You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2018/04/09 12:05:57 UTC
svn commit: r1828706 - in
/jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/exercise/security/authorization:
IntroductionTest.java advanced/L2_SetupAggregationTest.java
Author: angela
Date: Mon Apr 9 12:05:57 2018
New Revision: 1828706
URL: http://svn.apache.org/viewvc?rev=1828706&view=rev
Log:
OAK-5122 : Exercise for Custom Authorization Models (wip)
Modified:
jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/exercise/security/authorization/IntroductionTest.java
jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/exercise/security/authorization/advanced/L2_SetupAggregationTest.java
Modified: jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/exercise/security/authorization/IntroductionTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/exercise/security/authorization/IntroductionTest.java?rev=1828706&r1=1828705&r2=1828706&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/exercise/security/authorization/IntroductionTest.java (original)
+++ jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/exercise/security/authorization/IntroductionTest.java Mon Apr 9 12:05:57 2018
@@ -32,7 +32,7 @@ import org.apache.jackrabbit.oak.spi.sec
*
* Goal:
* Get a basic understanding how authorization is organized in Oak and become
- * familiar with distiction between access control management and permission
+ * familiar with distinction between access control management and permission
* evaluation.
*
* Exercises:
Modified: jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/exercise/security/authorization/advanced/L2_SetupAggregationTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/exercise/security/authorization/advanced/L2_SetupAggregationTest.java?rev=1828706&r1=1828705&r2=1828706&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/exercise/security/authorization/advanced/L2_SetupAggregationTest.java (original)
+++ jackrabbit/oak/trunk/oak-exercise/src/test/java/org/apache/jackrabbit/oak/exercise/security/authorization/advanced/L2_SetupAggregationTest.java Mon Apr 9 12:05:57 2018
@@ -31,7 +31,44 @@ package org.apache.jackrabbit.oak.exerci
* Note, that this section only focuses on OSGi-based Oak setup scenarios.
*
* Exercises:
- * TODO
+ *
+ * - Deploy Bundle
+ * Take a bundle that provides you with another implementation of AuthorizationConfiguration
+ * and deploy it with your OSGi based Oak setup.
+ *
+ * Hint: Oak comes with 2 additional authorization models, which you can use
+ * > Closed User Groups in oak-authorization-cug (see also http://jackrabbit.apache.org/oak/docs/security/authorization/cug.html)
+ * > Read Only in oak-exercise
+ *
+ * Questions:
+ * > Can you identify the OSGi components that come with the model?
+ * > Does your model require any mandatory configuration in order to be functional?
+ *
+ * - Adjust Configuration of 'Apache Jackrabbit Oak SecurityProvider'
+ * In a second step you should adjust the configuration of the SecurityProvider
+ * in order to make sure the additional AuthorizationConfiguration is properly
+ * wired with the security setup.
+ *
+ * > Add the addition configuration to the list of required service IDs (see also http://jackrabbit.apache.org/oak/docs/security/introduction.html)
+ * > Check the value of 'Authorization Composition Type'.
+ * > Observe the log INFOs to verify the SecurityProvider is properly registered
+ * > Inspect the references to 'authorizationConfiguration' in org.apache.jackrabbit.oak.security.internal.SecurityProviderRegistration
+ * and verify that the extra module shows up there.
+ *
+ * - Verify Access Control Management and Permission Evaluation
+ * Before moving on think about your expectations wrt result of the aggregation
+ * both in terms of access control management and permission evaluation.
+ *
+ *
+ * Advanced Exercises:
+ * -----------------------------------------------------------------------------
+ *
+ * - Play with the configuration option 'Authorization Composition Type'.
+ *
+ * Questions:
+ * > Would it be an option to use "OR" as the composition type with the setup you chose?
+ * > What would be the result if this was a valid option?
+ * > If it wasn't an option, explain why. Think about a scenario where it was valid.
*
* </pre>
*/