Package org.apache.jackrabbit.core
Class DefaultSecurityManager
- java.lang.Object
-
- org.apache.jackrabbit.core.DefaultSecurityManager
-
- All Implemented Interfaces:
JackrabbitSecurityManager
- Direct Known Subclasses:
UserPerWorkspaceSecurityManager
public class DefaultSecurityManager extends Object implements JackrabbitSecurityManager
The security manager acts as central managing class for all security related operations on a low-level non-protected level. It manages the
-
-
Field Summary
Fields Modifier and Type Field Description protected StringadminIdThe user id of the administrator.protected StringanonymousIdThe user id of the anonymous user.
-
Constructor Summary
Constructors Constructor Description DefaultSecurityManager()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected voidcheckInitialized()ThrowsIllegalStateExceptionif this manager hasn't been initialized.voidclose()Disposes this security manager instance and cleans all internal caches.protected PrincipalProvidercreateDefaultPrincipalProvider(Properties[] moduleConfig)Creates the default principal provider used to create thePrincipalProviderRegistry.protected WorkspaceAccessManagercreateDefaultWorkspaceAccessManager()protected PrincipalManagercreatePrincipalManager(SessionImpl session)protected UserManagerImplcreateUserManager(SessionImpl session)Creates aUserManagerImplfor the given session.voiddispose(String workspaceName)Disposes those parts of this security manager that are related to the workspace indicated by the givenworkspaceName.AccessManagergetAccessManager(Session session, AMContext amContext)Retrieve theAccessManagerfor the givensession.AuthContextgetAuthContext(Credentials creds, Subject subject, String workspaceName)Creates an AuthContext for the givenCredentialsandSubject.protected AuthContextProvidergetAuthContextProvider()protected SecurityManagerConfiggetConfig()protected MembershipCachegetMembershipCache(SessionImpl session)PrincipalManagergetPrincipalManager(Session session)Retrieve the principal manager for the givensession.protected PrincipalProviderRegistrygetPrincipalProviderRegistry()protected RepositorygetRepository()protected SessiongetSystemSession()protected UserManagergetSystemUserManager(String workspaceName)StringgetUserID(Subject subject, String workspaceName)Retrieve the id to be displayed uponSession.getUserID()for the specified subject.UserManagergetUserManager(Session session)Returns the user manager for the specifiedsession.voidinit(Repository repository, Session systemSession)
-
-
-
Field Detail
-
adminId
protected String adminId
The user id of the administrator. The value is retrieved from configuration. If the config entry is missing a default id is used (seeSecurityConstants.ADMIN_ID).
-
anonymousId
protected String anonymousId
The user id of the anonymous user. The value is retrieved from configuration. If the config entry is missing a default id is used (seeSecurityConstants.ANONYMOUS_ID).
-
-
Method Detail
-
init
public void init(Repository repository, Session systemSession) throws RepositoryException
- Specified by:
initin interfaceJackrabbitSecurityManager- Throws:
RepositoryException- See Also:
JackrabbitSecurityManager.init(Repository, Session)
-
dispose
public void dispose(String workspaceName)
Description copied from interface:JackrabbitSecurityManagerDisposes those parts of this security manager that are related to the workspace indicated by the givenworkspaceName.- Specified by:
disposein interfaceJackrabbitSecurityManager- Parameters:
workspaceName- Name of the workspace that is being disposed.- See Also:
JackrabbitSecurityManager.dispose(String)
-
close
public void close()
Description copied from interface:JackrabbitSecurityManagerDisposes this security manager instance and cleans all internal caches.- Specified by:
closein interfaceJackrabbitSecurityManager- See Also:
JackrabbitSecurityManager.close()
-
getAccessManager
public AccessManager getAccessManager(Session session, AMContext amContext) throws RepositoryException
Description copied from interface:JackrabbitSecurityManagerRetrieve theAccessManagerfor the givensession.- Specified by:
getAccessManagerin interfaceJackrabbitSecurityManager- Returns:
AccessManagerfor the specifiedsession.- Throws:
RepositoryException- See Also:
JackrabbitSecurityManager.getAccessManager(Session,AMContext)
-
getPrincipalManager
public PrincipalManager getPrincipalManager(Session session) throws RepositoryException
Description copied from interface:JackrabbitSecurityManagerRetrieve the principal manager for the givensession.- Specified by:
getPrincipalManagerin interfaceJackrabbitSecurityManager- Returns:
