Return-Path: X-Original-To: apmail-jackrabbit-oak-commits-archive@minotaur.apache.org Delivered-To: apmail-jackrabbit-oak-commits-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 1EB75D303 for ; Thu, 4 Oct 2012 16:25:13 +0000 (UTC) Received: (qmail 94375 invoked by uid 500); 4 Oct 2012 16:25:13 -0000 Delivered-To: apmail-jackrabbit-oak-commits-archive@jackrabbit.apache.org Received: (qmail 94343 invoked by uid 500); 4 Oct 2012 16:25:13 -0000 Mailing-List: contact oak-commits-help@jackrabbit.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: oak-dev@jackrabbit.apache.org Delivered-To: mailing list oak-commits@jackrabbit.apache.org Received: (qmail 94333 invoked by uid 99); 4 Oct 2012 16:25:13 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 04 Oct 2012 16:25:13 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 04 Oct 2012 16:25:08 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id BCA4F238896F; Thu, 4 Oct 2012 16:24:25 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1394140 - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/core/ oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/type/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/ oak-core/src/main/java/org... Date: Thu, 04 Oct 2012 16:24:24 -0000 To: oak-commits@jackrabbit.apache.org From: angela@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20121004162425.BCA4F238896F@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: angela Date: Thu Oct 4 16:24:22 2012 New Revision: 1394140 URL: http://svn.apache.org/viewvc?rev=1394140&view=rev Log: OAK-91 - Implement Authentication Support (WIP) Added: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/LoginContext.java (contents, props changed) - copied, changed from r1393939, jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/OakLoginContext.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/CredentialsCallback.java - copied, changed from r1393986, jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/CredentialsCallback.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/PrincipalProviderCallback.java - copied, changed from r1393939, jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/PrincipalProviderCallback.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/RepositoryCallback.java - copied, changed from r1393986, jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/RepositoryCallback.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/SecurityProviderCallback.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/TokenProviderCallback.java - copied, changed from r1393939, jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderCallback.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenInfo.java - copied, changed from r1393939, jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenInfo.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenProvider.java - copied, changed from r1393939, jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProvider.java Removed: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenInfo.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProvider.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderCallback.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/CredentialsCallback.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/OakLoginContext.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/PrincipalProviderCallback.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/RepositoryCallback.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentSessionImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/type/InitialContent.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/CallbackHandlerImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/LoginContextProviderImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/LoginModuleImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/GuestLoginModule.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/JaasLoginContext.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/LoginContextProvider.java jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/OpenLoginContextProvider.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractOakTest.java jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserProviderImplTest.java jackrabbit/oak/trunk/oak-core/src/test/resources/org/apache/jackrabbit/oak/query/sql2.txt jackrabbit/oak/trunk/oak-core/src/test/resources/org/apache/jackrabbit/oak/query/sql2_measure.txt jackrabbit/oak/trunk/oak-jcr/pom.xml jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/OakRepositoryStub.java jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/RepositoryTest.java jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/EveryoneGroupTest.java Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java Thu Oct 4 16:24:22 2012 @@ -38,7 +38,7 @@ import org.apache.jackrabbit.oak.spi.que import org.apache.jackrabbit.oak.spi.query.QueryIndexProvider; import org.apache.jackrabbit.oak.spi.security.SecurityProvider; import org.apache.jackrabbit.oak.spi.security.authentication.LoginContextProvider; -import org.apache.jackrabbit.oak.spi.security.authentication.OakLoginContext; +import org.apache.jackrabbit.oak.spi.security.authentication.LoginContext; import org.apache.jackrabbit.oak.spi.security.authorization.AccessControlProvider; import org.apache.jackrabbit.oak.spi.state.NodeStore; import org.slf4j.Logger; @@ -153,7 +153,7 @@ public class ContentRepositoryImpl imple } LoginContextProvider lcProvider = securityProvider.getLoginContextProvider(nodeStore); - OakLoginContext loginContext = lcProvider.getLoginContext(credentials, workspaceName); + LoginContext loginContext = lcProvider.getLoginContext(credentials, workspaceName); loginContext.login(); AccessControlProvider acProvider = securityProvider.getAccessControlProvider(); Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentSessionImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentSessionImpl.java?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentSessionImpl.