From: Mathieu Baudier Date: Fri, 21 Oct 2016 14:30:31 +0000 (+0000) Subject: Continue finalising security. Fix issues with login in web. X-Git-Tag: argeo-commons-2.1.50~16 X-Git-Url: http://git.argeo.org/?a=commitdiff_plain;h=d039711d38e91f8d419e784f9b88f3a86bfc8538;p=lgpl%2Fargeo-commons.git Continue finalising security. Fix issues with login in web. git-svn-id: https://svn.argeo.org/commons/trunk@9274 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc --- diff --git a/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java index 23bbf2345..6147fc77a 100644 --- a/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java +++ b/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java @@ -10,17 +10,16 @@ import javax.security.auth.login.LoginException; import javax.security.auth.spi.LoginModule; import javax.security.auth.x500.X500Principal; -import org.apache.jackrabbit.core.security.SecurityConstants; -import org.apache.jackrabbit.core.security.principal.AdminPrincipal; import org.argeo.cms.internal.auth.ImpliedByPrincipal; import org.argeo.node.NodeConstants; +import org.argeo.node.security.DataAdminPrincipal; public class SingleUserLoginModule implements LoginModule, AuthConstants { private Subject subject; @Override - public void initialize(Subject subject, CallbackHandler callbackHandler, - Map sharedState, Map options) { + public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, + Map options) { this.subject = subject; } @@ -32,13 +31,11 @@ public class SingleUserLoginModule implements LoginModule, AuthConstants { @Override public boolean commit() throws LoginException { String username = System.getProperty("user.name"); - X500Principal principal = new X500Principal("uid=" + username - + ",dc=localhost,dc=localdomain"); + X500Principal principal = new X500Principal("uid=" + username + ",dc=localhost,dc=localdomain"); Set principals = subject.getPrincipals(); principals.add(principal); principals.add(new ImpliedByPrincipal(NodeConstants.ROLE_ADMIN, principal)); - // Jackrabbit - principals.add(new AdminPrincipal(SecurityConstants.ADMIN_ID)); + principals.add(new DataAdminPrincipal()); return true; } diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/HomeRepository.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/HomeRepository.java index 68acd2d62..d73b554e8 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/HomeRepository.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/HomeRepository.java @@ -14,7 +14,6 @@ import javax.naming.ldap.LdapName; import javax.security.auth.Subject; import javax.security.auth.login.LoginContext; -import org.apache.jackrabbit.core.security.SecurityConstants; import org.argeo.cms.CmsException; import org.argeo.jcr.JcrRepositoryWrapper; import org.argeo.jcr.JcrUtils; @@ -89,8 +88,8 @@ class HomeRepository extends JcrRepositoryWrapper implements KernelConstants { return; // if (session.getUserID().equals(AuthConstants.ROLE_KERNEL)) // return; - if (session.getUserID().equals(SecurityConstants.ADMIN_ID)) - return; +// if (session.getUserID().equals(SecurityConstants.ADMIN_ID)) +// return; if (checkedUsers.contains(username)) return; diff --git a/org.argeo.ext.jackrabbit/bnd.bnd b/org.argeo.ext.jackrabbit/bnd.bnd index 6bab2aa5e..8107e8717 100644 --- a/org.argeo.ext.jackrabbit/bnd.bnd +++ b/org.argeo.ext.jackrabbit/bnd.bnd @@ -1,3 +1,4 @@ Fragment-Host: org.apache.jackrabbit.core Import-Package: org.springframework.core,\ +org.argeo.node,\ *