You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2013/02/18 14:04:37 UTC
svn commit: r1447237 - in
/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak: ./
core/ security/authentication/ security/authorization/ security/privilege/
security/user/ spi/commit/ spi/security/ spi/security/authentication/
spi/se...
Author: angela
Date: Mon Feb 18 13:04:37 2013
New Revision: 1447237
URL: http://svn.apache.org/r1447237
Log:
OAK-625 : Ability to pass workspace name to a CommitHook
moving init of security related commit hooks and validators to RootImpl to allow for run-time pluggability and multi-workspace setup.
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentSessionImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/CallbackHandlerImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlConfigurationImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionValidatorProvider.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeConfigurationImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/commit/CommitHookProvider.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityConfiguration.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/RepositoryCallback.java
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java?rev=1447237&r1=1447236&r2=1447237&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/Oak.java Mon Feb 18 13:04:37 2013
@@ -33,11 +33,9 @@ import org.apache.jackrabbit.oak.plugins
import org.apache.jackrabbit.oak.plugins.index.IndexHookManager;
import org.apache.jackrabbit.oak.plugins.index.IndexHookProvider;
import org.apache.jackrabbit.oak.spi.commit.CommitHook;
-import org.apache.jackrabbit.oak.spi.commit.CommitHookProvider;
import org.apache.jackrabbit.oak.spi.commit.CompositeHook;
import org.apache.jackrabbit.oak.spi.commit.CompositeValidatorProvider;
import org.apache.jackrabbit.oak.spi.commit.ConflictHandler;
-import org.apache.jackrabbit.oak.spi.commit.EmptyHook;
import org.apache.jackrabbit.oak.spi.commit.ValidatingHook;
import org.apache.jackrabbit.oak.spi.commit.Validator;
import org.apache.jackrabbit.oak.spi.commit.ValidatorProvider;
@@ -82,8 +80,6 @@ public class Oak {
private List<ValidatorProvider> validatorProviders = newArrayList();
- private List<CommitHookProvider> securityHookProviders = newArrayList();
-
// TODO: review if we really want to have the OpenSecurityProvider as default.
private SecurityProvider securityProvider = new OpenSecurityProvider();
@@ -177,24 +173,6 @@ public class Oak {
}
/**
- * Adds all currently tracked security related hooks to the commit hook that
- * is used to create the content repository.
- */
- private void withSecurityHooks() {
- if (!securityHookProviders.isEmpty()) {
- for (CommitHookProvider provider : securityHookProviders) {
- // FIXME: hack to pass the workspace name into the commit hook
- // FIXME: this needs to be re-factored once we add support for multiple workspaces support (OAK-118)
- CommitHook hook = provider.getCommitHook(defaultWorkspaceName);
- if (hook != EmptyHook.INSTANCE) {
- commitHooks.add(hook);
- }
- }
- securityHookProviders = newArrayList();
- }
- }
-
- /**
* Associates the given validator provider with the repository to
* be created.
*
@@ -229,8 +207,6 @@ public class Oak {
public Oak with(@Nonnull SecurityProvider securityProvider) {
this.securityProvider = securityProvider;
for (SecurityConfiguration sc : securityProvider.getSecurityConfigurations()) {
- validatorProviders.addAll(sc.getValidatorProviders());
- securityHookProviders.add(sc.getCommitHookProvider());
initializers.add(sc.getRepositoryInitializer());
}
return this;
@@ -250,15 +226,11 @@ public class Oak {
}
public ContentRepository createContentRepository() {
- IndexHookProvider indexHooks = CompositeIndexHookProvider
- .compose(indexHookProviders);
- OakInitializer.initialize(store,
- new CompositeInitializer(initializers), indexHooks);
+ IndexHookProvider indexHooks = CompositeIndexHookProvider.compose(indexHookProviders);
+ OakInitializer.initialize(store, new CompositeInitializer(initializers), indexHooks);
commitHooks.add(IndexHookManager.of(indexHooks));
-
withValidatorHook();
- withSecurityHooks();
return new ContentRepositoryImpl(
store,
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java?rev=1447237&r1=1447236&r2=1447237&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentRepositoryImpl.java Mon Feb 18 13:04:37 2013
@@ -30,7 +30,6 @@ import org.apache.jackrabbit.oak.spi.que
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import org.apache.jackrabbit.oak.spi.security.authentication.LoginContext;
import org.apache.jackrabbit.oak.spi.security.authentication.LoginContextProvider;
-import org.apache.jackrabbit.oak.spi.security.authorization.AccessControlConfiguration;
import org.apache.jackrabbit.oak.spi.state.NodeStore;
/**
@@ -84,8 +83,7 @@ public class ContentRepositoryImpl imple
LoginContext loginContext = lcProvider.getLoginContext(credentials, workspaceName);
loginContext.login();