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentSessionImpl.java Thu Oct 4 16:24:22 2012 @@ -28,7 +28,7 @@ import org.apache.jackrabbit.oak.api.Cor import org.apache.jackrabbit.oak.api.Root; import org.apache.jackrabbit.oak.spi.commit.ConflictHandlerProvider; import org.apache.jackrabbit.oak.spi.query.QueryIndexProvider; -import org.apache.jackrabbit.oak.spi.security.authentication.OakLoginContext; +import org.apache.jackrabbit.oak.spi.security.authentication.LoginContext; import org.apache.jackrabbit.oak.spi.security.authorization.AccessControlProvider; import org.apache.jackrabbit.oak.spi.state.NodeStore; import org.slf4j.Logger; @@ -41,14 +41,14 @@ class ContentSessionImpl implements Cont private static final Logger log = LoggerFactory.getLogger(ContentSessionImpl.class); - private final OakLoginContext loginContext; + private final LoginContext loginContext; private final AccessControlProvider accProvider; private final String workspaceName; private final NodeStore store; private final ConflictHandlerProvider conflictHandlerProvider; private final QueryIndexProvider indexProvider; - public ContentSessionImpl(OakLoginContext loginContext, + public ContentSessionImpl(LoginContext loginContext, AccessControlProvider accProvider, String workspaceName, NodeStore store, ConflictHandlerProvider conflictHandlerProvider, QueryIndexProvider indexProvider) { Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/type/InitialContent.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/type/InitialContent.java?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/type/InitialContent.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/plugins/type/InitialContent.java Thu Oct 4 16:24:22 2012 @@ -1,72 +1,96 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.jackrabbit.oak.plugins.type; - -import org.apache.felix.scr.annotations.Component; -import org.apache.felix.scr.annotations.Service; -import org.apache.jackrabbit.mk.api.MicroKernel; -import org.apache.jackrabbit.oak.Oak; -import org.apache.jackrabbit.oak.api.Root; -import org.apache.jackrabbit.oak.spi.lifecycle.DefaultMicroKernelTracker; -import org.apache.jackrabbit.oak.spi.lifecycle.MicroKernelTracker; -import org.apache.jackrabbit.oak.spi.security.OpenSecurityProvider; -import org.apache.jackrabbit.oak.spi.state.NodeState; -import org.apache.jackrabbit.oak.spi.state.NodeStore; - -/** - * InitialContent implements a {@link MicroKernelTracker} and - * registers built-in node types when the micro kernel becomes available. - */ -@Component -@Service(MicroKernelTracker.class) -public class InitialContent extends DefaultMicroKernelTracker { - - @Override - public void available(MicroKernel mk) { - NodeStore nodeStore = new Oak(mk).createNodeStore(); - // FIXME: depends on CoreValue's name mangling - NodeState root = nodeStore.getRoot(); - if (root.hasChildNode("jcr:system")) { - mk.commit("/", "^\"jcr:primaryType\":\"nam:rep:root\" ", null, null); - } else { - mk.commit("/", "^\"jcr:primaryType\":\"nam:rep:root\"" + - "+\"jcr:system\":{" + - "\"jcr:primaryType\" :\"nam:rep:system\"," + - "\"jcr:versionStorage\" :{\"jcr:primaryType\":\"nam:rep:versionStorage\"}," + - "\"jcr:nodeTypes\" :{\"jcr:primaryType\":\"nam:rep:nodeTypes\"}," + - "\"jcr:activities\" :{\"jcr:primaryType\":\"nam:rep:Activities\"}," + - "\"rep:privileges\" :{\"jcr:primaryType\":\"nam:rep:Privileges\"}}", null, null); - } - if (!root.hasChildNode("oak:index")) { - // FIXME: user-mgt related unique properties (rep:authorizableId, rep:principalName) are implementation detail and not generic for repo - // FIXME: rep:principalName only needs to be unique if defined with user/group nodes -> add defining nt-info to uniqueness constraint otherwise ac-editing will fail. - mk.commit("/", "+\"oak:index\":{\"jcr:uuid\":{\"unique\":true},\"rep:authorizableId\":{\"unique\":true},\"rep:principalName\":{\"unique\":true}}", null, null); - } - - BuiltInNodeTypes.register(createRoot(mk)); - } - - private Root createRoot(MicroKernel mk) { - Oak oak = new Oak(mk); - oak.with(new OpenSecurityProvider()); // TODO: this shouldn't be needed - try { - return oak.createContentRepository().login(null, null).getLatestRoot(); - } catch (Exception e) { - throw new IllegalStateException("Unable to create a Root", e); - } - } -} +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.jackrabbit.oak.plugins.type; + +import org.apache.felix.scr.annotations.Component; +import org.apache.felix.scr.annotations.Service; +import org.apache.jackrabbit.mk.api.MicroKernel; +import org.apache.jackrabbit.oak.Oak; +import org.apache.jackrabbit.oak.api.Root; +import org.apache.jackrabbit.oak.spi.lifecycle.DefaultMicroKernelTracker; +import org.apache.jackrabbit.oak.spi.lifecycle.MicroKernelTracker; +import org.apache.jackrabbit.oak.spi.security.OpenSecurityProvider; +import org.apache.jackrabbit.oak.spi.state.NodeState; +import org.apache.jackrabbit.oak.spi.state.NodeStore; + +/** + * InitialContent implements a {@link MicroKernelTracker} and + * registers built-in node types when the micro kernel becomes available. + */ +@Component +@Service(MicroKernelTracker.class) +public class InitialContent extends DefaultMicroKernelTracker { + + @Override + public void available(MicroKernel mk) { + NodeStore nodeStore = new Oak(mk).createNodeStore(); + // FIXME: depends on CoreValue's name mangling + NodeState root = nodeStore.getRoot(); + if (root.hasChildNode("jcr:system")) { + mk.commit("/", "^\"jcr:primaryType\":\"nam:rep:root\" ", null, null); + } else { + mk.commit("/", "^\"jcr:primaryType\":\"nam:rep:root\"" + + "+\"jcr:system\":{" + + "\"jcr:primaryType\" :\"nam:rep:system\"," + + "\"jcr:versionStorage\" :{\"jcr:primaryType\":\"nam:rep:versionStorage\"}," + + "\"jcr:nodeTypes\" :{\"jcr:primaryType\":\"nam:rep:nodeTypes\"}," + + "\"jcr:activities\" :{\"jcr:primaryType\":\"nam:rep:Activities\"}," + + "\"rep:privileges\" :{\"jcr:primaryType\":\"nam:rep:Privileges\"}}" + + "+\"rep:security\":{" + + "\"jcr:primaryType\":\"nam:rep:AuthorizableFolder\"," + + "\"rep:authorizables\":{" + + "\"jcr:primaryType\":\"nam:rep:AuthorizableFolder\"," + + "\"rep:users\":{" + + "\"jcr:primaryType\":\"nam:rep:AuthorizableFolder\"," + + "\"a\":{" + + "\"jcr:primaryType\":\"nam:rep:AuthorizableFolder\"," + + "\"ad\":{" + + "\"jcr:primaryType\":\"nam:rep:AuthorizableFolder\"," + + "\"admin\":{" + + "\"jcr:primaryType\":\"nam:rep:User\"," + + "\"jcr:uuid\":\"21232f29-7a57-35a7-8389-4a0e4a801fc3\"," + + "\"rep:principalName\":\"admin\"," + + "\"rep:authorizableId\":\"admin\"," + + "\"rep:password\":\"{SHA-256}9e515755e95513ce-1000-0696716f8baf8890a35eda1b9f2d5a4e727d1c7e1c062f03180dcc2a20f61f3b\"}}," + + "\"an\":{ " + + "\"jcr:primaryType\":\"nam:rep:AuthorizableFolder\"," + + "\"anonymous\":{" + + "\"jcr:primaryType\":\"nam:rep:User\"," + + "\"jcr:uuid\":\"294de355-7d9d-30b3-92d8-a1e6aab028cf\"," + + "\"rep:principalName\":\"anonymous\"," + + "\"rep:authorizableId\":\"anonymous\"}}" + + "}}}}", null, null); + } + if (!root.hasChildNode("oak:index")) { + // FIXME: user-mgt related unique properties (rep:authorizableId, rep:principalName) are implementation detail and not generic for repo + // FIXME: rep:principalName only needs to be unique if defined with user/group nodes -> add defining nt-info to uniqueness constraint otherwise ac-editing will fail. + mk.commit("/", "+\"oak:index\":{\"jcr:uuid\":{\"unique\":true},\"rep:authorizableId\":{\"unique\":true},\"rep:principalName\":{\"unique\":true}}", null, null); + } + + BuiltInNodeTypes.register(createRoot(mk)); + } + + private Root createRoot(MicroKernel mk) { + Oak oak = new Oak(mk); + oak.with(new OpenSecurityProvider()); // TODO: this shouldn't be needed + try { + return oak.createContentRepository().login(null, null).getLatestRoot(); + } catch (Exception e) { + throw new IllegalStateException("Unable to create a Root", e); + } + } +} Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java Thu Oct 4 16:24:22 2012 @@ -33,7 +33,6 @@ import org.apache.jackrabbit.oak.securit import org.apache.jackrabbit.oak.spi.security.SecurityProvider; import org.apache.jackrabbit.oak.spi.security.authentication.LoginContextProvider; import org.apache.jackrabbit.oak.spi.security.authorization.AccessControlProvider; -import org.apache.jackrabbit.oak.spi.security.principal.OpenPrincipalProvider; import org.apache.jackrabbit.oak.spi.security.principal.PrincipalConfiguration; import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider; import org.apache.jackrabbit.oak.spi.security.user.MembershipProvider; @@ -48,9 +47,7 @@ public class SecurityProviderImpl implem public LoginContextProvider getLoginContextProvider(NodeStore nodeStore) { // TODO: use configurable authentication config Configuration configuration = new ConfigurationImpl(); - // TODO: use getPrincipalProvider instead - PrincipalProvider principalProvider = new OpenPrincipalProvider(); - return new LoginContextProviderImpl(configuration, nodeStore, principalProvider); + return new LoginContextProviderImpl(configuration, nodeStore, this); } @Nonnull Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/CallbackHandlerImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/CallbackHandlerImpl.java?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/CallbackHandlerImpl.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/CallbackHandlerImpl.java Thu Oct 4 16:24:22 2012 @@ -25,10 +25,11 @@ import javax.security.auth.callback.Name import javax.security.auth.callback.PasswordCallback; import javax.security.auth.callback.UnsupportedCallbackException; -import org.apache.jackrabbit.oak.spi.security.authentication.CredentialsCallback; -import org.apache.jackrabbit.oak.spi.security.authentication.RepositoryCallback; -import org.apache.jackrabbit.oak.spi.security.authentication.PrincipalProviderCallback; -import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider; +import org.apache.jackrabbit.oak.spi.security.SecurityProvider; +import org.apache.jackrabbit.oak.spi.security.authentication.callback.CredentialsCallback; +import org.apache.jackrabbit.oak.spi.security.authentication.callback.PrincipalProviderCallback; +import org.apache.jackrabbit.oak.spi.security.authentication.callback.RepositoryCallback; +import org.apache.jackrabbit.oak.spi.security.authentication.callback.SecurityProviderCallback; import org.apache.jackrabbit.oak.spi.state.NodeStore; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -54,14 +55,14 @@ public class CallbackHandlerImpl impleme private final Credentials credentials; private final String workspaceName; private final NodeStore nodeStore; - private final PrincipalProvider principalProvider; + private final SecurityProvider securityProvider; public CallbackHandlerImpl(Credentials credentials, String workspaceName, - NodeStore nodeStore, PrincipalProvider principalProvider) { + NodeStore nodeStore, SecurityProvider securityProvider) { this.credentials = credentials; this.workspaceName = workspaceName; this.nodeStore = nodeStore; - this.principalProvider = principalProvider; + this.securityProvider = securityProvider; } //----------------------------------------------------< CallbackHandler >--- @@ -74,8 +75,8 @@ public class CallbackHandlerImpl impleme ((NameCallback) callback).setName(getName()); } else if (callback instanceof PasswordCallback) { ((PasswordCallback) callback).setPassword(getPassword()); - } else if (callback instanceof PrincipalProviderCallback) { - ((PrincipalProviderCallback) callback).setPrincipalProvider(principalProvider); + } else if (callback instanceof SecurityProviderCallback) { + ((SecurityProviderCallback) callback).setSecurityProvider(securityProvider); } else if (callback instanceof RepositoryCallback) { RepositoryCallback repositoryCallback = (RepositoryCallback) callback; repositoryCallback.setNodeStore(nodeStore); Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/LoginContextProviderImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/LoginContextProviderImpl.java?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/LoginContextProviderImpl.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/LoginContextProviderImpl.java Thu Oct 4 16:24:22 2012 @@ -24,10 +24,10 @@ import javax.security.auth.callback.Call import javax.security.auth.login.Configuration; import javax.security.auth.login.LoginException; +import org.apache.jackrabbit.oak.spi.security.SecurityProvider; import org.apache.jackrabbit.oak.spi.security.authentication.JaasLoginContext; +import org.apache.jackrabbit.oak.spi.security.authentication.LoginContext; import org.apache.jackrabbit.oak.spi.security.authentication.LoginContextProvider; -import org.apache.jackrabbit.oak.spi.security.authentication.OakLoginContext; -import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider; import org.apache.jackrabbit.oak.spi.state.NodeStore; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -43,30 +43,29 @@ public class LoginContextProviderImpl im private final Configuration configuration; private final NodeStore nodeStore; - private final