You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by fm...@apache.org on 2009/02/08 21:07:36 UTC
svn commit: r742152 - in /incubator/sling/trunk/jcr/jackrabbit-server: ./
src/main/java/org/apache/sling/jcr/jackrabbit/server/
src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/
src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/securit...
Author: fmeschbe
Date: Sun Feb 8 20:07:35 2009
New Revision: 742152
URL: http://svn.apache.org/viewvc?rev=742152&view=rev
Log:
SLING-852 Apply slightly modified patch by Rory Douglas (Thanks)
Changes to the original patch:
- The LoginModulePlugin tracker is maintained in the Activator
for it to be closed when the bundle is stopped
- I moved the classes from o.a.s.jcr.jackrabbit.server to
o.a.s.jcr.jackrabbit.server.impl (to mark them as implementation
as opposed to the new security API)
- Applied a small fix to the DOCTYPE of the repository.xml (this
error was pre-existing and is unrelated to this patch)
Added:
incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/
incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/AbstractRegistrationSupport.java (contents, props changed)
- copied, changed from r734719, incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/AbstractRegistrationSupport.java
incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/Activator.java (contents, props changed)
- copied, changed from r734719, incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/Activator.java
incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/JndiRegistrationSupport.java (contents, props changed)
- copied, changed from r734719, incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/JndiRegistrationSupport.java
incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/RmiRegistrationSupport.java (contents, props changed)
- copied, changed from r734719, incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/RmiRegistrationSupport.java
incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/SlingServerRepository.java (contents, props changed)
- copied, changed from r734719, incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/SlingServerRepository.java
incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/security/
incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/security/AuthenticationPluginWrapper.java (with props)
incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/security/PluggableDefaultLoginModule.java (with props)
incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/security/
incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/security/AuthenticationPlugin.java (with props)
incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/security/LoginModulePlugin.java (with props)
Removed:
incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/AbstractRegistrationSupport.java
incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/Activator.java
incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/JndiRegistrationSupport.java
incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/RmiRegistrationSupport.java
incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/SlingServerRepository.java
Modified:
incubator/sling/trunk/jcr/jackrabbit-server/pom.xml
incubator/sling/trunk/jcr/jackrabbit-server/src/main/resources/META-INF/MANIFEST.MF
incubator/sling/trunk/jcr/jackrabbit-server/src/main/resources/repository.xml
Modified: incubator/sling/trunk/jcr/jackrabbit-server/pom.xml
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/jcr/jackrabbit-server/pom.xml?rev=742152&r1=742151&r2=742152&view=diff
==============================================================================
--- incubator/sling/trunk/jcr/jackrabbit-server/pom.xml (original)
+++ incubator/sling/trunk/jcr/jackrabbit-server/pom.xml Sun Feb 8 20:07:35 2009
@@ -166,8 +166,11 @@
<Bundle-Activator>
org.apache.sling.jcr.jackrabbit.server.Activator
</Bundle-Activator>
+ <Export-Package>
+ org.apache.sling.jcr.jackrabbit.server.security
+ </Export-Package>
<Private-Package>
- org.apache.sling.jcr.jackrabbit.server
+ org.apache.sling.jcr.jackrabbit.server.impl.*
</Private-Package>
<Import-Package>
org.apache.sling.*, javax.jcr.*,
Copied: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/AbstractRegistrationSupport.java (from r734719, incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/AbstractRegistrationSupport.java)
