundles/engine/pom.xml (original)
+++ sling/trunk/bundles/engine/pom.xml Wed Jan  6 08:42:57 2010
@@ -56,7 +56,6 @@
                     <instructions>
                         <Export-Package>
                             org.apache.sling.engine;version=2.0.6,
-                            org.apache.sling.engine.auth;version=2.1,
                             org.apache.sling.engine.servlets;version=2.0.6
                         </Export-Package>
                         <Private-Package>
@@ -103,18 +102,19 @@
         </dependency>
         <dependency>
             <groupId>org.apache.sling</groupId>
-            <artifactId>org.apache.sling.commons.mime</artifactId>
-            <version>2.0.2-incubator</version>
+            <artifactId>org.apache.sling.commons.auth</artifactId>
+            <version>0.9.0-SNAPSHOT</version>
+            <scope>provided</scope>
         </dependency>
         <dependency>
             <groupId>org.apache.sling</groupId>
-            <artifactId>org.apache.sling.jcr.api</artifactId>
+            <artifactId>org.apache.sling.commons.mime</artifactId>
             <version>2.0.2-incubator</version>
         </dependency>
         <dependency>
             <groupId>org.apache.sling</groupId>
-            <artifactId>org.apache.sling.jcr.resource</artifactId>
-            <version>2.0.6</version>
+            <artifactId>org.apache.sling.commons.osgi</artifactId>
+            <version>2.0.2-incubator</version>
         </dependency>
         <dependency>
             <groupId>javax.servlet</groupId>

Modified: sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/EngineConstants.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/EngineConstants.java?rev=896351&r1=896350&r2=896351&view=diff
==============================================================================
--- sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/EngineConstants.java
(original)
+++ sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/EngineConstants.java
Wed Jan  6 08:42:57 2010
@@ -74,12 +74,17 @@
     public static final String SLING_SERLVET_NAME = "sling.core.servletName";
 
     /**
-     * The name of the request attribute set by the
-     * {@link org.apache.sling.engine.impl.auth.SlingAuthenticator}
-     * when authenticating the request user (value is "javax.jcr.Session").
-     * Existence of this attribute in the request, provided it is a JCR Session,
-     * signals that authentication has already taken place. This may be used
-     * when including through the servlet container.
+     * The <code>javax.jcr.Session</code> request attribute used to be set by
+     * the <i>SlingAuthenticator</i> upon successfull authentication. With
+     * the implementation of a separate Commons Authentication bundle, this
+     * request attribute is not supported any longer (though it may currently
+     * still be provided for backwards compatibility).
+     * <p>
+     * Applications using this request attribute have to be modified to call
+     * the <code>SlingHttpServletRequest.getResourceResolver()</code> method
+     * to get the request's resource resolver.
+     *
+     * @deprecated as of bundle version 2.1
      */
     public static final String SESSION = "javax.jcr.Session";
 

Modified: sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/SlingMainServlet.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/SlingMainServlet.java?rev=896351&r1=896350&r2=896351&view=diff
==============================================================================
--- sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/SlingMainServlet.java
(original)
+++ sling/trunk/bundles/engine/src/main/java/org/apache/sling/engine/impl/SlingMainServlet.java
Wed Jan  6 08:42:57 2010
@@ -20,8 +20,6 @@
 
 import static org.apache.sling.api.SlingConstants.ERROR_REQUEST_URI;
 import static org.apache.sling.api.SlingConstants.ERROR_SERVLET_NAME;
-import static org.apache.sling.engine.EngineConstants.SESSION;
-
 import java.io.IOException;
 import java.io.PrintWriter;
 import java.net.SocketException;
@@ -34,7 +32,6 @@
 import java.util.List;
 import java.util.Map;
 
-import javax.jcr.Session;
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
 import javax.servlet.FilterConfig;
@@ -58,12 +55,11 @@
 import org.apache.sling.api.resource.ResourceNotFoundException;
 import org.apache.sling.api.resource.ResourceResolver;
 import org.apache.sling.api.servlets.ServletResolver;
+import org.apache.sling.commons.auth.AuthenticationSupport;
 import org.apache.sling.commons.mime.MimeTypeService;
 import org.apache.sling.commons.osgi.OsgiUtil;
 import org.apache.sling.engine.ResponseUtil;
 import org.apache.sling.engine.SystemStatus;
-import org.apache.sling.engine.impl.auth.MissingRepositoryException;
-import org.apache.sling.engine.impl.auth.SlingAuthenticator;
 import org.apache.sling.engine.impl.filter.RequestSlingFilterChain;
 import org.apache.sling.engine.impl.filter.SlingComponentFilterChain;
 import org.apache.sling.engine.impl.filter.SlingFilterChainHelper;
@@ -75,7 +71,6 @@
 import org.apache.sling.engine.impl.request.RequestData;
 import org.apache.sling.engine.servlets.AbstractServiceReferenceConfig;
 import org.apache.sling.engine.servlets.ErrorHandler;
-import org.apache.sling.jcr.resource.JcrResourceResolverFactory;
 import org.osgi.framework.BundleContext;
 import org.osgi.framework.Constants;
 import org.osgi.framework.ServiceReference;
@@ -149,9 +144,6 @@
     private HttpService httpService;
 
