org.apache.jackrabbit.core

Class DefaultSecurityManager

java.lang.Object

org.apache.jackrabbit.core.DefaultSecurityManager

All Implemented Interfaces:

JackrabbitSecurityManager

Direct Known Subclasses:

UserPerWorkspaceSecurityManager

public class DefaultSecurityManager
extends Object
implements JackrabbitSecurityManager

The security manager acts as central managing class for all security related operations on a low-level non-protected level. It manages the

• PrincipalProviders
• AccessControlProviders
• WorkspaceAccessManager
• UserManager

Field Summary

Fields

Modifier and Type	Field and Description
protected String	adminId The user id of the administrator.
protected String	anonymousId The user id of the anonymous user.

Constructor Summary

Constructors

Constructor and Description
DefaultSecurityManager()

Method Summary

Modifier and Type	Method and Description
protected void	checkInitialized() Throws IllegalStateException if this manager hasn't been initialized.
void	close() Disposes this security manager instance and cleans all internal caches.
protected PrincipalProvider	createDefaultPrincipalProvider(Properties[] moduleConfig) Creates the default principal provider used to create the PrincipalProviderRegistry.
protected WorkspaceAccessManager	createDefaultWorkspaceAccessManager()
protected org.apache.jackrabbit.api.security.principal.PrincipalManager	createPrincipalManager(SessionImpl session)
protected UserManagerImpl	createUserManager(SessionImpl session) Creates a UserManagerImpl for the given session.
void	dispose(String workspaceName) Disposes those parts of this security manager that are related to the workspace indicated by the given workspaceName.
AccessManager	getAccessManager(Session session, AMContext amContext) Retrieve the AccessManager for the given session.
AuthContext	getAuthContext(Credentials creds, Subject subject, String workspaceName) Creates an AuthContext for the given Credentials and Subject.
protected AuthContextProvider	getAuthContextProvider()
protected SecurityManagerConfig	getConfig()
protected MembershipCache	getMembershipCache(SessionImpl session)
org.apache.jackrabbit.api.security.principal.PrincipalManager	getPrincipalManager(Session session) Retrieve the principal manager for the given session.
protected PrincipalProviderRegistry	getPrincipalProviderRegistry()
protected Repository	getRepository()
protected Session	getSystemSession()
protected org.apache.jackrabbit.api.security.user.UserManager	getSystemUserManager(String workspaceName)
String	getUserID(Subject subject, String workspaceName) Retrieve the id to be displayed upon Session.getUserID() for the specified subject.
org.apache.jackrabbit.api.security.user.UserManager	getUserManager(Session session) Returns the user manager for the specified session.
void	init(Repository repository, Session systemSession)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

adminId

protected String adminId

The user id of the administrator. The value is retrieved from configuration. If the config entry is missing a default id is used (see SecurityConstants.ADMIN_ID).

anonymousId

protected String anonymousId

The user id of the anonymous user. The value is retrieved from configuration. If the config entry is missing a default id is used (see SecurityConstants.ANONYMOUS_ID).

Constructor Detail

DefaultSecurityManager

public DefaultSecurityManager()

Method Detail

init

public void init(Repository repository,
                 Session systemSession)
          throws RepositoryException

Specified by:

init in interface JackrabbitSecurityManager

Throws:

RepositoryException

See Also:

JackrabbitSecurityManager.init(Repository, Session)

dispose

public void dispose(String workspaceName)

Description copied from interface: JackrabbitSecurityManager

Disposes those parts of this security manager that are related to the workspace indicated by the given workspaceName.

Specified by:

dispose in interface JackrabbitSecurityManager

Parameters:

workspaceName - Name of the workspace that is being disposed.

See Also:

JackrabbitSecurityManager.dispose(String)

close

public void close()

Description copied from interface: JackrabbitSecurityManager

Disposes this security manager instance and cleans all internal caches.

Specified by:

close in interface JackrabbitSecurityManager

See Also:

JackrabbitSecurityManager.close()

getAccessManager

public AccessManager getAccessManager(Session session,
                                      AMContext amContext)
                               throws RepositoryException

Description copied from interface: JackrabbitSecurityManager

Retrieve the AccessManager for the given session.

Specified by:

getAccessManager in interface JackrabbitSecurityManager

Returns:

AccessManager for the specified session.

Throws:

RepositoryException

See Also:

JackrabbitSecurityManager.getAccessManager(Session,AMContext)

getPrincipalManager

public org.apache.jackrabbit.api.security.principal.PrincipalManager getPrincipalManager(Session session)
                                                                                  throws RepositoryException

Description copied from interface: JackrabbitSecurityManager

Retrieve the principal manager for the given session.

