jackrabbit-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ste...@apache.org
Subject svn commit: r158069 - in incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core: Constants.java NodeImpl.java SessionImpl.java WorkspaceImpl.java security/SimpleLoginModule.java
Date Fri, 18 Mar 2005 13:52:36 GMT
Author: stefan
Date: Fri Mar 18 05:52:31 2005
New Revision: 158069

URL: http://svn.apache.org/viewcvs?view=rev&rev=158069
Log:
JCR-72 Session.impersonate non-functional: 'impersonate' is now delegated to LoginModule;
added dummy 'impersonator' handling to SimpleLoginModule

- also fixed Session.getAccessibleWorkspaceNames()

Modified:
    incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/Constants.java
    incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/NodeImpl.java
    incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/SessionImpl.java
    incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/WorkspaceImpl.java
    incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/security/SimpleLoginModule.java

Modified: incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/Constants.java
URL: http://svn.apache.org/viewcvs/incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/Constants.java?view=diff&r1=158068&r2=158069
==============================================================================
--- incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/Constants.java (original)
+++ incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/Constants.java Fri Mar
18 05:52:31 2005
@@ -47,7 +47,7 @@
     public static final String NS_SV_PREFIX = "sv";
     public static final String NS_SV_URI = "http://www.jcp.org/jcr/sv/1.0";
 
-    // reserved namespaces that must not be used or redefined
+    // reserved namespaces that must not be redefined and should not be used
     public static final String NS_XML_PREFIX = "xml";
     public static final String NS_XML_URI = "http://www.w3.org/XML/1998/namespace";
     public static final String NS_XMLNS_PREFIX = "xmlns";
@@ -55,208 +55,349 @@
 
     //----------------------------------------< general item name constants >---
 
-    /** jcr:system */
+    /**
+     * jcr:system
+     */
     public static final QName JCR_SYSTEM = new QName(NS_JCR_URI, "system");
 
-    /** jcr:nodeTypes */
+    /**
+     * jcr:nodeTypes
+     */
     public static final QName JCR_NODETYPES = new QName(NS_JCR_URI, "nodeTypes");
 
-    /** jcr:uuid */
+    /**
+     * jcr:uuid
+     */
     public static final QName JCR_UUID = new QName(NS_JCR_URI, "uuid");
 
-    /** jcr:primaryType */
+    /**
+     * jcr:primaryType
+     */
     public static final QName JCR_PRIMARYTYPE = new QName(NS_JCR_URI, "primaryType");
 
-    /** jcr:mixinTypes */
+    /**
+     * jcr:mixinTypes
+     */
     public static final QName JCR_MIXINTYPES = new QName(NS_JCR_URI, "mixinTypes");
 
-    /** jcr:created */
+    /**
+     * jcr:created
+     */
     public static final QName JCR_CREATED = new QName(NS_JCR_URI, "created");
 
-    /** jcr:lastModified */
+    /**
+     * jcr:lastModified
+     */
     public static final QName JCR_LASTMODIFIED = new QName(NS_JCR_URI, "lastModified");
 
     //------------------------------------< xml related item name constants >---
 
-    /** jcr:root (dummy name for root node used in XML serialization) */
+    /**
+     * jcr:root (dummy name for root node used in XML serialization)
+     */
     public static final QName JCR_ROOT = new QName(NS_JCR_URI, "root");
 
-    /** jcr:xmltext */
+    /**
+     * jcr:xmltext
+     */
     public static final QName JCR_XMLTEXT = new QName(NS_JCR_URI, "xmltext");
 
-    /** jcr:xmlcharacters */
+    /**
+     * jcr:xmlcharacters
+     */
     public static final QName JCR_XMLCHARACTERS = new QName(NS_JCR_URI, "xmlcharacters");
 
     //----------------------------------------< locking item name constants >---
 
-    /** jcr:lockOwner */
+    /**
+     * jcr:lockOwner
+     */
     public static final QName JCR_LOCKOWNER = new QName(NS_JCR_URI, "lockOwner");
 
-    /** jcr:lockIsDeep */
+    /**
+     * jcr:lockIsDeep
+     */
     public static final QName JCR_LOCKISDEEP = new QName(NS_JCR_URI, "lockIsDeep");
 
