1 package org
.argeo
.security
.jackrabbit
;
6 import javax
.security
.auth
.Subject
;
7 import javax
.security
.auth
.callback
.CallbackHandler
;
8 import javax
.security
.auth
.login
.LoginException
;
9 import javax
.security
.auth
.spi
.LoginModule
;
10 import javax
.security
.auth
.x500
.X500Principal
;
12 import org
.apache
.jackrabbit
.core
.security
.SecurityConstants
;
13 import org
.apache
.jackrabbit
.core
.security
.principal
.AdminPrincipal
;
14 import org
.argeo
.node
.DataAdminPrincipal
;
16 public class SystemJackrabbitLoginModule
implements LoginModule
{
18 private Subject subject
;
21 public void initialize(Subject subject
, CallbackHandler callbackHandler
,
22 Map
<String
, ?
> sharedState
, Map
<String
, ?
> options
) {
23 this.subject
= subject
;
27 public boolean login() throws LoginException
{
32 public boolean commit() throws LoginException
{
33 Set
<DataAdminPrincipal
> initPrincipal
= subject
34 .getPrincipals(DataAdminPrincipal
.class);
35 if (!initPrincipal
.isEmpty()) {
36 subject
.getPrincipals().add(
37 new AdminPrincipal(SecurityConstants
.ADMIN_ID
));
41 Set
<X500Principal
> userPrincipal
= subject
42 .getPrincipals(X500Principal
.class);
43 if (userPrincipal
.isEmpty())
44 throw new LoginException("Subject must be pre-authenticated");
45 if (userPrincipal
.size() > 1)
46 throw new LoginException("Multiple user principals "
53 public boolean abort() throws LoginException
{
58 public boolean logout() throws LoginException
{
59 Set
<DataAdminPrincipal
> initPrincipal
= subject
60 .getPrincipals(DataAdminPrincipal
.class);
61 if (!initPrincipal
.isEmpty()) {
62 subject
.getPrincipals(AdminPrincipal
.class);