PrincipalProvider principalProvider; + private final SecurityProvider securityProvider; public LoginContextProviderImpl(Configuration configuration, NodeStore nodeStore, - PrincipalProvider principalProvider) { + SecurityProvider securityProvider) { this.configuration = configuration; this.nodeStore = nodeStore; - this.principalProvider = principalProvider; + this.securityProvider = securityProvider; } @Override @Nonnull - public OakLoginContext getLoginContext(Credentials credentials, String workspaceName) + public LoginContext getLoginContext(Credentials credentials, String workspaceName) throws LoginException { // TODO: add proper implementation // TODO - authentication against configurable spi-authentication // TODO - validation of workspace name (including access rights for the given 'user') Subject subject = getSubject(); - CallbackHandler handler = new CallbackHandlerImpl(credentials, workspaceName, nodeStore, principalProvider); + CallbackHandler handler = new CallbackHandlerImpl(credentials, workspaceName, nodeStore, securityProvider); return new JaasLoginContext(APP_NAME, subject, handler, configuration); } //------------------------------------------------------------< private >--- - private static Subject getSubject() { Subject subject = null; try { Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/LoginModuleImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/LoginModuleImpl.java?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/LoginModuleImpl.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/LoginModuleImpl.java Thu Oct 4 16:24:22 2012 @@ -115,7 +115,6 @@ public class LoginModuleImpl extends Abs // TODO credentials = getCredentials(); userID = getUserID(); - principals = getPrincipals(userID); Authentication authentication = new AuthenticationImpl(userID); boolean success = authentication.authenticate(credentials); @@ -124,6 +123,8 @@ public class LoginModuleImpl extends Abs } if (success) { + principals = getPrincipals(userID); + log.debug("Login: adding Credentials to shared state."); sharedState.put(SHARED_KEY_CREDENTIALS, credentials); Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenAuthentication.java Thu Oct 4 16:24:22 2012 @@ -24,6 +24,8 @@ import javax.jcr.Credentials; import org.apache.jackrabbit.api.security.authentication.token.TokenCredentials; import org.apache.jackrabbit.oak.spi.security.authentication.Authentication; +import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo; +import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -64,7 +66,7 @@ class TokenAuthentication implements Aut @Nonnull TokenInfo getTokenInfo() { if (tokenInfo == null) { - throw new IllegalStateException("Token info can only be retrieved upon successful authentication."); + throw new IllegalStateException("Token info can only be retrieved after successful authentication."); } return tokenInfo; } Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java Thu Oct 4 16:24:22 2012 @@ -31,6 +31,9 @@ import org.apache.jackrabbit.api.securit import org.apache.jackrabbit.oak.api.AuthInfo; import org.apache.jackrabbit.oak.security.authentication.AuthInfoImpl; import org.apache.jackrabbit.oak.spi.security.authentication.AbstractLoginModule; +import org.apache.jackrabbit.oak.spi.security.authentication.callback.TokenProviderCallback; +import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo; +import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider; import org.slf4j.Logger; import org.slf4j.LoggerFactory; Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImpl.java Thu Oct 4 16:24:22 2012 @@ -42,6 +42,8 @@ import org.apache.jackrabbit.oak.api.Pro import org.apache.jackrabbit.oak.api.Root; import org.apache.jackrabbit.oak.api.Tree; import org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials; +import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo; +import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider; import org.apache.jackrabbit.oak.spi.security.user.PasswordUtility; import org.apache.jackrabbit.oak.spi.security.user.Type; import org.apache.jackrabbit.oak.spi.security.user.UserContext; Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java Thu Oct 4 16:24:22 2012 @@ -30,6 +30,14 @@ import javax.security.auth.callback.Unsu import javax.security.auth.login.LoginException; import javax.security.auth.spi.LoginModule; +import org.apache.jackrabbit.oak.api.ContentSession; +import org.apache.jackrabbit.oak.namepath.NamePathMapper; +import org.apache.jackrabbit.oak.spi.security.SecurityProvider; +import org.apache.jackrabbit.oak.spi.security.authentication.callback.CredentialsCallback; +import org.apache.jackrabbit.oak.spi.security.authentication.callback.PrincipalProviderCallback; +import org.apache.jackrabbit.oak.spi.security.authentication.callback.RepositoryCallback; +import org.apache.jackrabbit.oak.spi.security.authentication.callback.SecurityProviderCallback; +import org.apache.jackrabbit.oak.spi.security.principal.OpenPrincipalProvider; import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -159,18 +167,42 @@ public abstract class AbstractLoginModul } private PrincipalProvider getPrincipalProvider() { - PrincipalProvider principalProvider = null; - if (callbackHandler != null) { - try { - PrincipalProviderCallback principalCallBack = new PrincipalProviderCallback(); - callbackHandler.handle(new Callback[] {principalCallBack}); - principalProvider = principalCallBack.getPrincipalProvider(); - } catch (IOException e) { - log.warn(e.getMessage()); - } catch (UnsupportedCallbackException e) { - log.warn(e.getMessage()); - } - } - return principalProvider; + // TODO: replace fake pp to enable proper principal resolution. code below works but... + return new OpenPrincipalProvider(); +// PrincipalProvider principalProvider = null; +// if (callbackHandler != null) { +// RepositoryCallback rcb = new RepositoryCallback(); +// SecurityProviderCallback scb = new SecurityProviderCallback(); +// try { +// callbackHandler.handle(new Callback[] {rcb, scb}); +// ContentSession contentSession = rcb.getContentSession(); +// SecurityProvider securityProvider = scb.getSecurityProvider(); +// if (contentSession != null && securityProvider != null) { +// // FIXME: getLatestRoot is unbearable slow. +// // FIXME: - either use a different Root that passed from the repo to the callback-handler or +// // FIXME: - fix mk such that retrieving the root is for free +// principalProvider = securityProvider.getPrincipalConfiguration(). +// getPrincipalProvider(contentSession, contentSession.getLatestRoot(), NamePathMapper.DEFAULT); +// } +// } catch (UnsupportedCallbackException e) { +// log.debug(e.getMessage()); +// } catch (IOException e) { +// log.debug(e.getMessage()); +// } +// +// if (principalProvider == null) { +// try { +// PrincipalProviderCallback principalCallBack = new PrincipalProviderCallback(); +// callbackHandler.handle(new Callback[] {principalCallBack}); +// principalProvider = principalCallBack.getPrincipalProvider(); +// } catch (IOException e) { +// log.debug(e.getMessage()); +// } catch (UnsupportedCallbackException e) { +// log.debug(e.getMessage()); +// } +// } +// +// } +// return principalProvider; } } Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/GuestLoginModule.