     //-------------------------------------< versioning item name constants >---
 
-    /** jcr:versionStorage */
+    /**
+     * jcr:versionStorage
+     */
     public static final QName JCR_VERSIONSTORAGE = new QName(NS_JCR_URI, "versionStorage");
 
-    /** jcr:mergeFailed */
+    /**
+     * jcr:mergeFailed
+     */
     public static final QName JCR_MERGEFAILED = new QName(NS_JCR_URI, "mergeFailed");
 
-    /** jcr:frozenNode */
+    /**
+     * jcr:frozenNode
+     */
     public static final QName JCR_FROZENNODE = new QName(NS_JCR_URI, "frozenNode");
 
-    /** jcr:frozenUuid */
+    /**
+     * jcr:frozenUuid
+     */
     public static final QName JCR_FROZENUUID = new QName(NS_JCR_URI, "frozenUuid");
 
-    /** jcr:frozenPrimaryType */
+    /**
+     * jcr:frozenPrimaryType
+     */
     public static final QName JCR_FROZENPRIMARYTYPE = new QName(NS_JCR_URI, "frozenPrimaryType");
 
-    /** jcr:frozenMixinTypes  */
+    /**
+     * jcr:frozenMixinTypes
+     */
     public static final QName JCR_FROZENMIXINTYPES = new QName(NS_JCR_URI, "frozenMixinTypes");
 
-    /** jcr:predecessors */
+    /**
+     * jcr:predecessors
+     */
     public static final QName JCR_PREDECESSORS = new QName(NS_JCR_URI, "predecessors");
 
-    /** jcr:versionLabels */
+    /**
+     * jcr:versionLabels
+     */
     public static final QName JCR_VERSIONLABELS = new QName(NS_JCR_URI, "versionLabels");
 
-    /** jcr:successors */
+    /**
+     * jcr:successors
+     */
     public static final QName JCR_SUCCESSORS = new QName(NS_JCR_URI, "successors");
 
-    /** jcr:isCheckedOut */
+    /**
+     * jcr:isCheckedOut
+     */
     public static final QName JCR_ISCHECKEDOUT = new QName(NS_JCR_URI, "isCheckedOut");
 
-    /** jcr:versionHistory */
+    /**
+     * jcr:versionHistory
+     */
     public static final QName JCR_VERSIONHISTORY = new QName(NS_JCR_URI, "versionHistory");
 
-    /** jcr:baseVersion */
+    /**
+     * jcr:baseVersion
+     */
     public static final QName JCR_BASEVERSION = new QName(NS_JCR_URI, "baseVersion");
 
-    /** jcr:child */
+    /**
+     * jcr:child
+     */
     public static final QName JCR_CHILD = new QName(NS_JCR_URI, "child");
 
-    /** jcr:rootVersion */
+    /**
+     * jcr:rootVersion
+     */
     public static final QName JCR_ROOTVERSION = new QName(NS_JCR_URI, "rootVersion");
 
-    //---------------------------------------< nodetype item name constants >---
+    //--------------------------------------< node type item name constants >---
 
