/** * @see PrincipalProvider#findPrincipals(String, int) */ public PrincipalIterator findPrincipals(String simpleFilter, int searchType) { checkInitialized(); switch (searchType) { case PrincipalManager.SEARCH_TYPE_GROUP: return findGroupPrincipals(simpleFilter); case PrincipalManager.SEARCH_TYPE_NOT_GROUP: return findUserPrincipals(simpleFilter); case PrincipalManager.SEARCH_TYPE_ALL: PrincipalIterator[] its = new PrincipalIterator[] { findUserPrincipals(simpleFilter), findGroupPrincipals(simpleFilter) }; return new PrincipalIteratorAdapter(new IteratorChain(its)); default: throw new IllegalArgumentException("Invalid searchType"); } }
/** * @see EventListener#onEvent(EventIterator) */ public void onEvent(EventIterator eventIterator) { // superclass: flush all cached clearCache(); }
/** * @see PrincipalProvider#getGroupMembership(Principal) */ public PrincipalIterator getGroupMembership(Principal userPrincipal) { checkInitialized(); Set<Principal> mship = collectGroupMembership(userPrincipal); // make sure everyone-group is not missing if (!mship.contains(everyonePrincipal) && everyonePrincipal.isMember(userPrincipal)) { mship.add(everyonePrincipal); } return new PrincipalIteratorAdapter(mship); }
/** * Creates the default principal provider used to create the * {@link PrincipalProviderRegistry}. * * @return An new instance of <code>DefaultPrincipalProvider</code>. * @throws RepositoryException If an error occurs. */ protected PrincipalProvider createDefaultPrincipalProvider(Properties[] moduleConfig) throws RepositoryException { boolean initialized = false; PrincipalProvider defaultPP = new DefaultPrincipalProvider(this.systemSession, (UserManagerImpl) systemUserManager); for (Properties props : moduleConfig) { //GRANITE-4470: apply config to DefaultPrincipalProvider if there is no explicit PrincipalProvider configured if (!props.containsKey(LoginModuleConfig.PARAM_PRINCIPAL_PROVIDER_CLASS) && props.containsKey(AbstractPrincipalProvider.MAXSIZE_KEY)) { defaultPP.init(props); initialized = true; break; } } if (!initialized) { defaultPP.init(new Properties()); } return defaultPP; }
/** * @see PrincipalProvider#getPrincipals(int) * @param searchType Any of the following search types: * <ul> * <li>{@link PrincipalManager#SEARCH_TYPE_GROUP}</li> * <li>{@link PrincipalManager#SEARCH_TYPE_NOT_GROUP}</li> * <li>{@link PrincipalManager#SEARCH_TYPE_ALL}</li> * </ul> * @see PrincipalProvider#getPrincipals(int) */ public PrincipalIterator getPrincipals(int searchType) { return findPrincipals(null, searchType); }
/** * @see org.apache.jackrabbit.core.security.principal.AbstractPrincipalIterator#seekNext() */ @Override protected Principal seekNext() { while (authorizableItr.hasNext()) { try { Principal p = authorizableItr.next().getPrincipal(); if (everyonePrincipal.equals(p)) { addEveryone = false; } addToCache(p); return p; } catch (RepositoryException e) { // should never get here log.warn("Error while retrieving principal from group -> skip."); } } if (addEveryone) { addEveryone = false; // make sure iteration stops return everyonePrincipal; } else { // end of iteration reached return null; } } }
/** * @see PrincipalProvider#canReadPrincipal(javax.jcr.Session,java.security.Principal) */ public boolean canReadPrincipal(Session session, Principal principal) { checkInitialized(); // check if the session can read the user/group associated with the // given principal if (session instanceof SessionImpl) { SessionImpl sImpl = (SessionImpl) session; if (sImpl.isAdmin() || sImpl.isSystem()) { return true; } try { UserManager umgr = sImpl.getUserManager(); return umgr.getAuthorizable(principal) != null; } catch (RepositoryException e) { log.error("Failed to determine accessibility of Principal {}", principal, e); } } return false; }
/** * Creates the default principal provider used to create the * {@link PrincipalProviderRegistry}. * * @return An new instance of <code>DefaultPrincipalProvider</code>. * @throws RepositoryException If an error occurs. */ protected PrincipalProvider createDefaultPrincipalProvider(Properties[] moduleConfig) throws RepositoryException { boolean initialized = false; PrincipalProvider defaultPP = new DefaultPrincipalProvider(this.systemSession, (UserManagerImpl) systemUserManager); for (Properties props : moduleConfig) { //GRANITE-4470: apply config to DefaultPrincipalProvider if there is no explicit PrincipalProvider configured if (!props.containsKey(LoginModuleConfig.PARAM_PRINCIPAL_PROVIDER_CLASS) && props.containsKey(AbstractPrincipalProvider.MAXSIZE_KEY)) { defaultPP.init(props); initialized = true; break; } } if (!initialized) { defaultPP.init(new Properties()); } return defaultPP; }