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/GuestLoginModule.java?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/GuestLoginModule.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/GuestLoginModule.java Thu Oct 4 16:24:22 2012 @@ -27,6 +27,7 @@ import javax.security.auth.callback.Unsu import javax.security.auth.login.LoginException; import javax.security.auth.spi.LoginModule; +import org.apache.jackrabbit.oak.spi.security.authentication.callback.CredentialsCallback; import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal; import org.slf4j.Logger; import org.slf4j.LoggerFactory; Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/JaasLoginContext.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/JaasLoginContext.java?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/JaasLoginContext.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/JaasLoginContext.java Thu Oct 4 16:24:22 2012 @@ -19,14 +19,13 @@ package org.apache.jackrabbit.oak.spi.se import javax.security.auth.Subject; import javax.security.auth.callback.CallbackHandler; import javax.security.auth.login.Configuration; -import javax.security.auth.login.LoginContext; import javax.security.auth.login.LoginException; /** - * Bridge class that connects the JAAS {@link LoginContext} class with the - * {@link OakLoginContext} interface used by Oak. + * Bridge class that connects the JAAS {@link javax.security.auth.login.LoginContext} class with the + * {@link LoginContext} interface used by Oak. */ -public class JaasLoginContext extends LoginContext implements OakLoginContext { +public class JaasLoginContext extends javax.security.auth.login.LoginContext implements LoginContext { public JaasLoginContext(String name) throws LoginException { super(name); Copied: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/LoginContext.java (from r1393939, jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/OakLoginContext.java) URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/LoginContext.java?p2=jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/LoginContext.java&p1=jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/OakLoginContext.java&r1=1393939&r2=1394140&rev=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/OakLoginContext.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/LoginContext.java Thu Oct 4 16:24:22 2012 @@ -17,17 +17,16 @@ package org.apache.jackrabbit.oak.spi.security.authentication; import javax.security.auth.Subject; -import javax.security.auth.login.LoginContext; import javax.security.auth.login.LoginException; /** - * Interface version of the JAAS {@link LoginContext} class. Used by Oak to - * make it easier to integrate non-JAAS authentication components while still - * retaining full JAAS support. The {@link JaasLoginContext} class acts as a - * bridge that connects the JAAS {@link LoginContext} class with this - * interface. + * Interface version of the JAAS {@link javax.security.auth.login.LoginContext} + * class. It is used to make integration of non-JAAS authentication components + * easier while still retaining full JAAS support. The {@link JaasLoginContext} + * class acts as a bridge that connects the JAAS + * {@link javax.security.auth.login.LoginContext} class with this interface. */ -public interface OakLoginContext { +public interface LoginContext { Subject getSubject(); Propchange: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/LoginContext.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/LoginContext.java ------------------------------------------------------------------------------ svn:keywords = Author Date Id Revision Rev URL Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/LoginContextProvider.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/LoginContextProvider.java?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/LoginContextProvider.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/LoginContextProvider.java Thu Oct 4 16:24:22 2012 @@ -42,8 +42,5 @@ public interface LoginContextProvider { * @throws LoginException If an error occurs while creating a new context. */ @Nonnull - OakLoginContext getLoginContext( - Credentials credentials, String workspaceName) - throws LoginException; - + LoginContext getLoginContext(Credentials credentials, String workspaceName) throws LoginException; } \ No newline at end of file Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/OpenLoginContextProvider.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/OpenLoginContextProvider.java?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/OpenLoginContextProvider.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/OpenLoginContextProvider.java Thu Oct 4 16:24:22 2012 @@ -28,8 +28,8 @@ public class OpenLoginContextProvider im @Override @Nonnull - public OakLoginContext getLoginContext(final Credentials credentials, String workspaceName) { - return new OakLoginContext() { + public LoginContext getLoginContext(final Credentials credentials, String workspaceName) { + return new LoginContext() { @Override public Subject getSubject() { Subject subject = new Subject(); Copied: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/CredentialsCallback.java (from r1393986, jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/CredentialsCallback.java) URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/CredentialsCallback.java?p2=jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/CredentialsCallback.java&p1=jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/CredentialsCallback.java&r1=1393986&r2=1394140&rev=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/CredentialsCallback.