jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Thomas Müller <thomas.muel...@day.com>
Subject Re: Jackrabbit management API
Date Tue, 08 Sep 2009 08:10:41 GMT
Hi,

So let's say we want a new, secure mechanism to 'stop' a repository,
without having to login. Secure meaning only the module that created
the repository object may call shutdown. The current mechanism
(JackrabbitRepository.shutdown()) doesn't provide this security, as
any client that has access to the Repository object can call it:
((JackrabbitRepository)rep).shutdown().

If the application doesn't call the secure shutdown method, the
repository should still shutdown when the application ends at the
latest.

The shutdown mechanism needs to be compatible with the JCR API [1].
That means an application must be able to call shutdown if the
application created the Repository object using a RepositoryFactory.
An application may have to import the Jackrabbit API, and use
instanceof and casts:

if (x instanceof JackrabbitSomething) {
   ... .shutdown(...)
}

[1] If the mechanism is incompatible, then the application can not
easily use repository wrappers such as a log wrapper, use a JCR
remoting implementation, or use a different JCR implementation.

There are multiple ways to achieve that:

[A] == Shutdown using Factory.shutdown(Repository) ==

1) Properties parameters = ...
2) String factoryClass = parameters.remove("factory").toString();
3) RepositoryFactory factory = (RepositoryFactory)
Class.forName(factoryClass).newInstance();
4) Repository rep = factory.getRepository(parameters);
5) if (factory instanceof JackrabbitRepositoryFactory)
((JackrabbitRepositoryFactory) factory).shutdown(rep);

Lines 1) - 4) are a JCR API compliant way to get / start a repository.
If we can't support that for Jackrabbit, then the application can't be
written in an implementation-independent way, and we can't achieve the
goal [1].

Line 5) is Jackrabbit specific. This is more secure than shutdown()
because an application needs to have access to the factory instance
that created the repository. A regular application will only have
access to the Repository object, and can't call the method, or call
it, but the call will fail because the repository keeps a reference to
the factory that created it, and we can verify it's the same object
within the Jackrabbit implementation.

[B] == Shutdown using Repository.shutdown(Factory) ==

1) Properties parameters = ...
2) String factoryClass = parameters.remove("factory").toString();
3) RepositoryFactory factory = (RepositoryFactory)
Class.forName(factoryClass).newInstance();
4) Repository rep = factory.getRepository(parameters);
5) if (rep instanceof JackrabbitRepository) ((JackrabbitRepository)
rep).shutdown(factory);

[C] == Shutdown using Factory.getRepositoryManager(Repository).shutdown ==

1) Properties parameters = ...
2) String factoryClass = parameters.remove("factory").toString();
3) RepositoryFactory factory = (RepositoryFactory)
Class.forName(factoryClass).newInstance();
4) Repository rep = factory.getRepository(parameters);
5) if (factory instanceof JackrabbitRepositoryFactory)
((JackrabbitRepositoryFactory)
factory).getRepositoryManager(rep).shutdown();

Regards,
Thomas

Mime
View raw message