1 package org
.argeo
.cms
.internal
.kernel
;
3 import javax
.jcr
.RepositoryException
;
4 import javax
.security
.auth
.spi
.LoginModule
;
6 import org
.apache
.commons
.logging
.Log
;
7 import org
.apache
.commons
.logging
.LogFactory
;
8 import org
.argeo
.cms
.CmsException
;
9 import org
.argeo
.security
.UserAdminService
;
10 import org
.argeo
.security
.core
.InternalAuthentication
;
11 import org
.argeo
.security
.core
.InternalAuthenticationProvider
;
12 import org
.argeo
.security
.core
.ThreadedLoginModule
;
13 import org
.argeo
.security
.jcr
.SimpleJcrSecurityModel
;
14 import org
.argeo
.security
.jcr
.jackrabbit
.JackrabbitUserAdminService
;
15 import org
.eclipse
.rap
.rwt
.RWT
;
16 import org
.eclipse
.swt
.widgets
.Display
;
17 import org
.osgi
.framework
.BundleContext
;
18 import org
.osgi
.framework
.ServiceRegistration
;
19 import org
.springframework
.security
.authentication
.AnonymousAuthenticationProvider
;
20 import org
.springframework
.security
.authentication
.AnonymousAuthenticationToken
;
21 import org
.springframework
.security
.authentication
.AuthenticationManager
;
22 import org
.springframework
.security
.authentication
.UsernamePasswordAuthenticationToken
;
23 import org
.springframework
.security
.core
.Authentication
;
24 import org
.springframework
.security
.core
.AuthenticationException
;
25 import org
.springframework
.security
.provisioning
.UserDetailsManager
;
27 /** Authentication and user management. */
28 class NodeSecurity
implements AuthenticationManager
{
29 private final static Log log
= LogFactory
.getLog(NodeSecurity
.class);
31 private final BundleContext bundleContext
;
33 private final InternalAuthenticationProvider internalAuth
;
34 private final AnonymousAuthenticationProvider anonymousAuth
;
35 private final JackrabbitUserAdminService jackrabbitUserAdmin
;
36 private Login loginModule
;
38 private ServiceRegistration
<AuthenticationManager
> authenticationManagerReg
;
39 private ServiceRegistration
<UserAdminService
> userAdminReg
;
40 private ServiceRegistration
<UserDetailsManager
> userDetailsManagerReg
;
41 private ServiceRegistration
<LoginModule
> loginModuleReg
;
43 public NodeSecurity(BundleContext bundleContext
, JackrabbitNode node
)
44 throws RepositoryException
{
45 this.bundleContext
= bundleContext
;
47 internalAuth
= new InternalAuthenticationProvider(
48 KernelConstants
.DEFAULT_SECURITY_KEY
);
49 anonymousAuth
= new AnonymousAuthenticationProvider(
50 KernelConstants
.DEFAULT_SECURITY_KEY
);
53 jackrabbitUserAdmin
= new JackrabbitUserAdminService();
54 jackrabbitUserAdmin
.setRepository(node
);
55 jackrabbitUserAdmin
.setSecurityModel(new SimpleJcrSecurityModel());
56 jackrabbitUserAdmin
.init();
58 loginModule
= new Login();
61 public void publish() {
62 authenticationManagerReg
= bundleContext
.registerService(
63 AuthenticationManager
.class, this, null);
64 userAdminReg
= bundleContext
.registerService(UserAdminService
.class,
65 jackrabbitUserAdmin
, null);
66 userDetailsManagerReg
= bundleContext
.registerService(
67 UserDetailsManager
.class, jackrabbitUserAdmin
, null);
69 // bundleContext.registerService(UserDetailsService.class,
70 // jackrabbitUserAdmin, null);
72 loginModuleReg
= bundleContext
.registerService(LoginModule
.class,
78 jackrabbitUserAdmin
.destroy();
79 } catch (RepositoryException e
) {
80 log
.error("Error while destroying Jackrabbit useradmin");
82 userDetailsManagerReg
.unregister();
83 userAdminReg
.unregister();
84 authenticationManagerReg
.unregister();
85 loginModuleReg
.unregister();
89 public Authentication
authenticate(Authentication authentication
)
90 throws AuthenticationException
{
91 Authentication auth
= null;
92 if (authentication
instanceof InternalAuthentication
)
93 auth
= internalAuth
.authenticate(authentication
);
94 else if (authentication
instanceof AnonymousAuthenticationToken
)
95 auth
= anonymousAuth
.authenticate(authentication
);
96 else if (authentication
instanceof UsernamePasswordAuthenticationToken
)
97 auth
= jackrabbitUserAdmin
.authenticate(authentication
);
99 throw new CmsException("Could not authenticate " + authentication
);
103 private class Login
extends ThreadedLoginModule
{
106 protected LoginModule
createLoginModule() {
107 SpringLoginModule springLoginModule
= new SpringLoginModule();
108 springLoginModule
.setAuthenticationManager(NodeSecurity
.this);
109 if (Display
.getCurrent() != null) {
112 return springLoginModule
;