jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Angela Schreiber <anch...@adobe.com>
Subject Re: SimpleAccessManager only with SimpleSecurityManager?
Date Mon, 17 Nov 2014 11:06:18 GMT
hi Ben

The Simple* stuff in the security area is just legacy code
from the time when Jackrabbit didn't have any proper
authorization/authentication setup.

So, first of all i would strongly recommend not to use it
in a productive environment.

If you use it with a different principal provider (or loginmodule),
you are in charge of making sure the anonymous user is properly
identified and the subject resulting from the authentication
step contains the anonymous principal as defined by jackrabbit core.
Then it should work... the other principals will be ignored
if "that" anonymous principal class is present in the subject.

the default setup works slightly different:
in the default case the authentication step is only successful
if there exists a valid user in the repository that corresponds to
the specified credentials: e.g. login with GuestCredentials
will fail if there is no anonymous user present or if that
user is disabled. the anonymous principal mentioned above is
not used here as the simple setup IMO doesn't make any sense
in a repository that provides all means for proper authentication
and authorization.

if you still want to use it that way, you could additionally
specify another loginmodule to your setup that extends the
subject with the "Anonymous" principal class in case the
credentials in the shared state present the guest (anonymous)
in the #commit() method of you custom login module which
would come first with the OPTIONAL flag.

hope that helps
angela 




On 08/10/14 17:36, "Ben Peter" <bp@ben-peter.com> wrote:

>Hi,
>
>
>[1] says "The default SimpleAccessManager class included in Jackrabbit
>implements a trivially simple authorization mechanism that grants full
>read access to all users and write access to everyone except anonymous
>users.²
>
>I just found that this is only true if the SimplePrincipalProvider is
>used at the same time and if it isn¹t, SAM will allow grant jcr:all to
>anonymous (ouch!)
>
>So I¹m wondering
>- is this as expected and just lacking precise documentation
>- is this unexpected and an issue
>- am I missing something?
>
>SAM relies on the following code:
>
>import org.apache.jackrabbit.core.security.AnonymousPrincipal
>...
>anonymous = !subject.getPrincipals(AnonymousPrincipal.class).isEmpty();
>
>This will work if the principal provider is
>org.apache.jackrabbit.core.security.simple.SimpleSecurityManager.SimplePri
>ncipalProvider, which is only ever the case if the security manager is
>org.apache.jackrabbit.core.security.simple.SimpleSecurityManager
>
>In a default setup, however, I see the following principals in the
>subject an anonymous login
>- 
>org.apache.jackrabbit.core.security.user.AuthorizableImpl$NodeBasedPrincip
>al
>- org.apache.jackrabbit.core.security.principal.EveryonePrincipal
>
>Cheers
>Ben
>
>
>[1] 
>http://jackrabbit.apache.org/jackrabbit-configuration.html#JackrabbitConfi
>guration-Securityconfiguration
>


Mime
View raw message