jackrabbit-oak-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1483556 [1/2] - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/ oak-core/src/main/java/org/apache/jackrabbit/oak/core/ oak-core/src/main/java/org/apache/jackrabbit/oak/security/ oak-core/src/main/java/org/apache...
Date Thu, 16 May 2013 20:44:16 GMT
Author: angela
Date: Thu May 16 20:44:15 2013
New Revision: 1483556

URL: http://svn.apache.org/r1483556
Log:
OAK-754 : Pluggable Security Setup (wip)

Modified:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/user/LoginModuleImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlConfigurationImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlImporter.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlValidatorProvider.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidatorProvider.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserInitializer.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityConfiguration.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityProvider.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlAction.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/GuestDefaultLoginModuleTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/Jackrabbit2ConfigurationTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapLoginTestBase.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModuleTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/user/LoginModuleImplTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/user/UserAuthenticationTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/ACLTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImplTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/AccessControlValidatorTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/ReadPolicyTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/evaluation/Jr2CompatibilityTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/CompiledPermissionImplTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionHookTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/principal/PrincipalProviderImplTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/AuthorizableImplTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserInitializerTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/UserValidatorTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/query/UserQueryManagerTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/external/ExternalLoginModuleTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlListTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authorization/AbstractAccessControlTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlActionTest.java
    jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/user/action/PasswordValidationActionTest.java
    jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/SessionContext.java

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java Thu May 16 20:44:15 2013
@@ -16,14 +16,9 @@
  */
 package org.apache.jackrabbit.oak;
 
-import static com.google.common.base.Preconditions.checkNotNull;
-import static com.google.common.collect.Lists.newArrayList;
-import static java.util.concurrent.Executors.newScheduledThreadPool;
-
 import java.util.ArrayList;
 import java.util.List;
 import java.util.concurrent.ScheduledExecutorService;
-
 import javax.annotation.Nonnull;
 import javax.jcr.NoSuchWorkspaceException;
 import javax.security.auth.login.LoginException;
@@ -39,8 +34,8 @@ import org.apache.jackrabbit.oak.core.Co
 import org.apache.jackrabbit.oak.kernel.KernelNodeStore;
 import org.apache.jackrabbit.oak.plugins.commit.ConflictHook;
 import org.apache.jackrabbit.oak.plugins.index.CompositeIndexEditorProvider;
-import org.apache.jackrabbit.oak.plugins.index.IndexUpdateProvider;
 import org.apache.jackrabbit.oak.plugins.index.IndexEditorProvider;
+import org.apache.jackrabbit.oak.plugins.index.IndexUpdateProvider;
 import org.apache.jackrabbit.oak.plugins.observation2.EventQueueWriterProvider;
 import org.apache.jackrabbit.oak.spi.commit.CommitHook;
 import org.apache.jackrabbit.oak.spi.commit.CompositeEditorProvider;
@@ -57,10 +52,15 @@ import org.apache.jackrabbit.oak.spi.que
 import org.apache.jackrabbit.oak.spi.query.QueryIndexProvider;
 import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
 import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
+import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConfiguration;
 import org.apache.jackrabbit.oak.spi.state.NodeBuilder;
 import org.apache.jackrabbit.oak.spi.state.NodeState;
 import org.apache.jackrabbit.oak.spi.state.NodeStore;
 
+import static com.google.common.base.Preconditions.checkNotNull;
+import static com.google.common.collect.Lists.newArrayList;
+import static java.util.concurrent.Executors.newScheduledThreadPool;
+
 /**
  * Builder class for constructing {@link ContentRepository} instances with
  * a set of specified plugin components. This class acts as a public facade
@@ -214,7 +214,7 @@ public class Oak {
     @Nonnull
     public Oak with(@Nonnull SecurityProvider securityProvider) {
         this.securityProvider = checkNotNull(securityProvider);
-        initializers.add(securityProvider.getPrivilegeConfiguration().getPrivilegeInitializer());
+        initializers.add(securityProvider.getConfiguration(PrivilegeConfiguration.class).getPrivilegeInitializer());
         return this;
     }
 
@@ -255,7 +255,7 @@ public class Oak {
         // FIXME: OAK-810 move to proper workspace initialization
         // initialize default workspace
         Iterable<WorkspaceInitializer> workspaceInitializers =
-                Iterables.transform(securityProvider.getSecurityConfigurations(),
+                Iterables.transform(securityProvider.getConfigurations(),
                         new Function<SecurityConfiguration, WorkspaceInitializer>() {
                             @Override
                             public WorkspaceInitializer apply(SecurityConfiguration sc) {

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java Thu May 16 20:44:15 2013
@@ -28,6 +28,7 @@ import org.apache.jackrabbit.oak.spi.com
 import org.apache.jackrabbit.oak.spi.query.CompositeQueryIndexProvider;
 import org.apache.jackrabbit.oak.spi.query.QueryIndexProvider;
 import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
+import org.apache.jackrabbit.oak.spi.security.authentication.AuthenticationConfiguration;
 import org.apache.jackrabbit.oak.spi.security.authentication.LoginContext;
 import org.apache.jackrabbit.oak.spi.security.authentication.LoginContextProvider;
 import org.apache.jackrabbit.oak.spi.state.NodeStore;
@@ -81,7 +82,7 @@ public class ContentRepositoryImpl imple
             throw new NoSuchWorkspaceException(workspaceName);
         }
 
-        LoginContextProvider lcProvider = securityProvider.getAuthenticationConfiguration().getLoginContextProvider(this);
+        LoginContextProvider lcProvider = securityProvider.getConfiguration(AuthenticationConfiguration.class).getLoginContextProvider(this);
         LoginContext loginContext = lcProvider.getLoginContext(credentials, workspaceName);
         loginContext.login();
 

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java Thu May 16 20:44:15 2013
@@ -18,17 +18,12 @@
  */
 package org.apache.jackrabbit.oak.core;
 
-import static com.google.common.base.Preconditions.checkNotNull;
-import static org.apache.jackrabbit.oak.commons.PathUtils.getName;
-import static org.apache.jackrabbit.oak.commons.PathUtils.getParentPath;
-
 import java.io.IOException;
 import java.io.InputStream;
 import java.security.PrivilegedAction;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
-
 import javax.annotation.Nonnull;
 import javax.security.auth.Subject;
 
@@ -58,6 +53,7 @@ import org.apache.jackrabbit.oak.spi.sec
 import org.apache.jackrabbit.oak.spi.security.OpenSecurityProvider;
 import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
 import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
+import org.apache.jackrabbit.oak.spi.security.authorization.AccessControlConfiguration;
 import org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider;
 import org.apache.jackrabbit.oak.spi.state.NodeBuilder;
 import org.apache.jackrabbit.oak.spi.state.NodeState;
@@ -65,6 +61,10 @@ import org.apache.jackrabbit.oak.spi.sta
 import org.apache.jackrabbit.oak.spi.state.NodeStore;
 import org.apache.jackrabbit.oak.spi.state.NodeStoreBranch;
 
+import static com.google.common.base.Preconditions.checkNotNull;
+import static org.apache.jackrabbit.oak.commons.PathUtils.getName;
+import static org.apache.jackrabbit.oak.commons.PathUtils.getParentPath;
+
 public class RootImpl implements Root {
 
     /**
@@ -265,7 +265,7 @@ public class RootImpl implements Root {
         List<CommitHook> commitHooks = new ArrayList<CommitHook>();
         commitHooks.add(hook);
         List<CommitHook> postValidationHooks = new ArrayList<CommitHook>();
-        for (SecurityConfiguration sc : securityProvider.getSecurityConfigurations()) {
+        for (SecurityConfiguration sc : securityProvider.getConfigurations()) {
             for (CommitHook ch : sc.getCommitHooks(workspaceName)) {
                 if (ch instanceof PostValidationHook) {
                     postValidationHooks.add(ch);
@@ -443,12 +443,17 @@ public class RootImpl implements Root {
 
