1 package org
.argeo
.security
.jcr
;
4 import javax
.jcr
.Repository
;
5 import javax
.jcr
.RepositoryException
;
6 import javax
.jcr
.Session
;
7 import javax
.jcr
.security
.Privilege
;
9 import org
.argeo
.ArgeoException
;
10 import org
.argeo
.jcr
.JcrUtils
;
11 import org
.argeo
.security
.OsAuthenticationToken
;
12 import org
.argeo
.security
.core
.OsAuthenticationProvider
;
13 import org
.springframework
.security
.Authentication
;
14 import org
.springframework
.security
.AuthenticationException
;
16 /** Relies on OS to authenticate and additionaly setup JCR */
17 public class OsJcrAuthenticationProvider
extends OsAuthenticationProvider
{
18 private Repository repository
;
19 private String securityWorkspace
= "security";
20 private Session securitySession
;
21 private Session nodeSession
;
25 securitySession
= repository
.login(securityWorkspace
);
26 nodeSession
= repository
.login();
27 } catch (RepositoryException e
) {
28 throw new ArgeoException("Cannot initialize", e
);
32 public void destroy() {
33 JcrUtils
.logoutQuietly(securitySession
);
34 JcrUtils
.logoutQuietly(nodeSession
);
37 public Authentication
authenticate(Authentication authentication
)
38 throws AuthenticationException
{
39 final OsAuthenticationToken authen
= (OsAuthenticationToken
) super
40 .authenticate(authentication
);
42 // WARNING: at this stage we assume that the java properties
43 // will have the same value
44 String username
= System
.getProperty("user.name");
45 Node userProfile
= JcrUtils
.createUserProfileIfNeeded(
46 securitySession
, username
);
47 JcrUserDetails
.checkAccountStatus(userProfile
);
49 // each user should have a writable area in the default workspace of
51 Node userNodeHome
= JcrUtils
.createUserHomeIfNeeded(nodeSession
,
53 JcrUtils
.addPrivilege(nodeSession
, userNodeHome
.getPath(),
54 username
, Privilege
.JCR_ALL
);
55 if (nodeSession
.hasPendingChanges())
59 JcrUserDetails userDetails
= new JcrUserDetails(userProfile
, authen
60 .getCredentials().toString(), getBaseAuthorities());
61 authen
.setDetails(userDetails
);
62 } catch (RepositoryException e
) {
63 JcrUtils
.discardQuietly(securitySession
);
64 throw new ArgeoException(
65 "Unexpected exception when synchronizing OS and JCR security ",
68 JcrUtils
.logoutQuietly(securitySession
);
73 public void setSecurityWorkspace(String securityWorkspace
) {
74 this.securityWorkspace
= securityWorkspace
;
77 public void setRepository(Repository repository
) {
78 this.repository
= repository
;