You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2012/10/30 14:43:59 UTC
svn commit: r1403695 - in
/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak:
core/ security/ security/authentication/ spi/security/
spi/security/authentication/callback/
Author: angela
Date: Tue Oct 30 13:43:58 2012
New Revision: 1403695
URL: http://svn.apache.org/viewvc?rev=1403695&view=rev
Log:
OAK-91 : Implement Authentication Support (work in progress)
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/CallbackHandlerImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/LoginContextProviderImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityProvider.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/RepositoryCallback.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java?rev=1403695&r1=1403694&r2=1403695&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java Tue Oct 30 13:43:58 2012
@@ -84,7 +84,7 @@ public class ContentRepositoryImpl imple
throw new NoSuchWorkspaceException(workspaceName);
}
- LoginContextProvider lcProvider = securityProvider.getLoginContextProvider(nodeStore);
+ LoginContextProvider lcProvider = securityProvider.getLoginContextProvider(nodeStore, indexProvider);
LoginContext loginContext = lcProvider.getLoginContext(credentials, workspaceName);
loginContext.login();
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java?rev=1403695&r1=1403694&r2=1403695&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java Tue Oct 30 13:43:58 2012
@@ -130,9 +130,9 @@ public class RootImpl implements Root {
refresh();
}
+ // TODO: review if this constructor really makes sense and cannot be replaced.
public RootImpl(NodeStore store) {
this.store = checkNotNull(store);
- // TODO review again (see also comment in RepositoryCallback)
this.subject = new Subject(true, Collections.singleton(SystemPrincipal.INSTANCE), Collections.<Object>emptySet(), Collections.<Object>emptySet());
this.accProvider = new OpenAccessControlProvider();
this.indexProvider = new CompositeQueryIndexProvider();
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java?rev=1403695&r1=1403694&r2=1403695&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/SecurityProviderImpl.java Tue Oct 30 13:43:58 2012
@@ -30,6 +30,7 @@ import org.apache.jackrabbit.oak.securit
import org.apache.jackrabbit.oak.security.principal.PrincipalProviderImpl;
import org.apache.jackrabbit.oak.security.privilege.PrivilegeConfigurationImpl;
import org.apache.jackrabbit.oak.security.user.UserConfigurationImpl;
+import org.apache.jackrabbit.oak.spi.query.QueryIndexProvider;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import org.apache.jackrabbit.oak.spi.security.authentication.LoginContextProvider;
@@ -65,7 +66,7 @@ public class SecurityProviderImpl implem
@Nonnull
@Override
- public LoginContextProvider getLoginContextProvider(NodeStore nodeStore) {
+ public LoginContextProvider getLoginContextProvider(NodeStore nodeStore, QueryIndexProvider indexProvider) {
String appName = configuration.getConfigValue(PARAM_APP_NAME, DEFAULT_APP_NAME);
Configuration loginConfig;
try {
@@ -75,7 +76,7 @@ public class SecurityProviderImpl implem
loginConfig = new OakConfiguration(configuration); // TODO: define configuration structure
Configuration.setConfiguration(loginConfig);
}
- return new LoginContextProviderImpl(appName, loginConfig, nodeStore, this);
+ return new LoginContextProviderImpl(appName, loginConfig, nodeStore, indexProvider, this);
}
@Nonnull
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/CallbackHandlerImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/CallbackHandlerImpl.java?rev=1403695&r1=1403694&r2=1403695&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/CallbackHandlerImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/CallbackHandlerImpl.java Tue Oct 30 13:43:58 2012
@@ -25,6 +25,7 @@ import javax.security.auth.callback.Name
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
+import org.apache.jackrabbit.oak.spi.query.QueryIndexProvider;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import org.apache.jackrabbit.oak.spi.security.authentication.callback.CredentialsCallback;
import org.apache.jackrabbit.oak.spi.security.authentication.callback.RepositoryCallback;
@@ -48,13 +49,16 @@ public class CallbackHandlerImpl impleme
private final Credentials credentials;
private final String workspaceName;
private final NodeStore nodeStore;
+ private final QueryIndexProvider indexProvider;
private final SecurityProvider securityProvider;
public CallbackHandlerImpl(Credentials credentials, String workspaceName,
- NodeStore nodeStore, SecurityProvider securityProvider) {
+ NodeStore nodeStore, QueryIndexProvider indexProvider,
+ SecurityProvider securityProvider) {
this.credentials = credentials;
this.workspaceName = workspaceName;
this.nodeStore = nodeStore;
+ this.indexProvider = indexProvider;
this.securityProvider = securityProvider;
}
@@ -73,6 +77,7 @@ public class CallbackHandlerImpl impleme
} else if (callback instanceof RepositoryCallback) {
RepositoryCallback repositoryCallback = (RepositoryCallback) callback;
repositoryCallback.setNodeStore(nodeStore);
+ repositoryCallback.setIndexProvider(indexProvider);
repositoryCallback.setWorkspaceName(workspaceName);
} else {
throw new UnsupportedCallbackException(callback);
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/LoginContextProviderImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/LoginContextProviderImpl.java?rev=1403695&r1=1403694&r2=1403695&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/LoginContextProviderImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/LoginContextProviderImpl.java Tue Oct 30 13:43:58 2012
