You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-commits@jackrabbit.apache.org by an...@apache.org on 2016/01/19 17:36:50 UTC
svn commit: r1725560 - in /jackrabbit/oak/trunk:
oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderRegistration.java
oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/SecurityProviderRegistrationTest.groovy
Author: angela
Date: Tue Jan 19 16:36:50 2016
New Revision: 1725560
URL: http://svn.apache.org/viewvc?rev=1725560&view=rev
Log:
OAK-1268 : Add support for composite authorization setup (WIP, partial revert until ctx is properly populated)
Modified:
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderRegistration.java
jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/SecurityProviderRegistrationTest.groovy
Modified: jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderRegistration.java
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderRegistration.java?rev=1725560&r1=1725559&r2=1725560&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderRegistration.java (original)
+++ jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/internal/SecurityProviderRegistration.java Tue Jan 19 16:36:50 2016
@@ -29,7 +29,6 @@ import org.apache.felix.scr.annotations.
import org.apache.felix.scr.annotations.References;
import org.apache.jackrabbit.oak.commons.PropertiesUtil;
import org.apache.jackrabbit.oak.osgi.OsgiWhiteboard;
-import org.apache.jackrabbit.oak.security.authorization.composite.CompositeAuthorizationConfiguration;
import org.apache.jackrabbit.oak.security.user.UserConfigurationImpl;
import org.apache.jackrabbit.oak.spi.security.ConfigurationBase;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
@@ -82,11 +81,10 @@ import static com.google.common.collect.
"unless the services identified by these PIDs are " +
"registered first. Only the PIDs of implementations of " +
"the following interfaces are checked: " +
- "AuthorizationConfiguration, PrincipalConfiguration, " +
- "TokenConfiguration, AuthorizableActionProvider, " +
+ "PrincipalConfiguration, TokenConfiguration, " +
+ "AuthorizableActionProvider, " +
"RestrictionProvider and UserAuthenticationFactory.",
value = {
- "org.apache.jackrabbit.oak.security.authorization.AuthorizationConfigurationImpl",
"org.apache.jackrabbit.oak.security.principal.PrincipalConfigurationImpl",
"org.apache.jackrabbit.oak.security.authentication.token.TokenConfigurationImpl",
"org.apache.jackrabbit.oak.spi.security.user.action.DefaultAuthorizableActionProvider",
@@ -98,12 +96,6 @@ import static com.google.common.collect.
})
@References({
@Reference(
- name = "authorizationConfiguration",
- referenceInterface = AuthorizationConfiguration.class,
- cardinality = ReferenceCardinality.OPTIONAL_MULTIPLE,
- policy = ReferencePolicy.DYNAMIC
- ),
- @Reference(
name = "principalConfiguration",
referenceInterface = PrincipalConfiguration.class,
cardinality = ReferenceCardinality.OPTIONAL_MULTIPLE,
@@ -146,6 +138,9 @@ public class SecurityProviderRegistratio
private static final Logger log = LoggerFactory.getLogger(SecurityProviderRegistration.class);
@Reference
+ private AuthorizationConfiguration authorizationConfiguration;
+
+ @Reference
private AuthenticationConfiguration authenticationConfiguration;
@Reference
@@ -162,8 +157,6 @@ public class SecurityProviderRegistratio
private final Preconditions preconditions = new Preconditions();
- private final List<AuthorizationConfiguration> authorizationConfigurations = newCopyOnWriteArrayList();
-
private final List<PrincipalConfiguration> principalConfigurations = newCopyOnWriteArrayList();
private final List<TokenConfiguration> tokenConfigurations = newCopyOnWriteArrayList();
@@ -226,6 +219,14 @@ public class SecurityProviderRegistratio
}
}
+ public void bindAuthorizationConfiguration(AuthorizationConfiguration authorizationConfiguration) {
+ this.authorizationConfiguration = authorizationConfiguration;
+ }
+
+ public void unbindAuthorizationConfiguration(AuthorizationConfiguration authorizationConfiguration) {
+ this.authorizationConfiguration = null;
+ }
+
public void bindAuthenticationConfiguration(AuthenticationConfiguration authenticationConfiguration) {
this.authenticationConfiguration = authenticationConfiguration;
}
@@ -250,24 +251,6 @@ public class SecurityProviderRegistratio
this.userConfiguration = null;
}
- public void bindAuthorizationConfiguration(AuthorizationConfiguration authorizationConfiguration, Map<String, Object> properties) {
