1 package org
.argeo
.cms
.internal
.kernel
;
5 import javax
.jcr
.RepositoryException
;
7 import org
.apache
.commons
.logging
.Log
;
8 import org
.apache
.commons
.logging
.LogFactory
;
9 import org
.argeo
.cms
.CmsException
;
10 import org
.argeo
.cms
.internal
.useradmin
.JcrUserAdmin
;
11 import org
.argeo
.security
.SecurityUtils
;
12 import org
.argeo
.security
.UserAdminService
;
13 import org
.argeo
.security
.core
.InternalAuthentication
;
14 import org
.argeo
.security
.core
.InternalAuthenticationProvider
;
15 import org
.argeo
.security
.jcr
.SimpleJcrSecurityModel
;
16 import org
.argeo
.security
.jcr
.jackrabbit
.JackrabbitUserAdminService
;
17 import org
.osgi
.framework
.BundleContext
;
18 import org
.osgi
.framework
.ServiceRegistration
;
19 import org
.osgi
.service
.useradmin
.UserAdmin
;
20 import org
.springframework
.security
.authentication
.AnonymousAuthenticationProvider
;
21 import org
.springframework
.security
.authentication
.AnonymousAuthenticationToken
;
22 import org
.springframework
.security
.authentication
.AuthenticationManager
;
23 import org
.springframework
.security
.authentication
.UsernamePasswordAuthenticationToken
;
24 import org
.springframework
.security
.core
.Authentication
;
25 import org
.springframework
.security
.core
.AuthenticationException
;
26 import org
.springframework
.security
.provisioning
.UserDetailsManager
;
28 /** Authentication and user management. */
29 class NodeSecurity
implements AuthenticationManager
{
30 private final static Log log
= LogFactory
.getLog(NodeSecurity
.class);
32 private final BundleContext bundleContext
;
34 private final InternalAuthenticationProvider internalAuth
;
35 private final AnonymousAuthenticationProvider anonymousAuth
;
36 private final JackrabbitUserAdminService userAdminService
;
37 private final JcrUserAdmin userAdmin
;
39 private ServiceRegistration
<AuthenticationManager
> authenticationManagerReg
;
40 private ServiceRegistration
<UserAdminService
> userAdminServiceReg
;
41 private ServiceRegistration
<UserDetailsManager
> userDetailsManagerReg
;
43 private ServiceRegistration
<UserAdmin
> userAdminReg
;
45 public NodeSecurity(BundleContext bundleContext
, JackrabbitNode node
)
46 throws RepositoryException
{
47 URL url
= getClass().getClassLoader().getResource(
48 KernelConstants
.JAAS_CONFIG
);
49 System
.setProperty("java.security.auth.login.config",
50 url
.toExternalForm());
52 this.bundleContext
= bundleContext
;
54 internalAuth
= new InternalAuthenticationProvider(
55 SecurityUtils
.getStaticKey());
56 anonymousAuth
= new AnonymousAuthenticationProvider(
57 SecurityUtils
.getStaticKey());
60 userAdminService
= new JackrabbitUserAdminService();
61 userAdminService
.setRepository(node
);
62 userAdminService
.setSecurityModel(new SimpleJcrSecurityModel());
63 userAdminService
.init();
65 userAdmin
= new JcrUserAdmin(bundleContext
, node
);
66 userAdmin
.setUserAdminService(userAdminService
);
69 public void publish() {
70 authenticationManagerReg
= bundleContext
.registerService(
71 AuthenticationManager
.class, this, null);
72 userAdminServiceReg
= bundleContext
.registerService(
73 UserAdminService
.class, userAdminService
, null);
74 userDetailsManagerReg
= bundleContext
.registerService(
75 UserDetailsManager
.class, userAdminService
, null);
76 userAdminReg
= bundleContext
.registerService(UserAdmin
.class,
82 userAdminService
.destroy();
83 } catch (RepositoryException e
) {
84 log
.error("Error while destroying Jackrabbit useradmin");
86 userDetailsManagerReg
.unregister();
87 userAdminServiceReg
.unregister();
88 authenticationManagerReg
.unregister();
89 userAdminReg
.unregister();
93 public Authentication
authenticate(Authentication authentication
)
94 throws AuthenticationException
{
95 Authentication auth
= null;
96 if (authentication
instanceof InternalAuthentication
)
97 auth
= internalAuth
.authenticate(authentication
);
98 else if (authentication
instanceof AnonymousAuthenticationToken
)
99 auth
= anonymousAuth
.authenticate(authentication
);
100 else if (authentication
instanceof UsernamePasswordAuthenticationToken
)
101 auth
= userAdminService
.authenticate(authentication
);
103 throw new CmsException("Could not authenticate " + authentication
);