package org.argeo.cms.internal.kernel;
-import java.net.URL;
+import java.io.File;
+import java.io.IOException;
import javax.jcr.RepositoryException;
+import org.apache.commons.io.FileUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.argeo.cms.CmsException;
-import org.argeo.cms.internal.useradmin.JcrUserAdmin;
+import org.argeo.cms.KernelHeader;
import org.argeo.cms.internal.useradmin.SimpleJcrSecurityModel;
import org.argeo.cms.internal.useradmin.jackrabbit.JackrabbitUserAdminService;
+import org.argeo.osgi.useradmin.AbstractLdapUserAdmin;
+import org.argeo.osgi.useradmin.LdapUserAdmin;
import org.argeo.osgi.useradmin.LdifUserAdmin;
import org.argeo.security.OsAuthenticationToken;
import org.argeo.security.UserAdminService;
import org.argeo.security.core.OsAuthenticationProvider;
import org.osgi.framework.BundleContext;
import org.osgi.framework.ServiceRegistration;
+import org.osgi.service.useradmin.Role;
import org.osgi.service.useradmin.UserAdmin;
import org.springframework.security.authentication.AnonymousAuthenticationProvider;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
private final InternalAuthenticationProvider internalAuth;
private final AnonymousAuthenticationProvider anonymousAuth;
private final JackrabbitUserAdminService userAdminService;
- private final LdifUserAdmin userAdmin;
+ private final NodeUserAdmin userAdmin;
private ServiceRegistration<AuthenticationManager> authenticationManagerReg;
private ServiceRegistration<UserAdminService> userAdminServiceReg;
userAdminService.setSecurityModel(new SimpleJcrSecurityModel());
userAdminService.init();
+ userAdmin = new NodeUserAdmin();
+
+ String baseDn = "dc=example,dc=com";
String userAdminUri = KernelUtils
.getFrameworkProp(KernelConstants.USERADMIN_URI);
if (userAdminUri == null)
- userAdminUri = getClass().getResource("demo.ldif").toString();
- userAdmin = new LdifUserAdmin(userAdminUri);
+ userAdminUri = getClass().getResource(baseDn + ".ldif").toString();
+
+ AbstractLdapUserAdmin businessRoles;
+ if (userAdminUri.startsWith("ldap"))
+ businessRoles = new LdapUserAdmin(userAdminUri);
+ else {
+ businessRoles = new LdifUserAdmin(userAdminUri);
+ }
+ businessRoles.init();
+ userAdmin.addUserAdmin(baseDn, businessRoles);
+
+ File osgiInstanceDir = KernelUtils.getOsgiInstanceDir();
+ File homeDir = new File(osgiInstanceDir, "node");
+
+ String baseNodeRoleDn = KernelHeader.ROLES_BASEDN;
+ File nodeRolesFile = new File(homeDir, baseNodeRoleDn + ".ldif");
+ try {
+ FileUtils.copyInputStreamToFile(
+ getClass().getResourceAsStream("demo.ldif"), nodeRolesFile);
+ } catch (IOException e) {
+ throw new CmsException("Cannot copy demo resource", e);
+ }
+ LdifUserAdmin nodeRoles = new LdifUserAdmin(nodeRolesFile.toURI()
+ .toString());
+ nodeRoles.setExternalRoles(userAdmin);
+ nodeRoles.init();
+ // nodeRoles.createRole(KernelHeader.ROLE_ADMIN, Role.GROUP);
+ userAdmin.addUserAdmin(baseNodeRoleDn, nodeRoles);
+
}
public void publish() {
userAdminServiceReg.unregister();
authenticationManagerReg.unregister();
- userAdmin.destroy();
+ // userAdmin.destroy();
userAdminReg.unregister();
}
@Override
public Authentication authenticate(Authentication authentication)
throws AuthenticationException {
+// throw new UnsupportedOperationException(
+// "Authentication manager is deprectaed and should not be used.");
Authentication auth = null;
if (authentication instanceof InternalAuthentication)
auth = internalAuth.authenticate(authentication);