X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fruntime%2FCmsUserAdmin.java;h=99e8fc0dc4c4440022a17f38465151b9bcbb9239;hb=76a8481ee26616efa0fa59838a93bcad937b2692;hp=9675c25429e1ff3d3274a84e2a9e52960bd4cbd3;hpb=9e3e4ceb38e36ee8d7b4287a60cd92f2b1a66a2a;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/internal/runtime/CmsUserAdmin.java b/org.argeo.cms/src/org/argeo/cms/internal/runtime/CmsUserAdmin.java index 9675c2542..99e8fc0dc 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/runtime/CmsUserAdmin.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/runtime/CmsUserAdmin.java @@ -1,6 +1,5 @@ package org.argeo.cms.internal.runtime; -import java.io.File; import java.io.IOException; import java.net.InetAddress; import java.net.URI; @@ -8,6 +7,7 @@ import java.net.URISyntaxException; import java.net.URL; import java.nio.file.Files; import java.nio.file.Path; +import java.nio.file.Paths; import java.security.PrivilegedExceptionAction; import java.util.ArrayList; import java.util.Dictionary; @@ -25,19 +25,11 @@ import javax.security.auth.kerberos.KerberosPrincipal; import javax.security.auth.login.LoginContext; import javax.security.auth.login.LoginException; -import org.apache.commons.httpclient.auth.AuthPolicy; -import org.apache.commons.httpclient.auth.CredentialsProvider; -import org.apache.commons.httpclient.params.DefaultHttpParams; -import org.apache.commons.httpclient.params.HttpMethodParams; -import org.apache.commons.httpclient.params.HttpParams; -import org.apache.commons.io.FileUtils; import org.argeo.api.cms.CmsAuth; import org.argeo.api.cms.CmsConstants; import org.argeo.api.cms.CmsLog; import org.argeo.api.cms.CmsState; import org.argeo.cms.CmsDeployProperty; -import org.argeo.cms.internal.http.client.HttpCredentialProvider; -import org.argeo.cms.internal.http.client.SpnegoAuthScheme; import org.argeo.osgi.useradmin.AggregatingUserAdmin; import org.argeo.osgi.useradmin.DirectoryUserAdmin; import org.argeo.osgi.useradmin.UserDirectory; @@ -96,42 +88,42 @@ public class CmsUserAdmin extends AggregatingUserAdmin { protected List> getUserDirectoryConfigs() { List> res = new ArrayList<>(); - File nodeBaseDir = cmsState.getDataPath(KernelConstants.DIR_NODE).toFile(); + Path nodeBase = cmsState.getDataPath(KernelConstants.DIR_PRIVATE); List uris = new ArrayList<>(); // node roles String nodeRolesUri = null;// getFrameworkProp(CmsConstants.ROLES_URI); String baseNodeRoleDn = CmsConstants.ROLES_BASEDN; - if (nodeRolesUri == null) { + if (nodeRolesUri == null && nodeBase != null) { nodeRolesUri = baseNodeRoleDn + ".ldif"; - File nodeRolesFile = new File(nodeBaseDir, nodeRolesUri); - if (!nodeRolesFile.exists()) + Path nodeRolesFile = nodeBase.resolve(nodeRolesUri); + if (!Files.exists(nodeRolesFile)) try { - FileUtils.copyInputStreamToFile(CmsUserAdmin.class.getResourceAsStream(baseNodeRoleDn + ".ldif"), - nodeRolesFile); + Files.copy(CmsUserAdmin.class.getResourceAsStream(baseNodeRoleDn + ".ldif"), nodeRolesFile); } catch (IOException e) { throw new RuntimeException("Cannot copy demo resource", e); } // nodeRolesUri = nodeRolesFile.toURI().toString(); } - uris.add(nodeRolesUri); + if (nodeRolesUri != null) + uris.add(nodeRolesUri); // node tokens String nodeTokensUri = null;// getFrameworkProp(CmsConstants.TOKENS_URI); String baseNodeTokensDn = CmsConstants.TOKENS_BASEDN; - if (nodeTokensUri == null) { + if (nodeTokensUri == null && nodeBase != null) { nodeTokensUri = baseNodeTokensDn + ".ldif"; - File nodeTokensFile = new File(nodeBaseDir, nodeTokensUri); - if (!nodeTokensFile.exists()) + Path nodeTokensFile = nodeBase.resolve(nodeTokensUri); + if (!Files.exists(nodeTokensFile)) try { - FileUtils.copyInputStreamToFile(CmsUserAdmin.class.getResourceAsStream(baseNodeTokensDn + ".ldif"), - nodeTokensFile); + Files.copy(CmsUserAdmin.class.getResourceAsStream(baseNodeTokensDn + ".ldif"), nodeTokensFile); } catch (IOException e) { throw new RuntimeException("Cannot copy demo resource", e); } // nodeRolesUri = nodeRolesFile.toURI().toString(); } - uris.add(nodeTokensUri); + if (nodeTokensUri != null) + uris.add(nodeTokensUri); // Business roles // String userAdminUris = getFrameworkProp(CmsConstants.USERADMIN_URIS); @@ -143,19 +135,17 @@ public class CmsUserAdmin extends AggregatingUserAdmin { uris.add(userAdminUri); } - if (uris.size() == 0) { + if (uris.size() == 0 && nodeBase != null) { // TODO put this somewhere else String demoBaseDn = "dc=example,dc=com"; String userAdminUri = demoBaseDn + ".ldif"; - File businessRolesFile = new File(nodeBaseDir, userAdminUri); - File systemRolesFile = new File(nodeBaseDir, "ou=roles,ou=node.ldif"); - if (!businessRolesFile.exists()) + Path businessRolesFile = nodeBase.resolve(userAdminUri); + Path systemRolesFile = nodeBase.resolve("ou=roles,ou=node.ldif"); + if (!Files.exists(businessRolesFile)) try { - FileUtils.copyInputStreamToFile(CmsUserAdmin.class.getResourceAsStream(demoBaseDn + ".ldif"), - businessRolesFile); - if (!systemRolesFile.exists()) - FileUtils.copyInputStreamToFile( - CmsUserAdmin.class.getResourceAsStream("example-ou=roles,ou=node.ldif"), + Files.copy(CmsUserAdmin.class.getResourceAsStream(demoBaseDn + ".ldif"), businessRolesFile); + if (!Files.exists(systemRolesFile)) + Files.copy(CmsUserAdmin.class.getResourceAsStream("example-ou=roles,ou=node.ldif"), systemRolesFile); } catch (IOException e) { throw new RuntimeException("Cannot copy demo resources", e); @@ -175,14 +165,14 @@ public class CmsUserAdmin extends AggregatingUserAdmin { "URI " + uri + " must have a path in order to determine base DN"); if (u.getScheme() == null) { if (uri.startsWith("/") || uri.startsWith("./") || uri.startsWith("../")) - u = new File(uri).getCanonicalFile().toURI(); + u = Paths.get(uri).toRealPath().toUri(); else if (!uri.contains("/")) { // u = KernelUtils.getOsgiInstanceUri(KernelConstants.DIR_NODE + '/' + uri); u = new URI(uri); } else throw new IllegalArgumentException("Cannot interpret " + uri + " as an uri"); } else if (u.getScheme().equals(DirectoryConf.SCHEME_FILE)) { - u = new File(u).getCanonicalFile().toURI(); + u = Paths.get(u).toRealPath().toUri(); } } catch (Exception e) { throw new RuntimeException("Cannot interpret " + uri + " as an uri", e); @@ -201,7 +191,7 @@ public class CmsUserAdmin extends AggregatingUserAdmin { try { if (uri == null) { String baseDn = (String) properties.get(DirectoryConf.baseDn.name()); - u = KernelUtils.getOsgiInstanceUri(KernelConstants.DIR_NODE + '/' + baseDn + ".ldif"); + u = KernelUtils.getOsgiInstanceUri(KernelConstants.DIR_PRIVATE + '/' + baseDn + ".ldif"); } else if (realm != null) { u = null; } else { @@ -298,16 +288,6 @@ public class CmsUserAdmin extends AggregatingUserAdmin { } } - // Register client-side SPNEGO auth scheme - AuthPolicy.registerAuthScheme(SpnegoAuthScheme.NAME, SpnegoAuthScheme.class); - HttpParams params = DefaultHttpParams.getDefaultParams(); - ArrayList schemes = new ArrayList<>(); - schemes.add(SpnegoAuthScheme.NAME);// SPNEGO preferred - // schemes.add(AuthPolicy.BASIC);// incompatible with Basic - params.setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, schemes); - params.setParameter(CredentialsProvider.PROVIDER, new HttpCredentialProvider()); - params.setParameter(HttpMethodParams.COOKIE_POLICY, KernelConstants.COOKIE_POLICY_BROWSER_COMPATIBILITY); - // params.setCookiePolicy(CookiePolicy.BROWSER_COMPATIBILITY); } }