1 package org
.argeo
.security
.jackrabbit
;
3 import java
.security
.Principal
;
7 import javax
.security
.auth
.Subject
;
8 import javax
.security
.auth
.callback
.CallbackHandler
;
9 import javax
.security
.auth
.login
.LoginException
;
10 import javax
.security
.auth
.spi
.LoginModule
;
12 import org
.apache
.jackrabbit
.core
.security
.AnonymousPrincipal
;
13 import org
.apache
.jackrabbit
.core
.security
.principal
.AdminPrincipal
;
15 public class SystemJackrabbitLoginModule
implements LoginModule
{
17 private Subject subject
;
20 public void initialize(Subject subject
, CallbackHandler callbackHandler
,
21 Map
<String
, ?
> sharedState
, Map
<String
, ?
> options
) {
22 this.subject
= subject
;
26 public boolean login() throws LoginException
{
31 public boolean commit() throws LoginException
{
32 Set
<Principal
> principals
= subject
.getPrincipals();
33 if (principals
.isEmpty()) {// system
34 subject
.getPrincipals().add(new AdminPrincipal("admin"));
37 boolean isAdmin
= false;
38 boolean isAnonymous
= false;
39 // FIXME make it more generic
40 for (Principal principal
: principals
) {
41 if (principal
.getName().equalsIgnoreCase(
42 "cn=admin,ou=roles,ou=node"))
44 else if (principal
.getName().equalsIgnoreCase(
45 "cn=anonymous,ou=roles,ou=node"))
49 if (isAnonymous
&& isAdmin
)
50 throw new LoginException("Cannot be admin and anonymous");
52 // Add special Jackrabbit roles
54 principals
.add(new AdminPrincipal("admin"));
55 if (isAnonymous
)// anonymous
56 principals
.add(new AnonymousPrincipal());
61 public boolean abort() throws LoginException
{
66 public boolean logout() throws LoginException
{
67 subject
.getPrincipals().removeAll(
68 subject
.getPrincipals(AdminPrincipal
.class));