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/AbstractRegistrationSupport.java?p2=incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/AbstractRegistrationSupport.java&p1=incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/AbstractRegistrationSupport.java&r1=734719&r2=742152&rev=742152&view=diff
==============================================================================
--- incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/AbstractRegistrationSupport.java (original)
+++ incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/AbstractRegistrationSupport.java Sun Feb 8 20:07:35 2009
@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.apache.sling.jcr.jackrabbit.server;
+package org.apache.sling.jcr.jackrabbit.server.impl;
import java.util.HashMap;
import java.util.Iterator;
Propchange: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/AbstractRegistrationSupport.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/AbstractRegistrationSupport.java
------------------------------------------------------------------------------
svn:mergeinfo =
Copied: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/Activator.java (from r734719, incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/Activator.java)
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/Activator.java?p2=incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/Activator.java&p1=incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/Activator.java&r1=734719&r2=742152&rev=742152&view=diff
==============================================================================
--- incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/Activator.java (original)
+++ incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/Activator.java Sun Feb 8 20:07:35 2009
@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.apache.sling.jcr.jackrabbit.server;
+package org.apache.sling.jcr.jackrabbit.server.impl;
import java.io.File;
import java.io.IOException;
@@ -23,7 +23,9 @@
import java.sql.DriverManager;
import java.util.Hashtable;
+import org.apache.commons.io.comparator.LastModifiedFileComparator;
import org.apache.sling.jcr.base.util.RepositoryAccessor;
+import org.apache.sling.jcr.jackrabbit.server.security.LoginModulePlugin;
import org.osgi.framework.BundleActivator;
import org.osgi.framework.BundleContext;
import org.osgi.framework.Constants;
@@ -33,6 +35,7 @@
import org.osgi.framework.ServiceReference;
import org.osgi.service.cm.Configuration;
import org.osgi.service.cm.ConfigurationAdmin;
+import org.osgi.util.tracker.ServiceTracker;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -44,7 +47,7 @@
/** default log */
private static final Logger log = LoggerFactory.getLogger(Activator.class);
- public static final String SERVER_REPOSITORY_FACTORY_PID = SlingServerRepository.class.getName();
+ public static final String SERVER_REPOSITORY_FACTORY_PID = "org.apache.sling.jcr.jackrabbit.server.SlingServerRepository";
/**
* The name of the configuration property naming the Sling Context for which
@@ -62,7 +65,20 @@
private static final String CONFIG_ADMIN_NAME = ConfigurationAdmin.class.getName();
// this bundle's context, used by verifyConfiguration
- private BundleContext bundleContext;
+ private static BundleContext bundleContext;
+
+ // the service tracker used by the PluggableDefaultLoginModule
+ // this field is only set on the first call to getLoginModules()
+ private static ServiceTracker loginModuleTracker;
+
+ // the tracking count when the moduleCache has been filled
+ private static int lastTrackingCount = -1;
+
+ // the cache of login module services
+ private static LoginModulePlugin[] moduleCache;
+
+ // empty list of login modules if there are none registered
+ private static LoginModulePlugin[] EMPTY = new LoginModulePlugin[0];
// the name of the default sling context
private String slingContext;
@@ -122,6 +138,15 @@
} catch (Throwable t) {
// exception is always thrown
}
+
+ // close the loginModuleTracker
+ if (loginModuleTracker != null) {
+ loginModuleTracker.close();
+ loginModuleTracker = null;
+ }
+
+ // clear the bundle context field
+ bundleContext = null;
}
// ---------- ServiceListener ----------------------------------------------
@@ -137,6 +162,48 @@
}
}
+ // ---------- LoginModule tracker for PluggableDefaultLoginModule
+
+ private static BundleContext getBundleContext() {
+ return bundleContext;
+ }
+
+ /**
+ * Returns the registered {@link LoginModulePlugin} services. If there are
+ * no {@link LoginModulePlugin} services registered, this method returns an
+ * empty array. <code>null</code> is never returned from this method.
