jackrabbit-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r641323 - in /jackrabbit/trunk/jackrabbit-core/src/main: java/org/apache/jackrabbit/core/security/ java/org/apache/jackrabbit/core/security/authentication/ resources/org/apache/jackrabbit/core/
Date Wed, 26 Mar 2008 14:26:00 GMT
Author: angela
Date: Wed Mar 26 07:25:50 2008
New Revision: 641323

URL: http://svn.apache.org/viewvc?rev=641323&view=rev
Log:
JCR-1503: fixing LoginModule and adding params again.

Modified:
    jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/SimpleLoginModule.java
    jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/AbstractLoginModule.java
    jackrabbit/trunk/jackrabbit-core/src/main/resources/org/apache/jackrabbit/core/repository.xml

Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/SimpleLoginModule.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/SimpleLoginModule.java?rev=641323&r1=641322&r2=641323&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/SimpleLoginModule.java
(original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/SimpleLoginModule.java
Wed Mar 26 07:25:50 2008
@@ -16,210 +16,10 @@
  */
 package org.apache.jackrabbit.core.security;
 
-import org.apache.jackrabbit.core.security.authentication.CredentialsCallback;
-import org.apache.jackrabbit.core.config.LoginModuleConfig;
-
-import javax.jcr.Credentials;
-import javax.jcr.SimpleCredentials;
-import javax.security.auth.Subject;
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.UnsupportedCallbackException;
-import javax.security.auth.login.FailedLoginException;
-import javax.security.auth.login.LoginException;
-import javax.security.auth.spi.LoginModule;
-import java.util.Map;
-import java.util.HashSet;
-import java.util.Set;
-
 /**
  * A <code>SimpleLoginModule</code> ...
  *
  * @deprecated Use {@link org.apache.jackrabbit.core.security.simple.SimpleLoginModule} instead.
  */
-public class SimpleLoginModule implements LoginModule {
-
-    /**
-     * Name of the default user id option in the LoginModule configuration
-     */
-    private static final String OPT_DEFAULT = "defaultUserId";
-
-    // initial state
-    private Subject subject;
-    private CallbackHandler callbackHandler;
-
-    // configurable options
-    //private boolean someOpt = false;
-
-    // local authentication state:
-    // the principals, i.e. the authenticated identities
-    private final Set principals;
-
-    /**
-     * Id of an anonymous user login
-     */
-    private String anonymousUserId = SecurityConstants.ANONYMOUS_ID;
-
-    /**
-     * The default user id. Only used when not <code>null</code>.
-     */
-    private String defaultUserId;
-
-    /**
-     * Constructor
-     */
-    public SimpleLoginModule() {
-        principals = new HashSet();
-    }
-
-    /**
-     * Returns the anonymous user id.
-     *
-     * @return anonymous user id
-     */
-    public String getAnonymousId() {
-        return anonymousUserId;
-    }
-
-    /**
-     * Sets the anonymous user id.
-     *
-     * @param anonymousId anonymous user id
-     */
-    public void setAnonymousId(String anonymousId) {
-        anonymousUserId = anonymousId;
-    }
-
-    /**
-     * Returns the default user id.
-     *
-     * @return default user id
-     */
-    public String getDefaultUserId() {
-        return defaultUserId;
-    }
-
-    /**
-     * Sets the default user id to be used when no login credentials
-     * are presented.
-     *
-     * @param defaultUserId default user id
-     */
-    public void setDefaultUserId(String defaultUserId) {
-        this.defaultUserId = defaultUserId;
-    }
-
-    //----------------------------------------------------------< LoginModule >
-    /**
-     * {@inheritDoc}
-     */
-    public void initialize(Subject subject, CallbackHandler callbackHandler,
-                           Map sharedState, Map options) {
-        this.subject = subject;
-        this.callbackHandler = callbackHandler;
-
-        // initialize any configured options
-        //someOpt = "true".equalsIgnoreCase((String)options.get("someOpt"));
-        String userId = (String) options.get(LoginModuleConfig.PARAM_ANONYMOUS_ID);
-        if (userId != null) {
-            anonymousUserId = userId;
-        }
-        if (options.containsKey(OPT_DEFAULT)) {
-            defaultUserId = (String) options.get(OPT_DEFAULT);
-        }
-    }
-
-    /**
-     * {@inheritDoc}
-     */
-    public boolean login() throws LoginException {
-        // prompt for a user name and password
-        if (callbackHandler == null) {
-            throw new LoginException("no CallbackHandler available");
-        }
-
-        boolean authenticated = false;
-        principals.clear();
-        try {
-            // Get credentials using a JAAS callback
-            CredentialsCallback ccb = new CredentialsCallback();
-            callbackHandler.handle(new Callback[] { ccb });
-            Credentials creds = ccb.getCredentials();
-            // Use the credentials to set up principals
-            if (creds != null) {
-                if (creds instanceof SimpleCredentials) {
-                    SimpleCredentials sc = (SimpleCredentials) creds;
-                    // authenticate
-
-                    Object attr = sc.getAttribute(SecurityConstants.IMPERSONATOR_ATTRIBUTE);
-                    if (attr != null && attr instanceof Subject) {
-                        // Subject impersonator = (Subject) attr;
-                        // @todo check privileges to 'impersonate' the user represented by
the supplied credentials
-                    } else {
-                        // @todo implement simple username/password authentication
-                    }
-
-                    if (anonymousUserId.equals(sc.getUserID())) {
-                        principals.add(new AnonymousPrincipal());
-                    } else {
-                        // else assume the user we authenticated is the UserPrincipal
-                        principals.add(new UserPrincipal(sc.getUserID()));
-                    }
-                    authenticated = true;
-                }
-            } else if (defaultUserId != null) {
-                principals.add(new UserPrincipal(defaultUserId));
-                authenticated = true;
-            } else {
-                principals.add(new AnonymousPrincipal());
-                authenticated = true;
-            }
-        } catch (java.io.IOException ioe) {
-            throw new LoginException(ioe.toString());
-        } catch (UnsupportedCallbackException uce) {
-            throw new LoginException(uce.getCallback().toString() + " not available");
-        }
-
-        if (authenticated) {
-            return !principals.isEmpty();
-        } else {
-            // authentication failed: clean out state
-            principals.clear();
-            throw new FailedLoginException();
-        }
-    }
-
-    /**
-     * {@inheritDoc}
-     */
-    public boolean commit() throws LoginException {
-        if (principals.isEmpty()) {
-            return false;
-        } else {
-            // add a principals (authenticated identities) to the Subject
-            subject.getPrincipals().addAll(principals);
-            return true;
-        }
-    }
-
-    /**
-     * {@inheritDoc}
-     */
-    public boolean abort() throws LoginException {
-        if (principals.isEmpty()) {
-            return false;
-        } else {
-            logout();
-        }
-        return true;
-    }
-
-    /**
-     * {@inheritDoc}
-     */
-    public boolean logout() throws LoginException {
-        subject.getPrincipals().removeAll(principals);
-        principals.clear();
-        return true;
-    }
+public class SimpleLoginModule extends org.apache.jackrabbit.core.security.simple.SimpleLoginModule
{
 }

Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/AbstractLoginModule.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/AbstractLoginModule.java?rev=641323&r1=641322&r2=641323&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/AbstractLoginModule.java
(original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/AbstractLoginModule.java
Wed Mar 26 07:25:50 2008
@@ -70,6 +70,7 @@
     private static final String KEY_SIMPLE_CREDENTIALS = "org.apache.jackrabbit.credentials.simple";
     private static final String KEY_LOGIN_NAME = "javax.security.auth.login.name";
 
+    protected String adminId;
     protected String anonymousId;
     protected String defaultUserId;
 
@@ -135,6 +136,9 @@
             //call implementation for additional setup
             doInit(callbackHandler, repositoryCb.getSession(), options);
 
+            if (options.containsKey(LoginModuleConfig.PARAM_ADMIN_ID)) {
+                adminId = (String) options.get(LoginModuleConfig.PARAM_ADMIN_ID);
+            }
             if (options.containsKey(LoginModuleConfig.PARAM_ANONYMOUS_ID)) {
                 anonymousId = (String) options.get(LoginModuleConfig.PARAM_ANONYMOUS_ID);
             }
@@ -639,5 +643,61 @@
             principal = res.nextPrincipal();
         } // no matching principal -> return null
         return principal;
+    }
+
+    //--------------------------------------------------------------------------
+    /**
+     * Returns the admin user id.
+     *
+     * @return admin user id
+     */
+    public String getAdminId() {
+        return adminId;
+    }
+
+    /**
+     * Sets the anonymous user id.
+     *
+     * @param anonymousId anonymous user id
+     */
+    public void setAdminId(String adminId) {
+        this.adminId = adminId;
+    }
+
+    /**
+     * Returns the anonymous user id.
+     *
+     * @return anonymous user id
+     */
+    public String getAnonymousId() {
+        return anonymousId;
+    }
+
+    /**
+     * Sets the anonymous user id.
+     *
+     * @param anonymousId anonymous user id
+     */
+    public void setAnonymousId(String anonymousId) {
+        this.anonymousId = anonymousId;
+    }
+
+    /**
+     * Returns the default user id.
+     *
+     * @return default user id
+     */
+    public String getDefaultUserId() {
+        return defaultUserId;
+    }
+
+    /**
+     * Sets the default user id to be used when no login credentials
+     * are presented.
+     *
+     * @param defaultUserId default user id
+     */
+    public void setDefaultUserId(String defaultUserId) {
+        this.defaultUserId = defaultUserId;
     }
 }

Modified: jackrabbit/trunk/jackrabbit-core/src/main/resources/org/apache/jackrabbit/core/repository.xml
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/resources/org/apache/jackrabbit/core/repository.xml?rev=641323&r1=641322&r2=641323&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/resources/org/apache/jackrabbit/core/repository.xml
(original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/resources/org/apache/jackrabbit/core/repository.xml
Wed Mar 26 07:25:50 2008
@@ -58,9 +58,9 @@
 
         <LoginModule class="org.apache.jackrabbit.core.security.simple.SimpleLoginModule">
            <!-- anonymous user id -->
-           <!-- <param name="anonymousId" value="anonymous"/> -->
+           <param name="anonymousId" value="anonymous"/>
            <!-- administrator user id (default value if param is missing is 'admin') -->
-           <!-- <param name="adminId" value="admin"/> -->
+           <param name="adminId" value="admin"/>
            <!--
               default user name to be used instead of the anonymous user
               when no login credentials are provided (unset by default)



Mime
View raw message