     @Nonnull
     private PermissionProvider createPermissionProvider() {
-        return securityProvider.getAccessControlConfiguration().getPermissionProvider(this, subject.getPrincipals());
+        return getAcConfig().getPermissionProvider(this, subject.getPrincipals());
     }
 
     @Nonnull
     private Context getAcContext() {
-        return securityProvider.getAccessControlConfiguration().getContext();
+        return getAcConfig().getContext();
+    }
+
+    @Nonnull
+    private AccessControlConfiguration getAcConfig() {
+        return securityProvider.getConfiguration(AccessControlConfiguration.class);
     }
 
     //---------------------------------------------------------< MoveRecord >---

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java Thu May 16 20:44:15 2013
@@ -48,14 +48,15 @@ public class SecurityProviderImpl implem
 
     @Nonnull
     @Override
-    public ConfigurationParameters getConfiguration(String name) {
+    public ConfigurationParameters getParameters(String name) {
         return (name == null) ? configuration : configuration.getConfigValue(name, new ConfigurationParameters());
     }
 
     @Nonnull
     @Override
-    public Iterable<SecurityConfiguration> getSecurityConfigurations() {
+    public Iterable<? extends SecurityConfiguration> getConfigurations() {
         Set<SecurityConfiguration> scs = new HashSet<SecurityConfiguration>();
+        scs.add(getAuthenticationConfiguration());
         scs.add(getAccessControlConfiguration());
         scs.add(getUserConfiguration());
         scs.add(getPrincipalConfiguration());
@@ -65,31 +66,44 @@ public class SecurityProviderImpl implem
 
     @Nonnull
     @Override
-    public AuthenticationConfiguration getAuthenticationConfiguration() {
+    public <T> T getConfiguration(Class<T> configClass) {
+        if (AuthenticationConfiguration.class == configClass) {
+            return (T) getAuthenticationConfiguration();
+        } else if (AccessControlConfiguration.class == configClass) {
+            return (T) getAccessControlConfiguration();
+        } else if (UserConfiguration.class == configClass) {
+            return (T) getUserConfiguration();
+        } else if (PrincipalConfiguration.class == configClass) {
+            return (T) getPrincipalConfiguration();
+        } else if (PrivilegeConfiguration.class == configClass) {
+            return (T) getPrivilegeConfiguration();
+        } else {
+            throw new IllegalArgumentException("Unsupported security configuration class " + configClass);
+        }
+    }
+
+    @Nonnull
+    private AuthenticationConfiguration getAuthenticationConfiguration() {
         return new AuthenticationConfigurationImpl(this);
     }
 
     @Nonnull
-    @Override
-    public AccessControlConfiguration getAccessControlConfiguration() {
+    private AccessControlConfiguration getAccessControlConfiguration() {
         return new AccessControlConfigurationImpl(this);
     }
 
     @Nonnull
-    @Override
-    public PrivilegeConfiguration getPrivilegeConfiguration() {
+    private PrivilegeConfiguration getPrivilegeConfiguration() {
         return new PrivilegeConfigurationImpl();
     }
 
     @Nonnull
-    @Override
-    public UserConfiguration getUserConfiguration() {
+    private UserConfiguration getUserConfiguration() {
         return new UserConfigurationImpl(this);
     }
 
     @Nonnull
-    @Override
-    public PrincipalConfiguration getPrincipalConfiguration() {
+    private PrincipalConfiguration getPrincipalConfiguration() {
         return new PrincipalConfigurationImpl(this);
     }
 }

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImpl.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/AuthenticationConfigurationImpl.java Thu May 16 20:44:15 2013
@@ -29,6 +29,7 @@ import org.apache.jackrabbit.oak.spi.sec
 import org.apache.jackrabbit.oak.spi.security.authentication.AuthenticationConfiguration;
 import org.apache.jackrabbit.oak.spi.security.authentication.LoginContextProvider;
 import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -57,7 +58,7 @@ public class AuthenticationConfiguration
 
     public AuthenticationConfigurationImpl(SecurityProvider securityProvider) {
         this.securityProvider = securityProvider;
-        this.config = securityProvider.getConfiguration(PARAM_AUTHENTICATION_OPTIONS);
+        this.config = securityProvider.getParameters(PARAM_AUTHENTICATION_OPTIONS);
     }
 
     /**
@@ -122,6 +123,7 @@ public class AuthenticationConfiguration
     @Override
     public TokenProvider getTokenProvider(Root root) {
         ConfigurationParameters tokenOptions = config.getConfigValue(PARAM_TOKEN_OPTIONS, new ConfigurationParameters());
-        return new TokenProviderImpl(root, tokenOptions, securityProvider.getUserConfiguration());
+        UserConfiguration uc = securityProvider.getConfiguration(UserConfiguration.class);
+        return new TokenProviderImpl(root, tokenOptions, uc);
     }
 }
\ No newline at end of file

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModule.java Thu May 16 20:44:15 2013
@@ -35,6 +35,7 @@ import org.apache.jackrabbit.oak.api.Roo
 import org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl;
 import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
 import org.apache.jackrabbit.oak.spi.security.authentication.AbstractLoginModule;
+import org.apache.jackrabbit.oak.spi.security.authentication.AuthenticationConfiguration;
 import org.apache.jackrabbit.oak.spi.security.authentication.callback.TokenProviderCallback;
 import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo;
 import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
@@ -211,7 +212,8 @@ public final class TokenLoginModule exte
         SecurityProvider securityProvider = getSecurityProvider();
         Root root = getRoot();
         if (root != null && securityProvider != null) {
-            provider = securityProvider.getAuthenticationConfiguration().getTokenProvider(root);
+            AuthenticationConfiguration authConfig = getSecurityProvider().getConfiguration(AuthenticationConfiguration.class);
+            provider = authConfig.getTokenProvider(root);
         }
         if (provider == null && callbackHandler != null) {
             try {

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/user/LoginModuleImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/user/LoginModuleImpl.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/user/LoginModuleImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/user/LoginModuleImpl.java Thu May 16 20:44:15 2013
@@ -32,11 +32,13 @@ import javax.security.auth.callback.Unsu
 import javax.security.auth.login.LoginException;
 
 import org.apache.jackrabbit.oak.api.AuthInfo;
+import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
 import org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl;
 import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
 import org.apache.jackrabbit.oak.spi.security.authentication.AbstractLoginModule;
 import org.apache.jackrabbit.oak.spi.security.authentication.Authentication;
 import org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
 import org.apache.jackrabbit.oak.spi.security.user.util.UserUtility;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -202,7 +204,8 @@ public final class LoginModuleImpl exten
         if (sp == null) {
             return null;
         } else {
-            return UserUtility.getAnonymousId(sp.getUserConfiguration().getConfigurationParameters());
+            ConfigurationParameters params = sp.getConfiguration(UserConfiguration.class).getParameters();
+            return UserUtility.getAnonymousId(params);
         }
     }
 

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlConfigurationImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlConfigurationImpl.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlConfigurationImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlConfigurationImpl.java Thu May 16 20:44:15 2013
@@ -54,7 +54,7 @@ public class AccessControlConfigurationI
 
     public AccessControlConfigurationImpl(SecurityProvider securityProvider) {
         this.securityProvider = securityProvider;
-        config = securityProvider.getConfiguration(PARAM_ACCESS_CONTROL_OPTIONS);
+        config = securityProvider.getParameters(PARAM_ACCESS_CONTROL_OPTIONS);
     }
 
     //----------------------------------------------< SecurityConfiguration >---
@@ -66,7 +66,7 @@ public class AccessControlConfigurationI
 
