jackrabbit-oak-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1411647 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/core/ main/java/org/apache/jackrabbit/oak/security/ main/java/org/apache/jackrabbit/oak/security/principal/ main/java/org/apache/jackrabbit/oak/security/u...
Date Tue, 20 Nov 2012 12:55:50 GMT
Author: angela
Date: Tue Nov 20 12:55:48 2012
New Revision: 1411647

URL: http://svn.apache.org/viewvc?rev=1411647&view=rev
Log:
OAK-51 : Implement JCR Access Control Management
OAK-50 : Implement User Management
OAK-90 : Implement PrincipalManagement

Added:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImpl.java
Modified:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityProvider.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java?rev=1411647&r1=1411646&r2=1411647&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java
Tue Nov 20 12:55:48 2012
@@ -88,7 +88,7 @@ public class ContentRepositoryImpl imple
         LoginContext loginContext = lcProvider.getLoginContext(credentials, workspaceName);
         loginContext.login();
 
-        AccessControlConfiguration acConfiguration = securityProvider.getAccessControlProvider();
+        AccessControlConfiguration acConfiguration = securityProvider.getAccessControlConfiguration();
         return new ContentSessionImpl(loginContext, acConfiguration, workspaceName,
                 nodeStore, conflictHandler, indexProvider);
     }

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java?rev=1411647&r1=1411646&r2=1411647&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
Tue Nov 20 12:55:48 2012
@@ -16,25 +16,18 @@
  */
 package org.apache.jackrabbit.oak.security;
 
-import java.util.Collections;
 import java.util.HashSet;
-import java.util.List;
 import java.util.Set;
 import javax.annotation.Nonnull;
-import javax.jcr.Session;
 import javax.security.auth.login.Configuration;
 
-import org.apache.jackrabbit.api.security.principal.PrincipalManager;
 import org.apache.jackrabbit.oak.api.Root;
-import org.apache.jackrabbit.oak.namepath.NamePathMapper;
 import org.apache.jackrabbit.oak.security.authentication.LoginContextProviderImpl;
 import org.apache.jackrabbit.oak.security.authentication.token.TokenProviderImpl;
 import org.apache.jackrabbit.oak.security.authorization.AccessControlConfigurationImpl;
-import org.apache.jackrabbit.oak.security.principal.PrincipalManagerImpl;
-import org.apache.jackrabbit.oak.security.principal.PrincipalProviderImpl;
+import org.apache.jackrabbit.oak.security.principal.PrincipalConfigurationImpl;
 import org.apache.jackrabbit.oak.security.privilege.PrivilegeConfigurationImpl;
 import org.apache.jackrabbit.oak.security.user.UserConfigurationImpl;
-import org.apache.jackrabbit.oak.spi.commit.ValidatorProvider;
 import org.apache.jackrabbit.oak.spi.query.QueryIndexProvider;
 import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
 import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
@@ -43,11 +36,9 @@ import org.apache.jackrabbit.oak.spi.sec
 import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
 import org.apache.jackrabbit.oak.spi.security.authorization.AccessControlConfiguration;
 import org.apache.jackrabbit.oak.spi.security.principal.PrincipalConfiguration;
-import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider;
 import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConfiguration;
 import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
 import org.apache.jackrabbit.oak.spi.state.NodeStore;
-import org.apache.jackrabbit.oak.spi.xml.ProtectedItemImporter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -58,6 +49,7 @@ public class SecurityProviderImpl implem
     public static final String PARAM_APP_NAME = "org.apache.jackrabbit.oak.auth.appName";
     private static final String DEFAULT_APP_NAME = "jackrabbit.oak";
 
+    public static final String PARAM_PRINCIPAL_OPTIONS = "org.apache.jackrabbit.oak.principal.options";
     public static final String PARAM_USER_OPTIONS = "org.apache.jackrabbit.oak.user.options";
     public static final String PARAM_TOKEN_OPTIONS = "org.apache.jackrabbit.oak.token.options";
 
@@ -75,7 +67,7 @@ public class SecurityProviderImpl implem
     @Override
     public Iterable<SecurityConfiguration> getSecurityConfigurations() {
         Set<SecurityConfiguration> scs = new HashSet<SecurityConfiguration>();
-        scs.add(getAccessControlProvider());
+        scs.add(getAccessControlConfiguration());
         scs.add(getUserConfiguration());
         scs.add(getPrincipalConfiguration());
         scs.add(getPrivilegeConfiguration());
@@ -100,13 +92,12 @@ public class SecurityProviderImpl implem
     @Nonnull
     @Override
     public TokenProvider getTokenProvider(Root root) {
-        ConfigurationParameters options = configuration.getConfigValue(PARAM_TOKEN_OPTIONS,
new ConfigurationParameters());
-        return new TokenProviderImpl(root, options, getUserConfiguration());
+        return new TokenProviderImpl(root, getOptions(PARAM_TOKEN_OPTIONS), getUserConfiguration());
     }
 