+ */
+ public static LoginModulePlugin[] getLoginModules() {
+ // fast track cache (cache first, since loginModuleTracker is only
+ // non-null if moduleCache is non-null)
+ if (moduleCache != null
+ && lastTrackingCount == loginModuleTracker.getTrackingCount()) {
+ return moduleCache;
+ }
+ // invariant: moduleCache is null or modules have changed
+
+ // tracker may be null if moduleCache is null
+ if (loginModuleTracker == null) {
+ loginModuleTracker = new ServiceTracker(getBundleContext(),
+ LoginModulePlugin.class.getName(), null);
+ loginModuleTracker.open();
+ }
+
+ if (moduleCache == null || lastTrackingCount < loginModuleTracker.getTrackingCount()) {
+ Object[] services = loginModuleTracker.getServices();
+ if (services == null || services.length == 0) {
+ moduleCache = EMPTY;
+ } else {
+ moduleCache = new LoginModulePlugin[services.length];
+ System.arraycopy(services, 0, moduleCache, 0, services.length);
+ }
+ lastTrackingCount = loginModuleTracker.getTrackingCount();
+ }
+
+ // the module cache is now up to date
+ return moduleCache;
+ }
+
// ---------- internal -----------------------------------------------------
private void verifyConfiguration(ServiceReference ref) {
Propchange: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/Activator.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/Activator.java
------------------------------------------------------------------------------
svn:mergeinfo =
Copied: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/JndiRegistrationSupport.java (from r734719, incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/JndiRegistrationSupport.java)
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/JndiRegistrationSupport.java?p2=incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/JndiRegistrationSupport.java&p1=incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/JndiRegistrationSupport.java&r1=734719&r2=742152&rev=742152&view=diff
==============================================================================
--- incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/JndiRegistrationSupport.java (original)
+++ incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/JndiRegistrationSupport.java Sun Feb 8 20:07:35 2009
@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.apache.sling.jcr.jackrabbit.server;
+package org.apache.sling.jcr.jackrabbit.server.impl;
import java.security.AccessController;
import java.security.PrivilegedActionException;
@@ -43,6 +43,7 @@
*
* @scr.component immediate="true" label="%jndi.name"
* description="%jndi.description"
+ * name="org.apache.sling.jcr.jackrabbit.server.JndiRegistrationSupport"
* @scr.reference name="Repository" interface="javax.jcr.Repository"
* policy="dynamic" cardinality="0..n"
* @scr.reference name="Log" interface="org.osgi.service.log.LogService"
Propchange: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/JndiRegistrationSupport.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/JndiRegistrationSupport.java
------------------------------------------------------------------------------
svn:mergeinfo =
Copied: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/RmiRegistrationSupport.java (from r734719, incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/RmiRegistrationSupport.java)
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/RmiRegistrationSupport.java?p2=incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/RmiRegistrationSupport.java&p1=incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/RmiRegistrationSupport.java&r1=734719&r2=742152&rev=742152&view=diff
==============================================================================
--- incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/RmiRegistrationSupport.java (original)
+++ incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/RmiRegistrationSupport.java Sun Feb 8 20:07:35 2009
@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.apache.sling.jcr.jackrabbit.server;
+package org.apache.sling.jcr.jackrabbit.server.impl;
import java.io.IOException;
import java.net.InetAddress;
@@ -41,6 +41,7 @@
*
* @scr.component immediate="true" label="%rmi.name"
* description="%rmi.description"
+ * name="org.apache.sling.jcr.jackrabbit.server.RmiRegistrationSupport"
* @scr.reference name="Repository" interface="javax.jcr.Repository"
* policy="dynamic" cardinality="0..n"
* @scr.reference name="Log" interface="org.osgi.service.log.LogService"
Propchange: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/RmiRegistrationSupport.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/RmiRegistrationSupport.java
------------------------------------------------------------------------------
svn:mergeinfo =
Copied: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/SlingServerRepository.java (from r734719, incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/SlingServerRepository.java)
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/SlingServerRepository.java?p2=incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/SlingServerRepository.java&p1=incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/SlingServerRepository.java&r1=734719&r2=742152&rev=742152&view=diff