- synchronized (this) {
- authorizationConfigurations.add(authorizationConfiguration);
- addCandidate(properties);
- }
-
- maybeRegister();
- }
-
- public void unbindAuthorizationConfiguration(AuthorizationConfiguration authorizationConfiguration, Map<String, Object> properties) {
- synchronized (this) {
- authorizationConfigurations.remove(authorizationConfiguration);
- removeCandidate(properties);
- }
-
- maybeUnregister();
- }
-
public void bindPrincipalConfiguration(PrincipalConfiguration principalConfiguration, Map<String, Object> properties) {
synchronized (this) {
principalConfigurations.add(principalConfiguration);
@@ -492,12 +475,12 @@ public class SecurityProviderRegistratio
// Static, mandatory references
securityProvider.setAuthenticationConfiguration(initializeConfiguration(securityProvider, authenticationConfiguration));
+ securityProvider.setAuthorizationConfiguration(initializeConfiguration(securityProvider, authorizationConfiguration));
securityProvider.setUserConfiguration(initializeConfiguration(securityProvider, userConfiguration));
securityProvider.setPrivilegeConfiguration(initializeConfiguration(securityProvider, privilegeConfiguration));
// Multiple, dynamic references
- securityProvider.setAuthorizationConfiguration(createCompositeAuthorizationConfiguration(securityProvider));
securityProvider.setPrincipalConfiguration(createCompositePrincipalConfiguration(securityProvider));
securityProvider.setTokenConfiguration(createCompositeTokenConfiguration(securityProvider));
@@ -508,22 +491,6 @@ public class SecurityProviderRegistratio
return securityProvider;
}
- private AuthorizationConfiguration createCompositeAuthorizationConfiguration(SecurityProvider securityProvider) {
- return new CompositeAuthorizationConfiguration(securityProvider) {
-
- @Override
- protected List<AuthorizationConfiguration> getConfigurations() {
- ArrayList<AuthorizationConfiguration> configurations = newArrayList(authorizationConfigurations);
-
- for (AuthorizationConfiguration configuration : configurations) {
- initializeConfiguration(getSecurityProvider(), configuration);
- }
-
- return configurations;
- }
- };
- }
-
private PrincipalConfiguration createCompositePrincipalConfiguration(SecurityProvider securityProvider) {
return new CompositePrincipalConfiguration(securityProvider) {
Modified: jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/SecurityProviderRegistrationTest.groovy
URL: http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/SecurityProviderRegistrationTest.groovy?rev=1725560&r1=1725559&r2=1725560&view=diff
==============================================================================
--- jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/SecurityProviderRegistrationTest.groovy (original)
+++ jackrabbit/oak/trunk/oak-pojosr/src/test/groovy/org/apache/jackrabbit/oak/run/osgi/SecurityProviderRegistrationTest.groovy Tue Jan 19 16:36:50 2016
@@ -54,15 +54,6 @@ class SecurityProviderRegistrationTest e
/**
* A SecurityProvider shouldn't start without a required
- * AuthorizationConfiguration service.
- */
- @Test
- public void testRequiredAuthorizationConfigurationNotAvailable() {
- testRequiredService(AuthorizationConfiguration, mock(AuthorizationConfiguration))
- }
-
- /**
- * A SecurityProvider shouldn't start without a required
* PrincipalConfiguration service.
*/
@Test
@@ -124,16 +115,13 @@ class SecurityProviderRegistrationTest e
// Set up the SecurityProvider to require three services
- setRequiredServicePids("test.RequiredAuthorizationConfiguration", "test.RequiredPrincipalConfiguration", "test.RequiredTokenConfiguration", "test.AuthorizableNodeName")
+ setRequiredServicePids("test.RequiredPrincipalConfiguration", "test.RequiredTokenConfiguration", "test.AuthorizableNodeName")
TimeUnit.MILLISECONDS.sleep(500)
assert securityProviderServiceReferences == null
// Start the services and verify that only at the end the
// SecurityProvider registers itself
- registry.registerService(AuthorizationConfiguration.class.name, mock(AuthorizationConfiguration), dict("service.pid": "test.RequiredAuthorizationConfiguration"))
- assert securityProviderServiceReferences == null
-
registry.registerService(PrincipalConfiguration.class.name, mock(PrincipalConfiguration), dict("service.pid": "test.RequiredPrincipalConfiguration"))
assert securityProviderServiceReferences == null