-    /** jcr:nodeTypeName */
-    public static final QName JCR_NODETYPENAME = new QName(NamespaceRegistryImpl.NS_JCR_URI,
"nodeTypeName");
-
-    /** jcr:hasOrderableChildNodes */
-    public static final QName JCR_HASORDERABLECHILDNODES = new QName(NamespaceRegistryImpl.NS_JCR_URI,
"hasOrderableChildNodes");
-
-    /** jcr:isMixin */
-    public static final QName JCR_ISMIXIN = new QName(NamespaceRegistryImpl.NS_JCR_URI, "isMixin");
-
-    /** jcr:supertypes */
-    public static final QName JCR_SUPERTYPES = new QName(NamespaceRegistryImpl.NS_JCR_URI,
"supertypes");
-
-    /** jcr:propertyDef */
-    public static final QName JCR_PROPERTYDEF = new QName(NamespaceRegistryImpl.NS_JCR_URI,
"propertyDef");
-
-    /** jcr:name */
-    public static final QName JCR_NAME = new QName(NamespaceRegistryImpl.NS_JCR_URI, "name");
-
-    /** jcr:mandatory */
-    public static final QName JCR_MANDATORY = new QName(NamespaceRegistryImpl.NS_JCR_URI,
"mandatory");
-
-    /** jcr:protected */
-    public static final QName JCR_PROTECTED = new QName(NamespaceRegistryImpl.NS_JCR_URI,
"protected");
-
-    /** jcr:requiredType */
-    public static final QName JCR_REQUIREDTYPE = new QName(NamespaceRegistryImpl.NS_JCR_URI,
"requiredType");
-
-    /** jcr:onParentVersion */
-    public static final QName JCR_ONPARENTVERSION = new QName(NamespaceRegistryImpl.NS_JCR_URI,
"onParentVersion");
-
-    /** jcr:primaryItemName */
-    public static final QName JCR_PRIMARYITEMNAME = new QName(NamespaceRegistryImpl.NS_JCR_URI,
"primaryItemName");
-
-    /** jcr:multiple */
-    public static final QName JCR_MULTIPLE = new QName(NamespaceRegistryImpl.NS_JCR_URI,
"multiple");
-
-    /** jcr:valueConstraints */
-    public static final QName JCR_VALUECONSTRAINTS = new QName(NamespaceRegistryImpl.NS_JCR_URI,
"valueConstraints");
-
-    /** jcr:defaultValues */
-    public static final QName JCR_DEFAULTVALUES = new QName(NamespaceRegistryImpl.NS_JCR_URI,
"defaultValues");
-
-    /** jcr:autoCreate */
-    public static final QName JCR_AUTOCREATE = new QName(NamespaceRegistryImpl.NS_JCR_URI,
"autoCreate");
-
-    /** jcr:childNodeDef */
-    public static final QName JCR_CHILDNODEDEF = new QName(NamespaceRegistryImpl.NS_JCR_URI,
"childNodeDef");
-
-    /** jcr:sameNameSibs */
-    public static final QName JCR_SAMENAMESIBS = new QName(NamespaceRegistryImpl.NS_JCR_URI,
"sameNameSibs");
-
-    /** jcr:defaultPrimaryType */
-    public static final QName JCR_DEFAULTPRIMARYTYPE = new QName(NamespaceRegistryImpl.NS_JCR_URI,
"defaultPrimaryType");
-
-    /** jcr:requiredPrimaryTypes */
-    public static final QName JCR_REQUIREDPRIMARYTYPES = new QName(NamespaceRegistryImpl.NS_JCR_URI,
"requiredPrimaryTypes");
+    /**
+     * jcr:nodeTypeName
+     */
+    public static final QName JCR_NODETYPENAME = new QName(NS_JCR_URI, "nodeTypeName");
+
+    /**
+     * jcr:hasOrderableChildNodes
+     */
+    public static final QName JCR_HASORDERABLECHILDNODES = new QName(NS_JCR_URI, "hasOrderableChildNodes");
+
+    /**
+     * jcr:isMixin
+     */
+    public static final QName JCR_ISMIXIN = new QName(NS_JCR_URI, "isMixin");
+
+    /**
+     * jcr:supertypes
+     */
+    public static final QName JCR_SUPERTYPES = new QName(NS_JCR_URI, "supertypes");
+
+    /**
+     * jcr:propertyDef
+     */
+    public static final QName JCR_PROPERTYDEF = new QName(NS_JCR_URI, "propertyDef");
+
+    /**
+     * jcr:name
+     */
+    public static final QName JCR_NAME = new QName(NS_JCR_URI, "name");
+
+    /**
+     * jcr:mandatory
+     */
+    public static final QName JCR_MANDATORY = new QName(NS_JCR_URI, "mandatory");
+
+    /**
+     * jcr:protected
+     */
+    public static final QName JCR_PROTECTED = new QName(NS_JCR_URI, "protected");
+
+    /**
+     * jcr:requiredType
+     */
+    public static final QName JCR_REQUIREDTYPE = new QName(NS_JCR_URI, "requiredType");
+
+    /**
+     * jcr:onParentVersion
+     */
+    public static final QName JCR_ONPARENTVERSION = new QName(NS_JCR_URI, "onParentVersion");
+
+    /**
+     * jcr:primaryItemName
+     */
+    public static final QName JCR_PRIMARYITEMNAME = new QName(NS_JCR_URI, "primaryItemName");
+
+    /**
+     * jcr:multiple
+     */
+    public static final QName JCR_MULTIPLE = new QName(NS_JCR_URI, "multiple");
+
+    /**
+     * jcr:valueConstraints
+     */
+    public static final QName JCR_VALUECONSTRAINTS = new QName(NS_JCR_URI, "valueConstraints");
+
+    /**
+     * jcr:defaultValues
+     */
+    public static final QName JCR_DEFAULTVALUES = new QName(NS_JCR_URI, "defaultValues");
+
+    /**
+     * jcr:autoCreate
+     */
+    public static final QName JCR_AUTOCREATE = new QName(NS_JCR_URI, "autoCreate");
+
+    /**
+     * jcr:childNodeDef
+     */
+    public static final QName JCR_CHILDNODEDEF = new QName(NS_JCR_URI, "childNodeDef");
+
+    /**
+     * jcr:sameNameSibs
+     */
+    public static final QName JCR_SAMENAMESIBS = new QName(NS_JCR_URI, "sameNameSibs");
+
+    /**
+     * jcr:defaultPrimaryType
+     */
+    public static final QName JCR_DEFAULTPRIMARYTYPE = new QName(NS_JCR_URI, "defaultPrimaryType");
+
+    /**
+     * jcr:requiredPrimaryTypes
+     */
+    public static final QName JCR_REQUIREDPRIMARYTYPES = new QName(NS_JCR_URI, "requiredPrimaryTypes");
 