==============================================================================
--- incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/SlingServerRepository.java (original)
+++ incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/SlingServerRepository.java Sun Feb 8 20:07:35 2009
@@ -14,7 +14,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.apache.sling.jcr.jackrabbit.server;
+package org.apache.sling.jcr.jackrabbit.server.impl;
import java.io.File;
import java.io.FileInputStream;
@@ -41,6 +41,7 @@
*
* @scr.component label="%repository.name" description="%repository.description"
* factory="org.apache.sling.jcr.jackrabbit.server.SlingServerRepositoryFactory"
+ * name="org.apache.sling.jcr.jackrabbit.server.SlingServerRepository"
*
* @scr.property name="service.vendor" value="The Apache Software Foundation"
* @scr.property name="service.description"
Propchange: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/SlingServerRepository.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/SlingServerRepository.java
------------------------------------------------------------------------------
svn:mergeinfo =
Added: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/security/AuthenticationPluginWrapper.java
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/security/AuthenticationPluginWrapper.java?rev=742152&view=auto
==============================================================================
--- incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/security/AuthenticationPluginWrapper.java (added)
+++ incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/security/AuthenticationPluginWrapper.java Sun Feb 8 20:07:35 2009
@@ -0,0 +1,55 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sling.jcr.jackrabbit.server.impl.security;
+
+import javax.jcr.Credentials;
+import javax.jcr.RepositoryException;
+
+import org.apache.jackrabbit.core.security.authentication.Authentication;
+import org.apache.sling.jcr.jackrabbit.server.security.AuthenticationPlugin;
+import org.apache.sling.jcr.jackrabbit.server.security.LoginModulePlugin;
+
+/**
+ * Wraps a {@link AuthenticationPlugin} and a {@link LoginModulePlugin} with a
+ * {@link org.apache.jackrabbit.core.security.authentication.Authentication} object
+ *
+ */
+public class AuthenticationPluginWrapper implements Authentication {
+
+ private AuthenticationPlugin auth;
+ private LoginModulePlugin module;
+
+ public AuthenticationPluginWrapper(AuthenticationPlugin pa, LoginModulePlugin plm) {
+ this.auth = pa;
+ this.module = plm;
+ }
+
+ /**
+ * Delegates to underlying {@link AuthenticationPlugin#authenticate(Credentials)} method
+ */
+ public boolean authenticate(Credentials credentials)
+ throws RepositoryException {
+ return auth.authenticate(credentials);
+ }
+
+ /**
+ * Delegates to underlying {@link LoginModulePlugin#canHandle(Credentials)} method
+ */
+ public boolean canHandle(Credentials credentials) {
+ return module.canHandle(credentials);
+ }
+}
Propchange: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/security/AuthenticationPluginWrapper.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/security/AuthenticationPluginWrapper.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision Rev Url
Added: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/security/PluggableDefaultLoginModule.java
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/security/PluggableDefaultLoginModule.java?rev=742152&view=auto
==============================================================================
--- incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/security/PluggableDefaultLoginModule.java (added)
+++ incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/security/PluggableDefaultLoginModule.java Sun Feb 8 20:07:35 2009
@@ -0,0 +1,114 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sling.jcr.jackrabbit.server.impl.security;
+
+import java.security.Principal;
+import java.util.Map;
+
+import javax.jcr.Credentials;
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.login.FailedLoginException;
+import javax.security.auth.login.LoginException;
+
+import org.apache.jackrabbit.core.security.authentication.Authentication;
+import org.apache.jackrabbit.core.security.authentication.DefaultLoginModule;
+import org.apache.sling.jcr.jackrabbit.server.impl.Activator;
+import org.apache.sling.jcr.jackrabbit.server.security.AuthenticationPlugin;
+import org.apache.sling.jcr.jackrabbit.server.security.LoginModulePlugin;
+import org.osgi.framework.ServiceReference;
+import org.osgi.util.tracker.ServiceTracker;
+
+/**
+ * Extends
+ * {@link org.apache.jackrabbit.core.security.authentication.DefaultLoginModule}
+ * to provide implementations registered with the OSGI framework implementing
+ * {@link LoginModulePlugin}. Like the DefaultLoginModule, this LoginModule
+ * inherits the core of its functionality from
+ * {@link org.apache.jackrabbit.core.security.authentication.AbstractLoginModule}
+ */
+public class PluggableDefaultLoginModule extends DefaultLoginModule {
+
+ /**