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/CredentialsCallback.java Thu Oct 4 16:24:22 2012 @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.apache.jackrabbit.oak.spi.security.authentication; +package org.apache.jackrabbit.oak.spi.security.authentication.callback; import java.io.Serializable; import javax.annotation.CheckForNull; Copied: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/PrincipalProviderCallback.java (from r1393939, jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/PrincipalProviderCallback.java) URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/PrincipalProviderCallback.java?p2=jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/PrincipalProviderCallback.java&p1=jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/PrincipalProviderCallback.java&r1=1393939&r2=1394140&rev=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/PrincipalProviderCallback.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/PrincipalProviderCallback.java Thu Oct 4 16:24:22 2012 @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.apache.jackrabbit.oak.spi.security.authentication; +package org.apache.jackrabbit.oak.spi.security.authentication.callback; import javax.security.auth.callback.Callback; Copied: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/RepositoryCallback.java (from r1393986, jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/RepositoryCallback.java) URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/RepositoryCallback.java?p2=jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/RepositoryCallback.java&p1=jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/RepositoryCallback.java&r1=1393986&r2=1394140&rev=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/RepositoryCallback.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/RepositoryCallback.java Thu Oct 4 16:24:22 2012 @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.apache.jackrabbit.oak.spi.security.authentication; +package org.apache.jackrabbit.oak.spi.security.authentication.callback; import javax.annotation.CheckForNull; import javax.jcr.NoSuchWorkspaceException; @@ -23,6 +23,8 @@ import javax.security.auth.login.LoginEx import org.apache.jackrabbit.oak.api.ContentSession; import org.apache.jackrabbit.oak.core.ContentRepositoryImpl; +import org.apache.jackrabbit.oak.spi.security.OpenSecurityProvider; +import org.apache.jackrabbit.oak.spi.security.SecurityProvider; import org.apache.jackrabbit.oak.spi.state.NodeStore; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -51,7 +53,8 @@ public class RepositoryCallback implemen if (nodeStore != null) { try { // TODO rather use Oak or similar setup mechanism - return new ContentRepositoryImpl(nodeStore, null, null).login(null, workspaceName); + SecurityProvider sp = new OpenSecurityProvider(); + return new ContentRepositoryImpl(nodeStore, null, sp).login(null, workspaceName); } catch (LoginException e) { log.warn("Internal error ", e.getMessage()); } catch (NoSuchWorkspaceException e) { Added: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/SecurityProviderCallback.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/SecurityProviderCallback.java?rev=1394140&view=auto ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/SecurityProviderCallback.java (added) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/SecurityProviderCallback.java Thu Oct 4 16:24:22 2012 @@ -0,0 +1,41 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.jackrabbit.oak.spi.security.authentication.callback; + +import javax.annotation.CheckForNull; +import javax.security.auth.callback.Callback; + +import org.apache.jackrabbit.oak.spi.security.SecurityProvider; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * SecurityProviderCallback... TODO + */ +public class SecurityProviderCallback implements Callback { + + private SecurityProvider securityProvider; + + @CheckForNull + public SecurityProvider getSecurityProvider() { + return securityProvider; + } + + public void setSecurityProvider(SecurityProvider securityProvider) { + this.securityProvider = securityProvider; + } +} \ No newline at end of file Copied: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/TokenProviderCallback.java (from r1393939, jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderCallback.java) URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/TokenProviderCallback.java?p2=jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/TokenProviderCallback.java&p1=jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderCallback.java&r1=1393939&r2=1394140&rev=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderCallback.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/TokenProviderCallback.java Thu Oct 4 16:24:22 2012 @@ -14,12 +14,14 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.apache.jackrabbit.oak.security.authentication.token; +package org.apache.jackrabbit.oak.spi.security.authentication.callback; import javax.security.auth.callback.Callback; +import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider; + /** - * TokenContextCallback... TODO + * Callback implementation to set and retrieve a login token provider. */ public class TokenProviderCallback implements Callback { Copied: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenInfo.java (from r1393939, jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenInfo.java) URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenInfo.java?p2=jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenInfo.java&p1=jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenInfo.java&r1=1393939&r2=1394140&rev=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenInfo.