jackrabbit-oak-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Dürig <mdue...@apache.org>
Subject Re: svn commit: r1508182 - /jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/RepositoryImpl.java
Date Tue, 30 Jul 2013 07:58:22 GMT


On 30.7.13 9:29, Angela Schreiber wrote:
> hi michael
>
> that's the kind of extensions i was referring to when proposing
> to use variant 3) for the read-only session (i.e. the proposal
> with an extra JackrabbitRepository#login method that takes an extra
> attributes map).
>
> limiting the refresh interval to simplecredentials and tokencredentials
> and checking for instanceof looks quite clumsy to me. in addition
> it will cause extra maintenance effort or odd behaviour for authentication
> setup scenarios that want to use other credentials implementations,
> which is perfectly legal from a JCR point of view.

Yes I'm aware of that. I'll try to implement something along the lines 
of 3) also. The reason for doing 1) is that 3) has an impact on APIs and 
Jackrabbit 2 as well and will therefore certainly take longer to get done.
With 1) we unblock clients that need a way to experiment with different 
refresh intervals for sorting out their issues.

Going forward we could either document 1) to only work for for said 
credential types, or add some wrapper that turn other credentials into 
attribute carrying credentials, or even remove it again once we have 3) 
established.

Michael

>
> kind regards
> angela
>
>
> On 7/29/13 9:02 PM, "mduerig@apache.org" <mduerig@apache.org> wrote:
>
>> Author: mduerig
>> Date: Mon Jul 29 19:02:56 2013
>> New Revision: 1508182
>>
>> URL: http://svn.apache.org/r1508182
>> Log:
>> OAK-803: Backwards compatibility of long-lived sessions
>> Evaluate refresh-interval attribute on SimpleCredentials and
>> TokenCredentials
>>
>> Modified:
>>
>> jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/R
>> epositoryImpl.java
>>
>> Modified:
>> jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/R
>> epositoryImpl.java
>> URL:
>> http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/main/java/or
>> g/apache/jackrabbit/oak/jcr/RepositoryImpl.java?rev=1508182&r1=1508181&r2=
>> 1508182&view=diff
>> ==========================================================================
>> ====
>> ---
>> jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/R
>> epositoryImpl.java (original)
>> +++
>> jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/R
>> epositoryImpl.java Mon Jul 29 19:02:56 2013
>> @@ -18,7 +18,6 @@ package org.apache.jackrabbit.oak.jcr;
>>
>> import static com.google.common.base.Preconditions.checkNotNull;
>>
>> -import java.security.Principal;
>> import java.util.concurrent.TimeUnit;
>>
>> import javax.annotation.Nonnull;
>> @@ -27,15 +26,16 @@ import javax.jcr.Credentials;
>> import javax.jcr.Repository;
>> import javax.jcr.RepositoryException;
>> import javax.jcr.Session;
>> +import javax.jcr.SimpleCredentials;
>> import javax.jcr.Value;
>> import javax.security.auth.login.LoginException;
>>
>> +import
>> org.apache.jackrabbit.api.security.authentication.token.TokenCredentials;
>> import org.apache.jackrabbit.commons.SimpleValueFactory;
>> import org.apache.jackrabbit.oak.api.ContentRepository;
>> import org.apache.jackrabbit.oak.api.ContentSession;
>> import org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate;
>> import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
>> -import org.apache.jackrabbit.oak.spi.security.principal.AdminPrincipal;
>> import org.apache.jackrabbit.oak.spi.whiteboard.Whiteboard;
>> import org.slf4j.Logger;
>> import org.slf4j.LoggerFactory;
>> @@ -50,8 +50,18 @@ public class RepositoryImpl implements R
>>       */
>>      private static final Logger log =
>> LoggerFactory.getLogger(RepositoryImpl.class);
>>
>> -    // TODO implement auto refresh configuration. See OAK-803, OAK-88
>> -    private static final long AUTO_REFRESH_INTERVAL =
>> TimeUnit.SECONDS.toMillis(1);
>> +    /**
>> +     * Name of the session attribute value determining the session
>> refresh
>> +     * behaviour.
>> +     *
>> +     * @see SessionDelegate#SessionDelegate(ContentSession, long)
>> +     */