- PrincipalManager for the given
session. - Throws:
UnsupportedRepositoryOperationException- If principal management is not supported.RepositoryException- if an error occurs- See Also:
JackrabbitSecurityManager.getPrincipalManager(Session)
-
getUserManager
public UserManager getUserManager(Session session) throws RepositoryException
Description copied from interface:JackrabbitSecurityManagerReturns the user manager for the specifiedsession.- Specified by:
getUserManagerin interfaceJackrabbitSecurityManager- Returns:
- UserManager for the given
session. - Throws:
UnsupportedRepositoryOperationException- If user management is not supported.RepositoryException- See Also:
JackrabbitSecurityManager.getUserManager(Session)
-
getUserID
public String getUserID(Subject subject, String workspaceName) throws RepositoryException
Description copied from interface:JackrabbitSecurityManagerRetrieve the id to be displayed uponSession.getUserID()for the specified subject.- Specified by:
getUserIDin interfaceJackrabbitSecurityManager- Returns:
- userID to be displayed upon
Session.getUserID(). - Throws:
RepositoryException- See Also:
JackrabbitSecurityManager.getUserID(javax.security.auth.Subject, String)
-
getAuthContext
public AuthContext getAuthContext(Credentials creds, Subject subject, String workspaceName) throws RepositoryException
Creates an AuthContext for the givenCredentialsandSubject. The workspace name is ignored and users are stored and retrieved from a specific (separate) workspace.
This includes selection of application specific LoginModules and initialization with credentials and Session to System-Workspace- Specified by:
getAuthContextin interfaceJackrabbitSecurityManagerworkspaceName- The name of the workspace to login.- Returns:
- an
AuthContextfor the given Credentials, Subject - Throws:
RepositoryException- in other exceptional repository states
-
getConfig
protected SecurityManagerConfig getConfig()
- Returns:
- The
SecurityManagerConfigconfigured for the repository this manager has been created for.
-
getSystemUserManager
protected UserManager getSystemUserManager(String workspaceName) throws RepositoryException
- Parameters:
workspaceName- The name of the target workspace.- Returns:
- The system user manager. Since this implementation stores users in a dedicated workspace the system user manager is the same for all sessions irrespective of the workspace.
- Throws:
RepositoryException- If an error occurs.
-
getMembershipCache
protected MembershipCache getMembershipCache(SessionImpl session) throws RepositoryException
- Parameters:
session- The session for which to retrieve the membership cache.- Returns:
- The membership cache.
- Throws:
RepositoryException- If an error occurs.
-
createUserManager
protected UserManagerImpl createUserManager(SessionImpl session) throws RepositoryException
Creates aUserManagerImplfor the given session. May be overridden to return a custom implementation.- Parameters:
session- session- Returns:
- user manager
- Throws:
RepositoryException- if an error occurs
-
createPrincipalManager
protected PrincipalManager createPrincipalManager(SessionImpl session) throws RepositoryException
- Parameters:
session- The session used to create the principal manager.- Returns:
- A new instance of PrincipalManagerImpl
- Throws:
RepositoryException- If an error occurs.
-
createDefaultWorkspaceAccessManager
protected WorkspaceAccessManager createDefaultWorkspaceAccessManager()
- Returns:
- A nwe instance of WorkspaceAccessManagerImpl to be used as default workspace access manager if the configuration doesn't specify one.
-
createDefaultPrincipalProvider
protected PrincipalProvider createDefaultPrincipalProvider(Properties[] moduleConfig) throws RepositoryException
Creates the default principal provider used to create thePrincipalProviderRegistry.- Returns:
- An new instance of
DefaultPrincipalProvider. - Throws:
RepositoryException- If an error occurs.
-
getPrincipalProviderRegistry
protected PrincipalProviderRegistry getPrincipalProviderRegistry()
- Returns:
- The PrincipalProviderRegistry created during initialization.
-
getAuthContextProvider
protected AuthContextProvider getAuthContextProvider()
- Returns:
- The AuthContextProvider created during initialization.
-
checkInitialized
protected void checkInitialized()
ThrowsIllegalStateExceptionif this manager hasn't been initialized.
-
getSystemSession
protected Session getSystemSession()
- Returns:
- The system session used to initialize this SecurityManager.
-
getRepository
protected Repository getRepository()
- Returns:
- The repository used to initialize this SecurityManager.
-
-