jackrabbit-oak-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From chet...@apache.org
Subject svn commit: r1576209 - in /jackrabbit/oak/trunk: oak-core/src/main/java/org/apache/jackrabbit/oak/security/ oak-jcr/ oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/osgi/
Date Tue, 11 Mar 2014 07:42:06 GMT
Author: chetanm
Date: Tue Mar 11 07:42:06 2014
New Revision: 1576209

URL: http://svn.apache.org/r1576209
Log:
OAK-1476 - Hardcoded SecurityProvider implementation in oak-jcr Activator

-- Refactored SecurityProviderImpl to use static references to various configurations. This
ensures a stable startup
-- Replaced the Activator in oak-jcr with RepositoryManager which is responsible for registering
the repository. This requires explicit config to be enabled

Added:
    jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/osgi/RepositoryManager.java
  (with props)
Removed:
    jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/osgi/Activator.java
Modified:
    jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
    jackrabbit/oak/trunk/oak-jcr/pom.xml

Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java?rev=1576209&r1=1576208&r2=1576209&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
(original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
Tue Mar 11 07:42:06 2014
@@ -56,56 +56,48 @@ import org.apache.jackrabbit.oak.spi.whi
 import org.apache.jackrabbit.oak.spi.whiteboard.WhiteboardAuthorizableActionProvider;
 import org.apache.jackrabbit.oak.spi.whiteboard.WhiteboardAware;
 import org.apache.jackrabbit.oak.spi.whiteboard.WhiteboardRestrictionProvider;
-import org.osgi.framework.ServiceReference;
-import org.osgi.service.component.ComponentContext;
+import org.osgi.framework.BundleContext;
 
 import com.google.common.collect.ImmutableMap;
 
 import static com.google.common.base.Preconditions.checkNotNull;
 
-@Component(immediate = true)
-@Service
+@Component
+@Service(value = {SecurityProvider.class})
 public class SecurityProviderImpl implements SecurityProvider, WhiteboardAware {
 
-    @Reference(bind = "bindAuthorizationConfiguration",
-            cardinality = ReferenceCardinality.MANDATORY_UNARY, // FIXME OAK-1268
-            policyOption = ReferencePolicyOption.GREEDY)
-    private AuthorizationConfiguration authorizationConfiguration;
+    @Reference
+    private volatile AuthorizationConfiguration authorizationConfiguration;
 
-    @Reference(bind = "bindAuthenticationConfiguration",
-            cardinality = ReferenceCardinality.MANDATORY_UNARY,
-            policyOption = ReferencePolicyOption.GREEDY)
-    private AuthenticationConfiguration authenticationConfiguration;
+    @Reference
+    private volatile AuthenticationConfiguration authenticationConfiguration;
 
-    @Reference(bind = "bindPrivilegeConfiguration",
-            cardinality = ReferenceCardinality.MANDATORY_UNARY,
-            policyOption = ReferencePolicyOption.GREEDY)
-    private PrivilegeConfiguration privilegeConfiguration;
+    @Reference
+    private volatile PrivilegeConfiguration privilegeConfiguration;
 
-    @Reference(bind = "bindUserConfiguration",
-            cardinality = ReferenceCardinality.MANDATORY_UNARY,
-            policyOption = ReferencePolicyOption.GREEDY)
-    private UserConfiguration userConfiguration;
+    @Reference
+    private volatile UserConfiguration userConfiguration;
 
     @Reference(referenceInterface = PrincipalConfiguration.class,
+            name = "principalConfiguration",
             bind = "bindPrincipalConfiguration",
             unbind = "unbindPrincipalConfiguration",
-            cardinality = ReferenceCardinality.MANDATORY_MULTIPLE,
-            policyOption = ReferencePolicyOption.GREEDY)
-    private PrincipalConfiguration principalConfiguration = new CompositePrincipalConfiguration(this);
+            cardinality = ReferenceCardinality.OPTIONAL_MULTIPLE)
+    private final CompositePrincipalConfiguration compositePrincipalConfiguration = new CompositePrincipalConfiguration(this);
 
