Examples with ProviderRegistryImpl org.apache.jackrabbit.core.security.principal.ProviderRegistryImpl used on opensource projects

Example 1 with ProviderRegistryImpl

use of org.apache.jackrabbit.core.security.principal.ProviderRegistryImpl in project jackrabbit by apache.

the class SimpleSecurityManager method init.

//------------------------------------------< JackrabbitSecurityManager >---
/**
     * @see JackrabbitSecurityManager#init(Repository, Session)
     */
public void init(Repository repository, Session systemSession) throws RepositoryException {
    if (initialized) {
        throw new IllegalStateException("already initialized");
    }
    if (!(repository instanceof RepositoryImpl)) {
        throw new RepositoryException("RepositoryImpl expected");
    }
    this.systemSession = systemSession;
    config = ((RepositoryImpl) repository).getConfig().getSecurityConfig();
    // read the LoginModule configuration
    LoginModuleConfig loginModConf = config.getLoginModuleConfig();
    authCtxProvider = new AuthContextProvider(config.getAppName(), loginModConf);
    if (authCtxProvider.isLocal()) {
        log.info("init: using Repository LoginModule configuration for " + config.getAppName());
    } else if (authCtxProvider.isJAAS()) {
        log.info("init: using JAAS LoginModule configuration for " + config.getAppName());
    } else {
        String msg = "No valid LoginModule configuriation for " + config.getAppName();
        log.error(msg);
        throw new RepositoryException(msg);
    }
    Properties[] moduleConfig = authCtxProvider.getModuleConfig();
    // retrieve default-ids (admin and anonymous) from login-module-configuration.
    for (Properties aModuleConfig1 : moduleConfig) {
        if (aModuleConfig1.containsKey(LoginModuleConfig.PARAM_ADMIN_ID)) {
            adminID = aModuleConfig1.getProperty(LoginModuleConfig.PARAM_ADMIN_ID);
        }
        if (aModuleConfig1.containsKey(LoginModuleConfig.PARAM_ANONYMOUS_ID)) {
            anonymID = aModuleConfig1.getProperty(LoginModuleConfig.PARAM_ANONYMOUS_ID);
        }
    }
    // fallback:
    if (adminID == null) {
        log.debug("No adminID defined in LoginModule/JAAS config -> using default.");
        adminID = SecurityConstants.ADMIN_ID;
    }
    if (anonymID == null) {
        log.debug("No anonymousID defined in LoginModule/JAAS config -> using default.");
        anonymID = SecurityConstants.ANONYMOUS_ID;
    }
    // most simple principal provider registry, that does not read anything
    // from configuration
    PrincipalProvider principalProvider = new SimplePrincipalProvider();
    // skip init of provider (nop)
    principalProviderRegistry = new ProviderRegistryImpl(principalProvider);
    // register all configured principal providers.
    for (Properties aModuleConfig : moduleConfig) {
        principalProviderRegistry.registerProvider(aModuleConfig);
    }
    SecurityManagerConfig smc = config.getSecurityManagerConfig();
    if (smc != null && smc.getWorkspaceAccessConfig() != null) {
        workspaceAccessManager = smc.getWorkspaceAccessConfig().newInstance(WorkspaceAccessManager.class);
    } else {
        // fallback -> the default simple implementation
        log.debug("No WorkspaceAccessManager configured; using default.");
        workspaceAccessManager = new SimpleWorkspaceAccessManager();
    }
    workspaceAccessManager.init(systemSession);
    initialized = true;
}

Example 2 with ProviderRegistryImpl

use of org.apache.jackrabbit.core.security.principal.ProviderRegistryImpl in project jackrabbit by apache.

the class SecurityConfigTest method testPrincipalProviderConfig.

/**
     * 
     * @throws Exception
     */
public void testPrincipalProviderConfig() throws Exception {
    PrincipalProviderRegistry ppr = new ProviderRegistryImpl(null);
    // standard config
    Element xml = parseXML(new InputSource(new StringReader(PRINCIPAL_PROVIDER_CONFIG)), true);
    LoginModuleConfig lmc = parser.parseSecurityConfig(xml).getLoginModuleConfig();
    PrincipalProvider pp = ppr.registerProvider(lmc.getParameters());
    assertEquals(pp, ppr.getProvider(pp.getClass().getName()));
    assertEquals("org.apache.jackrabbit.core.security.principal.FallbackPrincipalProvider", pp.getClass().getName());
    // config specifying an extra name
    xml = parseXML(new InputSource(new StringReader(PRINCIPAL_PROVIDER_CONFIG1)), true);
    lmc = parser.parseSecurityConfig(xml).getLoginModuleConfig();
    pp = ppr.registerProvider(lmc.getParameters());
    assertEquals(pp, ppr.getProvider("test"));
    assertEquals("org.apache.jackrabbit.core.security.principal.FallbackPrincipalProvider", pp.getClass().getName());
    // use alternative class config
    xml = parseXML(new InputSource(new StringReader(PRINCIPAL_PROVIDER_CONFIG2)), true);
    lmc = parser.parseSecurityConfig(xml).getLoginModuleConfig();
    pp = ppr.registerProvider(lmc.getParameters());
    assertEquals(pp, ppr.getProvider("test2"));
    assertEquals("org.apache.jackrabbit.core.security.principal.FallbackPrincipalProvider", pp.getClass().getName());
    // all 3 providers must be registered despite the fact the all configs
    // specify the same provider class
    assertEquals(3, ppr.getProviders().length);
}

