Search in sources :

Example 6 with ExternalGroup

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup in project jackrabbit-oak by apache.

the class LdapProviderTest method testGetGroupByName.

@Test
public void testGetGroupByName() throws Exception {
    ExternalGroup group = idp.getGroup(TEST_GROUP1_NAME);
    assertNotNull("Group 1 must exist", group);
    assertEquals("Group Ref", TEST_GROUP1_DN, group.getExternalId().getId());
}
Also used : ExternalGroup(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup) Test(org.junit.Test)

Example 7 with ExternalGroup

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup in project jackrabbit-oak by apache.

the class LdapProviderTest method testGetGroupByRef.

@Test
public void testGetGroupByRef() throws Exception {
    ExternalIdentityRef ref = new ExternalIdentityRef(TEST_GROUP1_DN, IDP_NAME);
    ExternalIdentity id = idp.getIdentity(ref);
    assertTrue("Group instance", id instanceof ExternalGroup);
    assertEquals("Group Name", TEST_GROUP1_NAME, id.getId());
}
Also used : ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef) ExternalGroup(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup) ExternalIdentity(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity) Test(org.junit.Test)

Example 8 with ExternalGroup

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup in project jackrabbit-oak by apache.

the class DefaultSyncContext method sync.

/**
     * {@inheritDoc}
     */
@Nonnull
@Override
public SyncResult sync(@Nonnull ExternalIdentity identity) throws SyncException {
    ExternalIdentityRef ref = identity.getExternalId();
    if (!isSameIDP(ref)) {
        // create result in accordance with sync(String) where status is FOREIGN
        boolean isGroup = (identity instanceof ExternalGroup);
        return new DefaultSyncResultImpl(new DefaultSyncedIdentity(identity.getId(), ref, isGroup, -1), SyncResult.Status.FOREIGN);
    }
    try {
        DebugTimer timer = new DebugTimer();
        DefaultSyncResultImpl ret;
        boolean created = false;
        if (identity instanceof ExternalUser) {
            User user = getAuthorizable(identity, User.class);
            timer.mark("find");
            if (user == null) {
                user = createUser((ExternalUser) identity);
                timer.mark("create");
                created = true;
            }
            ret = syncUser((ExternalUser) identity, user);
            timer.mark("sync");
        } else if (identity instanceof ExternalGroup) {
            Group group = getAuthorizable(identity, Group.class);
            timer.mark("find");
            if (group == null) {
                group = createGroup((ExternalGroup) identity);
                timer.mark("create");
                created = true;
            }
            ret = syncGroup((ExternalGroup) identity, group);
            timer.mark("sync");
        } else {
            throw new IllegalArgumentException("identity must be user or group but was: " + identity);
        }
        if (log.isDebugEnabled()) {
            log.debug("sync({}) -> {} {}", ref.getString(), identity.getId(), timer.getString());
        }
        if (created) {
            ret.setStatus(SyncResult.Status.ADD);
        }
        return ret;
    } catch (RepositoryException e) {
        throw new SyncException(e);
    }
}
Also used : DebugTimer(org.apache.jackrabbit.oak.commons.DebugTimer) Group(org.apache.jackrabbit.api.security.user.Group) ExternalGroup(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup) User(org.apache.jackrabbit.api.security.user.User) ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser) ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef) ExternalGroup(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup) ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser) RepositoryException(javax.jcr.RepositoryException) SyncException(org.apache.jackrabbit.oak.spi.security.authentication.external.SyncException) Nonnull(javax.annotation.Nonnull)

Example 9 with ExternalGroup

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup in project jackrabbit-oak by apache.

the class DefaultSyncContextTest method testSyncExternalGroup.

@Test
public void testSyncExternalGroup() throws Exception {
    ExternalGroup gr = idp.listGroups().next();
    assertNotNull(gr);
    SyncResult result = syncCtx.sync(gr);
    assertEquals(SyncResult.Status.ADD, result.getStatus());
    result = syncCtx.sync(gr);
    assertEquals(SyncResult.Status.NOP, result.getStatus());
    syncCtx.setForceGroupSync(true);
    result = syncCtx.sync(gr);
    assertEquals(SyncResult.Status.UPDATE, result.getStatus());
}
Also used : ExternalGroup(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup) SyncResult(org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult) AbstractExternalAuthTest(org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest) Test(org.junit.Test)

Example 10 with ExternalGroup

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup in project jackrabbit-oak by apache.

the class DynamicSyncContextTest method testSyncMembershipForExternalGroup.

@Test
public void testSyncMembershipForExternalGroup() throws Exception {
    // a group that has declaredGroups
    ExternalGroup externalGroup = idp.getGroup("a");
    SyncContext ctx = new DefaultSyncContext(syncConfig, idp, userManager, valueFactory);
    ctx.sync(externalGroup);
    ctx.close();
    r.commit();
    Authorizable gr = userManager.getAuthorizable(externalGroup.getId());
    syncContext.syncMembership(externalGroup, gr, 1);
    assertFalse(gr.hasProperty(ExternalIdentityConstants.REP_EXTERNAL_PRINCIPAL_NAMES));
    assertFalse(r.hasPendingChanges());
}
Also used : DefaultSyncContext(org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext) ExternalGroup(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) SyncContext(org.apache.jackrabbit.oak.spi.security.authentication.external.SyncContext) DefaultSyncContext(org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext) AbstractExternalAuthTest(org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest) Test(org.junit.Test)

Aggregations

ExternalGroup (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup)20 Test (org.junit.Test)16 AbstractExternalAuthTest (org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest)8 ExternalIdentityRef (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)8 Group (org.apache.jackrabbit.api.security.user.Group)7 SyncResult (org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult)6 ExternalIdentity (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity)5 Nonnull (javax.annotation.Nonnull)3 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)3 DebugTimer (org.apache.jackrabbit.oak.commons.DebugTimer)3 ExternalUser (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser)3 SyncedIdentity (org.apache.jackrabbit.oak.spi.security.authentication.external.SyncedIdentity)3 Principal (java.security.Principal)2 HashMap (java.util.HashMap)2 RepositoryException (javax.jcr.RepositoryException)2 User (org.apache.jackrabbit.api.security.user.User)2 UserManager (org.apache.jackrabbit.api.security.user.UserManager)2 ExternalIdentityException (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityException)2 SyncContext (org.apache.jackrabbit.oak.spi.security.authentication.external.SyncContext)2 SyncException (org.apache.jackrabbit.oak.spi.security.authentication.external.SyncException)2