@Override public Object getCredentials(final Object request) { if (request instanceof HttpServletRequest) { return new ServletCredentials((HttpServletRequest)request); } throw new IllegalArgumentException("Request object is of the wrong type"); } }
@Override public ExecutionContext authenticate( Credentials credentials, String repositoryName, String workspaceName, ExecutionContext repositoryContext, Map<String, Object> sessionAttributes ) { if (credentials instanceof ServletCredentials) { ServletCredentials creds = (ServletCredentials)credentials; HttpServletRequest request = creds.getRequest(); if (request != null) { return repositoryContext.with(new ServletSecurityContext(request)); } } return null; }
@Override public ExecutionContext authenticate( Credentials credentials, String repositoryName, String workspaceName, ExecutionContext repositoryContext, Map<String, Object> sessionAttributes ) { if (credentials instanceof ServletCredentials) { ServletCredentials creds = (ServletCredentials)credentials; HttpServletRequest request = creds.getRequest(); if (request != null) { return repositoryContext.with(new ServletSecurityContext(request)); } } return null; }
/** * @see javax.servlet.Filter#doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain) */ @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { ServletCredentials credentials = new ServletCredentials((HttpServletRequest) request); try { JCRRepositoryFactory.setLoginCredentials(credentials); chain.doFilter(request, response); } finally { JCRRepositoryFactory.clearLoginCredentials(); } }
/** * Get a JCR Session for the named workspace in the named repository, using the supplied HTTP servlet request for * authentication information. * * @param request the servlet request; may not be null or unauthenticated * @param repositoryName the name of the repository in which the session is created * @param workspaceName the name of the workspace to which the session should be connected * @return an active session with the given workspace in the named repository * @throws RepositoryException if the named repository does not exist or there was a problem obtaining the named repository */ public static Session getSession( HttpServletRequest request, String repositoryName, String workspaceName ) throws RepositoryException { // Go through all the RepositoryFactory instances and try to create one ... Repository repository = getRepository(repositoryName); // If there's no authenticated user, try an anonymous login if (request == null || request.getUserPrincipal() == null) { return repository.login(workspaceName); } return repository.login(new ServletCredentials(request), workspaceName); }
/** * Get a JCR Session for the named workspace in the named repository, using the supplied HTTP servlet request for * authentication information. * * @param request the servlet request; may not be null or unauthenticated * @param repositoryName the name of the repository in which the session is created * @param workspaceName the name of the workspace to which the session should be connected * @return an active session with the given workspace in the named repository * @throws RepositoryException if the named repository does not exist or there was a problem obtaining the named repository */ public static Session getSession( HttpServletRequest request, String repositoryName, String workspaceName ) throws RepositoryException { // Go through all the RepositoryFactory instances and try to create one ... Repository repository = getRepository(repositoryName); // If there's no authenticated user, try an anonymous login if (request == null || request.getUserPrincipal() == null) { return repository.login(workspaceName); } return repository.login(new ServletCredentials(request), workspaceName); }
session = jcrRepository(repositoryId).login(new ServletCredentials(request), workspace(repositoryId)); sessions.put(repositoryId, session); return session;