use of org.apache.jackrabbit.oak.spi.security.principal.AdminPrincipal in project jackrabbit-oak by apache.
the class IndexInitializer method createAdministrativeSession.
private Session createAdministrativeSession() throws RepositoryException {
//Admin ID here can be any string and need not match the actual admin userId
final String adminId = "admin";
Principal admin = new AdminPrincipal() {
@Override
public String getName() {
return adminId;
}
};
AuthInfo authInfo = new AuthInfoImpl(adminId, null, singleton(admin));
Subject subject = new Subject(true, singleton(admin), singleton(authInfo), Collections.emptySet());
Session adminSession;
try {
adminSession = Subject.doAsPrivileged(subject, new PrivilegedExceptionAction<Session>() {
@Override
public Session run() throws Exception {
return repository.login();
}
}, null);
} catch (PrivilegedActionException e) {
throw new RepositoryException("failed to retrieve admin session.", e);
}
return adminSession;
}
use of org.apache.jackrabbit.oak.spi.security.principal.AdminPrincipal in project jackrabbit-oak by apache.
the class ImpersonationTest method testAdminPrincipalAsImpersonator.
public void testAdminPrincipalAsImpersonator() throws RepositoryException, NotExecutableException {
Principal adminPrincipal = new AdminPrincipal() {
@Override
public String getName() {
return "some-admin-name";
}
};
// admin cannot be add/remove to set of impersonators of 'u' but is
// always allowed to impersonate that user.
Impersonation impersonation = user.getImpersonation();
assertFalse(impersonation.grantImpersonation(adminPrincipal));
assertFalse(impersonation.revokeImpersonation(adminPrincipal));
assertTrue(impersonation.allows(buildSubject(adminPrincipal)));
}
Aggregations