import java.util.HashSet;
import java.util.Set;
-import javax.jcr.LoginException;
import javax.jcr.Node;
import javax.jcr.Repository;
import javax.jcr.RepositoryException;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
-import org.argeo.ArgeoException;
+import org.apache.jackrabbit.core.security.SecurityConstants;
import org.argeo.cms.CmsException;
import org.argeo.cms.auth.AuthConstants;
import org.argeo.jcr.ArgeoJcrConstants;
});
}
+ // @Override
+ // public Session login() throws LoginException, RepositoryException {
+ // Session session = super.login();
+ // String username = session.getUserID();
+ // if (username == null)
+ // return session;
+ // if (session.getUserID().equals(AuthConstants.ROLE_ANONYMOUS))
+ // return session;
+ //
+ // if (checkedUsers.contains(username))
+ // return session;
+ // Session adminSession = KernelUtils.openAdminSession(getRepository(),
+ // session.getWorkspace().getName());
+ // try {
+ // syncJcr(adminSession, username);
+ // checkedUsers.add(username);
+ // } finally {
+ // JcrUtils.logoutQuietly(adminSession);
+ // }
+ // return session;
+ // }
+
@Override
- public Session login() throws LoginException, RepositoryException {
- Session session = super.login();
+ protected void processNewSession(Session session) {
String username = session.getUserID();
if (username == null)
- return session;
+ return;
if (session.getUserID().equals(AuthConstants.ROLE_ANONYMOUS))
- return session;
+ return;
+ if (session.getUserID().equals(AuthConstants.ROLE_KERNEL))
+ return;
+ if (session.getUserID().equals(SecurityConstants.ADMIN_ID))
+ return;
if (checkedUsers.contains(username))
- return session;
+ return;
Session adminSession = KernelUtils.openAdminSession(getRepository(), session.getWorkspace().getName());
try {
syncJcr(adminSession, username);
} finally {
JcrUtils.logoutQuietly(adminSession);
}
- return session;
}
/*
userProfile = personBase.addNode(ArgeoNames.ARGEO_PROFILE);
userProfile.addMixin(ArgeoTypes.ARGEO_USER_PROFILE);
userProfile.setProperty(ArgeoNames.ARGEO_USER_ID, username);
-// userProfile.setProperty(ArgeoNames.ARGEO_ENABLED, true);
-// userProfile.setProperty(ArgeoNames.ARGEO_ACCOUNT_NON_EXPIRED, true);
-// userProfile.setProperty(ArgeoNames.ARGEO_ACCOUNT_NON_LOCKED, true);
-// userProfile.setProperty(ArgeoNames.ARGEO_CREDENTIALS_NON_EXPIRED, true);
+ // userProfile.setProperty(ArgeoNames.ARGEO_ENABLED, true);
+ // userProfile.setProperty(ArgeoNames.ARGEO_ACCOUNT_NON_EXPIRED,
+ // true);
+ // userProfile.setProperty(ArgeoNames.ARGEO_ACCOUNT_NON_LOCKED,
+ // true);
+ // userProfile.setProperty(ArgeoNames.ARGEO_CREDENTIALS_NON_EXPIRED,
+ // true);
session.save();
JcrUtils.clearAccessControList(session, userProfile.getPath(), username);
return userProfile;
} catch (RepositoryException e) {
JcrUtils.discardQuietly(session);
- throw new ArgeoException("Cannot sync node security model for " + username, e);
+ throw new CmsException("Cannot sync node security model for " + username, e);
}
}
try {
dn = new LdapName(username);
} catch (InvalidNameException e) {
- throw new ArgeoException("Invalid name " + username, e);
+ throw new CmsException("Invalid name " + username, e);
}
String userId = dn.getRdn(dn.size() - 1).getValue().toString();
int atIndex = userId.indexOf('@');
return base + '/' + JcrUtils.firstCharsToPath(domain, 2) + '/' + domain + '/'
+ JcrUtils.firstCharsToPath(name, 2) + '/' + name;
} else if (atIndex == 0 || atIndex == (userId.length() - 1)) {
- throw new ArgeoException("Unsupported username " + userId);
+ throw new CmsException("Unsupported username " + userId);
} else {
return base + '/' + JcrUtils.firstCharsToPath(userId, 2) + '/' + userId;
}