Improve tokens

[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / internal / kernel / NodeUserAdmin.java

diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java
index d1d4721389bcad5ab05acd536a6e5c60ec8ae216..ba4ad836041ae8de7ce8093f14f3bb055a9dd0ec 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java
+++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java
@@ -61,9 +61,6 @@ import org.osgi.service.useradmin.Authorization;
 import org.osgi.service.useradmin.UserAdmin;
 import org.osgi.util.tracker.ServiceTracker;
 
-import bitronix.tm.BitronixTransactionManager;
-import bitronix.tm.resource.ehcache.EhCacheXAResourceProducer;
-
 /**
  * Aggregates multiple {@link UserDirectory} and integrates them with system
  * roles.
@@ -79,16 +76,17 @@ class NodeUserAdmin extends AggregatingUserAdmin implements ManagedServiceFactor
 
        // JTA
        private final ServiceTracker<TransactionManager, TransactionManager> tmTracker;
-       private final String cacheName = UserDirectory.class.getName();
+       // private final String cacheName = UserDirectory.class.getName();
 
        // GSS API
        private Path nodeKeyTab = KernelUtils.getOsgiInstancePath(KernelConstants.NODE_KEY_TAB_PATH);
        private GSSCredential acceptorCredentials;
 
        private boolean singleUser = false;
+       private boolean systemRolesAvailable = false;
 
-       public NodeUserAdmin(String systemRolesBaseDn) {
-               super(systemRolesBaseDn);
+       public NodeUserAdmin(String systemRolesBaseDn, String tokensBaseDn) {
+               super(systemRolesBaseDn, tokensBaseDn);
                tmTracker = new ServiceTracker<>(bc, TransactionManager.class, null);
                tmTracker.open();
        }
@@ -137,7 +135,13 @@ class NodeUserAdmin extends AggregatingUserAdmin implements ManagedServiceFactor
                        log.debug("User directory " + userDirectory.getBaseDn() + " [" + u.getScheme() + "] enabled."
                                        + (realm != null ? " " + realm + " realm." : ""));
 
-               if (isSystemRolesBaseDn(baseDn)) {
+               if (isSystemRolesBaseDn(baseDn))
+                       systemRolesAvailable = true;
+
+               // start publishing only when system roles are available
+               if (systemRolesAvailable) {
+                       // The list of baseDns is published as properties
+                       // TODO clients should rather reference USerDirectory services
                        if (userAdminReg != null)
                                userAdminReg.unregister();
                        // register self as main user admin
@@ -177,8 +181,8 @@ class NodeUserAdmin extends AggregatingUserAdmin implements ManagedServiceFactor
                if (tm == null)
                        throw new CmsException("A JTA transaction manager must be available.");
                userDirectory.setTransactionManager(tm);
-               if (tmTracker.getService() instanceof BitronixTransactionManager)
-                       EhCacheXAResourceProducer.registerXAResource(cacheName, userDirectory.getXaResource());
+//             if (tmTracker.getService() instanceof BitronixTransactionManager)
+//                     EhCacheXAResourceProducer.registerXAResource(cacheName, userDirectory.getXaResource());
 
                Object realm = userDirectory.getProperties().get(UserAdminConf.realm.name());
                if (realm != null) {
@@ -218,8 +222,8 @@ class NodeUserAdmin extends AggregatingUserAdmin implements ManagedServiceFactor
        }
 
        protected void preDestroy(AbstractUserDirectory userDirectory) {
-               if (tmTracker.getService() instanceof BitronixTransactionManager)
-                       EhCacheXAResourceProducer.unregisterXAResource(cacheName, userDirectory.getXaResource());
+//             if (tmTracker.getService() instanceof BitronixTransactionManager)
+//                     EhCacheXAResourceProducer.unregisterXAResource(cacheName, userDirectory.getXaResource());
 
                Object realm = userDirectory.getProperties().get(UserAdminConf.realm.name());
                if (realm != null) {