X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fkernel%2FKernel.java;h=68b3fa2891bf784ab5be47a33c254e1fa67fdc33;hb=86db10fcb2299ebf71d5599a80dc54444b26f893;hp=08697503916bfca8c38f154d76d65915c3970e0a;hpb=50911fdcc6df5cd35e71a0a4ecddf03f98f742a2;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/Kernel.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/Kernel.java
index 086975039..68b3fa289 100644
--- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/Kernel.java
+++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/Kernel.java
@@ -1,45 +1,47 @@
 package org.argeo.cms.internal.kernel;
 
+import static bitronix.tm.TransactionManagerServices.getTransactionManager;
+import static bitronix.tm.TransactionManagerServices.getTransactionSynchronizationRegistry;
+import static org.argeo.cms.internal.kernel.KernelUtils.getFrameworkProp;
+import static org.argeo.cms.internal.kernel.KernelUtils.getOsgiInstancePath;
+import static org.argeo.jcr.ArgeoJcrConstants.ALIAS_NODE;
+import static org.argeo.jcr.ArgeoJcrConstants.JCR_REPOSITORY_ALIAS;
+import static org.osgi.framework.Constants.FRAMEWORK_UUID;
+
 import java.io.File;
-import java.io.IOException;
 import java.lang.management.ManagementFactory;
-import java.net.URL;
-import java.security.KeyStore;
 import java.security.PrivilegedAction;
-import java.security.cert.X509Certificate;
-import java.util.Arrays;
 import java.util.HashMap;
+import java.util.Hashtable;
 import java.util.Map;
 
 import javax.jcr.Repository;
 import javax.jcr.RepositoryFactory;
 import javax.security.auth.Subject;
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.NameCallback;
-import javax.security.auth.callback.PasswordCallback;
-import javax.security.auth.callback.UnsupportedCallbackException;
-import javax.security.auth.login.LoginContext;
-import javax.security.auth.login.LoginException;
-import javax.security.auth.x500.X500Principal;
+import javax.transaction.TransactionManager;
+import javax.transaction.TransactionSynchronizationRegistry;
+import javax.transaction.UserTransaction;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.jackrabbit.util.TransientFileFactory;
 import org.argeo.ArgeoException;
+import org.argeo.ArgeoLogger;
 import org.argeo.cms.CmsException;
-import org.argeo.cms.KernelHeader;
 import org.argeo.jackrabbit.OsgiJackrabbitRepositoryFactory;
 import org.argeo.jcr.ArgeoJcrConstants;
-import org.argeo.security.core.InternalAuthentication;
-import org.argeo.security.crypto.PkiUtils;
 import org.eclipse.equinox.http.servlet.ExtendedHttpService;
 import org.osgi.framework.BundleContext;
 import org.osgi.framework.ServiceEvent;
 import org.osgi.framework.ServiceListener;
 import org.osgi.framework.ServiceReference;
-import org.osgi.util.tracker.ServiceTracker;
-import org.springframework.security.core.context.SecurityContextHolder;
+import org.osgi.framework.ServiceRegistration;
+import org.osgi.service.useradmin.UserAdmin;
+
+import bitronix.tm.BitronixTransactionManager;
+import bitronix.tm.BitronixTransactionSynchronizationRegistry;
+import bitronix.tm.Configuration;
+import bitronix.tm.TransactionManagerServices;
 
