Continue finalising security. Fix issues with login in web.

git-svn-id: https://svn.argeo.org/commons/trunk@9274 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java
index 23bbf2345abb90b82654051d3673f39f66d42d12..6147fc77aa5cead990718870d389576cce77d4a9 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java
@@ -10,17 +10,16 @@ import javax.security.auth.login.LoginException;
 import javax.security.auth.spi.LoginModule;
 import javax.security.auth.x500.X500Principal;
 
-import org.apache.jackrabbit.core.security.SecurityConstants;
-import org.apache.jackrabbit.core.security.principal.AdminPrincipal;
 import org.argeo.cms.internal.auth.ImpliedByPrincipal;
 import org.argeo.node.NodeConstants;
+import org.argeo.node.security.DataAdminPrincipal;
 
 public class SingleUserLoginModule implements LoginModule, AuthConstants {
        private Subject subject;
 
        @Override
-       public void initialize(Subject subject, CallbackHandler callbackHandler,
-                       Map<String, ?> sharedState, Map<String, ?> options) {
+       public void initialize(Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState,
+                       Map<String, ?> options) {
                this.subject = subject;
        }
 
@@ -32,13 +31,11 @@ public class SingleUserLoginModule implements LoginModule, AuthConstants {
        @Override
        public boolean commit() throws LoginException {
                String username = System.getProperty("user.name");
-               X500Principal principal = new X500Principal("uid=" + username
-                               + ",dc=localhost,dc=localdomain");
+               X500Principal principal = new X500Principal("uid=" + username + ",dc=localhost,dc=localdomain");
                Set<Principal> principals = subject.getPrincipals();
                principals.add(principal);
                principals.add(new ImpliedByPrincipal(NodeConstants.ROLE_ADMIN, principal));
-               // Jackrabbit
-               principals.add(new AdminPrincipal(SecurityConstants.ADMIN_ID));
+               principals.add(new DataAdminPrincipal());
                return true;
        }
 

diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/HomeRepository.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/HomeRepository.java
index 68acd2d62baa9086ceb1c257567fb50699d2f1f5..d73b554e8bda61354c55b09538716ca8858f4966 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/HomeRepository.java
+++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/HomeRepository.java
@@ -14,7 +14,6 @@ import javax.naming.ldap.LdapName;
 import javax.security.auth.Subject;
 import javax.security.auth.login.LoginContext;
 
-import org.apache.jackrabbit.core.security.SecurityConstants;
 import org.argeo.cms.CmsException;
 import org.argeo.jcr.JcrRepositoryWrapper;
 import org.argeo.jcr.JcrUtils;
@@ -89,8 +88,8 @@ class HomeRepository extends JcrRepositoryWrapper implements KernelConstants {
                        return;
 //             if (session.getUserID().equals(AuthConstants.ROLE_KERNEL))
 //                     return;
-               if (session.getUserID().equals(SecurityConstants.ADMIN_ID))
-                       return;
+//             if (session.getUserID().equals(SecurityConstants.ADMIN_ID))
+//                     return;
 
                if (checkedUsers.contains(username))
                        return;

diff --git a/org.argeo.ext.jackrabbit/bnd.bnd b/org.argeo.ext.jackrabbit/bnd.bnd
index 6bab2aa5e678cdee5a196cab7685f8dc8ca1e7d1..8107e871797ec3280a63be2090f8bc9d52120182 100644 (file)
--- a/org.argeo.ext.jackrabbit/bnd.bnd
+++ b/org.argeo.ext.jackrabbit/bnd.bnd
@@ -1,3 +1,4 @@
 Fragment-Host: org.apache.jackrabbit.core
 Import-Package: org.springframework.core,\
+org.argeo.node,\
 *