     /** @scr.reference cardinality="0..1" policy="dynamic" */
-    private JcrResourceResolverFactory resourceResolverFactory;
-
-    /** @scr.reference cardinality="0..1" policy="dynamic" */
     private MimeTypeService mimeTypeService;
 
     /** @scr.reference cardinality="0..1" policy="dynamic" */
@@ -169,12 +161,13 @@
     /** @scr.reference cardinality="0..1" policy="dynamic" */
     private SystemStatus systemStatus;
 
+    /** @scr.reference cardinality="0..1" policy="dynamic" */
+    private AuthenticationSupport authenticationSupport;
+
     private SlingFilterChainHelper requestFilterChain = new SlingFilterChainHelper();
 
     private SlingFilterChainHelper innerFilterChain = new SlingFilterChainHelper();
 
-    private SlingAuthenticator slingAuthenticator;
-
     // ---------- Servlet API -------------------------------------------------
 
     public void service(ServletRequest req, ServletResponse res)
@@ -259,23 +252,20 @@
             requestLogger.logRequestEntry(request, response);
         }
 
-        Session session = null;
         try {
             // check that we have all required services
             String errorMessage = null;
             final String serviceMissingSuffix =  " service missing, cannot service requests";
-            if (getResourceResolverFactory() == null) {
-                errorMessage = "ResourceResolverFactory" + serviceMissingSuffix;
-            } else if (getServletResolver() == null) {
+            if (getServletResolver() == null) {
                 errorMessage = "ServletResolver" + serviceMissingSuffix;
             } else if (mimeTypeService == null) {
                 errorMessage = "MimeTypeService" + serviceMissingSuffix;
             }
 
-            // get JCR Session
-            session = (Session) servletRequest.getAttribute(SESSION);
-            if (session == null) {
-                errorMessage = "Missing JCR Session";
+            // get ResourceResolver (set by AuthenticationSupport)
+            final ResourceResolver resolver = (ResourceResolver) servletRequest.getAttribute(AuthenticationSupport.REQUEST_ATTRIBUTE_RESOLVER);
+            if (resolver == null) {
+                errorMessage = "Missing ResourceResolver";
             }
 
             // system ready?
@@ -301,8 +291,6 @@
             }
 
             // initialize the request data - resolve resource and servlet
-            ResourceResolver resolver = getResourceResolverFactory().getResourceResolver(
-                session);
             Resource resource = requestData.initResource(resolver);
             requestData.initServlet(resource);
 
@@ -376,11 +364,6 @@
 
             // dispose any request data
             requestData.dispose();
-
-            // logout the session we have got for this request
-            if (session != null) {
-                session.logout();
-            }
         }
     }
 
@@ -530,14 +513,6 @@
         return osgiComponentContext.getBundleContext();
     }
 
-    public SlingAuthenticator getSlingAuthenticator() {
-        return slingAuthenticator;
-    }
-
-    public JcrResourceResolverFactory getResourceResolverFactory() {
-        return resourceResolverFactory;
-    }
-
     public ServletResolver getServletResolver() {
         return servletResolver;
     }
@@ -596,9 +571,6 @@
             componentConfig.get(PROP_MAX_CALL_COUNTER),
             RequestData.DEFAULT_MAX_CALL_COUNTER));
 
-        // setup servlet request processing helpers
-        slingAuthenticator = new SlingAuthenticator(bundleContext);
-
         // register the servlet and resources
         try {
             Dictionary<String, String> servletConfig = toStringConfig(configuration);
@@ -658,12 +630,6 @@
         // third unregister and destroy the sling main servlet
         httpService.unregister(SLING_ROOT);
 
-        // fourth dispose off the authenticator
-        if (slingAuthenticator != null) {
-            slingAuthenticator.dispose();
-            slingAuthenticator = null;
-        }
-
         this.osgiComponentContext = null;
 
         log.info(this.getServerInfo() + " shut down");
@@ -797,58 +763,49 @@
     public boolean handleSecurity(HttpServletRequest request,
             HttpServletResponse response) throws IOException {
 
