jackrabbit-oak-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Angela Schreiber <anch...@adobe.com>
Subject Re: svn commit: r1508182 - /jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/RepositoryImpl.java
Date Tue, 30 Jul 2013 07:29:04 GMT
hi michael

that's the kind of extensions i was referring to when proposing
to use variant 3) for the read-only session (i.e. the proposal
with an extra JackrabbitRepository#login method that takes an extra
attributes map).

limiting the refresh interval to simplecredentials and tokencredentials
and checking for instanceof looks quite clumsy to me. in addition
it will cause extra maintenance effort or odd behaviour for authentication
setup scenarios that want to use other credentials implementations,
which is perfectly legal from a JCR point of view.

kind regards
angela


On 7/29/13 9:02 PM, "mduerig@apache.org" <mduerig@apache.org> wrote:

>Author: mduerig
>Date: Mon Jul 29 19:02:56 2013
>New Revision: 1508182
>
>URL: http://svn.apache.org/r1508182
>Log:
>OAK-803: Backwards compatibility of long-lived sessions
>Evaluate refresh-interval attribute on SimpleCredentials and
>TokenCredentials
>
>Modified:
>    
>jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/R
>epositoryImpl.java
>
>Modified: 
>jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/R
>epositoryImpl.java
>URL: 
>http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-jcr/src/main/java/or
>g/apache/jackrabbit/oak/jcr/RepositoryImpl.java?rev=1508182&r1=1508181&r2=
>1508182&view=diff
>==========================================================================
>====
>--- 
>jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/R
>epositoryImpl.java (original)
>+++ 
>jackrabbit/oak/trunk/oak-jcr/src/main/java/org/apache/jackrabbit/oak/jcr/R
>epositoryImpl.java Mon Jul 29 19:02:56 2013
>@@ -18,7 +18,6 @@ package org.apache.jackrabbit.oak.jcr;
> 
> import static com.google.common.base.Preconditions.checkNotNull;
> 
>-import java.security.Principal;
> import java.util.concurrent.TimeUnit;
> 
> import javax.annotation.Nonnull;
>@@ -27,15 +26,16 @@ import javax.jcr.Credentials;
> import javax.jcr.Repository;
> import javax.jcr.RepositoryException;
> import javax.jcr.Session;
>+import javax.jcr.SimpleCredentials;
> import javax.jcr.Value;
> import javax.security.auth.login.LoginException;
> 
>+import 
>org.apache.jackrabbit.api.security.authentication.token.TokenCredentials;
> import org.apache.jackrabbit.commons.SimpleValueFactory;
> import org.apache.jackrabbit.oak.api.ContentRepository;
> import org.apache.jackrabbit.oak.api.ContentSession;
> import org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate;
> import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
>-import org.apache.jackrabbit.oak.spi.security.principal.AdminPrincipal;
> import org.apache.jackrabbit.oak.spi.whiteboard.Whiteboard;
> import org.slf4j.Logger;
> import org.slf4j.LoggerFactory;
>@@ -50,8 +50,18 @@ public class RepositoryImpl implements R
>      */
>     private static final Logger log =
>LoggerFactory.getLogger(RepositoryImpl.class);
> 
>-    // TODO implement auto refresh configuration. See OAK-803, OAK-88
>-    private static final long AUTO_REFRESH_INTERVAL =
>TimeUnit.SECONDS.toMillis(1);
>+    /**
>+     * Name of the session attribute value determining the session
>refresh
>+     * behaviour.
>+     *
>+     * @see SessionDelegate#SessionDelegate(ContentSession, long)
>+     */
>+    public static final String REFRESH_INTERVAL = "refresh-interval";
>+
>+    /**
>+     * Default value for {@link #REFRESH_INTERVAL}.
>+     */
>+    private static final long DEFAULT_REFRESH_INTERVAL =
>TimeUnit.SECONDS.toMillis(1);
> 
>     private final Descriptors descriptors = new Descriptors(new
>SimpleValueFactory());
>     private final ContentRepository contentRepository;
>@@ -123,33 +133,58 @@ public class RepositoryImpl implements R
>         return descriptors.isSingleValueDescriptor(key);
>     }
> 
>-    /**
>-     * @see javax.jcr.Repository#login(javax.jcr.Credentials, String)
>-     */
>-    @Override
>-    public Session login(@Nullable Credentials credentials, @Nullable
>String workspaceName) throws RepositoryException {
>+    private Session login(
>+            @Nullable Credentials credentials, @Nullable String
>workspaceName,
>+            long refreshInterval) throws RepositoryException {
>         try {
>-            ContentSession contentSession =
>-                    contentRepository.login(credentials, workspaceName);
>-
>-            // For better backwards compatibility admin sessions should
>always
>-            // be on the latest revision: set refresh interval to 0. See
>OAK-803.
>-            SessionContext context = new SessionContext(
>-                    this, whiteboard, new SessionDelegate(
>-                            contentSession, /* isAdmin(contentSession) ?
>0 : */ AUTO_REFRESH_INTERVAL));
>+            ContentSession contentSession =
>contentRepository.login(credentials, workspaceName);
>+            SessionContext context = new SessionContext(this, whiteboard,
>+                    new SessionDelegate(contentSession,
>refreshInterval));
>             return context.getSession();
>         } catch (LoginException e) {
>             throw new javax.jcr.LoginException(e.getMessage(), e);
>         }
>     }
> 
>-    private static boolean isAdmin(ContentSession contentSession) {
>-        for (Principal p : contentSession.getAuthInfo().getPrincipals())
>{
>-            if (p instanceof AdminPrincipal) {
>-                return true;
>+    private static long getRefreshInterval(Credentials credentials) {
>+        if (credentials instanceof SimpleCredentials) {
>+            Object refreshAttribute = ((SimpleCredentials) credentials)
>+                    .getAttribute(REFRESH_INTERVAL);
>+            if (refreshAttribute instanceof Long) {
>+                return (Long) refreshAttribute;
>+            } else if (refreshAttribute instanceof Integer) {
>+                return (Integer) refreshAttribute;
>+            } else if (refreshAttribute instanceof String) {
>+                return toLong((String) refreshAttribute);
>             }
>+        } else if (credentials instanceof TokenCredentials) {
>+            String refreshAttribute = ((TokenCredentials) credentials)
>+                    .getAttribute(REFRESH_INTERVAL);
>+            if (refreshAttribute != null) {
>+                return toLong(refreshAttribute);
>+            }
>+        }
>+        return DEFAULT_REFRESH_INTERVAL;
>+    }
>+
>+    private static long toLong(String longValue) {
>+        try {
>+            return Long.parseLong(longValue);
>+        } catch (NumberFormatException e) {
>+            log.warn("Invalid value '" + longValue + "' for " +
>REFRESH_INTERVAL +
>+                    ". Expected long. Defaulting to '" +
>DEFAULT_REFRESH_INTERVAL +
>+                    "' seconds .", e);
>+            return DEFAULT_REFRESH_INTERVAL;
>         }
>-        return false;
>+    }
>+
>+    /**
>+     * @see javax.jcr.Repository#login(javax.jcr.Credentials, String)
>+     */
>+    @Override
>+    public Session login(@Nullable Credentials credentials, @Nullable
>String workspaceName)
>+            throws RepositoryException {
>+        return login(credentials, workspaceName,
>getRefreshInterval(credentials));
>     }
> 
>     /**
>
>


Mime
View raw message