 /**
  * Argeo CMS Kernel. Responsible for :
@@ -52,63 +54,49 @@ import org.springframework.security.core.context.SecurityContextHolder;
  * <li>OS access</li>
  * </ul>
  */
-final class Kernel implements ServiceListener {
-
+final class Kernel implements KernelConstants, ServiceListener {
+	/*
+	 * REGISTERED SERVICES
+	 */
+	private ServiceRegistration<ArgeoLogger> loggerReg;
+	private ServiceRegistration<TransactionManager> tmReg;
+	private ServiceRegistration<UserTransaction> utReg;
+	private ServiceRegistration<TransactionSynchronizationRegistry> tsrReg;
+	private ServiceRegistration<Repository> repositoryReg;
+	private ServiceRegistration<RepositoryFactory> repositoryFactoryReg;
+	private ServiceRegistration<UserAdmin> userAdminReg;
+
+	/*
+	 * SERVICES IMPLEMENTATIONS
+	 */
+	private NodeLogger logger;
+	private BitronixTransactionManager transactionManager;
+	private BitronixTransactionSynchronizationRegistry transactionSynchronizationRegistry;
+	private OsgiJackrabbitRepositoryFactory repositoryFactory;
+	NodeRepository repository;
+	private NodeUserAdmin userAdmin;
+
+	// Members
 	private final static Log log = LogFactory.getLog(Kernel.class);
-
-	private final BundleContext bundleContext = Activator.getBundleContext();
-
 	ThreadGroup threadGroup = new ThreadGroup(Kernel.class.getSimpleName());
-	JackrabbitNode node;
-	OsgiJackrabbitRepositoryFactory repositoryFactory;
-	NodeSecurity nodeSecurity;
-	NodeHttp nodeHttp;
+	private final BundleContext bc = Activator.getBundleContext();
+	private final NodeSecurity nodeSecurity;
+	private DataHttp dataHttp;
 	private KernelThread kernelThread;
 
-	private final Subject kernelSubject = new Subject();
-
 	public Kernel() {
-		URL url = getClass().getClassLoader().getResource(
-				KernelConstants.JAAS_CONFIG);
-		System.setProperty("java.security.auth.login.config",
-				url.toExternalForm());
-		createKeyStoreIfNeeded();
-
-		CallbackHandler cbHandler = new CallbackHandler() {
-
-			@Override
-			public void handle(Callback[] callbacks) throws IOException,
-					UnsupportedCallbackException {
-				// alias
-				((NameCallback) callbacks[1]).setName(KernelHeader.ROLE_KERNEL);
-				// store pwd
-				((PasswordCallback) callbacks[2]).setPassword("changeit"
-						.toCharArray());
-				// key pwd
-				((PasswordCallback) callbacks[3]).setPassword("changeit"
-						.toCharArray());
-			}
-		};
-		try {
-			LoginContext kernelLc = new LoginContext(
-					KernelConstants.LOGIN_CONTEXT_KERNEL, kernelSubject,
-					cbHandler);
-			kernelLc.login();
-		} catch (LoginException e) {
-			throw new CmsException("Cannot log in kernel", e);
-		}
+		nodeSecurity = new NodeSecurity();
 	}
 
 	final void init() {
-		Subject.doAs(kernelSubject, new PrivilegedAction<Void>() {
-
-			@Override
-			public Void run() {
-				doInit();
-				return null;
-			}
-
-		});
+		Subject.doAs(nodeSecurity.getKernelSubject(),
+				new PrivilegedAction<Void>() {
+					@Override
+					public Void run() {
+						doInit();
+						return null;
+					}
+				});
 	}
 
 	private void doInit() {
@@ -117,23 +105,23 @@ final class Kernel implements ServiceListener {
 		Thread.currentThread().setContextClassLoader(
 				Kernel.class.getClassLoader());
 		long begin = System.currentTimeMillis();
-		InternalAuthentication initAuth = new InternalAuthentication(
-				KernelConstants.DEFAULT_SECURITY_KEY);
-		SecurityContextHolder.getContext().setAuthentication(initAuth);
 
-		try {
-			// Jackrabbit node
-			node = new JackrabbitNode(bundleContext);
+		// KernelUtils.logFrameworkProperties(log);
 
-			// JCR repository factory
+		try {
+			// Initialise services
+			logger = new NodeLogger();
+			// transactionManager = new SimpleTransactionManager();
+			initBitronixTransactionManager();
+			repository = new NodeRepository(bc);
 			repositoryFactory = new OsgiJackrabbitRepositoryFactory();
+			userAdmin = new NodeUserAdmin(transactionManager, repository);
 