/** * @see PrincipalProvider#findPrincipals(String) */ public PrincipalIterator findPrincipals(String simpleFilter) { return findPrincipals(simpleFilter, PrincipalManager.SEARCH_TYPE_ALL); }
/** * @see org.apache.jackrabbit.core.security.principal.AbstractPrincipalIterator#seekNext() */ @Override protected Principal seekNext() { while (authorizableItr.hasNext()) { try { Principal p = authorizableItr.next().getPrincipal(); if (everyonePrincipal.equals(p)) { addEveryone = false; } addToCache(p); return p; } catch (RepositoryException e) { // should never get here log.warn("Error while retrieving principal from group -> skip."); } } if (addEveryone) { addEveryone = false; // make sure iteration stops return everyonePrincipal; } else { // end of iteration reached return null; } } }
/** * @see PrincipalProvider#canReadPrincipal(javax.jcr.Session,java.security.Principal) */ public boolean canReadPrincipal(Session session, Principal principal) { checkInitialized(); // check if the session can read the user/group associated with the // given principal if (session instanceof SessionImpl) { SessionImpl sImpl = (SessionImpl) session; if (sImpl.isAdmin() || sImpl.isSystem()) { return true; } try { UserManager umgr = sImpl.getUserManager(); return umgr.getAuthorizable(principal) != null; } catch (RepositoryException e) { log.error("Failed to determine accessibility of Principal {}", principal, e); } } return false; }
PrincipalProvider defaultPP = new DefaultPrincipalProvider(systemSession, (UserManagerImpl) getUserManager(systemSession));
/** * @see PrincipalProvider#findPrincipals(String, int) */ public PrincipalIterator findPrincipals(String simpleFilter, int searchType) { checkInitialized(); switch (searchType) { case PrincipalManager.SEARCH_TYPE_GROUP: return findGroupPrincipals(simpleFilter); case PrincipalManager.SEARCH_TYPE_NOT_GROUP: return findUserPrincipals(simpleFilter); case PrincipalManager.SEARCH_TYPE_ALL: PrincipalIterator[] its = new PrincipalIterator[] { findUserPrincipals(simpleFilter), findGroupPrincipals(simpleFilter) }; return new PrincipalIteratorAdapter(new IteratorChain(its)); default: throw new IllegalArgumentException("Invalid searchType"); } }
/** * @see PrincipalProvider#getGroupMembership(Principal) */ public PrincipalIterator getGroupMembership(Principal userPrincipal) { checkInitialized(); Set<Principal> mship = collectGroupMembership(userPrincipal); // make sure everyone-group is not missing if (!mship.contains(everyonePrincipal) && everyonePrincipal.isMember(userPrincipal)) { mship.add(everyonePrincipal); } return new PrincipalIteratorAdapter(mship); }
/** * @see PrincipalProvider#getPrincipals(int) * @param searchType Any of the following search types: * <ul> * <li>{@link PrincipalManager#SEARCH_TYPE_GROUP}</li> * <li>{@link PrincipalManager#SEARCH_TYPE_NOT_GROUP}</li> * <li>{@link PrincipalManager#SEARCH_TYPE_ALL}</li> * </ul> * @see PrincipalProvider#getPrincipals(int) */ public PrincipalIterator getPrincipals(int searchType) { return findPrincipals(null, searchType); }
addToCache(auth.getPrincipal()); Iterator<Group> itr = auth.memberOf(); while (itr.hasNext()) { Group group = itr.next(); Principal gp = group.getPrincipal(); addToCache(gp); membership.add(gp);
/** * @see EventListener#onEvent(EventIterator) */ public void onEvent(EventIterator eventIterator) { // superclass: flush all cached clearCache(); }
@Override protected void setUp() throws Exception { super.setUp(); if (!(userMgr instanceof UserManagerImpl)) { throw new NotExecutableException(); } UserManagerImpl umgr = (UserManagerImpl) userMgr; // Workaround for testing cache behaviour that relies on observation: // - retrieve session attached to the userManager implementation. // - using superuser will not work if users are stored in a different workspace. Authorizable a = umgr.getAuthorizable(getPrincipalSetFromSession(superuser).iterator().next()); Session s = ((AuthorizableImpl) a).getNode().getSession(); principalProvider = new DefaultPrincipalProvider(s, umgr); principalProvider.init(new Properties()); }
/** * @see PrincipalProvider#findPrincipals(String) */ public PrincipalIterator findPrincipals(String simpleFilter) { return findPrincipals(simpleFilter, PrincipalManager.SEARCH_TYPE_ALL); }
addToCache(auth.getPrincipal()); Iterator<Group> itr = auth.memberOf(); while (itr.hasNext()) { Group group = itr.next(); Principal gp = group.getPrincipal(); addToCache(gp); membership.add(gp);