     @Nonnull
     @Override
-    public ConfigurationParameters getConfigurationParameters() {
+    public ConfigurationParameters getParameters() {
         return config;
     }
 

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlImporter.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlImporter.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlImporter.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlImporter.java Thu May 16 20:44:15 2013
@@ -32,6 +32,7 @@ import javax.jcr.security.AccessControlM
 import javax.jcr.security.AccessControlPolicy;
 import javax.jcr.security.Privilege;
 
+import org.apache.jackrabbit.api.JackrabbitSession;
 import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
 import org.apache.jackrabbit.api.security.principal.PrincipalManager;
 import org.apache.jackrabbit.oak.api.Root;
@@ -41,6 +42,7 @@ import org.apache.jackrabbit.oak.plugins
 import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
 import org.apache.jackrabbit.oak.spi.security.authorization.AccessControlConfiguration;
 import org.apache.jackrabbit.oak.spi.security.authorization.AccessControlConstants;
+import org.apache.jackrabbit.oak.spi.security.principal.PrincipalConfiguration;
 import org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl;
 import org.apache.jackrabbit.oak.spi.xml.NodeInfo;
 import org.apache.jackrabbit.oak.spi.xml.PropInfo;
@@ -90,13 +92,15 @@ class AccessControlImporter implements P
             throw new IllegalStateException("Already initialized");
         }
         try {
-            AccessControlConfiguration config = securityProvider.getAccessControlConfiguration();
             if (isWorkspaceImport) {
+                AccessControlConfiguration config = securityProvider.getConfiguration(AccessControlConfiguration.class);
                 acMgr = config.getAccessControlManager(root, namePathMapper);
+                PrincipalConfiguration pConfig = securityProvider.getConfiguration(PrincipalConfiguration.class);
+                principalManager = pConfig.getPrincipalManager(root, namePathMapper);
             } else {
                 acMgr = session.getAccessControlManager();
+                principalManager = ((JackrabbitSession) session).getPrincipalManager();
             }
-            principalManager = securityProvider.getPrincipalConfiguration().getPrincipalManager(root, namePathMapper);
             ntMgr = ReadOnlyNodeTypeManager.getInstance(root, namePathMapper);
             initialized = true;
         } catch (RepositoryException e) {

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImpl.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImpl.java Thu May 16 20:44:15 2013
@@ -74,7 +74,9 @@ import org.apache.jackrabbit.oak.spi.sec
 import org.apache.jackrabbit.oak.spi.security.authorization.permission.Permissions;
 import org.apache.jackrabbit.oak.spi.security.authorization.restriction.Restriction;
 import org.apache.jackrabbit.oak.spi.security.authorization.restriction.RestrictionProvider;
+import org.apache.jackrabbit.oak.spi.security.principal.PrincipalConfiguration;
 import org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl;
+import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConfiguration;
 import org.apache.jackrabbit.oak.spi.state.PropertyBuilder;
 import org.apache.jackrabbit.oak.util.NodeUtil;
 import org.apache.jackrabbit.oak.util.PropertyUtil;
@@ -113,14 +115,18 @@ public class AccessControlManagerImpl im
         this.root = root;
         this.namePathMapper = namePathMapper;
 
-        privilegeManager = securityProvider.getPrivilegeConfiguration().getPrivilegeManager(root, namePathMapper);
-        principalManager = securityProvider.getPrincipalConfiguration().getPrincipalManager(root, namePathMapper);
+        privilegeManager = getConfig(securityProvider, PrivilegeConfiguration.class).getPrivilegeManager(root, namePathMapper);
+        principalManager = getConfig(securityProvider, PrincipalConfiguration.class).getPrincipalManager(root, namePathMapper);
 
-        acConfig = securityProvider.getAccessControlConfiguration();
+        acConfig = getConfig(securityProvider, AccessControlConfiguration.class);
         restrictionProvider = acConfig.getRestrictionProvider();
         ntMgr = ReadOnlyNodeTypeManager.getInstance(root, namePathMapper);
 
-        readPaths = acConfig.getConfigurationParameters().getConfigValue(PARAM_READ_PATHS, DEFAULT_READ_PATHS);
+        readPaths = acConfig.getParameters().getConfigValue(PARAM_READ_PATHS, DEFAULT_READ_PATHS);
+    }
+
+    private static <T> T getConfig(SecurityProvider sp, Class<T> clss) {
+        return sp.getConfiguration(clss);
     }
 
     //-----------------------------------------------< AccessControlManager >---

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlValidatorProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlValidatorProvider.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlValidatorProvider.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlValidatorProvider.java Thu May 16 20:44:15 2013
@@ -62,18 +62,17 @@ class AccessControlValidatorProvider ext
         Tree rootBefore = new ImmutableTree(before);
         Tree rootAfter = new ImmutableTree(after);
 
-        AccessControlConfiguration acConfig = securityProvider.getAccessControlConfiguration();
-        RestrictionProvider restrictionProvider = acConfig.getRestrictionProvider();
+        RestrictionProvider restrictionProvider = getConfig(AccessControlConfiguration.class).getRestrictionProvider();
 
-        Map<String, Privilege> privileges = getPrivileges(before, securityProvider.getPrivilegeConfiguration());
+        Map<String, Privilege> privileges = getPrivileges(before);
         ReadOnlyNodeTypeManager ntMgr = ReadOnlyNodeTypeManager.getInstance(before);
 
         return new AccessControlValidator(rootBefore, rootAfter, privileges, restrictionProvider, ntMgr);
     }
 
-    private Map<String, Privilege> getPrivileges(NodeState beforeRoot, PrivilegeConfiguration config) {
+    private Map<String, Privilege> getPrivileges(NodeState beforeRoot) {
         Root root = new ImmutableRoot(beforeRoot);
-        PrivilegeManager pMgr = config.getPrivilegeManager(root, NamePathMapper.DEFAULT);
+        PrivilegeManager pMgr = getConfig(PrivilegeConfiguration.class).getPrivilegeManager(root, NamePathMapper.DEFAULT);
         ImmutableMap.Builder privileges = ImmutableMap.builder();
         try {
             for (Privilege privilege : pMgr.getRegisteredPrivileges()) {
@@ -85,4 +84,7 @@ class AccessControlValidatorProvider ext
         return privileges.build();
     }
 
+    private <T> T getConfig(Class<T> configClass) {
+        return securityProvider.getConfiguration(configClass);
+    }
 }

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionProviderImpl.java Thu May 16 20:44:15 2013
@@ -72,7 +72,7 @@ public class PermissionProviderImpl impl
                                   @Nonnull SecurityProvider securityProvider) {
         this.root = root;
         this.workspaceName = root.getContentSession().getWorkspaceName();
-        acConfig = securityProvider.getAccessControlConfiguration();
+        acConfig = securityProvider.getConfiguration(AccessControlConfiguration.class);
         if (principals.contains(SystemPrincipal.INSTANCE) || isAdmin(principals)) {
             compiledPermissions = AllPermissions.getInstance();
         } else {
@@ -83,7 +83,7 @@ public class PermissionProviderImpl impl
                 compiledPermissions = new CompiledPermissionImpl(principals,
                         permissionsTree, getBitsProvider(),
                         acConfig.getRestrictionProvider(),
-                        acConfig.getConfigurationParameters().getConfigValue(AccessControlConstants.PARAM_READ_PATHS, AccessControlConstants.DEFAULT_READ_PATHS));
+                        acConfig.getParameters().getConfigValue(AccessControlConstants.PARAM_READ_PATHS, AccessControlConstants.DEFAULT_READ_PATHS));
             }
         }
     }

