Search in sources :

Example 11 with ConfigurationParameters

use of org.apache.jackrabbit.oak.spi.security.ConfigurationParameters in project jackrabbit-oak by apache.

the class CugConfigurationTest method testExcludedPrincipals.

@Test
public void testExcludedPrincipals() {
    ConfigurationParameters params = ConfigurationParameters.of(CugConstants.PARAM_CUG_ENABLED, true, CugConstants.PARAM_CUG_SUPPORTED_PATHS, "/content");
    CugConfiguration cc = createConfiguration(params);
    List<Principal> excluded = ImmutableList.of(SystemPrincipal.INSTANCE, new AdminPrincipal() {

        @Override
        public String getName() {
            return "admin";
        }
    }, new SystemUserPrincipal() {

        @Override
        public String getName() {
            return "systemUser";
        }
    });
    for (Principal p : excluded) {
        Set<Principal> principals = ImmutableSet.of(p, EveryonePrincipal.getInstance());
        PermissionProvider pp = cc.getPermissionProvider(root, "default", principals);
        assertSame(EmptyPermissionProvider.getInstance(), pp);
    }
}
Also used : AdminPrincipal(org.apache.jackrabbit.oak.spi.security.principal.AdminPrincipal) SystemUserPrincipal(org.apache.jackrabbit.oak.spi.security.principal.SystemUserPrincipal) EmptyPermissionProvider(org.apache.jackrabbit.oak.spi.security.authorization.permission.EmptyPermissionProvider) PermissionProvider(org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider) ConfigurationParameters(org.apache.jackrabbit.oak.spi.security.ConfigurationParameters) AdminPrincipal(org.apache.jackrabbit.oak.spi.security.principal.AdminPrincipal) EveryonePrincipal(org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal) SystemPrincipal(org.apache.jackrabbit.oak.spi.security.principal.SystemPrincipal) SystemUserPrincipal(org.apache.jackrabbit.oak.spi.security.principal.SystemUserPrincipal) Principal(java.security.Principal) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 12 with ConfigurationParameters

use of org.apache.jackrabbit.oak.spi.security.ConfigurationParameters in project jackrabbit-oak by apache.

the class CugConfigurationWithMountsTest method createConfiguration.

private static CugConfiguration createConfiguration(MountInfoProvider mip) {
    ConfigurationParameters params = ConfigurationParameters.of(AbstractCugTest.CUG_CONFIG, ConfigurationParameters.of(CugConstants.PARAM_MOUNT_PROVIDER, mip));
    SecurityProvider sp = new CugSecurityProvider(ConfigurationParameters.of(ImmutableMap.of(AuthorizationConfiguration.NAME, params)));
    return new CugConfiguration(sp);
}
Also used : SecurityProvider(org.apache.jackrabbit.oak.spi.security.SecurityProvider) ConfigurationParameters(org.apache.jackrabbit.oak.spi.security.ConfigurationParameters)

Example 13 with ConfigurationParameters

use of org.apache.jackrabbit.oak.spi.security.ConfigurationParameters in project jackrabbit-oak by apache.

the class CugAccessControlManagerTest method testGetEffectivePoliciesNotEnabled.

@Test
public void testGetEffectivePoliciesNotEnabled() throws Exception {
    cugAccessControlManager.setPolicy(SUPPORTED_PATH, createCug(SUPPORTED_PATH));
    root.commit();
    ConfigurationParameters config = ConfigurationParameters.of(AuthorizationConfiguration.NAME, ConfigurationParameters.of(CugConstants.PARAM_CUG_SUPPORTED_PATHS, SUPPORTED_PATHS, CugConstants.PARAM_CUG_ENABLED, false));
    CugAccessControlManager acMgr = new CugAccessControlManager(root, NamePathMapper.DEFAULT, new CugSecurityProvider(config), ImmutableSet.copyOf(SUPPORTED_PATHS));
    AccessControlPolicy[] policies = acMgr.getEffectivePolicies(SUPPORTED_PATH);
    assertEquals(0, policies.length);
    AccessControlPolicy[] effectiveOnChild = acMgr.getEffectivePolicies(SUPPORTED_PATH + "/subtree");
    assertEquals(0, policies.length);
    assertEquals(policies.length, effectiveOnChild.length);
}
Also used : JackrabbitAccessControlPolicy(org.apache.jackrabbit.api.security.JackrabbitAccessControlPolicy) NamedAccessControlPolicy(javax.jcr.security.NamedAccessControlPolicy) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) ConfigurationParameters(org.apache.jackrabbit.oak.spi.security.ConfigurationParameters) Test(org.junit.Test)

Example 14 with ConfigurationParameters

use of org.apache.jackrabbit.oak.spi.security.ConfigurationParameters in project jackrabbit-oak by apache.

the class CugConfigurationTest method testGetPermissionProviderDisabled2.

