Example 56 with JackrabbitSession
use of org.apache.jackrabbit.api.JackrabbitSession in project sling by apache.
the class ResourceTypeResolutionIT method checkResourceType.
@Test
public void checkResourceType() throws Exception {
JackrabbitSession adminSession = (JackrabbitSession) slingRepository.loginAdministrative(null);
Node contentBar = JcrUtils.getOrCreateByPath("/content/foo/bar", "nt:unstructured", adminSession);
contentBar.setProperty("sling:resourceType", "types/foo/bar");
Node appsBar = JcrUtils.getOrCreateByPath("/apps/types/foo/bar", "nt:unstructured", adminSession);
appsBar.setProperty("sling:resourceSuperType", "types/foo/parent");
JcrUtils.getOrCreateByPath("/apps/types/foo/parent", "nt:unstructured", adminSession);
adminSession.getUserManager().createUser("test-user", "test");
adminSession.save();
AccessControlUtils.allow(contentBar, "test-user", "jcr:read");
adminSession.save();
adminSession.logout();
HashMap<String, Object> authenticationInfo = new HashMap<>();
authenticationInfo.put(ResourceResolverFactory.USER, "test-user");
authenticationInfo.put(ResourceResolverFactory.PASSWORD, "test".toCharArray());
ResourceResolver testResolver = resourceResolverFactory.getResourceResolver(authenticationInfo);
try {
Resource resource = testResolver.getResource("/content/foo/bar");
assertNotNull(resource);
assertEquals("/content/foo/bar", resource.getPath());
assertTrue(resource.isResourceType("types/foo/bar"));
// this assertion causes the private ResourceResolverControl#getResourceTypeResourceResolver
// to be called, which needs to inject the resourceresolver bundle via the authenticationInfo
// see SLING-6329
assertTrue(resource.isResourceType("types/foo/parent"));
} finally {
testResolver.close();
}
}
Also used :
HashMap(java.util.HashMap)
Node(javax.jcr.Node)
ResourceResolver(org.apache.sling.api.resource.ResourceResolver)
Resource(org.apache.sling.api.resource.Resource)
JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)
Test(org.junit.Test)
Example 57 with JackrabbitSession
use of org.apache.jackrabbit.api.JackrabbitSession in project sling by apache.
the class Init method activate.
@Activate
public void activate() throws Exception {
try {
final String defaultAgentUserName = "distribution-agent-user";
final String serviceUserName = "testDistributionUser";
final String distributorUserName = "testDistributorUser";
Session session = slingRepository.login(new SimpleCredentials("admin", "admin".toCharArray()));
JackrabbitSession jackrabittSession = (JackrabbitSession) session;
UserManager userManager = jackrabittSession.getUserManager();
User serviceUser = createOrGetServiceUser(userManager, serviceUserName);
if (serviceUser != null) {
AccessControlUtils.addAccessControlEntry(session, "/var/sling/distribution/packages", serviceUser.getPrincipal(), new String[] { Privilege.JCR_ALL }, true);
AccessControlUtils.addAccessControlEntry(session, "/content", serviceUser.getPrincipal(), new String[] { Privilege.JCR_ALL }, true);
AccessControlUtils.addAccessControlEntry(session, null, serviceUser.getPrincipal(), new String[] { Privilege.JCR_ALL }, true);
}
Authorizable distributorUser = createOrGetRegularUser(userManager, distributorUserName);
JcrUtils.getOrCreateByPath("/content", "sling:Folder", session);
if (distributorUser != null) {
AccessControlUtils.addAccessControlEntry(session, "/var/sling/distribution/packages", distributorUser.getPrincipal(), new String[] { Privilege.JCR_ALL }, true);
AccessControlUtils.addAccessControlEntry(session, "/content", distributorUser.getPrincipal(), new String[] { Privilege.JCR_ALL }, true);
AccessControlUtils.addAccessControlEntry(session, "/libs/sling/distribution", distributorUser.getPrincipal(), new String[] { Privilege.JCR_ALL }, true);
AccessControlUtils.addAccessControlEntry(session, "/etc/distribution", distributorUser.getPrincipal(), new String[] { Privilege.JCR_ALL }, true);
AccessControlUtils.addAccessControlEntry(session, null, distributorUser.getPrincipal(), new String[] { Privilege.JCR_ALL }, true);
}
User defaultAgentUser = createOrGetServiceUser(userManager, defaultAgentUserName);
if (defaultAgentUser != null) {
AccessControlUtils.addAccessControlEntry(session, "/var/sling/distribution/packages", defaultAgentUser.getPrincipal(), new String[] { Privilege.JCR_ALL }, true);
((User) distributorUser).getImpersonation().grantImpersonation(defaultAgentUser.getPrincipal());
serviceUser.getImpersonation().grantImpersonation(defaultAgentUser.getPrincipal());
}
session.save();
session.logout();
} catch (Throwable t) {
log.error("cannot create user", t);
}
}
Also used :
SimpleCredentials(javax.jcr.SimpleCredentials)
User(org.apache.jackrabbit.api.security.user.User)
UserManager(org.apache.jackrabbit.api.security.user.UserManager)
Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)
JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)
Session(javax.jcr.Session)
JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)
Activate(org.apache.felix.scr.annotations.Activate)
Example 58 with JackrabbitSession
use of org.apache.jackrabbit.api.JackrabbitSession in project jackrabbit by apache.