+ * @see org.apache.jackrabbit.core.security.authentication.DefaultLoginModule#doInit
+ */
+ protected void doInit(CallbackHandler callbackHandler, Session session,
+ Map options) throws LoginException {
+ LoginModulePlugin[] modules = Activator.getLoginModules();
+ for (int i = 0; i < modules.length; i++) {
+ modules[i].doInit(callbackHandler, session, options);
+ }
+
+ super.doInit(callbackHandler, session, options);
+ }
+
+ /**
+ * @see org.apache.jackrabbit.core.security.authentication.DefaultLoginModule#getPrincipal
+ */
+ protected Principal getPrincipal(Credentials creds) {
+ LoginModulePlugin[] modules = Activator.getLoginModules();
+ for (int i = 0; i < modules.length; i++) {
+ if (modules[i].canHandle(creds)) {
+ Principal p = modules[i].getPrincipal(creds);
+ if (p != null) {
+ return p;
+ }
+ }
+ }
+
+ return super.getPrincipal(creds);
+ }
+
+ /**
+ * @see org.apache.jackrabbit.core.security.authentication.DefaultLoginModule#getAuthentication
+ */
+ protected Authentication getAuthentication(Principal principal,
+ Credentials creds) throws RepositoryException {
+ LoginModulePlugin[] modules = Activator.getLoginModules();
+ for (int i = 0; i < modules.length; i++) {
+ if (modules[i].canHandle(creds)) {
+ AuthenticationPlugin pa = modules[i].getAuthentication(
+ principal, creds);
+ if (pa != null) {
+ return new AuthenticationPluginWrapper(pa, modules[i]);
+ }
+ }
+ }
+
+ return super.getAuthentication(principal, creds);
+ }
+
+ /**
+ * @see org.apache.jackrabbit.core.security.authentication.DefaultLoginModule#impersonate
+ */
+ protected boolean impersonate(Principal principal, Credentials creds)
+ throws RepositoryException, FailedLoginException {
+
+ LoginModulePlugin[] modules = Activator.getLoginModules();
+ for (int i = 0; i < modules.length; i++) {
+ if (modules[i].canHandle(creds)) {
+ int result = modules[i].impersonate(principal, creds);
+ if (result != LoginModulePlugin.IMPERSONATION_DEFAULT) {
+ return result == LoginModulePlugin.IMPERSONATION_SUCCESS;
+ }
+ }
+ }
+
+ return super.impersonate(principal, creds);
+ }
+}
Propchange: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/security/PluggableDefaultLoginModule.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/impl/security/PluggableDefaultLoginModule.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision Rev Url
Added: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/security/AuthenticationPlugin.java
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/security/AuthenticationPlugin.java?rev=742152&view=auto
==============================================================================
--- incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/security/AuthenticationPlugin.java (added)
+++ incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/security/AuthenticationPlugin.java Sun Feb 8 20:07:35 2009
@@ -0,0 +1,35 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sling.jcr.jackrabbit.server.security;
+
+import javax.jcr.Credentials;
+import javax.jcr.RepositoryException;
+
+/**
+ * Provide some of the functionality of the
+ * {@link org.apache.jackrabbit.core.security.authentication.Authentication}
+ * class without explicitly referencing classes in org.apache.jackrabbit.core.*
+ */
+public interface AuthenticationPlugin {
+
+ /**
+ * {@see org.apache.jackrabbit.core.security.authentication.Authentication#
+ * authenticate}
+ */
+ public abstract boolean authenticate(Credentials credentials)
+ throws RepositoryException;
+}
Propchange: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/security/AuthenticationPlugin.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/security/AuthenticationPlugin.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision Rev Url
Added: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/security/LoginModulePlugin.java
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/security/LoginModulePlugin.java?rev=742152&view=auto
==============================================================================
--- incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/security/LoginModulePlugin.java (added)
+++ incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/security/LoginModulePlugin.java Sun Feb 8 20:07:35 2009
@@ -0,0 +1,100 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sling.jcr.jackrabbit.server.security;
+
+import java.security.Principal;
+import java.util.Map;
+
+import javax.jcr.Credentials;
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.login.FailedLoginException;
+import javax.security.auth.login.LoginException;
+
+/**
+ * Provide login module functionality that extends
+ * {@link org.apache.jackrabbit.core.security.authentication.DefaultLoginModule}
+ * for a specific type of {@link java.jcr.Credentials}. Does not rely explicitly
+ * on any classes from org.apache.jackrabbit.core.*
+ */
+public interface LoginModulePlugin {
+
+ public static final int IMPERSONATION_DEFAULT = 0;
+
+ public static final int IMPERSONATION_SUCCESS = 1;
+
+ public static final int IMPERSONATION_FAILED = 2;
+
+ /**
+ * Determine if this LoginModule can process this set of Credentials.
