Example 1 with SecurityConfig
use of org.apache.jackrabbit.core.config.SecurityConfig in project jackrabbit by apache.
the class DefaultSecurityManager method init.
//------------------------------------------< JackrabbitSecurityManager >---
/**
* @see JackrabbitSecurityManager#init(Repository, Session)
*/
public synchronized void init(Repository repository, Session systemSession) throws RepositoryException {
if (initialized) {
throw new IllegalStateException("already initialized");
}
if (!(repository instanceof RepositoryImpl)) {
throw new RepositoryException("RepositoryImpl expected");
}
if (!(systemSession instanceof SystemSession)) {
throw new RepositoryException("SystemSession expected");
}
this.systemSession = (SystemSession) systemSession;
this.repository = (RepositoryImpl) repository;
SecurityConfig config = this.repository.getConfig().getSecurityConfig();
LoginModuleConfig loginModConf = config.getLoginModuleConfig();
// build AuthContextProvider based on appName + optional LoginModuleConfig
authContextProvider = new AuthContextProvider(config.getAppName(), loginModConf);
if (authContextProvider.isLocal()) {
log.info("init: use Repository Login-Configuration for " + config.getAppName());
} else if (authContextProvider.isJAAS()) {
log.info("init: use JAAS login-configuration for " + config.getAppName());
} else {
String msg = "Neither JAAS nor RepositoryConfig contained a valid configuration for " + config.getAppName();
log.error(msg);
throw new RepositoryException(msg);
}
Properties[] moduleConfig = authContextProvider.getModuleConfig();
// retrieve default-ids (admin and anonymous) from login-module-configuration.
for (Properties props : moduleConfig) {
if (props.containsKey(LoginModuleConfig.PARAM_ADMIN_ID)) {
adminId = props.getProperty(LoginModuleConfig.PARAM_ADMIN_ID);
}
if (props.containsKey(LoginModuleConfig.PARAM_ANONYMOUS_ID)) {
anonymousId = props.getProperty(LoginModuleConfig.PARAM_ANONYMOUS_ID);
}
}
// fallback:
if (adminId == null) {
log.debug("No adminID defined in LoginModule/JAAS config -> using default.");
adminId = SecurityConstants.ADMIN_ID;
}
if (anonymousId == null) {
log.debug("No anonymousID defined in LoginModule/JAAS config -> using default.");
anonymousId = SecurityConstants.ANONYMOUS_ID;
}
// create the system userManager and make sure the system-users exist.
systemUserManager = createUserManager(this.systemSession);
createSystemUsers(systemUserManager, this.systemSession, adminId, anonymousId);
// init default ac-provider-factory
acProviderFactory = new AccessControlProviderFactoryImpl();
acProviderFactory.init(this.systemSession);
// create the workspace access manager
SecurityManagerConfig smc = config.getSecurityManagerConfig();
if (smc != null && smc.getWorkspaceAccessConfig() != null) {
workspaceAccessManager = smc.getWorkspaceAccessConfig().newInstance(WorkspaceAccessManager.class);
} else {
// fallback -> the default implementation
log.debug("No WorkspaceAccessManager configured; using default.");
workspaceAccessManager = createDefaultWorkspaceAccessManager();
}
workspaceAccessManager.init(this.systemSession);
// initialize principal-provider registry
// 1) create default
PrincipalProvider defaultPP = createDefaultPrincipalProvider(moduleConfig);
// 2) create registry instance
principalProviderRegistry = new ProviderRegistryImpl(defaultPP);
// 3) register all configured principal providers.
for (Properties props : moduleConfig) {
principalProviderRegistry.registerProvider(props);
}
initialized = true;
}
Also used :
AbstractPrincipalProvider(org.apache.jackrabbit.core.security.principal.AbstractPrincipalProvider)
DefaultPrincipalProvider(org.apache.jackrabbit.core.security.principal.DefaultPrincipalProvider)
PrincipalProvider(org.apache.jackrabbit.core.security.principal.PrincipalProvider)
RepositoryException(javax.jcr.RepositoryException)
AccessControlProviderFactoryImpl(org.apache.jackrabbit.core.security.authorization.AccessControlProviderFactoryImpl)
Properties(java.util.Properties)
AuthContextProvider(org.apache.jackrabbit.core.security.authentication.AuthContextProvider)
SecurityConfig(org.apache.jackrabbit.core.config.SecurityConfig)
WorkspaceSecurityConfig(org.apache.jackrabbit.core.config.WorkspaceSecurityConfig)
LoginModuleConfig(org.apache.jackrabbit.core.config.LoginModuleConfig)
SecurityManagerConfig(org.apache.jackrabbit.core.config.SecurityManagerConfig)
WorkspaceAccessManager(org.apache.jackrabbit.core.security.authorization.WorkspaceAccessManager)
ProviderRegistryImpl(org.apache.jackrabbit.core.security.principal.ProviderRegistryImpl)
Aggregations
Properties (java.util.Properties)1
RepositoryException (javax.jcr.RepositoryException)1
LoginModuleConfig (org.apache.jackrabbit.core.config.LoginModuleConfig)1
SecurityConfig (org.apache.jackrabbit.core.config.SecurityConfig)1
SecurityManagerConfig (org.apache.jackrabbit.core.config.SecurityManagerConfig)1
WorkspaceSecurityConfig (org.apache.jackrabbit.core.config.WorkspaceSecurityConfig)1
AuthContextProvider (org.apache.jackrabbit.core.security.authentication.AuthContextProvider)1
AccessControlProviderFactoryImpl (org.apache.jackrabbit.core.security.authorization.AccessControlProviderFactoryImpl)1
WorkspaceAccessManager (org.apache.jackrabbit.core.security.authorization.WorkspaceAccessManager)1
AbstractPrincipalProvider (org.apache.jackrabbit.core.security.principal.AbstractPrincipalProvider)1
DefaultPrincipalProvider (org.apache.jackrabbit.core.security.principal.DefaultPrincipalProvider)1
PrincipalProvider (org.apache.jackrabbit.core.security.principal.PrincipalProvider)1
ProviderRegistryImpl (org.apache.jackrabbit.core.security.principal.ProviderRegistryImpl)1