     @Reference(referenceInterface = TokenConfiguration.class,
+            name = "tokenConfiguration",
             bind = "bindTokenConfiguration",
             unbind = "unbindTokenConfiguration",
-            cardinality = ReferenceCardinality.OPTIONAL_MULTIPLE,
-            policyOption = ReferencePolicyOption.GREEDY)
-    private TokenConfiguration tokenConfiguration = new CompositeTokenConfiguration(this);
+            cardinality = ReferenceCardinality.OPTIONAL_MULTIPLE)
+    private final CompositeTokenConfiguration compositeTokenConfiguration = new CompositeTokenConfiguration(this);
 
     @Reference(referenceInterface = AuthorizableNodeName.class,
+            name = "authorizableNodeName",
             bind = "bindAuthorizableNodeName",
             cardinality = ReferenceCardinality.OPTIONAL_UNARY,
             policyOption = ReferencePolicyOption.GREEDY)
-    private NameGenerator authorizableNodeName = new NameGenerator();
+    private final NameGenerator nameGenerator = new NameGenerator();
 
     private final WhiteboardAuthorizableActionProvider authorizableActionProvider = new WhiteboardAuthorizableActionProvider();
     private final WhiteboardRestrictionProvider restrictionProvider = new WhiteboardRestrictionProvider();
@@ -132,9 +124,9 @@ public class SecurityProviderImpl implem
         authenticationConfiguration = new AuthenticationConfigurationImpl(this);
         authorizationConfiguration = new AuthorizationConfigurationImpl(this);
         userConfiguration = new UserConfigurationImpl(this);
-        principalConfiguration = new PrincipalConfigurationImpl(this);
+        compositePrincipalConfiguration.addConfiguration(new PrincipalConfigurationImpl(this));
         privilegeConfiguration = new PrivilegeConfigurationImpl();
-        tokenConfiguration = new TokenConfigurationImpl(this);
+        compositeTokenConfiguration.addConfiguration(new TokenConfigurationImpl(this));
     }
 
     @Override
@@ -169,9 +161,9 @@ public class SecurityProviderImpl implem
         scs.add(authenticationConfiguration);
         scs.add(authorizationConfiguration);
         scs.add(userConfiguration);
-        scs.add(principalConfiguration);
+        scs.add(compositePrincipalConfiguration);
         scs.add(privilegeConfiguration);
-        scs.add(tokenConfiguration);
+        scs.add(compositeTokenConfiguration);
         return scs;
     }
 
@@ -186,21 +178,23 @@ public class SecurityProviderImpl implem
         } else if (UserConfiguration.class == configClass) {
             return (T) userConfiguration;
         } else if (PrincipalConfiguration.class == configClass) {
-            return (T) principalConfiguration;
+            return (T) compositePrincipalConfiguration;
         } else if (PrivilegeConfiguration.class == configClass) {
             return (T) privilegeConfiguration;
         } else if (TokenConfiguration.class == configClass) {
-            return (T) tokenConfiguration;
+            return (T) compositeTokenConfiguration;
         } else {
             throw new IllegalArgumentException("Unsupported security configuration class
" + configClass);
         }
     }
 
     @Activate
-    protected void activate(ComponentContext context) throws Exception {
-        whiteboard = new OsgiWhiteboard(context.getBundleContext());
+    protected void activate(BundleContext context) throws Exception {
+        whiteboard = new OsgiWhiteboard(context);
         authorizableActionProvider.start(whiteboard);
         restrictionProvider.start(whiteboard);
+
+        initializeConfigurations();
     }
 
     @Deactivate
@@ -209,90 +203,58 @@ public class SecurityProviderImpl implem
         restrictionProvider.stop();
     }
 