+ * Currently, due to Jackrabbit internals, these Credentials will always be
+ * an instance of {@link javax.jcr.SimpleCredentials}. A co-operating
+ * {@link org.apache.sling.engine.auth.AuthenticationHandler} object can set
+ * properties on these credentials at creation time that this class can use
+ * to make this determination
+ *
+ * @param credentials
+ * @return
+ */
+ public abstract boolean canHandle(Credentials credentials);
+
+ /**
+ * @see org.apache.jackrabbit.core.security.authentication.DefaultLoginModule#doInit
+ */
+ public void doInit(CallbackHandler callbackHandler, Session session,
+ Map options) throws LoginException;
+
+ /**
+ * Return a Principal object, or null. If null is returned, and no other
+ * PluggableLoginModule that can handle these Credentials can provide a
+ * Principal, the Principal will be provided by
+ * {@link org.apache.jackrabbit.core.security.authentication.DefaultLoginModule#getPrincipal}
+ *
+ * @return an instance of the Principal associated with these Credentials
+ * @see org.apache.jackrabbit.core.security.authentication.DefaultLoginModule#getPrincipal
+ */
+ public Principal getPrincipal(Credentials credentials);
+
+ /**
+ * Return a PluggableAuthentication object that can authenticate the give
+ * Principal and Credentials. If null is returned, and no other
+ * PluggableLoginModule that can handle these Credentials can provide a
+ * PluggableAuthentication instance, the authentication will be handled by
+ * {@link org.apache.jackrabbit.core.security.authentication.DefaultLoginModule#getAuthentication}
+ *
+ * @see org.apache.jackrabbit.core.security.authentication.DefaultLoginModule#getAuthentication
+ * @return An instance of PluggableAuthentication, or null
+ */
+ public AuthenticationPlugin getAuthentication(Principal principal,
+ Credentials creds) throws RepositoryException;
+
+ /**
+ * Returns a code indicating either the status of the impersonation attempt,
+ * or {@link IMPERSONATION_DEFAULT} if the impersonation should be handled
+ * by
+ * {@link org.apache.jackrabbit.core.security.authentication.DefaultLoginModule#impersonate}
+ * .
+ *
+ * @see org.apache.jackrabbit.core.security.authentication.DefaultLoginModule#impersonate
+ * @return one of {@link IMPERSONATION_DEFAULT},
+ * {@link IMPERSONATION_SUCCESS} or {@link IMPERSONATION_FAILED}
+ */
+ public int impersonate(Principal principal, Credentials credentials)
+ throws RepositoryException, FailedLoginException;
+
+}
Propchange: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/security/LoginModulePlugin.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: incubator/sling/trunk/jcr/jackrabbit-server/src/main/java/org/apache/sling/jcr/jackrabbit/server/security/LoginModulePlugin.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision Rev Url
Modified: incubator/sling/trunk/jcr/jackrabbit-server/src/main/resources/META-INF/MANIFEST.MF
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/jcr/jackrabbit-server/src/main/resources/META-INF/MANIFEST.MF?rev=742152&r1=742151&r2=742152&view=diff
==============================================================================
--- incubator/sling/trunk/jcr/jackrabbit-server/src/main/resources/META-INF/MANIFEST.MF (original)
+++ incubator/sling/trunk/jcr/jackrabbit-server/src/main/resources/META-INF/MANIFEST.MF Sun Feb 8 20:07:35 2009
@@ -10,13 +10,16 @@
Bundle-Category: sling,jcr,jackrabbit
Bundle-Vendor: The Apache Software Foundation
Bundle-DocURL: http://incubator.apache.org/sling
-Bundle-Activator: org.apache.sling.jcr.jackrabbit.server.Activator
+Bundle-Activator: org.apache.sling.jcr.jackrabbit.server.impl.Activator
Bundle-ClassPath: .,nekohtml-1.9.7.jar,lucene-core-2.3.2.jar,jackrabbi
t-spi-commons-1.5.0.jar,jackrabbit-jcr-commons-1.5.0.jar,jempbox-0.2.