-			// Authentication
-			nodeSecurity = new NodeSecurity(bundleContext, node);
-
-			// Equinox dependency
-			ExtendedHttpService httpService = waitForHttpService();
-			nodeHttp = new NodeHttp(httpService, node, nodeSecurity);
+			// HTTP
+			ServiceReference<ExtendedHttpService> sr = bc
+					.getServiceReference(ExtendedHttpService.class);
+			if (sr != null)
+				addHttpService(sr);
 
 			// Kernel thread
 			kernelThread = new KernelThread(this);
@@ -141,12 +129,7 @@ final class Kernel implements ServiceListener {
 			kernelThread.start();
 
 			// Publish services to OSGi
-			nodeSecurity.publish();
-			node.publish(repositoryFactory);
-			bundleContext.registerService(RepositoryFactory.class,
-					repositoryFactory, null);
-
-			bundleContext.addServiceListener(Kernel.this);
+			publish();
 		} catch (Exception e) {
 			log.error("Cannot initialize Argeo CMS", e);
 			throw new ArgeoException("Cannot initialize", e);
@@ -163,98 +146,155 @@ final class Kernel implements ServiceListener {
 		directorsCut(initDuration);
 	}
 
+	private void initBitronixTransactionManager() {
+		Configuration tmConf = TransactionManagerServices.getConfiguration();
+		tmConf.setServerId(getFrameworkProp(FRAMEWORK_UUID));
+
+		File tmBaseDir = new File(getFrameworkProp(TRANSACTIONS_HOME,
+				getOsgiInstancePath("transactions")));
+		File tmDir1 = new File(tmBaseDir, "btm1");
+		tmDir1.mkdirs();
+		tmConf.setLogPart1Filename(new File(tmDir1, tmDir1.getName() + ".tlog")
+				.getAbsolutePath());
+		File tmDir2 = new File(tmBaseDir, "btm2");
+		tmDir2.mkdirs();
+		tmConf.setLogPart2Filename(new File(tmDir2, tmDir2.getName() + ".tlog")
+				.getAbsolutePath());
+		transactionManager = getTransactionManager();
+		transactionSynchronizationRegistry = getTransactionSynchronizationRegistry();
+	}
+
+	private void publish() {
+		// Listen to service publication (also ours)
+		bc.addServiceListener(Kernel.this);
+
+		// Logging
+		loggerReg = bc.registerService(ArgeoLogger.class, logger, null);
+		// Transaction
+		tmReg = bc.registerService(TransactionManager.class,
+				transactionManager, null);
+		utReg = bc.registerService(UserTransaction.class, transactionManager,
+				null);
+		tsrReg = bc.registerService(TransactionSynchronizationRegistry.class,
+				transactionSynchronizationRegistry, null);
+		// User admin
+		userAdminReg = bc.registerService(UserAdmin.class, userAdmin,
+				userAdmin.currentState());
+		// JCR
+		Hashtable<String, String> regProps = new Hashtable<String, String>();
+		regProps.put(JCR_REPOSITORY_ALIAS, ALIAS_NODE);
+		repositoryReg = bc.registerService(Repository.class, repository,
+				regProps);
+		repositoryFactoryReg = bc.registerService(RepositoryFactory.class,
+				repositoryFactory, null);
+	}
+
 	void destroy() {
 		long begin = System.currentTimeMillis();
+		unpublish();
 
 		kernelThread.destroyAndJoin();
 
-		if (nodeHttp != null)
-			nodeHttp.destroy();
-		if (nodeSecurity != null)
-			nodeSecurity.destroy();
-		if (node != null)
-			node.destroy();
+		if (dataHttp != null)
+			dataHttp.destroy();
+		if (userAdmin != null)
+			userAdmin.destroy();
+		if (repository != null)
+			repository.destroy();
+		if (transactionManager != null)
+			transactionManager.shutdown();
 
-		bundleContext.removeServiceListener(this);
+		bc.removeServiceListener(this);
 
 		// Clean hanging threads from Jackrabbit
 		TransientFileFactory.shutdown();
 
-		try {
-			LoginContext kernelLc = new LoginContext(
-					KernelConstants.LOGIN_CONTEXT_KERNEL, kernelSubject);
-			kernelLc.logout();
-		} catch (LoginException e) {
-			throw new CmsException("Cannot log in kernel", e);
-		}
+		// Clean hanging Gogo shell thread
+		new GogoShellKiller().start();
 