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidatorProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidatorProvider.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidatorProvider.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/permission/PermissionValidatorProvider.java Thu May 16 20:44:15 2013
@@ -23,6 +23,7 @@ import javax.security.auth.Subject;
 import org.apache.jackrabbit.oak.core.ImmutableTree;
 import org.apache.jackrabbit.oak.core.TreeTypeProviderImpl;
 import org.apache.jackrabbit.oak.plugins.nodetype.ReadOnlyNodeTypeManager;
+import org.apache.jackrabbit.oak.spi.security.authorization.AccessControlConfiguration;
 import org.apache.jackrabbit.oak.spi.security.authorization.AccessControlConstants;
 import org.apache.jackrabbit.oak.spi.commit.Validator;
 import org.apache.jackrabbit.oak.spi.commit.ValidatorProvider;
@@ -31,6 +32,7 @@ import org.apache.jackrabbit.oak.spi.sec
 import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
 import org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider;
 import org.apache.jackrabbit.oak.spi.security.authorization.permission.Permissions;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
 import org.apache.jackrabbit.oak.spi.state.NodeState;
 
 /**
@@ -40,6 +42,7 @@ import org.apache.jackrabbit.oak.spi.sta
 public class PermissionValidatorProvider extends ValidatorProvider {
 
     private final SecurityProvider securityProvider;
+    private final AccessControlConfiguration acConfig;
     private final long jr2Permissions;
 
     private ReadOnlyNodeTypeManager ntMgr;
@@ -48,8 +51,9 @@ public class PermissionValidatorProvider
 
     public PermissionValidatorProvider(SecurityProvider securityProvider) {
         this.securityProvider = securityProvider;
+        this.acConfig = securityProvider.getConfiguration(AccessControlConfiguration.class);
 
-        ConfigurationParameters params = securityProvider.getAccessControlConfiguration().getConfigurationParameters();
+        ConfigurationParameters params = acConfig.getParameters();
         String compatValue = params.getNullableConfigValue(AccessControlConstants.PARAM_PERMISSIONS_JR2, null);
         jr2Permissions = Permissions.getPermissions(compatValue);
     }
@@ -67,14 +71,15 @@ public class PermissionValidatorProvider
 
     Context getAccessControlContext() {
         if (acCtx == null) {
-            acCtx = securityProvider.getAccessControlConfiguration().getContext();
+            acCtx = acConfig.getContext();
         }
         return acCtx;
     }
 
     Context getUserContext() {
         if (userCtx == null) {
-            userCtx = securityProvider.getUserConfiguration().getContext();
+            UserConfiguration uc = securityProvider.getConfiguration(UserConfiguration.class);
+            userCtx = uc.getContext();
         }
         return userCtx;
     }

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImpl.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/principal/PrincipalConfigurationImpl.java Thu May 16 20:44:15 2013
@@ -25,6 +25,7 @@ import org.apache.jackrabbit.oak.spi.sec
 import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
 import org.apache.jackrabbit.oak.spi.security.principal.PrincipalConfiguration;
 import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
 
 /**
  * Default implementation of the {@code PrincipalConfiguration}
@@ -47,6 +48,7 @@ public class PrincipalConfigurationImpl 
     @Nonnull
     @Override
     public PrincipalProvider getPrincipalProvider(Root root, NamePathMapper namePathMapper) {
-        return new PrincipalProviderImpl(root, securityProvider.getUserConfiguration(), namePathMapper);
+        UserConfiguration uc = securityProvider.getConfiguration(UserConfiguration.class);
+        return new PrincipalProviderImpl(root, uc, namePathMapper);
     }
 }

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java Thu May 16 20:44:15 2013
@@ -44,14 +44,14 @@ public class UserConfigurationImpl exten
     private final SecurityProvider securityProvider;
 
     public UserConfigurationImpl(SecurityProvider securityProvider) {
-        this.config = securityProvider.getConfiguration(PARAM_USER_OPTIONS);
+        this.config = securityProvider.getParameters(PARAM_USER_OPTIONS);
         this.securityProvider = securityProvider;
     }
 
     //----------------------------------------------< SecurityConfiguration >---
     @Nonnull
     @Override
-    public ConfigurationParameters getConfigurationParameters() {
+    public ConfigurationParameters getParameters() {
         return config;
     }
 
@@ -64,8 +64,7 @@ public class UserConfigurationImpl exten
     @Nonnull
     @Override
     public List<? extends ValidatorProvider> getValidators(String workspaceName) {
-        return Collections.singletonList(
-                new UserValidatorProvider(getConfigurationParameters()));
+        return Collections.singletonList(new UserValidatorProvider(getParameters()));
     }
 
     @Nonnull

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserInitializer.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserInitializer.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserInitializer.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserInitializer.java Thu May 16 20:44:15 2013
@@ -100,7 +100,7 @@ class UserInitializer implements Workspa
         // TODO reconsider
         Root root = new RootImpl(store, commitHook, workspaceName, SystemSubject.INSTANCE, new OpenSecurityProvider(), indexProvider);
 
-        UserConfiguration userConfiguration = securityProvider.getUserConfiguration();
+        UserConfiguration userConfiguration = securityProvider.getConfiguration(UserConfiguration.class);
         UserManager userManager = userConfiguration.getUserManager(root, NamePathMapper.DEFAULT);
 
         String errorMsg = "Failed to initialize user content.";
@@ -120,7 +120,7 @@ class UserInitializer implements Workspa
                 IndexUtils.createIndexDefinition(index, "members", false, new String[]{UserConstants.REP_MEMBERS}, null);
             }
 
-            ConfigurationParameters params = userConfiguration.getConfigurationParameters();
+            ConfigurationParameters params = userConfiguration.getParameters();
             String adminId = params.getConfigValue(PARAM_ADMIN_ID, DEFAULT_ADMIN_ID);
             if (userManager.getAuthorizable(adminId) == null) {
                 userManager.createUser(adminId, params.getNullableConfigValue(PARAM_ADMIN_PW, adminId));

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserManagerImpl.java Thu May 16 20:44:15 2013
@@ -42,6 +42,7 @@ import org.apache.jackrabbit.oak.securit
 import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
 import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
 import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
+import org.apache.jackrabbit.oak.spi.security.principal.PrincipalConfiguration;
 import org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl;
 import org.apache.jackrabbit.oak.spi.security.user.AuthorizableType;
 import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
@@ -78,8 +79,8 @@ public class UserManagerImpl implements 
         this.namePathMapper = namePathMapper;
         this.securityProvider = securityProvider;
 
-        UserConfiguration uc = securityProvider.getUserConfiguration();
-        this.config = uc.getConfigurationParameters();
+        UserConfiguration uc = securityProvider.getConfiguration(UserConfiguration.class);
+        this.config = uc.getParameters();
         this.userProvider = new UserProvider(root, config);
         this.membershipProvider = new MembershipProvider(root, config);
         this.authorizableActions = uc.getAuthorizableActionProvider().getAuthorizableActions();
@@ -307,7 +308,7 @@ public class UserManagerImpl implements 
 
     @Nonnull
     PrincipalManager getPrincipalManager() throws RepositoryException {
-        return securityProvider.getPrincipalConfiguration().getPrincipalManager(root, namePathMapper);
+        return securityProvider.getConfiguration(PrincipalConfiguration.class).getPrincipalManager(root, namePathMapper);
     }
 
     @Nonnull

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java Thu May 16 20:44:15 2013
@@ -16,10 +16,10 @@
  */
 package org.apache.jackrabbit.oak.spi.security;
 
-import java.util.Collections;
 import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
 
+import com.google.common.collect.ImmutableList;
 import org.apache.jackrabbit.api.security.authorization.PrivilegeManager;
 import org.apache.jackrabbit.oak.api.Root;
 import org.apache.jackrabbit.oak.namepath.NamePathMapper;
@@ -40,44 +40,32 @@ public class OpenSecurityProvider implem
 
     @Nonnull
     @Override
-    public ConfigurationParameters getConfiguration(@Nullable String name) {
+    public ConfigurationParameters getParameters(@Nullable String name) {
         return ConfigurationParameters.EMPTY;
     }
 