     @Nonnull
     @Override
-    public AccessControlConfiguration getAccessControlProvider() {
+    public AccessControlConfiguration getAccessControlConfiguration() {
         return new AccessControlConfigurationImpl();
     }
 
@@ -119,40 +110,22 @@ public class SecurityProviderImpl implem
     @Nonnull
     @Override
     public UserConfiguration getUserConfiguration() {
-        ConfigurationParameters options = configuration.getConfigValue(PARAM_USER_OPTIONS,
new ConfigurationParameters());
-        return new UserConfigurationImpl(options, this);
+        return new UserConfigurationImpl(this, getOptions(PARAM_USER_OPTIONS));
     }
 
     @Nonnull
     @Override
     public PrincipalConfiguration getPrincipalConfiguration() {
-        return new PrincipalConfigurationImpl();
+        return new PrincipalConfigurationImpl(this, getOptions(PARAM_PRINCIPAL_OPTIONS));
     }
 
-    private class PrincipalConfigurationImpl extends SecurityConfiguration.Default implements
PrincipalConfiguration {
-        @Nonnull
-        @Override
-        public PrincipalManager getPrincipalManager(Session session, Root root, NamePathMapper
namePathMapper) {
-            PrincipalProvider principalProvider = getPrincipalProvider(root, namePathMapper);
-            return new PrincipalManagerImpl(principalProvider);
-        }
-
-        @Nonnull
-        @Override
-        public PrincipalProvider getPrincipalProvider(Root root, NamePathMapper namePathMapper)
{
-            return new PrincipalProviderImpl(root, getUserConfiguration(), namePathMapper);
-        }
-
-        @Nonnull
-        @Override
-        public List<ValidatorProvider> getValidatorProviders() {
-            return Collections.emptyList();
-        }
-
-        @Nonnull
-        @Override
-        public List<ProtectedItemImporter> getProtectedItemImporters() {
-            return Collections.emptyList();
-        }
+    //------------------------------------------------------------< private >---
+    /**
+     *
+     * @param name
+     * @return
+     */
+    private ConfigurationParameters getOptions(String name) {
+        return configuration.getConfigValue(name, new ConfigurationParameters());
     }
 }

Added: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImpl.java?rev=1411647&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImpl.java
(added)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImpl.java
Tue Nov 20 12:55:48 2012
@@ -0,0 +1,56 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.jackrabbit.oak.security.principal;
+
+import javax.annotation.Nonnull;
+import javax.jcr.Session;
+
+import org.apache.jackrabbit.api.security.principal.PrincipalManager;
+import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.namepath.NamePathMapper;
+import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
+import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
+import org.apache.jackrabbit.oak.spi.security.principal.PrincipalConfiguration;
+import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider;
+
+/**
+ * PrincipalConfigurationImpl... TODO
+ */
+public class PrincipalConfigurationImpl extends SecurityConfiguration.Default implements
PrincipalConfiguration {
+
+    private final SecurityProvider securityProvider;
+    private final ConfigurationParameters options;
+
+    public PrincipalConfigurationImpl(SecurityProvider securityProvider, ConfigurationParameters
options) {
+        this.securityProvider = securityProvider;
+        this.options = options;
+    }
+
+    @Nonnull
+    @Override
+    public PrincipalManager getPrincipalManager(Session session, Root root, NamePathMapper
namePathMapper) {
+        PrincipalProvider principalProvider = getPrincipalProvider(root, namePathMapper);
+        return new PrincipalManagerImpl(principalProvider);
+    }
+
+    @Nonnull
+    @Override
+    public PrincipalProvider getPrincipalProvider(Root root, NamePathMapper namePathMapper)
{
+        return new PrincipalProviderImpl(root, securityProvider.getUserConfiguration(), namePathMapper);
+    }
+}
\ No newline at end of file

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java?rev=1411647&r1=1411646&r2=1411647&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java
Tue Nov 20 12:55:48 2012
@@ -31,6 +31,7 @@ import org.apache.jackrabbit.oak.spi.sec
 import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
 import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
 import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
+import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
 import org.apache.jackrabbit.oak.spi.security.user.action.AuthorizableActionProvider;
 import org.apache.jackrabbit.oak.spi.security.user.action.DefaultAuthorizableActionProvider;
 import org.apache.jackrabbit.oak.spi.xml.ProtectedItemImporter;
@@ -43,8 +44,7 @@ public class UserConfigurationImpl exten
     private final ConfigurationParameters config;
     private final SecurityProvider securityProvider;
 
