jackrabbit-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r945128 - in /jackrabbit/trunk/jackrabbit-core/src: main/java/org/apache/jackrabbit/core/config/ main/java/org/apache/jackrabbit/core/security/authentication/ main/java/org/apache/jackrabbit/core/security/principal/ test/java/org/apache/jac...
Date Mon, 17 May 2010 13:03:29 GMT
Author: angela
Date: Mon May 17 13:03:28 2010
New Revision: 945128

URL: http://svn.apache.org/viewvc?rev=945128&view=rev
Log:
JCR-2629 :  LoginModuleConfig should allow to specify principalProvider-name in addition to
the class

Modified:
    jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/config/LoginModuleConfig.java
    jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/AbstractLoginModule.java
    jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/principal/ProviderRegistryImpl.java
    jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/SecurityConfigTest.java

Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/config/LoginModuleConfig.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/config/LoginModuleConfig.java?rev=945128&r1=945127&r2=945128&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/config/LoginModuleConfig.java
(original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/config/LoginModuleConfig.java
Mon May 17 13:03:28 2010
@@ -49,6 +49,24 @@ public class LoginModuleConfig extends B
     public static final String PARAM_PRINCIPAL_PROVIDER_CLASS = "principalProvider";
 
     /**
+     * Same as {@link LoginModuleConfig#PARAM_PRINCIPAL_PROVIDER_CLASS}.
+     * Introduced for compatibility reasons.
+     *
+     * @see <a href="https://issues.apache.org/jira/browse/JCR-2629">JCR-2629</a>
+     */
+    public static final String COMPAT_PRINCIPAL_PROVIDER_CLASS = "principal_provider.class";
+
+    /**
+     * Property-Key if the <code>PrincipalProvider</code> configured with
+     * {@link LoginModuleConfig#PARAM_PRINCIPAL_PROVIDER_CLASS} be registered using the
+     * specified name instead of the class name which is used by default if the
+     * name parameter is missing.
+     *
+     * @see <a href="https://issues.apache.org/jira/browse/JCR-2629">JCR-2629</a>
+     */
+    public static final String COMPAT_PRINCIPAL_PROVIDER_NAME = "principal_provider.name";
+
+    /**
      * Creates an access manager configuration object from the
      * given bean configuration.
      *

Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/AbstractLoginModule.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/AbstractLoginModule.java?rev=945128&r1=945127&r2=945128&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/AbstractLoginModule.java
(original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/AbstractLoginModule.java
Mon May 17 13:03:28 2010
@@ -145,6 +145,14 @@ public abstract class AbstractLoginModul
                     principalProviderClassName = pcOption.toString();
                 }
             }
+            if (principalProviderClassName == null) {
+                // try compatibility parameters
+                if (options.containsKey(LoginModuleConfig.COMPAT_PRINCIPAL_PROVIDER_NAME))
{
+                    principalProviderClassName = options.get(LoginModuleConfig.COMPAT_PRINCIPAL_PROVIDER_NAME).toString();
+                } else if (options.containsKey(LoginModuleConfig.COMPAT_PRINCIPAL_PROVIDER_CLASS))
{
+                    principalProviderClassName = options.get(LoginModuleConfig.COMPAT_PRINCIPAL_PROVIDER_CLASS).toString();
+                }
+            }
             if (principalProviderClassName != null) {
                 principalProvider = registry.getProvider(principalProviderClassName);
             }
@@ -242,13 +250,12 @@ public abstract class AbstractLoginModul
      * known to the system, i.e. if the {@link PrincipalProvider} has a principal
      * for the given ID and the principal can be found via
      * {@link PrincipalProvider#findPrincipals(String)}.<br>
-     * The provider implemenation can be set by the configuration option with the
-     * name {@link LoginModuleConfig#PARAM_PRINCIPAL_PROVIDER_CLASS principal_provider.class}.
-     * If the option is missing, the system default prinvipal provider will
+     * The provider implementation can be set by the LoginModule configuration.
+     * If the option is missing, the system default principal provider will
      * be used.<p/>
      *
      * <b>3) Verification</b><br>
-     * There are four cases, how the User-ID can be verfied:
+     * There are four cases, how the User-ID can be verified:
      * The login is anonymous, preauthenticated or the login is the result of
      * an impersonation request (see {@link javax.jcr.Session#impersonate(Credentials)}
      * or of a login to the Repository ({@link javax.jcr.Repository#login(Credentials)}).
@@ -264,11 +271,11 @@ public abstract class AbstractLoginModul
      * Under the following conditions, the login process is aborted and the
      * module is marked to be ignored:
      * <ul>
-     * <li>No User-ID could be resolve, and anyonymous access is switched off</li>
+     * <li>No User-ID could be resolve, and anonymous access is switched off</li>
      * <li>No Principal is found for the User-ID resolved</li>
      * </ul>
      *
-     * Under the follwoing conditions, the login process is marked to be invalid
+     * Under the following conditions, the login process is marked to be invalid
      * by throwing an LoginException:
      * <ul>
      * <li>It is an impersonation request, but the impersonator is not allowed
@@ -277,7 +284,7 @@ public abstract class AbstractLoginModul
      * </ul>
      * <p/>
      * The LoginModule keeps the Credentials and the Principal as instance fields,
-     * to mark that login has been successfull.
+     * to mark that login has been successful.
      *
      * @return true if the authentication succeeded, or false if this
      *         <code>LoginModule</code> should be ignored.

Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/principal/ProviderRegistryImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/principal/ProviderRegistryImpl.java?rev=945128&r1=945127&r2=945128&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/principal/ProviderRegistryImpl.java
(original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/principal/ProviderRegistryImpl.java
Mon May 17 13:03:28 2010
@@ -62,7 +62,12 @@ public class ProviderRegistryImpl implem
         PrincipalProvider provider = createProvider(config);
         if (provider != null) {
             synchronized (providers) {
-                providers.put(provider.getClass().getName(), provider);
+                String providerName = (String) config.get(LoginModuleConfig.COMPAT_PRINCIPAL_PROVIDER_NAME);
+                if (null == providerName || "".equals(providerName)) {
+                    // no name param -> use class name instead.
+                    providerName = provider.getClass().getName();
+                }
+                providers.put(providerName, provider);
             }
         } else {
             log.debug("Could not register principal provider: " +
@@ -115,6 +120,10 @@ public class ProviderRegistryImpl implem
 
         String className = config.getProperty(LoginModuleConfig.PARAM_PRINCIPAL_PROVIDER_CLASS);
         if (className == null) {
+            // try alternative key (backwards compatibility)
+            className = config.getProperty(LoginModuleConfig.COMPAT_PRINCIPAL_PROVIDER_CLASS);
+        }
+        if (className == null) {
             return null;
         }
 

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/SecurityConfigTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/SecurityConfigTest.java?rev=945128&r1=945127&r2=945128&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/SecurityConfigTest.java
(original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/config/SecurityConfigTest.java
Mon May 17 13:03:28 2010
@@ -21,6 +21,9 @@ import org.apache.jackrabbit.core.Sessio
 import org.apache.jackrabbit.core.security.AccessManager;
 import org.apache.jackrabbit.core.security.DefaultAccessManager;
 import org.apache.jackrabbit.core.security.JackrabbitSecurityManager;
+import org.apache.jackrabbit.core.security.principal.PrincipalProvider;
+import org.apache.jackrabbit.core.security.principal.PrincipalProviderRegistry;
+import org.apache.jackrabbit.core.security.principal.ProviderRegistryImpl;
 import org.apache.jackrabbit.core.security.user.UserManagerImpl;
 import org.apache.jackrabbit.core.security.user.UserPerWorkspaceUserManager;
 import org.apache.jackrabbit.core.security.authentication.DefaultLoginModule;
@@ -56,11 +59,13 @@ public class SecurityConfigTest extends 
 
     private RepositoryConfigurationParser parser;
 
+    @Override
     protected void setUp() throws Exception {
         super.setUp();
         parser = new RepositoryConfigurationParser(new Properties());
     }
 
