X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.security.jackrabbit%2Fsrc%2Forg%2Fargeo%2Fsecurity%2Fjackrabbit%2FSystemJackrabbitLoginModule.java;h=c041d276dc1535ae086a8a045b6a62223d894619;hb=06acf73a99f0e3908fe8998f1ff08dee109c5562;hp=9977938eccb4029dc6ec683a4e1796a4e0370452;hpb=34130a879d419e1def9526d9d31f8aaa55c950d4;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.security.jackrabbit/src/org/argeo/security/jackrabbit/SystemJackrabbitLoginModule.java b/org.argeo.security.jackrabbit/src/org/argeo/security/jackrabbit/SystemJackrabbitLoginModule.java index 9977938ec..c041d276d 100644 --- a/org.argeo.security.jackrabbit/src/org/argeo/security/jackrabbit/SystemJackrabbitLoginModule.java +++ b/org.argeo.security.jackrabbit/src/org/argeo/security/jackrabbit/SystemJackrabbitLoginModule.java @@ -11,7 +11,7 @@ import javax.security.auth.x500.X500Principal; import org.apache.jackrabbit.core.security.SecurityConstants; import org.apache.jackrabbit.core.security.principal.AdminPrincipal; -import org.argeo.security.SystemAuth; +import org.argeo.node.DataAdminPrincipal; public class SystemJackrabbitLoginModule implements LoginModule { @@ -30,8 +30,8 @@ public class SystemJackrabbitLoginModule implements LoginModule { @Override public boolean commit() throws LoginException { - Set initPrincipal = subject - .getPrincipals(SystemAuth.class); + Set initPrincipal = subject + .getPrincipals(DataAdminPrincipal.class); if (!initPrincipal.isEmpty()) { subject.getPrincipals().add( new AdminPrincipal(SecurityConstants.ADMIN_ID)); @@ -47,34 +47,6 @@ public class SystemJackrabbitLoginModule implements LoginModule { + userPrincipal); return true; - - // Set principals = subject.getPrincipals(); - // if (principals.isEmpty()) {// system - // throw new LoginException("Subject must be pre-authenticated"); - // // subject.getPrincipals().add(new AdminPrincipal("admin")); - // // return true; - // } - // boolean isAdmin = false; - // boolean isAnonymous = false; - // // FIXME make it more generic - // for (Principal principal : principals) { - // if (principal.getName().equalsIgnoreCase( - // "cn=admin,ou=roles,ou=node")) - // isAdmin = true; - // else if (principal.getName().equalsIgnoreCase( - // "cn=anonymous,ou=roles,ou=node")) - // isAnonymous = true; - // } - // - // if (isAnonymous && isAdmin) - // throw new LoginException("Cannot be admin and anonymous"); - // - // // Add special Jackrabbit roles - // if (isAdmin) - // principals.add(new AdminPrincipal(SecurityConstants.ADMIN_ID)); - // if (isAnonymous)// anonymous - // principals.add(new AnonymousPrincipal()); - // return true; } @Override @@ -84,14 +56,12 @@ public class SystemJackrabbitLoginModule implements LoginModule { @Override public boolean logout() throws LoginException { - Set initPrincipal = subject - .getPrincipals(SystemAuth.class); + Set initPrincipal = subject + .getPrincipals(DataAdminPrincipal.class); if (!initPrincipal.isEmpty()) { subject.getPrincipals(AdminPrincipal.class); return true; } - // subject.getPrincipals().removeAll( - // subject.getPrincipals(AdminPrincipal.class)); return true; } }