X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fkernel%2FNodeUserAdmin.java;h=1a9817450ed427deee762ed39f0866d1d6a3942c;hb=73a89e099608a51d9aef814a3f85a62947275f59;hp=69affd25a2b160d8c1f154e883a4e11fb6fcc547;hpb=2b6597a096ac21375aa83f86d1f750061b20387c;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java index 69affd25a..1a9817450 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java @@ -35,7 +35,6 @@ import org.apache.commons.httpclient.params.HttpParams; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.argeo.api.NodeConstants; -import org.argeo.cms.CmsException; import org.argeo.cms.internal.http.client.HttpCredentialProvider; import org.argeo.cms.internal.http.client.SpnegoAuthScheme; import org.argeo.naming.DnsBrowser; @@ -53,8 +52,6 @@ import org.ietf.jgss.GSSName; import org.ietf.jgss.Oid; import org.osgi.framework.BundleContext; import org.osgi.framework.Constants; -import org.osgi.framework.FrameworkUtil; -import org.osgi.framework.ServiceRegistration; import org.osgi.service.cm.ConfigurationException; import org.osgi.service.cm.ManagedServiceFactory; import org.osgi.service.useradmin.Authorization; @@ -67,11 +64,11 @@ import org.osgi.util.tracker.ServiceTracker; */ class NodeUserAdmin extends AggregatingUserAdmin implements ManagedServiceFactory, KernelConstants { private final static Log log = LogFactory.getLog(NodeUserAdmin.class); - private final BundleContext bc = FrameworkUtil.getBundle(getClass()).getBundleContext(); +// private final BundleContext bc = FrameworkUtil.getBundle(getClass()).getBundleContext(); // OSGi private Map pidToBaseDn = new HashMap<>(); - private Map> pidToServiceRegs = new HashMap<>(); +// private Map> pidToServiceRegs = new HashMap<>(); // private ServiceRegistration userAdminReg; // JTA @@ -87,27 +84,37 @@ class NodeUserAdmin extends AggregatingUserAdmin implements ManagedServiceFactor public NodeUserAdmin(String systemRolesBaseDn, String tokensBaseDn) { super(systemRolesBaseDn, tokensBaseDn); - tmTracker = new ServiceTracker<>(bc, TransactionManager.class, null); - tmTracker.open(); + BundleContext bc = Activator.getBundleContext(); + if (bc != null) { + tmTracker = new ServiceTracker<>(bc, TransactionManager.class, null); + tmTracker.open(); + } else { + tmTracker = null; + } } @Override public void updated(String pid, Dictionary properties) throws ConfigurationException { String uri = (String) properties.get(UserAdminConf.uri.name()); + Object realm = properties.get(UserAdminConf.realm.name()); URI u; try { if (uri == null) { String baseDn = (String) properties.get(UserAdminConf.baseDn.name()); u = KernelUtils.getOsgiInstanceUri(KernelConstants.DIR_NODE + '/' + baseDn + ".ldif"); - } else + } else if (realm != null) { + u = null; + } else { u = new URI(uri); + } } catch (URISyntaxException e) { - throw new CmsException("Badly formatted URI " + uri, e); + throw new IllegalArgumentException("Badly formatted URI " + uri, e); } // Create AbstractUserDirectory userDirectory; - if (UserAdminConf.SCHEME_LDAP.equals(u.getScheme())) { + if (realm != null || UserAdminConf.SCHEME_LDAP.equals(u.getScheme()) + || UserAdminConf.SCHEME_LDAPS.equals(u.getScheme())) { userDirectory = new LdapUserAdmin(properties); } else if (UserAdminConf.SCHEME_FILE.equals(u.getScheme())) { userDirectory = new LdifUserAdmin(u, properties); @@ -115,9 +122,8 @@ class NodeUserAdmin extends AggregatingUserAdmin implements ManagedServiceFactor userDirectory = new OsUserDirectory(u, properties); singleUser = true; } else { - throw new CmsException("Unsupported