-    protected void bindAuthorizationConfiguration(@Nonnull ServiceReference reference) {
-        // also add authorization config specific default parameters for OSGi environments
-        // todo: the config class should track the 'restrictionProvider' itself.
+    private void initializeConfigurations() {
         Map<String, WhiteboardRestrictionProvider> authorizMap = ImmutableMap.of(
                 AccessControlConstants.PARAM_RESTRICTION_PROVIDER, restrictionProvider
         );
-        authorizationConfiguration =
-                (AuthorizationConfiguration) initConfiguration(reference, ConfigurationParameters.of(authorizMap));
-    }
+        // also add authorization config specific default parameters for OSGi environments
+        // todo: the config class should track the 'restrictionProvider' itself.
+        initConfiguration(authorizationConfiguration, ConfigurationParameters.of(authorizMap));
 
-    protected void bindAuthenticationConfiguration(@Nonnull ServiceReference reference) {
-        authenticationConfiguration =
-                (AuthenticationConfiguration) initConfiguration(reference, ConfigurationParameters.EMPTY);
-    }
+        initConfiguration(authenticationConfiguration, ConfigurationParameters.EMPTY);
 
-    protected void bindUserConfiguration(@Nonnull ServiceReference reference) {
         // also initialize user config specific default parameters for OSGi environments
         // todo: the config class should track the 'providers' itself.
         Map<String, Object> userMap = ImmutableMap.of(
                 UserConstants.PARAM_AUTHORIZABLE_ACTION_PROVIDER, authorizableActionProvider,
-                UserConstants.PARAM_AUTHORIZABLE_NODE_NAME, authorizableNodeName);
-        userConfiguration = (UserConfiguration) initConfiguration(reference, ConfigurationParameters.of(userMap));
-    }
+                UserConstants.PARAM_AUTHORIZABLE_NODE_NAME, nameGenerator);
+        initConfiguration(userConfiguration, ConfigurationParameters.of(userMap));
 
-    protected void bindPrivilegeConfiguration(@Nonnull ServiceReference reference) {
-        privilegeConfiguration = (PrivilegeConfiguration) initConfiguration(reference, ConfigurationParameters.EMPTY);
+        initConfiguration(privilegeConfiguration, ConfigurationParameters.EMPTY);
     }
 
-    protected void bindPrincipalConfiguration(@Nonnull ServiceReference reference) {
-        // replace composite configuration if needed
-        if (!(principalConfiguration instanceof CompositePrincipalConfiguration)) {
-            principalConfiguration = new CompositePrincipalConfiguration(this);
-        }
-        ((CompositePrincipalConfiguration) principalConfiguration).addConfiguration(
-                (PrincipalConfiguration) initConfiguration(reference, ConfigurationParameters.EMPTY));
+    protected void bindPrincipalConfiguration(@Nonnull PrincipalConfiguration reference)
{
+        compositePrincipalConfiguration.addConfiguration(initConfiguration(reference, ConfigurationParameters.EMPTY));
     }
 
-    protected void unbindPrincipalConfiguration(@Nonnull ServiceReference reference) {
-        Object pc = reference.getBundle().getBundleContext().getService(reference);
-        if (pc instanceof PrincipalConfiguration) {
-            if (principalConfiguration instanceof CompositePrincipalConfiguration) {
-                ((CompositePrincipalConfiguration) principalConfiguration).removeConfiguration((PrincipalConfiguration)
pc);
-            }
-        }
+    protected void unbindPrincipalConfiguration(@Nonnull PrincipalConfiguration reference)
{
+        compositePrincipalConfiguration.removeConfiguration(reference);
     }
 