the class TokenBasedLoginTest method testConcurrentLoginDifferentWorkspaces.
/**
* Tests concurrent login on the Repository including token creation.
* Test copied and slightly adjusted from org.apache.jackrabbit.core.ConcurrentLoginTest
*/
public void testConcurrentLoginDifferentWorkspaces() throws RepositoryException, NotExecutableException {
final String testID = testuser.getID();
// check if test is executable
// - multiple workspaces must be present
final List<String> wspNames = Arrays.asList(superuser.getWorkspace().getAccessibleWorkspaceNames());
if (wspNames.size() <= 1) {
throw new NotExecutableException();
}
// - testuser must be present for all workspaces
for (String wspName : wspNames) {
JackrabbitSession s = null;
try {
s = (JackrabbitSession) getHelper().getSuperuserSession(wspName);
if (s.getUserManager().getAuthorizable(testID) == null) {
throw new NotExecutableException();
}
} finally {
if (s != null) {
s.logout();
}
}
}
final Exception[] exception = new Exception[1];
List<Thread> testRunner = new ArrayList<Thread>();
for (int i = 0; i < 10; i++) {
testRunner.add(new Thread(new Runnable() {
public void run() {
for (int i = 0; i < 100; i++) {
try {
double rand = wspNames.size() * Math.random();
int index = (int) Math.floor(rand);
String wspName = wspNames.get(index);
SimpleCredentials sc = new SimpleCredentials(testID, testID.toCharArray());
sc.setAttribute(TokenBasedAuthentication.TOKEN_ATTRIBUTE, "");
Session s = getHelper().getRepository().login(sc, wspName);
try {
Set<TokenCredentials> tcs = ((SessionImpl) s).getSubject().getPublicCredentials(TokenCredentials.class);
assertFalse(tcs.isEmpty());
} finally {
s.logout();
}
} catch (Exception e) {
exception[0] = e;
break;
}
}
}
}));
}
// start threads
for (Object aTestRunner : testRunner) {
((Thread) aTestRunner).start();
}
// join threads
for (Object aTestRunner : testRunner) {
try {
((Thread) aTestRunner).join();
} catch (InterruptedException e) {
fail(e.toString());
}
}
if (exception[0] != null) {
fail(exception[0].toString());
}
}
Also used :
ArrayList(java.util.ArrayList)
LoginException(javax.jcr.LoginException)
RepositoryException(javax.jcr.RepositoryException)
NotExecutableException(org.apache.jackrabbit.test.NotExecutableException)
SimpleCredentials(javax.jcr.SimpleCredentials)
NotExecutableException(org.apache.jackrabbit.test.NotExecutableException)
JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)
Session(javax.jcr.Session)
JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)
TokenCredentials(org.apache.jackrabbit.api.security.authentication.token.TokenCredentials)
Example 59 with JackrabbitSession
use of org.apache.jackrabbit.api.JackrabbitSession in project jackrabbit by apache.
the class TokenBasedLoginTest method setUp.