+    @Override
     protected void tearDown() throws Exception {
         super.tearDown();
     }
@@ -147,7 +152,7 @@ public class SecurityConfigTest extends 
 
         // assignable from same class as configured
         UserManager um = umc.getUserManager(UserManagerImpl.class, new Class[] {
-            SessionImpl.class, String.class}, (SessionImpl) superuser, "admin");
+            SessionImpl.class, String.class}, superuser, "admin");
         assertNotNull(um);
         assertTrue(um instanceof UserManagerImpl);
         assertTrue(um.isAutoSave());
@@ -163,7 +168,7 @@ public class SecurityConfigTest extends 
         umc = parser.parseSecurityConfig(xml).getSecurityManagerConfig().getUserManagerConfig();
         try {
             um = umc.getUserManager(UserPerWorkspaceUserManager.class, new Class[] {
-                    SessionImpl.class, String.class}, (SessionImpl) superuser, "admin");
+                    SessionImpl.class, String.class}, superuser, "admin");
             fail("UserManagerImpl is not assignable from derived class");
         } catch (ConfigurationException e) {
             // success
@@ -174,7 +179,7 @@ public class SecurityConfigTest extends 
         umc = parser.parseSecurityConfig(xml).getSecurityManagerConfig().getUserManagerConfig();
         try {
             um = umc.getUserManager(UserManagerImpl.class, new Class[] {
-                    Session.class}, (SessionImpl) superuser, "admin");
+                    Session.class}, superuser, "admin");
             fail("Invalid parameter types -> must fail.");
         } catch (ConfigurationException e) {
             // success
@@ -195,7 +200,7 @@ public class SecurityConfigTest extends 
         umc = parser.parseSecurityConfig(xml).getSecurityManagerConfig().getUserManagerConfig();
         // assignable from defines base class
         um = umc.getUserManager(UserManagerImpl.class, new Class[] {
-            SessionImpl.class, String.class}, (SessionImpl) superuser, "admin");
+            SessionImpl.class, String.class}, superuser, "admin");
         assertNotNull(um);
         assertTrue(um instanceof UserPerWorkspaceUserManager);
         // but: configured class creates a umgr that requires session.save
@@ -204,8 +209,42 @@ public class SecurityConfigTest extends 
         um.autoSave(false);
     }
 
+    /**
+     * 
+     * @throws Exception
+     */
+    public void testPrincipalProviderConfig() throws Exception {
+        PrincipalProviderRegistry ppr = new ProviderRegistryImpl(null);
+
+        // standard config
+        Element xml = parseXML(new InputSource(new StringReader(PRINCIPAL_PROVIDER_CONFIG)),
true);
+        LoginModuleConfig lmc = parser.parseSecurityConfig(xml).getLoginModuleConfig(); 
      
