From b7dd623a65cbb78d8c5277dff1aab7d6186b952d Mon Sep 17 00:00:00 2001 From: Mathieu Baudier Date: Mon, 21 Mar 2011 13:59:29 +0000 Subject: [PATCH] Improve Jackrabbit security git-svn-id: https://svn.argeo.org/commons/trunk@4330 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc --- .../jackrabbit/ArgeoSecurityManager.java | 22 +++++++++++-------- .../argeo/jackrabbit/JackrabbitContainer.java | 1 + 2 files changed, 14 insertions(+), 9 deletions(-) diff --git a/security/runtime/org.argeo.security.jackrabbit/src/main/java/org/argeo/security/jackrabbit/ArgeoSecurityManager.java b/security/runtime/org.argeo.security.jackrabbit/src/main/java/org/argeo/security/jackrabbit/ArgeoSecurityManager.java index e5b83e316..5612b6388 100644 --- a/security/runtime/org.argeo.security.jackrabbit/src/main/java/org/argeo/security/jackrabbit/ArgeoSecurityManager.java +++ b/security/runtime/org.argeo.security.jackrabbit/src/main/java/org/argeo/security/jackrabbit/ArgeoSecurityManager.java @@ -112,18 +112,22 @@ public class ArgeoSecurityManager extends DefaultSecurityManager { public boolean grants(Set principals, String workspaceName) throws RepositoryException { + // everybody has access to all workspaces + // TODO: implements finer access to workspaces + return true; + // anonymous has access to the default workspace (required for // remoting which does a default login when initializing the // repository) - Boolean anonymous = false; - for (Principal principal : principals) - if (principal instanceof AnonymousPrincipal) - anonymous = true; - - if (anonymous && workspaceName.equals(defaultWorkspace)) - return true; - else - return wam.grants(principals, workspaceName); + // Boolean anonymous = false; + // for (Principal principal : principals) + // if (principal instanceof AnonymousPrincipal) + // anonymous = true; + // + // if (anonymous && workspaceName.equals(defaultWorkspace)) + // return true; + // else + // return wam.grants(principals, workspaceName); } } diff --git a/server/runtime/org.argeo.server.jackrabbit/src/main/java/org/argeo/jackrabbit/JackrabbitContainer.java b/server/runtime/org.argeo.server.jackrabbit/src/main/java/org/argeo/jackrabbit/JackrabbitContainer.java index 51063ace7..895c31c59 100644 --- a/server/runtime/org.argeo.server.jackrabbit/src/main/java/org/argeo/jackrabbit/JackrabbitContainer.java +++ b/server/runtime/org.argeo.server.jackrabbit/src/main/java/org/argeo/jackrabbit/JackrabbitContainer.java @@ -165,6 +165,7 @@ public class JackrabbitContainer implements InitializingBean, DisposableBean, Session session = null; try { session = repository.login(credentialsToUse); + processNewSession(session); // Load cnds as resources for (String resUrl : cndFiles) { Resource res = resourceLoader.getResource(resUrl); -- 2.30.2