Package org.apache.jackrabbit.core
Class DefaultSecurityManager
- java.lang.Object
-
- org.apache.jackrabbit.core.DefaultSecurityManager
-
- All Implemented Interfaces:
JackrabbitSecurityManager
- Direct Known Subclasses:
UserPerWorkspaceSecurityManager
public class DefaultSecurityManager extends Object implements JackrabbitSecurityManager
The security manager acts as central managing class for all security related operations on a low-level non-protected level. It manages the
-
-
Field Summary
Fields Modifier and Type Field Description protected String
adminId
The user id of the administrator.protected String
anonymousId
The user id of the anonymous user.
-
Constructor Summary
Constructors Constructor Description DefaultSecurityManager()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected void
checkInitialized()
ThrowsIllegalStateException
if this manager hasn't been initialized.void
close()
Disposes this security manager instance and cleans all internal caches.protected PrincipalProvider
createDefaultPrincipalProvider(Properties[] moduleConfig)
Creates the default principal provider used to create thePrincipalProviderRegistry
.protected WorkspaceAccessManager
createDefaultWorkspaceAccessManager()
protected PrincipalManager
createPrincipalManager(SessionImpl session)
protected UserManagerImpl
createUserManager(SessionImpl session)
Creates aUserManagerImpl
for the given session.void
dispose(String workspaceName)
Disposes those parts of this security manager that are related to the workspace indicated by the givenworkspaceName
.AccessManager
getAccessManager(Session session, AMContext amContext)
Retrieve theAccessManager
for the givensession
.AuthContext
getAuthContext(Credentials creds, Subject subject, String workspaceName)
Creates an AuthContext for the givenCredentials
andSubject
.protected AuthContextProvider
getAuthContextProvider()
protected SecurityManagerConfig
getConfig()
protected MembershipCache
getMembershipCache(SessionImpl session)
PrincipalManager
getPrincipalManager(Session session)
Retrieve the principal manager for the givensession
.protected PrincipalProviderRegistry
getPrincipalProviderRegistry()
protected Repository
getRepository()
protected Session
getSystemSession()
protected UserManager
getSystemUserManager(String workspaceName)
String
getUserID(Subject subject, String workspaceName)
Retrieve the id to be displayed uponSession.getUserID()
for the specified subject.UserManager
getUserManager(Session session)
Returns the user manager for the specifiedsession
.void
init(Repository repository, Session systemSession)
-
-
-
Field Detail
-
adminId
protected String adminId
The user id of the administrator. The value is retrieved from configuration. If the config entry is missing a default id is used (seeSecurityConstants.ADMIN_ID
).
-
anonymousId
protected String anonymousId
The user id of the anonymous user. The value is retrieved from configuration. If the config entry is missing a default id is used (seeSecurityConstants.ANONYMOUS_ID
).
-
-
Method Detail
-
init
public void init(Repository repository, Session systemSession) throws RepositoryException
- Specified by:
init
in interfaceJackrabbitSecurityManager
- Throws:
RepositoryException
- See Also:
JackrabbitSecurityManager.init(Repository, Session)
-
dispose
public void dispose(String workspaceName)
Description copied from interface:JackrabbitSecurityManager
Disposes those parts of this security manager that are related to the workspace indicated by the givenworkspaceName
.- Specified by:
dispose
in interfaceJackrabbitSecurityManager
- Parameters:
workspaceName
- Name of the workspace that is being disposed.- See Also:
JackrabbitSecurityManager.dispose(String)
-
close
public void close()
Description copied from interface:JackrabbitSecurityManager
Disposes this security manager instance and cleans all internal caches.- Specified by:
close
in interfaceJackrabbitSecurityManager
- See Also:
JackrabbitSecurityManager.close()
-
getAccessManager
public AccessManager getAccessManager(Session session, AMContext amContext) throws RepositoryException
Description copied from interface:JackrabbitSecurityManager
Retrieve theAccessManager
for the givensession
.- Specified by:
getAccessManager
in interfaceJackrabbitSecurityManager
- Returns:
AccessManager
for the specifiedsession
.- Throws:
RepositoryException
- See Also:
JackrabbitSecurityManager.getAccessManager(Session,AMContext)
-
getPrincipalManager
public PrincipalManager getPrincipalManager(Session session) throws RepositoryException
Description copied from interface:JackrabbitSecurityManager
Retrieve the principal manager for the givensession
.- Specified by:
getPrincipalManager
in interfaceJackrabbitSecurityManager