@Override
protected void setUp() throws Exception {
super.setUp();
if (superuser instanceof JackrabbitSession) {
UserManager umgr = ((JackrabbitSession) superuser).getUserManager();
String uid = "test";
while (umgr.getAuthorizable(uid) != null) {
uid += "_";
}
testuser = umgr.createUser(uid, uid);
Principal p = testuser.getPrincipal();
if (p instanceof ItemBasedPrincipal) {
testuserPath = ((ItemBasedPrincipal) p).getPath();
} else {
throw new NotExecutableException();
}
creds = new SimpleCredentials(uid, uid.toCharArray());
if (!umgr.isAutoSave()) {
doSave = true;
superuser.save();
}
} else {
throw new NotExecutableException();
}
}
Also used :
SimpleCredentials(javax.jcr.SimpleCredentials)
NotExecutableException(org.apache.jackrabbit.test.NotExecutableException)
UserManager(org.apache.jackrabbit.api.security.user.UserManager)
ItemBasedPrincipal(org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal)
JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)
Principal(java.security.Principal)
ItemBasedPrincipal(org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal)
Example 60 with JackrabbitSession
use of org.apache.jackrabbit.api.JackrabbitSession in project jackrabbit by apache.
the class GroupImplTest method testEveryoneGroup.
public void testEveryoneGroup() throws RepositoryException, NotExecutableException {
Group g = null;
try {
g = userMgr.createGroup(EveryonePrincipal.NAME);
save(superuser);
assertEquals(EveryonePrincipal.NAME, g.getPrincipal().getName());
assertEquals(EveryonePrincipal.getInstance(), g.getPrincipal());
assertTrue(g.isDeclaredMember(getTestUser(superuser)));
assertTrue(g.isMember(getTestUser(superuser)));
Iterator<Authorizable> it = g.getDeclaredMembers();
assertTrue(it.hasNext());
Set<Authorizable> members = new HashSet<Authorizable>();
while (it.hasNext()) {
members.add(it.next());
}
it = g.getMembers();
assertTrue(it.hasNext());
while (it.hasNext()) {
assertTrue(members.contains(it.next()));
}
assertFalse(g.addMember(getTestUser(superuser)));
assertFalse(g.removeMember(getTestUser(superuser)));
PrincipalManager pMgr = ((JackrabbitSession) superuser).getPrincipalManager();
Principal everyone = pMgr.getEveryone();
assertTrue(everyone instanceof ItemBasedPrincipal);
assertEquals(everyone, EveryonePrincipal.getInstance());
} finally {
if (g != null) {
g.remove();
save(superuser);
}
}
}
Also used :
PrincipalManager(org.apache.jackrabbit.api.security.principal.PrincipalManager)
Group(org.apache.jackrabbit.api.security.user.Group)
ItemBasedPrincipal(org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal)
Authorizable(org.apache.jackrabbit.api.security.user.Authorizable)
JackrabbitSession(org.apache.jackrabbit.api.JackrabbitSession)
EveryonePrincipal(org.apache.jackrabbit.core.security.principal.EveryonePrincipal)
Principal(java.security.Principal)
ItemBasedPrincipal(org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal)
HashSet(java.util.HashSet)
Aggregations
JackrabbitSession (org.apache.jackrabbit.api.JackrabbitSession)114
UserManager (org.apache.jackrabbit.api.security.user.UserManager)51
Session (javax.jcr.Session)50
Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)34
Node (javax.jcr.Node)25
Group (org.apache.jackrabbit.api.security.user.Group)25
User (org.apache.jackrabbit.api.security.user.User)24
Principal (java.security.Principal)19
NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)17
Test (org.junit.Test)16
SimpleCredentials (javax.jcr.SimpleCredentials)15
PrincipalImpl (org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl)11
RepositoryException (javax.jcr.RepositoryException)10
PrincipalIterator (org.apache.jackrabbit.api.security.principal.PrincipalIterator)9
PrincipalManager (org.apache.jackrabbit.api.security.principal.PrincipalManager)9
Privilege (javax.jcr.security.Privilege)8
LoginException (javax.jcr.LoginException)6
Property (javax.jcr.Property)6
ItemBasedPrincipal (org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal)6
Item (javax.jcr.Item)5