- AccessControlConfiguration acConfiguration = securityProvider.getAccessControlConfiguration();
- return new ContentSessionImpl(loginContext, acConfiguration, workspaceName,
+ return new ContentSessionImpl(loginContext, securityProvider, workspaceName,
nodeStore, commitHook, indexProvider);
}
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentSessionImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentSessionImpl.java?rev=1447237&r1=1447236&r2=1447237&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentSessionImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/ContentSessionImpl.java Mon Feb 18 13:04:37 2013
@@ -27,8 +27,8 @@ import org.apache.jackrabbit.oak.api.Con
import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.spi.commit.CommitHook;
import org.apache.jackrabbit.oak.spi.query.QueryIndexProvider;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import org.apache.jackrabbit.oak.spi.security.authentication.LoginContext;
-import org.apache.jackrabbit.oak.spi.security.authorization.AccessControlConfiguration;
import org.apache.jackrabbit.oak.spi.state.NodeStore;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -43,7 +43,7 @@ class ContentSessionImpl implements Cont
private static final Logger log = LoggerFactory.getLogger(ContentSessionImpl.class);
private final LoginContext loginContext;
- private final AccessControlConfiguration accConfiguration;
+ private final SecurityProvider securityProvider;
private final String workspaceName;
private final NodeStore store;
private final CommitHook hook;
@@ -52,10 +52,10 @@ class ContentSessionImpl implements Cont
private volatile boolean live = true;
public ContentSessionImpl(LoginContext loginContext,
- AccessControlConfiguration accConfiguration, String workspaceName,
- NodeStore store, CommitHook hook, QueryIndexProvider indexProvider) {
+ SecurityProvider securityProvider, String workspaceName,
+ NodeStore store, CommitHook hook, QueryIndexProvider indexProvider) {
this.loginContext = loginContext;
- this.accConfiguration = accConfiguration;
+ this.securityProvider = securityProvider;
this.workspaceName = workspaceName;
this.store = store;
this.hook = hook;
@@ -90,7 +90,7 @@ class ContentSessionImpl implements Cont
checkLive();
RootImpl root = new RootImpl(
store, hook, workspaceName, loginContext.getSubject(),
- accConfiguration, indexProvider) {
+ securityProvider, indexProvider) {
@Override
protected void checkLive() {
ContentSessionImpl.this.checkLive();
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java?rev=1447237&r1=1447236&r2=1447237&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/core/RootImpl.java Mon Feb 18 13:04:37 2013
@@ -22,10 +22,13 @@ import java.io.IOException;
import java.io.InputStream;
import java.security.AccessController;
import java.security.PrivilegedAction;
+import java.util.ArrayList;
import java.util.Collections;
+import java.util.List;
import javax.annotation.Nonnull;
import javax.security.auth.Subject;
+import org.apache.jackrabbit.oak.Oak;
import org.apache.jackrabbit.oak.api.Blob;
import org.apache.jackrabbit.oak.api.BlobFactory;
import org.apache.jackrabbit.oak.api.CommitFailedException;
@@ -37,12 +40,14 @@ import org.apache.jackrabbit.oak.commons
import org.apache.jackrabbit.oak.plugins.index.diffindex.UUIDDiffIndexProviderWrapper;
import org.apache.jackrabbit.oak.query.QueryEngineImpl;
import org.apache.jackrabbit.oak.spi.commit.CommitHook;
+import org.apache.jackrabbit.oak.spi.commit.CompositeHook;
import org.apache.jackrabbit.oak.spi.commit.EmptyHook;
import org.apache.jackrabbit.oak.spi.observation.ChangeExtractor;
import org.apache.jackrabbit.oak.spi.query.CompositeQueryIndexProvider;
import org.apache.jackrabbit.oak.spi.query.QueryIndexProvider;
-import org.apache.jackrabbit.oak.spi.security.authorization.AccessControlConfiguration;
-import org.apache.jackrabbit.oak.spi.security.authorization.OpenAccessControlConfiguration;
+import org.apache.jackrabbit.oak.spi.security.OpenSecurityProvider;
+import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import org.apache.jackrabbit.oak.spi.security.authorization.PermissionProvider;
import org.apache.jackrabbit.oak.spi.security.principal.SystemPrincipal;
import org.apache.jackrabbit.oak.spi.state.NodeBuilder;
@@ -68,14 +73,16 @@ public class RootImpl implements Root {
*/
private final NodeStore store;
+ private final String workspaceName;
+
private final CommitHook hook;
private final Subject subject;
/**
- * The access control context provider.
+ * The security provider.
*/
- private final AccessControlConfiguration accConfiguration;
+ private final SecurityProvider securityProvider;
/**
* Current branch this root operates on
@@ -102,20 +109,20 @@ public class RootImpl implements Root {
* @param hook the commit hook
* @param workspaceName name of the workspace
* @param subject the subject.
- * @param accConfiguration the access control context provider.
+ * @param securityProvider the security configuration.
* @param indexProvider the query index provider.
