X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Finternal%2Fkernel%2FNodeUserAdmin.java;h=e8977fa37466858eb32698ae2db94b2e03db3f3f;hb=c70b26dbc9a322a0a7fe3f78982ba57980d39fb1;hp=077a1f8a7286bf76568fb3547ab53e791e75d258;hpb=35507e18257f2e9f59842ba5120fcd3f19c4cf4d;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java index 077a1f8a7..e8977fa37 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/NodeUserAdmin.java @@ -29,14 +29,12 @@ import javax.transaction.TransactionManager; import org.apache.commons.httpclient.auth.AuthPolicy; import org.apache.commons.httpclient.auth.CredentialsProvider; -import org.apache.commons.httpclient.cookie.CookiePolicy; import org.apache.commons.httpclient.params.DefaultHttpParams; import org.apache.commons.httpclient.params.HttpMethodParams; import org.apache.commons.httpclient.params.HttpParams; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.argeo.cms.CmsException; -import org.argeo.cms.internal.http.NodeHttp; import org.argeo.cms.internal.http.client.HttpCredentialProvider; import org.argeo.cms.internal.http.client.SpnegoAuthScheme; import org.argeo.naming.DnsBrowser; @@ -88,6 +86,7 @@ class NodeUserAdmin extends AggregatingUserAdmin implements ManagedServiceFactor private GSSCredential acceptorCredentials; private boolean singleUser = false; + private boolean systemRolesAvailable = false; public NodeUserAdmin(String systemRolesBaseDn) { super(systemRolesBaseDn); @@ -139,7 +138,13 @@ class NodeUserAdmin extends AggregatingUserAdmin implements ManagedServiceFactor log.debug("User directory " + userDirectory.getBaseDn() + " [" + u.getScheme() + "] enabled." + (realm != null ? " " + realm + " realm." : "")); - if (!isSystemRolesBaseDn(baseDn)) { + if (isSystemRolesBaseDn(baseDn)) + systemRolesAvailable = true; + + // start publishing only when system roles are available + if (systemRolesAvailable) { + // The list of baseDns is published as properties + // TODO clients should rather reference USerDirectory services if (userAdminReg != null) userAdminReg.unregister(); // register self as main user admin @@ -163,14 +168,12 @@ class NodeUserAdmin extends AggregatingUserAdmin implements ManagedServiceFactor public String getName() { return "Node User Admin"; } - - @Override protected void addAbstractSystemRoles(Authorization rawAuthorization, Set sysRoles) { - if(rawAuthorization.getName()==null) { + if (rawAuthorization.getName() == null) { sysRoles.add(NodeConstants.ROLE_ANONYMOUS); - }else { + } else { sysRoles.add(NodeConstants.ROLE_USER); } } @@ -216,7 +219,7 @@ class NodeUserAdmin extends AggregatingUserAdmin implements ManagedServiceFactor // schemes.add(AuthPolicy.BASIC);// incompatible with Basic params.setParameter(AuthPolicy.AUTH_SCHEME_PRIORITY, schemes); params.setParameter(CredentialsProvider.PROVIDER, new HttpCredentialProvider()); - params.setParameter(HttpMethodParams.COOKIE_POLICY, CookiePolicy.BROWSER_COMPATIBILITY); + params.setParameter(HttpMethodParams.COOKIE_POLICY, KernelConstants.COOKIE_POLICY_BROWSER_COMPATIBILITY); // params.setCookiePolicy(CookiePolicy.BROWSER_COMPATIBILITY); } }