security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/OsJcrAuthenticationProvider.java

   1 package org.argeo.security.jcr;
   2
   3 import java.util.Map;
   4 import java.util.concurrent.Executor;
   5
   6 import javax.jcr.Node;
   7 import javax.jcr.Repository;
   8 import javax.jcr.RepositoryException;
   9 import javax.jcr.Session;
  10
  11 import org.argeo.ArgeoException;
  12 import org.argeo.jcr.JcrUtils;
  13 import org.argeo.security.OsAuthenticationToken;
  14 import org.argeo.security.SystemExecutionService;
  15 import org.argeo.security.core.OsAuthenticationProvider;
  16 import org.springframework.security.Authentication;
  17 import org.springframework.security.AuthenticationException;
  18 import org.springframework.security.userdetails.UserDetails;
  19
  20 public class OsJcrAuthenticationProvider extends OsAuthenticationProvider {
  21         private Executor systemExecutor;
  22         private String homeBasePath = "/home";
  23         private Repository repository;
  24         private String workspace = null;
  25
  26         private Long timeout = 5 * 60 * 1000l;
  27
  28         public Authentication authenticate(Authentication authentication)
  29                         throws AuthenticationException {
  30                 final OsAuthenticationToken authen = (OsAuthenticationToken) super
  31                                 .authenticate(authentication);
  32                 final Repository repository = getRepositoryBlocking();
  33                 systemExecutor.execute(new Runnable() {
  34                         public void run() {
  35                                 try {
  36                                         Session session = repository.login(workspace);
  37                                         // WARNING: at this stage we assume that teh java properties
  38                                         // will have the same value
  39                                         String userName = System.getProperty("user.name");
  40                                         Node userHome = JcrUtils.getUserHome(session, userName);
  41                                         if (userHome == null)
  42                                                 userHome = JcrUtils.createUserHome(session,
  43                                                                 homeBasePath, userName);
  44                                         //authen.setDetails(getUserDetails(userHome, authen));
  45                                 } catch (RepositoryException e) {
  46                                         throw new ArgeoException(
  47                                                         "Unexpected exception when synchronizing OS and JCR security ",
  48                                                         e);
  49                                 }
  50                         }
  51                 });
  52                 return authen;
  53         }
  54
  55         /** Builds user details based on the authentication and the user home. */
  56         protected UserDetails getUserDetails(Node userHome, Authentication authen) {
  57                 try {
  58                         // TODO: loads enabled, locked, etc. from the home node.
  59                         return new JcrUserDetails(userHome.getPath(), authen.getPrincipal()
  60                                         .toString(), authen.getCredentials().toString(),
  61                                         isEnabled(userHome), true, true, true,
  62                                         authen.getAuthorities());
  63                 } catch (Exception e) {
  64                         throw new ArgeoException("Cannot get user details for " + userHome,
  65                                         e);
  66                 }
  67         }
  68
  69         protected Boolean isEnabled(Node userHome) {
  70                 return true;
  71         }
  72
  73         protected Repository getRepositoryBlocking() {
  74                 long begin = System.currentTimeMillis();
  75                 while (repository == null) {
  76                         synchronized (this) {
  77                                 try {
  78                                         wait(500);
  79                                 } catch (InterruptedException e) {
  80                                         // silent
  81                                 }
  82                         }
  83                         if (System.currentTimeMillis() - begin > timeout)
  84                                 throw new ArgeoException("No repository registered after "
  85                                                 + timeout + " ms");
  86                 }
  87                 return repository;
  88         }
  89
  90         public synchronized void register(Repository repository,
  91                         Map<String, String> parameters) {
  92                 this.repository = repository;
  93                 notifyAll();
  94         }
  95
  96         public synchronized void unregister(Repository repository,
  97                         Map<String, String> parameters) {
  98                 this.repository = null;
  99                 notifyAll();
 100         }
 101
 102         public void register(SystemExecutionService systemExecutor,
 103                         Map<String, String> parameters) {
 104                 this.systemExecutor = systemExecutor;
 105         }
 106
 107         public void unregister(SystemExecutionService systemExecutor,
 108                         Map<String, String> parameters) {
 109                 this.systemExecutor = null;
 110         }
 111
 112         public void setHomeBasePath(String homeBasePath) {
 113                 this.homeBasePath = homeBasePath;
 114         }
 115
 116         public void setWorkspace(String workspace) {
 117                 this.workspace = workspace;
 118         }
 119
 120 }