From: Mathieu Baudier <mbaudier@argeo.org>
Date: Sat, 15 Aug 2015 09:57:20 +0000 (+0000)
Subject: Simplify Jackrabbit security dependencies.
X-Git-Tag: argeo-commons-2.1.30~201
X-Git-Url: https://git.argeo.org/?a=commitdiff_plain;h=7a9cd8bfb3564d72c6e26774fe83eaec1454bfff;p=lgpl%2Fargeo-commons.git

Simplify Jackrabbit security dependencies.

git-svn-id: https://svn.argeo.org/commons/trunk@8325 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc
---

diff --git a/org.argeo.security.jackrabbit/src/org/argeo/security/jackrabbit/ArgeoLoginModule.java b/org.argeo.security.jackrabbit/src/org/argeo/security/jackrabbit/ArgeoLoginModule.java
index 2ff913dd2..c37ad0db3 100644
--- a/org.argeo.security.jackrabbit/src/org/argeo/security/jackrabbit/ArgeoLoginModule.java
+++ b/org.argeo.security.jackrabbit/src/org/argeo/security/jackrabbit/ArgeoLoginModule.java
@@ -31,7 +31,6 @@ import org.apache.jackrabbit.core.security.AnonymousPrincipal;
 import org.apache.jackrabbit.core.security.authentication.AbstractLoginModule;
 import org.apache.jackrabbit.core.security.authentication.Authentication;
 import org.apache.jackrabbit.core.security.principal.AdminPrincipal;
-import org.argeo.security.SystemAuthentication;
 import org.springframework.security.authentication.AnonymousAuthenticationToken;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;
@@ -39,6 +38,7 @@ import org.springframework.security.core.context.SecurityContextHolder;
 /** Jackrabbit login mechanism based on Spring Security */
 public class ArgeoLoginModule extends AbstractLoginModule {
 	private String adminRole = "ROLE_ADMIN";
+	private String systemRole = "ROLE_SYSTEM";
 
 	/**
 	 * Returns the Spring {@link org.springframework.security.Authentication}
@@ -57,17 +57,19 @@ public class ArgeoLoginModule extends AbstractLoginModule {
 		Set<Principal> principals = new LinkedHashSet<Principal>();
 		principals.add(authen);
 
-		if (authen instanceof SystemAuthentication) {
-			principals.add(new AdminPrincipal(authen.getName()));
-			// principals.add(new ArgeoSystemPrincipal(authen.getName()));
-		} else if (authen instanceof AnonymousAuthenticationToken) {
+		// if (authen instanceof SystemAuthentication) {
+		// principals.add(new AdminPrincipal(authen.getName()));
+		// // principals.add(new ArgeoSystemPrincipal(authen.getName()));
+		// } else
+		if (authen instanceof AnonymousAuthenticationToken) {
 			principals.add(new AnonymousPrincipal());
 		} else {
 			for (GrantedAuthority ga : authen.getAuthorities()) {
 				if (ga instanceof Principal)
 					principals.add((Principal) ga);
 				// FIXME: make it more generic
-				if (adminRole.equals(ga.getAuthority()))
+				String authority = ga.getAuthority();
+				if (adminRole.equals(authority) || systemRole.equals(authority))
 					principals.add(new AdminPrincipal(authen.getName()));
 			}
 		}
diff --git a/org.argeo.server.jcr/build.properties b/org.argeo.server.jcr/build.properties
index 098377af8..fa96ec909 100644
--- a/org.argeo.server.jcr/build.properties
+++ b/org.argeo.server.jcr/build.properties
@@ -19,4 +19,5 @@ additional.bundles = org.junit,\
                      EDU.oswego.cs.dl.util.concurrent,\
                      org.apache.lucene,\
                      org.apache.tika.core,\
-                     org.apache.tika.parsers
+                     org.apache.tika.parsers,\
+                     org.argeo.security.jackrabbit