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenInfo.java Thu Oct 4 16:24:22 2012 @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.apache.jackrabbit.oak.security.authentication.token; +package org.apache.jackrabbit.oak.spi.security.authentication.token; import java.util.Map; import javax.annotation.Nonnull; Copied: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenProvider.java (from r1393939, jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProvider.java) URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenProvider.java?p2=jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenProvider.java&p1=jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProvider.java&r1=1393939&r2=1394140&rev=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProvider.java (original) +++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/token/TokenProvider.java Thu Oct 4 16:24:22 2012 @@ -14,7 +14,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.apache.jackrabbit.oak.security.authentication.token; +package org.apache.jackrabbit.oak.spi.security.authentication.token; import javax.annotation.CheckForNull; import javax.jcr.Credentials; Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractOakTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractOakTest.java?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractOakTest.java (original) +++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractOakTest.java Thu Oct 4 16:24:22 2012 @@ -20,17 +20,16 @@ import java.util.ArrayList; import java.util.List; import javax.jcr.Credentials; -import javax.jcr.GuestCredentials; import javax.jcr.NoSuchWorkspaceException; import javax.jcr.SimpleCredentials; import javax.security.auth.login.LoginException; import org.apache.jackrabbit.oak.api.ContentRepository; import org.apache.jackrabbit.oak.api.ContentSession; -import org.apache.jackrabbit.oak.core.ContentRepositoryImpl; import org.apache.jackrabbit.oak.plugins.type.InitialContent; import org.apache.jackrabbit.oak.spi.lifecycle.CompositeMicroKernelTracker; import org.apache.jackrabbit.oak.spi.lifecycle.MicroKernelTracker; +import org.apache.jackrabbit.oak.spi.security.OpenSecurityProvider; import org.junit.Before; /** @@ -48,7 +47,7 @@ public abstract class AbstractOakTest { protected abstract ContentRepository createRepository(); protected static ContentRepository createEmptyRepository() { - return new ContentRepositoryImpl(); + return new Oak().with(new OpenSecurityProvider()).createContentRepository(); } protected ContentRepository getContentRepository() { @@ -59,10 +58,6 @@ public abstract class AbstractOakTest { return getContentRepository().login(getAdminCredentials(), null); } - protected ContentSession createGuestSession() throws LoginException, NoSuchWorkspaceException { - return getContentRepository().login(new GuestCredentials(), null); - } - private Credentials getAdminCredentials() { // TODO retrieve from config return new SimpleCredentials("admin", "admin".toCharArray()); Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserProviderImplTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserProviderImplTest.java?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserProviderImplTest.java (original) +++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserProviderImplTest.java Thu Oct 4 16:24:22 2012 @@ -21,17 +21,17 @@ import java.util.Collections; import java.util.HashMap; import java.util.List; import java.util.Map; - import javax.jcr.RepositoryException; import org.apache.jackrabbit.oak.AbstractOakTest; +import org.apache.jackrabbit.oak.Oak; import org.apache.jackrabbit.oak.api.CommitFailedException; import org.apache.jackrabbit.oak.api.ContentRepository; import org.apache.jackrabbit.oak.api.ContentSession; import org.apache.jackrabbit.oak.api.Root; import org.apache.jackrabbit.oak.api.Tree; -import org.apache.jackrabbit.oak.core.ContentRepositoryImpl; import org.apache.jackrabbit.oak.plugins.index.property.PropertyIndexHook; +import org.apache.jackrabbit.oak.spi.security.OpenSecurityProvider; import org.apache.jackrabbit.oak.spi.security.user.Type; import org.apache.jackrabbit.oak.spi.security.user.UserConfig; import org.apache.jackrabbit.oak.spi.security.user.UserConstants; @@ -104,7 +104,7 @@ public class UserProviderImplTest extend @Override protected ContentRepository createRepository() { - return new ContentRepositoryImpl(new PropertyIndexHook()); + return new Oak().with(new PropertyIndexHook()).with(new OpenSecurityProvider()).createContentRepository(); } private UserProvider createUserProvider() { Modified: jackrabbit/oak/trunk/oak-core/src/test/resources/org/apache/jackrabbit/oak/query/sql2.txt URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/resources/org/apache/jackrabbit/oak/query/sql2.txt?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/test/resources/org/apache/jackrabbit/oak/query/sql2.txt (original) +++ jackrabbit/oak/trunk/oak-core/src/test/resources/org/apache/jackrabbit/oak/query/sql2.txt Thu Oct 4 16:24:22 2012 @@ -125,6 +125,14 @@ select * from [nt:base] as x where isdes /oak:index/jcr:uuid /oak:index/rep:authorizableId /oak:index/rep:principalName +/rep:security +/rep:security/rep:authorizables +/rep:security/rep:authorizables/rep:users +/rep:security/rep:authorizables/rep:users/a +/rep:security/rep:authorizables/rep:users/a/ad +/rep:security/rep:authorizables/rep:users/a/ad/admin +/rep:security/rep:authorizables/rep:users/a/an +/rep:security/rep:authorizables/rep:users/a/an/anonymous /test /test/jcr:resource /test/resource @@ -151,6 +159,7 @@ select * from [nt:base] as p inner join /, /oak-index /, /oak:index /, /parents +/, /rep:security select * from [nt:base] as p inner join [nt:base] as p2 on isdescendantnode(p2, p) where p.[jcr:path] = '/parents' /parents, /parents/p0 @@ -210,6 +219,14 @@ select * from [nt:base] where not isdesc /oak:index/jcr:uuid /oak:index/rep:authorizableId /oak:index/rep:principalName +/rep:security +/rep:security/rep:authorizables +/rep:security/rep:authorizables/rep:users +/rep:security/rep:authorizables/rep:users/a +/rep:security/rep:authorizables/rep:users/a/ad +/rep:security/rep:authorizables/rep:users/a/ad/admin +/rep:security/rep:authorizables/rep:users/a/an +/rep:security/rep:authorizables/rep:users/a/an/anonymous /test /test/hello /test/world @@ -234,6 +251,14 @@ select * from [nt:base] where not (id = /oak:index/jcr:uuid /oak:index/rep:authorizableId /oak:index/rep:principalName +/rep:security +/rep:security/rep:authorizables +/rep:security/rep:authorizables/rep:users +/rep:security/rep:authorizables/rep:users/a +/rep:security/rep:authorizables/rep:users/a/ad +/rep:security/rep:authorizables/rep:users/a/ad/admin +/rep:security/rep:authorizables/rep:users/a/an +/rep:security/rep:authorizables/rep:users/a/an/anonymous /test /test/hello @@ -246,6 +271,14 @@ select * from [nt:base] where x is null /oak:index/jcr:uuid /oak:index/rep:authorizableId /oak:index/rep:principalName +/rep:security +/rep:security/rep:authorizables +/rep:security/rep:authorizables/rep:users +/rep:security/rep:authorizables/rep:users/a +/rep:security/rep:authorizables/rep:users/a/ad +/rep:security/rep:authorizables/rep:users/a/ad/admin +/rep:security/rep:authorizables/rep:users/a/an +/rep:security/rep:authorizables/rep:users/a/an/anonymous /test commit / - "test" Modified: jackrabbit/oak/trunk/oak-core/src/test/resources/org/apache/jackrabbit/oak/query/sql2_measure.txt URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/resources/org/apache/jackrabbit/oak/query/sql2_measure.txt?