     @Nonnull
     @Override
-    public Iterable<SecurityConfiguration> getSecurityConfigurations() {
-        return Collections.emptyList();
+    public Iterable<? extends SecurityConfiguration> getConfigurations() {
+        return ImmutableList.of(new OpenAuthenticationConfiguration(), new OpenAccessControlConfiguration(), new OpenPrivilegeConfiguration());
     }
 
     @Nonnull
     @Override
-    public AuthenticationConfiguration getAuthenticationConfiguration() {
-        return new OpenAuthenticationConfiguration();
-    }
-
-    @Nonnull
-    @Override
-    public AccessControlConfiguration getAccessControlConfiguration() {
-        return new OpenAccessControlConfiguration();
-    }
-
-    @Nonnull
-    @Override
-    public PrivilegeConfiguration getPrivilegeConfiguration() {
-        return new OpenPrivilegeConfiguration();
-    }
-
-    @Nonnull
-    @Override
-    public UserConfiguration getUserConfiguration() {
-        throw new UnsupportedOperationException();
-    }
-
-    @Nonnull
-    @Override
-    public PrincipalConfiguration getPrincipalConfiguration() {
-        throw new UnsupportedOperationException();
+    public <T> T getConfiguration(Class<T> configClass) {
+        if (AuthenticationConfiguration.class == configClass) {
+            return (T) new OpenAuthenticationConfiguration();
+        } else if (AccessControlConfiguration.class == configClass) {
+            return (T) new OpenAccessControlConfiguration();
+        } else if (UserConfiguration.class == configClass) {
+            throw new UnsupportedOperationException();
+        } else if (PrincipalConfiguration.class == configClass) {
+            throw new UnsupportedOperationException();
+        } else if (PrivilegeConfiguration.class == configClass) {
+            return (T) new OpenPrivilegeConfiguration();
+        } else {
+            throw new IllegalArgumentException("Unsupported security configuration class " + configClass);
+        }
     }
 
     private static final class OpenPrivilegeConfiguration extends SecurityConfiguration.Default implements PrivilegeConfiguration {

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityConfiguration.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityConfiguration.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityConfiguration.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityConfiguration.java Thu May 16 20:44:15 2013
@@ -33,7 +33,7 @@ import org.apache.jackrabbit.oak.spi.xml
 public interface SecurityConfiguration {
 
     @Nonnull
-    ConfigurationParameters getConfigurationParameters();
+    ConfigurationParameters getParameters();
 
     @Nonnull
     WorkspaceInitializer getWorkspaceInitializer();
@@ -57,7 +57,7 @@ public interface SecurityConfiguration {
 
         @Nonnull
         @Override
-        public ConfigurationParameters getConfigurationParameters() {
+        public ConfigurationParameters getParameters() {
             return ConfigurationParameters.EMPTY;
         }
 

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityProvider.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityProvider.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityProvider.java Thu May 16 20:44:15 2013
@@ -19,35 +19,17 @@ package org.apache.jackrabbit.oak.spi.se
 import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
 
-import org.apache.jackrabbit.oak.spi.security.authentication.AuthenticationConfiguration;
-import org.apache.jackrabbit.oak.spi.security.authorization.AccessControlConfiguration;
-import org.apache.jackrabbit.oak.spi.security.principal.PrincipalConfiguration;
-import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConfiguration;
-import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
-
 /**
  * SecurityProvider... TODO
  */
 public interface SecurityProvider {
 
     @Nonnull
-    ConfigurationParameters getConfiguration(@Nullable String name);
-
-    @Nonnull
-    Iterable<SecurityConfiguration> getSecurityConfigurations();
-
-    @Nonnull
-    AuthenticationConfiguration getAuthenticationConfiguration();
-
-    @Nonnull
-    AccessControlConfiguration getAccessControlConfiguration();
-
-    @Nonnull
-    PrivilegeConfiguration getPrivilegeConfiguration();
+    ConfigurationParameters getParameters(@Nullable String name);
 
     @Nonnull
-    UserConfiguration getUserConfiguration();
+    Iterable<? extends SecurityConfiguration> getConfigurations();
 
     @Nonnull
-    PrincipalConfiguration getPrincipalConfiguration();
+    <T> T getConfiguration(Class<T> configClass);
 }

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java Thu May 16 20:44:15 2013
@@ -46,7 +46,9 @@ import org.apache.jackrabbit.oak.spi.sec
 import org.apache.jackrabbit.oak.spi.security.authentication.callback.PrincipalProviderCallback;
 import org.apache.jackrabbit.oak.spi.security.authentication.callback.RepositoryCallback;
 import org.apache.jackrabbit.oak.spi.security.authentication.callback.UserManagerCallback;
+import org.apache.jackrabbit.oak.spi.security.principal.PrincipalConfiguration;
 import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -372,7 +374,8 @@ public abstract class AbstractLoginModul
         SecurityProvider sp = getSecurityProvider();
         Root root = getRoot();
         if (root != null && sp != null) {
-            userManager = sp.getUserConfiguration().getUserManager(root, NamePathMapper.DEFAULT);
+            UserConfiguration uc = securityProvider.getConfiguration(UserConfiguration.class);
+            userManager = uc.getUserManager(root, NamePathMapper.DEFAULT);
         }
 
         if (userManager == null && callbackHandler != null) {
@@ -403,7 +406,8 @@ public abstract class AbstractLoginModul
         SecurityProvider sp = getSecurityProvider();
         Root root = getRoot();
         if (root != null && sp != null) {
-            principalProvider = sp.getPrincipalConfiguration().getPrincipalProvider(root, NamePathMapper.DEFAULT);
+            PrincipalConfiguration pc = sp.getConfiguration(PrincipalConfiguration.class);
+            principalProvider = pc.getPrincipalProvider(root, NamePathMapper.DEFAULT);
         }
 
         if (principalProvider == null && callbackHandler != null) {

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlAction.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlAction.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlAction.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/user/action/AccessControlAction.java Thu May 16 20:44:15 2013
@@ -35,6 +35,8 @@ import org.apache.jackrabbit.oak.api.Roo
 import org.apache.jackrabbit.oak.namepath.NamePathMapper;
 import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
 import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
+import org.apache.jackrabbit.oak.spi.security.authorization.AccessControlConfiguration;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
 import org.apache.jackrabbit.oak.spi.security.user.util.UserUtility;
 import org.apache.jackrabbit.util.Text;
 import org.slf4j.Logger;
@@ -171,7 +173,8 @@ public class AccessControlAction extends
         }
 
         String path = authorizable.getPath();
-        AccessControlManager acMgr = securityProvider.getAccessControlConfiguration().getAccessControlManager(root, namePathMapper);
+        AccessControlConfiguration acConfig = securityProvider.getConfiguration(AccessControlConfiguration.class);
+        AccessControlManager acMgr = acConfig.getAccessControlManager(root, namePathMapper);
         JackrabbitAccessControlList acl = null;
         for (AccessControlPolicyIterator it = acMgr.getApplicablePolicies(path); it.hasNext();) {
             AccessControlPolicy plc = it.nextAccessControlPolicy();
@@ -208,7 +211,7 @@ public class AccessControlAction extends
         if (authorizable.isGroup()) {
             return false;
         }
-        ConfigurationParameters userConfig = securityProvider.getUserConfiguration().getConfigurationParameters();
+        ConfigurationParameters userConfig = securityProvider.getConfiguration(UserConfiguration.class).getParameters();
         String userId = authorizable.getID();
         return UserUtility.getAdminId(userConfig).equals(userId) || UserUtility.getAnonymousId(userConfig).equals(userId);
     }