+        PrincipalProvider pp = ppr.registerProvider(lmc.getParameters());
+        assertEquals(pp, ppr.getProvider(pp.getClass().getName()));
+        assertEquals("org.apache.jackrabbit.core.security.principal.FallbackPrincipalProvider",
pp.getClass().getName());
+
+        // config specifying an extra name
+        xml = parseXML(new InputSource(new StringReader(PRINCIPAL_PROVIDER_CONFIG1)), true);
+        lmc = parser.parseSecurityConfig(xml).getLoginModuleConfig();
+        pp = ppr.registerProvider(lmc.getParameters());
+        assertEquals(pp, ppr.getProvider("test"));
+        assertEquals("org.apache.jackrabbit.core.security.principal.FallbackPrincipalProvider",
pp.getClass().getName());
+
+        // use alternative class config
+        xml = parseXML(new InputSource(new StringReader(PRINCIPAL_PROVIDER_CONFIG2)), true);
+        lmc = parser.parseSecurityConfig(xml).getLoginModuleConfig();
+        pp = ppr.registerProvider(lmc.getParameters());
+        assertEquals(pp, ppr.getProvider("test2"));
+        assertEquals("org.apache.jackrabbit.core.security.principal.FallbackPrincipalProvider",
pp.getClass().getName());
+
+        // all 3 providers must be registered despite the fact the all configs
+        // specify the same provider class
+        assertEquals(3, ppr.getProviders().length);
+
+    }
+
     public void testInvalidConfig() {
-        List<InputSource> invalid = new ArrayList();
+        List<InputSource> invalid = new ArrayList<InputSource>();
         invalid.add(new InputSource(new StringReader(INVALID_CONFIG_1)));
         invalid.add(new InputSource(new StringReader(INVALID_CONFIG_2)));
         invalid.add(new InputSource(new StringReader(INVALID_CONFIG_3)));
@@ -316,4 +355,45 @@ public class SecurityConfigTest extends 
                     "           <UserManager class=\"org.apache.jackrabbit.core.security.user.UserPerWorkspaceUserManager\"
/>" +
                     "        </SecurityManager>" +
                     "    </Security>";
+
+    private static final String PRINCIPAL_PROVIDER_CONFIG =
+            "    <Security appName=\"Jackrabbit\">" +
+            "        <SecurityManager class=\"org.apache.jackrabbit.core.DefaultSecurityManager\"
workspaceName=\"security\">" +
+            "        </SecurityManager>" +
+            "        <AccessManager class=\"org.apache.jackrabbit.core.security.DefaultAccessManager\">"
+
+            "        </AccessManager>" +
+            "        <LoginModule class=\"org.apache.jackrabbit.core.security.authentication.DefaultLoginModule\">"
+
+            "           <param name=\"anonymousId\" value=\"anonymous\"/>" +
+            "           <param name=\"adminId\" value=\"admin\"/>" +
+            "           <param name=\"principalProvider\" value=\"org.apache.jackrabbit.core.security.principal.FallbackPrincipalProvider\"/>"
+
+            "        </LoginModule>\n" +
+            "    </Security>";
+
+    private static final String PRINCIPAL_PROVIDER_CONFIG1 =
+            "    <Security appName=\"Jackrabbit\">" +
+            "        <SecurityManager class=\"org.apache.jackrabbit.core.DefaultSecurityManager\"
workspaceName=\"security\">" +
+            "        </SecurityManager>" +
+            "        <AccessManager class=\"org.apache.jackrabbit.core.security.DefaultAccessManager\">"
+
+            "        </AccessManager>" +
+            "        <LoginModule class=\"org.apache.jackrabbit.core.security.authentication.DefaultLoginModule\">"
+
+            "           <param name=\"anonymousId\" value=\"anonymous\"/>" +
+            "           <param name=\"adminId\" value=\"admin\"/>" +
+            "           <param name=\"principalProvider\" value=\"org.apache.jackrabbit.core.security.principal.FallbackPrincipalProvider\"/>"
+
+            "           <param name=\"principal_provider.name\" value=\"test\"/>" +
+            "        </LoginModule>\n" +
+            "    </Security>";
+
+    private static final String PRINCIPAL_PROVIDER_CONFIG2 =
+            "    <Security appName=\"Jackrabbit\">" +
+            "        <SecurityManager class=\"org.apache.jackrabbit.core.DefaultSecurityManager\"
workspaceName=\"security\">" +
+            "        </SecurityManager>" +
+            "        <AccessManager class=\"org.apache.jackrabbit.core.security.DefaultAccessManager\">"
+
+            "        </AccessManager>" +
+            "        <LoginModule class=\"org.apache.jackrabbit.core.security.authentication.DefaultLoginModule\">"
+
+            "           <param name=\"anonymousId\" value=\"anonymous\"/>" +
+            "           <param name=\"adminId\" value=\"admin\"/>" +
+            "           <param name=\"principal_provider.class\" value=\"org.apache.jackrabbit.core.security.principal.FallbackPrincipalProvider\"/>"
+
+            "           <param name=\"principal_provider.name\" value=\"test2\"/>"
+
+            "        </LoginModule>\n" +
+            "    </Security>";
 }



Mime
View raw message