X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=security%2Fruntime%2Forg.argeo.security.jackrabbit%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fjackrabbit%2FArgeoSecurityManager.java;h=00c674580076d7bcbf7d6bdef5b2a343fc47ca6e;hb=a39a9b0e7ad6a44b4fab9db2d2a2224badd4062d;hp=244207bc59dd6f80cb838296cb3eece79531abd7;hpb=7abea79fee4787580e26cfb1f01a845767cce504;p=lgpl%2Fargeo-commons.git diff --git a/security/runtime/org.argeo.security.jackrabbit/src/main/java/org/argeo/security/jackrabbit/ArgeoSecurityManager.java b/security/runtime/org.argeo.security.jackrabbit/src/main/java/org/argeo/security/jackrabbit/ArgeoSecurityManager.java index 244207bc5..00c674580 100644 --- a/security/runtime/org.argeo.security.jackrabbit/src/main/java/org/argeo/security/jackrabbit/ArgeoSecurityManager.java +++ b/security/runtime/org.argeo.security.jackrabbit/src/main/java/org/argeo/security/jackrabbit/ArgeoSecurityManager.java @@ -37,7 +37,6 @@ import org.apache.jackrabbit.core.DefaultSecurityManager; import org.apache.jackrabbit.core.security.AnonymousPrincipal; import org.apache.jackrabbit.core.security.SecurityConstants; import org.apache.jackrabbit.core.security.authorization.WorkspaceAccessManager; -import org.argeo.ArgeoException; import org.springframework.security.Authentication; import org.springframework.security.GrantedAuthority; @@ -72,30 +71,35 @@ public class ArgeoSecurityManager extends DefaultSecurityManager { Authentication authen; Set authens = subject .getPrincipals(Authentication.class); - if (authens.size() == 0) - throw new ArgeoException("No Spring authentication found in " - + subject); - else + String userId; + if (authens.size() == 0) { + // make sure that logged-in user has a Principal, useful for testing + // using an admin user + userId = super.getUserID(subject, workspaceName); + UserManager systemUm = getSystemUserManager(null); + if (systemUm.getAuthorizable(userId) == null) + systemUm.createUser(userId, ""); + } else {// Spring Security authen = authens.iterator().next(); - String userId = authen.getName(); - StringBuffer roles = new StringBuffer(""); - GrantedAuthority[] authorities = authen.getAuthorities(); - for (GrantedAuthority ga : authorities) { - roles.append(ga.toString()); - } - - // do not sync if not changed - if (userRolesCache.containsKey(userId) - && userRolesCache.get(userId).equals(roles.toString())) - return userId; + userId = authen.getName(); + StringBuffer roles = new StringBuffer(""); + GrantedAuthority[] authorities = authen.getAuthorities(); + for (GrantedAuthority ga : authorities) { + roles.append(ga.toString()); + } - // sync Spring and Jackrabbit - // workspace is irrelevant here - UserManager systemUm = getSystemUserManager(null); - syncSpringAndJackrabbitSecurity(systemUm, authen); - userRolesCache.put(userId, roles.toString()); + // do not sync if not changed + if (userRolesCache.containsKey(userId) + && userRolesCache.get(userId).equals(roles.toString())) + return userId; + // sync Spring and Jackrabbit + // workspace is irrelevant here + UserManager systemUm = getSystemUserManager(null); + syncSpringAndJackrabbitSecurity(systemUm, authen); + userRolesCache.put(userId, roles.toString()); + } return userId; }