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/AbstractSecurityTest.java Thu May 16 20:44:15 2013
@@ -46,6 +46,9 @@ import org.apache.jackrabbit.oak.securit
 import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
 import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
 import org.apache.jackrabbit.oak.spi.security.authentication.ConfigurationUtil;
+import org.apache.jackrabbit.oak.spi.security.authorization.AccessControlConfiguration;
+import org.apache.jackrabbit.oak.spi.security.principal.PrincipalConfiguration;
+import org.apache.jackrabbit.oak.spi.security.privilege.PrivilegeConfiguration;
 import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
 import org.apache.jackrabbit.oak.spi.security.user.util.UserUtility;
 import org.junit.After;
@@ -123,7 +126,7 @@ public abstract class AbstractSecurityTe
     }
 
     protected Credentials getAdminCredentials() {
-        String adminId = UserUtility.getAdminId(getUserConfiguration().getConfigurationParameters());
+        String adminId = UserUtility.getAdminId(getUserConfiguration().getParameters());
         return new SimpleCredentials(adminId, adminId.toCharArray());
     }
 
@@ -132,22 +135,22 @@ public abstract class AbstractSecurityTe
     }
 
     protected UserConfiguration getUserConfiguration() {
-        return getSecurityProvider().getUserConfiguration();
+        return getConfig(UserConfiguration.class);
     }
 
-    protected UserManager getUserManager() {
+    protected UserManager getUserManager(Root root) {
         if (userManager == null) {
-            userManager = getUserConfiguration().getUserManager(root, namePathMapper);
+            userManager = getConfig(UserConfiguration.class).getUserManager(root, getNamePathMapper());
         }
         return userManager;
     }
 
-    protected PrincipalManager getPrincipalManager() {
-        return getSecurityProvider().getPrincipalConfiguration().getPrincipalManager(root, getNamePathMapper());
+    protected PrincipalManager getPrincipalManager(Root root) {
+        return getConfig(PrincipalConfiguration.class).getPrincipalManager(root, getNamePathMapper());
     }
     
     protected JackrabbitAccessControlManager getAccessControlManager(Root root) {
-        AccessControlManager acMgr = securityProvider.getAccessControlConfiguration().getAccessControlManager(root, NamePathMapper.DEFAULT);
+        AccessControlManager acMgr = getConfig(AccessControlConfiguration.class).getAccessControlManager(root, NamePathMapper.DEFAULT);
         if (acMgr instanceof JackrabbitAccessControlManager) {
             return (JackrabbitAccessControlManager) acMgr;
         } else {
@@ -158,14 +161,14 @@ public abstract class AbstractSecurityTe
     protected Privilege[] privilegesFromNames(String... privilegeNames) throws RepositoryException {
         Privilege[] privs = new Privilege[privilegeNames.length];
         for (int i = 0; i < privilegeNames.length; i++) {
-            privs[i] = getPrivilegeManager().getPrivilege(privilegeNames[i]);
+            privs[i] = getPrivilegeManager(root).getPrivilege(privilegeNames[i]);
         }
         return privs;
     }
 
-    protected PrivilegeManager getPrivilegeManager() {
+    protected PrivilegeManager getPrivilegeManager(Root root) {
         if (privMgr == null) {
-            privMgr = getSecurityProvider().getPrivilegeConfiguration().getPrivilegeManager(root, getNamePathMapper());
+            privMgr = getConfig(PrivilegeConfiguration.class).getPrivilegeManager(root, getNamePathMapper());
         }
         return privMgr;
     }
@@ -177,7 +180,7 @@ public abstract class AbstractSecurityTe
     protected User getTestUser() throws Exception {
         if (testUser == null) {
             String uid = "testUser" + UUID.randomUUID();
-            testUser = getUserManager().createUser(uid, uid);
+            testUser = getUserManager(root).createUser(uid, uid);
             root.commit();
         }
         return testUser;
@@ -187,4 +190,8 @@ public abstract class AbstractSecurityTe
         String uid = getTestUser().getID();
         return login(new SimpleCredentials(uid, uid.toCharArray()));
     }
+
+    protected <T> T getConfig(Class<T> configClass) {
+        return getSecurityProvider().getConfiguration(configClass);
+    }
 }

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/GuestDefaultLoginModuleTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/GuestDefaultLoginModuleTest.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/GuestDefaultLoginModuleTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/GuestDefaultLoginModuleTest.java Thu May 16 20:44:15 2013
@@ -68,7 +68,7 @@ public class GuestDefaultLoginModuleTest
         ContentSession cs = login(null);
         try {
             AuthInfo authInfo = cs.getAuthInfo();
-            String anonymousID = UserUtility.getAnonymousId(getUserConfiguration().getConfigurationParameters());
+            String anonymousID = UserUtility.getAnonymousId(getUserConfiguration().getParameters());
             assertEquals(anonymousID, authInfo.getUserID());
         } finally {
             cs.close();
@@ -80,7 +80,7 @@ public class GuestDefaultLoginModuleTest
         ContentSession cs = login(new GuestCredentials());
         try {
             AuthInfo authInfo = cs.getAuthInfo();
-            String anonymousID = UserUtility.getAnonymousId(getUserConfiguration().getConfigurationParameters());
+            String anonymousID = UserUtility.getAnonymousId(getUserConfiguration().getParameters());
             assertEquals(anonymousID, authInfo.getUserID());
         } finally {
             cs.close();

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/Jackrabbit2ConfigurationTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/Jackrabbit2ConfigurationTest.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/Jackrabbit2ConfigurationTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/Jackrabbit2ConfigurationTest.java Thu May 16 20:44:15 2013
@@ -42,7 +42,7 @@ public class Jackrabbit2ConfigurationTes
         ContentSession cs = login(null);
         try {
             AuthInfo authInfo = cs.getAuthInfo();
-            String anonymousID = UserUtility.getAnonymousId(getUserConfiguration().getConfigurationParameters());
+            String anonymousID = UserUtility.getAnonymousId(getUserConfiguration().getParameters());
             assertEquals(anonymousID, authInfo.getUserID());
         } finally {
             cs.close();

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/TokenDefaultLoginModuleTest.java Thu May 16 20:44:15 2013
@@ -28,6 +28,7 @@ import org.apache.jackrabbit.oak.Abstrac
 import org.apache.jackrabbit.oak.api.ContentSession;
 import org.apache.jackrabbit.oak.api.Root;
 import org.apache.jackrabbit.oak.security.authentication.token.TokenLoginModule;
+import org.apache.jackrabbit.oak.spi.security.authentication.AuthenticationConfiguration;
 import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo;
 import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
 import org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl;
@@ -194,7 +195,8 @@ public class TokenDefaultLoginModuleTest
     @Test
     public void testValidTokenCredentials() throws Exception {
         Root root = adminSession.getLatestRoot();
-        TokenProvider tp = getSecurityProvider().getAuthenticationConfiguration().getTokenProvider(root);
+        AuthenticationConfiguration authConfig = getSecurityProvider().getConfiguration(AuthenticationConfiguration.class);
+        TokenProvider tp = authConfig.getTokenProvider(root);
 
         SimpleCredentials sc = (SimpleCredentials) getAdminCredentials();
         TokenInfo info = tp.createToken(sc.getUserID(), Collections.<String, Object>emptyMap());

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapLoginTestBase.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapLoginTestBase.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapLoginTestBase.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/ldap/LdapLoginTestBase.java Thu May 16 20:44:15 2013
@@ -16,11 +16,9 @@
  */
 package org.apache.jackrabbit.oak.security.authentication.ldap;
 
