package org.argeo.security.jackrabbit;
-import java.net.URL;
-import java.security.PrivilegedExceptionAction;
-
import javax.jcr.Repository;
import javax.jcr.Session;
-import javax.security.auth.Subject;
-import javax.security.auth.login.LoginContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
private final Log log = LogFactory.getLog(JackrabbitAuthTest.class);
public void testLogin() throws Exception {
- Subject subject = new Subject();
- LoginContext loginContext = new LoginContext("SYSTEM", subject);
- loginContext.login();
- Subject.doAs(subject, new PrivilegedExceptionAction<Void>() {
-
- @Override
- public Void run() throws Exception {
- Repository repository = getRepository();
- Session session = repository.login();
- log.debug(session.getUserID());
- return null;
- }
- });
+ Session session = session();
+ log.debug(session.getUserID());
+ assertEquals("admin", session.getUserID());
+ // Subject subject = new Subject();
+ // LoginContext loginContext = new LoginContext("SYSTEM", subject);
+ // loginContext.login();
+ // Subject.doAs(subject, new PrivilegedExceptionAction<Void>() {
+ //
+ // @Override
+ // public Void run() throws Exception {
+ // Repository repository = getRepository();
+ // Session session = repository.login();
+ // log.debug(session.getUserID());
+ // return null;
+ // }
+ // });
+ }
+
+ @Override
+ protected String getLoginContext() {
+ return LOGIN_CONTEXT_TEST_SYSTEM;
}
@Override
protected Repository createRepository() throws Exception {
- URL url = getClass().getResource("test_jaas.config");
- System.setProperty("java.security.auth.login.config", url.toString());
return super.createRepository();
}
@Override
protected void clearRepository(Repository repository) throws Exception {
- System.setProperty("java.security.auth.login.config", "");
+ // System.setProperty("java.security.auth.login.config", "");
}
@Override
+++ /dev/null
-SYSTEM {
- org.argeo.security.core.SystemLoginModule requisite;
-};
-
-Jackrabbit {
- org.argeo.security.jackrabbit.SystemJackrabbitLoginModule requisite;
-};
*/
package org.argeo.jackrabbit.unit;
+import java.net.URL;
+
import javax.jcr.Repository;
import org.apache.commons.io.FileUtils;
// return res.getFile();
// }
+ public AbstractJackrabbitTestCase() {
+ URL url = AbstractJackrabbitTestCase.class.getResource("jaas.config");
+ assert url != null;
+ System.setProperty("java.security.auth.login.config", url.toString());
+ }
+
protected Repository createRepository() throws Exception {
// Repository repository = new TransientRepository(getRepositoryFile(),
// getHomeDir());
--- /dev/null
+TEST_SYSTEM {
+ org.argeo.security.core.SystemLoginModule requisite;
+};
+
+Jackrabbit {
+ org.argeo.security.jackrabbit.SystemJackrabbitLoginModule requisite;
+};
package org.argeo.jcr.unit;
import java.io.File;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
import javax.jcr.Repository;
import javax.jcr.Session;
import javax.jcr.SimpleCredentials;
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
import junit.framework.TestCase;
private Repository repository;
private Session session = null;
-// protected abstract File getRepositoryFile() throws Exception;
+ public final static String LOGIN_CONTEXT_TEST_SYSTEM = "TEST_SYSTEM";
+
+ // protected abstract File getRepositoryFile() throws Exception;
protected abstract Repository createRepository() throws Exception;
}
protected Session session() {
- if (session == null || !session.isLive()) {
+ if (session != null && session.isLive())
+ return session;
+ Session session;
+ if (getLoginContext() != null) {
+ LoginContext lc;
try {
- if (log.isTraceEnabled())
- log.trace("Login session");
- session = getRepository().login(
- new SimpleCredentials("demo", "demo".toCharArray()));
- } catch (Exception e) {
- throw new ArgeoException("Cannot login to repository", e);
+ lc = new LoginContext(getLoginContext());
+ lc.login();
+ } catch (LoginException e) {
+ throw new ArgeoException("JAAS login failed", e);
}
+ session = Subject.doAs(lc.getSubject(),
+ new PrivilegedAction<Session>() {
+
+ @Override
+ public Session run() {
+ return login();
+ }
+
+ });
+ } else
+ session = login();
+ this.session = session;
+ return this.session;
+ }
+
+ protected String getLoginContext() {
+ return null;
+ }
+
+ protected Session login() {
+ try {
+ if (log.isTraceEnabled())
+ log.trace("Login session");
+ Subject subject = Subject.getSubject(AccessController.getContext());
+ if (subject != null)
+ return getRepository().login();
+ else
+ return getRepository().login(
+ new SimpleCredentials("demo", "demo".toCharArray()));
+ } catch (Exception e) {
+ throw new ArgeoException("Cannot login to repository", e);
}
- return session;
}
protected Repository getRepository() {