     //-------------------------------------------< node type name constants >---
 
-    /** rep:root */
+    /**
+     * rep:root
+     */
     public static final QName REP_ROOT = new QName(NS_REP_URI, "root");
 
-    /** rep:system */
+    /**
+     * rep:system
+     */
     public static final QName REP_SYSTEM = new QName(NS_REP_URI, "system");
 
-    /** rep:versionStorage */
+    /**
+     * rep:versionStorage
+     */
     public static final QName REP_VERSIONSTORAGE = new QName(NS_REP_URI, "versionStorage");
 
-    /** rep:versionStorage */
+    /**
+     * rep:versionStorage
+     */
     public static final QName REP_NODETYPES = new QName(NS_REP_URI, "nodeTypes");
 
-    /** nt:unstructured */
+    /**
+     * nt:unstructured
+     */
     public static final QName NT_UNSTRUCTURED = new QName(NS_NT_URI, "unstructured");
 
-    /** nt:base */
+    /**
+     * nt:base
+     */
     public static final QName NT_BASE = new QName(NS_NT_URI, "base");
 
-    /** nt:hierarchyNode */
+    /**
+     * nt:hierarchyNode
+     */
     public static final QName NT_HIERARCHYNODE = new QName(NS_NT_URI, "hierarchyNode");
 
-    /** nt:resource */
+    /**
+     * nt:resource
+     */
     public static final QName NT_RESOURCE = new QName(NS_NT_URI, "resource");
 
-    /** nt:query */
+    /**
+     * nt:query
+     */
     public static final QName NT_QUERY = new QName(NS_NT_URI, "query");
 
-    /** mix:referenceable */
+    /**
+     * mix:referenceable
+     */
     public static final QName MIX_REFERENCEABLE = new QName(NS_MIX_URI, "referenceable");
 
-    /** mix:referenceable */
+    /**
+     * mix:referenceable
+     */
     public static final QName MIX_LOCKABLE = new QName(NS_MIX_URI, "lockable");
 
-    /** mix:versionable */
+    /**
+     * mix:versionable
+     */
     public static final QName MIX_VERSIONABLE = new QName(NS_MIX_URI, "versionable");
 
-    /** nt:versionHistory */
+    /**
+     * nt:versionHistory
+     */
     public static final QName NT_VERSIONHISTORY = new QName(NS_NT_URI, "versionHistory");
 
-    /** nt:version */
+    /**
+     * nt:version
+     */
     public static final QName NT_VERSION = new QName(NS_NT_URI, "version");
 