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-core/src/test/resources/org/apache/jackrabbit/oak/query/sql2_measure.txt (original) +++ jackrabbit/oak/trunk/oak-core/src/test/resources/org/apache/jackrabbit/oak/query/sql2_measure.txt Thu Oct 4 16:24:22 2012 @@ -27,52 +27,52 @@ commit / + "parents": { "p0": {"id": "0" commit / + "children": { "c1": {"p": "1"}, "c2": {"p": "1"}, "c3": {"p": "2"}, "c4": {"p": "3"}} measure select * from [nt:base] as c right outer join [nt:base] as p on p.id = c.p where p.id is not null and not isdescendantnode(p, '/jcr:system') -c, 639 -p, 213 +c, 663 +p, 221 query, 4 measure select * from [nt:base] as p left outer join [nt:base] as c on p.id = c.p where p.id is not null -c, 639 -p, 213 +c, 663 +p, 221 query, 4 measure select * from [nt:base] as p left outer join [nt:base] as c on p.id = c.p where p.id is not null and c.p is null -c, 639 -p, 213 +c, 663 +p, 221 query, 1 measure select * from [nt:base] as p left outer join [nt:base] as c on p.id = c.p where p.id is not null and c.p is not null -c, 639 -p, 213 +c, 663 +p, 221 query, 3 measure select * from [nt:base] as p inner join [nt:base] as c on p.id = c.p -c, 639 -p, 213 +c, 663 +p, 221 query, 3 measure select * from [nt:base] as c right outer join [nt:base] as p on p.id = c.p where p.id is not null and not isdescendantnode(p, '/jcr:system') -c, 639 -p, 213 +c, 663 +p, 221 query, 4 measure select * from [nt:base] as p left outer join [nt:base] as c on p.id = c.p where p.id is not null -c, 639 -p, 213 +c, 663 +p, 221 query, 4 measure select * from [nt:base] as p left outer join [nt:base] as c on p.id = c.p where p.id is not null and c.p is null -c, 639 -p, 213 +c, 663 +p, 221 query, 1 measure select * from [nt:base] as p left outer join [nt:base] as c on p.id = c.p where p.id is not null and c.p is not null -c, 639 -p, 213 +c, 663 +p, 221 query, 3 measure select * from [nt:base] as p inner join [nt:base] as c on p.id = c.p -c, 639 -p, 213 +c, 663 +p, 221 query, 3 Modified: jackrabbit/oak/trunk/oak-jcr/pom.xml URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/pom.xml?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-jcr/pom.xml (original) +++ jackrabbit/oak/trunk/oak-jcr/pom.xml Thu Oct 4 16:24:22 2012 @@ -251,6 +251,7 @@ org.apache.jackrabbit.test.api.observati org.apache.jackrabbit.test.api.observation.AddEventListenerTest#testUUID org.apache.jackrabbit.test.api.observation.LockingTest#testAddLockToNode org.apache.jackrabbit.test.api.observation.LockingTest#testRemoveLockFromNode +org.apache.jackrabbit.oak.jcr.security.user.EveryoneGroupTest#testMembers Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/OakRepositoryStub.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/OakRepositoryStub.java?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/OakRepositoryStub.java (original) +++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/OakRepositoryStub.java Thu Oct 4 16:24:22 2012 @@ -16,7 +16,6 @@ */ package org.apache.jackrabbit.oak.jcr; -import java.io.IOException; import java.security.Principal; import java.util.Properties; import java.util.concurrent.Executors; @@ -41,9 +40,8 @@ public class OakRepositoryStub extends R * * @param settings repository settings * @throws javax.jcr.RepositoryException If an error occurs. - * @throws java.io.IOException */ - public OakRepositoryStub(Properties settings) throws RepositoryException, IOException { + public OakRepositoryStub(Properties settings) throws RepositoryException { super(settings); String dir = "target/mk-tck-" + System.currentTimeMillis(); Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/RepositoryTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/RepositoryTest.java?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/RepositoryTest.java (original) +++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/RepositoryTest.java Thu Oct 4 16:24:22 2012 @@ -232,12 +232,14 @@ public class RepositoryTest extends Abst // FIXME: use a test subtree to avoid excluding default content int expected = 3 + (root.hasNode("jcr:system") ? 1 : 0) + + (root.hasNode("rep:security") ? 1 : 0) + (root.hasNode("oak-index") ? 1 : 0) + (root.hasNode("oak:index") ? 1 : 0); assertEquals(expected, nodes.getSize()); while (nodes.hasNext()) { String name = nodes.nextNode().getName(); if (!name.equals("jcr:system") + && !name.equals("rep:security") && !name.equals("oak-index") && !name.equals("oak:index")) { assertTrue(nodeNames.remove(name)); Modified: jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/EveryoneGroupTest.java URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/EveryoneGroupTest.java?rev=1394140&r1=1394139&r2=1394140&view=diff ============================================================================== --- jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/EveryoneGroupTest.java (original) +++ jackrabbit/oak/trunk/oak-jcr/src/test/java/org/apache/jackrabbit/oak/jcr/security/user/EveryoneGroupTest.java Thu Oct 4 16:24:22 2012 @@ -16,18 +16,18 @@ */ package org.apache.jackrabbit.oak.jcr.security.user; +import java.security.Principal; +import java.util.HashSet; +import java.util.Iterator; +import java.util.Set; +import javax.jcr.RepositoryException; + import org.apache.jackrabbit.api.security.user.Authorizable; import org.apache.jackrabbit.api.security.user.Group; import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal; import org.apache.jackrabbit.test.NotExecutableException; import org.junit.Test; -import javax.jcr.RepositoryException; -import java.security.Principal; -import java.util.HashSet; -import java.util.Iterator; -import java.util.Set; - /** * Tests for the group associated with {@code EveryonePrincipal} */