>> +    public static final String REFRESH_INTERVAL = "refresh-interval";
>> +
>> +    /**
>> +     * Default value for {@link #REFRESH_INTERVAL}.
>> +     */
>> +    private static final long DEFAULT_REFRESH_INTERVAL =
>> TimeUnit.SECONDS.toMillis(1);
>>
>>      private final Descriptors descriptors = new Descriptors(new
>> SimpleValueFactory());
>>      private final ContentRepository contentRepository;
>> @@ -123,33 +133,58 @@ public class RepositoryImpl implements R
>>          return descriptors.isSingleValueDescriptor(key);
>>      }
>>
>> -    /**
>> -     * @see javax.jcr.Repository#login(javax.jcr.Credentials, String)
>> -     */
>> -    @Override
>> -    public Session login(@Nullable Credentials credentials, @Nullable
>> String workspaceName) throws RepositoryException {
>> +    private Session login(
>> +            @Nullable Credentials credentials, @Nullable String
>> workspaceName,
>> +            long refreshInterval) throws RepositoryException {
>>          try {
>> -            ContentSession contentSession =
>> -                    contentRepository.login(credentials, workspaceName);
>> -
>> -            // For better backwards compatibility admin sessions should
>> always
>> -            // be on the latest revision: set refresh interval to 0. See
>> OAK-803.
>> -            SessionContext context = new SessionContext(
>> -                    this, whiteboard, new SessionDelegate(
>> -                            contentSession, /* isAdmin(contentSession) ?
>> 0 : */ AUTO_REFRESH_INTERVAL));
>> +            ContentSession contentSession =
>> contentRepository.login(credentials, workspaceName);
>> +            SessionContext context = new SessionContext(this, whiteboard,
>> +                    new SessionDelegate(contentSession,
>> refreshInterval));
>>              return context.getSession();
>>          } catch (LoginException e) {
>>              throw new javax.jcr.LoginException(e.getMessage(), e);
>>          }
>>      }
>>
>> -    private static boolean isAdmin(ContentSession contentSession) {
>> -        for (Principal p : contentSession.getAuthInfo().getPrincipals())
>> {
>> -            if (p instanceof AdminPrincipal) {
>> -                return true;
>> +    private static long getRefreshInterval(Credentials credentials) {
>> +        if (credentials instanceof SimpleCredentials) {
>> +            Object refreshAttribute = ((SimpleCredentials) credentials)
>> +                    .getAttribute(REFRESH_INTERVAL);
>> +            if (refreshAttribute instanceof Long) {
>> +                return (Long) refreshAttribute;
>> +            } else if (refreshAttribute instanceof Integer) {
>> +                return (Integer) refreshAttribute;
>> +            } else if (refreshAttribute instanceof String) {
>> +                return toLong((String) refreshAttribute);
>>              }
>> +        } else if (credentials instanceof TokenCredentials) {
>> +            String refreshAttribute = ((TokenCredentials) credentials)
>> +                    .getAttribute(REFRESH_INTERVAL);
>> +            if (refreshAttribute != null) {
>> +                return toLong(refreshAttribute);
>> +            }
>> +        }
>> +        return DEFAULT_REFRESH_INTERVAL;
>> +    }
>> +
>> +    private static long toLong(String longValue) {
>> +        try {
>> +            return Long.parseLong(longValue);
>> +        } catch (NumberFormatException e) {
>> +            log.warn("Invalid value '" + longValue + "' for " +
>> REFRESH_INTERVAL +
>> +                    ". Expected long. Defaulting to '" +
>> DEFAULT_REFRESH_INTERVAL +
>> +                    "' seconds .", e);
>> +            return DEFAULT_REFRESH_INTERVAL;
>>          }
>> -        return false;
>> +    }
>> +
>> +    /**
>> +     * @see javax.jcr.Repository#login(javax.jcr.Credentials, String)
>> +     */
>> +    @Override
>> +    public Session login(@Nullable Credentials credentials, @Nullable
>> String workspaceName)
>> +            throws RepositoryException {
>> +        return login(credentials, workspaceName,
>> getRefreshInterval(credentials));
>>      }
>>
>>      /**
>>
>>
>

Mime
View raw message