-    /** nt:versionLabels */
+    /**
+     * nt:versionLabels
+     */
     public static final QName NT_VERSIONLABELS = new QName(NS_NT_URI, "versionLabels");
 
-    /** nt:versionedChild */
+    /**
+     * nt:versionedChild
+     */
     public static final QName NT_VERSIONEDCHILD = new QName(NS_NT_URI, "versionedChild");
 
-    /** nt:frozenNode */
+    /**
+     * nt:frozenNode
+     */
     public static final QName NT_FROZENNODE = new QName(NS_NT_URI, "frozenNode");
 
-    /** nt:nodeType */
-    public static final QName NT_NODETYPE= new QName(NS_NT_URI, "nodeType");
-
-    /** nt:propertyDef */
+    /**
+     * nt:nodeType
+     */
+    public static final QName NT_NODETYPE = new QName(NS_NT_URI, "nodeType");
+
+    /**
+     * nt:propertyDef
+     */
     public static final QName NT_PROPERTYDEF = new QName(NS_NT_URI, "propertyDef");
 
-    /** nt:childNodeDef */
+    /**
+     * nt:childNodeDef
+     */
     public static final QName NT_CHILDNODEDEF = new QName(NS_NT_URI, "childNodeDef");
+
+    //-------------------------------------------< security related constants >
+    /**
+     * Name of the internal <code>SimpleCredentials</code> attribute where
+     * the <code>Subject</code> of the <i>impersonating</i> <code>Session</code>
+     * is stored.
+     *
+     * @see javax.jcr.Session#impersonate(javax.jcr.Credentials)
+     */
+    public static final String IMPERSONATOR_ATTRIBUTE =
+            "org.apache.jackrabbit.core.security.impersonator";
 }

Modified: incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/NodeImpl.java
URL: http://svn.apache.org/viewcvs/incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/NodeImpl.java?view=diff&r1=158068&r2=158069
==============================================================================
--- incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/NodeImpl.java (original)
+++ incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/NodeImpl.java Fri Mar 18
05:52:31 2005
@@ -1022,14 +1022,16 @@
 
         // make sure this node is checked-out
         if (!internalIsCheckedOut()) {
-            String msg = safeGetJCRPath() + ": cannot remove a mixin node type from a checked-in
node";
+            String msg = safeGetJCRPath()
+                    + ": cannot remove a mixin node type from a checked-in node";
             log.debug(msg);
             throw new VersionException(msg);
         }
 
         // check protected flag
         if (definition.isProtected()) {
-            String msg = safeGetJCRPath() + ": cannot remove a mixin node type from a protected
node";
+            String msg = safeGetJCRPath()
+                    + ": cannot remove a mixin node type from a protected node";
             log.debug(msg);
             throw new ConstraintViolationException(msg);
         }
@@ -1137,8 +1139,8 @@
      *         otherwise <code>false</code>
      */
     public boolean isNodeType(QName ntName) throws RepositoryException {
-        // no need to perform sanity check; assume this has
-        // already been done by calling method
+        // check state of this instance
+        sanityCheck();
 
         if (ntName.equals(nodeType.getQName())) {
             return true;

Modified: incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/SessionImpl.java
URL: http://svn.apache.org/viewcvs/incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/SessionImpl.java?view=diff&r1=158068&r2=158069
==============================================================================
--- incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/SessionImpl.java (original)
+++ incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/SessionImpl.java Fri Mar
18 05:52:31 2005
@@ -61,6 +61,7 @@
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
 import javax.jcr.Workspace;
+import javax.jcr.SimpleCredentials;
 import javax.jcr.lock.LockException;
 import javax.jcr.nodetype.ConstraintViolationException;
 import javax.jcr.version.VersionException;
@@ -78,6 +79,7 @@
 import java.util.Iterator;
 import java.util.Map;
 import java.util.Set;
+import java.util.ArrayList;
 
