<property name="repository" ref="nodeRepository" />
<property name="bundleContext" ref="bundleContext" />
</bean>
- <bean class="org.argeo.jackrabbit.JackrabbitAuthorizations"
- init-method="run">
- <property name="principalPrivileges">
- <map>
- <entry key="jcr:all" value="ROLE_ADMIN" />
- </map>
- </property>
- <property name="repository" ref="argeoDataModel" />
- </bean>
<bean id="jcrLdapSynchronizer" class="org.argeo.security.ldap.jcr.JcrLdapSynchronizer"
init-method="init" destroy-method="destroy" depends-on="argeoDataModel">
<property name="repository" ref="nodeRepository" />
<property name="bundleContext" ref="bundleContext" />
</bean>
- <bean class="org.argeo.jackrabbit.JackrabbitAuthorizations"
- init-method="run">
- <property name="principalPrivileges">
- <map>
- <entry key="jcr:all" value="ROLE_ADMIN" />
- </map>
- </property>
- <property name="repository" ref="argeoDataModel" />
- </bean>
<bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
<property name="providers">
/** Jackrabbit login mechanism based on Spring Security */
public class ArgeoLoginModule extends AbstractLoginModule {
- // private String adminRole = "ROLE_ADMIN";
+ private String adminRole = "ROLE_ADMIN";
@SuppressWarnings("unused")
@Override
for (GrantedAuthority ga : authen.getAuthorities()) {
principals.add(new GrantedAuthorityPrincipal(ga));
// FIXME: make it more generic
- // if (adminRole.equals(ga.getAuthority()))
- // principals.add(new AdminPrincipal(authen.getName()));
+ if (adminRole.equals(ga.getAuthority()))
+ principals.add(new AdminPrincipal(authen.getName()));
}
}
import org.apache.jackrabbit.core.security.authorization.WorkspaceAccessManager;
import org.springframework.security.Authentication;
import org.springframework.security.GrantedAuthority;
+import org.springframework.security.context.SecurityContextHolder;
/** Integrates Spring Security and Jackrabbit Security users and roles. */
public class ArgeoSecurityManager extends DefaultSecurityManager {
@Override
public String getUserID(Subject subject, String workspaceName)
throws RepositoryException {
- if (!synchronize)
- return super.getUserID(subject, workspaceName);
+ if (!synchronize) {
+ Authentication authentication = SecurityContextHolder.getContext()
+ .getAuthentication();
+ if (authentication != null)
+ return authentication.getName();
+ else
+ return super.getUserID(subject, workspaceName);
+ }
if (log.isTraceEnabled())
log.trace(subject);