Specified by:

getPrincipalManager in interface JackrabbitSecurityManager

Returns:

PrincipalManager for the given session.

Throws:

UnsupportedRepositoryOperationException - If principal management is not supported.

RepositoryException - if an error occurs

See Also:

JackrabbitSecurityManager.getPrincipalManager(Session)

getUserManager

public org.apache.jackrabbit.api.security.user.UserManager getUserManager(Session session)
                                                                   throws RepositoryException

Description copied from interface: JackrabbitSecurityManager

Returns the user manager for the specified session.

Specified by:

getUserManager in interface JackrabbitSecurityManager

Returns:

UserManager for the given session.

Throws:

UnsupportedRepositoryOperationException - If user management is not supported.

RepositoryException

See Also:

JackrabbitSecurityManager.getUserManager(Session)

getUserID

public String getUserID(Subject subject,
                        String workspaceName)
                 throws RepositoryException

Description copied from interface: JackrabbitSecurityManager

Retrieve the id to be displayed upon Session.getUserID() for the specified subject.

Specified by:

getUserID in interface JackrabbitSecurityManager

Returns:

userID to be displayed upon Session.getUserID().

Throws:

RepositoryException

See Also:

JackrabbitSecurityManager.getUserID(javax.security.auth.Subject, String)

getAuthContext

public AuthContext getAuthContext(Credentials creds,
                                  Subject subject,
                                  String workspaceName)
                           throws RepositoryException

Creates an AuthContext for the given Credentials and Subject. The workspace name is ignored and users are stored and retrieved from a specific (separate) workspace.
This includes selection of application specific LoginModules and initialization with credentials and Session to System-Workspace

Specified by:

getAuthContext in interface JackrabbitSecurityManager

workspaceName - The name of the workspace to login.

Returns:

an AuthContext for the given Credentials, Subject

Throws:

RepositoryException - in other exceptional repository states

getConfig

protected SecurityManagerConfig getConfig()

Returns:

The SecurityManagerConfig configured for the repository this manager has been created for.

getSystemUserManager

protected org.apache.jackrabbit.api.security.user.UserManager getSystemUserManager(String workspaceName)
                                                                            throws RepositoryException

Parameters:

workspaceName - The name of the target workspace.

Returns:

The system user manager. Since this implementation stores users in a dedicated workspace the system user manager is the same for all sessions irrespective of the workspace.

Throws:

RepositoryException - If an error occurs.

getMembershipCache

protected MembershipCache getMembershipCache(SessionImpl session)
                                      throws RepositoryException

Parameters:

session - The session for which to retrieve the membership cache.

Returns:

The membership cache.

Throws:

RepositoryException - If an error occurs.

createUserManager

protected UserManagerImpl createUserManager(SessionImpl session)
                                     throws RepositoryException

Creates a UserManagerImpl for the given session. May be overridden to return a custom implementation.

Parameters:

session - session

Returns:

user manager

Throws:

RepositoryException - if an error occurs

createPrincipalManager

protected org.apache.jackrabbit.api.security.principal.PrincipalManager createPrincipalManager(SessionImpl session)
                                                                                        throws RepositoryException

Parameters:

session - The session used to create the principal manager.

Returns:

A new instance of PrincipalManagerImpl

Throws:

RepositoryException - If an error occurs.

createDefaultWorkspaceAccessManager

protected WorkspaceAccessManager createDefaultWorkspaceAccessManager()

Returns:

A nwe instance of WorkspaceAccessManagerImpl to be used as default workspace access manager if the configuration doesn't specify one.

createDefaultPrincipalProvider

protected PrincipalProvider createDefaultPrincipalProvider(Properties[] moduleConfig)
                                                    throws RepositoryException

Creates the default principal provider used to create the PrincipalProviderRegistry.

Returns:

An new instance of DefaultPrincipalProvider.

Throws:

RepositoryException - If an error occurs.

getPrincipalProviderRegistry

protected PrincipalProviderRegistry getPrincipalProviderRegistry()

Returns:

The PrincipalProviderRegistry created during initialization.

getAuthContextProvider

protected AuthContextProvider getAuthContextProvider()

Returns:

The AuthContextProvider created during initialization.

checkInitialized

protected void checkInitialized()

Throws IllegalStateException if this manager hasn't been initialized.

getSystemSession

protected Session getSystemSession()

Returns:

The system session used to initialize this SecurityManager.

getRepository

protected Repository getRepository()

Returns:

The repository used to initialize this SecurityManager.