X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=security%2Fruntime%2Forg.argeo.security.core%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fjcr%2FOsJcrAuthenticationProvider.java;h=cb9146a8b662407593675de216655715d1c4504e;hb=0450e423bd759c9e27b43044670e659271392d71;hp=d304dc36571d8e41da2dec883179be220bcdd57b;hpb=2c4852dcd20d4cde88776c527ae935f242ae1e77;p=lgpl%2Fargeo-commons.git diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/OsJcrAuthenticationProvider.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/OsJcrAuthenticationProvider.java index d304dc365..cb9146a8b 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/OsJcrAuthenticationProvider.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/jcr/OsJcrAuthenticationProvider.java @@ -22,7 +22,6 @@ import javax.jcr.Session; import org.argeo.ArgeoException; import org.argeo.jcr.JcrUtils; -import org.argeo.jcr.security.SecurityJcrUtils; import org.argeo.security.OsAuthenticationToken; import org.argeo.security.core.OsAuthenticationProvider; import org.springframework.security.Authentication; @@ -34,15 +33,16 @@ import org.springframework.security.userdetails.UserDetails; /** Relies on OS to authenticate and additionally setup JCR */ public class OsJcrAuthenticationProvider extends OsAuthenticationProvider { private Repository repository; - private String securityWorkspace = "security"; - private Session securitySession; + // private String securityWorkspace = "security"; + // private Session securitySession; private Session nodeSession; private UserDetails userDetails; + private JcrSecurityModel jcrSecurityModel = new JcrSecurityModel(); public void init() { try { - securitySession = repository.login(securityWorkspace); + // securitySession = repository.login(); nodeSession = repository.login(); } catch (RepositoryException e) { throw new ArgeoException("Cannot initialize", e); @@ -50,7 +50,7 @@ public class OsJcrAuthenticationProvider extends OsAuthenticationProvider { } public void destroy() { - JcrUtils.logoutQuietly(securitySession); + // JcrUtils.logoutQuietly(securitySession); JcrUtils.logoutQuietly(nodeSession); } @@ -77,24 +77,24 @@ public class OsJcrAuthenticationProvider extends OsAuthenticationProvider { // WARNING: at this stage we assume that the java properties // will have the same value String username = System.getProperty("user.name"); - Node userProfile = SecurityJcrUtils.createUserProfileIfNeeded( - securitySession, username); + Node userProfile = jcrSecurityModel.sync(nodeSession, username); JcrUserDetails.checkAccountStatus(userProfile); // each user should have a writable area in the default // workspace of the node - SecurityJcrUtils.createUserHomeIfNeeded(nodeSession, username); + // SecurityJcrUtils.createUserHomeIfNeeded(nodeSession, + // username); userDetails = new JcrUserDetails(userProfile, authen .getCredentials().toString(), getBaseAuthorities()); authen.setDetails(userDetails); return authen; } catch (RepositoryException e) { - JcrUtils.discardQuietly(securitySession); + JcrUtils.discardQuietly(nodeSession); throw new ArgeoException( "Unexpected exception when synchronizing OS and JCR security ", e); } finally { - JcrUtils.logoutQuietly(securitySession); + JcrUtils.logoutQuietly(nodeSession); } } else { throw new ArgeoException("Unsupported authentication " @@ -102,14 +102,18 @@ public class OsJcrAuthenticationProvider extends OsAuthenticationProvider { } } - public void setSecurityWorkspace(String securityWorkspace) { - this.securityWorkspace = securityWorkspace; - } + // public void setSecurityWorkspace(String securityWorkspace) { + // this.securityWorkspace = securityWorkspace; + // } public void setRepository(Repository repository) { this.repository = repository; } + public void setJcrSecurityModel(JcrSecurityModel jcrSecurityModel) { + this.jcrSecurityModel = jcrSecurityModel; + } + @SuppressWarnings("rawtypes") public boolean supports(Class authentication) { return OsAuthenticationToken.class.isAssignableFrom(authentication)