-import java.io.IOException;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
-import javax.jcr.RepositoryException;
 import javax.jcr.SimpleCredentials;
 import javax.security.auth.login.AppConfigurationEntry;
 import javax.security.auth.login.Configuration;
@@ -34,6 +32,7 @@ import org.apache.jackrabbit.oak.api.Con
 import org.apache.jackrabbit.oak.namepath.NamePathMapper;
 import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalLoginModule;
 import org.apache.jackrabbit.oak.spi.security.authentication.external.SyncMode;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
 import org.junit.After;
 import org.junit.AfterClass;
 import org.junit.Before;
@@ -120,7 +119,8 @@ public abstract class LdapLoginTestBase 
         options.put(LdapSettings.KEY_GROUPMEMBERSHIPATTRIBUTE, InternalLdapServer.GROUP_MEMBER_ATTR);
         options.put(ExternalLoginModule.PARAM_SYNC_MODE, SyncMode.CREATE_USER);
 
-        userManager = securityProvider.getUserConfiguration().getUserManager(root, NamePathMapper.DEFAULT);
+        UserConfiguration uc = securityProvider.getConfiguration(UserConfiguration.class);
+        userManager = uc.getUserManager(root, NamePathMapper.DEFAULT);
     }
 
     @After

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModuleTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModuleTest.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModuleTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenLoginModuleTest.java Thu May 16 20:44:15 2013
@@ -27,7 +27,7 @@ import org.apache.jackrabbit.api.securit
 import org.apache.jackrabbit.oak.AbstractSecurityTest;
 import org.apache.jackrabbit.oak.api.ContentSession;
 import org.apache.jackrabbit.oak.api.Root;
-import org.apache.jackrabbit.oak.security.authentication.token.TokenLoginModule;
+import org.apache.jackrabbit.oak.spi.security.authentication.AuthenticationConfiguration;
 import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo;
 import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
 import org.junit.Test;
@@ -137,7 +137,8 @@ public class TokenLoginModuleTest extend
     @Test
     public void testValidTokenCredentials() throws Exception {
         Root root = adminSession.getLatestRoot();
-        TokenProvider tp = getSecurityProvider().getAuthenticationConfiguration().getTokenProvider(root);
+        AuthenticationConfiguration authConfig = getSecurityProvider().getConfiguration(AuthenticationConfiguration.class);
+        TokenProvider tp = authConfig.getTokenProvider(root);
 
         SimpleCredentials sc = (SimpleCredentials) getAdminCredentials();
         TokenInfo info = tp.createToken(sc.getUserID(), Collections.<String, Object>emptyMap());

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.java Thu May 16 20:44:15 2013
@@ -141,7 +141,7 @@ public class TokenProviderImplTest exten
 
         TokenInfo info = tokenProvider.createToken(userId, attributes);
 
-        Tree userTree = root.getTree(getUserManager().getAuthorizable(userId).getPath());
+        Tree userTree = root.getTree(getUserManager(root).getAuthorizable(userId).getPath());
         Tree tokens = userTree.getChild(".tokens");
         assertTrue(tokens.exists());
         assertEquals(1, tokens.getChildrenCount());
@@ -212,7 +212,7 @@ public class TokenProviderImplTest exten
     public void testRemoveTokenRemovesNode() throws Exception {
         TokenInfo info = tokenProvider.createToken(userId, Collections.<String, Object>emptyMap());
 
-        Tree userTree = root.getTree(getUserManager().getAuthorizable(userId).getPath());
+        Tree userTree = root.getTree(getUserManager(root).getAuthorizable(userId).getPath());
         Tree tokens = userTree.getChild(".tokens");
         String tokenNodePath = tokens.getChildren().iterator().next().getPath();
 

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/user/LoginModuleImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/user/LoginModuleImplTest.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/user/LoginModuleImplTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/user/LoginModuleImplTest.java Thu May 16 20:44:15 2013
@@ -16,11 +16,6 @@
  */
 package org.apache.jackrabbit.oak.security.authentication.user;
 
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.fail;
-
 import javax.jcr.GuestCredentials;
 import javax.jcr.SimpleCredentials;
 import javax.security.auth.login.Configuration;
@@ -35,10 +30,16 @@ import org.apache.jackrabbit.oak.api.Con
 import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
 import org.apache.jackrabbit.oak.spi.security.authentication.ConfigurationUtil;
 import org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials;
+import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
 import org.apache.jackrabbit.oak.spi.security.user.UserConstants;
 import org.apache.jackrabbit.oak.spi.security.user.util.UserUtility;
 import org.junit.Test;
 
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.fail;
+
 /**
  * LoginTest...
  */
@@ -69,7 +70,7 @@ public class LoginModuleImplTest extends
         ContentSession cs = login(new GuestCredentials());
         try {
             AuthInfo authInfo = cs.getAuthInfo();
-            String anonymousID = UserUtility.getAnonymousId(getUserConfiguration().getConfigurationParameters());
+            String anonymousID = UserUtility.getAnonymousId(getUserConfiguration().getParameters());
             assertEquals(anonymousID, authInfo.getUserID());
         } finally {
             cs.close();
@@ -78,9 +79,9 @@ public class LoginModuleImplTest extends
 
     @Test
     public void testAnonymousLogin() throws Exception {
-        String anonymousID = UserUtility.getAnonymousId(getUserConfiguration().getConfigurationParameters());
+        String anonymousID = UserUtility.getAnonymousId(getUserConfiguration().getParameters());
 
-        UserManager userMgr = getUserManager();
+        UserManager userMgr = getUserManager(root);
 
         // verify initial user-content looks like expected
         Authorizable anonymous = userMgr.getAuthorizable(anonymousID);
@@ -102,7 +103,7 @@ public class LoginModuleImplTest extends
 
     @Test
     public void testUserLogin() throws Exception {
-        UserManager userManager = getUserManager();
+        UserManager userManager = getUserManager(root);
         ContentSession cs = null;
         User user = null;
         try {
@@ -125,7 +126,7 @@ public class LoginModuleImplTest extends
 
     @Test
     public void testSelfImpersonation() throws Exception {
-        UserManager userManager = getUserManager();
+        UserManager userManager = getUserManager(root);
         ContentSession cs = null;
         User user = null;
         try {
@@ -159,7 +160,7 @@ public class LoginModuleImplTest extends
 
     @Test
     public void testInvalidImpersonation() throws Exception {
-        UserManager userManager = getUserManager();
+        UserManager userManager = getUserManager(root);
         ContentSession cs = null;
         User user = null;
         try {
@@ -175,7 +176,8 @@ public class LoginModuleImplTest extends
             cs.close();
             cs = null;
 
-            String adminId = UserUtility.getAdminId(securityProvider.getUserConfiguration().getConfigurationParameters());
+            ConfigurationParameters config = securityProvider.getConfiguration(UserConfiguration.class).getParameters();
+            String adminId = UserUtility.getAdminId(config);
             sc = new SimpleCredentials(adminId, new char[0]);
             ImpersonationCredentials ic = new ImpersonationCredentials(sc, authInfo);
 

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/user/UserAuthenticationTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/user/UserAuthenticationTest.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/user/UserAuthenticationTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authentication/user/UserAuthenticationTest.java Thu May 16 20:44:15 2013
@@ -49,7 +49,7 @@ public class UserAuthenticationTest exte
     public void before() throws Exception {
         super.before();
         userId = getTestUser().getID();
-        authentication = new UserAuthentication(userId, getUserManager());
+        authentication = new UserAuthentication(userId, getUserManager(root));
     }
 
     @Test
@@ -60,7 +60,7 @@ public class UserAuthenticationTest exte
 
     @Test
     public void testAuthenticateWithoutUserId() throws Exception {
-        UserAuthentication authentication = new UserAuthentication(null, getUserManager());
+        UserAuthentication authentication = new UserAuthentication(null, getUserManager(root));
         assertFalse(authentication.authenticate(new SimpleCredentials(userId, userId.toCharArray())));
     }
 

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/ACLTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/ACLTest.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/ACLTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/ACLTest.java Thu May 16 20:44:15 2013
@@ -83,8 +83,8 @@ public class ACLTest extends AbstractAcc
     public void before() throws Exception {
         super.before();
 