 /**
  * A <code>SessionImpl</code> ...
@@ -414,10 +416,22 @@
      * access rights of this session.
      *
      * @return the names of all accessible workspaces
+     * @throws RepositoryException if an error occurs
      */
-    protected String[] getWorkspaceNames() {
-        // @todo filter workspace names based on credentials of this session
-        return rep.getWorkspaceNames();
+    protected String[] getWorkspaceNames() throws RepositoryException {
+        // filter workspaces according to access rights
+        ArrayList list = new ArrayList();
+        String names[] = rep.getWorkspaceNames();
+        for (int i = 0; i < names.length; i++) {
+            try {
+                if (getAccessManager().canAccess(names[i])) {
+                    list.add(names[i]);
+                }
+            } catch (NoSuchWorkspaceException nswe) {
+                // should never happen, ignore...
+            }
+        }
+        return names;
     }
 
     /**
@@ -666,21 +680,24 @@
         // check sanity of this session
         sanityCheck();
 
-        // @todo reimplement impersonate(Credentials) correctly
+        if (!(otherCredentials instanceof SimpleCredentials)) {
+            String msg = "impersonate failed: incompatible credentials, SimpleCredentials
expected";
+            log.debug(msg);
+            throw new RepositoryException(msg);
+        }
 
-        // check if the credentials of this session allow to 'impersonate'
-        // the user represented by tha supplied credentials
+        // set IMPERSONATOR_ATTRIBUTE attribute of given credentials
+        // with subject of current session
+        SimpleCredentials creds = (SimpleCredentials) otherCredentials;
+        creds.setAttribute(IMPERSONATOR_ATTRIBUTE, subject);
 
-        // FIXME: the original purpose of this method is to enable
-        // a 'superuser' to impersonate another user without needing
-        // to know its password.
         try {
             return rep.login(otherCredentials, getWorkspace().getName());
         } catch (NoSuchWorkspaceException nswe) {
             // should never get here...
             String msg = "impersonate failed";
-            log.debug(msg);
-            throw new LoginException(msg, nswe);
+            log.error(msg, nswe);
+            throw new RepositoryException(msg, nswe);
         }
     }
 

Modified: incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/WorkspaceImpl.java
URL: http://svn.apache.org/viewcvs/incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/WorkspaceImpl.java?view=diff&r1=158068&r2=158069
==============================================================================
--- incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/WorkspaceImpl.java (original)
+++ incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/WorkspaceImpl.java Fri
Mar 18 05:52:31 2005
@@ -1524,16 +1524,7 @@
         // check state of this instance
         sanityCheck();
 
-        // filter workspaces according to access rights
-        ArrayList list = new ArrayList();
-        String names[] = session.getWorkspaceNames();
-        for (int i = 0; i < names.length; i++) {
-            if (session.getAccessManager().canAccess(names[i])) {
-                list.add(names[i]);
-            }
-        }
-
-        return (String[]) list.toArray(new String[list.size()]);
+        return session.getWorkspaceNames();
     }
 
     /**

Modified: incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/security/SimpleLoginModule.java
URL: http://svn.apache.org/viewcvs/incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/security/SimpleLoginModule.java?view=diff&r1=158068&r2=158069
==============================================================================
--- incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/security/SimpleLoginModule.java
(original)
+++ incubator/jackrabbit/trunk/src/java/org/apache/jackrabbit/core/security/SimpleLoginModule.java
Fri Mar 18 05:52:31 2005
@@ -16,6 +16,7 @@
  */
 package org.apache.jackrabbit.core.security;
 
+import org.apache.jackrabbit.core.Constants;
 import org.apache.log4j.Logger;
 
 import javax.jcr.Credentials;
@@ -96,7 +97,15 @@
                 if (creds instanceof SimpleCredentials) {
                     SimpleCredentials sc = (SimpleCredentials) creds;
                     // authenticate
-                    // @todo implement simple username/password authentication
+
+                    Object attr = sc.getAttribute(Constants.IMPERSONATOR_ATTRIBUTE);
+                    if (attr != null && attr instanceof Subject) {
+                        Subject impersonator = (Subject) attr;
+                        // @todo check privileges to 'impersonate' the user represented by
the supplied credentials
+                    } else {
+                        // @todo implement simple username/password authentication
+                    }
+
                     // assume the user we authenticated is the UserPrincipal
                     principals.add(new UserPrincipal(sc.getUserId()));
                     authenticated = true;



Mime
View raw message