sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From romb...@apache.org
Subject [sling-org-apache-sling-jcr-davex] 33/44: SLING-2325 Selectively reuse request session or impersonation: - for LOCK and SUBSCRIBE requests, impersonation is used and releaseSession logs out - for other requests, request session is used and releaseSession does nothing
Date Tue, 07 Nov 2017 09:47:37 GMT
This is an automated email from the ASF dual-hosted git repository.

rombert pushed a commit to annotated tag org.apache.sling.jcr.davex-1.1.0
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-jcr-davex.git

commit 638bd48a334877ad5ae314ae0e559b1cf7366997
Author: Felix Meschberger <fmeschbe@apache.org>
AuthorDate: Tue Jan 24 14:52:33 2012 +0000

    SLING-2325 Selectively reuse request session or impersonation:
      - for LOCK and SUBSCRIBE requests, impersonation is used and releaseSession logs out
      - for other requests, request session is used and releaseSession does nothing
    
    git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/bundles/jcr/davex@1235287 13f79535-47bb-0310-9956-ffa450edef68
---
 pom.xml                                            |  6 ++
 .../jcr/davex/impl/servlets/SlingDavExServlet.java | 67 +++++++++++++++-------
 2 files changed, 51 insertions(+), 22 deletions(-)

diff --git a/pom.xml b/pom.xml
index a4a55f9..21de9a5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -110,6 +110,12 @@
         </dependency>
         <dependency>
             <groupId>org.apache.sling</groupId>
+            <artifactId>org.apache.sling.jcr.api</artifactId>
+            <version>2.0.6</version>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.sling</groupId>
             <artifactId>org.apache.sling.commons.osgi</artifactId>
             <version>2.0.6</version>
             <scope>provided</scope>
diff --git a/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java
b/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java
index d09bc3b..39b07d2 100644
--- a/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java
+++ b/src/main/java/org/apache/sling/jcr/davex/impl/servlets/SlingDavExServlet.java
@@ -24,6 +24,8 @@ import javax.jcr.LoginException;
 import javax.jcr.Repository;
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
+import javax.jcr.SimpleCredentials;
+import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 
 import org.apache.felix.scr.annotations.Activate;
@@ -38,11 +40,13 @@ import org.apache.jackrabbit.webdav.util.CSRFUtil;
 import org.apache.sling.api.resource.ResourceResolver;
 import org.apache.sling.auth.core.AuthenticationSupport;
 import org.apache.sling.commons.osgi.OsgiUtil;
+import org.apache.sling.jcr.api.SlingRepository;
 import org.apache.sling.settings.SlingSettingsService;
 import org.osgi.framework.BundleContext;
 import org.osgi.framework.Constants;
 import org.osgi.framework.ServiceRegistration;
 import org.osgi.service.http.HttpService;
+import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 /**
@@ -74,17 +78,19 @@ public class SlingDavExServlet extends JcrRemotingServlet {
      */
     private static final String PAR_AUTH_REQ = "sling.auth.requirements";
 
-    /**
-     * Constant copied from <code>SlingConstants</code> to enable compatibility
-     * with older API bundle.
-     *
-     * TODO - remove once Sling API 2.3.0 has been released
-     */
-    private static final String ATTR_RESOURCE_RESOLVER_SKIP_CLOSE = "org.apache.sling.api.resource.ResourceResolver.skip.close";
+    private static char[] EMPTY_PW = new char[0];
+
+    private static final String REQUEST_METHOD_SUBSCRIBE = "SUBSCRIBE";
+
+    private static final String REQUEST_METHOD_LOCK = "LOCK";
+
+    private static final String SESSION_FLAG_LONG_LIVED = "$sling.davex$";
 
+    /** default log */
+    private final Logger log = LoggerFactory.getLogger(getClass());
 
     @Reference
-    private Repository repository;
+    private SlingRepository repository;
 
     @Reference
     private HttpService httpService;
@@ -139,7 +145,7 @@ public class SlingDavExServlet extends JcrRemotingServlet {
             dummyServiceProperties.put(PAR_AUTH_REQ, "-" + davRoot);
             this.dummyService = bundleContext.registerService("java.lang.Object", new Object(),
dummyServiceProperties);
         } catch (Exception e) {
-            LoggerFactory.getLogger(getClass()).error("activate: Failed registering DavEx
Servlet at " + davRoot, e);
+            log.error("activate: Failed registering DavEx Servlet at " + davRoot, e);
         }
     }
 
@@ -165,28 +171,45 @@ public class SlingDavExServlet extends JcrRemotingServlet {
     protected SessionProvider getSessionProvider() {
         return new SessionProvider() {
 
-            public Session getSession(final HttpServletRequest req,
-                    final Repository repository,
-                    final String workspace)
-            throws LoginException, RepositoryException {
+            public Session getSession(final HttpServletRequest req, final Repository repository,
final String workspace)
+                    throws LoginException, RepositoryException, ServletException {
                 final ResourceResolver resolver = (ResourceResolver) req.getAttribute(AuthenticationSupport.REQUEST_ATTRIBUTE_RESOLVER);
-                if ( resolver != null ) {
+                if (resolver != null) {
                     final Session session = resolver.adaptTo(Session.class);
-                    // as the session might be longer used by davex than the request
-                    // we have to tell the engine and authenticators to leave the resource
-                    // resolver open
-                    if ( session != null ) {
-                        req.setAttribute(ATTR_RESOURCE_RESOLVER_SKIP_CLOSE, "");
+                    if (session != null) {
+                        if (requireLongLivedSession(req)) {
+                            // as the session might be longer used by davex than
+                            // the request we have to create a new session!
+                            final SimpleCredentials credentials = new SimpleCredentials(session.getUserID(),
EMPTY_PW);
+                            credentials.setAttribute(SESSION_FLAG_LONG_LIVED, Boolean.TRUE);
+                            final String wsp = session.getWorkspace().getName();
+                            final Session adminSession = SlingDavExServlet.this.repository.loginAdministrative(wsp);
+                            final Session newSession = adminSession.impersonate(credentials);
+                            log.debug("getSession: Creating new Session ({})", newSession);
+                            return newSession;
+                        }
+
+                        log.debug("getSession: Reusing Session ({})", session);
                         return session;
                     }
                 }
-                return null;
+
+                throw new ServletException("ResourceResolver missing or not providing on
JCR Session");
             }
 
             public void releaseSession(final Session session) {
-                session.logout();
+                if (session.getAttribute(SESSION_FLAG_LONG_LIVED) != null) {
+                    log.debug("getSession: Logging out Session ({})", session);
+                    session.logout();
+                } else {
+                    log.debug("getSession: Keeping Session ({})", session);
+                }
+            }
+
+            private boolean requireLongLivedSession(final HttpServletRequest req) {
+                final String method = req.getMethod();
+                return REQUEST_METHOD_LOCK.equals(method) || REQUEST_METHOD_SUBSCRIBE.equals(method);
             }
         };
     }
-
 }

-- 
To stop receiving notification emails like this one, please contact
"commits@sling.apache.org" <commits@sling.apache.org>.

Mime
View raw message