0.jar,jackrabbit-jcr-rmi-1.4.1.jar,concurrent-1.3.4.jar,jackrabbit-te
xt-extractors-1.5.0.jar,fontbox-0.1.0.jar,jackrabbit-core-1.5.0.jar,d
erby-10.2.1.6.jar,poi-3.0.2-FINAL.jar,xercesImpl-2.8.1.jar,pdfbox-0.7
.3.jar,jackrabbit-spi-1.5.0.jar,poi-scratchpad-3.0.2-FINAL.jar
+Export-Package: org.apache.sling.jcr.jackrabbit.server.security;uses:=
+ "javax.jcr,javax.security.auth.callback,javax.security.auth.login";ve
+ rsion="2.0.3.incubator-SNAPSHOT"
Import-Package: javax.jcr,javax.jcr.lock,javax.jcr.nodetype,javax.jcr.
observation,javax.jcr.query,javax.jcr.util,javax.jcr.version,javax.na
ming,javax.naming.directory,javax.naming.spi,javax.security.auth,java
@@ -34,8 +37,10 @@
ersion="1.5",org.apache.jackrabbit.api.security.principal;version="1.
5",org.apache.jackrabbit.api.security.user;version="1.5",org.apache.s
ling.jcr.api,org.apache.sling.jcr.base;version="2.0.2.incubator",org.
- osgi.framework,org.osgi.service.cm,org.osgi.service.component,org.osg
- i.service.log,org.slf4j,org.xml.sax,org.xml.sax.helpers
+ apache.sling.jcr.jackrabbit.server.security;version="2.0.3.incubator-
+ SNAPSHOT",org.osgi.framework,org.osgi.service.cm,org.osgi.service.com
+ ponent,org.osgi.service.log,org.osgi.util.tracker,org.slf4j,org.xml.s
+ ax,org.xml.sax.helpers
DynamicImport-Package: *
Service-Component: OSGI-INF/serviceComponents.xml
Bnd-LastModified: 1232723302069
Modified: incubator/sling/trunk/jcr/jackrabbit-server/src/main/resources/repository.xml
URL: http://svn.apache.org/viewvc/incubator/sling/trunk/jcr/jackrabbit-server/src/main/resources/repository.xml?rev=742152&r1=742151&r2=742152&view=diff
==============================================================================
--- incubator/sling/trunk/jcr/jackrabbit-server/src/main/resources/repository.xml (original)
+++ incubator/sling/trunk/jcr/jackrabbit-server/src/main/resources/repository.xml Sun Feb 8 20:07:35 2009
@@ -17,7 +17,7 @@
specific language governing permissions and limitations
under the License.
-->
-<!DOCTYPE Repository PUBLIC "-//The Apache Software Foundation//DTD Jackrabbit 1.2//EN"
+<!DOCTYPE Repository PUBLIC "-//The Apache Software Foundation//DTD Jackrabbit 1.5//EN"
"http://jackrabbit.apache.org/dtd/repository-1.5.dtd">
<Repository>
<FileSystem class="org.apache.jackrabbit.core.fs.local.LocalFileSystem">
@@ -31,7 +31,7 @@
<AccessManager class="org.apache.jackrabbit.core.security.DefaultAccessManager">
</AccessManager>
- <LoginModule class="org.apache.jackrabbit.core.security.authentication.DefaultLoginModule">
+ <LoginModule class="org.apache.sling.jcr.jackrabbit.server.impl.security.PluggableDefaultLoginModule">
<param name="anonymousId" value="anonymous"/>
<param name="adminId" value="admin"/>
</LoginModule>