*/
- @SuppressWarnings("UnusedParameters")
public RootImpl(NodeStore store,
CommitHook hook,
String workspaceName,
Subject subject,
- AccessControlConfiguration accConfiguration,
+ SecurityProvider securityProvider,
QueryIndexProvider indexProvider) {
this.store = checkNotNull(store);
+ this.workspaceName = checkNotNull(workspaceName);
this.hook = checkNotNull(hook);
this.subject = checkNotNull(subject);
- this.accConfiguration = checkNotNull(accConfiguration);
+ this.securityProvider = checkNotNull(securityProvider);
this.indexProvider = indexProvider;
refresh();
}
@@ -128,9 +135,11 @@ public class RootImpl implements Root {
// TODO: review if this constructor really makes sense and cannot be replaced.
public RootImpl(NodeStore store, QueryIndexProvider indexProvider) {
this.store = checkNotNull(store);
+ // FIXME: define proper default or pass workspace name with the constructor
+ this.workspaceName = Oak.DEFAULT_WORKSPACE_NAME;
this.hook = EmptyHook.INSTANCE;
this.subject = new Subject(true, Collections.singleton(SystemPrincipal.INSTANCE), Collections.<Object>emptySet(), Collections.<Object>emptySet());
- this.accConfiguration = new OpenAccessControlConfiguration();
+ this.securityProvider = new OpenSecurityProvider();
this.indexProvider = indexProvider;
refresh();
}
@@ -144,7 +153,7 @@ public class RootImpl implements Root {
*/
public Root getLatest() {
checkLive();
- RootImpl root = new RootImpl(store, hook, null, subject, accConfiguration, getIndexProvider()) {
+ RootImpl root = new RootImpl(store, hook, workspaceName, subject, securityProvider, getIndexProvider()) {
@Override
protected void checkLive() {
RootImpl.this.checkLive();
@@ -245,7 +254,7 @@ public class RootImpl implements Root {
@Override
public CommitFailedException run() {
try {
- branch.merge(hook);
+ branch.merge(getCommitHook());
return null;
} catch (CommitFailedException e) {
return e;
@@ -258,6 +267,31 @@ public class RootImpl implements Root {
refresh();
}
+ /**
+ * Combine the globally defined commit hook(s) with the hooks and
+ * validators defined by the various security related configurations.
+ *
+ * @return A commit hook combining repository global commit hook(s) with
+ * the pluggable hooks defined with the security modules.
+ */
+ private CommitHook getCommitHook() {
+ List<CommitHook> commitHooks = new ArrayList<CommitHook>();
+ commitHooks.add(hook);
+ List<CommitHook> securityHooks = new ArrayList<CommitHook>();
+ for (SecurityConfiguration sc : securityProvider.getSecurityConfigurations()) {
+ CommitHook validators = sc.getValidators().getCommitHook(workspaceName);
+ if (validators != EmptyHook.INSTANCE) {
+ commitHooks.add(validators);
+ }
+ CommitHook ch = sc.getSecurityHooks().getCommitHook(workspaceName);
+ if (ch != EmptyHook.INSTANCE) {
+ securityHooks.add(ch);
+ }
+ }
+ commitHooks.addAll(securityHooks);
+ return CompositeHook.compose(commitHooks);
+ }
+
// TODO: find a better solution for passing in additional principals
private Subject getCombinedSubject() {
Subject accSubject = Subject.getSubject(AccessController.getContext());
@@ -359,7 +393,7 @@ public class RootImpl implements Root {
}
PermissionProvider getPermissionProvider() {
- return accConfiguration.getPermissionProvider(this, subject.getPrincipals());
+ return securityProvider.getAccessControlConfiguration().getPermissionProvider(this, subject.getPrincipals());
}
//------------------------------------------------------------< private >---
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/CallbackHandlerImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/CallbackHandlerImpl.java?rev=1447237&r1=1447236&r2=1447237&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/CallbackHandlerImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authentication/CallbackHandlerImpl.java Mon Feb 18 13:04:37 2013
@@ -30,19 +30,17 @@ import org.apache.jackrabbit.oak.spi.que
import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import org.apache.jackrabbit.oak.spi.security.authentication.callback.CredentialsCallback;
import org.apache.jackrabbit.oak.spi.security.authentication.callback.RepositoryCallback;
-import org.apache.jackrabbit.oak.spi.security.authentication.callback.SecurityProviderCallback;
import org.apache.jackrabbit.oak.spi.state.NodeStore;
/**
* Default implementation of the {@link CallbackHandler} interface. It currently
* supports the following {@code Callback} implementations:
- *
+ * <p/>
* <ul>
- * <li>{@link CredentialsCallback}</li>
- * <li>{@link NameCallback}</li>
- * <li>{@link PasswordCallback}</li>
- * <li>{@link SecurityProviderCallback}</li>
- * <li>{@link RepositoryCallback}</li>
+ * <li>{@link CredentialsCallback}</li>
+ * <li>{@link NameCallback}</li>
+ * <li>{@link PasswordCallback}</li>
+ * <li>{@link RepositoryCallback}</li>
* </ul>
*/
public class CallbackHandlerImpl implements CallbackHandler {
@@ -75,11 +73,10 @@ public class CallbackHandlerImpl impleme
((NameCallback) callback).setName(getName());
} else if (callback instanceof PasswordCallback) {
