1 package org
.argeo
.security
.jcr
;
3 import java
.util
.HashMap
;
7 import javax
.jcr
.Repository
;
8 import javax
.jcr
.RepositoryException
;
9 import javax
.jcr
.RepositoryFactory
;
10 import javax
.jcr
.Session
;
11 import javax
.jcr
.SimpleCredentials
;
13 import org
.argeo
.ArgeoException
;
14 import org
.argeo
.jcr
.ArgeoJcrConstants
;
15 import org
.argeo
.jcr
.ArgeoNames
;
16 import org
.argeo
.jcr
.ArgeoTypes
;
17 import org
.argeo
.security
.SiteAuthenticationToken
;
18 import org
.springframework
.security
.Authentication
;
19 import org
.springframework
.security
.AuthenticationException
;
20 import org
.springframework
.security
.GrantedAuthority
;
21 import org
.springframework
.security
.GrantedAuthorityImpl
;
22 import org
.springframework
.security
.providers
.AuthenticationProvider
;
24 /** Connects to a JCR repository and delegate authentication to it. */
25 public class JcrAuthenticationProvider
implements AuthenticationProvider
{
26 private RepositoryFactory repositoryFactory
;
27 private final String defaultHome
;
28 private final String userRole
;
30 public JcrAuthenticationProvider() {
31 this("ROLE_USER", "home");
34 public JcrAuthenticationProvider(String userRole
) {
35 this(userRole
, "home");
38 public JcrAuthenticationProvider(String defaultHome
, String userRole
) {
40 this.defaultHome
= defaultHome
;
41 this.userRole
= userRole
;
44 public Authentication
authenticate(Authentication authentication
)
45 throws AuthenticationException
{
46 if (!(authentication
instanceof SiteAuthenticationToken
))
48 SiteAuthenticationToken siteAuth
= (SiteAuthenticationToken
) authentication
;
49 String url
= siteAuth
.getUrl();
54 Map
<String
, String
> parameters
= new HashMap
<String
, String
>();
55 parameters
.put(ArgeoJcrConstants
.JCR_REPOSITORY_URI
, url
);
57 Repository repository
= null;
58 repository
= repositoryFactory
.getRepository(parameters
);
59 if (repository
== null)
62 SimpleCredentials sp
= new SimpleCredentials(siteAuth
.getName(),
63 siteAuth
.getCredentials().toString().toCharArray());
64 String workspace
= siteAuth
.getWorkspace();
66 if (workspace
== null || workspace
.trim().equals(""))
67 session
= repository
.login(sp
);
69 session
= repository
.login(sp
, workspace
);
70 Node userHome
= getUserHome(session
);
71 GrantedAuthority
[] authorities
= {};
72 return new JcrAuthenticationToken(siteAuth
.getPrincipal(),
73 siteAuth
.getCredentials(), authorities
, url
, userHome
);
74 } catch (RepositoryException e
) {
75 throw new ArgeoException(
76 "Unexpected exception when authenticating to " + url
, e
);
80 protected GrantedAuthority
[] getGrantedAuthorities(Session session
) {
81 return new GrantedAuthority
[] { new GrantedAuthorityImpl(userRole
) };
84 @SuppressWarnings("rawtypes")
85 public boolean supports(Class authentication
) {
86 return SiteAuthenticationToken
.class.isAssignableFrom(authentication
);
89 protected Node
getUserHome(Session session
) {
90 String userID
= "<not yet logged in>";
92 userID
= session
.getUserID();
93 Node rootNode
= session
.getRootNode();
95 if (!rootNode
.hasNode(defaultHome
)) {
96 homeNode
= rootNode
.addNode(defaultHome
, ArgeoTypes
.ARGEO_HOME
);
98 homeNode
= rootNode
.getNode(defaultHome
);
102 if (!homeNode
.hasNode(userID
)) {
103 userHome
= homeNode
.addNode(userID
);
104 userHome
.addMixin(ArgeoTypes
.ARGEO_USER_HOME
);
105 userHome
.setProperty(ArgeoNames
.ARGEO_USER_ID
, userID
);
107 userHome
= homeNode
.getNode(userID
);
111 } catch (Exception e
) {
112 throw new ArgeoException("Cannot initialize home for user '"
117 public void register(RepositoryFactory repositoryFactory
,
118 Map
<String
, String
> parameters
) {
119 this.repositoryFactory
= repositoryFactory
;
122 public void unregister(RepositoryFactory repositoryFactory
,
123 Map
<String
, String
> parameters
) {
124 this.repositoryFactory
= null;
127 public String
getDefaultHome() {
131 public String
getUserRole() {