1 package org
.argeo
.cms
.internal
.kernel
;
5 import javax
.jcr
.RepositoryException
;
7 import org
.apache
.commons
.logging
.Log
;
8 import org
.apache
.commons
.logging
.LogFactory
;
9 import org
.argeo
.cms
.CmsException
;
10 import org
.argeo
.cms
.internal
.useradmin
.JcrUserAdmin
;
11 import org
.argeo
.cms
.internal
.useradmin
.SimpleJcrSecurityModel
;
12 import org
.argeo
.cms
.internal
.useradmin
.jackrabbit
.JackrabbitUserAdminService
;
13 import org
.argeo
.security
.UserAdminService
;
14 import org
.argeo
.security
.core
.InternalAuthentication
;
15 import org
.argeo
.security
.core
.InternalAuthenticationProvider
;
16 import org
.osgi
.framework
.BundleContext
;
17 import org
.osgi
.framework
.ServiceRegistration
;
18 import org
.osgi
.service
.useradmin
.UserAdmin
;
19 import org
.springframework
.security
.authentication
.AnonymousAuthenticationProvider
;
20 import org
.springframework
.security
.authentication
.AnonymousAuthenticationToken
;
21 import org
.springframework
.security
.authentication
.AuthenticationManager
;
22 import org
.springframework
.security
.authentication
.UsernamePasswordAuthenticationToken
;
23 import org
.springframework
.security
.core
.Authentication
;
24 import org
.springframework
.security
.core
.AuthenticationException
;
25 import org
.springframework
.security
.provisioning
.UserDetailsManager
;
27 /** Authentication and user management. */
28 class NodeSecurity
implements AuthenticationManager
{
29 private final static Log log
= LogFactory
.getLog(NodeSecurity
.class);
31 private final BundleContext bundleContext
;
33 private final InternalAuthenticationProvider internalAuth
;
34 private final AnonymousAuthenticationProvider anonymousAuth
;
35 private final JackrabbitUserAdminService userAdminService
;
36 private final JcrUserAdmin userAdmin
;
38 private ServiceRegistration
<AuthenticationManager
> authenticationManagerReg
;
39 private ServiceRegistration
<UserAdminService
> userAdminServiceReg
;
40 private ServiceRegistration
<UserDetailsManager
> userDetailsManagerReg
;
42 private ServiceRegistration
<UserAdmin
> userAdminReg
;
44 public NodeSecurity(BundleContext bundleContext
, JackrabbitNode node
)
45 throws RepositoryException
{
46 URL url
= getClass().getClassLoader().getResource(
47 KernelConstants
.JAAS_CONFIG
);
48 System
.setProperty("java.security.auth.login.config",
49 url
.toExternalForm());
51 this.bundleContext
= bundleContext
;
53 internalAuth
= new InternalAuthenticationProvider(
54 Activator
.getSystemKey());
55 anonymousAuth
= new AnonymousAuthenticationProvider(
56 Activator
.getSystemKey());
59 userAdminService
= new JackrabbitUserAdminService();
60 userAdminService
.setRepository(node
);
61 userAdminService
.setSecurityModel(new SimpleJcrSecurityModel());
62 userAdminService
.init();
64 userAdmin
= new JcrUserAdmin(bundleContext
, node
);
65 userAdmin
.setUserAdminService(userAdminService
);
68 public void publish() {
69 authenticationManagerReg
= bundleContext
.registerService(
70 AuthenticationManager
.class, this, null);
71 userAdminServiceReg
= bundleContext
.registerService(
72 UserAdminService
.class, userAdminService
, null);
73 userDetailsManagerReg
= bundleContext
.registerService(
74 UserDetailsManager
.class, userAdminService
, null);
75 userAdminReg
= bundleContext
.registerService(UserAdmin
.class,
81 userAdminService
.destroy();
82 } catch (RepositoryException e
) {
83 log
.error("Error while destroying Jackrabbit useradmin");
85 userDetailsManagerReg
.unregister();
86 userAdminServiceReg
.unregister();
87 authenticationManagerReg
.unregister();
90 userAdminReg
.unregister();
94 public Authentication
authenticate(Authentication authentication
)
95 throws AuthenticationException
{
96 Authentication auth
= null;
97 if (authentication
instanceof InternalAuthentication
)
98 auth
= internalAuth
.authenticate(authentication
);
99 else if (authentication
instanceof AnonymousAuthenticationToken
)
100 auth
= anonymousAuth
.authenticate(authentication
);
101 else if (authentication
instanceof UsernamePasswordAuthenticationToken
)
102 auth
= userAdminService
.authenticate(authentication
);
104 throw new CmsException("Could not authenticate " + authentication
);