@Test
public void testGetPermissionProviderDisabled2() {
    ConfigurationParameters params = ConfigurationParameters.of(CugConstants.PARAM_CUG_ENABLED, false, CugConstants.PARAM_CUG_SUPPORTED_PATHS, "/content");
    CugConfiguration cc = createConfiguration(params);
    PermissionProvider pp = cc.getPermissionProvider(root, "default", ImmutableSet.<Principal>of(EveryonePrincipal.getInstance()));
    assertSame(EmptyPermissionProvider.getInstance(), pp);
}
Also used : EmptyPermissionProvider(org.apache.jackrabbit.oak.spi.security.authorization.permission.EmptyPermissionProvider) PermissionProvider(org.apache.jackrabbit.oak.spi.security.authorization.permission.PermissionProvider) ConfigurationParameters(org.apache.jackrabbit.oak.spi.security.ConfigurationParameters) AbstractSecurityTest(org.apache.jackrabbit.oak.AbstractSecurityTest) Test(org.junit.Test)

Example 15 with ConfigurationParameters

use of org.apache.jackrabbit.oak.spi.security.ConfigurationParameters in project jackrabbit-oak by apache.

the class RepositoryUpgrade method mapSecurityConfig.

protected ConfigurationParameters mapSecurityConfig(SecurityConfig config) {
    ConfigurationParameters loginConfig = mapConfigurationParameters(config.getLoginModuleConfig(), LoginModuleConfig.PARAM_ADMIN_ID, UserConstants.PARAM_ADMIN_ID, LoginModuleConfig.PARAM_ANONYMOUS_ID, UserConstants.PARAM_ANONYMOUS_ID);
    ConfigurationParameters userConfig;
    if (config.getSecurityManagerConfig() == null) {
        userConfig = ConfigurationParameters.EMPTY;
    } else {
        userConfig = mapConfigurationParameters(config.getSecurityManagerConfig().getUserManagerConfig(), UserManagerImpl.PARAM_USERS_PATH, UserConstants.PARAM_USER_PATH, UserManagerImpl.PARAM_GROUPS_PATH, UserConstants.PARAM_GROUP_PATH, UserManagerImpl.PARAM_DEFAULT_DEPTH, UserConstants.PARAM_DEFAULT_DEPTH, UserManagerImpl.PARAM_PASSWORD_HASH_ALGORITHM, UserConstants.PARAM_PASSWORD_HASH_ALGORITHM, UserManagerImpl.PARAM_PASSWORD_HASH_ITERATIONS, UserConstants.PARAM_PASSWORD_HASH_ITERATIONS);
    }
    return ConfigurationParameters.of(ImmutableMap.of(UserConfiguration.NAME, ConfigurationParameters.of(loginConfig, userConfig)));
}
Also used : ConfigurationParameters(org.apache.jackrabbit.oak.spi.security.ConfigurationParameters)

Aggregations

ConfigurationParameters (org.apache.jackrabbit.oak.spi.security.ConfigurationParameters)44 Test (org.junit.Test)24 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)11 SimpleCredentials (javax.jcr.SimpleCredentials)6 SecurityProvider (org.apache.jackrabbit.oak.spi.security.SecurityProvider)6 Activate (org.apache.felix.scr.annotations.Activate)4 Tree (org.apache.jackrabbit.oak.api.Tree)4 SecurityProviderImpl (org.apache.jackrabbit.oak.security.SecurityProviderImpl)4 AuthorizableType (org.apache.jackrabbit.oak.spi.security.user.AuthorizableType)4 UserConfiguration (org.apache.jackrabbit.oak.spi.security.user.UserConfiguration)4 Before (org.junit.Before)4 HashMap (java.util.HashMap)3 Nonnull (javax.annotation.Nonnull)3 LoginException (javax.security.auth.login.LoginException)3 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)3 UserManager (org.apache.jackrabbit.api.security.user.UserManager)3 ContentSession (org.apache.jackrabbit.oak.api.ContentSession)3 Root (org.apache.jackrabbit.oak.api.Root)3 Jcr (org.apache.jackrabbit.oak.jcr.Jcr)3 PropertyIndexProvider (org.apache.jackrabbit.oak.plugins.index.property.PropertyIndexProvider)3