- Returns:
- PrincipalManager for the given
session
. - Throws:
UnsupportedRepositoryOperationException
- If principal management is not supported.RepositoryException
- if an error occurs- See Also:
JackrabbitSecurityManager.getPrincipalManager(Session)
-
getUserManager
public UserManager getUserManager(Session session) throws RepositoryException
Description copied from interface:JackrabbitSecurityManager
Returns the user manager for the specifiedsession
.- Specified by:
getUserManager
in interfaceJackrabbitSecurityManager
- Returns:
- UserManager for the given
session
. - Throws:
UnsupportedRepositoryOperationException
- If user management is not supported.RepositoryException
- See Also:
JackrabbitSecurityManager.getUserManager(Session)
-
getUserID
public String getUserID(Subject subject, String workspaceName) throws RepositoryException
Description copied from interface:JackrabbitSecurityManager
Retrieve the id to be displayed uponSession.getUserID()
for the specified subject.- Specified by:
getUserID
in interfaceJackrabbitSecurityManager
- Returns:
- userID to be displayed upon
Session.getUserID()
. - Throws:
RepositoryException
- See Also:
JackrabbitSecurityManager.getUserID(javax.security.auth.Subject, String)
-
getAuthContext
public AuthContext getAuthContext(Credentials creds, Subject subject, String workspaceName) throws RepositoryException
Creates an AuthContext for the givenCredentials
andSubject
. The workspace name is ignored and users are stored and retrieved from a specific (separate) workspace.
This includes selection of application specific LoginModules and initialization with credentials and Session to System-Workspace- Specified by:
getAuthContext
in interfaceJackrabbitSecurityManager
workspaceName
- The name of the workspace to login.- Returns:
- an
AuthContext
for the given Credentials, Subject - Throws:
RepositoryException
- in other exceptional repository states
-
getConfig
protected SecurityManagerConfig getConfig()
- Returns:
- The
SecurityManagerConfig
configured for the repository this manager has been created for.
-
getSystemUserManager
protected UserManager getSystemUserManager(String workspaceName) throws RepositoryException
- Parameters:
workspaceName
- The name of the target workspace.- Returns:
- The system user manager. Since this implementation stores users in a dedicated workspace the system user manager is the same for all sessions irrespective of the workspace.
- Throws:
RepositoryException
- If an error occurs.
-
getMembershipCache
protected MembershipCache getMembershipCache(SessionImpl session) throws RepositoryException
- Parameters:
session
- The session for which to retrieve the membership cache.- Returns:
- The membership cache.
- Throws:
RepositoryException
- If an error occurs.
-
createUserManager
protected UserManagerImpl createUserManager(SessionImpl session) throws RepositoryException
Creates aUserManagerImpl
for the given session. May be overridden to return a custom implementation.- Parameters:
session
- session- Returns:
- user manager
- Throws:
RepositoryException
- if an error occurs
-
createPrincipalManager
protected PrincipalManager createPrincipalManager(SessionImpl session) throws RepositoryException
- Parameters:
session
- The session used to create the principal manager.- Returns:
- A new instance of PrincipalManagerImpl
- Throws:
RepositoryException
- If an error occurs.
-
createDefaultWorkspaceAccessManager
protected WorkspaceAccessManager createDefaultWorkspaceAccessManager()
- Returns:
- A nwe instance of WorkspaceAccessManagerImpl to be used as default workspace access manager if the configuration doesn't specify one.
-
createDefaultPrincipalProvider
protected PrincipalProvider createDefaultPrincipalProvider(Properties[] moduleConfig) throws RepositoryException
Creates the default principal provider used to create thePrincipalProviderRegistry
.- Returns:
- An new instance of
DefaultPrincipalProvider
. - Throws:
RepositoryException
- If an error occurs.
-
getPrincipalProviderRegistry
protected PrincipalProviderRegistry getPrincipalProviderRegistry()
- Returns:
- The PrincipalProviderRegistry created during initialization.
-
getAuthContextProvider
protected AuthContextProvider getAuthContextProvider()
- Returns:
- The AuthContextProvider created during initialization.
-
checkInitialized
protected void checkInitialized()
ThrowsIllegalStateException
if this manager hasn't been initialized.
-
getSystemSession
protected Session getSystemSession()
- Returns:
- The system session used to initialize this SecurityManager.
-
getRepository
protected Repository getRepository()
- Returns:
- The repository used to initialize this SecurityManager.
-
-