((PasswordCallback) callback).setPassword(getPassword());
- } else if (callback instanceof SecurityProviderCallback) {
- ((SecurityProviderCallback) callback).setSecurityProvider(securityProvider);
} else if (callback instanceof RepositoryCallback) {
RepositoryCallback repositoryCallback = (RepositoryCallback) callback;
repositoryCallback.setNodeStore(nodeStore);
+ repositoryCallback.setSecurityProvider(securityProvider);
repositoryCallback.setCommitHook(commitHook);
repositoryCallback.setIndexProvider(indexProvider);
repositoryCallback.setWorkspaceName(workspaceName);
@@ -91,7 +88,7 @@ public class CallbackHandlerImpl impleme
//------------------------------------------------------------< private >---
- private String getName(){
+ private String getName() {
if (credentials instanceof SimpleCredentials) {
return ((SimpleCredentials) credentials).getUserID();
} else {
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlConfigurationImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlConfigurationImpl.java?rev=1447237&r1=1447236&r2=1447237&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlConfigurationImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/AccessControlConfigurationImpl.java Mon Feb 18 13:04:37 2013
@@ -17,7 +17,6 @@
package org.apache.jackrabbit.oak.security.authorization;
import java.security.Principal;
-import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Set;
@@ -31,7 +30,7 @@ import org.apache.jackrabbit.oak.securit
import org.apache.jackrabbit.oak.spi.commit.CommitHook;
import org.apache.jackrabbit.oak.spi.commit.CommitHookProvider;
import org.apache.jackrabbit.oak.spi.commit.CompositeHook;
-import org.apache.jackrabbit.oak.spi.commit.ValidatorProvider;
+import org.apache.jackrabbit.oak.spi.commit.ValidatingHook;
import org.apache.jackrabbit.oak.spi.lifecycle.RepositoryInitializer;
import org.apache.jackrabbit.oak.spi.security.Context;
import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
@@ -67,7 +66,7 @@ public class AccessControlConfigurationI
@Nonnull
@Override
- public CommitHookProvider getCommitHookProvider() {
+ public CommitHookProvider getSecurityHooks() {
return new CommitHookProvider() {
@Override
public CommitHook getCommitHook(String workspaceName) {
@@ -77,11 +76,14 @@ public class AccessControlConfigurationI
}
@Override
- public List<ValidatorProvider> getValidatorProviders() {
- List<ValidatorProvider> vps = new ArrayList<ValidatorProvider>();
- vps.add(new PermissionValidatorProvider(securityProvider));
- vps.add(new AccessControlValidatorProvider(securityProvider));
- return Collections.unmodifiableList(vps);
+ public CommitHookProvider getValidators() {
+ return new CommitHookProvider() {
+ @Nonnull
+ @Override
+ public CommitHook getCommitHook(@Nonnull final String workspaceName) {
+ return new ValidatingHook(new PermissionValidatorProvider(securityProvider, workspaceName), new AccessControlValidatorProvider(securityProvider));
+ }
+ };
}
@Nonnull
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionValidatorProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionValidatorProvider.java?rev=1447237&r1=1447236&r2=1447237&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionValidatorProvider.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/authorization/PermissionValidatorProvider.java Mon Feb 18 13:04:37 2013
@@ -38,12 +38,14 @@ import org.apache.jackrabbit.oak.spi.sta
class PermissionValidatorProvider implements ValidatorProvider {
private final SecurityProvider securityProvider;
+ private final String workspaceName;
private Context acCtx;
private Context userCtx;
- PermissionValidatorProvider(SecurityProvider securityProvider) {
+ PermissionValidatorProvider(SecurityProvider securityProvider, String workspaceName) {
this.securityProvider = securityProvider;
+ this.workspaceName = workspaceName;
}
//--------------------------------------------------< ValidatorProvider >---
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeConfigurationImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeConfigurationImpl.java?rev=1447237&r1=1447236&r2=1447237&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeConfigurationImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/privilege/PrivilegeConfigurationImpl.java Mon Feb 18 13:04:37 2013
@@ -16,8 +16,6 @@
*/
package org.apache.jackrabbit.oak.security.privilege;
-import java.util.Collections;
-import java.util.List;
import javax.annotation.Nonnull;
import org.apache.jackrabbit.api.security.authorization.PrivilegeManager;
@@ -25,7 +23,7 @@ import org.apache.jackrabbit.oak.api.Roo
import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import org.apache.jackrabbit.oak.spi.commit.CommitHook;
import org.apache.jackrabbit.oak.spi.commit.CommitHookProvider;
-import org.apache.jackrabbit.oak.spi.commit.ValidatorProvider;
+import org.apache.jackrabbit.oak.spi.commit.ValidatingHook;
import org.apache.jackrabbit.oak.spi.lifecycle.RepositoryInitializer;
import org.apache.jackrabbit.oak.spi.security.Context;