-    public UserConfigurationImpl(ConfigurationParameters config,
-                                 SecurityProvider securityProvider) {
+    public UserConfigurationImpl(SecurityProvider securityProvider, ConfigurationParameters
config) {
         this.config = config;
         this.securityProvider = securityProvider;
     }
@@ -85,15 +85,17 @@ public class UserConfigurationImpl exten
     @Nonnull
     @Override
     public AuthorizableActionProvider getAuthorizableActionProvider() {
-        // TODO: create authorizable actions from configuration
-        return DefaultAuthorizableActionProvider.INSTANCE;
+        return config.getConfigValue(UserConstants.PARAM_AUTHORIZABLE_ACTION_PROVIDER,
+                DefaultAuthorizableActionProvider.INSTANCE);
     }
 
+    @Nonnull
     @Override
     public UserManager getUserManager(Root root, NamePathMapper namePathMapper, Session session)
{
         return new UserManagerImpl(session, root, namePathMapper, securityProvider);
     }
 
+    @Nonnull
     @Override
     public UserManager getUserManager(Root root, NamePathMapper namePathMapper) {
         return new UserManagerImpl(null, root, namePathMapper, securityProvider);

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java?rev=1411647&r1=1411646&r2=1411647&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java
Tue Nov 20 12:55:48 2012
@@ -39,7 +39,7 @@ public class OpenSecurityProvider implem
     @Nonnull
     @Override
     public Iterable<SecurityConfiguration> getSecurityConfigurations() {
-        return Collections.<SecurityConfiguration>singletonList(getAccessControlProvider());
+        return Collections.<SecurityConfiguration>singletonList(getAccessControlConfiguration());
     }
 
     @Nonnull
@@ -56,7 +56,7 @@ public class OpenSecurityProvider implem
 
     @Nonnull
     @Override
-    public AccessControlConfiguration getAccessControlProvider() {
+    public AccessControlConfiguration getAccessControlConfiguration() {
         return new OpenAccessControlConfiguration();
     }
 

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityProvider.java?rev=1411647&r1=1411646&r2=1411647&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityProvider.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityProvider.java
Tue Nov 20 12:55:48 2012
@@ -44,7 +44,7 @@ public interface SecurityProvider {
     TokenProvider getTokenProvider(Root root);
 
     @Nonnull
-    AccessControlConfiguration getAccessControlProvider();
+    AccessControlConfiguration getAccessControlConfiguration();
 
     @Nonnull
     PrivilegeConfiguration getPrivilegeConfiguration();

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java?rev=1411647&r1=1411646&r2=1411647&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/UserConstants.java
Tue Nov 20 12:55:48 2012
@@ -140,10 +140,20 @@ public interface UserConstants {
     String PARAM_PASSWORD_SALT_SIZE = "passwordSaltSize";
 
     /**
-     * Configuration option to define how the name of the authorizable node
-     * is generated from the ID of the new authorizable that is being created.
+     * Optional configuration parameter defining how to generate the name of the
+     * authorizable node from the ID of the new authorizable that is being created.
      * The value is expected to be an instance of {@link AuthorizableNodeName}.
      * By default {@link AuthorizableNodeName#DEFAULT} is used.
      */
     String PARAM_AUTHORIZABLE_NODE_NAME = "authorizableNodeName";
+
+    /**
+     * Optional configuration parameter to set the
+     * {@link org.apache.jackrabbit.oak.spi.security.user.action.AuthorizableActionProvider}
+     * to be used with the given user management implementation.
+     * Unless otherwise specified in the configuration
+     * {@link org.apache.jackrabbit.oak.spi.security.user.action.DefaultAuthorizableActionProvider}
+     * is used.
+     */
+    String PARAM_AUTHORIZABLE_ACTION_PROVIDER = "authorizableActionProvider";
 }

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java?rev=1411647&r1=1411646&r2=1411647&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
Tue Nov 20 12:55:48 2012
@@ -192,7 +192,7 @@ public class PasswordValidationActionTes
         @Nonnull
         @Override
         public UserConfiguration getUserConfiguration() {
-            return new UserConfigurationImpl(ConfigurationParameters.EMPTY, this) {
+            return new UserConfigurationImpl(this, ConfigurationParameters.EMPTY) {
 
                 @Nonnull
                 @Override



Mime
View raw message