-        privilegeManager = getPrivilegeManager();
-        principalManager = getSecurityProvider().getPrincipalConfiguration().getPrincipalManager(root, getNamePathMapper());
+        privilegeManager = getPrivilegeManager(root);
+        principalManager = getPrincipalManager(root);
 
         acl = createEmptyACL();
         testPrincipal = getTestPrincipal();

Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImplTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImplTest.java?rev=1483556&r1=1483555&r2=1483556&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImplTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/authorization/AccessControlManagerImplTest.java Thu May 16 20:44:15 2013
@@ -173,7 +173,7 @@ public class AccessControlManagerImplTes
     }
 
     private ACL createPolicy(@Nullable String path) {
-        final PrincipalManager pm = getPrincipalManager();
+        final PrincipalManager pm = getPrincipalManager(root);
         final RestrictionProvider rp = getRestrictionProvider();
         return new ACL(path, getNamePathMapper()) {
             @Override
@@ -183,7 +183,7 @@ public class AccessControlManagerImplTes
 
             @Override
             PrivilegeManager getPrivilegeManager() {
-                return AccessControlManagerImplTest.this.getPrivilegeManager();
+                return AccessControlManagerImplTest.this.getPrivilegeManager(root);
             }
 
             @Override
@@ -257,7 +257,7 @@ public class AccessControlManagerImplTes
     //---------------------------------------------< getSupportedPrivileges >---
     @Test
     public void testGetSupportedPrivileges() throws Exception {
-        List<Privilege> allPrivileges = Arrays.asList(getPrivilegeManager().getRegisteredPrivileges());
+        List<Privilege> allPrivileges = Arrays.asList(getPrivilegeManager(root).getRegisteredPrivileges());
 
         List<String> testPaths = new ArrayList<String>();
         testPaths.add(null);
@@ -308,7 +308,7 @@ public class AccessControlManagerImplTes
 
     @Test
     public void testGetSupportedPrivilegesIncludingPathConversion() throws Exception {
-        List<Privilege> allPrivileges = Arrays.asList(getPrivilegeManager().getRegisteredPrivileges());
+        List<Privilege> allPrivileges = Arrays.asList(getPrivilegeManager(root).getRegisteredPrivileges());
 
         List<String> testPaths = new ArrayList<String>();
         testPaths.add('/' + TestNameMapper.TEST_LOCAL_PREFIX + ":testRoot");
@@ -327,7 +327,7 @@ public class AccessControlManagerImplTes
     //--------------------------------------------------< privilegeFromName >---
     @Test
     public void testPrivilegeFromName() throws Exception {
-        List<Privilege> allPrivileges = Arrays.asList(getPrivilegeManager().getRegisteredPrivileges());
+        List<Privilege> allPrivileges = Arrays.asList(getPrivilegeManager(root).getRegisteredPrivileges());
         for (Privilege privilege : allPrivileges) {
             Privilege p = acMgr.privilegeFromName(privilege.getName());
             assertEquals(privilege, p);
@@ -336,7 +336,7 @@ public class AccessControlManagerImplTes
 
     @Test
     public void testPrivilegeFromExpandedName() throws Exception {
-        Privilege readPriv = getPrivilegeManager().getPrivilege(PrivilegeConstants.JCR_READ);
+        Privilege readPriv = getPrivilegeManager(root).getPrivilege(PrivilegeConstants.JCR_READ);
         assertEquals(readPriv, acMgr.privilegeFromName(Privilege.JCR_READ));
     }
 
@@ -1475,10 +1475,10 @@ public class AccessControlManagerImplTes
 
     @Test
     public void testGetApplicablePoliciesInvalidPrincipal() throws Exception {
-        Principal unknown = getPrincipalManager().getPrincipal("unknown");
+        Principal unknown = getPrincipalManager(root).getPrincipal("unknown");
         int i = 0;
         while (unknown != null) {
-            unknown = getPrincipalManager().getPrincipal("unknown"+i);
+            unknown = getPrincipalManager(root).getPrincipal("unknown"+i);
         }
         unknown = new InvalidTestPrincipal("unknown" + i);
         try {
@@ -1491,10 +1491,10 @@ public class AccessControlManagerImplTes
 
     @Test
     public void testGetApplicablePoliciesInternalPrincipal() throws Exception {
-        Principal unknown = getPrincipalManager().getPrincipal("unknown");
+        Principal unknown = getPrincipalManager(root).getPrincipal("unknown");
         int i = 0;
         while (unknown != null) {
-            unknown = getPrincipalManager().getPrincipal("unknown"+i);
+            unknown = getPrincipalManager(root).getPrincipal("unknown"+i);
         }
         unknown = new PrincipalImpl("unknown" + i);
 
@@ -1538,8 +1538,6 @@ public class AccessControlManagerImplTes
         Root testRoot = getTestRoot();
         testRoot.refresh();
         JackrabbitAccessControlManager testAcMgr = getTestAccessControlManager();
-        PrincipalManager testPrincipalMgr = getSecurityProvider().getPrincipalConfiguration().getPrincipalManager(testRoot, getNamePathMapper());
-
         List<Principal> principals = ImmutableList.of(testPrincipal, EveryonePrincipal.getInstance());
         for (Principal principal : principals) {
             // testRoot can't read access control content -> doesn't see
@@ -1564,10 +1562,10 @@ public class AccessControlManagerImplTes
 
     @Test
     public void testGetPoliciesInvalidPrincipal() throws Exception {
-        Principal unknown = getPrincipalManager().getPrincipal("unknown");
+        Principal unknown = getPrincipalManager(root).getPrincipal("unknown");
         int i = 0;
         while (unknown != null) {
-            unknown = getPrincipalManager().getPrincipal("unknown"+i);
+            unknown = getPrincipalManager(root).getPrincipal("unknown"+i);
         }
         unknown = new InvalidTestPrincipal("unknown" + i);
         try {
@@ -1580,10 +1578,10 @@ public class AccessControlManagerImplTes
 
     @Test
     public void testGetPoliciesInternalPrincipal() throws Exception {
-        Principal unknown = getPrincipalManager().getPrincipal("unknown");
+        Principal unknown = getPrincipalManager(root).getPrincipal("unknown");
         int i = 0;
         while (unknown != null) {
-            unknown = getPrincipalManager().getPrincipal("unknown"+i);
+            unknown = getPrincipalManager(root).getPrincipal("unknown"+i);
         }
         unknown = new PrincipalImpl("unknown" + i);
         assertEquals(0, acMgr.getPolicies(unknown).length);
@@ -1624,7 +1622,7 @@ public class AccessControlManagerImplTes
         Root testRoot = getTestRoot();
         testRoot.refresh();
         JackrabbitAccessControlManager testAcMgr = getTestAccessControlManager();
-        PrincipalManager testPrincipalMgr = getSecurityProvider().getPrincipalConfiguration().getPrincipalManager(testRoot, getNamePathMapper());
+        PrincipalManager testPrincipalMgr = getPrincipalManager(testRoot);
 
         List<Principal> principals = ImmutableList.of(testPrincipal, EveryonePrincipal.getInstance());
         for (Principal principal : principals) {
@@ -1661,10 +1659,10 @@ public class AccessControlManagerImplTes
 
     @Test
     public void testGetEffectivePoliciesInvalidPrincipals() throws Exception {
-        Principal unknown = getPrincipalManager().getPrincipal("unknown");
+        Principal unknown = getPrincipalManager(root).getPrincipal("unknown");
         int i = 0;
         while (unknown != null) {
-            unknown = getPrincipalManager().getPrincipal("unknown"+i);
+            unknown = getPrincipalManager(root).getPrincipal("unknown"+i);
         }
         unknown = new InvalidTestPrincipal("unknown" + i);
         try {



Mime
View raw message