+		nodeSecurity.destroy();
 		long duration = System.currentTimeMillis() - begin;
 		log.info("## ARGEO CMS DOWN in " + (duration / 1000) + "."
 				+ (duration % 1000) + "s ##");
 	}
 
+	private void unpublish() {
+		userAdminReg.unregister();
+		repositoryFactoryReg.unregister();
+		repositoryReg.unregister();
+		tmReg.unregister();
+		utReg.unregister();
+		tsrReg.unregister();
+		loggerReg.unregister();
+	}
+
 	@Override
 	public void serviceChanged(ServiceEvent event) {
 		ServiceReference<?> sr = event.getServiceReference();
-		Object jcrRepoAlias = sr
-				.getProperty(ArgeoJcrConstants.JCR_REPOSITORY_ALIAS);
-		if (jcrRepoAlias != null) {// JCR repository
-			String alias = jcrRepoAlias.toString();
-			Repository repository = (Repository) bundleContext.getService(sr);
-			Map<String, Object> props = new HashMap<String, Object>();
-			for (String key : sr.getPropertyKeys())
-				props.put(key, sr.getProperty(key));
-			if (ServiceEvent.REGISTERED == event.getType()) {
-				try {
-					repositoryFactory.register(repository, props);
-					nodeHttp.registerRepositoryServlets(alias, repository);
-				} catch (Exception e) {
-					throw new CmsException("Could not publish JCR repository "
-							+ alias, e);
+		Object service = bc.getService(sr);
+		if (service instanceof Repository) {
+			Object jcrRepoAlias = sr
+					.getProperty(ArgeoJcrConstants.JCR_REPOSITORY_ALIAS);
+			if (jcrRepoAlias != null) {// JCR repository
+				String alias = jcrRepoAlias.toString();
+				Repository repository = (Repository) bc.getService(sr);
+				Map<String, Object> props = new HashMap<String, Object>();
+				for (String key : sr.getPropertyKeys())
+					props.put(key, sr.getProperty(key));
+				if (ServiceEvent.REGISTERED == event.getType()) {
+					try {
+						repositoryFactory.register(repository, props);
+						dataHttp.registerRepositoryServlets(alias, repository);
+					} catch (Exception e) {
+						throw new CmsException(
+								"Could not publish JCR repository " + alias, e);
+					}
+				} else if (ServiceEvent.UNREGISTERING == event.getType()) {
+					repositoryFactory.unregister(repository, props);
+					dataHttp.unregisterRepositoryServlets(alias);
 				}
+			}
+		} else if (service instanceof ExtendedHttpService) {
+			if (ServiceEvent.REGISTERED == event.getType()) {
+				addHttpService(sr);
 			} else if (ServiceEvent.UNREGISTERING == event.getType()) {
-				repositoryFactory.unregister(repository, props);
-				nodeHttp.unregisterRepositoryServlets(alias);
+				dataHttp.destroy();
+				dataHttp = null;
 			}
 		}
-
 	}
 
-	private ExtendedHttpService waitForHttpService() {
-		final ServiceTracker<ExtendedHttpService, ExtendedHttpService> st = new ServiceTracker<ExtendedHttpService, ExtendedHttpService>(
-				bundleContext, ExtendedHttpService.class, null);
-		st.open();
-		ExtendedHttpService httpService;
-		try {
-			httpService = st.waitForService(1000);
-		} catch (InterruptedException e) {
-			httpService = null;
-		}
-
-		if (httpService == null)
-			throw new CmsException("Could not find "
-					+ ExtendedHttpService.class + " service.");
-		return httpService;
+	private void addHttpService(ServiceReference<?> sr) {
+		// for (String key : sr.getPropertyKeys())
+		// log.debug(key + "=" + sr.getProperty(key));
+		ExtendedHttpService httpService = (ExtendedHttpService) bc
+				.getService(sr);
+		// TODO find constants
+		Object httpPort = sr.getProperty("http.port");
+		Object httpsPort = sr.getProperty("https.port");
+		dataHttp = new DataHttp(httpService, repository);
+		if (log.isDebugEnabled())
+			log.debug("HTTP " + httpPort
+					+ (httpsPort != null ? " - HTTPS " + httpsPort : ""));
 	}
 
