X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;ds=sidebyside;f=org.argeo.ext.jackrabbit%2Fsrc%2Forg%2Fargeo%2Fsecurity%2Fjackrabbit%2FArgeoSecurityManager.java;h=046829fe51b6d3d8db552a85e4c0b7ca6c75e1b1;hb=7e333073d07b780efe681306a1842a750cbea83c;hp=978be436b648623c1e6cf00199a226c26c96ace0;hpb=e66b9893b0e511f8ab295e3cee42b7dc966f1597;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.ext.jackrabbit/src/org/argeo/security/jackrabbit/ArgeoSecurityManager.java b/org.argeo.ext.jackrabbit/src/org/argeo/security/jackrabbit/ArgeoSecurityManager.java index 978be436b..046829fe5 100644 --- a/org.argeo.ext.jackrabbit/src/org/argeo/security/jackrabbit/ArgeoSecurityManager.java +++ b/org.argeo.ext.jackrabbit/src/org/argeo/security/jackrabbit/ArgeoSecurityManager.java @@ -29,6 +29,8 @@ import org.apache.jackrabbit.core.security.AMContext; import org.apache.jackrabbit.core.security.AccessManager; import org.apache.jackrabbit.core.security.SecurityConstants; import org.apache.jackrabbit.core.security.authorization.WorkspaceAccessManager; +import org.argeo.node.NodeConstants; +import org.argeo.node.security.AnonymousPrincipal; /** Integrates Spring Security and Jackrabbit Security users and roles. */ public class ArgeoSecurityManager extends DefaultSecurityManager { @@ -56,10 +58,15 @@ public class ArgeoSecurityManager extends DefaultSecurityManager { @Override public String getUserID(Subject subject, String workspaceName) throws RepositoryException { + Set anonymousPrincipal = subject + .getPrincipals(AnonymousPrincipal.class); + if(!anonymousPrincipal.isEmpty()) + return NodeConstants.ROLE_ANONYMOUS; Set userPrincipal = subject .getPrincipals(X500Principal.class); if (userPrincipal.isEmpty()) - return super.getUserID(subject, workspaceName); + throw new IllegalStateException("Subject is neither anonymous nor logged-in"); +// return super.getUserID(subject, workspaceName); if (userPrincipal.size() > 1) { StringBuilder buf = new StringBuilder(); for (X500Principal principal : userPrincipal)