import org.argeo.cms.internal.auth.CmsSessionImpl;
import org.argeo.cms.internal.auth.ImpliedByPrincipal;
import org.argeo.cms.internal.http.WebCmsSessionImpl;
+import org.argeo.cms.internal.kernel.Activator;
import org.argeo.node.NodeConstants;
import org.argeo.node.security.AnonymousPrincipal;
import org.argeo.node.security.DataAdminPrincipal;
// required for display name:
subject.getPrivateCredentials().add(authorization);
+ if (Activator.isSingleUser()) {
+ subject.getPrincipals().add(new DataAdminPrincipal());
+ }
+
Set<Principal> principals = subject.getPrincipals();
try {
String authName = authorization.getName();
name = NodeSecurityUtils.ROLE_ANONYMOUS_NAME;
userPrincipal = new AnonymousPrincipal();
principals.add(userPrincipal);
- // principals.add(new AnonymousPrincipal());
} else {
name = new LdapName(authName);
NodeSecurityUtils.checkUserName(name);
userPrincipal = new X500Principal(name.toString());
principals.add(userPrincipal);
- principals.add(new ImpliedByPrincipal(NodeSecurityUtils.ROLE_USER_NAME, userPrincipal));
+ // principals.add(new ImpliedByPrincipal(NodeSecurityUtils.ROLE_USER_NAME,
+ // userPrincipal));
}
// Add roles provided by authorization
LdapName roleName = new LdapName(role);
if (roleName.equals(name)) {
// skip
+ } else if (roleName.equals(NodeSecurityUtils.ROLE_ANONYMOUS_NAME)) {
+ // skip
} else {
NodeSecurityUtils.checkImpliedPrincipalName(roleName);
principals.add(new ImpliedByPrincipal(roleName.toString(), userPrincipal));