You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jackrabbit.apache.org by an...@apache.org on 2011/02/15 11:41:15 UTC
svn commit: r1070831 - in /jackrabbit/trunk/jackrabbit-core/src: main/java/org/apache/jackrabbit/core/RepositoryImpl.java test/java/org/apache/jackrabbit/core/security/authentication/token/TokenBasedLoginTest.java

Author: angela
Date: Tue Feb 15 10:41:14 2011
New Revision: 1070831

URL: http://svn.apache.org/viewvc?rev=1070831&view=rev
Log:
JCR-2851 - Authentication Mechanism Based on Login Token

Modified:
    jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/RepositoryImpl.java
    jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TokenBasedLoginTest.java

Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/RepositoryImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/RepositoryImpl.java?rev=1070831&r1=1070830&r2=1070831&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/RepositoryImpl.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/RepositoryImpl.java Tue Feb 15 10:41:14 2011
@@ -96,6 +96,7 @@ import org.apache.jackrabbit.core.retent
 import org.apache.jackrabbit.core.retention.RetentionRegistryImpl;
 import org.apache.jackrabbit.core.security.JackrabbitSecurityManager;
 import org.apache.jackrabbit.core.security.authentication.AuthContext;
+import org.apache.jackrabbit.core.security.authentication.token.TokenBasedAuthentication;
 import org.apache.jackrabbit.core.security.simple.SimpleSecurityManager;
 import org.apache.jackrabbit.core.cache.CacheManager;
 import org.apache.jackrabbit.core.state.ChangeLog;
@@ -1496,8 +1497,11 @@ public class RepositoryImpl extends Abst
                 for (String name : sc.getAttributeNames()) {
                     session.setAttribute(name, sc.getAttribute(name));
                 }
-            } else if (credentials instanceof TokenCredentials) {
-                TokenCredentials tc = (TokenCredentials) credentials;
+            }
+            Set<TokenCredentials> tokenCreds = session.getSubject().getPublicCredentials(TokenCredentials.class);
+            if (!tokenCreds.isEmpty()) {
+                TokenCredentials tc = tokenCreds.iterator().next();
+                session.setAttribute(TokenBasedAuthentication.TOKEN_ATTRIBUTE, tc.getToken());
                 for (String name : tc.getAttributeNames()) {
                     session.setAttribute(name, tc.getAttribute(name));
                 }

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TokenBasedLoginTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TokenBasedLoginTest.java?rev=1070831&r1=1070830&r2=1070831&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TokenBasedLoginTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/token/TokenBasedLoginTest.java Tue Feb 15 10:41:14 2011
@@ -21,6 +21,7 @@ import org.apache.jackrabbit.api.securit
 import org.apache.jackrabbit.api.security.principal.ItemBasedPrincipal;
 import org.apache.jackrabbit.api.security.user.User;
 import org.apache.jackrabbit.api.security.user.UserManager;
+import org.apache.jackrabbit.core.SessionImpl;
 import org.apache.jackrabbit.test.AbstractJCRTest;
 import org.apache.jackrabbit.test.NotExecutableException;
 
@@ -35,6 +36,7 @@ import java.security.Principal;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
+import java.util.Set;
 
 /**
  * <code>TokenBasedLoginTest</code>...
@@ -42,7 +44,7 @@ import java.util.List;
 public class TokenBasedLoginTest extends AbstractJCRTest {
 
     private static final String TOKENS_NAME = ".tokens";
-    private static final String TOKEN_ATTRIBUTE = ".token";
+    private static final String TOKEN_ATTRIBUTE = TokenBasedAuthentication.TOKEN_ATTRIBUTE;
 
     private User testuser;
     private String testuserPath;
@@ -112,6 +114,16 @@ public class TokenBasedLoginTest extends
 
         s = repo.login(creds);
         try {
+            Set<TokenCredentials> tokenCreds = ((SessionImpl) s).getSubject().getPublicCredentials(TokenCredentials.class);
+            assertFalse(tokenCreds.isEmpty());
+            assertEquals(1, tokenCreds.size());
+            TokenCredentials tc = tokenCreds.iterator().next();
+            assertEquals(tc.getToken(), s.getAttribute(TOKEN_ATTRIBUTE));
+            for (String attrName : tc.getAttributeNames()) {
+                assertEquals(tc.getAttribute(attrName), s.getAttribute(attrName));
+            }
+            assertEquals(tc.getToken(), s.getAttribute(TOKEN_ATTRIBUTE));
+
             Node userNode = superuser.getNode(testuserPath);
 
             assertTrue(userNode.hasNode(TOKENS_NAME));
@@ -127,6 +139,7 @@ public class TokenBasedLoginTest extends
             assertEquals("any", ttNode.getProperty(TOKEN_ATTRIBUTE + ".any").getString());
 
             token = ttNode.getIdentifier();
+            assertEquals(token, tc.getToken());
 
         } finally {
             s.logout();