1 package org
.argeo
.security
.jackrabbit
;
6 import javax
.security
.auth
.Subject
;
7 import javax
.security
.auth
.callback
.CallbackHandler
;
8 import javax
.security
.auth
.login
.LoginException
;
9 import javax
.security
.auth
.spi
.LoginModule
;
10 import javax
.security
.auth
.x500
.X500Principal
;
12 import org
.apache
.jackrabbit
.core
.security
.SecurityConstants
;
13 import org
.apache
.jackrabbit
.core
.security
.principal
.AdminPrincipal
;
14 import org
.argeo
.node
.DataAdminPrincipal
;
16 public class SystemJackrabbitLoginModule
implements LoginModule
{
18 private Subject subject
;
21 public void initialize(Subject subject
, CallbackHandler callbackHandler
, Map
<String
, ?
> sharedState
,
22 Map
<String
, ?
> options
) {
23 this.subject
= subject
;
27 public boolean login() throws LoginException
{
32 public boolean commit() throws LoginException
{
33 Set
<DataAdminPrincipal
> initPrincipal
= subject
.getPrincipals(DataAdminPrincipal
.class);
34 if (!initPrincipal
.isEmpty()) {
35 subject
.getPrincipals().add(new AdminPrincipal(initPrincipal
.iterator().next().getName()));
39 Set
<X500Principal
> userPrincipal
= subject
.getPrincipals(X500Principal
.class);
40 if (userPrincipal
.isEmpty())
41 throw new LoginException("Subject must be pre-authenticated");
42 if (userPrincipal
.size() > 1)
43 throw new LoginException("Multiple user principals " + userPrincipal
);
49 public boolean abort() throws LoginException
{
54 public boolean logout() throws LoginException
{
55 Set
<DataAdminPrincipal
> initPrincipal
= subject
.getPrincipals(DataAdminPrincipal
.class);
56 if (!initPrincipal
.isEmpty()) {
57 subject
.getPrincipals(AdminPrincipal
.class);