import org.apache.jackrabbit.core.security.SecurityConstants;
import org.apache.jackrabbit.core.security.principal.AdminPrincipal;
-import org.argeo.security.SystemAuth;
+import org.argeo.node.DataAdminPrincipal;
public class SystemJackrabbitLoginModule implements LoginModule {
private Subject subject;
@Override
- public void initialize(Subject subject, CallbackHandler callbackHandler,
- Map<String, ?> sharedState, Map<String, ?> options) {
+ public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState,
+ Map<String, ?> options) {
this.subject = subject;
}
@Override
public boolean commit() throws LoginException {
- Set<SystemAuth> initPrincipal = subject
- .getPrincipals(SystemAuth.class);
+ Set<DataAdminPrincipal> initPrincipal = subject.getPrincipals(DataAdminPrincipal.class);
if (!initPrincipal.isEmpty()) {
- subject.getPrincipals().add(
- new AdminPrincipal(SecurityConstants.ADMIN_ID));
+ subject.getPrincipals().add(new AdminPrincipal(SecurityConstants.ADMIN_ID));
return true;
}
- Set<X500Principal> userPrincipal = subject
- .getPrincipals(X500Principal.class);
+ Set<X500Principal> userPrincipal = subject.getPrincipals(X500Principal.class);
if (userPrincipal.isEmpty())
throw new LoginException("Subject must be pre-authenticated");
if (userPrincipal.size() > 1)
- throw new LoginException("Multiple user principals "
- + userPrincipal);
+ throw new LoginException("Multiple user principals " + userPrincipal);
return true;
-
- // Set<Principal> principals = subject.getPrincipals();
- // if (principals.isEmpty()) {// system
- // throw new LoginException("Subject must be pre-authenticated");
- // // subject.getPrincipals().add(new AdminPrincipal("admin"));
- // // return true;
- // }
- // boolean isAdmin = false;
- // boolean isAnonymous = false;
- // // FIXME make it more generic
- // for (Principal principal : principals) {
- // if (principal.getName().equalsIgnoreCase(
- // "cn=admin,ou=roles,ou=node"))
- // isAdmin = true;
- // else if (principal.getName().equalsIgnoreCase(
- // "cn=anonymous,ou=roles,ou=node"))
- // isAnonymous = true;
- // }
- //
- // if (isAnonymous && isAdmin)
- // throw new LoginException("Cannot be admin and anonymous");
- //
- // // Add special Jackrabbit roles
- // if (isAdmin)
- // principals.add(new AdminPrincipal(SecurityConstants.ADMIN_ID));
- // if (isAnonymous)// anonymous
- // principals.add(new AnonymousPrincipal());
- // return true;
}
@Override
@Override
public boolean logout() throws LoginException {
- Set<SystemAuth> initPrincipal = subject
- .getPrincipals(SystemAuth.class);
+ Set<DataAdminPrincipal> initPrincipal = subject.getPrincipals(DataAdminPrincipal.class);
if (!initPrincipal.isEmpty()) {
subject.getPrincipals(AdminPrincipal.class);
return true;
}
- // subject.getPrincipals().removeAll(
- // subject.getPrincipals(AdminPrincipal.class));
return true;
}
}