]> git.argeo.org Git - lgpl/argeo-commons.git/blob - security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/OsJcrAuthenticationProvider.java
projects / lgpl / argeo-commons.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[maven-release-plugin] prepare for next development iteration
[lgpl/argeo-commons.git] / security / runtime / org.argeo.security.core / src / main / java / org / argeo / security / jcr / OsJcrAuthenticationProvider.java
1 /*
2 * Copyright (C) 2007-2012 Mathieu Baudier
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16 package org.argeo.security.jcr;
17
18 import javax.jcr.Node;
19 import javax.jcr.Repository;
20 import javax.jcr.RepositoryException;
21 import javax.jcr.Session;
22 import javax.jcr.security.Privilege;
23
24 import org.argeo.ArgeoException;
25 import org.argeo.jcr.JcrUtils;
26 import org.argeo.security.OsAuthenticationToken;
27 import org.argeo.security.core.OsAuthenticationProvider;
28 import org.springframework.security.Authentication;
29 import org.springframework.security.AuthenticationException;
30
31 /** Relies on OS to authenticate and additionally setup JCR */
32 public class OsJcrAuthenticationProvider extends OsAuthenticationProvider {
33 private Repository repository;
34 private String securityWorkspace = "security";
35 private Session securitySession;
36 private Session nodeSession;
37
38 public void init() {
39 try {
40 securitySession = repository.login(securityWorkspace);
41 nodeSession = repository.login();
42 } catch (RepositoryException e) {
43 throw new ArgeoException("Cannot initialize", e);
44 }
45 }
46
47 public void destroy() {
48 JcrUtils.logoutQuietly(securitySession);
49 JcrUtils.logoutQuietly(nodeSession);
50 }
51
52 public Authentication authenticate(Authentication authentication)
53 throws AuthenticationException {
54 final OsAuthenticationToken authen = (OsAuthenticationToken) super
55 .authenticate(authentication);
56 try {
57 // WARNING: at this stage we assume that the java properties
58 // will have the same value
59 String username = System.getProperty("user.name");
60 Node userProfile = JcrUtils.createUserProfileIfNeeded(
61 securitySession, username);
62 JcrUserDetails.checkAccountStatus(userProfile);
63
64 // each user should have a writable area in the default workspace of
65 // the node
66 Node userNodeHome = JcrUtils.createUserHomeIfNeeded(nodeSession,
67 username);
68 // FIXME how to set user home privileges *before* it is created ?
69 // JcrUtils.addPrivilege(nodeSession, userNodeHome.getPath(),
70 // username, Privilege.JCR_ALL);
71 // if (nodeSession.hasPendingChanges())
72 // nodeSession.save();
73
74 // user details
75 JcrUserDetails userDetails = new JcrUserDetails(userProfile, authen
76 .getCredentials().toString(), getBaseAuthorities());
77 authen.setDetails(userDetails);
78 } catch (RepositoryException e) {
79 JcrUtils.discardQuietly(securitySession);
80 throw new ArgeoException(
81 "Unexpected exception when synchronizing OS and JCR security ",
82 e);
83 } finally {
84 JcrUtils.logoutQuietly(securitySession);
85 }
86 return authen;
87 }
88
89 public void setSecurityWorkspace(String securityWorkspace) {
90 this.securityWorkspace = securityWorkspace;
91 }
92
93 public void setRepository(Repository repository) {
94 this.repository = repository;
95 }
96 }
Argeo Commons - Lightweight integration framework in pure Java/OSGi