You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2015/06/11 12:19:39 UTC
svn commit: r1684849 - in /jackrabbit/oak/trunk/oak-core/src:
main/java/org/apache/jackrabbit/oak/core/
main/java/org/apache/jackrabbit/oak/spi/security/authentication/
test/java/org/apache/jackrabbit/oak/spi/security/authentication/
Author: angela
Date: Thu Jun 11 10:19:38 2015
New Revision: 1684849
URL: http://svn.apache.org/r1684849
Log:
OAK-2978 : ContentSession: Populate AuthInfo from Subject
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentSessionImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AuthInfoImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/package-info.java
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/PreAuthTest.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentSessionImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentSessionImpl.java?rev=1684849&r1=1684848&r2=1684849&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentSessionImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentSessionImpl.java Thu Jun 11 10:19:38 2015
@@ -23,6 +23,7 @@ import java.util.Set;
import java.util.concurrent.atomic.AtomicLong;
import javax.annotation.Nonnull;
+import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
import org.apache.jackrabbit.oak.api.AuthInfo;
@@ -32,6 +33,7 @@ import org.apache.jackrabbit.oak.query.Q
import org.apache.jackrabbit.oak.spi.commit.CommitHook;
import org.apache.jackrabbit.oak.spi.query.QueryIndexProvider;
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
+import org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl;
import org.apache.jackrabbit.oak.spi.security.authentication.LoginContext;
import org.apache.jackrabbit.oak.spi.state.NodeStore;
import org.slf4j.Logger;
@@ -90,12 +92,7 @@ class ContentSessionImpl implements Cont
@Override
public AuthInfo getAuthInfo() {
checkLive();
- Set<AuthInfo> infoSet = loginContext.getSubject().getPublicCredentials(AuthInfo.class);
- if (infoSet.isEmpty()) {
- return AuthInfo.EMPTY;
- } else {
- return infoSet.iterator().next();
- }
+ return AuthInfoImpl.createFromSubject(loginContext.getSubject());
}
@Override
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AuthInfoImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AuthInfoImpl.java?rev=1684849&r1=1684848&r2=1684849&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AuthInfoImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AuthInfoImpl.java Thu Jun 11 10:19:38 2015
@@ -23,6 +23,8 @@ import java.util.Set;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
+import javax.jcr.SimpleCredentials;
+import javax.security.auth.Subject;
import com.google.common.base.Objects;
import org.apache.jackrabbit.oak.api.AuthInfo;
@@ -43,6 +45,17 @@ public final class AuthInfoImpl implemen
this.principals = (principals == null) ? Collections.<Principal>emptySet() : Collections.unmodifiableSet(principals);
}
+ public static AuthInfo createFromSubject(@Nonnull Subject subject) {
+ Set<AuthInfo> infoSet = subject.getPublicCredentials(AuthInfo.class);
+ if (infoSet.isEmpty()) {
+ Set<SimpleCredentials> scs = subject.getPublicCredentials(SimpleCredentials.class);
+ String userId = (scs.isEmpty()) ? null : scs.iterator().next().getUserID();
+ return new AuthInfoImpl(userId, null, subject.getPrincipals());
+ } else {
+ return infoSet.iterator().next();
+ }
+ }
+
@Override
public String toString() {
return Objects.toStringHelper(this)
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/package-info.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/package-info.java?rev=1684849&r1=1684848&r2=1684849&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/package-info.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/package-info.java Thu Jun 11 10:19:38 2015
@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-@Version("1.0")
+@Version("1.1.0")
package org.apache.jackrabbit.oak.spi.security.authentication;
import aQute.bnd.annotation.Version;
