<version.argeo-commons>0.2.2-SNAPSHOT</version.argeo-commons>
<version.argeo-ria>0.12.5</version.argeo-ria>
<version.equinox>3.6.1</version.equinox>
- <version.maven-argeo-osgi>0.1.30-SNAPSHOT</version.maven-argeo-osgi>
+ <version.maven-argeo-osgi>0.1.30</version.maven-argeo-osgi>
<version.maven-bundle-plugin>2.0.1</version.maven-bundle-plugin>
- <version.maven-argeo-qooxdoo>1.1.0</version.maven-argeo-qooxdoo>
+ <version.maven-argeo-qooxdoo>1.1.1</version.maven-argeo-qooxdoo>
<site.repoBase>file:///srv/projects/www/commons/site</site.repoBase>
<site.urlBase>http://projects.argeo.org/commons/site</site.urlBase>
</properties>
import org.argeo.security.ArgeoSecurity;
import org.argeo.security.nature.SimpleUserNature;
+/** Holds deployment specific security information. */
public class DefaultArgeoSecurity implements ArgeoSecurity {
private String superUsername = "root";
public void beforeCreate(ArgeoUser user) {
- SimpleUserNature simpleUserNature = new SimpleUserNature();
- simpleUserNature.setLastName("empty");// to prevent issue with sn in LDAP
- user.getUserNatures().put("simpleUserNature",simpleUserNature);
+ SimpleUserNature simpleUserNature;
+ try {
+ simpleUserNature = SimpleUserNature
+ .findSimpleUserNature(user, null);
+ } catch (Exception e) {
+ simpleUserNature = new SimpleUserNature();
+ user.getUserNatures().put("simpleUserNature", simpleUserNature);
+ }
+
+ if (simpleUserNature.getLastName() == null
+ || simpleUserNature.getLastName().equals(""))
+ simpleUserNature.setLastName("empty");// to prevent issue with sn in
+ // LDAP
+
}
public String getSuperUsername() {
import java.util.Collections;
import java.util.List;
+import javax.jcr.LoginException;
import javax.jcr.Repository;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
}
protected Session login() {
+ Session newSession = null;
+ // first try to login without credentials, assuming the underlying login
+ // module will have dealt with authentication (typically using Spring
+ // Security)
try {
- SimpleCredentials sc = new SimpleCredentials(defaultUsername,
- defaultPassword.toCharArray());
- Session sess = repository.login(sc);
- if (log.isTraceEnabled())
- log.trace("Log in to JCR session " + sess + "; userId="
- + sess.getUserID());
- // Thread.dumpStack();
- activeSessions.add(sess);
- return sess;
- } catch (RepositoryException e) {
- throw new ArgeoException("Cannot log in to repository", e);
+ newSession = repository.login();
+ } catch (LoginException e1) {
+ log.warn("Cannot login without credentials: " + e1.getMessage());
+ // invalid credentials, go to the next step
+ } catch (RepositoryException e1) {
+ // other kind of exception, fail
+ throw new ArgeoException("Cannot log in to repository", e1);
}
+
+ // log using default username / password (useful for testing purposes)
+ if (newSession == null)
+ try {
+ SimpleCredentials sc = new SimpleCredentials(defaultUsername,
+ defaultPassword.toCharArray());
+ newSession = repository.login(sc);
+ } catch (RepositoryException e) {
+ throw new ArgeoException("Cannot log in to repository", e);
+ }
+
+ // Log and monitor new session
+ if (log.isTraceEnabled())
+ log.trace("Logged in to JCR session " + newSession + "; userId="
+ + newSession.getUserID());
+ activeSessions.add(newSession);
+ return newSession;
}
public Object getObject() {