-    protected void bindTokenConfiguration(@Nonnull ServiceReference reference) {
-        // replace composite configuration if needed
-        if (!(tokenConfiguration instanceof CompositeTokenConfiguration)) {
-            tokenConfiguration = new CompositeTokenConfiguration(this);
-        }
-        ((CompositeTokenConfiguration) tokenConfiguration).addConfiguration(
-                (TokenConfiguration) initConfiguration(reference, ConfigurationParameters.EMPTY));
+    protected void bindTokenConfiguration(@Nonnull TokenConfiguration reference) {
+        compositeTokenConfiguration.addConfiguration(initConfiguration(reference, ConfigurationParameters.EMPTY));
     }
 
-    protected void unbindTokenConfiguration(@Nonnull ServiceReference reference) {
-        Object tc = reference.getBundle().getBundleContext().getService(reference);
-        if (tc instanceof TokenConfiguration) {
-            if (tokenConfiguration instanceof CompositeTokenConfiguration) {
-                ((CompositeTokenConfiguration) tokenConfiguration).removeConfiguration((TokenConfiguration)
tc);
-            }
-        }
+    protected void unbindTokenConfiguration(@Nonnull TokenConfiguration reference) {
+        compositeTokenConfiguration.removeConfiguration(reference);
     }
 
-    protected void bindAuthorizableNodeName(@Nonnull ServiceReference reference) {
-        Object ann = reference.getBundle().getBundleContext().getService(reference);
-        if (ann instanceof AuthorizableNodeName) {
-            authorizableNodeName.dlg = (AuthorizableNodeName) ann;
-        }
+    protected void bindAuthorizableNodeName(@Nonnull AuthorizableNodeName reference) {
+        nameGenerator.dlg = reference;
     }
 
-    private Object initConfiguration(@Nonnull ServiceReference reference, @Nonnull ConfigurationParameters
params) {
-        Object service = reference.getBundle().getBundleContext().getService(reference);
-        if (service instanceof ConfigurationBase) {
-            ConfigurationBase cfg = (ConfigurationBase) service;
+    private <T extends SecurityConfiguration> T initConfiguration(@Nonnull T config,
@Nonnull ConfigurationParameters params) {
+        if (config instanceof ConfigurationBase) {
+            ConfigurationBase cfg = (ConfigurationBase) config;
             cfg.setSecurityProvider(this);
             cfg.setParameters(ConfigurationParameters.of(params, cfg.getParameters()));
         }
-        return service;
+        return config;
     }
 
     private final class NameGenerator implements AuthorizableNodeName {
 
-        private AuthorizableNodeName dlg = AuthorizableNodeName.DEFAULT;
+        private volatile AuthorizableNodeName dlg = AuthorizableNodeName.DEFAULT;
 
         @Nonnull
         @Override
@@ -300,5 +262,4 @@ public class SecurityProviderImpl implem
             return dlg.generateNodeName(authorizableId);
         }
     }
-
 }

Modified: jackrabbit/oak/trunk/oak-jcr/pom.xml
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/pom.xml?rev=1576209&r1=1576208&r2=1576209&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/pom.xml (original)
+++ jackrabbit/oak/trunk/oak-jcr/pom.xml Tue Mar 11 07:42:06 2014
@@ -154,15 +154,16 @@
     <plugins>
       <plugin>
         <groupId>org.apache.felix</groupId>
+        <artifactId>maven-scr-plugin</artifactId>
+      </plugin>
+      <plugin>
+        <groupId>org.apache.felix</groupId>
         <artifactId>maven-bundle-plugin</artifactId>
         <configuration>
           <instructions>
             <Export-Package>
               org.apache.jackrabbit.oak.jcr
             </Export-Package>
-            <Bundle-Activator>
-              org.apache.jackrabbit.oak.jcr.osgi.Activator
-            </Bundle-Activator>
           </instructions>
         </configuration>
       </plugin>