@@ -24,6 +24,7 @@ import javax.security.auth.callback.Call
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginException;
+import org.apache.jackrabbit.oak.spi.query.QueryIndexProvider;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import org.apache.jackrabbit.oak.spi.security.authentication.JaasLoginContext;
import org.apache.jackrabbit.oak.spi.security.authentication.LoginContext;
@@ -42,14 +43,16 @@ public class LoginContextProviderImpl im
private final String appName;
private final Configuration configuration;
private final NodeStore nodeStore;
+ private final QueryIndexProvider indexProvider;
private final SecurityProvider securityProvider;
public LoginContextProviderImpl(String appName, Configuration configuration,
- NodeStore nodeStore,
+ NodeStore nodeStore, QueryIndexProvider indexProvider,
SecurityProvider securityProvider) {
this.appName = appName;
this.configuration = configuration;
this.nodeStore = nodeStore;
+ this.indexProvider = indexProvider;
this.securityProvider = securityProvider;
}
@@ -78,6 +81,6 @@ public class LoginContextProviderImpl im
}
private CallbackHandler getCallbackHandler(Credentials credentials, String workspaceName) {
- return new CallbackHandlerImpl(credentials, workspaceName, nodeStore, securityProvider);
+ return new CallbackHandlerImpl(credentials, workspaceName, nodeStore, indexProvider, securityProvider);
}
}
\ No newline at end of file
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java?rev=1403695&r1=1403694&r2=1403695&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java Tue Oct 30 13:43:58 2012
@@ -19,6 +19,7 @@ package org.apache.jackrabbit.oak.spi.se
import javax.annotation.Nonnull;
import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.spi.query.QueryIndexProvider;
import org.apache.jackrabbit.oak.spi.security.authentication.LoginContextProvider;
import org.apache.jackrabbit.oak.spi.security.authentication.OpenLoginContextProvider;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
@@ -36,7 +37,7 @@ public class OpenSecurityProvider implem
@Nonnull
@Override
- public LoginContextProvider getLoginContextProvider(NodeStore nodeStore) {
+ public LoginContextProvider getLoginContextProvider(NodeStore nodeStore, QueryIndexProvider indexProvider) {
return new OpenLoginContextProvider();
}
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityProvider.java?rev=1403695&r1=1403694&r2=1403695&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityProvider.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityProvider.java Tue Oct 30 13:43:58 2012
@@ -19,6 +19,7 @@ package org.apache.jackrabbit.oak.spi.se
import javax.annotation.Nonnull;
import org.apache.jackrabbit.oak.api.Root;
+import org.apache.jackrabbit.oak.spi.query.QueryIndexProvider;
import org.apache.jackrabbit.oak.spi.security.authentication.LoginContextProvider;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
import org.apache.jackrabbit.oak.spi.security.authorization.AccessControlProvider;
@@ -32,8 +33,9 @@ import org.apache.jackrabbit.oak.spi.sta
*/
public interface SecurityProvider {
+ // TODO review again
@Nonnull
- LoginContextProvider getLoginContextProvider(NodeStore nodeStore);
+ LoginContextProvider getLoginContextProvider(NodeStore nodeStore, QueryIndexProvider indexProvider);
@Nonnull
TokenProvider getTokenProvider(Root root);
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/RepositoryCallback.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/RepositoryCallback.java?rev=1403695&r1=1403694&r2=1403695&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/RepositoryCallback.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/RepositoryCallback.java Tue Oct 30 13:43:58 2012
@@ -16,11 +16,17 @@
*/
package org.apache.jackrabbit.oak.spi.security.authentication.callback;
+import java.util.Collections;
import javax.annotation.CheckForNull;
+import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.core.RootImpl;
+import org.apache.jackrabbit.oak.spi.query.QueryIndexProvider;
+import org.apache.jackrabbit.oak.spi.security.authorization.AccessControlProvider;
+import org.apache.jackrabbit.oak.spi.security.authorization.OpenAccessControlProvider;
+import org.apache.jackrabbit.oak.spi.security.principal.SystemPrincipal;
import org.apache.jackrabbit.oak.spi.state.NodeStore;
/**
@@ -31,11 +37,8 @@ import org.apache.jackrabbit.oak.spi.sta
*/
public class RepositoryCallback implements Callback {
- // TODO: base on a system-ContentSession that was passed to this
- // TODO: callback handler in order have the appropriate set of indexes,
- // TODO: valiators, commit-hooks etc...
-
private NodeStore nodeStore;
+ private QueryIndexProvider indexProvider;
private String workspaceName;
public String getWorkspaceName() {
@@ -45,7 +48,9 @@ public class RepositoryCallback implemen
@CheckForNull
public Root getRoot() {
if (nodeStore != null) {
- return new RootImpl(nodeStore);
+ Subject subject = new Subject(true, Collections.singleton(SystemPrincipal.INSTANCE), Collections.<Object>emptySet(), Collections.<Object>emptySet());
+ AccessControlProvider acProvider = new OpenAccessControlProvider();
+ return new RootImpl(nodeStore, workspaceName, subject, acProvider, indexProvider);
}
return null;
}
@@ -54,6 +59,10 @@ public class RepositoryCallback implemen
this.nodeStore = nodeStore;
}
+ public void setIndexProvider(QueryIndexProvider indexProvider) {
+ this.indexProvider = indexProvider;
+ }
+
public void setWorkspaceName(String workspaceName) {
this.workspaceName = workspaceName;
}