public class UserPerWorkspaceSecurityManager extends DefaultSecurityManager
Session
passed to getUserManager(Session)
.
In addition the default (user-based) principal provider created by
DefaultSecurityManager
cannot be used to retrieve principals. Instead this implementation keeps
a distinct pp-registry for each workspace.
adminId, anonymousId
Constructor and Description |
---|
UserPerWorkspaceSecurityManager() |
Modifier and Type | Method and Description |
---|---|
void |
close()
Disposes this security manager instance and cleans all internal caches.
|
protected PrincipalProvider |
createDefaultPrincipalProvider(Properties[] moduleConfig)
Always returns
null . |
protected WorkspaceAccessManager |
createDefaultWorkspaceAccessManager()
Returns a new instance of
SimpleWorkspaceAccessManager , since
with the DefaultLoginModule the existence of the user
is checked in order to successfully complete the login. |
protected PrincipalManager |
createPrincipalManager(SessionImpl session) |
protected UserManagerImpl |
createUserManager(SessionImpl session)
Creates a new instanceof
TransientChangeUserManagerImpl . |
void |
dispose(String workspaceName)
Disposes those parts of this security manager that are related to the
workspace indicated by the given
workspaceName . |
AuthContext |
getAuthContext(Credentials creds,
Subject subject,
String workspaceName)
Creates an AuthContext for the given
Credentials and
Subject .This includes selection of application specific LoginModules and initialization with credentials and Session to System-Workspace |
protected UserManager |
getSystemUserManager(String workspaceName) |
UserManager |
getUserManager(Session session)
As this implementation expects that users information in present in
every workspace, the UserManager is always created with the given
session.
|
void |
init(Repository repository,
Session systemSession) |
checkInitialized, getAccessManager, getAuthContextProvider, getConfig, getMembershipCache, getPrincipalManager, getPrincipalProviderRegistry, getRepository, getSystemSession, getUserID
public void init(Repository repository, Session systemSession) throws RepositoryException
init
in interface JackrabbitSecurityManager
init
in class DefaultSecurityManager
RepositoryException
JackrabbitSecurityManager.init(Repository, Session)
public void dispose(String workspaceName)
JackrabbitSecurityManager
workspaceName
.dispose
in interface JackrabbitSecurityManager
dispose
in class DefaultSecurityManager
workspaceName
- Name of the workspace that is being disposed.JackrabbitSecurityManager.dispose(String)
public void close()
JackrabbitSecurityManager
close
in interface JackrabbitSecurityManager
close
in class DefaultSecurityManager
JackrabbitSecurityManager.close()
public UserManager getUserManager(Session session) throws RepositoryException
getUserManager
in interface JackrabbitSecurityManager
getUserManager
in class DefaultSecurityManager
session
.UnsupportedRepositoryOperationException
- If user management is
not supported.RepositoryException
JackrabbitSecurityManager.getUserManager(javax.jcr.Session)
public AuthContext getAuthContext(Credentials creds, Subject subject, String workspaceName) throws RepositoryException
Credentials
and
Subject
.getAuthContext
in interface JackrabbitSecurityManager
getAuthContext
in class DefaultSecurityManager
workspaceName
- The name of the workspace to login.AuthContext
for the given Credentials, SubjectRepositoryException
- in other exceptional repository statesprotected PrincipalProvider createDefaultPrincipalProvider(Properties[] moduleConfig) throws RepositoryException
null
. The default principal provider is
workspace depending as users are expected to exist in every workspace.createDefaultPrincipalProvider
in class DefaultSecurityManager
null
RepositoryException
protected UserManager getSystemUserManager(String workspaceName) throws RepositoryException
getSystemUserManager
in class DefaultSecurityManager
workspaceName
- The name of the target workspace.RepositoryException
- If an error occurs.protected UserManagerImpl createUserManager(SessionImpl session) throws RepositoryException
TransientChangeUserManagerImpl
.createUserManager
in class DefaultSecurityManager
session
- sessionTransientChangeUserManagerImpl
RepositoryException
protected PrincipalManager createPrincipalManager(SessionImpl session) throws RepositoryException
createPrincipalManager
in class DefaultSecurityManager
session
- Session for the principal manager must be created.DefaultSecurityManager.getPrincipalProviderRegistry()
but has a workspace specific
default provider.RepositoryException
protected WorkspaceAccessManager createDefaultWorkspaceAccessManager()
SimpleWorkspaceAccessManager
, since
with the DefaultLoginModule
the existence of the user
is checked in order to successfully complete the login. Since with this
SecurityManager users are stored separately in each workspace, a user
may only login to a workspace if the corresponding user node exists.
Consequently a lazy workspace access manager is sufficient.
If this SecurityManager is used with a distinct LoginModule
implementation, the configuration
for WorkspaceAccessManager
should be adjusted as well.
createDefaultWorkspaceAccessManager
in class DefaultSecurityManager
SimpleWorkspaceAccessManager
.Copyright © 2004–2021 The Apache Software Foundation. All rights reserved.