Added: jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/osgi/RepositoryManager.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/osgi/RepositoryManager.java?rev=1576209&view=auto
==============================================================================
--- jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/osgi/RepositoryManager.java
(added)
+++ jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/osgi/RepositoryManager.java
Tue Mar 11 07:42:06 2014
@@ -0,0 +1,115 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.jackrabbit.oak.jcr.osgi;
+
+import java.util.Properties;
+
+import javax.jcr.Repository;
+
+import org.apache.felix.scr.annotations.Activate;
+import org.apache.felix.scr.annotations.Component;
+import org.apache.felix.scr.annotations.ConfigurationPolicy;
+import org.apache.felix.scr.annotations.Deactivate;
+import org.apache.felix.scr.annotations.Reference;
+import org.apache.jackrabbit.oak.Oak;
+import org.apache.jackrabbit.oak.api.ContentRepository;
+import org.apache.jackrabbit.oak.osgi.OsgiWhiteboard;
+import org.apache.jackrabbit.oak.plugins.commit.JcrConflictHandler;
+import org.apache.jackrabbit.oak.plugins.nodetype.write.InitialContent;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
+import org.apache.jackrabbit.oak.spi.state.NodeStore;
+import org.apache.jackrabbit.oak.spi.whiteboard.Whiteboard;
+import org.apache.jackrabbit.oak.spi.whiteboard.WhiteboardEditorProvider;
+import org.apache.jackrabbit.oak.spi.whiteboard.WhiteboardExecutor;
+import org.apache.jackrabbit.oak.spi.whiteboard.WhiteboardIndexEditorProvider;
+import org.apache.jackrabbit.oak.spi.whiteboard.WhiteboardIndexProvider;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.ServiceRegistration;
+
+/**
+ * RepositoryManager constructs the Repository instance and registers it with OSGi Service
Registry.
+ * By default it would not be active and would require explicit configuration to be registered
so as
+ * create repository. This is done to prevent repository creation in scenarios where repository
needs
+ * to be configured in a custom way
+ */
+@Component(policy = ConfigurationPolicy.REQUIRE)
+public class RepositoryManager {
+
+    private final WhiteboardEditorProvider editorProvider =
+            new WhiteboardEditorProvider();
+
+    private final WhiteboardIndexEditorProvider indexEditorProvider =
+            new WhiteboardIndexEditorProvider();
+
+    private final WhiteboardIndexProvider indexProvider =
+            new WhiteboardIndexProvider();
+
+    private final WhiteboardExecutor executor = new WhiteboardExecutor();
+
+    private Whiteboard whiteboard;
+
+    private ServiceRegistration registration;
+
+    @Reference
+    private SecurityProvider securityProvider;
+
+    @Reference
+    private NodeStore store;
+
+    @Activate
+    public void activate(BundleContext bundleContext) {
+        whiteboard = new OsgiWhiteboard(bundleContext);
+        editorProvider.start(whiteboard);
+        indexEditorProvider.start(whiteboard);
+        indexProvider.start(whiteboard);
+        executor.start(whiteboard);
+        registration = registerRepository(bundleContext);
+    }
+
+    @Deactivate
+    public void deactivate() {
+        if (registration != null) {
+            registration.unregister();
+        }
+
+        executor.stop();
+        indexProvider.stop();
+        indexEditorProvider.stop();
+        editorProvider.stop();
+    }
+
+    private ServiceRegistration registerRepository(BundleContext bundleContext) {
+        ContentRepository cr = new Oak(store)
+                .with(new InitialContent())
+                .with(JcrConflictHandler.JCR_CONFLICT_HANDLER)
+                .with(whiteboard)
+                .with(securityProvider)
+                .with(editorProvider)
+                .with(indexEditorProvider)
+                .with(indexProvider)
+                .withAsyncIndexing()
+                .with(executor)
+                .createContentRepository();
+
+        return bundleContext.registerService(
+                Repository.class.getName(),
+                new OsgiRepository(cr, whiteboard, securityProvider),
+                new Properties());
+    }
+}

Propchange: jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/osgi/RepositoryManager.java
------------------------------------------------------------------------------
    svn:eol-style = native



Mime
View raw message