jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Francisco Carriedo Scher <fcarrie...@gmail.com>
Subject Creating users
Date Thu, 15 Sep 2011 10:41:47 GMT
Hi there,

finally setting permissions through resource-based ACLs is achieved. Now i
am trying to create users and test ACLs with them, but i found problems.
First of all, creating users (that will be affected by the set ACLs for
them) should be straight forward isn't it? If there are previous
configuration or key files i should check, please tell me instead of keeping
reading the details of my issues below,

i create users with no exceptions:

    public boolean createUser(String name, String pass) throws
AuthorizableExistsException, RepositoryException{
        User u;
        PrincipalImpl p = new PrincipalImpl(name);
        String usersPath = "/" + name;
        u = um.createUser(name, pass, p, null);
        u.setProperty("homeFolder",
session.getValueFactory().createValue(usersPath));
        // "HOME" folder for the brand new user
        createUsersFolder(name, session);
        // Assign permissions to the "HOME" folder of the just created
user
        assignInitialPermissions(u,u.getPrincipal(), usersPath, session);
        session.save();
        return true;
    }

but, when trying to log in using them i receive always the following
exception:

Caused by: javax.security.auth.login.FailedLoginException: LoginModule
ignored Credentials
    at
org.apache.jackrabbit.core.security.authentication.LocalAuthContext.login(LocalAuthContext.java:87)
    at
org.apache.jackrabbit.core.RepositoryImpl.login(RepositoryImpl.java:1474)

I went down the source code and reached the previous code to throwing the
exception:

DefaultLoginModule.java (line88):  Authorizable authrz =
userManager.getAuthorizable(userId);

No Authorizable is recovered from the userId.

I tried the same code running in my test program (it creates users, folders,
sets permissions and so on...) and it recovers correctly the user in the
line above:

    public Principal getPrincipal(Credentials credentials) {
        User user;
        Principal principal = null;
        String userId = getUserID(credentials);
        try {
            *Authorizable authrz = um.getAuthorizable(userId);*
            if (authrz != null && !authrz.isGroup()) {
                user = (User) authrz;
                if (user.isDisabled()) {
                    // log message and return null -> login module returns
false.
                    System.out.println("User " + userId + " has been
disabled.");
                } else {
                    principal = user.getPrincipal();
                }
            }
        } catch (RepositoryException e) {
            // should not get here
            System.out.println("Error while retrieving principal.");
        }
        return principal;
    }

    private String getUserID(Credentials credentials) {
        String userId = null;
        if (credentials != null) {
            if (credentials instanceof GuestCredentials) {
                //userId = anonymousId;
            } else if (credentials instanceof SimpleCredentials) {
                *userId = ((SimpleCredentials) credentials).getUserID();*
            } else {

              [...this code is not run so far in my case...]

        // still no userId -> anonymousID if its has been defined.
        // TODO: check again if correct when used with 'extendedAuth'
        if (userId == null) {
            userId = anonymousId;
        }
        return userId;
    }

Finally the test for me to know if the users are correctly created is to try
creating the same user twice and the corresponding exception is throwin
saying that such user already exists.

Thanks for your attention!

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message