import org.apache.jackrabbit.oak.spi.security.SecurityConfiguration;
@@ -52,7 +50,7 @@ public class PrivilegeConfigurationImpl
@Nonnull
@Override
- public CommitHookProvider getCommitHookProvider() {
+ public CommitHookProvider getSecurityHooks() {
return new CommitHookProvider() {
@Override
public CommitHook getCommitHook(String workspaceName) {
@@ -63,9 +61,14 @@ public class PrivilegeConfigurationImpl
@Nonnull
@Override
- public List<ValidatorProvider> getValidatorProviders() {
- ValidatorProvider vp = new PrivilegeValidatorProvider();
- return Collections.singletonList(vp);
+ public CommitHookProvider getValidators() {
+ return new CommitHookProvider() {
+ @Nonnull
+ @Override
+ public CommitHook getCommitHook(@Nonnull String workspaceName) {
+ return new ValidatingHook(new PrivilegeValidatorProvider());
+ }
+ };
}
@Nonnull
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java?rev=1447237&r1=1447236&r2=1447237&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/UserConfigurationImpl.java Mon Feb 18 13:04:37 2013
@@ -23,7 +23,9 @@ import javax.annotation.Nonnull;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.namepath.NamePathMapper;
-import org.apache.jackrabbit.oak.spi.commit.ValidatorProvider;
+import org.apache.jackrabbit.oak.spi.commit.CommitHook;
+import org.apache.jackrabbit.oak.spi.commit.CommitHookProvider;
+import org.apache.jackrabbit.oak.spi.commit.ValidatingHook;
import org.apache.jackrabbit.oak.spi.lifecycle.RepositoryInitializer;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.Context;
@@ -65,9 +67,14 @@ public class UserConfigurationImpl exten
@Nonnull
@Override
- public List<ValidatorProvider> getValidatorProviders() {
- ValidatorProvider vp = new UserValidatorProvider(getConfigurationParameters());
- return Collections.singletonList(vp);
+ public CommitHookProvider getValidators() {
+ return new CommitHookProvider() {
+ @Nonnull
+ @Override
+ public CommitHook getCommitHook(@Nonnull String workspaceName) {
+ return new ValidatingHook(new UserValidatorProvider(getConfigurationParameters()));
+ }
+ };
}
@Nonnull
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/commit/CommitHookProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/commit/CommitHookProvider.java?rev=1447237&r1=1447236&r2=1447237&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/commit/CommitHookProvider.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/commit/CommitHookProvider.java Mon Feb 18 13:04:37 2013
@@ -20,7 +20,7 @@ import javax.annotation.Nonnull;
/**
* {@code CommitHookProvider} TODO
- *
+ * <p/>
* FIXME: needs re-evaluation and review once we add support for multiple workspaces (OAK-118)
*/
public interface CommitHookProvider {
@@ -33,7 +33,7 @@ public interface CommitHookProvider {
* @return A CommitHook instance.
*/
@Nonnull
- CommitHook getCommitHook(String workspaceName);
+ CommitHook getCommitHook(@Nonnull String workspaceName);
/**
* Default implementation that returns an {@code EmptyHook}.
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java?rev=1447237&r1=1447236&r2=1447237&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/OpenSecurityProvider.java Mon Feb 18 13:04:37 2013
@@ -16,10 +16,10 @@
*/
package org.apache.jackrabbit.oak.spi.security;
-import java.util.Collections;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
+import com.google.common.collect.ImmutableList;
import org.apache.jackrabbit.oak.spi.security.authentication.AuthenticationConfiguration;
import org.apache.jackrabbit.oak.spi.security.authentication.OpenAuthenticationConfiguration;
import org.apache.jackrabbit.oak.spi.security.authorization.AccessControlConfiguration;
@@ -42,7 +42,7 @@ public class OpenSecurityProvider implem
@Nonnull
@Override
public Iterable<SecurityConfiguration> getSecurityConfigurations() {
- return Collections.<SecurityConfiguration>singletonList(getAccessControlConfiguration());
+ return ImmutableList.of(getAccessControlConfiguration(), getAuthenticationConfiguration());
}
@Nonnull
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityConfiguration.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityConfiguration.java?rev=1447237&r1=1447236&r2=1447237&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityConfiguration.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/SecurityConfiguration.java Mon Feb 18 13:04:37 2013
@@ -23,7 +23,6 @@ import javax.annotation.Nonnull;
import org.apache.jackrabbit.oak.api.PropertyState;
import org.apache.jackrabbit.oak.api.Tree;
import org.apache.jackrabbit.oak.spi.commit.CommitHookProvider;
-import org.apache.jackrabbit.oak.spi.commit.ValidatorProvider;
import org.apache.jackrabbit.oak.spi.lifecycle.CompositeInitializer;
import org.apache.jackrabbit.oak.spi.lifecycle.RepositoryInitializer;
import org.apache.jackrabbit.oak.spi.xml.ProtectedItemImporter;
@@ -40,10 +39,10 @@ public interface SecurityConfiguration {
RepositoryInitializer getRepositoryInitializer();
@Nonnull
- CommitHookProvider getCommitHookProvider();
+ CommitHookProvider getSecurityHooks();
