jackrabbit-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1159558 - /jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/token/TokenBasedAuthentication.java
Date Fri, 19 Aug 2011 09:19:45 GMT
Author: angela
Date: Fri Aug 19 09:19:45 2011
New Revision: 1159558

URL: http://svn.apache.org/viewvc?rev=1159558&view=rev
Log:
JCR-2919 : Security of token base authentication (fix updating/removing token node)

Modified:
    jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/token/TokenBasedAuthentication.java

Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/token/TokenBasedAuthentication.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/token/TokenBasedAuthentication.java?rev=1159558&r1=1159557&r2=1159558&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/token/TokenBasedAuthentication.java
(original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/token/TokenBasedAuthentication.java
Fri Aug 19 09:19:45 2011
@@ -31,7 +31,6 @@ import org.apache.jackrabbit.util.Text;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import javax.jcr.AccessDeniedException;
 import javax.jcr.Credentials;
 import javax.jcr.Node;
 import javax.jcr.Property;
@@ -202,12 +201,9 @@ public class TokenBasedAuthentication im
                 Calendar cal = GregorianCalendar.getInstance();
                 cal.setTimeInMillis(expirationTime);
 
-                tokenNode = getTokenNode();
-                s = tokenNode.getSession();
+                s = ((SessionImpl) session).createSession(session.getWorkspace().getName());
+                tokenNode = getTokenNode(token, s);
                 tokenNode.setProperty(TOKEN_ATTRIBUTE_EXPIRY, s.getValueFactory().createValue(cal));
-            }
-
-            if (s != null) {
                 s.save();
             }
         } catch (RepositoryException e) {
@@ -225,8 +221,8 @@ public class TokenBasedAuthentication im
     private void removeToken() {
         Session s = null;
         try {
-            Node tokenNode = getTokenNode();
-            s = tokenNode.getSession();
+            s = ((SessionImpl) session).createSession(session.getWorkspace().getName());
+            Node tokenNode = getTokenNode(token, s);
             
             tokenNode.remove();
             s.save();
@@ -239,19 +235,6 @@ public class TokenBasedAuthentication im
         }
     }
 
-    /**
-     * Retrieve the token node using another session to avoid concurrent write
-     * operations with the shared system session.
-     *
-     * @return the token node
-     * @throws RepositoryException
-     * @throws AccessDeniedException
-     */
-    private Node getTokenNode() throws RepositoryException, AccessDeniedException {
-        Session s = ((SessionImpl) session).createSession(session.getWorkspace().getName());
-        return s.getNodeByIdentifier(token);
-    }
-
     //--------------------------------------------------------------------------
     /**
      * Returns <code>true</code> if the given <code>credentials</code>
object
@@ -322,7 +305,7 @@ public class TokenBasedAuthentication im
      * creating the token node.
      */
     public synchronized static Credentials createToken(User user, SimpleCredentials credentials,
-                                                long tokenExpiration, Session session) throws
RepositoryException {
+                                                       long tokenExpiration, Session session)
throws RepositoryException {
         String workspaceName = session.getWorkspace().getName();
         if (user == null) {
             throw new RepositoryException("Cannot create login token: No corresponding node
for 'null' user in workspace '" + workspaceName + "'.");



Mime
View raw message