@Service(value={PrincipalConfiguration.class,SecurityConfiguration.class}) @Property(name="protectExternalId",label="External Identity Protection",description="If disabled rep:externalId properties won\'t be properly protected (backwards compatible behavior). NOTE: for security reasons it is strongly recommend to keep the protection enabled!",boolValue=true) @Property(name="protectExternalIdentities",label="External User and Group Protection",description="If \'None\' is selected the synchronized external users/groups won\'t be protected (backwards compatible behavior) and can be edited like local users/groups. NOTE: in order to avoid having inconsistencies between the IDP that defines the external identities and local synced identities it is recommend to enable the protection. With option \'Warn\' the protection is disabled but warnings will be logged.",options={@PropertyOption(name="None",value="None"),@PropertyOption(name="Warn",value="Warn"),@PropertyOption(name="Protected",value="Protected")}) @Property(name="systemPrincipalNames",label="System Principal Names",description="Names of additional \'SystemUserPrincipal\' instances that are excluded from the protection check. Note that this configuration does not grant the required permission to perform the operation.",value={},cardinality=10) @Property(name="oak.security.name",propertyPrivate=true,value="org.apache.jackrabbit.oak.spi.security.authentication.external.impl.principal.ExternalPrincipalConfiguration") public class ExternalPrincipalConfiguration extends ConfigurationBase implements PrincipalConfiguration
PrincipalConfiguration
interface that provides
principal management for Group principals
associated with
external identities
managed outside of the scope of the repository by an
ExternalIdentityProvider
.SecurityConfiguration.Default
NAME
Constructor and Description |
---|
ExternalPrincipalConfiguration() |
ExternalPrincipalConfiguration(SecurityProvider securityProvider) |
Modifier and Type | Method and Description |
---|---|
@NotNull java.util.List<ThreeWayConflictHandler> |
getConflictHandlers()
Returns the list of conflict handlers available for this security configuration.
|
@NotNull java.lang.Iterable<Monitor<?>> |
getMonitors(@NotNull StatisticsProvider statisticsProvider) |
@NotNull java.lang.String |
getName()
Returns the name of this security configuration.
|
@NotNull PrincipalManager |
getPrincipalManager(Root root,
NamePathMapper namePathMapper)
Returns an instance of
PrincipalManager that can be used
to query and retrieve principals such as needed for JCR access control
management. |
@NotNull PrincipalProvider |
getPrincipalProvider(Root root,
NamePathMapper namePathMapper)
Returns an instance of the OAK
PrincipalProvider . |
@NotNull java.util.List<ProtectedItemImporter> |
getProtectedItemImporters() |
@NotNull RepositoryInitializer |
getRepositoryInitializer()
Returns a repository initializer for this security configuration.
|
@NotNull java.util.List<? extends ValidatorProvider> |
getValidators(@NotNull java.lang.String workspaceName,
@NotNull java.util.Set<java.security.Principal> principals,
@NotNull MoveTracker moveTracker)
Returns the list of validators that need to be executed for the specified
workspace name.
|
getParameters, getRootProvider, getSecurityProvider, getTreeProvider, setParameters, setRootProvider, setSecurityProvider, setTreeProvider
getCommitHooks, getContext, getWorkspaceInitializer
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
getCommitHooks, getContext, getParameters, getWorkspaceInitializer
public ExternalPrincipalConfiguration()
public ExternalPrincipalConfiguration(SecurityProvider securityProvider)
@NotNull public @NotNull PrincipalManager getPrincipalManager(Root root, NamePathMapper namePathMapper)
PrincipalConfiguration
PrincipalManager
that can be used
to query and retrieve principals such as needed for JCR access control
management.getPrincipalManager
in interface PrincipalConfiguration
root
- The target root.namePathMapper
- The NamePathMapper
to be used.PrincipalManager
.JackrabbitSession.getPrincipalManager()
@NotNull public @NotNull PrincipalProvider getPrincipalProvider(Root root, NamePathMapper namePathMapper)
PrincipalConfiguration
PrincipalProvider
.
PrincipalProvider
a public interface of the SPI, it's configuration goes along with the
configuration of the JCR level PrincipalManager
. The authentication
setup may have access to the principal configuration if the
SecurityProvider
is
made available in the AuthenticationConfiguration
.
PrincipalConfiguration
for each source.getPrincipalProvider
in interface PrincipalConfiguration
root
- The target Root
.namePathMapper
- The NamePathMapper
to be used.PrincipalProvider
.@NotNull public @NotNull java.lang.String getName()
SecurityConfiguration
getName
in interface SecurityConfiguration
getName
in class SecurityConfiguration.Default
@NotNull public @NotNull RepositoryInitializer getRepositoryInitializer()
SecurityConfiguration
RepositoryInitializer.DEFAULT
should be returned.getRepositoryInitializer
in interface SecurityConfiguration
getRepositoryInitializer
in class SecurityConfiguration.Default
RepositoryInitializer
.@NotNull public @NotNull java.util.List<? extends ValidatorProvider> getValidators(@NotNull @NotNull java.lang.String workspaceName, @NotNull @NotNull java.util.Set<java.security.Principal> principals, @NotNull @NotNull MoveTracker moveTracker)
SecurityConfiguration
getValidators
in interface SecurityConfiguration
getValidators
in class SecurityConfiguration.Default
workspaceName
- The name of the workspace.principals
- The set of principals associated with the subject
that is committing modifications.moveTracker
- The move tracker associated with the commit.@NotNull public @NotNull java.util.List<ProtectedItemImporter> getProtectedItemImporters()
getProtectedItemImporters
in interface SecurityConfiguration
getProtectedItemImporters
in class SecurityConfiguration.Default
@NotNull public @NotNull java.lang.Iterable<Monitor<?>> getMonitors(@NotNull @NotNull StatisticsProvider statisticsProvider)
getMonitors
in interface SecurityConfiguration
@NotNull public @NotNull java.util.List<ThreeWayConflictHandler> getConflictHandlers()
SecurityConfiguration
getConflictHandlers
in interface SecurityConfiguration
getConflictHandlers
in class SecurityConfiguration.Default
ThreeWayConflictHandler
.Copyright © 2012–2022 The Apache Software Foundation. All rights reserved.