Modified: jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/PreAuthTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/PreAuthTest.java?rev=1684849&r1=1684848&r2=1684849&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/PreAuthTest.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/spi/security/authentication/PreAuthTest.java Thu Jun 11 10:19:38 2015
@@ -32,12 +32,23 @@ import org.apache.jackrabbit.oak.api.Aut
import org.apache.jackrabbit.oak.api.ContentSession;
import org.junit.Test;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotSame;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertSame;
import static org.junit.Assert.fail;
public class PreAuthTest extends AbstractSecurityTest {
+ private Set<Principal> principals;
+
+ @Override
+ public void before() throws Exception {
+ super.before();
+
+ principals = Collections.<Principal>singleton(new TestPrincipal());
+ }
+
@Override
protected Configuration getConfiguration() {
return new Configuration() {
@@ -51,7 +62,7 @@ public class PreAuthTest extends Abstrac
@Test
public void testValidSubject() throws Exception {
- final Subject subject = new Subject(true, Collections.singleton(new TestPrincipal()), Collections.<Object>emptySet(), Collections.<Object>emptySet());
+ final Subject subject = new Subject(true, principals, Collections.<Object>emptySet(), Collections.<Object>emptySet());
ContentSession cs = Subject.doAsPrivileged(subject, new PrivilegedAction<ContentSession>() {
@Override
public ContentSession run() {
@@ -64,7 +75,10 @@ public class PreAuthTest extends Abstrac
}, null);
try {
- assertSame(AuthInfo.EMPTY, cs.getAuthInfo());
+ AuthInfo authInfo = cs.getAuthInfo();
+ assertNotSame(AuthInfo.EMPTY, authInfo);
+ assertEquals(principals, authInfo.getPrincipals());
+ assertNull(authInfo.getUserID());
} finally {
if (cs != null) {
cs.close();
@@ -75,7 +89,7 @@ public class PreAuthTest extends Abstrac
@Test
public void testValidSubjectWithCredentials() throws Exception {
Set<SimpleCredentials> publicCreds = Collections.singleton(new SimpleCredentials("testUserId", new char[0]));
- final Subject subject = new Subject(false, Collections.singleton(new TestPrincipal()), publicCreds, Collections.<Object>emptySet());
+ final Subject subject = new Subject(false, principals, publicCreds, Collections.<Object>emptySet());
ContentSession cs = Subject.doAsPrivileged(subject, new PrivilegedAction<ContentSession>() {
@Override
public ContentSession run() {
@@ -88,7 +102,10 @@ public class PreAuthTest extends Abstrac
}, null);
try {
- assertSame(AuthInfo.EMPTY, cs.getAuthInfo());
+ AuthInfo authInfo = cs.getAuthInfo();
+ assertNotSame(AuthInfo.EMPTY, authInfo);
+ assertEquals(principals, authInfo.getPrincipals());
+ assertEquals("testUserId", authInfo.getUserID());
} finally {
if (cs != null) {
cs.close();
@@ -99,7 +116,7 @@ public class PreAuthTest extends Abstrac
@Test
public void testValidReadSubjectWithCredentials() throws Exception {
Set<SimpleCredentials> publicCreds = Collections.singleton(new SimpleCredentials("testUserId", new char[0]));
- final Subject subject = new Subject(true, Collections.singleton(new TestPrincipal()), publicCreds, Collections.<Object>emptySet());
+ final Subject subject = new Subject(true, principals, publicCreds, Collections.<Object>emptySet());
ContentSession cs = Subject.doAsPrivileged(subject, new PrivilegedAction<ContentSession>() {
@Override
public ContentSession run() {
@@ -112,7 +129,10 @@ public class PreAuthTest extends Abstrac
}, null);
try {
- assertSame(AuthInfo.EMPTY, cs.getAuthInfo());
+ AuthInfo authInfo = cs.getAuthInfo();
+ assertNotSame(AuthInfo.EMPTY, authInfo);
+ assertEquals(principals, authInfo.getPrincipals());
+ assertEquals("testUserId", authInfo.getUserID());
} finally {
if (cs != null) {
cs.close();
@@ -147,7 +167,7 @@ public class PreAuthTest extends Abstrac
@Test
public void testSubjectAndCredentials() throws Exception {
- final Subject subject = new Subject(true, Collections.singleton(new TestPrincipal()), Collections.<Object>emptySet(), Collections.<Object>emptySet());
+ final Subject subject = new Subject(true, principals, Collections.<Object>emptySet(), Collections.<Object>emptySet());
ContentSession cs = Subject.doAsPrivileged(subject, new PrivilegedAction<ContentSession>() {
@Override
public ContentSession run() {