X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=server%2Fruntime%2Forg.argeo.server.jcr%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fjcr%2FThreadBoundJcrSessionFactory.java;h=ef044ce8b872e4ddbbc2bfa29a64bdab4ed9ec40;hb=7807780029af8d1f2f32d7513e0769f128b729d1;hp=b94b9bf1645a98e94584e6f8897d5a42e6242b0d;hpb=490d9907457c43acfa965e7979ce5974bc1ba6ca;p=lgpl%2Fargeo-commons.git diff --git a/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/ThreadBoundJcrSessionFactory.java b/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/ThreadBoundJcrSessionFactory.java index b94b9bf16..ef044ce8b 100644 --- a/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/ThreadBoundJcrSessionFactory.java +++ b/server/runtime/org.argeo.server.jcr/src/main/java/org/argeo/jcr/ThreadBoundJcrSessionFactory.java @@ -23,6 +23,7 @@ import java.util.ArrayList; import java.util.Collections; import java.util.List; +import javax.jcr.LoginException; import javax.jcr.Repository; import javax.jcr.RepositoryException; import javax.jcr.Session; @@ -34,6 +35,7 @@ import org.argeo.ArgeoException; import org.springframework.beans.factory.DisposableBean; import org.springframework.beans.factory.FactoryBean; +/** Proxy JCR sessions and attach them to calling threads. */ public class ThreadBoundJcrSessionFactory implements FactoryBean, DisposableBean { private final static Log log = LogFactory @@ -47,6 +49,9 @@ public class ThreadBoundJcrSessionFactory implements FactoryBean, private boolean destroying = false; private final Session proxiedSession; + private String defaultUsername = "demo"; + private String defaultPassword = "demo"; + public ThreadBoundJcrSessionFactory() { Class[] interfaces = { Session.class }; proxiedSession = (Session) Proxy.newProxyInstance(getClass() @@ -78,19 +83,36 @@ public class ThreadBoundJcrSessionFactory implements FactoryBean, } protected Session login() { + Session newSession = null; + // first try to login without credentials, assuming the underlying login + // module will have dealt with authentication (typically using Spring + // Security) try { - SimpleCredentials sc = new SimpleCredentials("demo", "demo" - .toCharArray()); - Session sess = repository.login(sc); - if (log.isTraceEnabled()) - log.trace("Log in to JCR session " + sess + "; userId=" - + sess.getUserID()); - // Thread.dumpStack(); - activeSessions.add(sess); - return sess; - } catch (RepositoryException e) { - throw new ArgeoException("Cannot log in to repository", e); + newSession = repository.login(); + } catch (LoginException e1) { + log.warn("Cannot login without credentials: " + e1.getMessage()); + // invalid credentials, go to the next step + } catch (RepositoryException e1) { + // other kind of exception, fail + throw new ArgeoException("Cannot log in to repository", e1); } + + // log using default username / password (useful for testing purposes) + if (newSession == null) + try { + SimpleCredentials sc = new SimpleCredentials(defaultUsername, + defaultPassword.toCharArray()); + newSession = repository.login(sc); + } catch (RepositoryException e) { + throw new ArgeoException("Cannot log in to repository", e); + } + + // Log and monitor new session + if (log.isTraceEnabled()) + log.trace("Logged in to JCR session " + newSession + "; userId=" + + newSession.getUserID()); + activeSessions.add(newSession); + return newSession; } public Object getObject() { @@ -121,4 +143,12 @@ public class ThreadBoundJcrSessionFactory implements FactoryBean, this.repository = repository; } + public void setDefaultUsername(String defaultUsername) { + this.defaultUsername = defaultUsername; + } + + public void setDefaultPassword(String defaultPassword) { + this.defaultPassword = defaultPassword; + } + }