package org.argeo.cms.internal.kernel;
-import java.net.URL;
-
import javax.jcr.RepositoryException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.argeo.cms.CmsException;
-import org.argeo.cms.internal.useradmin.JcrUserAdmin;
-import org.argeo.security.SecurityUtils;
+import org.argeo.cms.internal.useradmin.SimpleJcrSecurityModel;
+import org.argeo.cms.internal.useradmin.jackrabbit.JackrabbitUserAdminService;
+import org.argeo.osgi.useradmin.AbstractLdapUserAdmin;
+import org.argeo.osgi.useradmin.LdapUserAdmin;
+import org.argeo.osgi.useradmin.LdifUserAdmin;
+import org.argeo.security.OsAuthenticationToken;
import org.argeo.security.UserAdminService;
import org.argeo.security.core.InternalAuthentication;
import org.argeo.security.core.InternalAuthenticationProvider;
-import org.argeo.security.jcr.SimpleJcrSecurityModel;
-import org.argeo.security.jcr.jackrabbit.JackrabbitUserAdminService;
+import org.argeo.security.core.OsAuthenticationProvider;
import org.osgi.framework.BundleContext;
import org.osgi.framework.ServiceRegistration;
import org.osgi.service.useradmin.UserAdmin;
private final BundleContext bundleContext;
+ private final OsAuthenticationProvider osAuth;
private final InternalAuthenticationProvider internalAuth;
private final AnonymousAuthenticationProvider anonymousAuth;
private final JackrabbitUserAdminService userAdminService;
- private final JcrUserAdmin userAdmin;
+ private final AbstractLdapUserAdmin userAdmin;
private ServiceRegistration<AuthenticationManager> authenticationManagerReg;
private ServiceRegistration<UserAdminService> userAdminServiceReg;
public NodeSecurity(BundleContext bundleContext, JackrabbitNode node)
throws RepositoryException {
- URL url = getClass().getClassLoader().getResource(
- KernelConstants.JAAS_CONFIG);
- System.setProperty("java.security.auth.login.config",
- url.toExternalForm());
-
this.bundleContext = bundleContext;
+ osAuth = new OsAuthenticationProvider();
internalAuth = new InternalAuthenticationProvider(
- SecurityUtils.getStaticKey());
+ Activator.getSystemKey());
anonymousAuth = new AnonymousAuthenticationProvider(
- SecurityUtils.getStaticKey());
+ Activator.getSystemKey());
// user admin
userAdminService = new JackrabbitUserAdminService();
userAdminService.setSecurityModel(new SimpleJcrSecurityModel());
userAdminService.init();
- userAdmin = new JcrUserAdmin(bundleContext, node);
- userAdmin.setUserAdminService(userAdminService);
+ String userAdminUri = KernelUtils
+ .getFrameworkProp(KernelConstants.USERADMIN_URI);
+ if (userAdminUri == null)
+ userAdminUri = getClass().getResource("demo.ldif").toString();
+
+ if (userAdminUri.startsWith("ldap"))
+ userAdmin = new LdapUserAdmin(userAdminUri);
+ else
+ userAdmin = new LdifUserAdmin(userAdminUri);
}
public void publish() {
userDetailsManagerReg.unregister();
userAdminServiceReg.unregister();
authenticationManagerReg.unregister();
+
+ userAdmin.destroy();
userAdminReg.unregister();
}
auth = anonymousAuth.authenticate(authentication);
else if (authentication instanceof UsernamePasswordAuthenticationToken)
auth = userAdminService.authenticate(authentication);
+ else if (authentication instanceof OsAuthenticationToken)
+ auth = osAuth.authenticate(authentication);
if (auth == null)
throw new CmsException("Could not authenticate " + authentication);
return auth;