import org.argeo.cms.auth.AuthConstants;
import org.argeo.cms.auth.HttpRequestCallback;
import org.argeo.cms.auth.HttpRequestCallbackHandler;
-import org.argeo.jcr.ArgeoJcrConstants;
import org.argeo.jcr.JcrUtils;
+import org.argeo.node.NodeConstants;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.FrameworkUtil;
+import org.osgi.framework.ServiceReference;
import org.osgi.service.http.HttpContext;
import org.osgi.service.http.HttpService;
import org.osgi.service.http.NamespaceException;
import org.osgi.service.useradmin.Authorization;
+import org.osgi.util.tracker.ServiceTracker;
+import org.osgi.util.tracker.ServiceTrackerCustomizer;
/**
* Intercepts and enriches http access, mainly focusing on security and
* transactionality.
*/
-class DataHttp implements KernelConstants, ArgeoJcrConstants {
+class DataHttp implements KernelConstants {
private final static Log log = LogFactory.getLog(DataHttp.class);
// private final static String ATTR_AUTH = "auth";
private final static String HEADER_AUTHORIZATION = "Authorization";
private final static String HEADER_WWW_AUTHENTICATE = "WWW-Authenticate";
+ private final static String DEFAULT_PROTECTED_HANDLERS = "/org/argeo/cms/internal/kernel/protectedHandlers.xml";
+
+ private final BundleContext bc;
private final HttpService httpService;
+ private final ServiceTracker<Repository, Repository> repositories;
// FIXME Make it more unique
private String httpAuthRealm = "Argeo";
private OpenInViewSessionProvider sessionProvider;
DataHttp(HttpService httpService) {
- this.httpService = httpService;
+ this.bc = FrameworkUtil.getBundle(getClass()).getBundleContext();
sessionProvider = new OpenInViewSessionProvider();
- // registerRepositoryServlets(ALIAS_NODE, node);
+ this.httpService = httpService;
+ repositories = new ServiceTracker<>(bc, Repository.class, new RepositoriesStc());
+ repositories.open();
}
public void destroy() {
- // unregisterRepositoryServlets(ALIAS_NODE);
+ repositories.close();
}
void registerRepositoryServlets(String alias, Repository repository) {
registerWebdavServlet(alias, repository, false);
registerRemotingServlet(alias, repository, true);
registerRemotingServlet(alias, repository, false);
+ if (log.isDebugEnabled())
+ log.debug("Registered servlets for repository '" + alias + "'");
} catch (Exception e) {
- throw new CmsException("Could not register servlets for repository " + alias, e);
+ throw new CmsException("Could not register servlets for repository '" + alias + "'", e);
}
}
void unregisterRepositoryServlets(String alias) {
- // FIXME unregister servlets
+ try {
+ httpService.unregister(webdavPath(alias, true));
+ httpService.unregister(webdavPath(alias, false));
+ httpService.unregister(remotingPath(alias, true));
+ httpService.unregister(remotingPath(alias, false));
+ if (log.isDebugEnabled())
+ log.debug("Unregistered servlets for repository '" + alias + "'");
+ } catch (Exception e) {
+ log.error("Could not unregister servlets for repository '" + alias + "'", e);
+ }
}
void registerWebdavServlet(String alias, Repository repository, boolean anonymous)
throws NamespaceException, ServletException {
WebdavServlet webdavServlet = new WebdavServlet(repository, sessionProvider);
- String pathPrefix = anonymous ? WEBDAV_PUBLIC : WEBDAV_PRIVATE;
- String path = pathPrefix + "/" + alias;
+ String path = webdavPath(alias, anonymous);
Properties ip = new Properties();
ip.setProperty(WebdavServlet.INIT_PARAM_RESOURCE_CONFIG, WEBDAV_CONFIG);
ip.setProperty(WebdavServlet.INIT_PARAM_RESOURCE_PATH_PREFIX, path);
void registerRemotingServlet(String alias, Repository repository, boolean anonymous)
throws NamespaceException, ServletException {
- String pathPrefix = anonymous ? REMOTING_PUBLIC : REMOTING_PRIVATE;
RemotingServlet remotingServlet = new RemotingServlet(repository, sessionProvider);
- String path = pathPrefix + "/" + alias;
+ String path = remotingPath(alias, anonymous);
Properties ip = new Properties();
ip.setProperty(JcrRemotingServlet.INIT_PARAM_RESOURCE_PATH_PREFIX, path);
// Looks like a bug in Jackrabbit remoting init
ip.setProperty(RemotingServlet.INIT_PARAM_HOME, KernelUtils.getOsgiInstanceDir() + "/tmp/jackrabbit");
ip.setProperty(RemotingServlet.INIT_PARAM_TMP_DIRECTORY, "remoting");
- // in order to avoid annoying warning.
- ip.setProperty(RemotingServlet.INIT_PARAM_PROTECTED_HANDLERS_CONFIG, "");
+ ip.setProperty(RemotingServlet.INIT_PARAM_PROTECTED_HANDLERS_CONFIG, DEFAULT_PROTECTED_HANDLERS);
httpService.registerServlet(path, remotingServlet, ip, new DataHttpContext(anonymous));
}
+ private String webdavPath(String alias, boolean anonymous) {
+ String pathPrefix = anonymous ? WEBDAV_PUBLIC : WEBDAV_PRIVATE;
+ return pathPrefix + "/" + alias;
+ }
+
+ private String remotingPath(String alias, boolean anonymous) {
+ String pathPrefix = anonymous ? REMOTING_PUBLIC : REMOTING_PRIVATE;
+ return pathPrefix + "/" + alias;
+ }
+
private Subject subjectFromRequest(HttpServletRequest request) {
Authorization authorization = (Authorization) request.getAttribute(HttpContext.AUTHORIZATION);
if (authorization == null)
}
}
+ private class RepositoriesStc implements ServiceTrackerCustomizer<Repository, Repository> {
+
+ @Override
+ public Repository addingService(ServiceReference<Repository> reference) {
+ Repository repository = bc.getService(reference);
+ Object jcrRepoAlias = reference.getProperty(NodeConstants.JCR_REPOSITORY_ALIAS);
+ if (jcrRepoAlias != null) {
+ String alias = jcrRepoAlias.toString();
+ registerRepositoryServlets(alias, repository);
+ }
+ return repository;
+ }
+
+ @Override
+ public void modifiedService(ServiceReference<Repository> reference, Repository service) {
+ }
+
+ @Override
+ public void removedService(ServiceReference<Repository> reference, Repository service) {
+ Object jcrRepoAlias = reference.getProperty(NodeConstants.JCR_REPOSITORY_ALIAS);
+ if (jcrRepoAlias != null) {
+ String alias = jcrRepoAlias.toString();
+ unregisterRepositoryServlets(alias);
+ }
+ }
+ }
+
private class DataHttpContext implements HttpContext {
private final boolean anonymous;
@Override
public URL getResource(String name) {
- return Activator.getBundleContext().getBundle().getResource(name);
+ return KernelUtils.getBundleContext(DataHttp.class).getBundle().getResource(name);
}
@Override