Example 36 with Credentials
use of javax.jcr.Credentials in project sling by apache.
the class JcrResourceListenerTest method setUp.
@SuppressWarnings("deprecation")
@Before
public void setUp() throws Exception {
RepositoryUtil.startRepository();
this.adminSession = RepositoryUtil.getRepository().loginAdministrative(null);
RepositoryUtil.registerSlingNodeTypes(adminSession);
final SlingRepository repo = RepositoryUtil.getRepository();
this.config = new JcrListenerBaseConfig(getObservationReporter(), new SlingRepository() {
@Override
public Session login(Credentials credentials, String workspaceName) throws LoginException, NoSuchWorkspaceException, RepositoryException {
return repo.login(credentials, workspaceName);
}
@Override
public Session login(String workspaceName) throws LoginException, NoSuchWorkspaceException, RepositoryException {
return repo.login(workspaceName);
}
@Override
public Session login(Credentials credentials) throws LoginException, RepositoryException {
return repo.login(credentials);
}
@Override
public Session login() throws LoginException, RepositoryException {
return repo.login();
}
@Override
public boolean isStandardDescriptor(String key) {
return repo.isStandardDescriptor(key);
}
@Override
public boolean isSingleValueDescriptor(String key) {
return repo.isSingleValueDescriptor(key);
}
@Override
public Value[] getDescriptorValues(String key) {
return repo.getDescriptorValues(key);
}
@Override
public Value getDescriptorValue(String key) {
return repo.getDescriptorValue(key);
}
@Override
public String[] getDescriptorKeys() {
return repo.getDescriptorKeys();
}
@Override
public String getDescriptor(String key) {
return repo.getDescriptor(key);
}
@Override
public Session loginService(String subServiceName, String workspace) throws LoginException, RepositoryException {
return repo.loginAdministrative(workspace);
}
@Override
public Session loginAdministrative(String workspace) throws LoginException, RepositoryException {
return repo.loginAdministrative(workspace);
}
@Override
public String getDefaultWorkspace() {
// TODO Auto-generated method stub
return repo.getDefaultWorkspace();
}
});
this.listener = new JcrResourceListener(this.config, getObservationReporter().getObserverConfigurations().get(0));
}
Also used :
SlingRepository(org.apache.sling.jcr.api.SlingRepository)
Value(javax.jcr.Value)
Credentials(javax.jcr.Credentials)
Before(org.junit.Before)
Example 37 with Credentials
use of javax.jcr.Credentials in project sling by apache.
the class DefaultLoginsHealthCheck method execute.
@Override
public Result execute() {
final FormattingResultLog resultLog = new FormattingResultLog();
int checked = 0;
int failures = 0;
for (String login : logins) {
final String[] parts = login.split(":");
if (parts.length != 2) {
resultLog.warn("Expected login in the form username:password, got [{}]", login);
continue;
}
checked++;
final String username = parts[0].trim();
final String password = parts[1].trim();
final Credentials creds = new SimpleCredentials(username, password.toCharArray());
Session s = null;
try {
s = repository.login(creds);
if (s != null) {
failures++;
resultLog.warn("Login as [{}] succeeded, was expecting it to fail", username);
} else {
resultLog.debug("Login as [{}] didn't throw an Exception but returned null Session", username);
}
} catch (RepositoryException re) {
resultLog.debug("Login as [{}] failed, as expected", username);
} finally {
if (s != null) {
s.logout();
}
}
}
if (checked == 0) {
resultLog.warn("Did not check any logins, configured logins={}", logins);
} else if (failures != 0) {
resultLog.warn("Checked {} logins, {} failures", checked, failures);
} else {
resultLog.debug("Checked {} logins, all successful", checked, failures);
}
return new Result(resultLog);
}
Also used :
SimpleCredentials(javax.jcr.SimpleCredentials)
FormattingResultLog(org.apache.sling.hc.util.FormattingResultLog)
RepositoryException(javax.jcr.RepositoryException)
SimpleCredentials(javax.jcr.SimpleCredentials)
Credentials(javax.jcr.Credentials)
Session(javax.jcr.Session)
Result(org.apache.sling.hc.api.Result)
Example 38 with Credentials
use of javax.jcr.Credentials in project sling by apache.
the class OakServerIT method testWrongLogin.
@Test(expected = RepositoryException.class)
public void testWrongLogin() throws RepositoryException {
final Credentials creds = new SimpleCredentials("badName", "badPAssword".toCharArray());
repository.login(creds);
}
Also used :
SimpleCredentials(javax.jcr.SimpleCredentials)
SimpleCredentials(javax.jcr.SimpleCredentials)
Credentials(javax.jcr.Credentials)
Test(org.junit.Test)
Example 39 with Credentials
use of javax.jcr.Credentials in project sling by apache.
the class JcrProviderStateFactory method getCredentials.
/**
* Create a credentials object from the provided authentication info. If no
* map is provided, <code>null</code> is returned. If a map is provided and
* contains a credentials object, this object is returned. If a map is
* provided but does not contain a credentials object nor a user,
* <code>null</code> is returned. if a map is provided with a user name but
* without a credentials object a new credentials object is created and all
* values from the authentication info are added as attributes.