scheme " + u.getScheme()); + throw new IllegalArgumentException("Unsupported scheme " + u.getScheme()); } - Object realm = userDirectory.getProperties().get(UserAdminConf.realm.name()); addUserDirectory(userDirectory); // OSGi @@ -127,20 +133,23 @@ class NodeUserAdmin extends AggregatingUserAdmin implements ManagedServiceFactor if (isSystemRolesBaseDn(baseDn)) regProps.put(Constants.SERVICE_RANKING, Integer.MAX_VALUE); regProps.put(UserAdminConf.baseDn.name(), baseDn); - ServiceRegistration reg = bc.registerService(UserDirectory.class, userDirectory, regProps); + // ServiceRegistration reg = + // bc.registerService(UserDirectory.class, userDirectory, regProps); + Activator.registerService(UserDirectory.class, userDirectory, regProps); pidToBaseDn.put(pid, baseDn); - pidToServiceRegs.put(pid, reg); + // pidToServiceRegs.put(pid, reg); - if (log.isDebugEnabled()) - log.debug("User directory " + userDirectory.getBaseDn() + " [" + u.getScheme() + "] enabled." - + (realm != null ? " " + realm + " realm." : "")); + if (log.isDebugEnabled()) { + log.debug("User directory " + userDirectory.getBaseDn() + (u != null ? " [" + u.getScheme() + "]" : "") + + " enabled." + (realm != null ? " " + realm + " realm." : "")); + } if (isSystemRolesBaseDn(baseDn)) { // publishes only when system roles are available Dictionary userAdminregProps = new Hashtable<>(); userAdminregProps.put(NodeConstants.CN, NodeConstants.DEFAULT); userAdminregProps.put(Constants.SERVICE_RANKING, Integer.MAX_VALUE); - bc.registerService(UserAdmin.class, this, userAdminregProps); + Activator.registerService(UserAdmin.class, this, userAdminregProps); } // if (isSystemRolesBaseDn(baseDn)) @@ -162,9 +171,9 @@ class NodeUserAdmin extends AggregatingUserAdmin implements ManagedServiceFactor @Override public void deleted(String pid) { - assert pidToServiceRegs.get(pid) != null; + // assert pidToServiceRegs.get(pid) != null; assert pidToBaseDn.get(pid) != null; - pidToServiceRegs.remove(pid).unregister(); + // pidToServiceRegs.remove(pid).unregister(); LdapName baseDn = pidToBaseDn.remove(pid); removeUserDirectory(baseDn); } @@ -185,9 +194,9 @@ class NodeUserAdmin extends AggregatingUserAdmin implements ManagedServiceFactor protected void postAdd(AbstractUserDirectory userDirectory) { // JTA - TransactionManager tm = tmTracker.getService(); + TransactionManager tm = tmTracker != null ? tmTracker.getService() : null; if (tm == null) - throw new CmsException("A JTA transaction manager must be available."); + throw new IllegalStateException("A JTA transaction manager must be available."); userDirectory.setTransactionManager(tm); // if (tmTracker.getService() instanceof BitronixTransactionManager) // EhCacheXAResourceProducer.registerXAResource(cacheName, userDirectory.getXaResource()); @@ -211,7 +220,7 @@ class NodeUserAdmin extends AggregatingUserAdmin implements ManagedServiceFactor nodeLc.login(); acceptorCredentials = logInAsAcceptor(nodeLc.getSubject(), servicePrincipal); } catch (LoginException e) { - throw new CmsException("Cannot log in kernel", e); + throw new IllegalStateException("Cannot log in kernel", e); } } } @@ -297,7 +306,7 @@ class NodeUserAdmin extends AggregatingUserAdmin implements ManagedServiceFactor log.debug("GSS acceptor configured for " + krb5Principal); return serverCredentials; } catch (Exception gsse) { - throw new CmsException("Cannot create acceptor credentials for " + krb5Principal, gsse); + throw new IllegalStateException("Cannot create acceptor credentials for " + krb5Principal, gsse); } }