-	private void createKeyStoreIfNeeded() {
-		char[] ksPwd = "changeit".toCharArray();
-		char[] keyPwd = Arrays.copyOf(ksPwd, ksPwd.length);
-		File keyStoreFile = KernelUtils.getOsgiConfigurationFile("node.p12");
-		if (!keyStoreFile.exists()) {
-			try {
-				KeyStore keyStore = PkiUtils.getKeyStore(keyStoreFile, ksPwd);
-				X509Certificate cert = PkiUtils.generateSelfSignedCertificate(
-						keyStore, new X500Principal(KernelHeader.ROLE_KERNEL),
-						keyPwd);
-				PkiUtils.saveKeyStore(keyStoreFile, ksPwd, keyStore);
-
-			} catch (Exception e) {
-				throw new CmsException("Cannot create key store "
-						+ keyStoreFile, e);
-			}
-		}
-	}
+	// private ExtendedHttpService waitForHttpService() {
+	// final ServiceTracker<ExtendedHttpService, ExtendedHttpService> st = new
+	// ServiceTracker<ExtendedHttpService, ExtendedHttpService>(
+	// bc, ExtendedHttpService.class, null);
+	// st.open();
+	// ExtendedHttpService httpService;
+	// try {
+	// httpService = st.waitForService(1000);
+	// } catch (InterruptedException e) {
+	// httpService = null;
+	// }
+	//
+	// if (httpService == null)
+	// throw new CmsException("Could not find "
+	// + ExtendedHttpService.class + " service.");
+	// return httpService;
+	// }
 
 	final private static void directorsCut(long initDuration) {
 		// final long ms = 128l + (long) (Math.random() * 128d);
@@ -276,4 +316,62 @@ final class Kernel implements ServiceListener {
 					+ String.format("%.2f", 100 - (sleepAccuracy * 100 - 100))
 					+ " %");
 	}
+
+	/** Workaround for blocking Gogo shell by system shutdown. */
+	private class GogoShellKiller extends Thread {
+
+		public GogoShellKiller() {
+			super("Gogo shell killer");
+			setDaemon(true);
+		}
+
+		@Override
+		public void run() {
+			ThreadGroup rootTg = getRootThreadGroup(null);
+			Thread gogoShellThread = findGogoShellThread(rootTg);
+			if (gogoShellThread == null)
+				return;
+			while (getNonDaemonCount(rootTg) > 2) {
+				try {
+					Thread.sleep(100);
+				} catch (InterruptedException e) {
+					// silent
+				}
+			}
+			gogoShellThread = findGogoShellThread(rootTg);
+			if (gogoShellThread == null)
+				return;
+			System.exit(0);
+		}
+	}
+
+	private static ThreadGroup getRootThreadGroup(ThreadGroup tg) {
+		if (tg == null)
+			tg = Thread.currentThread().getThreadGroup();
+		if (tg.getParent() == null)
+			return tg;
+		else
+			return getRootThreadGroup(tg.getParent());
+	}
+
+	private static int getNonDaemonCount(ThreadGroup rootThreadGroup) {
+		Thread[] threads = new Thread[rootThreadGroup.activeCount()];
+		rootThreadGroup.enumerate(threads);
+		int nonDameonCount = 0;
+		for (Thread t : threads)
+			if (!t.isDaemon())
+				nonDameonCount++;
+		return nonDameonCount;
+	}
+
+	private static Thread findGogoShellThread(ThreadGroup rootThreadGroup) {
+		Thread[] threads = new Thread[rootThreadGroup.activeCount()];
+		rootThreadGroup.enumerate(threads, true);
+		for (Thread thread : threads) {
+			if (thread.getName().equals("Gogo shell"))
+				return thread;
+		}
+		return null;
+	}
+
 }
\ No newline at end of file