@Nonnull
- List<ValidatorProvider> getValidatorProviders();
+ CommitHookProvider getValidators();
@Nonnull
List<ProtectedItemImporter> getProtectedItemImporters();
@@ -70,14 +69,14 @@ public interface SecurityConfiguration {
@Nonnull
@Override
- public CommitHookProvider getCommitHookProvider() {
+ public CommitHookProvider getSecurityHooks() {
return new CommitHookProvider.Empty();
}
@Nonnull
@Override
- public List<ValidatorProvider> getValidatorProviders() {
- return Collections.emptyList();
+ public CommitHookProvider getValidators() {
+ return new CommitHookProvider.Empty();
}
@Nonnull
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java?rev=1447237&r1=1447236&r2=1447237&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java Mon Feb 18 13:04:37 2013
@@ -39,7 +39,6 @@ import org.apache.jackrabbit.oak.spi.sec
import org.apache.jackrabbit.oak.spi.security.authentication.callback.CredentialsCallback;
import org.apache.jackrabbit.oak.spi.security.authentication.callback.PrincipalProviderCallback;
import org.apache.jackrabbit.oak.spi.security.authentication.callback.RepositoryCallback;
-import org.apache.jackrabbit.oak.spi.security.authentication.callback.SecurityProviderCallback;
import org.apache.jackrabbit.oak.spi.security.authentication.callback.UserManagerCallback;
import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider;
import org.slf4j.Logger;
@@ -49,84 +48,84 @@ import org.slf4j.LoggerFactory;
* Abstract implementation of the {@link LoginModule} interface that can act
* as base class for login modules that aim to authenticate subjects against
* information stored in the content repository.
- *
+ * <p/>
* <h2>LoginModule Methods</h2>
* This base class provides a simple implementation for the following methods
* of the {@code LoginModule} interface:
- *
+ * <p/>
* <ul>
- * <li>{@link LoginModule#initialize(Subject, CallbackHandler, Map, Map) Initialize}:
- * Initialization of this abstract module sets the following protected instance
- * fields:
- * <ul>
- * <li>subject: The subject to be authenticated,</li>
- * <li>callbackHandler: The callback handler passed to the login module,</li>
- * <li>shareState: The map used to share state information with other login modules,</li>
- * <li>options: The configuration options of this login module as specified
- * in the {@link javax.security.auth.login.Configuration}.</li>
- * </ul>
- * </li>
- * <li>{@link LoginModule#logout() Logout}:
- * If the authenticated subject is not empty this logout implementation
- * attempts to clear both principals and public credentials and returns
- * {@code true}.</li>
- * <li>{@link LoginModule#abort() Abort}: Clears the state of this login
- * module by setting all private instance variables created in phase 1 or 2
- * to {@code null}. Subclasses are in charge of releasing their own state
- * information by either overriding {@link #clearState()}.</li>
+ * <li>{@link LoginModule#initialize(Subject, CallbackHandler, Map, Map) Initialize}:
+ * Initialization of this abstract module sets the following protected instance
+ * fields:
+ * <ul>
+ * <li>subject: The subject to be authenticated,</li>
+ * <li>callbackHandler: The callback handler passed to the login module,</li>
+ * <li>shareState: The map used to share state information with other login modules,</li>
+ * <li>options: The configuration options of this login module as specified
+ * in the {@link javax.security.auth.login.Configuration}.</li>
+ * </ul>
+ * </li>
+ * <li>{@link LoginModule#logout() Logout}:
+ * If the authenticated subject is not empty this logout implementation
+ * attempts to clear both principals and public credentials and returns
+ * {@code true}.</li>
+ * <li>{@link LoginModule#abort() Abort}: Clears the state of this login
+ * module by setting all private instance variables created in phase 1 or 2
+ * to {@code null}. Subclasses are in charge of releasing their own state
+ * information by either overriding {@link #clearState()}.</li>
* </ul>
- *
+ * <p/>
* <h2>Utility Methods</h2>
* The following methods are provided in addition:
- *
+ * <p/>
* <ul>
- * <li>{@link #clearState()}: Clears all private state information that has
- * be created during login. This method in called in {@link #abort()} and
- * subclasses are expected to override this method.</li>
- *
- * <li>{@link #getSupportedCredentials()}: Abstract method used by
- * {@link #getCredentials()} that reveals which credential implementations
- * are supported by the {@code LoginModule}.</li>
- *
- * <li>{@link #getCredentials()}: Tries to retrieve valid (supported)
- * Credentials in the following order:
- * <ol>
- * <li>using a {@link CredentialsCallback},</li>
- * <li>looking for a {@link #SHARED_KEY_CREDENTIALS} entry in the shared
- * state (see also {@link #getSharedCredentials()} and finally by</li>
- * <li>searching for valid credentials in the subject.</li>
- * </ol></li>
- *
- * <li>{@link #getSharedCredentials()}: This method returns credentials
- * passed to the login module with the share state. The key to share credentials
