+/*
+ * Copyright (C) 2007-2012 Mathieu Baudier
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
package org.argeo.security.jackrabbit;
import java.security.Principal;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.core.DefaultSecurityManager;
+import org.apache.jackrabbit.core.security.AnonymousPrincipal;
import org.apache.jackrabbit.core.security.SecurityConstants;
import org.apache.jackrabbit.core.security.authorization.WorkspaceAccessManager;
import org.argeo.ArgeoException;
throws RepositoryException {
long begin = System.currentTimeMillis();
- log.debug(subject);
- // skip Jackrabbit system user
+ if (log.isTraceEnabled())
+ log.trace(subject);
+ // skip anonymous user (no rights)
+ if (!subject.getPrincipals(AnonymousPrincipal.class).isEmpty())
+ return super.getUserID(subject, workspaceName);
+ // skip Jackrabbit system user (all rights)
if (!subject.getPrincipals(ArgeoSystemPrincipal.class).isEmpty())
return super.getUserID(subject, workspaceName);
if (user == null) {
user = systemUm.createUser(userId, authen.getCredentials()
.toString(), authen, null);
+ JcrUtils.createUserHomeIfNeeded(getSystemSession(), userId);
+ getSystemSession().save();
setSecurityHomeAuthorizations(user);
log.info(userId + " added as " + user);
}
group.removeMember(user);
}
- if (log.isDebugEnabled())
- log.debug("Spring and Jackrabbit Security synchronized for user "
+ if (log.isTraceEnabled())
+ log.trace("Spring and Jackrabbit Security synchronized for user "
+ userId + " in " + (System.currentTimeMillis() - begin)
+ " ms");
return userId;
}
protected synchronized void setSecurityHomeAuthorizations(User user) {
- // give read privileges on user home
+ // give read privileges on user security home
String userId = "<not yet set>";
try {
userId = user.getID();