-        SlingAuthenticator authenticator = slingAuthenticator;
+        final AuthenticationSupport authenticator = this.authenticationSupport;
         if (authenticator != null) {
-            try {
 
-                // SLING-559: ensure correct parameter handling according to
-                // ParameterSupport
-                request = new HttpServletRequestWrapper(request) {
-                    @Override
-                    public String getParameter(String name) {
-                        return getParameterSupport().getParameter(name);
-                    }
-
-                    @Override
-                    public Map<String, String[]> getParameterMap() {
-                        return getParameterSupport().getParameterMap();
-                    }
-
-                    @Override
-                    public Enumeration<String> getParameterNames() {
-                        return getParameterSupport().getParameterNames();
-                    }
-
-                    @Override
-                    public String[] getParameterValues(String name) {
-                        return getParameterSupport().getParameterValues(name);
-                    }
-
-                    private ParameterSupport getParameterSupport() {
-                        return ParameterSupport.getInstance(getRequest());
-                    }
-                };
-
-                return authenticator.authenticate(request, response);
-
-            } catch (MissingRepositoryException mre) {
-
-                log.error("handleSecurity: Cannot authenticate request: "
-                    + mre.getMessage());
-                log.debug("handleSecurity: Reason", mre);
+            // SLING-559: ensure correct parameter handling according to
+            // ParameterSupport
+            request = new HttpServletRequestWrapper(request) {
+                @Override
+                public String getParameter(String name) {
+                    return getParameterSupport().getParameter(name);
+                }
 
-                response.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE,
-                    "Cannot handle requests due to missing Repository");
-            }
+                @Override
+                public Map<String, String[]> getParameterMap() {
+                    return getParameterSupport().getParameterMap();
+                }
 
-        } else {
+                @Override
+                public Enumeration<String> getParameterNames() {
+                    return getParameterSupport().getParameterNames();
+                }
 
-            response.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE,
-                "Sling not ready to serve requests");
+                @Override
+                public String[] getParameterValues(String name) {
+                    return getParameterSupport().getParameterValues(name);
+                }
+
+                private ParameterSupport getParameterSupport() {
+                    return ParameterSupport.getInstance(getRequest());
+                }
+            };
+
+            return authenticator.handleSecurity(request, response);
 
         }
 
-        // fall back to security failure and request termination
+        log.error("handleSecurity: AuthenticationSupport service missing. Cannot authenticate
request.");
+
+        // send 503/SERVICE UNAVAILABLE, flush to ensure delivery
+        response.sendError(HttpServletResponse.SC_SERVICE_UNAVAILABLE,
+            "AuthenticationSupport service missing. Cannot authenticate request.");
+        response.flushBuffer();
+
+        // terminate this request now
         return false;
     }
 

Modified: sling/trunk/bundles/engine/src/main/resources/OSGI-INF/metatype/metatype.properties
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/engine/src/main/resources/OSGI-INF/metatype/metatype.properties?rev=896351&r1=896350&r2=896351&view=diff
==============================================================================
--- sling/trunk/bundles/engine/src/main/resources/OSGI-INF/metatype/metatype.properties (original)
+++ sling/trunk/bundles/engine/src/main/resources/OSGI-INF/metatype/metatype.properties Wed
Jan  6 08:42:57 2010
@@ -43,30 +43,6 @@
  scripts and servlets. The default value is 50.
  
 #
-# Request Authenticator. Uses AuthenticationHandlers for the
-# actual work of extracting user details from the request.
-auth.name = Apache Sling Request Authenticator
-auth.description = Extracts user authentication details from the request with \
- the help of authentication handlers registered as separate services. One \
- example of such an authentication handler is the handler HTTP Authorization \
- header contained authentication.
-auth.sudo.cookie.name = Impersonation Cookie
-auth.sudo.cookie.description = The name the HTTP Cookie to set with the value \
- of the user which is to be impersonated. This cookie will always be a session \
- cookie.
-auth.sudo.parameter.name = Impersonation Parameter
-auth.sudo.parameter.description = The name of the request parameter initiating \
- impersonation. Setting this parameter to a user id will result in using an \
- impersonated session (instead of the actually authenticated session) and set \
- a session cookie of the name defined in the Impersonation Cookie setting.
-auth.annonymous.name = Allow Anonymous Access
-auth.annonymous.description = Whether default access as anonymous when no \
- credentials are present in the request is allowed. The default value is \
- "true" to allow access without credentials. When set to "false" access to the \
- repository is only allowed if valid credentials are presented.
- 
-
-#
 # Request Loggger Filter
 request.log.name = Apache Sling Request Logger
 request.log.description = Configures the main loggers of the request logger, \



Mime
View raw message