*
* @param authenticationInfo
* Optional authentication info
* @return A credentials object or <code>null</code>
*/
private static Credentials getCredentials(final Map<String, Object> authenticationInfo) {
Credentials creds = null;
if (authenticationInfo != null) {
final Object credentialsObject = authenticationInfo.get(JcrResourceConstants.AUTHENTICATION_INFO_CREDENTIALS);
if (credentialsObject instanceof Credentials) {
creds = (Credentials) credentialsObject;
} else {
// otherwise try to create SimpleCredentials if the userId is
// set
final Object userId = authenticationInfo.get(ResourceResolverFactory.USER);
if (userId instanceof String) {
final Object password = authenticationInfo.get(ResourceResolverFactory.PASSWORD);
final SimpleCredentials credentials = new SimpleCredentials((String) userId, ((password instanceof char[]) ? (char[]) password : new char[0]));
// add attributes
copyAttributes(credentials, authenticationInfo);
creds = credentials;
}
}
}
if (creds instanceof SimpleCredentials && authenticationInfo.get(NEW_PASSWORD) instanceof String) {
((SimpleCredentials) creds).setAttribute(NEW_PASSWORD, authenticationInfo.get(NEW_PASSWORD));
}
return creds;
}
Also used :
SimpleCredentials(javax.jcr.SimpleCredentials)
SimpleCredentials(javax.jcr.SimpleCredentials)
Credentials(javax.jcr.Credentials)
Example 40 with Credentials
use of javax.jcr.Credentials in project sling by apache.
the class JcrProviderStateFactory method createProviderState.
@SuppressWarnings("deprecation")
JcrProviderState createProviderState(@Nonnull final Map<String, Object> authenticationInfo) throws LoginException {
boolean isLoginAdministrative = Boolean.TRUE.equals(authenticationInfo.get(ResourceProvider.AUTH_ADMIN));
// check whether a session is provided in the authenticationInfo
Session session = getSession(authenticationInfo);
if (session != null && !isLoginAdministrative) {
// was provided in the authenticationInfo
return createJcrProviderState(session, false, authenticationInfo, null);
}
BundleContext bc = null;
try {
final Bundle bundle = extractCallingBundle(authenticationInfo);
if (bundle != null) {
bc = bundle.getBundleContext();
final SlingRepository repo = bc.getService(repositoryReference);
if (repo == null) {
logger.warn("Cannot login {} because cannot get SlingRepository on behalf of bundle {} ({})", isLoginAdministrative ? "admin" : "service", bundle.getSymbolicName(), bundle.getBundleId());
// TODO: correct ??
throw new LoginException("Repository unavailable");
}
try {
if (isLoginAdministrative) {
session = repo.loginAdministrative(null);
} else {
final Object subService = authenticationInfo.get(ResourceResolverFactory.SUBSERVICE);
final String subServiceName = subService instanceof String ? (String) subService : null;
session = repo.loginService(subServiceName, null);
}
} catch (Throwable t) {
// closed and the session logged out
if (session == null) {
bc.ungetService(repositoryReference);
}
throw t;
}
} else if (isLoginAdministrative) {
throw new LoginException("Calling bundle missing in authentication info");
} else {
// requested non-admin session
final Credentials credentials = getCredentials(authenticationInfo);
session = repository.login(credentials, null);
}
} catch (final RepositoryException re) {
throw getLoginException(re);
}
return createJcrProviderState(session, true, authenticationInfo, bc);
}
Also used :
SlingRepository(org.apache.sling.jcr.api.SlingRepository)
Bundle(org.osgi.framework.Bundle)
LoginException(org.apache.sling.api.resource.LoginException)
RepositoryException(javax.jcr.RepositoryException)
SimpleCredentials(javax.jcr.SimpleCredentials)
Credentials(javax.jcr.Credentials)
Session(javax.jcr.Session)
BundleContext(org.osgi.framework.BundleContext)
Aggregations
Credentials (javax.jcr.Credentials)86
SimpleCredentials (javax.jcr.SimpleCredentials)53
Test (org.junit.Test)33
GuestCredentials (javax.jcr.GuestCredentials)26
Session (javax.jcr.Session)17
TokenCredentials (org.apache.jackrabbit.api.security.authentication.token.TokenCredentials)14
AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)13
RepositoryException (javax.jcr.RepositoryException)12
User (org.apache.jackrabbit.api.security.user.User)12
ImpersonationCredentials (org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials)12
LoginException (javax.security.auth.login.LoginException)8
ArrayList (java.util.ArrayList)7
LoginException (javax.jcr.LoginException)6
Subject (javax.security.auth.Subject)6
IOException (java.io.IOException)5
HashMap (java.util.HashMap)5
Repository (javax.jcr.Repository)5
ContentSession (org.apache.jackrabbit.oak.api.ContentSession)5
Principal (java.security.Principal)4
Map (java.util.Map)4