- * with a another module extending from this base class is
- * {@link #SHARED_KEY_CREDENTIALS}. Note, that this method does not verify
- * if the credentials provided by the shared state are
- * {@link #getSupportedCredentials() supported}.</li>
- *
- * <li>{@link #getSharedLoginName()}: If the shared state contains an entry
- * for {@link #SHARED_KEY_LOGIN_NAME} this method returns the value as login name.</li>
- *
- * <li>{@link #getSecurityProvider()}: Returns the configured security
- * provider or {@code null}.</li>
- *
- * <li>{@link #getRoot()}: Provides access to the latest state of the
- * repository in order to retrieve user or principal information required to
- * authenticate the subject as well as to write back information during
- * {@link #commit()}.</li>
- *
- * <li>{@link #getUserManager()}: Returns an instance of the configured
- * {@link UserManager} or {@code null}.</li>
- *
- * <li>{@link #getPrincipalProvider()}: Returns an instance of the configured
- * principal provider or {@code null}.</li>
- *
- * <li>{@link #getPrincipals(String)}: Utility that returns all principals
- * associated with a given user id. This method might be be called after
- * successful authentication in order to be able to populate the subject
- * during {@link #commit()}. The implementation is a shortcut for calling
- * {@link PrincipalProvider#getPrincipals(String) getPrincipals(String userId}
- * on the provider exposed by {@link #getPrincipalProvider()}</li>
+ * <li>{@link #clearState()}: Clears all private state information that has
+ * be created during login. This method in called in {@link #abort()} and
+ * subclasses are expected to override this method.</li>
+ * <p/>
+ * <li>{@link #getSupportedCredentials()}: Abstract method used by
+ * {@link #getCredentials()} that reveals which credential implementations
+ * are supported by the {@code LoginModule}.</li>
+ * <p/>
+ * <li>{@link #getCredentials()}: Tries to retrieve valid (supported)
+ * Credentials in the following order:
+ * <ol>
+ * <li>using a {@link CredentialsCallback},</li>
+ * <li>looking for a {@link #SHARED_KEY_CREDENTIALS} entry in the shared
+ * state (see also {@link #getSharedCredentials()} and finally by</li>
+ * <li>searching for valid credentials in the subject.</li>
+ * </ol></li>
+ * <p/>
+ * <li>{@link #getSharedCredentials()}: This method returns credentials
+ * passed to the login module with the share state. The key to share credentials
+ * with a another module extending from this base class is
+ * {@link #SHARED_KEY_CREDENTIALS}. Note, that this method does not verify
+ * if the credentials provided by the shared state are
+ * {@link #getSupportedCredentials() supported}.</li>
+ * <p/>
+ * <li>{@link #getSharedLoginName()}: If the shared state contains an entry
+ * for {@link #SHARED_KEY_LOGIN_NAME} this method returns the value as login name.</li>
+ * <p/>
+ * <li>{@link #getSecurityProvider()}: Returns the configured security
+ * provider or {@code null}.</li>
+ * <p/>
+ * <li>{@link #getRoot()}: Provides access to the latest state of the
+ * repository in order to retrieve user or principal information required to
+ * authenticate the subject as well as to write back information during
+ * {@link #commit()}.</li>
+ * <p/>
+ * <li>{@link #getUserManager()}: Returns an instance of the configured
+ * {@link UserManager} or {@code null}.</li>
+ * <p/>
+ * <li>{@link #getPrincipalProvider()}: Returns an instance of the configured
+ * principal provider or {@code null}.</li>
+ * <p/>
+ * <li>{@link #getPrincipals(String)}: Utility that returns all principals
+ * associated with a given user id. This method might be be called after
+ * successful authentication in order to be able to populate the subject
+ * during {@link #commit()}. The implementation is a shortcut for calling
+ * {@link PrincipalProvider#getPrincipals(String) getPrincipals(String userId}
+ * on the provider exposed by {@link #getPrincipalProvider()}</li>
* </ul>
*/
public abstract class AbstractLoginModule implements LoginModule {
@@ -186,6 +185,7 @@ public abstract class AbstractLoginModul
}
//--------------------------------------------------------------------------
+
/**
* Clear state information that has been created during {@link #login()}.
*/
@@ -203,11 +203,11 @@ public abstract class AbstractLoginModul
/**
* Tries to retrieve valid (supported) Credentials:
* <ol>
- * <li>using a {@link CredentialsCallback},</li>
- * <li>looking for a {@link #SHARED_KEY_CREDENTIALS} entry in the
- * shared state (see also {@link #getSharedCredentials()} and finally by</li>
- * <li>searching for valid credentials in the subject.</li>
- * </ol>
+ * <li>using a {@link CredentialsCallback},</li>
+ * <li>looking for a {@link #SHARED_KEY_CREDENTIALS} entry in the
+ * shared state (see also {@link #getSharedCredentials()} and finally by</li>
+ * <li>searching for valid credentials in the subject.</li>
+ * </ol>
*
* @return Valid (supported) credentials or {@code null}.