Example 3 with ProviderRegistryImpl

use of org.apache.jackrabbit.core.security.principal.ProviderRegistryImpl in project jackrabbit by apache.

the class LoginModuleTest method testMultipleModules.

public void testMultipleModules() throws Exception {
    CallbackHandler ch = new CallbackHandlerImpl(new SimpleCredentials("user", "pass".toCharArray()), superuser, new ProviderRegistryImpl(new FallbackPrincipalProvider()), "admin", "anonymous");
    LoginContext context = new LoginContext(APP_NAME, new Subject(), ch, new TestConfiguration());
    context.login();
    assertFalse("no principal set", context.getSubject().getPrincipals().isEmpty());
}

Example 4 with ProviderRegistryImpl

use of org.apache.jackrabbit.core.security.principal.ProviderRegistryImpl in project jackrabbit by apache.

the class DefaultSecurityManager method init.

//------------------------------------------< JackrabbitSecurityManager >---
/**
     * @see JackrabbitSecurityManager#init(Repository, Session)
     */
public synchronized void init(Repository repository, Session systemSession) throws RepositoryException {
    if (initialized) {
        throw new IllegalStateException("already initialized");
    }
    if (!(repository instanceof RepositoryImpl)) {
        throw new RepositoryException("RepositoryImpl expected");
    }
    if (!(systemSession instanceof SystemSession)) {
        throw new RepositoryException("SystemSession expected");
    }
    this.systemSession = (SystemSession) systemSession;
    this.repository = (RepositoryImpl) repository;
    SecurityConfig config = this.repository.getConfig().getSecurityConfig();
    LoginModuleConfig loginModConf = config.getLoginModuleConfig();
    // build AuthContextProvider based on appName + optional LoginModuleConfig
    authContextProvider = new AuthContextProvider(config.getAppName(), loginModConf);
    if (authContextProvider.isLocal()) {
        log.info("init: use Repository Login-Configuration for " + config.getAppName());
    } else if (authContextProvider.isJAAS()) {
        log.info("init: use JAAS login-configuration for " + config.getAppName());
    } else {
        String msg = "Neither JAAS nor RepositoryConfig contained a valid configuration for " + config.getAppName();
        log.error(msg);
        throw new RepositoryException(msg);
    }
    Properties[] moduleConfig = authContextProvider.getModuleConfig();
    // retrieve default-ids (admin and anonymous) from login-module-configuration.
    for (Properties props : moduleConfig) {
        if (props.containsKey(LoginModuleConfig.PARAM_ADMIN_ID)) {
            adminId = props.getProperty(LoginModuleConfig.PARAM_ADMIN_ID);
        }
        if (props.containsKey(LoginModuleConfig.PARAM_ANONYMOUS_ID)) {
            anonymousId = props.getProperty(LoginModuleConfig.PARAM_ANONYMOUS_ID);
        }
    }
    // fallback:
    if (adminId == null) {
        log.debug("No adminID defined in LoginModule/JAAS config -> using default.");
        adminId = SecurityConstants.ADMIN_ID;
    }
    if (anonymousId == null) {
        log.debug("No anonymousID defined in LoginModule/JAAS config -> using default.");
        anonymousId = SecurityConstants.ANONYMOUS_ID;
    }
    // create the system userManager and make sure the system-users exist.
    systemUserManager = createUserManager(this.systemSession);
    createSystemUsers(systemUserManager, this.systemSession, adminId, anonymousId);
    // init default ac-provider-factory
    acProviderFactory = new AccessControlProviderFactoryImpl();
    acProviderFactory.init(this.systemSession);
    // create the workspace access manager
    SecurityManagerConfig smc = config.getSecurityManagerConfig();
    if (smc != null && smc.getWorkspaceAccessConfig() != null) {
        workspaceAccessManager = smc.getWorkspaceAccessConfig().newInstance(WorkspaceAccessManager.class);
    } else {
        // fallback -> the default implementation
        log.debug("No WorkspaceAccessManager configured; using default.");
        workspaceAccessManager = createDefaultWorkspaceAccessManager();
    }
    workspaceAccessManager.init(this.systemSession);
    // initialize principal-provider registry
    // 1) create default
    PrincipalProvider defaultPP = createDefaultPrincipalProvider(moduleConfig);
    // 2) create registry instance
    principalProviderRegistry = new ProviderRegistryImpl(defaultPP);
    // 3) register all configured principal providers.
    for (Properties props : moduleConfig) {
        principalProviderRegistry.registerProvider(props);
    }
    initialized = true;
}