*/
@@ -291,15 +291,15 @@ public abstract class AbstractLoginModul
* SecurityProviderCallback this method returns {@code null}.
*
* @return The {@code SecurityProvider} associated with this
- * {@code LoginModule} or {@code null}.
+ * {@code LoginModule} or {@code null}.
*/
@CheckForNull
protected SecurityProvider getSecurityProvider() {
if (securityProvider == null && callbackHandler != null) {
- SecurityProviderCallback scb = new SecurityProviderCallback();
+ RepositoryCallback rcb = new RepositoryCallback();
try {
- callbackHandler.handle(new Callback[] {scb});
- securityProvider = scb.getSecurityProvider();
+ callbackHandler.handle(new Callback[]{rcb});
+ securityProvider = rcb.getSecurityProvider();
} catch (UnsupportedCallbackException e) {
log.debug(e.getMessage());
} catch (IOException e) {
@@ -316,14 +316,14 @@ public abstract class AbstractLoginModul
* this method returns {@code null}.
*
* @return The {@code Root} associated with this {@code LoginModule} or
- * {@code null}.
+ * {@code null}.
*/
@CheckForNull
protected Root getRoot() {
if (root == null && callbackHandler != null) {
RepositoryCallback rcb = new RepositoryCallback();
try {
- callbackHandler.handle(new Callback[] {rcb});
+ callbackHandler.handle(new Callback[]{rcb});
root = rcb.getRoot();
} catch (UnsupportedCallbackException e) {
log.debug(e.getMessage());
@@ -353,7 +353,7 @@ public abstract class AbstractLoginModul
if (userManager == null && callbackHandler != null) {
try {
UserManagerCallback userCallBack = new UserManagerCallback();
- callbackHandler.handle(new Callback[] {userCallBack});
+ callbackHandler.handle(new Callback[]{userCallBack});
userManager = userCallBack.getUserManager();
} catch (IOException e) {
log.debug(e.getMessage());
@@ -384,7 +384,7 @@ public abstract class AbstractLoginModul
if (principalProvider == null && callbackHandler != null) {
try {
PrincipalProviderCallback principalCallBack = new PrincipalProviderCallback();
- callbackHandler.handle(new Callback[] {principalCallBack});
+ callbackHandler.handle(new Callback[]{principalCallBack});
principalProvider = principalCallBack.getPrincipalProvider();
} catch (IOException e) {
log.debug(e.getMessage());
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/RepositoryCallback.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/RepositoryCallback.java?rev=1447237&r1=1447236&r2=1447237&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/RepositoryCallback.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/callback/RepositoryCallback.java Mon Feb 18 13:04:37 2013
@@ -25,8 +25,7 @@ import org.apache.jackrabbit.oak.api.Roo
import org.apache.jackrabbit.oak.core.RootImpl;
import org.apache.jackrabbit.oak.spi.commit.CommitHook;
import org.apache.jackrabbit.oak.spi.query.QueryIndexProvider;
-import org.apache.jackrabbit.oak.spi.security.authorization.AccessControlConfiguration;
-import org.apache.jackrabbit.oak.spi.security.authorization.OpenAccessControlConfiguration;
+import org.apache.jackrabbit.oak.spi.security.SecurityProvider;
import org.apache.jackrabbit.oak.spi.security.principal.SystemPrincipal;
import org.apache.jackrabbit.oak.spi.state.NodeStore;
@@ -40,9 +39,11 @@ public class RepositoryCallback implemen
private NodeStore nodeStore;
private CommitHook commitHook;
+ private SecurityProvider securityProvider;
private QueryIndexProvider indexProvider;
private String workspaceName;
+ @CheckForNull
public String getWorkspaceName() {
return workspaceName;
}
@@ -51,12 +52,16 @@ public class RepositoryCallback implemen
public Root getRoot() {
if (nodeStore != null) {
Subject subject = new Subject(true, Collections.singleton(SystemPrincipal.INSTANCE), Collections.<Object>emptySet(), Collections.<Object>emptySet());
- AccessControlConfiguration acConfiguration = new OpenAccessControlConfiguration();
- return new RootImpl(nodeStore, commitHook, workspaceName, subject, acConfiguration, indexProvider);
+ return new RootImpl(nodeStore, commitHook, workspaceName, subject, securityProvider, indexProvider);
}
return null;
}
+ @CheckForNull
+ public SecurityProvider getSecurityProvider() {
+ return securityProvider;
+ }
+
public void setNodeStore(NodeStore nodeStore) {
this.nodeStore = nodeStore;
}
@@ -65,6 +70,10 @@ public class RepositoryCallback implemen
this.commitHook = commitHook;
}
+ public void setSecurityProvider(SecurityProvider securityProvider) {
+ this.securityProvider = securityProvider;
+ }
+
public void setIndexProvider(QueryIndexProvider indexProvider) {
this.indexProvider = indexProvider;
}